Centos7下(双网卡)搭建Nginx+Keepalived高可用

最新推荐文章于 2026-06-24 05:59:41 发布
原创 最新推荐文章于 2026-06-24 05:59:41 发布 · 1.2k 阅读 · 0 ·
本内容遵循CC 4.0 BY-SA版权协议
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
标签
#nginx #nginx高可用
本文详细介绍了在Centos7环境下,如何利用双网卡搭建Nginx+Keepalived实现高可用。通过配置Nginx和Keepalived,结合DingDing通知,确保服务的稳定性和故障切换。同时,文章还涵盖了报错处理和网络架构等关键点。

Centos7下(双网卡)搭建Nginx+Keepalived高可用

 一、背景说明

①、服务器版本信息

OS版本:CentOS Linux release 7.5.1804 (Core) 

Keepalived:Keepalived v1.3.5

注:每台服务器两张网卡,一张连内网一张网卡直接连接外网交换机,内网设置静态IP地址,外网网卡不做任何设置!

②、服务器网络信息

Master:10.20.11.180

ens224:内网网卡

ens192:VIP绑定网卡,不用做任何设置!

网络信息如下(keepalived已设置好后的截图):

GENERAL.DEVICE:                         ens224
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:BB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens224
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/16
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.180/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::8839:e04e:d2f6:5a08/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
IP6.ROUTE[2]:                           dst = fe80::/64, nh = ::, mt = 256
IP6.ROUTE[3]:                           dst = fe80::/64, nh = ::, mt = 100

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:B1
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/15
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         220.166.180.180/26
IP4.GATEWAY:                            220.166.180.129
IP4.ROUTE[1]:                           dst = 220.166.180.128/26, nh = 0.0.0.0, mt = 0
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 220.166.180.129, mt = 0
IP6.GATEWAY:                            --

Slave:10.20.11.46

ens192:内网网卡

ens160:VIP绑定网卡

[root@nginx-180-slave-46 vhost]# nmcli device show
GENERAL.DEVICE:                         ens160
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:AA:70
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens160
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/4398
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.46/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::ae3:b1b9:824a:d8a3/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:8C:FB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/38901
WIRED-PROPERTIES.CARRIER:               on
IP4.GATEWAY:                            --
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

VIP:220.166.180.180

注:内网网卡设置网络信息:设置IP地址、子网掩码、DNS地址即可,不用设置网关。外网网卡不用做任何设置。

③、网络架构图如下

 ④、Nginx、keepalived安装

nginx、keepalived 通过yum进行安装,如果需要二进制安装可以自行百度,本文重点在于配置nginx+keepalived使Nginx可以做到高可用。

二、配置邮件告警通知(已弃用改为钉钉群通知

2.1、安装邮件服务

[root@server1 ~]# yum -y install mailx sendmail

修改邮件服务配置文件

在配置文件中添加如下参数

[root@server1 ~]# vim /etc/mail.rc 
##在配置文件中添加以下参数
set from=*******@qq.com  //邮箱账号
set smtp=smtp.qq.com
set smtp-auth-user=*******@qq.com     //邮箱账号
set smtp-auth-password=********   //邮箱smtp验证码
set smtp-auth=login

测试邮件发送

[root@localhost keepalived]# mail -s hello *****@qq.com < /etc/centos-release

查看接收邮件:

2.2、编写邮件通知脚本

邮件告警脚本

[root@server1 ~]# vim  /etc/keepalived/notify.sh 
#!/bin/bash
contact='******@qq.com'
notify() {
	mailsubject="$(hostname) to be $1 ,vip转移"
	mailbody="$(date +'%F %T'): vrrp trasition, $(hostname) change to be $1"
	echo " $mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
	notify master
	;;
backup)
	notify backup
	;;
fault)
	notify fault
	;;
*)
	echo "Usage: $(basename $0) {master|backup|fault}"
	ecit 1
	;;
esac

脚本授权

chmod 755 /etc/keepalived/notify.sh

2.3 DingDing通知脚本(python)

路径:vim /etc/keepalived/nginx_keepalived_notify.py

注:使用python脚本发送通知,两台机器都需要需要安装python requests 模块

pip install requests

access_token改为自己的即可!


