本文共 10395 字,大约阅读时间需要 34 分钟。
角色 | 主机名 | 端口说明 |
---|---|---|
web主机 | web-tomcat-docker | tomcat1/8081, tomcat2/8082 |
代理主机1 | proxy-c7 | nginx: listen: *:88 |
[root1@web-tomcat-docker ~]#docker run -d --name tomcat1 -p 8081:8080 daocloud.io/library/tomcat:8.0.44docker run -d --name tomcat2 -p 8082:8080 daocloud.io/library/tomcat:8.0.44docker exec -it tomcat1 bash -c " echo 'this is tomcat1:8081' > /usr/local/tomcat/webapps/ROOT/index.jsp"docker exec -it tomcat2 bash -c " echo 'this is tomcat2:8082' > /usr/local/tomcat/webapps/ROOT/index.jsp"[root1@web-tomcat-docker ~]# curl localhost:8081this is tomcat1:8081[root1@web-tomcat-docker ~]# curl localhost:8082this is tomcat2:8082
[root@proxy-c7 ~]# cat /etc/nginx/conf.d/proxy.confupstream web{ server web-tomcat-docker:8081; server web-tomcat-docker:8082;}server { #listen 192.168.56.251:88; listen *:88; location / { proxy_pass http://web; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }}[root@proxy-c7 ~]# curl localhost:88this is tomcat1:8081[root@proxy-c7 ~]# curl localhost:88this is tomcat2:8082
使用keepalived维护虚拟ip: 在主备节点漂移
角色 | 主机名 | 端口说明 |
---|---|---|
web主机 | web-tomcat-docker | tomcat1/8081, tomcat2/8082 |
keepalived+nginx代理主机1 | proxy-c7 | nginx: listen: vip:88 |
keepalived+nginx代理主机2 | proxy-c6 | nginx: listen: vip:88 |
#运行系统监听不存在的端口sysctl -w net.ipv4.ip_nonlocal_bind=1echo net.ipv4.ip_nonlocal_bind=1 >> /etc/sysctl.conf#修改nginx 监听vipcat > /etc/nginx/conf.d/proxy.conf <
#vrrp_sript: weight权重使用说明:#master : 100--> 初始优先级=100,nginx发生故障,keepalived vrrp优先级-30,变为70 (比backup小,角色对调)#backup1: 90 #backup2: 90 [root@proxy-c7 ~]# cat /etc/keepalived/keepalived.confglobal_defs { router_id LVS_DEVEL_162}vrrp_script chk_keep { #script [ 0 -eq 0 ] && exit 0 || exit 1 #script /tmp/chk_nginx.sh: service nginx status script "service nginx status" interval 1 weight -30}vrrp_instance VI_1_test1 { state MASTER #主备不同 interface eth1 virtual_router_id 51 priority 100 #主备不同 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.251 } vrrp_macst_group4 224.0.10.67 track_script { chk_keep }# #发送通知: master状态时,backup状态时.. notify_master "service nginx start"# notify_master "/etc/keepalived/notify.sh master"# notify_backup "/etc/keepalived/notify.sh backup"# notify_fault "/etc/keepalived/notify.sh fault"}
[root@proxy-c6 ~]# cat /etc/keepalived/keepalived.confglobal_defs { router_id LVS_DEVEL_161}vrrp_script chk_keep { #script [ 0 -eq 0 ] && exit 0 || exit 1 #script /tmp/chk_nginx.sh: service nginx status script "service nginx status" interval 1 weight -30}vrrp_instance VI_1_test1 { state BACKUP interface eth1 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.251 } vrrp_macst_group4 224.0.10.67 track_script { chk_keep }# #notify state change notify_master "service nginx start"# notify_master "/etc/keepalived/notify.sh master"# notify_backup "/etc/keepalived/notify.sh backup"# notify_fault "/etc/keepalived/notify.sh fault"}
每个keepalived主机都配置相同脚本: 当keepalived是master状态时,启动haproxy; 否则就停止haproxy
具体<linux如何发送126邮件>配置见[root@proxy-c6 vagrant]# cat /etc/keepalived/notify.sh #!/bin/bash#keepalived-master-->启动haproxy#keepalived-backup-->停止haproxyrole=$1send_mail(){ subject="keepalived master changes" context="$(date +'%F %T'): $(hostname) changes to $role " echo $context |mailx -s $subject eyeofeagle@126.com root@localhost}ctl_haproxy(){ case $role in master) service haproxy start;; backup|faul) service haproxy stop;; esac }send_mailctl_haproxy
