我使用centos7X64最小化安装 CentOS-7-x86_64-Minimal-1708
挂在github上的个人博客:由hexo强力驱动 个人博客
这样配置的作用,我简单描述下: ①比如一台nginx提供负载均衡到后端服务器集群,假设这台ngixn挂了,那后端的服务器集群也就报销了 ②再换句话说,Keepalived Nginx是防止挂了一台nginx之后,还有一台nginx继续提供负载均衡服务
准备:两台机子,三个ip(能互通{一般同一个网段})
代码语言:javascript复制nginx_01 ip:192.168.59.128 主机
nginx_02 ip:192.168.59.129 从机
漂浮ip:192.168.59.130
1.配置防火墙:
关闭防火墙和加入放行端口二选一
1.1 直接关闭防火墙(nginx_01 和 nginx_02 都执行)
代码语言:javascript复制systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
firewall-cmd --state #查看默认防火墙状态(关闭后显示notrunning,开启后显示running)
代码语言:javascript复制[root@localhost ~]# firewall-cmd --state
not running
[root@localhost ~]#
1.2 加入放行端口(nginx_01 和 nginx_02 都执行)
代码语言:javascript复制firewall-cmd --zone=public --add-port=80/tcp --permanent #添加放行端口(--permanent永久生效,没有此参数重启后失效)
firewall-cmd –reload #刷新防火墙 使其生效
代码语言:javascript复制```
firewall-cmd --zone=public --list-ports #查看防火墙放行端口列表
代码语言:javascript复制[root@localhost ~]# firewall-cmd --zone=public --add-port=18080/tcp --permanent #添加放行端口(--permanent永久生效,没有此参数重启后失效)
success
[root@localhost ~]# firewall-cmd --reload #刷新防火墙 使其生效
success
[root@localhost ~]# firewall-cmd --zone=public --list-ports #查看防火墙放行端口列表
80/tcp
[root@localhost ~]#
2、安装keepalived(nginx_01 和 nginx_02 都执行)
代码语言:javascript复制yum install keepalived
keepalived -v
3.先备份配置文件
在nginx_01上配置
代码语言:javascript复制cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
代码语言:javascript复制vim /etc/keepalived/keepalived.conf
修改成如下内容
代码语言:javascript复制! Configuration File for keepalived
global_defs {
router_id nginx_server_1
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight 20
!weight为正数
!如果脚本执行结果为0,,Master:weight priority>Backup:weight priority(不切换)
!如果脚本执行结果不为0,Master:priority<Backup:priority weight(切换)
!weight为负数
!如果脚本执行结果为0,,Master:priority>Backup:priority(不切换)
!如果脚本执行结果不为0,Master:priority weight<Backup:priority(切换)
!一般来说,weight的绝对值要大于Master和Backup的priority之差
}
vrrp_instance VI_1 {
state MASTER
interface ens33 !网卡接口地址
virtual_router_id 51
mcast_src_ip 192.168.59.128 !nginx01 ip
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 !认密码 两台nginx密码要一致
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.59.222/24 !漂浮ip 可以有多个 回车隔开
}
}
在nginx_02上配置
代码语言:javascript复制cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
代码语言:javascript复制vi /etc/keepalived/keepalived.conf
修改成如下内容
注意:
代码语言:javascript复制state 和主不一样,是BACKUP
route_id 和主不一样
priority 小于主机
代码语言:javascript复制! Configuration File for keepalived
global_defs {
router_id nginx_server_2
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight 20
!weight为正数
!如果脚本执行结果为0,,Master:weight priority>Backup:weight priority(不切换)
!如果脚本执行结果不为0,Master:priority<Backup:priority weight(切换)
!weight为负数
!如果脚本执行结果为0,,Master:priority>Backup:priority(不切换)
!如果脚本执行结果不为0,Master:priority weight<Backup:priority(切换)
!一般来说,weight的绝对值要大于Master和Backup的priority之差
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
mcast_src_ip 192.168.59.129
priority 90
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.59.222/24
}
}
4.检查nginx进程的代码,当nginx进程奔溃后,keepalived自动启动nginx
在nginx_01和nginx_02上都配置一遍
代码语言:javascript复制vim /etc/keepalived/nginx_check.sh
添加如下代码
代码语言:javascript复制#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
5.改成可执行文件
在nginx_01和nginx_02上都配置一遍
代码语言:javascript复制chmod xxx /etc/keepalived/nginx_check.sh
6.启动和开机自启动
在nginx_01和nginx_02上都配置一遍
代码语言:javascript复制systemctl start keepalived //启动
systemctl enable keepalived //开机自启动