范例: 双主分别实现httpd和mysql服务的调度
ka1 配置
# web项目
[root@centos8 /etc/keepalived/conf.d]# cat web1_vip.conf
vrrp_instance web1 {
state MASTER
interface eth0
virtual_router_id 66
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@centos8 /etc/keepalived/conf.d]# cat lvs_web1.conf
virtual_server 172.31.0.188 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.31.0.27 80 {
weight 1
HTTP_GET {
url {
path /moba.html #这个文件在后端的rs一定要有
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.31.0.37 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
# mysql项目
[root@centos8 /etc/keepalived/conf.d]# cat mysql_vip.conf
vrrp_instance mysql {
state BACKUP
interface eth0
virtual_router_id 88
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.200 dev eth0 label eth0:2
}
}
[root@centos8 /etc/keepalived/conf.d]# cat lvs_mysql.conf
virtual_server 172.31.0.200 3306 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.31.0.27 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 172.31.0.37 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
范例:k2 配置
# web项目
[root@centos8 /etc/keepalived/conf.d]# cat web1_vip.conf
vrrp_instance web1 {
state BACKUP
interface eth0
virtual_router_id 66
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@centos8 /etc/keepalived/conf.d]# cat lvs_web1.conf
virtual_server 172.31.0.188 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.31.0.27 80 {
weight 1
HTTP_GET {
url {
path /moab.html
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.31.0.37 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
# mysql项目
[root@centos8 /etc/keepalived/conf.d]# cat mysql_vip.conf
vrrp_instance mysql {
state MASTER
interface eth0
virtual_router_id 88
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.200 dev eth0 label eth0:2
}
}
[root@centos8 /etc/keepalived/conf.d]# cat lvs_mysql.conf
virtual_server 172.31.0.200 3306 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.31.0.27 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 172.31.0.37 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
检看ipvsadm
[root@centos8 /etc/keepalived/conf.d]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.31.0.188:80 rr
-> 172.31.0.27:80 Route 1 0 0
-> 172.31.0.37:80 Route 1 0 0
TCP 172.31.0.200:3306 rr
-> 172.31.0.27:3306 Route 1 0 0
-> 172.31.0.37:3306 Route 1 0 0
生成后端rs的两个vip脚本
[root@mysql1 ~]# cat lvs_dr_rs.sh
#!/bin/bash
#Author:xuanlv
#Date:2021-06-13
vip=172.31.0.188
vip1=172.31.0.200
mask='255.255.255.255'
dev=lo:1
dev1=lo:2
rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null
service httpd start &> /dev/null && echo "The httpd Server is Ready!"
echo "<h1>`hostname`</h1>" > /var/www/html/index.html
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $dev $vip netmask $mask
ifconfig $dev1 $vip1 netmask $mask
echo "The RS Server is Ready!"
;;
stop)
ifconfig $dev down
ifconfig $dev1 down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
执行
[root@mysql2 ~]# bash lvs_dr_rs.sh start
The httpd Server is Ready!
The RS Server is Ready!
查看vip
[root@mysql1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 172.31.0.188/32 scope global lo:1
valid_lft forever preferred_lft forever
inet 172.31.0.200/32 scope global lo:2
valid_lft forever preferred_lft forever
客户端执行
root@long:~# while :;do mysql -uking -p123456 -h 172.31.0.200 -e 'show variables like "hostname"';curl 172.31.0.188;sleep 0.5;done
mysql: [Warning] Using a password on the command line interface can be insecure.
+---------------+-----------------------+
| Variable_name | Value |
+---------------+-----------------------+
| hostname | rs1.longxuan.vip |
+---------------+-----------------------+
rs1 web
mysql: [Warning] Using a password on the command line interface can be insecure.
+---------------+-----------------------+
| Variable_name | Value |
+---------------+-----------------------+
| hostname | rs2.longxuan.vip |
+---------------+-----------------------+
<h1>mysql2.longxuan.vip</h1>
mysql: [Warning] Using a password on the command line interface can be insecure.
