{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"一、關閉操作系統防火牆","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl status firewalld","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl stop firewalld","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl disable firewalld","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"二、關閉 selinux","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"編輯文件 vi /etc/sysconfig/selinux","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"修改屬性值:SELINUX=disabled","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"三、安裝gcc 及 openssl openssl-devel","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"聯網狀態安裝:gcc -> yum install gccopenssl -> yum -y install openssl openssl-devel","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"未聯網狀態:尋找一臺已聯網,且未安裝openssl 的虛擬機yum -y install openssl openssl-devel --downloadonly --downloaddir=/opt/install/yum/openssl(不執行安裝,下載依賴包到指定目錄)然後將依賴包放入未聯網服務器的yum 源,進行yum 安裝","attrs":{}}]}],"attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"四、安裝keepalived","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"進入 網址:","attrs":{}},{"type":"link","attrs":{"href":"https://www.keepalived.org/download.html","title":null},"content":[{"type":"text","text":"https://www.keepalived.org/download.html","attrs":{}}]},{"type":"text","text":" 下載 keepalived-2.1.5","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"解壓 keepalived-2.1.5 到自定義的源碼目錄","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","text":"進入源碼目錄","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":4,"align":null,"origin":null},"content":[{"type":"text","text":"執行命令:./configure --prefix=/usr/local/keepalived","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":5,"align":null,"origin":null},"content":[{"type":"text","text":"執行命令:make && make install","attrs":{}}]}],"attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"五、移動keepalived 相關文件到指定目錄","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"keepalived啓動腳本變量引用文件,默認文件路徑是/etc/sysconfig/,也可以不做軟鏈接,\n直接修改啓動腳本中文件路徑即可(安裝目錄下)\ncp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived \n\n\n將keepalived主程序加入到環境變量(安裝目錄下)\ncp /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived\n\n\n將keepalived啓動腳本(源碼目錄下,我的源碼目錄是在 install 下)\n放到/etc/init.d/目錄下就可以使用service命令便捷調用\ncp /opt/install/keepalived/keepalived-2.1.5/keepalived/etc/init.d/keepalived /etc/init.d/keepalived\n\n\n將配置文件放到默認路徑下\nmkdir /etc/keepalived\ncp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"六、編寫監測Nginx 存活腳本 路徑:(usr/local/nginx) 名稱:(nginx_check.sh)","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#!/bin/bash\ncounter=$(docker ps | grep wisebot_services_nginx | wc -l)\necho `date \"+%Y-%m-%d %H:%M:%S\"`'-執行用戶:'`whoami` >> /usr/local/nginx/logs/log\necho `date \"+%Y-%m-%d %H:%M:%S\"`'-進入執行腳本...' >> /usr/local/nginx/logs/log\nif [ \"${counter}\" = \"0\" ]; then\n echo `date \"+%Y-%m-%d %H:%M:%S\"`'-Nginx服務停止,嘗試重啓...' >> /usr/local/nginx/logs/log\n docker restart wisebot_services_nginx\n sleep 2\n counter=$(docker ps | grep wisebot_services_nginx | wc -l)\n if [ \"${counter}\" = \"0\" ]; then\n echo `date \"+%Y-%m-%d %H:%M:%S\"`'-Nginx服務重啓失敗,停止Keepalived...' >> /usr/local/nginx/logs/log\n systemctl stop keepalived\n fi\nfi","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"七、修改 Master 節點的 keepalived.conf 配置文件","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"! Configuration File for keepalived\n\n\nglobal_defs {\n notification_email {\n [email protected]\n [email protected]\n [email protected]\n }\n notification_email_from [email protected]\n #當前服務器IP地址\n smtp_server 10.10.10.175\n smtp_connect_timeout 30\n router_id LVS_DEVEL\n vrrp_skip_check_adv_addr\n vrrp_strict\n vrrp_garp_interval 0\n vrrp_gna_interval 0\n}\n\n\n#添加檢測腳本\nvrrp_script chk_http_port {\n # script \"/usr/local/nginx/nginx_check.sh\"\n script \"sh -x /usr/local/nginx/nginx_check.sh\"\n interval 5\n weight 2\n}\n\n\nvrrp_instance VI_1 {\n #主機這裏是MASTER 從機是BACKUP\n state MASTER\n #網卡名稱,使用 ip addr 命令查看獲取\n interface enp0s3\n #主、從機的virtual_router_id必須相同\n virtual_router_id 51\n #主備機取不同的優先級,主機優先級大\n priority 100\n #心跳檢測間隔時間(秒)\n advert_int 1\n authentication {\n auth_type PASS\n auth_pass 1111\n }\n #虛擬對外開放虛擬IP地址,可以換行輸入多個進行綁定\n