一、简介
1、用nginx做负载均衡,作为架构的最前端或中间层,随着日益增长的访问量,需要给负载均衡做高可用架构,利用keepalived解决单点风险,一旦 nginx宕机能快速切换到备份服务器
2、keepalived原理请参考如下链接
https://www.cnblogs.com/zhangxingeng/p/10595058.html
3、nginx+keepalived单主架构
4、nginx+keepalived双主架构案例
二、部署nginx+keepalived 集群
1、环境
注意:本次实验没有部署负载均衡和rs,只是部署keepalived+web,主要是为了实现效果,简化了很多配置
1.1、节点部署
| 节点 | 地址 | 服务 | 单主实例VI_1 | 双主实例VI_1 | 双主实例VI_2 |
| web1 | 192.168.216.51 | keepalived+web服务 | MASTER | MASTER | BAKCUP |
| web2 | 192.168.216.52 | keepalived+web服务 | BACKUP | BACKUP | MASTER |
| clent | 物理机 | 浏览器 |
1.2、部署前
1.2.1、各节点时间同步,可以是设置ntp或者手动同一时间,且不能超过1s的差距
1.2.2、关闭防火墙及selinux
1.2.3、节点名称对应ip地址写入hosts文件
1.2.4、节点间root可以基于密钥认证的ssh服务完成互相通信(非必需)
1.3、keepalived的目录机构
[root@web1 keepalived]# rpm -ql keepalived
/etc/keepalived
/etc/keepalived/keepalived.conf #主配置文件
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/lib/systemd/system/keepalived.service
/usr/libexec/keepalived
/usr/sbin/keepalived
/usr/share/doc/keepalived-1.3.
/usr/share/doc/keepalived-1.3./AUTHOR
/usr/share/doc/keepalived-1.3./CONTRIBUTORS
/usr/share/doc/keepalived-1.3./COPYING
/usr/share/doc/keepalived-1.3./ChangeLog
/usr/share/doc/keepalived-1.3./NOTE_vrrp_vmac.txt
/usr/share/doc/keepalived-1.3./README
/usr/share/doc/keepalived-1.3./TODO
/usr/share/doc/keepalived-1.3./keepalived.conf.SYNOPSIS
/usr/share/doc/keepalived-1.3./samples
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.HTTP_GET.port
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.IPv6
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.SMTP_CHECK
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.SSL_GET
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.fwmark
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.inhibit
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.misc_check
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.misc_check_arg
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.quorum
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.sample
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.status_code
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.track_interface
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.virtual_server_group
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.virtualhost
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.localcheck
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.lvs_syncd
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.routes
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.rules
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.scripts
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.static_ipaddress
/usr/share/doc/keepalived-1.3./samples/keepalived.conf.vrrp.sync
/usr/share/doc/keepalived-1.3./samples/sample.misccheck.smbcheck.sh
/usr/share/man/man1/genhash..gz
/usr/share/man/man5/keepalived.conf..gz
/usr/share/man/man8/keepalived..gz
/usr/share/snmp/mibs/KEEPALIVED-MIB.txt
/usr/share/snmp/mibs/VRRP-MIB.txt
/usr/share/snmp/mibs/VRRPv3-MIB.txt
[root@web1 keepalived]#
1.4、软件环境
[root@web1 keepalived]# rpm -qa nginx
nginx-1.12.-.el7.x86_64
[root@web1 keepalived]# rpm -qa keepalived
keepalived-1.3.-.el7_6.x86_64
[root@web1 keepalived]# cat /etc/redhat-release
CentOS Linux release 7.3. (Core)
[root@web1 keepalived]#
2、安装软件
yum install nginx keepalived pcre-devel -y
我这里已经安装了pcre所以具体依赖如下:
Dependencies Resolved ====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
keepalived x86_64 1.3.-.el7_6 updates k
Installing for dependencies:
net-snmp-agent-libs x86_64 :5.7.-.el7 base k
Updating for dependencies:
net-snmp-libs x86_64 :5.7.-.el7 base k Transaction Summary
====================================================================================================================
Install Package (+ Dependent package)
Upgrade ( Dependent package)
Dependencies Resolved =============================================================================================================================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================================================================================================================
Installing:
nginx x86_64 :1.12.-.el7 epel k
Installing for dependencies:
nginx-all-modules noarch :1.12.-.el7 epel k
nginx-filesystem noarch :1.12.-.el7 epel k
nginx-mod-http-geoip x86_64 :1.12.-.el7 epel k
nginx-mod-http-image-filter x86_64 :1.12.-.el7 epel k
nginx-mod-http-perl x86_64 :1.12.-.el7 epel k
nginx-mod-http-xslt-filter x86_64 :1.12.-.el7 epel k
nginx-mod-mail x86_64 :1.12.-.el7 epel k
nginx-mod-stream x86_64 :1.12.-.el7 epel k
Updating for dependencies:
openssl x86_64 :1.0.2k-.el7_6. updates k
openssl-libs x86_64 :1.0.2k-.el7_6. updates 1.2 M Transaction Summary
=============================================================================================================================================================================================================================================
Install Package (+ Dependent packages)
Upgrade ( Dependent packages)
3、配置keepalived高可用,修改主配置文件
3.1、备份配置文件
两台均备份
cp /etc/keepalived/keepalived.conf keepalived.conf.bak
3.2、配置keepalived-MASTER
web1-51
[root@web1 keepalived]# cat keepalived.conf
! Configuration File for keepalived global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
# router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval
vrrp_gna_interval
} #VIP1
vrrp_instance VI_1 { #实例名称保持一致
state MASTER #主备配置为MASTER----BACKUP
interface ens33 #查看自己的网卡名称修改为它
virtual_router_id #vrid 路由标识符,主备保持一致
priority 100 #优先级值越大越高
advert_int
authentication { #认证,默认即可,主备保持一致
auth_type PASS
auth_pass
}
virtual_ipaddress { #vip,主备一致,可以为多vip
192.168.216.200
}
}
把配置文件发送到52节点
scp /etc/keepalived/keppalived.conf 192.168.216.52:/etc/keepalived/keepalived.conf
web2-52
只需要修改
state BACKUP
priority
4、配置nginx
web1
[root@web1 keepalived]# cat /usr/share/nginx/html/index.html
this is web1
web2
[root@web2 keepalived]# cat /usr/share/nginx/html/index.html
2 thsi web2
5、启动服务并开机自启
systemctl start nginx
systemctl start keepalived
systemctl enable nginx
systemctl enable keepalived
6、测试
6.1、首先访问各站点
没问题
没问题
6.2、VIP也没有问题,在备服务器抓包看看,每1s 宣告一次,状态正常
[root@web2 keepalived]# tcpdump -i ens33 host 192.168.216.51
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size bytes
::22.470521 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid , prio , authtype simple, intvl 1s, length
::23.472862 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid , prio , authtype simple, intvl 1s, length
::24.473482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid , prio , authtype simple, intvl 1s, length
::25.475482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid , prio , authtype simple, intvl 1s, length
6.3、现在可以开始stop keepalived,测试主备切换
[root@web1 keepalived]# systemctl stop keepalived
刷新页面如下:
查看web2的ip信息,ifconfig看不到,可以使用ip addr list 命令查询
[root@web2 keepalived]# ip ad
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP qlen
link/ether :0c:::de: brd ff:ff:ff:ff:ff:ff
inet 192.168.216.52/ brd 192.168.216.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.216.200/32 scope global ens33 #vip已经漂移过来了