#!/usr/local/python
# -*- coding: UTF-8 -*-
import requests
import sys
import json
import socket
import time


def info(jy):
    # 钉钉告警
    url = 'https://oapi.dingtalk.com/robot/send?access_token=***********'

    headers = {
        'Content-Type': 'application/json;charset=utf-8'
    }
    formdata = {
        "msgtype": "text",
        "text": {"content": str(jy)}
    }
    # print(formdata)
    requests.post(url=url, data=json.dumps(formdata), headers=headers)


def change_status(status):
    time1 = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))
    hostname = socket.gethostname()
    message = "Nginx高可用状态切换告警, " + str(time1) + " vrrp trasition , 主机: " + hostname + " Nginx 状态: change to be " + status
    info(message)


if __name__ == '__main__':
    status = sys.argv[1]
    change_status(status)

三、配置keepalived文件(高可用切换DingDing通知

注:两台服务器网口名称不一致问题!

Master网口:ens224(内网网口)、ens192(外网网口)。

Backup网口:ens160(内网网口)、ens192:(外网网口)。

3.1 Nginx检测脚本

# vim /etc/keepalived/check_nginx.sh 

#!/bin/bash

d=`date --date today +%Y%m%d_%H:%M:%S`
n=`netstat -lntp | grep nginx | wc -l`

if [ $n -eq 0 ]; then
	systemctl start nginx
	n2=`netstat -lntp | grep nginx | wc -l`
	if [ $n2 -eq 0 ]; then
		echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
		systemctl stop keepalived
	fi
fi

3.2 防火墙对 keepalived 开放

注:eno16777736为本机监听网口,需要根据服务器监听网口不通而改变。

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface eno16777736 --destination 224.0.0.18 --protocol vrrp -j ACCEPT;
firewall-cmd --reload;

keepalived配置参考:https://www.cnblogs.com/shuiguizi/p/11172267.html

3.3 Master keepalived.conf配置

! Configuration File for keepalived
global_defs {
   router_id sjyt_testnginx
}

vrrp_script chk_nginx {
        script "/etc/keepalived/check_nginx.sh"
        inverval 3
}

vrrp_instance VI_1 {
    state MASTER
    interface ens224
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass kgjaGJOWE398jglkj923KDK
    }
    virtual_ipaddress {
        220.166.180.180/26 dev ens192
    }

    track_script {
        chk_nginx
    }
    virtual_routes {
        default via 220.166.180.129
    }
    notify_master "/bin/python /etc/keepalived/nginx_keepalived_notify.py master"
    notify_backup "/bin/python /etc/keepalived/nginx_keepalived_notify.py backup"
    notify_fault "/bin/python /etc/keepalived/nginx_keepalived_notify.py fault"
}

3.4 Slave keepalived.conf配置

! Configuration File for keepalived
global_defs {
   router_id sjyt_testnginx
}

vrrp_script chk_nginx {
        script "/etc/keepalived/check_nginx.sh"
        inverval 3
}
vrrp_instance VI_1 {
    state BACKUP
    interface ens160
    virtual_router_id 52
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass kgjaGJOWE398jglkj923KDK
    }
    virtual_ipaddress {
        220.166.180.180/26 dev ens192
    }

    track_script {
        chk_nginx
    }
    virtual_routes {
        default via 220.166.180.129
    }
    notify_master "/bin/python /etc/keepalived/nginx_keepalived_notify.py master"
    notify_backup "/bin/python /etc/keepalived/nginx_keepalived_notify.py backup"
    notify_fault "/bin/python /etc/keepalived/nginx_keepalived_notify.py fault"
}