+---------------+-----------------------+
| Variable_name | Value |
+---------------+-----------------------+
| hostname | rs1.longxuan.vip |
+---------------+-----------------------+
rs2 web
案例:实现单主的LVS-DR模式,利用FWM绑定成多个服务为一个集群服务
参考文档: 注意有bug
/usr/share/doc/keepalived/keepalived.conf.fwmark
范例:
#两个节点都执行添加iptables规则操作
[root@centos8 ~]# iptables -t mangle -A PREROUTING -d 172.31.0.188 -p tcp -m multiport --dports 80,443 -j MARK --set-mark 6
# 查看添加的iptables规则
[root@centos8 ~]# iptables -t mangle -vnL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MARK tcp -- * * 0.0.0.0/0 172.31.0.188 multiport dports 80,443 MARK set 0x6
范例:ka1 配置
[root@centos8 /etc/keepalived/conf.d]# cat web1_vip.conf
vrrp_instance web1 {
state MASTER
interface eth0
virtual_router_id 66
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@centos8 /etc/keepalived/conf.d]# cat lvs_web1.conf
virtual_server fwmark 6 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.31.0.27 80 { #注意端口必须指定
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.31.0.37 80 { #注意端口必须指定
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 3
}
}
}
范例:ka2 配置
[root@centos8 /etc/keepalived/conf.d]# vim web1_vip.conf
vrrp_instance web1 {
state BACKUP
interface eth0
virtual_router_id 66
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@centos8 /etc/keepalived/conf.d]# vim lvs_web1.conf
virtual_server fwmark 6 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.31.0.27 80 { #注意端口必须指定
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.31.0.37 80 { #注意端口必须指定
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 3
}
}
}
生成vip脚本
[root@mysql1 ~]# cat lvs_dr_rs.sh
#!/bin/bash
#Author:xuanlv
#Date:2021-06-13
vip=172.31.0.188
#vip1=172.31.0.200
mask='255.255.255.255'
dev=lo:1
dev1=lo:2
rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null
service httpd start &> /dev/null && echo "The httpd Server is Ready!"
echo "<h1>`hostname`</h1>" > /var/www/html/index.html
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $dev $vip netmask $mask
#ifconfig $dev1 $vip1 netmask $mask
echo "The RS Server is Ready!"
;;
stop)
ifconfig $dev down
#ifconfig $dev1 down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
使用ipvsadm查看
[root@centos8 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.31.0.200:3306 rr
-> 172.31.0.27:3306 Route 1 0 0
-> 172.31.0.37:3306 Route 1 0 0
FWM 6 rr
-> 172.31.0.27:80 Route 1 0 0
-> 172.31.0.37:80 Route 1 0 0
后端是网页
[root@mysql1 ~]# cat /var/www/html/index.html
apache web 80
[root@mysql1 ~]# cat /apps/nginx/html/index.html
web nginx page 443
[root@mysql2 ~]# cat /apps/nginx/html/index.html
web nginx22 80
[root@mysql2 ~]# cat /var/www/html/index.html
apache222 443
测试
root@long:~# curl 172.31.0.188; curl 172.31.0.188:443
web nginx page 80
apache222 443
# 停止第一台80
[root@mysql1 ~]# systemctl stop nginx
# 再次curl检查发现有点延迟,过后就访问第二台nginx服务
root@long:~# curl 172.31.0.188; curl 172.31.0.188:443
curl: (7) Failed to connect to 172.31.0.188 port 80: Connection refused
apache222
root@long:~# curl 172.31.0.188; curl 172.31.0.188:443
web nginx22 80
apache222 443
基于 VRRP Script 实现其它应用的高可用性
keepalived利用 VRRP Script 技术,可以调用外部的辅助脚本进行资源监控,并根据监控的结果实现优
先动态调整,从而实现其它应用的高可用性功能
参考配置文件:
/usr/share/doc/keepalived/keepalived.conf.vrrp.localcheck
VRRP Script 配置
分两步实现:
定义脚本
vrrp_script:自定义资源监控脚本,vrrp实例根据脚本返回值,公共定义,可被多个实例调用,定
义在vrrp实例之外的独立配置块,一般放在global_defs设置块之后,是和global_defs平级的语句块
通常此脚本用于监控指定应用的状态。一旦发现应用的状态异常,则触发对MASTER节点的权重减
至低于SLAVE节点,从而实现 VIP 切换到 SLAVE 节点
注意: 此定义脚本的语句块一定要放在下面调用此语句vrrp_instance语句块的前面
vrrp_script <SCRIPT_NAME> {
script <STRING>|<QUOTED-STRING> #此脚本返回值为非0时,会触发下面OPTIONS执行
OPTIONS
}
调用脚本
track_script:调用vrrp_script定义的脚本去监控资源,定义在VRRP实例之内,调用事先定义的
