服务器IP: 1 2 3 4 5 server_ip 172.16.88.179 172.16.88.180 vip 172.16.88.178
软件版本及下载 1 2 http://tengine.taobao.org/download/tengine-2.1.2.tar.gz http://www.keepalived.org/software/keepalived-1.3.2.tar.gz
nginx安装 参加nginx的安装文档
keepalived安装 1 2 3 4 5 6 7 8 tar zxvf keepalived-1.3.2.tar.gz cd keepalived-1.3.2 ./configure --sysconf=/etc make && make install ln -s /usr/local/sbin/keepalived /sbin/keepalived cp keepalived/etc/init.d/keepalived /etc/init.d/ chkconfig --add keepalived chkconfig keepalived on
配置nginx+keepalived 在172.16.88.179上 创建nginx服务监测脚本
1 2 3 4 5 6 7 8 9 10 11 12 13 vim /etc/keepalived/chk_nginx.sh #!/bin/bash # description: # 查看nginx进程是否存在,如果不存在则启动nginx # 如果启动失败,则停止keepalived status=$(ps -C nginx --no-heading|wc -l) if [ "${status}" = "0" ]; then /usr/sbin/nginx status2=$(ps -C nginx --no-heading|wc -l) if [ "${status2}" = "0" ]; then service keepalived stop fi fi
添加可执行权限
1 chmod +x /etc/keepalived/chk_nginx.sh
配置keepalived.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 mv /etc/keepalived/keepalived.conf{,.bak} vim /etc/keepalived/keepalived.conf #主配置文件 #定义监控脚本 vrrp_script chk_nginx { script "/etc/keepalived/chk_nginx.sh" #脚本位置 interval 2 #检查时间间隔,单位秒 weight 2 #定义失败时对应的权重减少值 fall 3 #定义多少次失败则判定失败(检测3次失败,就认为失败) rise 2 #判定成功检测次数(检测二次成功,就认为在线) } vrrp_instance VI_1 { state MASTER #角色 interface eth0 #监听的网卡 virtual_router_id 51 #虚拟路由标志 priority 100 #优先级 advert_int 1 #检查时间间隔,单位秒 authentication { auth_type PASS #验证类型 auth_pass 1111 #验证密码 } track_script { chk_nginx } virtual_ipaddress { 172.16.88.178 #vip } }
拷贝配置文件到172.16.88.180 1 2 scp /etc/keepalived/keepalived.conf root@172.16.88.180:/etc/keepalived/ scp /etc/keepalived/chk_nginx.sh root@172.16.88.180:/etc/keepalived/
在172.16.88.180上 修改从172.16.88.179拷贝过来的配置文件/etc/keepalived/keepalived.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 vim /etc/keepalived/keepalived.conf #主配置文件 global_defs { notification_email { #设置管理员的email邮箱信息 acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #通知邮件来源 smtp_server 127.0.0.1 #设置邮件服务器地址为本地 smtp_connect_timeout 30 #设置连接超时时间 router_id LVS_DEVEL #设置本keepalived的ID名称 vrrp_skip_check_adv_addr # vrrp_strict ##严格遵守vrrp协议,下面这些功能将会禁止:1.VIP;2.unicast(单播) peers;3.vrrp 版本2的ipv6功能,开启此选项会开启防火墙并DROP所以VIP请求 # vrrp_garp_interval 0 # vrrp_gna_interval 0 } vrrp_script chk_nginx { script "/etc/keepalived/chk_nginx.sh" interval 2 weight 2 fall 3 rise 2 } vrrp_instance VI_1 { state SLAVE #修改角色 interface eth0 virtual_router_id 51 priority 90 #修改优先级 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_nginx } virtual_ipaddress { 172.16.88.178 } }
测试 启动nginx+keepalived服务(两台均启动)
1 2 /usr/sbin/ngix #启动nginx service keepalived start #启动keepalived
在优先级较高的这条查看ip
1 2 3 4 5 6 7 ip addr eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:0c:47:79 brd ff:ff:ff:ff:ff:ff inet 172.16.88.179/23 brd 172.16.89.255 scope global eth0 inet 172.16.88.178/23 scope global secondary eth0 #发现多了一个虚拟ip inet6 fe80::5054:ff:fe0c:4779/64 scope link valid\_lft forever preferred\_lft forever
注意:此时在优先级低的服务器上是看不到这个虚拟ip的
模拟master(172.16.88.179)宕机,关闭keepalived
此时查看ip,发现虚拟IP漂移到SLAVE(172.16.88.180)上了