一.場景需求
1.通用場景如下:
如圖場景是通常使用nginx代理負(fù)載均衡來實(shí)現(xiàn)web服務(wù)的負(fù)載均衡的酱床,但是單個(gè)nginx會存在單點(diǎn)的隱患,如果nginx掛掉渠缕,那么后端的服務(wù)都將無法被訪問,這樣就導(dǎo)致用戶體驗(yàn)度極差肪笋。所以實(shí)現(xiàn)反向代理負(fù)載均衡的nginx服務(wù)的高可用是必不可少的窒悔。
2.實(shí)現(xiàn)高可用的場景如下:
實(shí)現(xiàn)高可用的方案如下:
1.阿里云的slb
注意:阿里云目前已經(jīng)不再提供vip,目前使用阿里云的云服務(wù)器實(shí)現(xiàn)高可用呜袁,只能通過云解析DNS對訪問進(jìn)行調(diào)度,或通過全球負(fù)載均衡解決方案實(shí)現(xiàn)跨地域容災(zāi)備份來實(shí)現(xiàn)slb的單點(diǎn)問題蛉迹。
最佳實(shí)踐:
您可以在一個(gè)地域內(nèi)的多個(gè)可用區(qū)或多個(gè)地域內(nèi)部署負(fù)載均衡實(shí)例和后端ECS實(shí)例傅寡,然后使用云解析DNS對訪問進(jìn)行調(diào)度。
2.硬件負(fù)載均衡器(如:F5北救、Radware)
3.軟件方式實(shí)現(xiàn)高可用或負(fù)載均衡 例如:keepalived荐操、LVS...
二.keepalived簡介
1.keepalived介紹
keepalived軟件起初是專為LVS負(fù)載均衡軟件設(shè)計(jì)的,用來管理并監(jiān)控LVS集群系統(tǒng)中各個(gè)服務(wù)節(jié)點(diǎn)狀態(tài),后來又加入了可以實(shí)現(xiàn)高可用的VRRP功能.此,keepalived除了能夠管理LVS軟件外,還可以作為其他服務(wù)(例如:Nginx,Haproxy,MySQL等)的高可用解決方案軟件.
keepalived軟件主要是通過VRRP協(xié)議實(shí)現(xiàn)高可用功能的.VRRP是Virtual Router Redundancy Protocol(虛擬路由器冗余協(xié)議)的縮寫,VRRP出現(xiàn)的目的就是為了解決靜態(tài)路由單點(diǎn)故障問題的,他能夠保證當(dāng)個(gè)別節(jié)點(diǎn)宕機(jī)時(shí),整個(gè)網(wǎng)絡(luò)可以不間斷地運(yùn)行.Keepalived一方面具有配置管理LVS的功能,同時(shí)還具有對LVS下面節(jié)點(diǎn)進(jìn)行健康檢查的功能,另一方面也可實(shí)現(xiàn)系統(tǒng)網(wǎng)絡(luò)服務(wù)的高可用功能
介紹來源鏈接:http://www.reibang.com/p/ab6735606178
2.keepalived的工作原理
Keepalived 是一種高性能的服務(wù)器高可用或熱備解決方案,Keepalived 可以用來防止服務(wù)器單點(diǎn)故障的發(fā)生,通過配合 Nginx 可以實(shí)現(xiàn) web 前端服務(wù)的高可用。
Keepalived 以 VRRP 協(xié)議為實(shí)現(xiàn)基礎(chǔ),用 VRRP 協(xié)議來實(shí)現(xiàn)高可用性(HA)珍策。VRRP(Virtual RouterRedundancy Protocol)協(xié)議是用于實(shí)現(xiàn)路由器冗余的協(xié)議,