[root@proxy-c6 conf.d]# service keepalived startStarting keepalived: [ OK ][root@proxy-c6 conf.d]# ip a |grep 230 inet 192.168.56.230/32 scope global eth1 [root@proxy-c7 conf.d]# systemctl start keepalived[root@proxy-c7 conf.d]# ip a |grep 230#访问nginx代理的服务:无论哪个服务器为MASTER,都可以访问[root1@c7-docker ~]# curl 192.168.56.251:88this is nginx2:82##ip转移[root@proxy-c6 conf.d]# service keepalived stopStopping keepalived: [ OK ][root@proxy-c6 conf.d]# ip a |grep 230[root@proxy-c6 conf.d]# [root@proxy-c7 conf.d]# ip a |grep 230 inet 192.168.56.230/32 scope global eth1#访问nginx代理的服务:无论哪个服务器为MASTER,都可以访问[root1@proxy-c7-docker ~]# curl 192.168.56.251:88this is nginx2:82
#添加netsh.exe interface ip add address name="WLAN" address=192.168.1.40/24 gateway=192.168.1.1 #store=persistent/active#移除netsh.exe interface ip delete address name="WLAN" address=192.168.1.40####################测试,查看ip 无线局域网适配器 WLAN: 连接特定的 DNS 后缀 . . . . . . . : 本地链接 IPv6 地址. . . . . . . . : fe80::9906:a98b:3081:11b%13 IPv4 地址 . . . . . . . . . . . . : 192.168.1.30 子网掩码 . . . . . . . . . . . . : 255.255.255.0 IPv4 地址 . . . . . . . . . . . . : 192.168.1.40 子网掩码 . . . . . . . . . . . . : 255.255.255.0 默认网关. . . . . . . . . . . . . : 192.168.1.1
#添加虚拟ip[root@c7-docker ~]# ip addr add 192.168.56.227/24 dev eth1[root@c7-docker ~]# ip addr show eth1 3: eth1:mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:46:0e:44 brd ff:ff:ff:ff:ff:ff inet 192.168.56.117/24 brd 192.168.56.255 scope global noprefixroute eth1 valid_lft forever preferred_lft forever inet 192.168.56.227/24 scope global secondary eth1 valid_lft forever preferred_lft forever inet6 fe80::a00:27ff:fe46:e44/64 scope link valid_lft forever preferred_lft forever #删除虚拟ip [root@c7-docker ~]# ip addr del 192.168.56.227/24 dev eth1
[root@c7-docker gitlab]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 #VAGRANT-BEGIN # The contents below are automatically generated by Vagrant. Do not modify. NM_CONTROLLED=yes BOOTPROTO=none ONBOOT=yes IPADDR=192.168.56.117 IPADDR2=192.168.56.227 NETMASK=255.255.255.0 DEVICE=eth1 PEERDNS=no #VAGRANT-END
[root@c7-docker ~]# ip addr add 192.168.56.227/24 dev eth1 label eth1:2[root@c7-docker ~]# ip addr show eth13: eth1:mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:46:0e:44 brd ff:ff:ff:ff:ff:ff inet 192.168.56.117/24 brd 192.168.56.255 scope global noprefixroute eth1 valid_lft forever preferred_lft forever inet 192.168.56.227/24 scope global secondary eth1:2 valid_lft forever preferred_lft forever inet6 fe80::a00:27ff:fe46:e44/64 scope link valid_lft forever preferred_lft forever[root@c7-docker ~]# ip addr del 192.168.56.227/24 dev eth1 label eth1:2
#添加虚拟ip, 在网卡的别名上[root@test-c62 ~]# ifconfig eth1:0 192.168.56.227/24 up [root@test-c62 ~]# ifconfig eth1 Link encap:Ethernet HWaddr 08:00:27:6D:28:E0 inet addr:192.168.56.162 Bcast:192.168.56.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe6d:28e0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:52592 errors:0 dropped:0 overruns:0 frame:0 TX packets:81411 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7511647 (7.1 MiB) TX bytes:17705955 (16.8 MiB) eth1:0 Link encap:Ethernet HWaddr 08:00:27:6D:28:E0 inet addr:192.168.56.227 Bcast:192.168.56.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 #删除虚拟ip, 在网卡的别名上 [root@test-c62 ~]# ifconfig eth1:0 192.168.56.227/24 down
转载地址:http://pcdef.baihongyu.com/