作业:
什么是脑裂:互相认为对方服务器瘫痪了,两边都有资源,导致哪个都不能访问。
1、NFS+DRBD +Heartbeat
2、nginx+keepalived实现高可用
什么是脑裂:互相认为对方服务器瘫痪了,两边都有资源,导致哪个都不能访问。
1、NFS+DRBD +Heartbeat
2、nginx+keepalived实现高可用
===============================================================
实验: nginx+keepalived实现高可用
1、准备四台虚拟机,两台tomcat,两台nginx2、两台tomcat配置相同,测试页不同
安装jdk
[root@localhost ~]# tar xf jdk-8u191-linux-x64.tar.gz
[root@localhost ~]# mv jdk1.8.0_191 /usr/local/java
[root@localhost ~]# vi /etc/profile
在最后添加
export JAVA_HOME=/usr/local/java
export PATH=$PATH:$JAVA_HOME/bin
[root@localhost ~]# source /etc/profile
安装tomcat
[root@localhost ~]# tar xf apache-tomcat-8.5.16.tar.gz
[root@localhost ~]# mv apache-tomcat-8.5.16 /usr/local/tomcat
[root@localhost ~]# /usr/local/tomcat/bin/startup.sh
Tomcat1测试页:
[root@localhost ~]# echo “111111” > /usr/local/tomcat/webapps/ROOT/index.jsp
Tomcat2测试页:
[root@localhost ~]# echo “222222” > /usr/local/tomcat/webapps/ROOT/index.jsp
2、两台nginx配置完全相同
[root@localhost ~]# tar xf xf nginx-1.15.9.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/nginx-1.15.9
[root@localhost~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-file-aio --with-http_stub_status_module --with-http_gzip_static_module --with-http_flv_module --with-http_ssl_module --with-pcre
[root@localhost~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin
[root@localhost~]# nginx
[root@localhost~]# vi /usr/local/nginx/conf/nginx.conf
user nginx nginx;
worker_processes 1;
error_log logs/error.log;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
upstream tomcat_server {
server 192.168.200.112:8080 weight=1;
server 192.168.200.113:8080 weight=1;
}
server {
listen 192.168.200.254:80;
server_name localhost;
charset utf-8;
access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm index.jsp;
proxy_pass http://tomcat_server;
proxy_set_header Host $http_host;
}
}
}
[root@localhost~]# killall -9 nginx
[root@localhost~]# nginx
4、keepalived配置
[root@localhost~]# yum -y install keepalived
[root@localhost~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id 192.168.200.66 //备用的用192.168.200.69
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER //备用BACKUP
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_http_port { #检测nginx服务是否在运行。有很多方式,比如进程,用脚本检测等等
script "/root/nginx.sh" #这里通过脚本监测
interval 2 #每两秒检测一次
weight -5 #脚本结果导致的优先级变更,检测失败(脚本返回非0)则优先级 -5
fall 2 #检测连续2次失败才算确定是真失败。会用weight减少优先级(1-255之间)
rise 1 #检测1次成功就算成功。但不修改优先级
}
vrrp_instance VI_1 {
state MASTER //备用BACKUP
interface ens32
virtual_router_id 51
priority 100 //备用 的要进行降级 例如90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.254 //虚拟VIP
}
track_script { #执行监控的服务。
chk_http_port #引用VRRP脚本,即在 vrrp_script 部分指定的名字。
}
}
检测nginx的脚本
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
systemctl stop keepalived
fi
fi
[root@localhost~]# chmod +x /root/nginx.sh
[root@localhost~]# systemctl restart keeplived
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER //备用BACKUP
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_http_port { #检测nginx服务是否在运行。有很多方式,比如进程,用脚本检测等等
script "/root/nginx.sh" #这里通过脚本监测
interval 2 #每两秒检测一次
weight -5 #脚本结果导致的优先级变更,检测失败(脚本返回非0)则优先级 -5
fall 2 #检测连续2次失败才算确定是真失败。会用weight减少优先级(1-255之间)
rise 1 #检测1次成功就算成功。但不修改优先级
}
vrrp_instance VI_1 {
state MASTER //备用BACKUP
interface ens32
virtual_router_id 51
priority 100 //备用 的要进行降级 例如90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.254 //虚拟VIP
}
track_script { #执行监控的服务。
chk_http_port #引用VRRP脚本,即在 vrrp_script 部分指定的名字。
}
}
检测nginx的脚本
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
systemctl stop keepalived
fi
fi
[root@localhost~]# chmod +x /root/nginx.sh
[root@localhost~]# systemctl restart keeplived
iptables -F //在关闭一次防火墙
浏览器中访问192.168.200.254
完成!!
!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!