一、资源准备:
| 序号 | 主机名 | 公网 IP | 虚拟 VIP | |
|---|---|---|---|---|
| 1 | LB01 | 121.40.33.77【MASTER】 | 192.168.1.161 | |
| 2 | LB02 | 120.26.223.87【BACKUP】 | 192.168.1.161 | |
| 3 | web01 | 121.196.247.56 | / | |
| 4 | web02 | 120.55.242.145 | / |
二、Keepalived概念
1、解决单点故障
2 、组件免费
3、 可用实现高可用HA机制
4、 基于VRRP 协议
三、离线安装 Keepalived(三、四提供在线可选)
3.1 安装 keepalived(LB01,LB02 执行)
(1)下载地址: https://www.keepalived.org/software/keepalived-2.0.18.tar.gz
(2) 解压
tar -zxvf keepalived-2.0.18.tar.gz
(3)解压后进入到解压出来的目录,看到会有 configure ,那么就可用做配置了(配置安装和nginx一模一样)
(4)使用 configure 命令配置安装目录与核心配置文件所在位置
./configure --prefix=/usr/local/keepalived --sysconf=/etc
- prefix:keepalived安装的位置
- sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置keepalived启动不了,/var/log/messages中会报错
- a) 配置过程中可能会出现警告信息,如下所示
- *** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
yum -y install libnl libnl-devel
- configure: error: no acceptable C compiler found in $PATH
sudo yum install gcc-c++ -y
- ./configure报错:OpenSSL is not properly installed on your system
yum -y install openssl-devel
-
如果是没yum,则需要使用rpm来安装:
-
rpm包可以在这个网站找,根据自己的系统选择: https://pkgs.org/download/openssl-devel
-
b) 重新configure 一下,此时OK
./configure --prefix=/usr/local/keepalived --sysconf=/etc
(5) 安装keepalived
make && make install
(6) 进入到 /etc/keepalived,该目录下为keepalived核心配置文件
[root@lb-01 ~]# cd /etc/keepalived/
[root@lb-01 keepalived]# ll
-rw-r--r-- 1 root root 610 Mar 7 11:33 keepalived.conf
3.2 配置 Keepalived - 主
1、通过命令 vim /ect/keepalived/keepalived.conf 打开配置文件
global_defs {
# 路由id:当前安装keepalived的节点主机标识符,保证全局唯一
router_id NODEA
}
vrrp_instance VI_1 {
state MASTER # 表示状态是MASTER主机还是备用机BACKUP
interface ens33 # 该实例绑定的网卡
virtual_router_id 51 #主、备必须一样
priority 100 # 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
advert_int 2 # 主备之间同步检查时间间隔,单位秒
authentication {
auth_type PASS # 认证权限密码,防止非法节点进入
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161 # 虚拟出来的ip,可以有多个(vip)
}
}
附:查看网卡名称
ip addr
2、建立软链接
sudo ln -s /usr/local/keepalived/sbin/keepalived /sbin/
sudo ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
sudo ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
sudo keepalived -D -f /usr/local/keepalived/etc/keepalived/keepalived.conf
3、启动
sudo keepalived -D -f /usr/local/keepalived/etc/keepalived/keepalived.conf
4、关闭
sudo killall keepalived
3.3 配置 Keepalived - 备
- 通过命令 vim /ect/keepalived/keepalived.conf 打开配置文件
global_defs {
router_id NODEB
}
vrrp_instance VI_1 {
# 备用机设置为BACKUP
state BACKUP
interface ens33
virtual_router_id 51
priority 80 # 权重低于MASTER
advert_int 2
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161 # 注意:主备两台的vip都是一样的,绑定到同一个vip
}
}
3.4 主备对比图,左LB01为主,右LB02为备
四、在线安装 Keepalived (三、四可选)
安装Keepalived
yum -y install keepalived
配置Keepalived服务
vim /etc/keepalived/keepalived.con
启动停止
systemctl stop keepalived
systemctl start keepalived
systemctl enable keepalived
四、安装 NGINX
| 序号 | 主机名 | 公网 IP | 虚拟 VIP | |
|---|---|---|---|---|
| 1 | LB01 | 121.40.33.77【MASTER】 | 192.168.1.161 | |
| 2 | LB02 | 120.26.223.87【BACKUP】 | 192.168.1.161 | |
| 3 | web01 | 121.196.247.56 | / | |
| 4 | web02 | 120.55.242.145 | / |
- 所有节点,进行如下安装:
//关闭并禁用防火墙
systemctl stop firewalld
systemctl disable firewalld
//关闭selinux
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
setenforce 0
//安装nginx
yum -y install nginx
//若提示,无安装包,则需要安装epel扩展源:
yum -y install epel-release
4.1 修改LB01 节点网站根目录默认文件
echo "<h1>LB01 121.40.33.77</h1>" > /usr/share/nginx/html/index.html
4.2 修改LB02 节点网站根目录默认文件
echo "<h1>LB02 120.26.223.87</h1>" > /usr/share/nginx/html/index.html
4.3 修改web01节点网站根目录默认文件
echo "<h1>web01 121.196.247.56</h1>" > /usr/share/nginx/html/index.html
4.4 修改web02节点网站根目录默认文件
echo "<h1>web02 120.55.242.145</h1>" > /usr/share/nginx/html/index.html
4.5 启动 nginx 服务(web01/web02)
systemctl start nginx
systemctl enable nginx
4.6 配置 LB01/LB02 服务器 nginx.conf
- 配置nginx反向代理服务,指向 web01、web02
编辑nginx主配置文件:vi /etc/nginx/nginx.conf
upstream server_pools {
server 121.196.247.56:80;
server 120.55.242.145:80;
}
server {
listen 80;
listen [::]:80;
server_name www.test.com;
# root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://server_pools;
}
4.7 配置 LB01/LB02 域名解析
Keepalived的虚拟VIP,与 nginx.conf 文件中 www.test.com 绑定
echo "192.168.1.161 www.test.com" >> /etc/hosts
4.8 启动 nginx(LB01/LB02)
systemctl start nginx
systemctl enable nginx
4.9 测试
-
打开 C:\Windows\System32\drivers\etc\hosts
-
末尾添加:192.168.1.161 www.test.com
-
注意:这里的IP指的是 keepalived 生成的虚拟VIP,即客户端通过VIP访问 web 业务浏览器,www.test.com域名指向LB01、LB02中server_name,并 upstream 到 web01、web02 业务浏览器
六、配置 Keepalived双主热备
规则:以一个虚拟ip分组归为同一路由
- 主节点 vim /ect/keepalived/keepalived.conf
global_defs {
router_id keep_171
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.162
}
}
- 备用节点 vim /ect/keepalived/keepalived.conf
global_defs {
router_id keep_172
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.162
}
}