需求
實際生產環境中,一些企業爲了避免單點故障,提升服務器性能,會使用多臺服務器搭建一個集羣來運行應用程序。
名詞
雙機熱備特指基於高可用系統中的兩臺服務器的熱備(或高可用),雙機高可用按工作中的切換方式分爲:主-備方式(Active-Standby方式)和雙主機方式(Active-Active方式),主-備方式即指的是一臺服務器處於某種業務的激活狀態(即Active狀態),另一臺服務器處於該業務的備用狀態(即Standby狀態)。而雙主機方式即指兩種不同業務分別在兩臺服務器上互爲主備狀態(即Active-Standby和Standby-Active狀態)。
準備
環境 | CentOS7 |
master | 安裝keepalived+Nginx |
backup | 安裝keepalived+Nginx |
VIP | VIP(Virtual IP)即虛擬IP,由keepalived給服務器配置上,服務器用此IP對外提供服務,當master宕機,VIP會被分配到bakcup上 |
關閉firewalld | systemctl stop iptables.service (安裝開啓狀態將其關閉) |
關閉iptables | systemctl stop iptables.service (安裝開啓狀態將其關閉) |
安裝
- 安裝Nginx(oneinstack快捷安裝,這裏不是重點)
wget -c http://mirrors.linuxeye.com/oneinstack-full.tar.gz && tar xzf oneinstack-full.tar.gz && ./oneinstack/install.sh --nginx_option 1 --pureftpd --reboot
配置
- 修改master(192.168.0.169)上keepalived配置文件
! Configuration File for keepalived global_defs { #notification_email { # [email protected] # [email protected] # [email protected] #} #notification_email_from [email protected] #smtp_server 192.168.200.1 #smtp_connect_timeout 30 #router_id LVS_DEVEL #vrrp_skip_check_adv_addr #vrrp_strict #vrrp_garp_interval 0 #vrrp_gna_interval 0 } vrrp_script check_nginx { #check_nginx爲字定義腳本 script "/usr/local/scripts/check_nginx.sh" interval 3 #每隔3秒執行一次腳本 } vrrp_instance VI_1 { state MASTER #指定那個爲master,那個爲backup,如果設置了nopreempt這個值不起作用,主備依據priority interface ens33 #實例綁定網卡(通過ifconfig命令查看) virtual_router_id 51 #VIPID標識,主備要一致 priority 100 #優先權,權重大的競選爲master,1-255之間 advert_int 1 #檢查間隔,默認1秒 authentication { #設置認證,主備一致 auth_type PASS #認證方式 auth_pass 1111 #認證密碼 } virtual_ipaddress { #設置VIP,可設置多個,空格隔開 192.168.0.125 } track_script { check_nginx #定義監控腳本,和上面的vrrp_script後面的字符串保持一致 } }
- 配置backup(192.168.0.175)上keepalived配置文件
! Configuration File for keepalived global_defs { #notification_email { # [email protected] # [email protected] # [email protected] #} #notification_email_from [email protected] #smtp_server 192.168.200.1 #smtp_connect_timeout 30 #router_id LVS_DEVEL #vrrp_skip_check_adv_addr #vrrp_strict #vrrp_garp_interval 0 #vrrp_gna_interval 0 } vrrp_script check_nginx { #check_nginx爲自定義腳本 script "/usr/local/scripts/check_nginx.sh" interval 3 #每隔3秒執行一次腳本 } vrrp_instance VI_1 { state BACKUP #指定那個爲master,那個爲backup,如果設置了nopreempt這個值不起作用,主備依據priority interface ens33 #實例綁定網卡(通過ip addr命令查看) virtual_router_id 51 #VIPID標識,主備要一致 priority 50 #優先權,權重大的競選爲master,1-255之間 advert_int 1 #檢查間隔,默認1秒 authentication { #設置認證,主備一致 auth_type PASS #認證方式 auth_pass 1111 #認證密碼 } virtual_ipaddress { #設置VIP,可設置多個,空格隔開 192.168.0.125 } track_script { check_nginx #定義監控腳本,和上面的vrrp_script後面的字符串保持一致 } }
-
主備檢查Nginx腳本