四、Nginx+keepalived 高可用验证

①、Master 服务器启动nginx、keepalived服务

[root@nginx-180-master-180 ~]# systemctl status nginx
● nginx.service - nginx service
   Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-09-28 15:50:16 CST; 10 months 0 days ago
 Main PID: 19116 (nginx)
   CGroup: /system.slice/nginx.service
           ├─15184 nginx: worker process
           ├─15185 nginx: worker process
           ├─15186 nginx: worker process
           ├─15187 nginx: worker process
           ├─19116 nginx: master process /usr/local/nginx/sbin/nginx
           ├─25650 nginx: worker process is shutting down
           └─25653 nginx: worker process is shutting down

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
[root@nginx-180-master-180 ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2021-07-30 16:03:02 CST; 27min ago
  Process: 4255 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 4256 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─4256 /usr/sbin/keepalived -D
           ├─4257 /usr/sbin/keepalived -D
           └─4258 /usr/sbin/keepalived -D

Jul 30 16:03:04 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:04 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:04 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:04 nginx-180-master-180 Keepalived_vrrp[4258]: Opening script file /bin/python
Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs o...180Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Hint: Some lines were ellipsized, use -l to show in full.

查看Master 服务器IP信息:

[root@nginx-180-master-180 ~]# nmcli device show
GENERAL.DEVICE:                         ens224
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:BB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens224
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/16
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.180/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::8839:e04e:d2f6:5a08/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
IP6.ROUTE[2]:                           dst = fe80::/64, nh = ::, mt = 256
IP6.ROUTE[3]:                           dst = fe80::/64, nh = ::, mt = 100

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:B1
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/15
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         220.166.180.180/26
IP4.GATEWAY:                            220.166.180.129
IP4.ROUTE[1]:                           dst = 220.166.180.128/26, nh = 0.0.0.0, mt = 0
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 220.166.180.129, mt = 0
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

②、Slave 服务器启动nginx、keepalived服务

[root@nginx-180-slave-46 vhost]# systemctl status nginx
● nginx.service - nginx service
   Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2021-07-30 16:34:12 CST; 10s ago
  Process: 17073 ExecStop=/usr/local/nginx/sbin/nginx -s quit (code=exited, status=1/FAILURE)
  Process: 17241 ExecStart=/usr/local/nginx/sbin/nginx (code=exited, status=0/SUCCESS)
 Main PID: 17242 (nginx)
   CGroup: /system.slice/nginx.service
           ├─17242 nginx: master process /usr/local/nginx/sbin/nginx
           ├─17243 nginx: worker process
           ├─17244 nginx: worker process
           ├─17245 nginx: worker process
           └─17246 nginx: worker process

Jul 30 16:34:12 nginx-180-slave-46 systemd[1]: Starting nginx service...
Jul 30 16:34:12 nginx-180-slave-46 systemd[1]: Started nginx service.
[root@nginx-180-slave-46 vhost]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: inactive (dead) since Fri 2021-07-30 16:24:16 CST; 10min ago
  Process: 9076 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 9077 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/keepalived.service
           └─2288 mail -s nginx-180-slave-46 to be master ,vip 3450597615@qq.com

Jul 30 16:05:46 nginx-180-slave-46 Keepalived_vrrp[9079]: VRRP_Instance(VI_1) removing protocol Virtual Routes
Jul 30 16:05:46 nginx-180-slave-46 Keepalived_vrrp[9079]: Opening script file /bin/python
Jul 30 16:05:46 nginx-180-slave-46 Keepalived_vrrp[9079]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jul 30 16:05:46 nginx-180-slave-46 Keepalived_vrrp[9079]: VRRP_Script(chk_nginx) succeeded
Jul 30 16:24:14 nginx-180-slave-46 systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Jul 30 16:24:14 nginx-180-slave-46 Keepalived[9077]: Stopping
Jul 30 16:24:14 nginx-180-slave-46 Keepalived_healthcheckers[9078]: Stopped
Jul 30 16:24:15 nginx-180-slave-46 Keepalived_vrrp[9079]: Stopped
Jul 30 16:24:15 nginx-180-slave-46 Keepalived[9077]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Jul 30 16:24:16 nginx-180-slave-46 systemd[1]: Stopped LVS and VRRP High Availability Monitor.
[root@nginx-180-slave-46 vhost]#