VRRP 協(xié)議將兩臺或多臺路由器設(shè)備虛擬成一個(gè) 設(shè)備,對外提供虛擬路由器 IP(一個(gè)或多個(gè)),而在路由器組內(nèi)部,如果實(shí)際擁有這個(gè)對外 IP 的路由器如果工作正常的話就是 MASTER,
或者是通過算法選舉產(chǎn)生,MASTER 實(shí)現(xiàn)針對虛擬路由器 IP 的各種網(wǎng)絡(luò)功能, 如 ARP 請求,ICMP,以及數(shù)據(jù)的轉(zhuǎn)發(fā)等;其他設(shè)備不擁有該虛擬 IP,狀態(tài)是 BACKUP,
除了接收 MASTER 的 VRRP 狀態(tài)通告信息外,不執(zhí)行對外的網(wǎng)絡(luò)功能托启。當(dāng)主機(jī)失效時(shí),BACKUP 將接管原先 MASTER 的網(wǎng)絡(luò)功能。
VRRP 協(xié)議使用多播數(shù)據(jù)來傳輸 VRRP 數(shù)據(jù),VRRP 數(shù)據(jù)使用特殊的虛擬源 MAC 地址發(fā)送數(shù)據(jù)而不是自身 網(wǎng)卡的 MAC 地址,VRRP 運(yùn)行時(shí)只有 MASTER 路由器定時(shí)發(fā)送 VRRP 通告信息,
表示 MASTER 工作正常以及虛 擬路由器 IP(組),BACKUP 只接收 VRRP 數(shù)據(jù),不發(fā)送數(shù)據(jù),如果一定時(shí)間內(nèi)沒有接收到 MASTER 的通告信 息,各 BACKUP 將宣告自己成為 MASTER,
發(fā)送通告信息,重新進(jìn)行 MASTER 選舉狀態(tài)攘宙。
總結(jié)來源鏈接:http://www.reibang.com/p/da26df4f7d60
3.VRRP協(xié)議簡介
VRRP,全稱Virtual Router Redundancy Protocol,中文名為虛擬路由冗余協(xié)議
VRRP的出現(xiàn)就是為了解決靜態(tài)路由的單點(diǎn)故障問題
VRRP是通過一種競選機(jī)制來將路由的任務(wù)交給某臺VRRP路由器的.
VRRP通過競選機(jī)制來實(shí)現(xiàn)虛擬路由器的功能,所有的協(xié)議報(bào)文都是通過IP多播(Multicast)包(默認(rèn)的多播地址224.0.0.18)形式發(fā)送的
虛擬路由器由VRID(范圍0-255)和一組IP地址組成,對外表現(xiàn)為一個(gè)周知的MAC地址,:00-00-5E-00-01-{VRID}.
所以,在一個(gè)虛擬路由器中,不管誰是Master,對外都是相同的MAC和IP(稱之為VIP).
客戶端主機(jī)并不需要因Master的改變修改自己的路由配置.對它們來說,這種切換是透明的.
在一組虛擬路由器中,只有作為Master的VRRP路由器會一直發(fā)送VRRP廣播包,此時(shí)Backup不會搶占Master
當(dāng)Master不可用時(shí),Backup就收不到來自Master的廣播包了,此時(shí)多臺Backup中優(yōu)先級最高的路由器會搶占為Master.
這種搶占是非惩退剩快速的(可能只有1秒甚至更少),以保證服務(wù)的連續(xù)性,處于安全性考慮,VRRP數(shù)據(jù)包使用了加密協(xié)議進(jìn)行了加密.