mkdir /usr/local/scripts #創建腳本目錄 touch /usr/local/scripts/check_nginx.sh #創建腳本文件 chmod a+x /usr/local/scripts/check_nginx.sh #賦值可執行權限 #! /bin/bash #時間變量,用於記錄日誌 d=`date --date today +%Y%m%d_%H:%M:%S` #計算nginx進程數量 n=`ps -C nginx --no-heading|wc -l` #如果進程爲0,則啓動nginx,並且再次檢測nginx進程數量,如果還爲0,說明nginx無法啓動,此時需要關閉keepalived if [ $n -eq "0" ]; then systemctl start nginx echo "$d nginx is starting" >> /var/log/check_nginx.log n2=`ps -C nginx --no-heading|wc -l` if [ $n2 -eq "0" ]; then echo "$d nginx down,keepalived will stop" >> /var/log/check_nginx.log systemctl stop keepalived fi fi
測試
- 主備啓動Nginx(安裝之後默認啓動)和keepalived
systemctl start nginx.service #啓動nginx systemctl start keepalived.service #啓動keepalived [root@one scripts]# ps aux | grep keepalived root 5050 0.0 0.1 48460 1040 ? Ss 10:09 0:00 /usr/local/keepalived/sbin/keepalived -D root 5051 0.0 0.2 48592 2048 ? S 10:09 0:00 /usr/local/keepalived/sbin/keepalived -D root 5052 0.0 0.1 48460 1688 ? S 10:09 0:01 /usr/local/keepalived/sbin/keepalived -D root 10867 0.0 0.0 112708 972 pts/0 R+ 10:57 0:00 grep --color keepalived #如果看keepalived有三個進程顯示,說明正常啓動
- 主備修改/data/wwwroot/default/index.html,將特定地方改成主機IP,好識別
<a class="navbar-brand col-sm-3 col-md-2 mr-0" href="">主備機IP</a>
- 訪問網頁(192.168.0.125),此時的VIP在主機上
- Nginx宕機(當Nginx宕機之後,檢測腳本會嘗試重啓Nginx,恢復故障;當Nginx不能重啓,則關閉keepalived;不關閉keepalivd的話,主機依舊佔據VIP,造成無法訪問)
[root@one scripts]# systemctl stop nginx.service [root@one scripts]# cat /var/log/check_nginx.log 20190423_14:06:08 nginx is starting
-
關閉主機keepalived,VIP自動切換綁定在從機上
#主機(192.168.0.169),關閉keepalived只有,VIP釋放 [root@one scripts]# systemctl stop keepalived.service [root@one scripts]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:35:4b:7a brd ff:ff:ff:ff:ff:ff inet 192.168.0.169/24 brd 192.168.0.255 scope global dynamic ens33 valid_lft 3147sec preferred_lft 3147sec inet6 fe80::27b0:14bc:f738:b2fb/64 scope link valid_lft forever preferred_lft forever #備機(192.168.0.175),綁定VIP [root@three ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:e5:6d:4a brd ff:ff:ff:ff:ff:ff inet 192.168.0.175/24 brd 192.168.0.255 scope global dynamic ens33 valid_lft 3029sec preferred_lft 3029sec inet 192.168.0.125/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::6b74:27f:6061:a902/64 scope link valid_lft forever preferred_lft forever
-
主機故障恢復,VIP從新綁定主機
[root@one scripts]# systemctl start keepalived.service [root@one scripts]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:35:4b:7a brd ff:ff:ff:ff:ff:ff inet 192.168.0.169/24 brd 192.168.0.255 scope global dynamic ens33 valid_lft 2394sec preferred_lft 2394sec inet 192.168.0.125/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::27b0:14bc:f738:b2fb/64 scope link valid_lft forever preferred_lft forever