vrrp_script
track_script {
SCRIPT_NAME_1
SCRIPT_NAME_2
}
定义 VRRP script
vrrp_script <SCRIPT_NAME> { #定义一个检测脚本,在global_defs 之外配置
script <STRING>|<QUOTED-STRING> #shell命令或脚本路径(注意执行权限)
interval <INTEGER> #间隔时间,单位为秒,默认1秒
timeout <INTEGER> #超时时间
weight <INTEGER:-254..254> #默认为0,如果设置此值为负数,当上面脚本返回值为非0时,会将此值与本节点权重相加可以降低本节点权重,即表示fall. 如果是正数,当脚本返回值为0,会将此值与本节点权重相加可以提高本节点权重,即表示 rise.通常使用负值
fall <INTEGER> #执行脚本连续几次都失败,则转换为失败,建议设为2以上
rise <INTEGER> #执行脚本连续几次都成功,把服务器从失败标记为成功
user USERNAME [GROUPNAME] #执行监测脚本的用户或组
init_fail #设置默认标记为失败状态,监测成功之后再转换为成功状态
}
调用 VRRP script
vrrp_instance VI_1 {
…
track_script {
<SCRIPT_NAME>
}
}
实战案例:利用脚本实现主从角色切换
[root@ka1-centos8 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from kaadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.longxuan.vip #在另一个节点为ka2.longxuan.vip
vrrp_mcast_group4 224.0.0.100
}
vrrp_script check_down {
script "[ ! -f /etc/keepalived/down ]" #/etc/keepalived/down存在时返回非0,触发权重-30
interval 1
weight -30
fall 3
rise 2
timeout 2
}
vrrp_instance VI_1 {
state MASTER #在另一个节点为BACKUP
interface eth0
virtual_router_id 66
priority 100 #在另一个节点为80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_down #调用前面定义的脚本
}
}
[root@ka1-centos8 ~]# touch /etc/keepalived/down
[root@ka1-centos8 ~]# tail -f /var/log/messages
Mar 28 19:47:03 ka1-centos8 Keepalived_vrrp[7200]: Script `check_down` now returning 1
Mar 28 19:47:05 ka1-centos8 Keepalived_vrrp[7200]: VRRP_Script(chk_down) failed
(exited with status 1)
Mar 28 19:47:05 ka1-centos8 Keepalived_vrrp[7200]: (VI_1) Changing effective priority from 100 to 70
[root@rs1 ~]# tcpdump -i eth0 -nn 224.0.0.100
19:42:09.578203 IP 172.31.0.8 > 224.0.0.100: VRRPv2, Advertisement, vrid 66,
prio 100, authtype simple, intvl 1s, length 20
19:42:10.579304 IP 172.31.0.8 > 224.0.0.100: VRRPv2, Advertisement, vrid 66,
prio 70, authtype simple, intvl 1s, length 20
[root@ka1-centos8 ~]# rm -rf /etc/keepalived/down
[root@ka1-centos8 ~]# tail -f /var/log/messages
Mar 28 19:47:45 ka1-centos8 Keepalived_vrrp[7200]: Script `check_down` now returning 0
Mar 28 19:47:46 ka1-centos8 Keepalived_vrrp[7200]: VRRP_Script(check_down)succeeded
Mar 28 19:47:46 ka1-centos8 Keepalived_vrrp[7200]: (VI_1) Changing effective priority from 70 to 100
Mar 28 19:47:49 ka1-centos8 Keepalived_vrrp[7200]: Sending gratuitous ARP on eth0 for 172.31.0.188
实战案例:实现单主模式的Nginx反向代理的高可用
#在两个节点都配置nginx反向代理
[root@ka1-centos8 ~]# vim /etc/nginx/nginx.conf
http {
upstream webs {
server 172.31.0.17:80 weight=1;
server 172.31.0.27:80 weight=1;
}
server {
listen 80;
location /{
proxy_pass http://webs/;
}
}
}
#在两个节点都配置keepalived实现nginx反向代理高可用
[root@ka1-centos8 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from kaadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.longxuan.vip #在另一个节点为ka2.longxuan.vip
vrrp_mcast_group4 224.8.8.8
}
vrrp_script check_nginx {
script "/etc/keepalived/conf.d/check_nginx.sh"
#script "/usr/bin/killall -0 nginx" 此写法支持
#script "/usr/bin/killall -0 nginx &>/dev/null 不支持&>此写法
interval 1
weight -30
fall 3
rise 5
timeout 2
}
vrrp_instance VI_1 {
state MASTER #在另一个节点为BACKUP
interface eth0
virtual_router_id 66
priority 100 #在另一个节点为80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_nginx
}
}
[root@ka1-centos8 ~]# yum install psmisc -y
[root@ka1-centos8 ~]# cat /etc/keepalived/check_nginx.sh
#!/bin/bash
/usr/bin/killall -0 nginx || systemctl restart nginx
[root@ka1-centos8 ~]# chmod a+x /etc/keepalived/check_nginx.sh
范例: 利用通知脚本,实现切换时,自动重启服务
[root@centos8 ~]# vim /etc/keepalived/notify.sh
!/bin/bash
contact='root@localhost'
notify() {
mailsubject="$(hostname) to be $1:vip floating"
mailbody="$(date +'%F %T'):vrrp transition,$(hostname) change to be $1"