valid_lft forever preferred_lft forever
inet6 fe80:::80e8:f210:1e24/ scope link
valid_lft forever preferred_lft forever
inet6 fe80:::e73d:1ef:2e1/ scope link tentative dadfailed
valid_lft forever preferred_lft forever
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN qlen
link/ether ::::a5:7c brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/ brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN qlen
link/ether ::::a5:7c brd ff:ff:ff:ff:ff:ff
[root@web2 keepalived]#
[root@web1 keepalived]# systemctl restart keepalived 刷新网页,发现切换回来了
6.4、实验环境为虚拟机,演示实验过程中一个问题
注意:如果是禁用网卡的方式,最好是在虚拟机上断开连接的方式测试。
因为在测试过程中,systemctl stop network 测试切换的时候出现不能切换,网络没有完全断开backup还能收到master的心跳,但是其他服务已经停用了下面演示:
访问vip就变成如下状态,没有进行故障切换
应该这样测试如下:断开网络连接的方式比较彻底了
三、部署nginx+keepalived双主架构
1、环境
和上面一个实验一样的环境就是改成双主
2、安装软件
同上
3、配置keepalived
web1配置
[root@web1 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
# router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval
vrrp_gna_interval
}
#vrrp_script chk_nginx{
# script "/data/sh/check_nginx.sh"
# interval
# weight
#}
#VIP1
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.200
}
}
#track_script {
# chk_nignx
#} #VIP2,新增配置,新增一个实例VI_2
vrrp_instance VI_2 {
state BAKCUP
interface ens33
virtual_router_id 51
priority 90
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.210
}
}
web2配置
[root@web2 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
# router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval
vrrp_gna_interval
}
#vrrp_script chk_nginx{
# script "/data/sh/check_nginx.sh"
# interval
# weight
#}
#VIP1
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.200
}
}
#track_script {
# chk_nignx
#}
#VIP2,新增的实例,VI_2
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.210
}
}
这里附上两台节点的实例比较,请见下图:
4、配置nginx,同上
5、重启服务
systemctl restart keepalived
6、测试验证
6.1、首先看一下抓包情况
6.2、测试切换是否正常,这里测试就是以stop keepalived测试效果了
[root@web1 keepalived]# systemctl stop keepalived
效果
[root@web1 keepalived]# systemctl restart keepalived
切换回来
在来测试web2
[root@web2 keepalived]# systemctl stop keepalived
[root@web2 keepalived]# systemctl restart keepalived
四、高可用之调用辅助脚本进行资源监控,并根据监控的结果状态实现动态调整
1、动态调整keepalived
检测keepalived主要是用在维护过程中,比如升级,停掉服务是非常不理想的,可以用vrrp脚本,实现不停服务地址来回转换的方法
注意:其中定义脚本有两种方法:
第一种:脚本放在目录里,配置文件指定脚本路径
这种模式生效了
[root@web1 keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval
# vrrp_gna_interval
}
20 vrrp_script chk_maintanance {
21
22 script "/etc/keepalived/chkdown.sh" #脚本路径
23 interval 1 #间隔1s执行一次
24 weight -20 #失败的权重减20
}
#VIP1
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.200
}
41 track_script {
42 chk_maintanance
43 }
44 }
#VIP2
vrrp_instance VI_2 {
state BAKCUP
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.210
}
59 track_script {
60 chk_maintanance
61 }
}
脚本如下:
[root@web1 keepalived]# cat chkdown.sh
#!/bin/bash [[ -f /etc/keepalived/down ]]&&exit || exit [root@web1 keepalived]# pwd
/etc/keepalived
[root@web1 keepalived]#
验证:
23 [root@web1 keepalived]# touch down
[root@web1 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Mon -- :: CST; 1h 25min ago
Process: ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=/SUCCESS)
Main PID: (keepalived)
CGroup: /system.slice/keepalived.service
├─ /usr/sbin/keepalived -D
├─ /usr/sbin/keepalived -D
└─ /usr/sbin/keepalived -D Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...6.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status 1 #改变状态为1,然后降低优先级,这里-l应该可以看到,下面又重新-l看了一下
Apr :: web1 Keepalived_vrrp[]: VRRP_Script(chk_maintanance) failed
Hint: Some lines were ellipsized, use -l to show in full.