查看salve IP地址信息

[root@nginx-180-slave-46 vhost]# nmcli device show
GENERAL.DEVICE:                         ens160
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:AA:70
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens160
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/4398
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.46/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::ae3:b1b9:824a:d8a3/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:8C:FB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/38901
WIRED-PROPERTIES.CARRIER:               on
IP4.GATEWAY:                            --
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

③、关闭Master 服务器keepalived,验证是否可以正常切换

Master关闭Keepalived服务

[root@nginx-180-master-180 ~]# systemctl stop keepalived
[root@nginx-180-master-180 ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

Jul 30 16:03:09 nginx-180-master-180 Keepalived_vrrp[4258]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:36:50 nginx-180-master-180 systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Jul 30 16:36:50 nginx-180-master-180 Keepalived[4256]: Stopping
Jul 30 16:36:50 nginx-180-master-180 Keepalived_vrrp[4258]: VRRP_Instance(VI_1) sent 0 priority
Jul 30 16:36:50 nginx-180-master-180 Keepalived_vrrp[4258]: VRRP_Instance(VI_1) removing protocol Virtual Routes
Jul 30 16:36:50 nginx-180-master-180 Keepalived_vrrp[4258]: VRRP_Instance(VI_1) removing protocol VIPs.
Jul 30 16:36:50 nginx-180-master-180 Keepalived_healthcheckers[4257]: Stopped
Jul 30 16:36:51 nginx-180-master-180 Keepalived_vrrp[4258]: Stopped
Jul 30 16:36:51 nginx-180-master-180 Keepalived[4256]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-...32f2Jul 30 16:36:51 nginx-180-master-180 systemd[1]: Stopped LVS and VRRP High Availability Monitor.
Hint: Some lines were ellipsized, use -l to show in full.
[root@nginx-180-master-180 ~]#

Master IP地址信息

[root@nginx-180-master-180 ~]# nmcli device show
GENERAL.DEVICE:                         ens224
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:BB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens224
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/16
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.180/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::8839:e04e:d2f6:5a08/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
IP6.ROUTE[2]:                           dst = fe80::/64, nh = ::, mt = 256
IP6.ROUTE[3]:                           dst = fe80::/64, nh = ::, mt = 100

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:C5:D9:B1
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/15
WIRED-PROPERTIES.CARRIER:               on
IP4.GATEWAY:                            --
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

查看Slave服务器keepalived信息

[root@nginx-180-slave-46 vhost]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2021-07-30 16:37:58 CST; 2min 5s ago
  Process: 17272 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 17273 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─ 2288 mail -s nginx-180-slave-46 to be master ,vip 3450597615@qq.com
           ├─17273 /usr/sbin/keepalived -D
           ├─17274 /usr/sbin/keepalived -D
           └─17275 /usr/sbin/keepalived -D

Jul 30 16:38:03 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:03 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:03 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:03 nginx-180-slave-46 Keepalived_vrrp[17275]: Opening script file /bin/python
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs o....180
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Jul 30 16:38:08 nginx-180-slave-46 Keepalived_vrrp[17275]: Sending gratuitous ARP on ens192 for 220.166.180.180
Hint: Some lines were ellipsized, use -l to show in full.

查看IP地址信息:

[root@nginx-180-slave-46 vhost]# nmcli device show
GENERAL.DEVICE:                         ens160
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:AA:70
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens160
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/4398
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         10.20.11.46/24
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 10.20.11.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             61.139.2.69
IP6.ADDRESS[1]:                         fe80::ae3:b1b9:824a:d8a3/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = ff00::/8, nh = ::, mt = 256, table=255

GENERAL.DEVICE:                         ens192
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:50:56:9B:8C:FB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     ens192
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/38901
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         220.166.180.180/26
IP4.GATEWAY:                            220.166.180.129
IP4.ROUTE[1]:                           dst = 220.166.180.128/26, nh = 0.0.0.0, mt = 0
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 220.166.180.129, mt = 0
IP6.GATEWAY:                            --