virtual_ipaddress {\n 10.10.10.166\n }\n #執行監測腳本配置\n track_script {\n chk_http_port\n }\n}\n\n\nvirtual_server 192.168.200.100 443 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n real_server 192.168.201.100 443 {\n weight 1\n SSL_GET {\n url {\n path /\n digest ff20ad2481f97b1754ef3e12ecd3a9cc\n }\n url {\n path /mrtg/\n digest 9b3a0c85a887a256d6939da88aabd8cd\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\nvirtual_server 10.10.10.2 1358 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n sorry_server 192.168.200.200 1358\n\n\n real_server 192.168.200.2 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n real_server 192.168.200.3 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\nvirtual_server 10.10.10.3 1358 {\n delay_loop 3\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n real_server 192.168.200.4 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n real_server 192.168.200.5 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"八、修改 Slave 節點的 keepalived.conf 配置文件","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"! Configuration File for keepalived\n\n\n\n\nglobal_defs {\n notification_email {\n [email protected]\n [email protected]\n [email protected]\n }\n notification_email_from [email protected]\n #當前服務器IP地址\n smtp_server 10.10.10.175\n smtp_connect_timeout 30\n router_id LVS_DEVEL\n vrrp_skip_check_adv_addr\n vrrp_strict\n vrrp_garp_interval 0\n vrrp_gna_interval 0\n}\n\n\n\n\n#添加檢測腳本\nvrrp_script chk_http_port {\n # script \"/usr/local/nginx/nginx_check.sh\"\n script \"sh -x /usr/local/nginx/nginx_check.sh\"\n interval 5\n weight 2\n}\n\n\n\n\nvrrp_instance VI_1 {\n #主機這裏是MASTER 從機是BACKUP\n state BACKUP\n #網卡名稱,使用 ip addr 命令查看獲取\n interface enp0s3\n #主、從機的virtual_router_id必須相同\n virtual_router_id 51\n #主備機取不同的優先級,主機優先級大\n priority 100\n #心跳檢測間隔時間(秒)\n advert_int 1\n authentication {\n auth_type PASS\n auth_pass 1111\n }\n #虛擬對外開放虛擬IP地址,可以換行輸入多個進行綁定\n virtual_ipaddress {\n 10.10.10.166\n }\n #執行監測腳本配置\n track_script {\n chk_http_port\n }\n}\n\n\n\n\nvirtual_server 192.168.200.100 443 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n real_server 192.168.201.100 443 {\n weight 1\n SSL_GET {\n url {\n path /\n digest ff20ad2481f97b1754ef3e12ecd3a9cc\n }\n url {\n path /mrtg/\n digest 9b3a0c85a887a256d6939da88aabd8cd\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\n\n\nvirtual_server 10.10.10.2 1358 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n sorry_server 192.168.200.200 1358\n\n\n\n\n real_server 192.168.200.2 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n\n\n real_server 192.168.200.3 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\n\n\nvirtual_server 10.10.10.3 1358 {\n delay_loop 3\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n real_server 192.168.200.4 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n\n\n real_server 192.168.200.5 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"九、啓動keepalived master節點和backup 節點","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# 啓動\nsystemctl start keepalived\n\n# 停止\nsystemctl stop keepalived\n\n# 查看狀態\nsystemctl status keepalived\n\n# 查看keepalived 日誌\ntail -f /var/log/messages","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"十、啓動之後,使用命令 ip addr 查看,虛擬IP已經飄到Master節點對應的網卡","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/69/696077b9f02839aab216a9492289931e.png","alt":"","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"注意事項-踩坑總結:","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"需要注意,keepalived 中配置文件的執行時間間隔,不能與nginx檢測腳本中的 sleep 時間間隔相等。這樣容易出現nginx 掛了以後,不能使 keepalived 自動停止。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"在離線服務器安裝的時候,我這邊出現了一個問題。安裝 openssl-devel 的時候,服務器已經安裝了一個相對較低版本的 krb5-libs。導致yum 源中升級的時候,一直升級不成功。所以,openssl-devel 就安裝不成功,進而導致keepalived 不能安裝成功。所以需要在yum 安裝額時候,加上 -v 參數,查看更信息的報錯信息。然後找到具體那個包安裝不成功,直接使用yum remove 命令卸載掉,重新安裝。就可以安裝成功。這個是個大坑。","attrs":{}}]}],"attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" ","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
keepalived 實現Nginx高可用安裝