協(xié)議簡介來源鏈接:http://www.reibang.com/p/ab6735606178
三.場景規(guī)劃及ip地址分配
四.服務(wù)安裝
1.安裝nginx
注意:兩臺負(fù)載服務(wù)器都需要安裝
1)nginx官方源安裝nginx
[root@lb01 ~]# cd /etc/yum.repos.d/
[root@lb01 /etc/yum.repos.d]# vim nginx.repo
這里使用vim nginx.repo創(chuàng)建nginx.repo源文件,按i輸入如下內(nèi)容:
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
按ECS輸入:wq保存文件并退出
[root@lb01 ~]# yum -y install nginx
2)配置nginx代理負(fù)載均衡
[root@lb01 /etc/yum.repos.d]# cd
[root@lb01 ~]# cd /etc/nginx/conf.d/
[root@lb01 /etc/nginx/conf.d]# vim ssl.conf
這里配置了證書蹭劈,使用vim ssl.conf創(chuàng)建ssl.conf文件疗绣,按i輸入如下內(nèi)容:
upstream ssl_pools {
server 172.16.1.7:80;
server 172.16.1.8:80;
server 172.16.1.9:80;
}
upstream jpress_pools {
server 172.16.1.7:8080;
server 172.16.1.8:8080;
server 172.16.1.9:8080;
}
server {
listen 80;
server_name blog.wordpress.com;
rewrite ^(.*) https://$server_name$1 redirect;
}
server {
listen 443 ssl;
server_name blog.wordpress.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
location / {
proxy_pass http://ssl_pools;
include proxy_params;
}
}
server {
listen 80;
server_name zh.wecent.com;
rewrite ^(.*) https://$server_name$1 redirect;
}
server {
listen 443 ssl;
server_name zh.wecent.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
location / {
proxy_pass http://ssl_pools;
include proxy_params;
}
}
server {
listen 80;
server_name jpress.java.com;
rewrite ^(.*) https://$server_name$1 redirect;
}
server {
listen 443 ssl;
server_name jpress.java.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
location / {
proxy_pass http://jpress_pools;
include proxy_params;
}
}
按ESC輸入:wq保存文件并退出
3)Nginx反向代理配置語法
1.Nginx代理配置語法
Syntax: proxy_pass URL;
Default: —
Context: location, if in location, limit_except
http://localhost:8000/uri/
http://192.168.56.11:8000/uri/
http://unix:/tmp/backend.socket:/uri/
2.添加傳遞給后端服務(wù)器的請求頭信息
Syntax: proxy_set_header field value;
Default: proxy_set_header Host $proxy_host;
proxy_set_header Connection close;
Context: http, server, location
# 用戶請求的時(shí)候 HOST 的值是 www.baidu.com, 那么代理服務(wù)會像后端傳遞請求的還是 www.baidu.com
proxy_set_header Host $http_host;
# 將$remote_addr 的值放進(jìn)變量 X-Real-IP 中铺韧, $remote_addr 的值為客戶端的 ip
proxy_set_header X-Real-IP $remote_addr;
# 客戶端通過代理服務(wù)訪問后端服務(wù), 后端服務(wù)通過該變量會記錄真實(shí)客戶端地址
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
3.代理到后端的TCP連接數(shù)多矮,響應(yīng),返回等超時(shí)時(shí)間
//nginx 代理與后端服務(wù)器連接超時(shí)時(shí)間(代理連接超時(shí))
Syntax: proxy_connect_timeout time;
Default: proxy_connect_timeout 60s;
Context: http, server, location
//nginx 代理等待后端服務(wù)器的響應(yīng)時(shí)間
Syntax: proxy_read_timeout time;
Default: proxy_read_timeout 60s;
Context: http, server, location
//后端服務(wù)器數(shù)據(jù)回傳給 nginx 代理超時(shí)時(shí)間
Syntax: proxy_send_timeout time;
Default: proxy_send_timeout 60s;
Context: http, server, location
4.代理緩沖區(qū)
//nignx 會把后端返回的內(nèi)容先放到緩沖區(qū)當(dāng)中哈打,然后再返回給客戶端,邊收邊傳, 不是全部接收完再傳給客戶端
Syntax: proxy_buffering on | off;
Default: proxy_buffering on;
Context: http, server, location
//設(shè)置 nginx 代理保存用戶頭信息的緩沖區(qū)大小
Syntax: proxy_buffer_size size;
Default: proxy_buffer_size 4k|8k;
Context: http, server, location
//proxy_buffers 緩沖區(qū)
Syntax: proxy_buffers number size;
Default: proxy_buffers 8 4k|8k;
Context: http, server, location
5.proxy代理網(wǎng)站常用配置
