当前位置:首页 > 系统 > nginx keepalived双网卡双网段热备配置

nginx keepalived双网卡双网段热备配置

系统4周前 (08-23)

nginx keepalived双网卡双网段热备配置

环境介绍

【web1】

ens33:192.168.3.220  ens37:172.16.1.220

【web2】

ens33:192.168.3.230  ens37:172.16.1.230

【VIP】

vip1:192.168.3.240   vip2:172.16.1.240


修改计算机名

hostnamectl --static set-hostname web1 && su
hostnamectl --static set-hostname web2 && su


关闭selinux和firewalld

setenforce 0 && sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
systemctl stop firewalld && systemctl disable firewalld && systemctl status firewalld


更换源

mv /etc/yum.repos.d/* /tmp && curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo && yum makecache


安装nginx和keepalived

rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install nginx keepalived -y 
systemctl restart nginx && systemctl enable nginx


生成测试页面

echo 'web1-192.168.3.220' > /usr/share/nginx/html/index.html
echo 'web2-192.168.3.230' > /usr/share/nginx/html/index.html


添加nginx检测脚本

检测nginx进程是否存在,若不存在则重启,若重启失败则直接杀掉keepalived进程触发切换

vim /etc/keepalived/nginx_check.sh
添加
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
      /usr/local/nginx/sbin/nginx
      if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
      pkill keep
      fi
fi

执行chmod u+x /etc/keepalived/nginx_check.sh


web1修改keepalived配置

mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vim /etc/keepalived/keepalived.conf
添加
global_defs {
  router_id nginx1
 }

vrrp_script chk_nginx {
        script "/etc/keepalived/nginx_check.sh"
        interval 2
        weight 20
		fall 1
		rise 10
}

vrrp_instance VI_NGINX_1 {
   state MASTER
   interface ens33
   virtual_router_id 51
   priority  100
   advert_int 1
   authentication {
       auth_type PASS
       auth_pass ikingtech
   }

   virtual_ipaddress {
       192.168.3.240
   }
   track_script {
        chk_nginx
    }
}

vrrp_instance VI_NGINX_2 {
   state BACKUP
   interface ens37
   virtual_router_id 52
   priority  90
   advert_int 1
   authentication {
       auth_type PASS
       auth_pass ikingtech
   }
   
   virtual_ipaddress {
       172.16.1.240
   }
   
   track_script {
        chk_nginx
    }
}

#执行systemctl enable keepalived && systemctl start keepalived && systemctl status keepalived

nginx keepalived双网卡双网段热备配置

web2修改keepalived配置

mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vim /etc/keepalived/keepalived.conf
添加
global_defs {
  router_id nginx2
 }

vrrp_script chk_nginx {
  script "/etc/keepalived/nginx_check.sh"
  interval 2
  weight 20
  fall 2
  rise 1
}

vrrp_instance VI_NGINX_1 {
   state BACKUP
   interface ens33
   virtual_router_id 51
   priority  90
   advert_int 1
   authentication {
       auth_type PASS
       auth_pass ikingtech
   }

   virtual_ipaddress {
       192.168.3.240
   }
   
   track_script {
        chk_nginx
    }
}

vrrp_instance VI_NGINX_2 {
   state MASTER
   interface ens37
   virtual_router_id 52
   priority  100
   advert_int 1
   authentication {
       auth_type PASS
       auth_pass ikingtech
   }

   virtual_ipaddress {
       172.16.1.240
   }
   track_script {
        chk_nginx
    }
}

#执行systemctl enable keepalived && systemctl start keepalived && systemctl status keepalived

nginx keepalived双网卡双网段热备配置


测试

搭建好后,正常状态应该为web1负责vip1,web2负责vip2

nginx keepalived双网卡双网段热备配置   nginx keepalived双网卡双网段热备配置


现在将web1关闭web1上的keepalived,触发切换

pkill keep
ps -ef|grep keep

nginx keepalived双网卡双网段热备配置

web1已经将keepailved进程杀死,检查ip已经看不到任何vip


测试访问vip1和vip2,发现web2已经全部接管vip

nginx keepalived双网卡双网段热备配置   nginx keepalived双网卡双网段热备配置


如果nginx为docker模式

[IP规划]nginx1为master nginx2为backup

业务网

nginx1:192.168.0.20
nginx2:192.168.0.21
nginx vip:192.168.0.30

局域网

nginx1:10.211.131.20
nginx2:10.211.131.21
nginx vip:10.211.131.30



[解决双网卡双网关问题]

vim /etc/rc.d/rc.local
route add -net 10.211.131.0 netmask 255.255.255.0 dev ens224
route add -net 10.211.131.0 netmask 255.255.255.0 gw 10.211.131.254
chmod +x /etc/rc.d/rc.local


[换源]

mv /etc/yum.repos.d/* /tmp && curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo && yum makecache
yum install open-vm-tools wget vim tree -y


[系统配置]

节点1
hostnamectl --static set-hostname nginx1 && su
节点2
hostnamectl --static set-hostname nginx1 && su

systemctl start firewalld && systemctl status firewalld

节点1
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.21" protocol value="vrrp" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="10.211.131.21" protocol value="vrrp" accept"
firewall-cmd --reload
节点2
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.20" protocol value="vrrp" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="10.211.131.20" protocol value="vrrp" accept"
firewall-cmd --reload


