調用腳本參數含義
vrrp_script<SCRIPT_NAME> { #定義一個檢測腳本,在global_defs之外配置
script <STRING>|<QUOTED-STRING> # shell命令或腳本路徑
interval <INTEGER> # 間隔時間,單位為秒,默認1秒
timeout <INTEGER> # 超時時間
weight <INTEGER:-254..254> # 權重,監測失敗后會執行權重+操作
fall <INTEGER> #腳本幾次失敗轉換為失敗
rise <INTEGER> # 腳本連續檢測成果后,把服務器從失敗標記為成功的次數
user USERNAME [GROUPNAME] # 執行監測的用戶或組
init_fail # 設置默認標記為失敗狀態,監測成功之后再轉換為成功狀態
}
實戰一:實現ping網關地址高可用檢測
1、在主機A配置keepalived調用ping腳本。
書寫一個腳本,ping主機的網關IP地址,如果ping不通時,啟動以下keepalived配置文件中內容。
vim /etc/keepalived/ping.sh
#!/bin/bash ping -c 192.168.37.2 &> /dev/null if [ $? -eq 0 ];then exit 0 else exit 2 fi
加上執行權限:chmod +x ping.sh
配置keepalived文件,當以上ping腳本不通時,則執行以下配置文件,此時權重就會減50,就會降低優先級,此時VIP地址就會漂移到從服務器上。
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost.com
}
notification_email_from root@localhost.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2
vrrp_skip_check_adv_addr
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script linux_ping { 調用腳本時起名
script /etc/keepalived/ping.sh 調用腳本路徑
interval 2 時間間隔2秒
weight -50 權重減50
fall 3 連續失敗3次轉為失敗
rise 5 連續檢測成功5次后,標記為成功
timeout 2 時間超時2秒
}
vrrp_instance VIP_1 {
state MASTER
interface ens33
virtual_router_id 50
priority 100
unicast_src_ip 192.168.37.7
unicast_peer {
192.168.37.17
}
advert_int 2
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.37.100 dev ens33 label ens33:1
}
track_script {
linux_ping 檢查腳本,將上面命名的名稱進行調用
}
}
2、在B主機配置keepalived
書寫一個腳本,ping主機的網關IP地址,如果ping不通時,啟動以下keepalived配置文件中內容。
vim /etc/keepalived/ping.sh
#!/bin/bash ping -c 192.168.37.2 &> /dev/null if [ $? -eq 0 ];then exit 0 else exit 2 fi
加上執行權限:chmod +x ping.sh
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_skip_check_adv_addr
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script linux_ping {
script /etc/keepalived/ping.sh 也調用ping腳本,當從服務器Ping網關不通時也將權重減50,此時優先級變低,當主服務器恢復時,VIP地址就又會漂移到主服務器上。
interval 2
weight -50
fall 3
rise 5
timeout 2
}
vrrp_instance VIP_1 {
state BACKUP
interface ens33
virtual_router_id 50
priority 80
unicast_src_ip 192.168.37.17
unicast_peer {
192.168.37.7
}
advert_int 2
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.37.100 dev ens33 label ens33:1
}
track_script {
linux_ping
}
}
3、測試效果:
將ping.sh腳本的網關地址修改為不存在的IP地址.