將配置寫入新文件塔逃,調(diào)用時(shí)使用include引用即可
[root@lb01 ~]# cat /etc/nginx/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504;#自動跳過異常后端服務(wù)器
6.代理配置location時(shí)調(diào)用,方便后面多個(gè)location重復(fù)使用
location / {
proxy_pass http://127.0.0.1:8080;
include proxy_params;
}
4)啟動nginx
[root@lb01 /etc/nginx/conf.d]# cd
[root@lb01 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@lb01 ~]# systemctl start nginx
2.安裝keepalived
注意:兩臺負(fù)載服務(wù)器都需要安裝
1)yum安裝keepalived
[root@lb01 ~]# yum -y insatll keepalived
2)配置keepalived配置文件
注意:keepalived是自帶監(jiān)控執(zhí)行腳本模塊的料仗,用戶可以根據(jù)需求進(jìn)行定義和監(jiān)控對應(yīng)的服務(wù)湾盗。這里keepalived 會定時(shí)執(zhí)行腳本并對腳本執(zhí)行的結(jié)果進(jìn)行分析,動態(tài)調(diào)整 vrrp_instance 的優(yōu)先級。如果 腳本執(zhí)行結(jié)果為 0,并且 weight 配置的值大于 0,則優(yōu)先級相應(yīng)的增加立轧。如果腳本執(zhí)行結(jié)果非 0,并且 weight 配置的值小于 0,則優(yōu)先級相應(yīng)的減少格粪。其他情況,維持原本配置的優(yōu)先級,即配置文件中 priority 對應(yīng)的值。
1.主負(fù)載服務(wù)器配置
[root@lb01 ~]# cd /etc/keepalived/
[root@lb01 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id lb01 # 標(biāo)識本節(jié)點(diǎn)的字符串,通常為 hostname
}
vrrp_script check_web {
script "/server/scripts/check_web.sh"#檢測nginx狀態(tài)的腳本
interval 5 #檢測的間隔時(shí)間
weight 50 #條件成立的權(quán)重氛改,權(quán)重50
}
global_defs {
interval 5
vrrp_instance VI_1 {
#主機(jī)名lb01的使用如下配置
state BACKUP # 主節(jié)點(diǎn)默認(rèn)一般設(shè)置為 MASTER,對應(yīng)的備份節(jié)點(diǎn)為BACKUP默認(rèn)的是搶占式的匀借,生產(chǎn)環(huán)境中使用的是非搶占式。這里設(shè)置的事非搶占式的平窘。
nopreempt # 優(yōu)先級高的設(shè)置 nopreempt 解決異常恢復(fù)后再次搶占的問題
priority 150 ##節(jié)點(diǎn)優(yōu)先級,值范圍 0-254,MASTER 要比 BACKUP 高
interface eth0 # 綁定虛擬 IP 的網(wǎng)絡(luò)接口,與本機(jī) IP 地址所在的網(wǎng)絡(luò)接口相同,我的是 eth0
virtual_router_id 51 # 虛擬路由的 ID 號,兩個(gè)節(jié)點(diǎn)設(shè)置必須一樣,可選 IP 最后一段使用, 相同的 VRID 為一個(gè)組,他將決定多播的 MAC 地址凳怨,eth0值的獲取可以在機(jī)器上執(zhí)行ifconfig命令得到
advert_int 1 # 組播信息發(fā)送間隔,兩個(gè)節(jié)點(diǎn)設(shè)置必須一樣,默認(rèn)1s
#以下為公共配置
authentication {
auth_type PASS
auth_pass 1111 # 真實(shí)生產(chǎn),按需求對應(yīng)該過來
}
virtual_ipaddress {
10.0.0.3 #虛擬ip兩個(gè)節(jié)點(diǎn)都需要設(shè)置
}
#將 track_script 塊加入 instance 配置塊
track_script {
check_nginx #執(zhí)行nginx監(jiān)控的腳本
}
}
2.備負(fù)載均衡器配置
[root@lb02 ~]# cd /etc/keepalived/
[root@lb02 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id lb02
}
vrrp_script check_nginx {
script "/server/scripts/check_nginx.sh"
interval 5
weight 50
}
vrrp_script check_brain {
script "/server/scripts/check_brain.sh"
interval 5
weight 50
}
vrrp_instance VI_1 {
#如果主機(jī)名為lb02則使用如下配置
state BACKUP
nopreempt # 優(yōu)先級高的設(shè)置 nopreempt 解決異彻逅遥恢復(fù)后再次搶占的問題
priority 100
interface eth0
virtual_router_id 51
advert_int 1
#以下為公共配置
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
#將 track_script 塊加入 instance 配置塊
track_script {
check_nginx #執(zhí)行nginx監(jiān)控的腳本
check_brain #執(zhí)行防腦裂的腳本
}
}
#1.檢測nginx存活腳本內(nèi)容如下:
[root@lb01 ~]# cat /server/scripts/check_nginx.sh
#!/bin/bash
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判斷 Nginx 是否存活,如果不存活則嘗試啟動 Nginx
if [ $nginxpid -eq 0 ];then
systemctl start nginx
sleep 3
#2.等待 3 秒后再次獲取一次 Nginx 狀態(tài)
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次進(jìn)行判斷, 如 Nginx 還不存活則停止 Keepalived,讓地址進(jìn)行漂移,并退出腳本
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
fi
fi
#2.防止腦裂的腳本:
[root@lb02 /server/scripts]# cat check_brain.sh
#!/bin/bash