{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"一、關閉操作系統防火牆","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl status firewalld","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl stop firewalld","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"systemctl disable firewalld","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"二、關閉 selinux","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"編輯文件 vi /etc/sysconfig/selinux","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"修改屬性值:SELINUX=disabled","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"三、安裝gcc 及 openssl openssl-devel","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"聯網狀態安裝:gcc -> yum install gccopenssl -> yum -y install openssl openssl-devel","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"未聯網狀態:尋找一臺已聯網,且未安裝openssl 的虛擬機yum -y install openssl openssl-devel --downloadonly --downloaddir=/opt/install/yum/openssl(不執行安裝,下載依賴包到指定目錄)然後將依賴包放入未聯網服務器的yum 源,進行yum 安裝","attrs":{}}]}],"attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"四、安裝keepalived","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"進入 網址:","attrs":{}},{"type":"link","attrs":{"href":"https://www.keepalived.org/download.html","title":null},"content":[{"type":"text","text":"https://www.keepalived.org/download.html","attrs":{}}]},{"type":"text","text":" 下載 keepalived-2.1.5","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"解壓 keepalived-2.1.5 到自定義的源碼目錄","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","text":"進入源碼目錄","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":4,"align":null,"origin":null},"content":[{"type":"text","text":"執行命令:./configure --prefix=/usr/local/keepalived","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":5,"align":null,"origin":null},"content":[{"type":"text","text":"執行命令:make && make install","attrs":{}}]}],"attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"五、移動keepalived 相關文件到指定目錄","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"keepalived啓動腳本變量引用文件,默認文件路徑是/etc/sysconfig/,也可以不做軟鏈接,\n直接修改啓動腳本中文件路徑即可(安裝目錄下)\ncp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived \n\n\n將keepalived主程序加入到環境變量(安裝目錄下)\ncp /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived\n\n\n將keepalived啓動腳本(源碼目錄下,我的源碼目錄是在 install 下)\n放到/etc/init.d/目錄下就可以使用service命令便捷調用\ncp /opt/install/keepalived/keepalived-2.1.5/keepalived/etc/init.d/keepalived /etc/init.d/keepalived\n\n\n將配置文件放到默認路徑下\nmkdir /etc/keepalived\ncp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"六、編寫監測Nginx 存活腳本 路徑:(usr/local/nginx) 名稱:(nginx_check.sh)","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#!/bin/bash\ncounter=$(docker ps | grep wisebot_services_nginx | wc -l)\necho `date \"+%Y-%m-%d %H:%M:%S\"`'-執行用戶:'`whoami` >> /usr/local/nginx/logs/log\necho `date \"+%Y-%m-%d %H:%M:%S\"`'-進入執行腳本...' >> /usr/local/nginx/logs/log\nif [ \"${counter}\" = \"0\" ]; then\n echo `date \"+%Y-%m-%d %H:%M:%S\"`'-Nginx服務停止,嘗試重啓...' >> /usr/local/nginx/logs/log\n docker restart wisebot_services_nginx\n sleep 2\n counter=$(docker ps | grep wisebot_services_nginx | wc -l)\n if [ \"${counter}\" = \"0\" ]; then\n echo `date \"+%Y-%m-%d %H:%M:%S\"`'-Nginx服務重啓失敗,停止Keepalived...' >> /usr/local/nginx/logs/log\n systemctl stop keepalived\n fi\nfi","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"七、修改 Master 節點的 keepalived.conf 配置文件","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"! Configuration File for keepalived\n\n\nglobal_defs {\n notification_email {\n [email protected]\n [email protected]\n [email protected]\n }\n notification_email_from [email protected]\n #當前服務器IP地址\n smtp_server 10.10.10.175\n smtp_connect_timeout 30\n router_id LVS_DEVEL\n vrrp_skip_check_adv_addr\n vrrp_strict\n vrrp_garp_interval 0\n vrrp_gna_interval 0\n}\n\n\n#添加檢測腳本\nvrrp_script chk_http_port {\n # script \"/usr/local/nginx/nginx_check.sh\"\n script \"sh -x /usr/local/nginx/nginx_check.sh\"\n interval 5\n weight 2\n}\n\n\nvrrp_instance VI_1 {\n #主機這裏是MASTER 從機是BACKUP\n state MASTER\n #網卡名稱,使用 ip addr 命令查看獲取\n interface enp0s3\n #主、從機的virtual_router_id必須相同\n virtual_router_id 51\n #主備機取不同的優先級,主機優先級大\n priority 100\n #心跳檢測間隔時間(秒)\n advert_int 1\n authentication {\n auth_type PASS\n auth_pass 1111\n }\n #虛擬對外開放虛擬IP地址,可以換行輸入多個進行綁定\n virtual_ipaddress {\n 10.10.10.166\n }\n #執行監測腳本配置\n track_script {\n chk_http_port\n }\n}\n\n\nvirtual_server 192.168.200.100 443 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n real_server 