【 Keepalived 】Nginx or Http 主-备模式

一、主-备模式：

　　操作系统：centos 6.4 x64

　　ka1: 192.168.2.10

　　ka2: 192.168.2.11

　　vip: 192.168.2.200

ka1-master服务器配置

[ka1 root@192.168.2.10 ~]#yum install  httpd keepalived -y　　　　# 这里使用apache代替nginx，效果是一样的，然后直接yum安装keepalived
[ka1 root@192.168.2.10 ~]#sed -i 's@#ServerName www.example.com:80@ServerName localhost:80@g' /etc/httpd/conf/httpd.conf 
[ka1 root@192.168.2.10 ~]#service httpd start　　# 启动httpd
正在启动 httpd：                                           [确定]
[ka1 root@192.168.2.10 ~]#echo "192.168.2.10" >> /var/www/html/index.html　　# 添加测试页面
[ka1 root@192.168.2.10 ~]#curl -I 192.168.2.10　　# 测试访问http header 返回是否正常。这里为200 正常。
HTTP/1.1 200 OK
Date: Sun, 06 Dec 2015 11:16:10 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Dec 2015 11:15:55 GMT
ETag: "5ff81-d-52638dd3bc5ea"
Accept-Ranges: bytes
Content-Length: 13
Connection: close
Content-Type: text/html; charset=UTF-8
[ka1 root@192.168.2.10 ~]#cd /etc/keepalived/
[ka1 root@192.168.2.10 /etc/keepalived]#ls
keepalived.conf
[ka1 root@192.168.2.10 /etc/keepalived]#cp -a keepalived.conf keepalived.conf_bak　　# 编写配置前一定要备份。
[ka1 root@192.168.2.10 /etc/keepalived]#vim keepalived.conf　　# keepalived配置如下：
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost　　　　# 故障发生时给谁发邮件通知。这里使用root用户发送给本机
   }
   notification_email_from root@localhost　　# 通知邮件从哪个地址发出
   smtp_server localhost　　# 通知邮件的smtp地址。
   smtp_connect_timeout 30　　# 连接smtp服务器的超时时间。
   router_id NodeA　　# 标识本节点的字条串，通常为hostname，但不一定非得是hostname。故障发生时，邮件通知会用到。
}

vrrp_script check_nginx {　　　　# 创建健康检测脚本
   script "/etc/keepalived/bash/check_nginx.sh"　　# 脚本具体位置，这里注意：脚本是一定要有执行权限的。
   interval 5　　# 脚本运行间隔
   weight -10　　# 如果脚本执行失败，vrrp_instance的优先级会减少10个点。
}

vrrp_instance VI_1 {　　# 用来定义对外提供服务的VIP区域及其相关属性。
    state MASTER　　# 可以是MASTER或BACKUP，不过当其他节点keepalived启动时会将priority比较大的节点选举为MASTER，因此该项其实没有实质用途。
    interface eth0　　# 节点固有IP（非VIP）的网卡，用来发VRRP包。该网卡应该为vip绑定的网卡
    virtual_router_id 51　　# 取值在0-255之间，用来区分多个instance的VRRP组播。注意： 同一网段中virtual_router_id的值不能重复，否则会出错，相关错误信息如下。
    priority 100　　# 用来选举master的，要成为master，那么这个选项的值最好高于其他机器50个点，该项取值范围是1-255（在此范围之外会被识别成默认值100）。
    advert_int 1　　# 发VRRP包的时间间隔，即多久进行一次master选举（可以认为是健康查检时间间隔）。
    authentication {　　# 认证区域，认证类型有PASS和HA（IPSEC），推荐使用PASS（密码只识别前8位）。
        auth_type PASS
        auth_pass 1111
    }
    track_script {　　# 在VI_1区域使用上面定义的check_nginx进行健康检测
        check_nginx
    }
    virtual_ipaddress {　　# vip，不解释了。注意：这里设置VIP的时候一定要把掩码带上。
        192.168.2.200/24
    }
}

以上红色部分为修改内容部分。


[ka1 root@192.168.2.10 /etc/keepalived]#mkdir bash　　
[ka1 root@192.168.2.10 /etc/keepalived/bash]#vim check_nginx.sh　　# 编写脚本，内容如下，很简单，这里不多做解释。
#!/bin/bash

pidfile=/var/lock/subsys/`basename $0`.pid
if [ -f $pidfile ] && [ -e /proc/`cat $pidfile` ] ; then
    exit 1
fi
trap "rm -rf $pidfile ; exit 0" 1 2 3 15
echo $$ > $pidfile
maxfails=3
fails=0
success=0

while [ 1 ]
do

    /usr/bin/wget --timeout=3 --tries=1 http://192.168.2.10/ -q -O /dev/null && ping -c1 192.168.2.1 &> /dev/null
    if [ $? -ne 0 ] ; then
        let fails=$[$fails+1]
        success=0
    else
        fails=0
        let success=$[$success+1]
    fi

    if [ $fails -ge $maxfails ] ; then
        fails=0
        success=0
        #check keepalived is running ? try to stop it
        /etc/init.d/keepalived status | grep running
        if [ $? -eq 0 ] ; then
            /bin/logger -is "local service fails $maxfails times ... try to stop keepalived."
            /etc/init.d/keepalived stop 2>&1 | /bin/logger
        fi

