本文的重点是Keepalived的配置,Nginx的配置就简略带过。
软件:CentOS 7.2 / Nginx 1.12.2 / Keepalived 1.3.9
ha-01:192.168.1.97
ha-02:192.168.1.98
VIP:192.168.1.99
1、安装之前首先关闭SELinux(重启后生效)
[root@ha-01 /]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2、增加防火墙规则:(192.168.1.99为虚IP)
[root@ha-01 /]# vim /etc/sysconfig/iptables
增加如下项目:
-A INPUT -d 192.168.1.99 -j ACCEPT
-A INPUT -p vrrp -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
3、安装系统常用工具:
[root@ha-01 /]# yum -y install vim tree telnet curl wget git xz unzip htop iftop lshw
4、安装代码编译的依赖包:
[root@ha-01 /]# yum -y install gcc gcc-c++ make automake autoconf
5、安装Nginx相关依赖包:
[root@ha-01 /]# yum -y install pcre* zlib* openssl*
6、安装Keepalived相关依赖包:
[root@ha-01 /]# yum -y install libnl-devel libnl3-devel libnfnetlink-devel
7、下载、安装Nginx:
[root@ha-01 /]# wget -P/usr/local/src/ http://nginx.org/download/nginx-1.12.2.tar.gz
[root@ha-01 /]# tar -xzvf /usr/local/src/nginx-1.12.2.tar.gz -C /usr/local/src/
[root@ha-01 /]# cd /usr/local/src/nginx-1.12.2
[root@ha-01 /]# ./configure --prefix=/usr/local/nginx
[root@ha-01 /]# make -j 2
[root@ha-01 /]# make install
8、启动Nginx服务:
[root@ha-01 /]# /usr/local/nginx/sbin/nginx -t
[root@ha-01 /]# /usr/local/nginx/sbin/nginx
9、下载、安装Keepalived:
[root@ha-01 /]# wget -P/usr/local/src/ http://www.keepalived.org/software/keepalived-1.3.9.tar.gz
[root@ha-01 /]# tar -xzvf /usr/local/src/keepalived-1.3.9.tar.gz -C /usr/local/src/
[root@ha-01 /]# cd /usr/local/src/keepalived-1.3.9
[root@ha-01 /]# ./configure --prefix=/usr/local/keepalived
[root@ha-01 /]# make -j 2
[root@ha-01 /]# make install
10、编辑keepalived.conf配置文件:
[root@ha-01 /]# vim /usr/local/keepalived/etc/keepalived/keepalived.conf
[Master] ha-01(192.168.1.97)
! Configuration File for keepalived master global_defs {
notification_email {
root@localhost
} notification_email_from root@localhost
smtp_server root
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
} vrrp_script chk_http_port {
script "/usr/local/keepalived/etc/keepalived/chk_http_port.sh"
interval 2
weight -10
fall 2
rise 1
} vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.131
} track_script {
chk_http_port
}
}
[Backup] ha-02(192.168.1.98)
! Configuration File for keepalived slave global_defs {
notification_email {
root@localhost
} notification_email_from root@localhost
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
} vrrp_script chk_http_port {
script "/usr/local/keepalived/etc/keepalived/chk_http_port.sh"
interval 2
weight -10
fall 2
rise 1
} vrrp_instance VI_1 {
state BACKUP
interface eno16777736
virtual_router_id 51
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.99
} track_script {
chk_http_port
}
}
11、编辑Nginx服务监控脚本:
[root@ha-01 /]# vim /usr/local/keepalived/etc/keepalived/chk_http_port.sh
[root@ha-01 /]# chmod +x /usr/local/keepalived/etc/keepalived/chk_http_port.sh
#!/bin/bash count=0
for (( k=0; k<2; k++ ))
do
check_code=$( curl --connect-timeout 3 -sL -w "%{http_code}\\n" http://localhost/ -o /dev/null )
if [ "$check_code" != "200" ]; then
count=$(expr $count + 1)
sleep 3
continue
else
count=0
break
fi
done if [ "$count" != "0" ]; then
systemctl stop keepalived
exit 1
else
exit 0
fi
12、编辑keepalived系统启动配置文件:
[root@ha-01 /]# vim /usr/local/keepalived/etc/sysconfig/keepalived
修改:
KEEPALIVED_OPTIONS="-D"
为:
KEEPALIVED_OPTIONS="-f /usr/local/keepalived/etc/keepalived/keepalived.conf -D -d -S 0"
13、修改keepalived日志文件路径:
[root@ha-01 /]# vim /etc/rsyslog.conf
添加如下项目:
#keepalived -S 0
local0.*/usr/local/keepalived/etc/keepalived/keepalived.log
重启rsyslog服务:
[root@ha-01 /]# systemctl restart rsyslog
14、拷贝keepalived启动文件至系统启动目录:
[root@ha-01 /]# cp /usr/local/src/keepalived-1.3.9/keepalived/etc/init.d/keepalived /etc/init.d/
15、编辑keepalived启动文件:
[root@ha-01 /]# vim /etc/init.d/keepalived
修改:
. /etc/sysconfig/keepalived
为:
. /usr/local/keepalived/etc/sysconfig/keepalived 并增加keepalived可执行文件至系统环境:
PATH="$PATH:/usr/local/keepalived/sbin"
export PATH
16、启动keepalived服务:
[root@ha-01 /]# systemctl enable keepalived
[root@ha-01 /]# systemctl start keepalived
17、查看keepalived进程:
[root@ha-01 /]# ps -ef | grep "keepalived"
[THE END]