Hearbeat + Nginx 安装配置
实验环境
- 两台主机:Linux Centos 6.5 32位
- 主 服务端:Hearbeat + Nginx
- eth0:192.168.1.160(公网)
- eth1:192.168.2.10(私网)
- 从 服务端:Hearbeat + Nginx
- eth0:192.168.1.161(公网)
- eth1:192.168.1.20(私网)
Hearbeat + Nginx 环境安装(从主 server 安装相同)
- 安装包
- heartbeat.i686 3.0.4-2.el6 epel
- heartbeat-devel.i686 3.0.4-2.el6 epel
- heartbeat-libs.i686 3.0.4-2.el6 epel
- 依赖包
-
libnet
添加双网卡:http://www.cnblogs.com/xiangsikai/p/8435927.html
安装yum扩展源:http://www.cnblogs.com/xiangsikai/p/8435806.html
关闭 防火墙 SELINUX
service iptables stop
setenforce 0
yum 安装 hearbeat + nginx
yum -y install heartbeat* yum -y install libxml2 yum -y install nginx
Hearbeat + Nginx 文件配置
主 hearbeat 配置
1、copy heartbeat 配置文件
cd /usr/share/doc/heartbeat-3.0.4/
cp ha.cf haresources authkeys /etc/ha.d/
2、编辑 authkeys 配置文件
vim /etc/ha.d/authkeys
# 解注释:选择加密算法 auth 3 #1 crc #2 sha1 HI! # 解注释:使用md5加密算发 3 md5 Hello!
# 加入权限 只允许 自己读取 chmod 600 /etc/ha.d/authkeys
3、编辑 haresources 配置文件,最下行插入
vim /etc/ha.d/haresources
# 主的主机名 VIP/子网掩码/虚拟网卡(公网) 服务名(启动hearbeat时一同加载) heartbeat1 192.168.1.100/24/eth0:0 nginx
4、编辑 ha.cf 配置文件
vim /etc/ha.d/ha.cf
# 解注释:错误日志文件 debugfile /var/log/ha-debug #解注释:访问日志文件 logfile /var/log/ha-log # 解注释:发广播测试存活多少秒发送一次 keepalive 2 # 解注释:多少秒之内没有响应就判定down机 deadtime 30 # 解注释:多少秒之内未响应就提示记录日志 warntime 10 # 解注释:主机down掉后预留时间,该时间内备端不会发生动作 initdead 60 # 解注释:udp通信端口 udpport 694 # 解注释:使用ucast单点链接 网卡 主从端对方的IP,使用内网IP # 注:bcast是以广播形式链接。 ucast eth1 192.168.2.20 # 解注释:节点 写入主备的主机名 node heartbeat1 node heartbeat2 # 解注释:仲裁 第三方测试 一般设置为网关 ping 192.168.1.1 # 解注释:开启网络工具 respawn hacluster /usr/lib/heartbeat/ipfail
5、编辑 hosts 配置文件
vim /etc/hosts
# 写入主IP 主机名 与 备IP 主机名 192.168.1.160 heartbeat1 192.168.1.161 heartbeat2
从 hearbeat 配置
yum install openssh-clients.i686
进入目录 将配置文件复制给备的 目录下 cd /etc/ha.d/ scp ha.cf haresources authkeys heartbeat2:/etc/ha.d/
1、修改配置文件
vim /etc/hearbeat/ha.cf
# 修改为主端IP地址,对方的IP,使用内网IP ucast eth1 192.168.2.10
查看主从状态
启动 两端 服务:先主后从
service heartbeat start
主 hearbeat
命令:ps aux | grep heart root 2937 0.0 1.2 6452 6448 ? SLs 02:10 0:00 heartbeat: master control process root 2941 0.0 1.2 6420 6416 ? SL 02:10 0:00 heartbeat: FIFO reader root 2942 0.0 1.2 6416 6412 ? SL 02:10 0:00 heartbeat: write: ucast eth0 root 2943 0.0 1.2 6416 6412 ? SL 02:10 0:00 heartbeat: read: ucast eth0 root 2944 0.0 1.2 6416 6412 ? SL 02:10 0:00 heartbeat: write: ping 192.168.1.1 root 2945 0.0 1.2 6416 6412 ? SL 02:10 0:00 heartbeat: read: ping 192.168.1.1 498 2965 0.0 0.2 5312 1516 ? S 02:10 0:00 /usr/lib/heartbeat/ipfail
命令:ps aux | grep nginx root 3411 0.0 0.3 16072 1548 ? Ss 02:10 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 3413 0.0 0.3 16232 1976 ? S 02:10 0:00 nginx: worker process
命令:ifconfig eth0:0 Link encap:Ethernet HWaddr 00:0C:29:67:0E:20 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
从 hearbeat
命令:ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:9E:70:1E inet addr:192.168.1.161 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9e:701e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:33479 errors:0 dropped:0 overruns:0 frame:0 TX packets:22909 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:33890336 (32.3 MiB) TX bytes:3286830 (3.1 MiB) eth1 Link encap:Ethernet HWaddr 00:0C:29:9E:70:28 inet addr:192.168.2.20 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe9e:7028/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4127 errors:0 dropped:0 overruns:0 frame:0 TX packets:3167 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:480791 (469.5 KiB) TX bytes:543017 (530.2 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:17 errors:0 dropped:0 overruns:0 frame:0 TX packets:17 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1630 (1.5 KiB) TX bytes:1630 (1.5 KiB)