#之后重新收一下测试的状态
[root@web1 keepalived]# systemctl status keepalived -l ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 33min ago Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 40898 (keepalived) CGroup: /system.slice/keepalived.service ├─40898 /usr/sbin/keepalived -D ├─40899 /usr/sbin/keepalived -D └─40900 /usr/sbin/keepalived -D Apr 22 14:16:29 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) failed Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Received advert with higher priority 90, ours 80 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Entering BACKUP STATE Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) removing protocol VIPs. Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 46 [root@web1 keepalived]# rm -rf down # 删除down文件,重新切换回来
[root@web1 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Mon -- :: CST; 1h 25min ago
Process: ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=/SUCCESS)
Main PID: (keepalived)
CGroup: /system.slice/keepalived.service
├─ /usr/sbin/keepalived -D
├─ /usr/sbin/keepalived -D
└─ /usr/sbin/keepalived -D Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: /etc/keepalived/chkdown.sh exited with status
Apr :: web1 Keepalived_vrrp[]: VRRP_Script(chk_maintanance) succeeded #检查成功,改变优先级,切换vi_1的实例为master
Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_1) Changing effective priority from to
Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_2) Changing effective priority from to
Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_1) forcing a new MASTER election
[root@web1 keepalived]#
切换的时候可以观察前端切换的效果
第二种方法就是是直接写脚本,这里keepalived版本是keepalived-1.3.5-8.el7_6.x86_64,没有生效,具体不清楚为什么。
[root@web2 keepalived]# vim keepalived.conf
script "
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
router_id LVS_DEVEL1
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval
# vrrp_gna_interval
}
21 vrrp_script chk_maintanance {
22 script "[[ -f /etc/keepalived/down ]]&&exit 1 || exit 0"
23 interval 1
24 weight -20
25 }
#VIP1
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.200
}
43 track_script {
44 chk_maintanance
45 }
}
#VIP2
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.210
}
61 track_script {
62 chk_maintanance
63 }
}
2、检测nginx是否存活
配置web1/web2 都添加如下标红代码,并添加脚本
[root@web1 keepalived]# vim keepalived.conf # acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout
router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval
# vrrp_gna_interval
}
vrrp_script chk_maintanance { script "/etc/keepalived/chkdown.sh"
interval
weight -
}
vrrp_script chk_nginx {
23 script "/etc/keepalived/chknginx.sh"
24 interval 1
25 weight -20
26 } #VIP1
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.200
}
track_script {
chk_maintanance
}
45 track_script {
46 chk_nginx
47 }
}
#VIP2
vrrp_instance VI_2 {
state BAKCUP
interface ens33
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.216.210
}
track_script {
chk_maintanance
}
66 track_script {
67 chk_nginx
}
}
脚本
[root@web1 keepalived]# ll
total
-rwxr-xr-x root root Apr : chkdown.sh
-rwxr-xr-x root root Apr : chknginx.sh
-rw-r--r-- root root Apr : keepalived.conf
-rw-r--r-- root root Apr : notify.sh
[root@web1 keepalived]# cat chknginx.sh
#!/bin/bash #auto check nginx process
# by zxg killall - nginx
if [[ $? -ne ]];then
systemctl keepalived stop
fi
[root@web1 keepalived]#
监测,手动stop nginx
[root@web1 keepalived]# systemctl stop nginx
[root@web1 keepalived]# systemctl status keepalived -l
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Mon -- :: CST; 27min ago
Process: ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=/SUCCESS)
Main PID: (keepalived)
CGroup: /system.slice/keepalived.service
├─ /usr/sbin/keepalived -D
├─ /usr/sbin/keepalived -D
└─ /usr/sbin/keepalived -D Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
18 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1
19 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: VRRP_Script(chk_nginx) failed
20 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80
21 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70
22 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1
[root@web1 keepalived]# systemctl start nginx
[root@web1 keepalived]# systemctl status keepalived -l
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Mon -- :: CST; 28min ago
Process: ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=/SUCCESS)
Main PID: (keepalived)
CGroup: /system.slice/keepalived.service
├─ /usr/sbin/keepalived -D
├─ /usr/sbin/keepalived -D
└─ /usr/sbin/keepalived -D 37 Apr 22 15:28:12 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) forcing a new MASTER election
38 Apr 22 15:28:13 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Transition to MASTER STATE
39 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Entering MASTER STATE
40 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) setting protocol VIPs.
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
Apr :: web1 Keepalived_vrrp[]: Sending gratuitous ARP on ens33 for 192.168.216.200
[root@web1 keepalived]#
网页效果同上,就是stop nginx时候观察是否切换到web2上