[nginx配置]

docker pull nginx
docker run --name nginx-container -d nginx:latest
mkdir -p /home/docker/nginx/conf
docker cp nginx-container:/etc/nginx/nginx.conf /home/docker/nginx/conf
docker rm -f nginx-container

vim /root/docker_nginx.sh
添加
#!/bin/bash
docker run --name nginx --restart=always -p 80:80 \
    -v /home/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf:ro \
    -v /home/docker/nginx/conf/conf.d:/etc/nginx/conf.d \
    -v /home/docker/nginx/html:/usr/share/nginx/html \
    -v /home/docker/nginx/logs:/var/log/nginx \
    -d nginx:latest

执行chmod +x docker_nginx.sh    
systemctl restart docker && sh /root/docker_nginx.sh
#如果挂载错误,删除容器后重新执行运行
#docker container rm nginx
#docker container ls -all

节点1
echo 'web1-192.168.0.20' > /home/docker/nginx/html/index.html
节点2
echo 'web2-192.168.0.21' > /home/docker/nginx/html/index.html

vim /home/docker/nginx/conf/nginx.conf
添加
server {
        listen       80;
        server_name  localhosttest.com;
        root         /usr/share/nginx/html;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        location / {
           # root   html;
            index  index.html index.htm;
        }
        error_page  404              /404.html;
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            #root   html;
        }
        }
执行docker restart nginx
#docker exec -it nginx bash


[安装keepalived]

yum install keepalived -y
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vim /etc/keepalived/nginx_pid.sh
添加
#!/bin/bash
A=`docker inspect --format '{{.State.Running}}' nginx`
if [ "${A}" != "true" ]; then
     docker restart nginx
      sleep 3
            if [ `docker inspect --format '{{.State.Running}}' nginx` != "true" ]; then
                  systemctl stop keepalived
fi 
fi
执行chmod +x /etc/keepalived/nginx_pid.sh

节点1
vim /etc/keepalived/keepalived.conf
改为
global_defs {
   router_id nginx1
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_pid.sh"
    interval 2
    weight 20
}

vrrp_instance VI_NGINX_1 {
    state MASTER
    interface ens192
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass ikingtech
    }
    virtual_ipaddress {
        192.168.0.30
    }
    track_script {
        chk_nginx
    }
}

vrrp_instance VI_NGINX_2 {
    state MASTER
    interface ens224
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass ikingtech
    }
    virtual_ipaddress {
        10.221.131.30
    }
    track_script {
        chk_nginx
    }
}

节点2
global_defs {
   router_id nginx2
   }

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_pid.sh"
    interval 2
    weight 20
}

vrrp_instance VI_NGINX_1 {
    state BACKUP
    interface ens192
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass ikingtech
    }
    virtual_ipaddress {
        192.168.0.30
    }
    track_script {
        chk_nginx
    }
}

vrrp_instance VI_NGINX_2 {
    state BACKUP
    interface ens224
    virtual_router_id 52
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass ikingtech
    }
    virtual_ipaddress {
        10.221.131.30
    }
    track_script {
        chk_nginx
    }
}

执行systemctl enable keepalived && systemctl start keepalived && systemctl status keepalived


[测试]

docker stop nginx


本站所有文章均可随意转载,转载时请保留原文链接及作者。

本文链接:https://www.vos.cn/os/503.html

相关文章

Centos 7切换阿里源并安装EPEL/IUS/REMI仓库

Centos 7切换阿里源并安装EPEL/IUS/REMI仓库

切换国内源cd /etc/yum.repo.d/mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-...

fedora23升级24

fedora23升级24

准备跨版本升级fedora23到24,先在su下安装跨版本升级插件dnf install dnf-plugin-system-upgrade然后输入需要升级的系统版本dnf&nbs...

CentOS7安装SmartDNS

CentOS7安装SmartDNS

SmartDNS是一个运行在本地的DNS服务器,SmartDNS接受本地客户端的DNS查询请求,从多个上游DNS服务器获取DNS查询结果,并将访问速度最快的结果返回给客户端,提高网络访问速度。 同时支...

win10无法安装字体文件 提示不是有效的字体文件

win10无法安装字体文件 提示不是有效的字体文件

前天把笔记本上的WIN7拆掉换为WIN10 10240,但是在安装字体文件的时候提示不是有效的字体文件。论坛上问也没有任何实质的效果,google、百度一番也没有搜到,直到今天下午突然搜到也许是服务里...

安装VMware PhotonOS 4

安装VMware PhotonOS 4

PhotonOS是VMware的Container Host系统,PhotonOS可以直接部署在vSphere平台上,使得系统可以去除大量不必要的硬件驱动,让系统变得十分精简高效,以下将对Photon...

Fedora 24 Grub2修复Win 7启动

Fedora 24 Grub2修复Win 7启动

首先查看Win7在磁盘中的UUID号,看到/dev/sda1中的,复制下来在/boot/grub2/grub.cfg添加以下语句osprpber-chain-添加UUID...