【 Linux 】Keepalived实现双主模型高可用集群

要求：
1. 两台web服务器安装wordpress，数据库通过nfs共享
2. 使用keepalived实现双主模型

环境：
主机：
系统：CentOS6.7 x64
1. node1: 192.168.2.11 node2: 192.168.2.12 vip: 192.168.2.200
service iptables stop
selinux: disabled

一、两台主机分别配置lamp架构，并使用nfs实现数据库共享

[root@node1 ~]# yum install nfs-utils httpd php php-mysql mysql-server -y     # yum安装软件包
[root@node1 ~]# mkdir -pv /mydata/{web,data}     # 创建共享web程序和数据库目录
mkdir: 已创建目录 "/mydata"
mkdir: 已创建目录 "/mydata/web"
mkdir: 已创建目录 "/mydata/data"
[root@node1 ~]# chown -R mysql:mysql /mydata/data/
[root@node1 ~]# chown -R apache:apache /mydata/web/
[root@node1 ~]# vim /etc/exports
/mydata *(rw,no_root_squash)
[root@node1 ~]# service nfs start
启动 NFS 服务：                                            [确定]
关掉 NFS 配额：                                            [确定]
启动 NFS mountd：                                          [确定]
正在启动 RPC idmapd：                                      [确定]
正在启动 RPC idmapd：                                      [确定]
启动 NFS 守护进程：                                        [确定]
[root@node1 ~]# showmount -e 192.168.2.11
Export list for 192.168.2.11:
/mydata *

[root@node2 ~]# mkdir /mydata
[root@node2 ~]# mount -t nfs 192.168.2.11:/mydata/ /mydata/
[root@node2 ~]# vim /etc/fstab
# 插入如下规则
192.168.2.11:/mydata    /mydata                 nfs     defaults        0 0

[root@node1 ~]# vim /etc/my.cnf
datadir=/mydata/data     # 修改mysql数据存放目录

[root@node2 ~]# vim /etc/my.cnf
datadir=/mydata/data     # 修改mysql数据存放目录

[root@node1 ~]# service mysqld start    # 启动数据库
[root@node1 ~]# ls /mydata/data/     # 确认是否生成数据
ibdata1  ib_logfile0  ib_logfile1  mysql  test
[root@node2 ~]# service mysqld start     # 第一次读取共享可能会慢点

[root@node1 ~]# wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip     # 下载discuz web程序
[root@node1 ~]# unzip Discuz_X3.2_SC_UTF8.zip
[root@node1 ~]# cp -a upload/* /mydata/web/     # 将web程序复制到nfs共享目录
[root@node1 ~]# chown -R apache:apache /mydata/web/     # 给与apache的执行权限
[root@node1 ~]# vim /etc/httpd/conf/httpd.conf     # 修改apache配置文件
# 修改如下参数
行号
276 ServerName localhost:80

292 DocumentRoot "/mydata/web/"
317 <Directory "/mydata/web">
[root@node1 ~]# service httpd start
[root@node1 ~]# scp /etc/httpd/conf/httpd.conf node2:/etc/httpd/conf/     # 将配置文件拷贝至node2服务器
[root@node2 ~]# service httpd start
[root@node1 ~]# mysql     # 创建web程序的数据库
mysql> CREATE DATABASE ultrax;
mysql> GRANT ALL ON ultrax.* TO 'ultrax'@127.0.0.1 IDENTIFIED BY '123456';
mysql> FLUSH PRIVILEGES;
mysql> Bye

# node1 创建了库，node2最好重启下mysql

[root@node2 ~]# service mysqld restart

通过浏览器安装web程序



node1: 192.168.2.11



node2: 192.168.2.12



二、通过keepalived实现主备模式

[root@node1 ~]# yum install keepalived -y
[root@node1 ~]# vim /etc/keepalived/keepalived.conf
# 全部内容如下
! Configuration File for keepalived

global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nodeA
}
vrrp_script chk_httpd {
script "/etc/keepalived/bash/chk_httpd.sh"
interval 5
weight -10
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_httpd
}
virtual_ipaddress {
192.168.2.200/24
}
}

