立Flag 学习Ng - 高可用配置
- keepalived高可用配置
keepalived高可用配置
nginx解决tomcat高可用的思路,是前面加一层负载服务nginx。那当ng挂掉的时候同样需要高可用的方式来处理,如果继续采用ng前面加一层负载或者代理会出现套娃的情况。那么如何解决呢?
可以使用keepalived来解决。
keepalived的思路,由 2台服务器软件虚拟出来一台 虚拟网关vip,此vip由两台机器共同协商生成。当有一台机器宕机时,另一台机器一样能维持vip。这保证了,只要两台机器不同时宕机,vip就存在
keepalived下载地址:http://www.keepalived.org/download.html
## 安装
# 下载
> wget http://www.keepalived.org/software/keepalived-1.4.2.tar.gz
# 解压
> tar zxvf keepalived-1.4.2.tar.gz
# 安装依赖插件
> yum install -y gcc openssl-devel popt-devel
> cd keepalived-1.4.2
# 配置环境变量
> ./configure --prefix=/usr/local/keepalived
# 编译安装
> make && make install
# 配置
> cp /usr/local/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/
> mkdir /etc/keepalived
> cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
> cp /usr/local/keepalived-1.4.2/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
> cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
# 命令查看网卡用于下面文配置中使用网卡
> ip addr
## 修改配置文件
vim /etc/keepalived/keepalived.conf
# master 配置
! Configuration File for keepalived
global_defs {
#一个没重复的名字即可
router_id xxoo_master
}
# 检测nginx是否运行
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
# 此处不设置为MASTER,通过priority来竞争master
state BACKUP
# 网卡名字
interface enp0s3
# 同一个keepalived集群的virtual_router_id相同
virtual_router_id 51
# 权重,master要大于slave
priority 100
# 主备通讯时间间隔
advert_int 1
# 如果两节点的上联交换机禁用了组播,则采用vrrp单播通告的方式
# 本机ip
unicast_src_ip 192.168.0.182
unicast_peer {
# 其他机器ip
192.168.0.189
}
# 设置nopreempt防止抢占资源
nopreempt
# 主备保持一致
authentication {
auth_type PASS
auth_pass 1111
}
# 与上方nginx运行状况检测呼应
track_script {
chk_nginx
}
virtual_ipaddress {
# 虚拟ip地址(VIP,一个尚未占用的内网ip即可)
192.168.0.180
}
}
## slave配置
! Configuration File for keepalived
global_defs {
#一个没重复的名字即可
router_id xxoo_slave
}
# 检测nginx是否运行
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
# 此处不设置为MASTER,通过priority来竞争master
state BACKUP
# 网卡名字
interface enp0s3
# 同一个keepalived集群的virtual_router_id相同
virtual_router_id 51
# 权重,master要大于slave
priority 90
# 主备通讯时间间隔
advert_int 1
# 如果两节点的上联交换机禁用了组播,则采用vrrp单播通告的方式
# 本机ip
unicast_src_ip 192.168.0.189
unicast_peer {
# 其他机器ip
192.168.0.182
}
# 设置nopreempt防止抢占资源
nopreempt
# 主备保持一致
authentication {
auth_type PASS
auth_pass 1111
}
# 与上方nginx运行状况检测呼应
track_script {
chk_nginx
}
virtual_ipaddress {
# 虚拟ip地址(VIP,一个尚未占用的内网ip即可)
192.168.0.180
}
}
# nginx_check.sh 脚本
> vim /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
#重启nginx
/usr/local/nginx/sbin/nginx
#nginx重启失败,则停掉keepalived服务,进行VIP转移
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
#杀掉,vip就漫游到另一台机器
killall keepalived
fi
fi
# 启动keepalived
# 执行安装目录/sbin 下 ./keepalived 或者 service keepalived start
> service keepalived start
# 配置开机自启动 (可选)
> systemctl enable keepalived
# 查看网卡观察变化
> ip addr
### 防止出现脑裂现象(未验证)
# 指定keepalived配置的网卡:enp0s3(这个看配置中选择的网卡),固定的VRRP广播地址:xxx.x.x.xxx
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s3 --destination xxx.x.x.xxx --protocol vrrp -j ACCEPT
firewall-cmd --direct --permanent --add-rule ipv4 filter OUTPUT 0 --out-interface enp0s3 --destination xxx.x.x.xxx --protocol vrrp -j ACCEPT
firewall-cmd --reload
# 查看配置的规则
firewall-cmd --direct --get-rules ipv4 filter INPUT
firewall-cmd --direct --get-rules ipv4 filter OUTPUT
flag 完成。 虽然离立Flag的时间超过了一周,不过学习时间还是差不多一周的(手动狗头)。
以后如果遇到其他需要补充的内容再继续来补充吧
封面图(侵权删)
本文暂时没有评论,来添加一个吧(●'◡'●)