GENERAL.DEVICE:                         lo
GENERAL.TYPE:                           loopback
GENERAL.HWADDR:                         00:00:00:00:00:00
GENERAL.MTU:                            65536
GENERAL.STATE:                          10 (unmanaged)
GENERAL.CONNECTION:                     --
GENERAL.CON-PATH:                       --
IP4.ADDRESS[1]:                         127.0.0.1/8
IP4.GATEWAY:                            --
IP6.ADDRESS[1]:                         ::1/128
IP6.GATEWAY:                            --

重新启动Master keepalived 服务

钉钉通知:

五、报错处理 

报错一、

notify_master或者notify_backup不执行脚本

原因一、selinux 未关闭。

[root@nginx-180-slave-46 vhost]# getenforce
Permissive

解决办法:

切换时,脚本始终不执行,过google了半天,发现有一个这样写到:

原文链接:https://serverfault.com/questions/709428/track-script-doesnt-work-after-keepalived-update

chcon -t keepalived_unconfined_script_exec_t /etc/keepalived/chk_available.sh
我的是这样执行:(主keepalived和备keepalived都执行)

chcon -t keepalived_unconfined_script_exec_t  /d/d_ctl.sh

再重启keepalived测试,完全解决

报错二、

集群脑裂,master 是master,backup也变成了master

原因分析:

VRRP控制报文只有一种:VRRP通告(advertisement)。它使用IP多播数据包进行封装,组地址为224.0.0.18,发布范围只限于同一局域网内。这保证了VRID在不同网络中可以重复使用。为了减少网络带宽消耗只有主控路由器才可以周期性的发送VRRP通告报文。备份路由器在连续三个通告间隔内收不到VRRP或收到优先级为0的通告后启动新的一轮VRRP选举。

------------以下转载别人的博客

  centos7安装keepalived后,不关闭防火墙,虚拟ip不能实现漂移,双机都为master,不能实现双机热备的效果。原因是防火墙中没有方形vrrp的组播 IP 244.0.0.18。centos7下使用的防火请是firewall,本人不会使用centos7默认的防火墙放行组播IP,所以禁用掉centos7默认的防火墙,使用iptables防火墙。

Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: Truncating auth_pass to 8 characters
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) removing protocol Virtual Routes
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: Using LinkWatch kernel netlink reflector...
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) removing protocol Virtual Routes
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP sockpool: [ifindex(3), proto(112), unicast(0), fd(10,11)]
Jun 16 11:36:33 localhost Keepalived_vrrp[12303]: VRRP_Script(chk_nginx) succeeded
Jun 16 11:36:37 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 16 11:36:38 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 16 11:36:38 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 16 11:36:38 localhost Keepalived_vrrp[12303]: VRRP_Instance(VI_1) setting protocol Virtual Routes
Jun 16 11:36:38 localhost Keepalived_vrrp[12303]: Sending gratuitous ARP on ens192 for 192.168.6.10

解决办法:

防火墙放行检测端口

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface eno16777736 --destination 224.0.0.18 --protocol vrrp -j ACCEPT;
firewall-cmd --reload;