[root@node1 ~]# mkdir /etc/keepalived/bash     # 创建检查脚本存放目录
[root@node1 ~]# vim /etc/keepalived/bash/chk_httpd.sh # 编写检查脚本
# 使用该脚本必须有wget命令，如没有请执行：yum install wget -y
#!/bin/bash

pidfile=/var/lock/subsys/`basename $0`.pid
if [ -f $pidfile ] && [ -e /proc/`cat $pidfile` ] ; then
exit 1
fi
trap "rm -rf $pidfile ; exit 0" 1 2 3 15
echo $$ > $pidfile
maxfails=3
fails=0
success=0

while [ 1 ]
do

/usr/bin/wget --timeout=3 --tries=1 http://192.168.2.11/ -q -O /dev/null && ping -c1 192.168.2.1 &> /dev/null
if [ $? -ne 0 ] ; then
let fails=$[$fails+1]
success=0
else
fails=0
let success=$[$success+1]
fi

if [ $fails -ge $maxfails ] ; then
fails=0
success=0
#check keepalived is running ? try to stop it
/etc/init.d/keepalived status | grep 正在运行
if [ $? -eq 0 ] ; then
/usr/bin/logger -is "local service fails $maxfails times ... try to stop keepalived."
/etc/init.d/keepalived stop 2>&1 | /usr/bin/logger
fi

fi

if [ $success -gt $maxfails ] ; then
#check keepalived is stopped ? try to start it
/etc/init.d/keepalived status | grep 已停　　　　# 脚本中这里要注意，如果系统是英文安装的为 grep stopped 如果是中文为 grep 已停
if [ $? -eq 0 ] ; then
/usr/bin/logger -is "service changes normal, try to start keepalived ."
/etc/init.d/keepalived start
fi
success=0
fi
sleep 3

done

[root@node1 ~]# chmod +x /etc/keepalived/bash/chk_httpd.sh
[root@node1 ~]# cd /etc/keepalived/bash/
[root@node1 bash]# sh -x chk_httpd.sh     # 调试脚本，让脚本来启动keepalived 这样就做到了检查脚本的目的

[root@node1 bash]# ps uaxfww | grep keepalived | grep -v grep
root      26552  0.0  0.1 109656  1112 ?        Ss   22:35   0:00 /usr/sbin/keepalived -D
root      26555  0.0  0.2 111760  2776 ?        S    22:35   0:00  \_ /usr/sbin/keepalived -D
root      26556  0.0  0.2 111760  2128 ?        S    22:35   0:00  \_ /usr/sbin/keepalived -D
root      26569  0.0  0.1 106092  1284 ?        S    22:35   0:00 /bin/bash /etc/keepalived/bash/chk_httpd.sh

node2 安装keepalived及配置

[root@node2 ~]# yum install keepalived -y
[root@node1 ~]# scp /etc/keepalived/keepalived.conf node2:/etc/keepalived/    #直接使用node1的配置文件覆盖并修改
[root@node1 ~]# scp -r /etc/keepalived/bash node2:/etc/keepalived/     # 将检查脚本也直接复制过去，不过需要修改，切记！
[root@node2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nodeB
}
vrrp_script chk_httpd {
script "/etc/keepalived/bash/chk_httpd.sh"
interval 5
weight -10
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_httpd
}
virtual_ipaddress {
192.168.2.200/24
}
}

[root@node2 bash]# vim chk_httpd.sh
# 修改如下一行代码
16     /usr/bin/wget --timeout=3 --tries=1 http://192.168.2.12/ -q -O /dev/null && ping -c1 192.168.2.1 &> /dev/null

[root@node2 bash]# ps auxfww | grep keepalived | grep -v grep
root       3442  0.0  0.2 110276  1380 ?        Ss   02:18   0:00 /usr/sbin/keepalived -D
root       3444  0.0  0.6 112380  2980 ?        S    02:18   0:00  \_ /usr/sbin/keepalived -D
root       3446  0.0  0.4 112380  2192 ?        S    02:18   0:00  \_ /usr/sbin/keepalived -D
root       3454  0.0  0.2 106064  1420 ?        S    02:18   0:00 /bin/bash /etc/keepalived/bash/chk_httpd.sh

三、测试

node1:
[root@node1 ~]# ip a
inet 192.168.2.11/24 brd 192.168.2.255 scope global eth0
inet 192.168.2.200/24 scope global secondary eth0

[root@node1 ~]# service httpd stop     # 停止node1的web服务

node2：
[root@node2 bash]# ip a
inet 192.168.2.12/24 brd 192.168.2.255 scope global eth0
inet 192.168.2.200/24 scope global secondary eth0

测试成功。

四、练习小结：
该服务器架构仅仅只是用来测试，这里存在很多问题：
1. 如果node1节点down掉了，nfs共享也就断掉了
2. keepalived也只是仅仅对http做了检测，如果mysql服务down掉，是无法进行主备切换的。

经过调整，可以使用如下架构：