大数据全系列 教程
1869个小节阅读:464.8k
JAVA全系列 教程
面向对象的程序设计语言
Python全系列 教程
Python3.x版本,未来主流的版本
人工智能 教程
顺势而为,AI创新未来
大厂算法 教程
算法,程序员自我提升必经之路
C++ 教程
一门通用计算机编程语言
微服务 教程
目前业界流行的框架组合
web前端全系列 教程
通向WEB技术世界的钥匙
大数据全系列 教程
站在云端操控万千数据
AIGC全能工具班
A A
White Night
规划:node1和node5作为负载均衡服务器,node2上的tomcat1和tomcat2还是RS服务器。
修改node2的tomcat1和tomcat2上的index.jps,去掉样式和图片,去掉动静分离的干扰。
tomcat1的index.jsp
xxxxxxxxxx
from 192.168.20.102:8080 tomcat1
tomcat2上的index.jsp
xxxxxxxxxx
from 192.168.20.102:9090 tomcat2
xxxxxxxxxx
upstream rss {
server 192.168.20.102:8080;
server 192.168.20.102:9090;
}
server { # check_nginx.sh脚本执行时使用
listen 80;
server_name localhost;
location / {
root html;
}
}
server {
listen 80;
server_name 192.168.20.200;
location / {
proxy_pass http://rss/;
}
}
xxxxxxxxxx
[root@node1 ~]# cd /usr/local/nginx/conf/
[root@node1 conf]# scp nginx.conf 192.168.20.105:`pwd`
xxxxxxxxxx
#通过访问check.html页面来检查nginx是否宕机
url="http://127.0.0.1/check.html"
code=`curl -s -o /dev/null -w %{http_code} $url`
#通过判断相应编码是否是200来确定nginx宕机
if [ $code -ne 200 ];then
sleep 1
code=`curl -s -o /dev/null -w %{http_code} $url`
if [ $code -ne 200 ];then
#确定nginx是宕机,关闭本机的keepalived
systemctl stop keepalived
fi
fi
xxxxxxxxxx
scp /home/check_nginx.sh node5:/home
xxxxxxxxxx
[root@node1 home]# cd /usr/local/nginx/html
[root@node1 html]# vim check.html
check nginx
xxxxxxxxxx
[root@node1 html]# scp check_nginx.sh 192.168.20.105:/home/
分别在node1和node5上的/usr/local/nginx/html目录下创建一个check.html
xxxxxxxxxx
[root@node1 home]# cd /usr/local/nginx/html/
[root@node1 html]# pwd
/usr/local/nginx/html
[root@node1 html]# vim check.html
check nginx
分别在node1上和node5上测试check_nginx.sh是否可以正确的检查出nginx是否宕机:
xxxxxxxxxx
[root@node1 ~]# sh -x /home/check_nginx.sh
+ url=http://127.0.0.1/check.html
++ curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1/check.html
+ code=200
+ '[' 200 -ne 200 ']'
以上提示表示nginx正常提供服务。
xxxxxxxxxx
[root@nginx1 ~]# sh -x /home/check_nginx.sh
+ url=http://127.0.0.1/check.html
++ curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1/check.html
+ code=404 或 502 或 ... 非200的值
+ '[' 502 -ne 200 ']'
以上提示表示nginx已经宕机了。
xxxxxxxxxx
[root@node1 ~]# yum install keepalived -y
[root@node5 ~]# yum install keepalived -y
如果某项不记得如何配置,可以新开一个终端,通过man keepalived.conf命令进行查看配置说明
xxxxxxxxxx
global_defs {
#配置接收邮件的邮箱地址,指定keepalived在发生切换时需要发送email到的邮箱地址,一行一个
notification_email {
com .
}
notification_email_from keepmanager .com #指定发件人
smtp_server 192.168.20.1 #指定邮件smtp服务器的地址
smtp_connect_timeout 30 #指定smtp连接的超时时间
router_id node1 #运行keepalived机器的一个标识
}
#手动定义一个检查机制
vrrp_script chk_nginx {
script "/home/check_nginx.sh"
interval 2#每隔2秒检查一次
weight -20
}
vrrp_instance VI_1 {
#指定实例的初始化状态,两台路由器都启动后,马上会发生竞选。priority优先级高的被选为Master
#这里的MASTER并不能代表当前实例一直未MASTER
state MASTER
interface ens33 #实例绑定的网卡设备
virtual_router_id 101#VRID的标记(0-255)
priority 100#优先级 该值高的实例优先竞选为MASTER,低的为BACKUP
advert_int 1 #检查间隔,默认为1s
#认证的设置
authentication {
auth_type PASS#认证的方式 PASS 或AH
auth_pass 1111 # 认证的密码
}
#指定虚拟ip地址,也是VIP
virtual_ipaddress {
192.168.20.200/24 dev ens33 label ens33:3
}
track_script {
chk_nginx #调用上面定义好检测
}
}
3.将配置文件远程拷贝到node5上一份
xxxxxxxxxx
[root@node1 ~]# scp /etc/keepalived/keepalived.conf root@192.168.20.105:/etc/keepalived/
root@192.168.20.105's password:
keepalived.conf 100% 1434 926.0KB/s 00:00
4.去node5上修改keepalived.conf文件
xxxxxxxxxx
router_id node5
....
