试验环境 ubuntu 20.04
一、安装 nginx 和 keepalived
apt-get install -y nginx keepalived
二、配置 nginx
user root;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
三、配置 keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
# 检测脚本地址
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
}
vrrp_instance VI_1 {
state BACKUP
interface ens160 # 指定网卡
virtual_router_id 51
priority 90 # 权重,主节点比备节点大
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
# 虚拟IP
virtual_ipaddress {
192.168.17.199/24
}
track_script {
check_nginx # 执行一个检测脚本
}
}
check_nginx.sh
#!/bin/bash
# 判断Nginx是否存活 根据物理机情况而定
counter=$(ps -ef |grep "/usr/sbin/nginx" | egrep -cv "grep|$$" )
if [ $counter -eq 0 ]; then
# 如果不存活则尝试启动Nginx
service nginx start
sleep 2
# 等待2秒后再次获取一次Nginx状态
counter=$(ps -ef |grep "/usr/sbin/nginx" | egrep -cv "grep|$$" )
# 再次进行判断,如Nginx还不存活则停止Keepalived,让地址进行漂移
if [ $counter -eq 0 ]; then
service keepalived stop
fi
fi
四、重启服务
service nginx restart
service keepalived restart
五、测试
- 主节点
ip addr
可以看到已经有 vip 了
root@node1:~# ip addr
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:96:5d:26 brd ff:ff:ff:ff:ff:ff
inet 192.168.17.131/24 brd 192.168.17.255 scope global ens160
valid_lft forever preferred_lft forever
inet 192.168.17.199/24 scope global secondary ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe96:5d26/64 scope link
valid_lft forever preferred_lft forever
- 主节点暂停 keepalived
service keepalived stop
- 查看备节点 ip
可以看到 vip 已漂移
root@node2:~# ip addr
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:ed:db:ae brd ff:ff:ff:ff:ff:ff
inet 192.168.17.132/24 brd 192.168.17.255 scope global ens160
valid_lft forever preferred_lft forever
inet 192.168.17.199/24 scope global secondary ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feed:dbae/64 scope link
valid_lft forever preferred_lft forever
网友评论