Nginx专题-基于多网卡的主机配置
腾蛟起凤吕学士
04-03 3345
Nginx 基于多网卡的主机实现
linux多网卡实现内外网互通
assaaSADAAS的博客
05-28 9334
IP地址: 设置系统网卡的地址和虚拟机的设置的子网ip要在同一ip段:192.168.207.XXX,但是不能和虚拟机设置的ip地址一样。GATEWAY:内网集群所有的网络通信地址,此ip设置为一个不会用到的ip地址。打开网络和internet设置----》更改适配器选项----》找到虚拟机再操作系统的网络网卡。虚拟机页面---》编辑---》虚拟网络编辑器 --》更改设置 ---》添加网络。右击图标---》属性---》internet协议版本4(TCP/IPv4)---》进行参数设置。
双网卡服务器实现内外网访问
qq_33750038的博客
03-29 3225
双网卡 内外网
keepalived总结
qq_39677803的博客
05-24 3659
master(192.168.199.201)配置如下。backup(192.168.199.202)配置如下。结果如下:201上有VIP,202上则没有。下面列出主的配置,从的自行修改。检测Nginx的脚本。
Linux部署Nginx并实现网络代理
拾一二的博客
08-24 3726
由于目标服务器IP访问限制,只允许局域网内部指定服务器访问,其他服务器无法直接访问,此时,可以在指定服务器部署nginx,配置网络代理,以实现局域网其他服务器通过访问指定服务器,间接访问目标服务器
keepalived+haproxy(双主)+nginx(静态)+lamp(动态)部署phpBB
weixin_34258078的博客
10-29 668
简介:haproxy为高性能的反向代理服务器,在向后端server调度方面支持很多的调度算法:roundrobin,source,uri,url_param,hdr(),leastconn等,且支持动态权重调整的一致性hash,后端为cache server时很好的提高cache命中率;相比nginx反向代理,haproxy调度功能更为强大,另外haproxy提供自带的gui...
CentOS7 编译安装LVS 互为主备 (实测 笔记 Centos 7.0 + ipvsadm 1.27 + keepalived 1.2.15 )
weixin_30563319的博客
03-17 258
环境: 系统硬件:vmware vsphere (CPU:2*4核,内存2G,双网卡) LVS服务器(两台): 系统:Centos7.0 64位(LVS+keepalived) LvsMaster:192.168.1.21 (主VIP:192.168.1.20 ,备VIP:192.168.1.18) LvsBackup:192.168.1.22(主VIP:192.1...
《AI运维·Linux系统管理(速通)》精品图书全案设计-001篇
最新发布
老韩的Linux云计算架构师进阶之路
06-24 9
【进阶级·systemd核心3/5】核心理论[Unit][Service][Install]Wants(弱依赖,启动失败不影响主服务)、Requires(强依赖,依赖失败主服务也失败)、After(启动顺序)实操演练:完整编写Java业务服务[Unit][Service]User=app[Install]→企业级最佳实践自定义服务统一存放,与系统自带服务区分必须指定运行用户,禁止业务服务以root身份运行,降低安全风险统一配置异常自动重启,提升服务可用性。
[经验总结]Linux双机双网卡Keepalived高可用配置及验证细节
wingaso的博客
04-18 1586
针对双网卡的两台主机,Keepalived高可用交叉主从配置,这种配置需求可能比较少见,在网上也很少有相关文章,于是记录在此,供有需要的朋友参考。本篇重点介绍配置的关键点,已经相关的检查方式和处理方法。
nginx正向代理和反向代理
spring℡
02-17 4825
一、正向代理 ①添加网卡(仅主机模式) [root@host1 conf.d]# pwd /usr/local/nginx/conf.d ②配置 [root@host1 conf.d]# vim test1.conf 这里设置监听端口为8080 server { resolver 114.114.114.114; listen 8080; location / { proxy_pass http://$htt
linux两个网卡配置nginx,linux之nginx高并发配置及网络优化
weixin_29626189的博客
05-01 1454
一、网络优化(编辑/etc/sysctl.conf文件)vim /etc/sysctl.conf内容如下:net.core.somaxconn=50000net.ipv4.tcp_tw_recycle=1net.ipv4.tcp_tw_reuse=1net.ipv4.tcp_syncookies=0net.ipv4.tcp_fin_timeout=30net.ipv4.tcp_keepalive_...
Nginx代理服务器
JohnnyG2000的博客
06-30 5567