    fi

    if [ $success -gt $maxfails ] ; then
        #check keepalived is stopped ? try to start it
        /etc/init.d/keepalived status | grep 已停　　　　# 脚本中这里要注意，如果系统是英文安装的为 grep stopped 如果是中文为 grep 已停
        if [ $? -eq 0 ] ; then
            logger -is "service changes normal, try to start keepalived ."
            /etc/init.d/keepalived start
        fi
        success=0
    fi
    sleep 3

done

[ka1 root@192.168.2.10 /etc/keepalived/bash]#chmod +x check_nginx.sh
[ka1 root@192.168.2.10 /etc/keepalived]#service keepalived start
正在启动 keepalived：                                      [确定]
[ka1 root@192.168.2.10 /etc/keepalived/bash]#ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:39:92:4f brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.10/24 brd 192.168.2.255 scope global eth0
    inet 192.168.2.200/24 scope global secondary eth0　　　　# 这里就已经绑定上了VIP
    inet6 fe80::20c:29ff:fe39:924f/64 scope link 
       valid_lft forever preferred_lft forever

[ka1 root@192.168.2.10 /etc/keepalived/bash]#ps auxfww | grep check_nginx.sh　　# 查看配置文件中的脚本是否正常运行。
root       2596  0.0  0.0 103240   872 pts/1    S+   11:14   0:00          \_ grep check_nginx.sh
root       2473  0.0  0.1 108160  1504 ?        S    11:13   0:00 /bin/bash /etc/keepalived/bash/check_nginx.sh
[ka1 root@192.168.2.10 /etc/keepalived/bash]#service keepalived stop　　　　# 关闭keepalived进行测试。
停止 keepalived：                                          [确定]
[ka1 root@192.168.2.10 /etc/keepalived/bash]#service keepalived status　　　# 等一会就可以看到keepalived
keepalived (pid  2696) 正在运行...

ka1 master主机配置完毕，ka2配置如下：

[ka2 root@192.168.2.11 ~]#yum install httpd keepalived -y
[ka2 root@192.168.2.11 ~]#sed -i 's@#ServerName www.example.com:80@ServerName localhost:80@g' /etc/httpd/conf/httpd.conf 
[ka2 root@192.168.2.11 ~]#service httpd start
正在启动 httpd：                                           [确定]
[ka2 root@192.168.2.11 ~]#curl -I 192.168.2.11
HTTP/1.1 200 OK
Date: Sun, 06 Dec 2015 11:56:58 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Dec 2015 11:56:47 GMT
ETag: "5fe4e-d-526396f6ac030"
Accept-Ranges: bytes
Content-Length: 13
Connection: close
Content-Type: text/html; charset=UTF-8

[ka2 root@192.168.2.11 ~]#cd /etc/keepalived/
[ka2 root@192.168.2.11 /etc/keepalived]#ls
keepalived.conf
[ka2 root@192.168.2.11 /etc/keepalived]#cp -a keepalived.conf keepalived.conf_bak
[ka2 root@192.168.2.11 /etc/keepalived]#scp 192.168.2.10:/etc/keepalived/keepalived.conf .
The authenticity of host '192.168.2.10 (192.168.2.10)' can't be established.
RSA key fingerprint is be:e8:09:ba:fd:95:29:ed:33:40:f5:81:75:22:03:90.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.2.10' (RSA) to the list of known hosts.
root@192.168.2.10's password: 
keepalived.conf                                                                                                                                            100%  606     0.6KB/s   00:00 

[ka2 root@192.168.2.11 /etc/keepalived]#vim keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from root@localhost
   smtp_server localhost
   smtp_connect_timeout 30
   router_id NodeB
}

vrrp_script check_nginx {
   script "/etc/keepalived/bash/check_nginx.sh"
   interval 5
   weight -10
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        check_nginx
    }
    virtual_ipaddress {
        192.168.2.200/24
    }
}
红色部分为修改内容
[ka2 root@192.168.2.11 /etc/keepalived]#mkdir bash
[ka2 root@192.168.2.11 /etc/keepalived]#cd bash
[ka2 root@192.168.2.11 /etc/keepalived/bash]#scp 192.168.2.10:/etc/keepalived/bash/check_nginx.sh .　　# 这里脚本拷贝过来以后，需要修改下IP地址。
root@192.168.2.10's password: 
check_nginx.sh                                                                                                                                             100% 1224     1.2KB/s   00:00
[ka2 root@192.168.2.11 /etc/keepalived]#service keepalived restart
停止 keepalived：                                          [确定]
正在启动 keepalived：                                      [确定]

[ka2 root@192.168.2.11 /etc/keepalived]#ps auxfww  | grep check_nginx.sh
root       2233  0.0  0.0 103240   868 pts/1    S+   20:09   0:00  |       \_ grep check_nginx.sh
root       2204  0.0  0.1 108160  1500 ?        S    20:08   0:00 /bin/bash /etc/keepalived/bash/check_nginx.sh
[ka2 root@192.168.2.11 /var]#service keepalived stop
停止 keepalived：                                          [确定]
[ka2 root@192.168.2.11 /etc/keepalived]#service keepalived status
keepalived (pid  2479) 正在运行...

两台keepalived主机配置完毕，测试如下：

  

keepalived设置ka1为Master   IP: 192.168.2.10

接下来down掉 ka1的httpd服务，再次访问：

当ka1 master 主机故障解除，启动httpd进程后，再次访问：

这种主备模式的使用，BACKUP主机只是作为备用主机，一旦MASTER主机故障解除，就要拿回主权。在配置过程中，如果出现问题，多查看/var/log/messages 日志文件，我在配置过程中曾出现过问题。

如果在测试环节出现问题，请使用 sh -x 脚本名来排查脚本问题。