lb01_vip=10.0.1.3
lb01_nginx=$(curl -x 10.0.1.5:80 -I -s -w "%{http_code}\n" -o /dev/null blog.wordpress.com)
#ping -c 1 -W 1 ${lb01_ip} &>/dev/null
#如果lb01的IP能ping通,但是我自己也存在VIP,我就認(rèn)為發(fā)生裂腦了,我就把自己的keep干掉
if [ ${lb01_nginx} -eq 200 -a `ip add|grep "$lb01_vip"|wc -l` -eq 1 ];then
echo "ha is bad" >> /tmp/check.txt
systemctl stop keepalived
else
echo "ha is ok" >> /tmp/check.txt
fi
3)啟動keepalived
[root@lb01 /etc/keepalived]# systemctl start keepalived
[root@lb02 /etc/keepalived]# systemctl start keepalived
5.高可用測試
1.測試vip的漂移
1)正常情況如下:
[root@lb01 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:68 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d968/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:72 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.5/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d972/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:94 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:4994/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:9e brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:499e/64 scope link
valid_lft forever preferred_lft forever
2)關(guān)閉lb01的keepalived查看ip的漂移
[root@lb01 ~]# systemctl stop keepalived.service
[root@lb01 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:68 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d968/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:72 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.5/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d972/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:94 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:4994/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:9e brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:499e/64 scope link
valid_lft forever preferred_lft forever
2.實(shí)際場景測試
1)正常的vip是在lb01,訪問的結(jié)果如下:
驗(yàn)證vip所在位置:
[root@lb01 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:68 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d968/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:72 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.5/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d972/64 scope link
valid_lft forever preferred_lft forever
2)修改文件導(dǎo)致nginx掛掉
說明:這里修改lb01節(jié)點(diǎn)的nginx的配置文件設(shè)置語法錯(cuò)誤是鬼,之后重啟nginx導(dǎo)致nginx故障,之后測試vip漂移紫新,以及真實(shí)站點(diǎn)的訪問均蜜。
nginx故障如下:
[root@lb01 ~]# systemctl restart nginx
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
查看vip的漂移情況:
[root@lb01 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:68 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d968/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:d9:72 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.5/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5c:d972/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:94 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:4994/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e0:49:9e brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/24 brd 172.16.1.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee0:499e/64 scope link
valid_lft forever preferred_lft forever
刷新訪問測試結(jié)果:
jpress部署請參照鏈接文檔:
http://www.reibang.com/p/d9bf3283b7c8
wordpress部署請參考:
http://www.reibang.com/p/75589a125252