echo $mailbody | mail -s "$mailsubject" $contract
}
case $1 in
master)
notify master
systemctl start nginx
;;
backup)
notify backup
systemctl restart nginx
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
esac
测试:
root@long:~# curl 172.31.0.188
web nginx page
root@long:~# curl 172.31.0.188
web nginx22
# 当nginx进程不存在了,ka2机器就会把vip抢过来,client访问不受影响
[root@centos8 /etc/keepalived]# hostname -I
172.31.0.48 172.31.0.188
[root@centos8 /etc/keepalived]# hostname -I
172.31.0.28
模拟:当机器down了,抓包
[root@centos8 /etc/keepalived]# tcpdump -i eth0 -nn dst host 224.8.8.8
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
05:19:00.998356 IP 172.31.0.28 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
05:19:02.000381 IP 172.31.0.28 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
05:19:05.689874 IP 172.31.0.48 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
05:19:06.690992 IP 172.31.0.48 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
当机器恢复,抓包
[root@centos8 /etc/keepalived]# tcpdump -i eth0 -nn dst host 224.8.8.8
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
05:22:11.819913 IP 172.31.0.48 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
05:22:12.820842 IP 172.31.0.48 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
05:22:23.643391 IP 172.31.0.28 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
05:22:24.644134 IP 172.31.0.28 > 224.8.8.8: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
实战案例:实现双主模式Nginx反向代理的高可用(在上面单主的基础上改良)
#在两个节点都配置nginx反向代理
[root@centos8 ~]# cat /etc/nginx/nginx.conf
upstream webserver {
server 172.31.0.27:80 weight=1;
server 172.31.0.37:80 weight=1;
}
upstream webser2 {
server 172.31.0.18:80 weight=1;
server 172.31.0.38:80 weight=1;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name www.alongxuan.vip;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://webserver;
}
}
server {
listen 80;
server_name www.blongxuan.vip;
#root /usr/share/nginx/html;
location / {
proxy_pass http://webser2;
}
}
范例:ka1 keepalived配置
[root@centos8 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.longxuan.vip
vrrp_mcast_group4 224.8.8.8
#vrrp_skip_check_adv_addr
#vrrp_strict
}
#include /etc/keepalived/conf.d/*.conf
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 1
weight -30
fall 3
rise 5
timeout 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 66
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_nginx
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 88
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.200 dev eth0 label eth0:2
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_nginx
}
}
范例:ka2 keepalived 配置
[root@centos8 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.longxuan.vip
vrrp_mcast_group4 224.8.8.8
#vrrp_skip_check_adv_addr
#vrrp_strict
}
#include /etc/keepalived/conf.d/*.conf
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 1
weight -30
fall 3
rise 5
timeout 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 66
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.188 dev eth0 label eth0:1
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_nginx
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 88
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.31.0.200 dev eth0 label eth0:2
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
track_script {
check_nginx
}
}
检查nginx脚本(两台都要)
[root@centos8 ~]# cat /etc/keepalived/check_nginx.sh
#!/bin/bash
/usr/bin/killall -0 nginx || systemctl restart nginx
访问测试
root@long:~# curl www.alongxuan.vip
web nginx page
root@long:~# curl www.alongxuan.vip
web nginx22
root@long:~# curl www.blongxuan.vip
123longwang
root@long:~# curl www.blongxuan.vip
longwang321