Master配置文件 注意iptables防火牆(見上個隨筆)和健康檢查腳本
keepalived 只是高可用,如果keepalived宕機后,ip會飄到備份主機,但是如果nginx掉了,keepalived是不會stop掉的,所以需要腳本做健康檢查,代碼如下:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id web1
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.120
}
track_script {
check_nginx
}
}
# virtual_router_id 51必須一致
腳本代碼
#!/bin/bash A=$(ss -aunpt | grep nginx | wc -l) if [ $A -eq 0 ] ; then /usr/bin/kill -15 `cat /var/run/keepalived.pid` echo -e "keeplived is stoped" else exit 0 fi
##注意腳本要加執行權限+x vrrp_script
vrrp_script
interval 2 : 每2s檢測一次
weight -5 : 檢測失敗(腳本返回非0)則優先級 -5
fall 2 : 檢測連續 2 次失敗才算確定是真失敗。會用weight減少優先級(1-255之間)
rise 1 : 檢測 1 次成功就算成功。但不修改優先級
注意關閉的keepalived關閉后,要起來,需要先啟nginx,然后啟keepalived
由於本人只有兩台高可用,就不寫備份機的代碼和腳本了。