vim /etc/keepalived/ping.sh
#!/bin/bash #ping -c 192.168.37.2 &> /dev/null ping -c 192.168.77.2 &> /dev/null if [ $? -eq 0 ];then exit 0 else exit 2 fi
重啟主從keepalived服務:systemctl reload keepalived
此時可以看到VIP地址已經漂移到從服務器上。
當主服務器的網關IP地址修改正確之后,VIP地址就又會飄回到主服務器上。
實戰二:實現HAProxy高可用檢測
1、在A主機配置keepalived,並寫一個檢測haproxy腳本
vim /etc/keepalived/chk_haproxy.sh
#!/bin/bash # #******************************************************************** #Author: liu #QQ: 29308620 #Date: 2019-12-26 #FileName: /etc/keepalived/chk_haproxy.sh #URL: http://www.struggle.com #Description: The test script #Copyright (C): 2019 All rights reserved #******************************************************************** killall -0 haproxy
修改keepalived配置文件,調用檢測haproxy腳本。
global_defs {
notification_email {
root@localhost.com
}
notification_email_from root@localhost.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2
vrrp_skip_check_adv_addr
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script /etc/keepalived/chk_haproxy.sh # 調用chk_haproxy.sh腳本,發現haproxy宕機后就降級
interval 2
weight -50
fall 3
rise 5
timeout 2
}
vrrp_instance VIP_1 {
state MASTER
interface ens33
virtual_router_id 50
priority 100
unicast_src_ip 192.168.37.7
unicast_peer {
192.168.37.17
}
advert_int 2
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.37.100 dev ens33 label ens33:1
}
track_script {
chk_haproxy 調用上面調用腳本的名稱
}
}
配置A主機的haproxy文件
global
maxconn 100000
chroot /usr/local/haproxy
stats socket /var/lib/haproxy/haproxy.sock1 mode 600 level admin process 1
stats socket /var/lib/haproxy/haproxy.sock2 mode 600 level admin process 2
user haproxy
group haproxy
daemon
nbproc 2
cpu-map 1 0
cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
bind :9527
stats enable
stats hide-version
stats uri /haproxy-status
stats realm HAPorxy\Stats\Page
stats auth haadmin:123456
stats auth admin:123456
stats refresh 30s
stats admin if TRUE
listen web_port
bind 0.0.0.0:80
mode http
log global
server web1 192.168.7.102:80 check inter 3000 fall 2 rise 5 # 用戶訪問VIP地址之后,轉發到后端服務器上
2、在B主機配置keepalived,並寫一個檢測haproxy腳本
vim /etc/keepalived/chk_haproxy.sh
#!/bin/bash # #******************************************************************** #Author: liu #QQ: 29308620 #Date: 2019-12-26 #FileName: /etc/keepalived/chk_haproxy.sh #URL: http://www.struggle.com #Description: The test script #Copyright (C): 2019 All rights reserved #******************************************************************** killall -0 haproxy 對haproxy發信號,確定haproxy的狀態信息。
修改keepalived配置文件,調用檢測haproxy腳本。
global_defs {
notification_email {
root@localhost.com
}
notification_email_from root@localhost.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2
vrrp_skip_check_adv_addr
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script /etc/keepalived/chk_haproxy.sh # 調用chk_haproxy.sh腳本,發現haproxy宕機之后就降級
interval 2
weight -50
fall 3
rise 5
timeout 2
}
vrrp_instance VIP_1 {
state BACKUP
interface ens33
virtual_router_id 50
priority 100
unicast_src_ip 192.168.37.17
unicast_peer {
192.168.37.7
}
advert_int 2
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.37.100 dev ens33 label ens33:1
}
track_script {
chk_haproxy 調用上面調用腳本的名稱
}
}
配置B主機的haproxy文件
global
maxconn 100000
chroot /usr/local/haproxy
stats socket /var/lib/haproxy/haproxy.sock1 mode 600 level admin process 1
stats socket /var/lib/haproxy/haproxy.sock2 mode 600 level admin process 2
user haproxy
group haproxy
daemon
nbproc 2
cpu-map 1 0
cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
bind :9527
stats enable
stats hide-version
stats uri /haproxy-status
stats realm HAPorxy\Stats\Page
stats auth haadmin:123456
stats auth admin:123456
stats refresh 30s
stats admin if TRUE
listen web_port
bind 0.0.0.0:80
mode http
log global
server web1 192.168.7.102:80 check inter 3000 fall 2 rise 5 # 用戶訪問VIP地址之后,轉發到后端服務器上
3、測試效果:
將A主機的haproxy服務器停掉,此時VIP地址就會漂移到從服務器上。
當啟動haproxy服務器時,VIP地址就又會飄回主服務器上
如果想實現nginx的高可用檢測,只需要將腳本改為:killall -0 nginx;
然后在keepalived配置文件添加一個調用此腳本即可,詳細的nginx檢測狀態,請看:https://www.cnblogs.com/struggle-1216/p/12055924.html