keepalived+nginx高可用部署实例

安装keepalived
安装命令
yum install keepalived -y

查看是否安装成功,使用如下命令能看到版本号,表示成功
rpm -q -a keepalived

使用yum命令安装keepalived成功后,在/etc/keepalived目录下有keepalived.conf配置文件,高可用配置就是主要配置该文件
cd /etc/keepalived
vi keepalived.conf

主机的keepalived.conf的配置内容如下
主监控MASTER配置
#----------------------------------------------------------#
!Configuration File for keepalived
global_defs {
   #路由id:当前安装keepalived的节点主机标识符,保证全局唯一
   router_id keep_01
   notification_email {
     qj1314520@126.com
   }
   notification_email_from root@xuad.com
   smtp_server mail.xuad.com
   smtp_connect_timeout 30
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   script_user root
   enable_script_security
}

# 检查nginx状态的脚本
vrrp_script chk_nginx {
    script "/kdata/keepalived/nginx_check.sh"   
    interval 2
    weight 3
}

vrrp_instance VI_1 {
    # 表示状态是MASTER主机还是备用机BACKUP
    state MASTER     #备份服务器上将MASTER改为BACKUP
   #这个需要根据你服务器的网卡进行选择,我这里是ens33
    interface ens33	
   # 保证主备节点一致即可
    virtual_router_id 51
    mcast_src_ip 192.168.132.131	
   # 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
    priority 100     
    # 主备之间同步检查时间间隔,单位秒
    advert_int 1
    # 认证权限密码,防止非法节点进入
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    #虚拟出来的ip,可以有多个(vip)
	#这个IP前三位最后与服务器的IP前三位相同,有多个vip可在下面继续增加
    virtual_ipaddress {
        192.168.132.120    
    }
   # 执行监控的服务,引用VRRP脚本,即在 vrrp_script 部分指定的名字。定期运行它们来改变优先级
    track_script {
        chk_nginx
    }
}

vrrp_instance VI_2 {
    state MASTER
    interface ens33
    virtual_router_id 52
    priority 101
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.132.121 
    }
}
#----------------------------------------------------------#
备用监控BACKUP配置
#----------------------------------------------------------#
!Configuration File for keepalived
global_defs {
   #路由id:当前安装keepalived的节点主机标识符,保证全局唯一
   router_id keep_01
   notification_email {
     qj1314520@126.com
   }
   notification_email_from root@xuad.com
   smtp_server mail.xuad.com
   smtp_connect_timeout 30
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   script_user root
   enable_script_security
}

# 检查nginx状态的脚本
vrrp_script chk_nginx {
    script "/kdata/keepalived/nginx_check.sh"   
    interval 2
    weight 3
}

vrrp_instance VI_1 {
    # 表示状态是MASTER主机还是备用机BACKUP
    state MASTER     #备份服务器上将MASTER改为BACKUP
   #这个需要根据你服务器的网卡进行选择,我这里是ens33
    interface ens33	
   # 保证主备节点一致即可
    virtual_router_id 51
    mcast_src_ip 192.168.132.132	
   # 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
    priority 100     
    # 主备之间同步检查时间间隔,单位秒
    advert_int 1
    # 认证权限密码,防止非法节点进入
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    #虚拟出来的ip,可以有多个(vip)
	#这个IP前三位最后与服务器的IP前三位相同,有多个vip可在下面继续增加
    virtual_ipaddress {
        192.168.132.120    
    }
   # 执行监控的服务,引用VRRP脚本,即在 vrrp_script 部分指定的名字。定期运行它们来改变优先级
    track_script {
        chk_nginx
    }
}
#----------------------------------------------------------#
切换到当前用户目录空间,建立一个keepalived目录,这个目录存放的是nginx是否正常启动的检测脚本
进入keepalived目录,创建nginx_check.sh文件,文件内容如下

#!/bin/bash
#version 0.0.1
#
counter=`ps -C nginx --no-header |wc -l`
# 如果没有进程值得为 0
if [ $counter -eq 0 ];then
     systemctl restart docker
      sleep 3
            if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
	  # 启动失败
	  echo "重新启动失败" >> /kdata/keepalived/logs
                  systemctl stop keepalived
	  exit 1
           else
	# 启动成功
                 echo "重新启动成功" >> /kdata/keepalived/logs
                 exit 0
           fi 
else
     # 状态正常
     echo "nginx运行正常" >> /kdata/keepalived/logs;
     exit 0
fi
# 脚本说明:当nginx进程不存在时,会自动重启docker服务,docker服务启动时会自动启动nginx容器;再次检查nginx进程,如果不存在,就停止keepalived服务,然后NGINX_BACKUP主机会自动接替NGINX_MASTER的工作。


脚本创建完成后,必须给脚本赋予可以执行的权限,这里为了方便直接给所有权限
chmod 777 nginx_check.sh

启动keepalived并查看其状态
systemctl start keepalived
systemctl status keepalived

启动keepalived服务,并开机自启
systemctl start keepalived
systemctl enable keepalived
但是查看日志
 tail -f /var/log/messages

-------------docker部署,暂时未启动成功,标注------------------------------
docker pull osixia/keepalived:2.0.20

docker run --cap-add=NET_ADMIN --cap-add=NET_BROADCAST --cap-add=NET_RAW --net=host -d osixia/keepalived:2.0.20

docker run --name keepalived  \
-v /kdata/keepalived/conf/keepalived.conf:/container/service/keepalived/assets/keepalived.conf \
-d osixia/keepalived:2.0.20 

docker run  --name keepalived01  --restart=always  \
--net mynetwork --ip 172.18.0.10 --privileged=true  \
-e TZ="Asia/Shanghai" -e "I18N_LOCALE=zh-CN"  \
-v /kdata/keepalived/keepalived.conf:/container/service/keepalived/assets/keepalived.conf \
-v /kdata/keepalived/conf/nginx_check.sh:/container/service/nginx_check.sh \
-e KEEPALIVED_VIRTUAL_IPS="#PYTHON2BASH:['192.168.132.120']" \
-e KEEPALIVED_UNICAST_PEERS="#PYTHON2BASH:['192.168.132.131','192.168.132.132','192.168.132.133']" \
-e KEEPALIVED_PRIORITY="100" \
-e KEEPALIVED_INTERFACE="ens33"  \
-e KEEPALIVED_PASSWORD="111111" \
-d osixia/keepalived:2.0.20


docker run  --name keepalived01  --restart=always  \
--rm -v /kdata/keepalived/keepalived.conf:/container/service/keepalived/assets/keepalived.conf \
-v /kdata/keepalived/conf/nginx_check.sh:/container/service/nginx_check.sh \
-d osixia/keepalived:2.0.20

service keepalived start
# 查看进程不存在,说明没有启动成功
ps -aux |grep keepalived
docker logs -f --tail=1000 keepalived01