代理服务器,客户机在发送请求时,不会直接发送给目的主机,而是先发送给代理服务器,代理服务接受客户机请求之后,再向主机发出,并接收目的主机返回的数据,存放在代理服务器的硬盘中,再发送给客户机。.........
Nginx双向代理
sayhitoloverOvO的博客
09-09 1794
Nginx介绍 Nginx (engine x) 是一个高性能的HTTP和反向代理web服务器,同时也提供了IMAP/POP3/SMTP服务。Nginx是由伊戈尔·赛索耶夫为俄罗斯访问量第二的Rambler.ru站点(俄文:Рамблер)开发的,第一个公开版本0.1.0发布于2004年10月4日。 其将源代码以类BSD许可证的形式发布,因它的稳定性、丰富的功能集、简单的配置文件和低系统资源的消耗而闻名。2011年6月1日,nginx 1.0.4发布。 Nginx是一款轻量级的Web 服务器/反向代理服务
keepalived双网卡主备配置高可用步骤。
wuapeng的博客
05-18 7277
keepalived+lvsNAT实现高可用负载整理: 主备都需要开启ip转发功能,不然运行不起来。 vi /etc/sysctl.conf   set net.ipv4.ip_forward = 1 之后service network restart重启网络。   MASTER:eth0:192.168.5.190(假设是外网IP)  eth1 192.168.0.11(假设内网IP,用
Keepalived+Nginx+Apache双活搭建双网卡模式)
weixin_33985679的博客
06-15 710
之前写过一篇文章《keepalived+nginx+apache主备及双活搭建测试》,该测试环境只有一张网卡,双活的ip都在该网卡上。本文背景:自动化运维平台的前置机部署在云平台,服务器有两张网卡,分别对应带外ip和业务ip;云平台的被管服务器访问带外虚ip,非云平台的物理服务器访问业务的虚ip。架构图:配置:主机ip操作系统软件vipnginx01172.27.9.9117...
MySQL 基于 keepalived 实现HA 主从搭建,并实现故障邮件通知
程序猿丶HLK
07-19 573
前言 环境准备: 虚拟机系统:centos 6.7 MySQL主节点(master):192.168.120.110 hadoop01 MySQL从节点(backup):192.168.120.111 hadoop02 MySQL版本:5.6.24 关于MySQL的安装,可以参考Centos6.7 系统安装MySQL进行主从节点MySQL的安装,安装完成之后...
医院 HIS 业务场景:Nginx 配置内外网接口请求转发(前置机中转实战)
这里没有晦涩理论,只有项目踩坑实录、问题速解、效率工具、源码封装与架构思路。专注项目实战,用最简单直白的方式,带你轻松搞定开发难题,高效写码,快乐下班。
03-06 705
针对医院 HIS 系统内外网隔离导致外网无法直接访问内网接口的问题,本文介绍基于内外网双网卡前置机,使用 Nginx 实现接口请求转发的实战方案。文章详细说明 Nginx 主配置与虚拟主机转发配置,包含跨域、超时、大文件上传、真实 IP 传递等医院业务适配优化,同时提供配置校验、服务重启等运维命令及等保合规相关安全建议,可直接用于医院 HIS、区域卫生、互联网医院等内外网接口中转场景,保障接口转发稳定、安全与可审计。
Nginx调度器
tian1345的博客
01-13 2187
Nginx调度器 HTTP调度 Nginx反向代理 Nginx不止可以做web服务器,也可以做为代理服务器 Nginx代理(调度器)具备两个功能: 负载均衡(轮询算法),将用户发送的上网请求的等,分别发给每个web服务器 健康检查,当某一web服务器坏掉的时候,Nginx代理则自动不再向改web服务器发送请求 Nginx调度算法 nginx目前支持的调度算法 轮询(默认的):逐一调度 w...
keepalived 双网卡服务器双机热备
weixin_33939380的博客
06-08 367
环境准备test1eth0:18.1.30.58 eth1:192.168.87.200test2eth0:18.1.30.59 eth1:192.168.87.180VIP18.1.30.30 192.168.87.87test1 keepalived的配置vrrp_sync_group VGM { group { ...
linux双机网卡聚合,keepalived01:双网卡服务器双机热备
weixin_39767887的博客
05-01 407
keepalived双网卡服务器双机热备环境:master: eth0(192.168.0.100/24) eth1(10.0.0.100/24)backup: eth0(192.168.0.200/24) eth1(10.0.0.200/24)软件安装:安装依赖:yum install ipvsadm kernel-devel openssl-devel popt-devel \libnl-de...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值