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 105
priority 90
……
}
5.node1上启动keepalived
xxxxxxxxxx
[root@node1 keepalived]# systemctl start keepalived
[root@node1 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2021-09-01 18:10:50 CST; 26s ago
Process: 14753 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 14754 (keepalived)
Tasks: 2 (limit: 4911)
Memory: 5.4M
CGroup: /system.slice/keepalived.service
├─14754 /usr/sbin/keepalived -D
└─14755 /usr/sbin/keepalived -D
8月 04 18:10:54 node0 Keepalived_vrrp[14755]: Sending gratuitous ARP on ens33 for 192.168.20.200
6.node1上检查
xxxxxxxxxx
[root@node1 keepalived]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
......
ens33:3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.20.200 netmask 255.255.255.0 broadcast 0.0.0.0
ether 00:0c:29:01:4c:80 txqueuelen 1000 (Ethernet)
浏览器访问测试:http://192.168.20.200,并不断刷新,网页显示结果在8080和9090之间切换。
7.node5上启动keepalived
xxxxxxxxxx
[root@node5 keepalived]# systemctl start keepalived
[root@node5 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since 三 2021-09-01 12:19:18 CST; 6s ago
Process: 9666 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 9667 (keepalived)
CGroup: /system.slice/keepalived.service
├─9667 /usr/sbin/keepalived -D
├─9668 /usr/sbin/keepalived -D
└─9669 /usr/sbin/keepalived -D
9月 01 12:19:18 node5 Keepalived_vrrp[9669]: VRRP_Script(chk_nginx) succeeded
9月 01 12:19:21 node5 Keepalived_vrrp[9669]: VRRP_Instance(VI_1) Transition to MASTER STATE
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: VRRP_Instance(VI_1) Entering MASTER STATE
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: VRRP_Instance(VI_1) setting protocol VIPs.
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: Sending gratuitous ARP on ens33 for 192.168.20.200
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.20.200
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: Sending gratuitous ARP on ens33 for 192.168.20.200
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: Sending gratuitous ARP on ens33 for 192.168.20.200
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: Sending gratuitous ARP on ens33 for 192.168.20.200
9月 01 12:19:22 node5 Keepalived_vrrp[9669]: Sending gratuitous ARP on ens33 for 192.168.20.200
8.node5上检查,没有启动ens:3的网卡 ??? 为何也有?
xxxxxxxxxx
[root@node5 keepalived]# ifconfig
……
9.将node1上的nginx down掉并测试
xxxxxxxxxx
[root@node1 keepalived]# systemctl stop nginx
[root@node1 keepalived]# ifconfig
node5上查看,
xxxxxxxxxx
[root@node5 keepalived]# ifconfig
10.将node1上的nginx和keepalived起来并测试
xxxxxxxxxx
[root@node1 keepalived]# systemctl start nginx
[root@node1 keepalived]# systemctl start keepalived
node1上查看,
xxxxxxxxxx
[root@node1 keepalived]# ifconfig
[root@node1 ~]# ps aux |grep keepalived
关闭Nginx的时候,keepalived不能被关闭,出现如下错误提示(/var/log/messages):
xxxxxxxxxx
Aug 9 12:46:02 node3 setroubleshoot[34963]: failed to retrieve rpm info for /home/check_nginx.sh
Aug 9 12:46:02 node3 setroubleshoot[34963]: SELinux is preventing keepalived from getattr access on the file /home/check_nginx.sh. For complete SELinux messages run: sealert -l e024cc7f-9ba2-41fd-acb1-6c0e12ed25f9
检查SELinux子系统是否启动:
xxxxxxxxxx
[root@node5 ~]# getenforce
Enforcing #表示正在启用
[root@node5 ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing #在启用
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 31
临时关闭SELinux:
xxxxxxxxxx
[root@node5 ~]# setenforce 0
[root@node5 ~]# getenforce
Permissive #说明临时关闭成功
重启系统后,临时关闭将失效。所以需要再次进行永久关闭:
xxxxxxxxxx
[root@node5 ~]# vim /etc/selinux/config
SELINUX=disabled #默认值是enforcing
重启keepalived,再次查看/var/log/messages,不再出现之前bug。