192.168.201.100 443 {\n weight 1\n SSL_GET {\n url {\n path /\n digest ff20ad2481f97b1754ef3e12ecd3a9cc\n }\n url {\n path /mrtg/\n digest 9b3a0c85a887a256d6939da88aabd8cd\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\nvirtual_server 10.10.10.2 1358 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n sorry_server 192.168.200.200 1358\n\n\n real_server 192.168.200.2 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n real_server 192.168.200.3 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\nvirtual_server 10.10.10.3 1358 {\n delay_loop 3\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n real_server 192.168.200.4 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n real_server 192.168.200.5 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"八、修改 Slave 節點的 keepalived.conf 配置文件","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"! Configuration File for keepalived\n\n\n\n\nglobal_defs {\n notification_email {\n [email protected]\n [email protected]\n [email protected]\n }\n notification_email_from [email protected]\n #當前服務器IP地址\n smtp_server 10.10.10.175\n smtp_connect_timeout 30\n router_id LVS_DEVEL\n vrrp_skip_check_adv_addr\n vrrp_strict\n vrrp_garp_interval 0\n vrrp_gna_interval 0\n}\n\n\n\n\n#添加檢測腳本\nvrrp_script chk_http_port {\n # script \"/usr/local/nginx/nginx_check.sh\"\n script \"sh -x /usr/local/nginx/nginx_check.sh\"\n interval 5\n weight 2\n}\n\n\n\n\nvrrp_instance VI_1 {\n #主機這裏是MASTER 從機是BACKUP\n state BACKUP\n #網卡名稱,使用 ip addr 命令查看獲取\n interface enp0s3\n #主、從機的virtual_router_id必須相同\n virtual_router_id 51\n #主備機取不同的優先級,主機優先級大\n priority 100\n #心跳檢測間隔時間(秒)\n advert_int 1\n authentication {\n auth_type PASS\n auth_pass 1111\n }\n #虛擬對外開放虛擬IP地址,可以換行輸入多個進行綁定\n virtual_ipaddress {\n 10.10.10.166\n }\n #執行監測腳本配置\n track_script {\n chk_http_port\n }\n}\n\n\n\n\nvirtual_server 192.168.200.100 443 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n real_server 192.168.201.100 443 {\n weight 1\n SSL_GET {\n url {\n path /\n digest ff20ad2481f97b1754ef3e12ecd3a9cc\n }\n url {\n path /mrtg/\n digest 9b3a0c85a887a256d6939da88aabd8cd\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\n\n\nvirtual_server 10.10.10.2 1358 {\n delay_loop 6\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n sorry_server 192.168.200.200 1358\n\n\n\n\n real_server 192.168.200.2 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n\n\n real_server 192.168.200.3 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334c\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n\n\n\n\nvirtual_server 10.10.10.3 1358 {\n delay_loop 3\n lb_algo rr\n lb_kind NAT\n persistence_timeout 50\n protocol TCP\n\n\n\n\n real_server 192.168.200.4 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n\n\n\n\n real_server 192.168.200.5 1358 {\n weight 1\n HTTP_GET {\n url {\n path /testurl/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl2/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n url {\n path /testurl3/test.jsp\n digest 640205b7b0fc66c1ea91c463fac6334d\n }\n connect_timeout 3\n retry 3\n delay_before_retry 3\n }\n }\n}\n","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"九、啓動keepalived master節點和backup 節點","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# 啓動\nsystemctl start keepalived\n\n# 停止\nsystemctl stop keepalived\n\n# 查看狀態\nsystemctl status keepalived\n\n# 查看keepalived 日誌\ntail -f /var/log/messages","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"十、啓動之後,使用命令 ip addr 查看,虛擬IP已經飄到Master節點對應的網卡","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/69/696077b9f02839aab216a9492289931e.png","alt":"","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"注意事項-踩坑總結:","attrs":{}}]},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"需要注意,keepalived 中配置文件的執行時間間隔,不能與nginx檢測腳本中的 sleep 時間間隔相等。這樣容易出現nginx 掛了以後,不能使 keepalived 自動停止。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"在離線服務器安裝的時候,我這邊出現了一個問題。安裝 openssl-devel 的時候,服務器已經安裝了一個相對較低版本的 krb5-libs。導致yum 源中升級的時候,一直升級不成功。所以,openssl-devel 就安裝不成功,進而導致keepalived 不能安裝成功。所以需要在yum 安裝額時候,加上 -v 參數,查看更信息的報錯信息。然後找到具體那個包安裝不成功,直接使用yum remove 命令卸載掉,重新安裝。就可以安裝成功。這個是個大坑。","attrs":{}}]}],"attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" ","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章