ps -aux | grep nginx Warning: bad syntax, perhaps a bogus ‘-‘? See /usr/share/doc/procps-3.2.8/FAQ root 3868 0.0 0.1 5980 744 pts/2 S+ 02:28 0:00 grep nginx
测试主从高可用效果
Nginx 添加测试页
主 cd /usr/share/nginx/html/ echo "heartbeat1" > index.html 备 cd /usr/share/nginx/html/ echo "heartbeat2" > index.html
主:测试禁用ping 相当于down机
service iptables start iptables -F iptables -I INPUT -p icmp -j DROP
命令:tail -f /var/log/ha-log Dec 24 02:55:37 heartbeat1 heartbeat: [5176]: info: give up all HA resources (standby). ResourceManager(default)[5189]: 2017/12/24_02:55:37 info: Releasing resource group: heartbeat1 192.168.1.100/24/eth0:0 nginx ResourceManager(default)[5189]: 2017/12/24_02:55:37 info: Running /etc/init.d/nginx stop ResourceManager(default)[5189]: 2017/12/24_02:55:37 info: Running /etc/ha.d/resource.d/IPaddr 192.168.1.100/24/eth0:0 stop IPaddr(IPaddr_192.168.1.100)[5275]: 2017/12/24_02:55:37 INFO: IP status = ok, IP_CIP= /usr/lib/ocf/resource.d//heartbeat/IPaddr(IPaddr_192.168.1.100)[5249]: 2017/12/24_02:55:37 INFO: Success Dec 24 02:55:37 heartbeat1 heartbeat: [5176]: info: all HA resource release completed (standby). Dec 24 02:55:37 heartbeat1 heartbeat: [4824]: info: Local standby process completed [all]. Dec 24 02:55:38 heartbeat1 heartbeat: [4824]: WARN: 1 lost packet(s) for [heartbeat2] [686:688] Dec 24 02:55:38 heartbeat1 heartbeat: [4824]: info: remote resource transition completed. Dec 24 02:55:38 heartbeat1 heartbeat: [4824]: info: No pkts missing from heartbeat2! Dec 24 02:55:38 heartbeat1 heartbeat: [4824]: info: Other node completed standby takeover of all resources.
命令:tail -f /var/log/ha-log /usr/lib/ocf/resource.d//heartbeat/IPaddr(IPaddr_192.168.1.100)[4503]: 2017/12/24_02:36:59 INFO: Resource is stopped ResourceManager(default)[4475]: 2017/12/24_02:36:59 info: Running /etc/ha.d/resource.d/IPaddr 192.168.1.100/24/eth0:0 start IPaddr(IPaddr_192.168.1.100)[4634]: 2017/12/24_02:36:59 INFO: Adding inet address 192.168.1.100/24 with broadcast address 192.168.1.255 to device eth0 (with label eth0:0) IPaddr(IPaddr_192.168.1.100)[4634]: 2017/12/24_02:36:59 INFO: Bringing device eth0 up IPaddr(IPaddr_192.168.1.100)[4634]: 2017/12/24_02:36:59 INFO: /usr/libexec/heartbeat/send_arp -i 200 -r 5 -p /var/run/resource-agents/send_arp-192.168.1.100 eth0 192.168.1.100 auto not_used not_used /usr/lib/ocf/resource.d//heartbeat/IPaddr(IPaddr_192.168.1.100)[4608]: 2017/12/24_02:36:59 INFO: Success ResourceManager(default)[4475]: 2017/12/24_02:36:59 info: Running /etc/init.d/nginx start Dec 24 02:36:59 heartbeat2 heartbeat: [4462]: info: all HA resource acquisition completed (standby). Dec 24 02:36:59 heartbeat2 heartbeat: [3812]: info: Standby resource acquisition done [all]. Dec 24 02:37:00 heartbeat2 heartbeat: [3812]: info: remote resource transition completed.
命令:ifconfig eth0:0 Link encap:Ethernet HWaddr 00:0C:29:9E:70:1E inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
命令:ps -aux | grep nginx Warning: bad syntax, perhaps a bogus ‘-‘? See /usr/share/doc/procps-3.2.8/FAQ root 4755 0.0 0.3 16072 1548 ? Ss 02:36 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 4757 0.0 0.3 16236 1980 ? S 02:36 0:00 nginx: worker process root 4761 0.0 0.1 5980 744 pts/2 S+ 02:40 0:00 grep nginx
正常测试 http://192.168.1.100/ heartbeat1 http://192.168.1.100/ heartbeat1 http://192.168.1.100/ heartbeat1 主 单点故障 http://192.168.1.100/ heartbeat2 http://192.168.1.100/ heartbeat2 http://192.168.1.100/ heartbeat1
主:恢复单点故障
iptables -D INPUT -p icmp -j DROP
http://192.168.1.100/ heartbeat1 http://192.168.1.100/ heartbeat1 http://192.168.1.100/ heartbeat1
