一脂矫、keepalived基于服務器nginx掛了,不會自動切換
1.1 書寫腳本(時刻檢查nginx的狀態(tài)霉晕,如果nginx關閉庭再,keepalived也關閉)
[root@lb01 /server/scripts]# cat check-ngx.sh
#!/bin/bash
count=`ps -ef|grep nginx|grep -v grep|wc -l`
if [ $count -eq 0 ];then
systemctl stop keepalived
fi
注:腳本名字不要包含監(jiān)控對象的名字
1.2 通過keepalived運行檢查nginx服務的腳本
1>給腳本check-ngx.sh 一個執(zhí)行權(quán)限
[root@lb01 ~]# chmod +x /server/scripts/check-ngx.sh
[root@lb01 ~]# ll /server/scripts/check-ngx.sh
-rwxr-xr-x 1 root root 116 Jun 17 09:15 /server/scripts/check-ngx.sh
[root@lb01 ~]#
1.3 配置keepalived
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
……
vrrp_script check_ngx {
script /server/scripts/check-ngx.sh
interval 2
weight 1
}
vrrp_instance VI_1 {
……
track_script{
check_ngx
}
}
[root@lb01 ~]#
image
1.4 重啟keepalived
systemctl restart keepalived.service
1.5測試
\\lb01上
[root@lb01 ~]# ip a|grep 0.3
inet 10.0.0.3/24 scope global secondary eth0:1
[root@lb01 ~]# systemctl stop nginx
[root@lb01 ~]# ip a|grep 0.3
[root@lb01 ~]# \\\虛擬ip飄逸走了
\\lb02上
[root@lb02 ~]# ip a|grep 0.3
inet 10.0.0.3/24 scope global secondary eth0:1
\\\回到lb01上
[root@lb01 ~]# systemctl start nginx
[root@lb01 ~]# ip a|grep 0.3
[root@lb01 ~]# systemctl start keepalived.service
[root@lb01 ~]# ip a|grep 0.3 \\虛擬IP自動飄逸回來
inet 10.0.0.3/24 scope global secondary eth0:1
二捞奕、keepalived雙主模式
目的:減輕負載均衡的壓力
image
2.1 keepalived雙主模式配置
image
分別重啟keepalived服務
\\\lb01
[root@lb01 /etc/keepalived]# systemctl restart keepalived.service [root@lb01 /etc/keepalived]# ip a |egrep "0.3|0.4"
inet 10.0.0.3/24 scope global secondary eth0:1
\\\\lb02
[root@lb02 /etc/keepalived]# systemctl restart keepalived.service [root@lb02 /etc/keepalived]# ip a |egrep "0.3|0.4"
keepalived雙主模式配置
\\\\lb01的keepalived雙主配置文件
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_script jiancha {
script "/server/scripts/jiancha.sh"
interval 2
weight 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
track_script {
jiancha
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.4/24 dev eth0 label eth0:2
}
}
\\\\\\\lb02的keepalived雙主配置文件
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.4/24 dev eth0 label eth0:2
}
}
讓lb01和lb02的nginx配置文件相同
vim /etc/nginx/nginx.conf :
upstream web_pools {
server 10.0.0.7:80 weight=1 max_fails=3 fail_timeout=10s;
server 10.0.0.8:80 weight=1 max_fails=3 fail_timeout=10s;
}
# include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name www.oldboy.com;
location / {
proxy_pass http://web_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 80;
server_name blog.oldboy.com;
location / {
proxy_pass http://web_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
2.1 在命令行curl測試是否正常
\\\lb01
[root@lb01 ~]# curl 10.0.0.3
web02 www.oldboy.com
[root@lb01 ~]# curl 10.0.0.3
web01 www.oldboy.com
[root@lb01 ~]# curl 10.0.0.4
web02 www.oldboy.com
[root@lb01 ~]# curl 10.0.0.4
web01 www.oldboy.com
[root@lb01 ~]#
\\\lb02
[root@lb02 ~]# curl 10.0.0.3
web02 www.oldboy.com
[root@lb02 ~]# curl 10.0.0.3
web01 www.oldboy.com
[root@lb02 ~]# curl 10.0.0.4
web02 www.oldboy.com
[root@lb02 ~]# curl 10.0.0.4
web01 www.oldboy.com
[root@lb02 ~]#
2.1 在瀏覽器進行測試
1>先在Windows本地hosts文件中配置解析
10.0.0.3 www.oldboy.com
10.0.0.4 blog.oldboy.com
2>瀏覽器測試
image
2.1 測試高可用是否正常
假如將其中1臺lb01關機,然后測試www.oldboy.com和blog.oldboy.com在瀏覽器是否還能正常顯示
三拄轻、每個域名綁定對應ip
3.1 修改nginx配置
image
3.2 重啟服務
重啟服務報Cannot assign requested address的錯誤
nginx無法把本地不存在的ip地址進行綁定
[root@lb01 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] bind() to 10.0.0.7:80 failed (99: Cannot assign requested address) \\不能分配的請求ip地址
nginx: configuration file /etc/nginx/nginx.conf test failed
解決:修改內(nèi)核參數(shù)
在/etc/sysctl.conf文件中颅围,追加net.ipv4.ip_nonlocal_bind = 1
內(nèi)核生效:sysctl -p
[root@lb01 ~]# cat /etc/sysctl.conf
……
net.ipv4.ip_nonlocal_bind = 1
[root@lb01 ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
[root@lb01 ~]#
注:執(zhí)行net.ipv4.ip_nonlocal_bind = 1,背后修改了哪里恨搓?
[root@lb01 ~]# #net.ipv4.ip_nonlocal_bind
[root@lb01 ~]# # /proc/sys/
[root@lb01 ~]# #net.ipv4.ip_nonlocal_bind
[root@lb01 ~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind \\修改的是這里
1
四院促、keepalived高可用故障案例
腦裂/裂腦
原因:
??1>SELinux/防火墻可以開啟
??2>高可用服務器對之間心跳線鏈路故障,導致無法正常通信
??3>高可用服務器對上心跳網(wǎng)卡地址等信息配置不正確斧抱,導致發(fā)送心跳失敗常拓。
解決:
??1>兩條心跳線路
??2>只要備任務主掛了,我讓你直接掛了
??3>書寫一個腳本辉浦,發(fā)送腦裂發(fā)送郵件
