使用keepalived实现故障集群
lb01 10.0.0.4
lb02 10.0.0.5
vip 10.0.0.6
1、 nginx配置
worker_processes 4;
worker_rlimit_nofile 40000;
events {
worker_connections 8192;
}
http {
upstream rancher {
server 10.0.0.1:30080 max_fails=3 fail_timeout=5s;
server 10.0.0.2:30080 max_fails=3 fail_timeout=5s;
server 10.0.0.3:30080 max_fails=3 fail_timeout=5s;
}
upstream rancher-grpc {
server 10.0.0.1:30051 max_fails=3 fail_timeout=5s;
server 10.0.0.2:30051 max_fails=3 fail_timeout=5s;
server 10.0.0.3:30051 max_fails=3 fail_timeout=5s;
}
map $http_upgrade $connection_upgrade {
default Upgrade;
'' close;
}
server {
listen 443 ssl http2;
server_name rancher.me.com;
ssl_certificate tls.crt;
ssl_certificate_key tls.key;
location /thanos.Store {
grpc_pass grpc://rancher-grpc;
proxy_buffering off;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://rancher;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# This allows the ability for the execute shell window to remain open for up to 15 minutes.
## Without this parameter, the default is 1 minute and will automatically close.
proxy_read_timeout 900s;
proxy_buffering off;
}
}
server {
listen 80;
server_name rancher.me.com;
return 301 https://$server_name$request_uri;
}
}2、keepalived配置
global_defs {
script_user root root
}
vrrp_script check_port {
script "/etc/keepalived/check_ports"
#script "killall -0 mysqld"
interval 2
timeout 3
fall 3
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 120
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass rancher
}
unicast_src_ip 10.0.0.4
unicast_peer {
10.0.0.5
}
virtual_ipaddress {
10.0.06/24 dev ens160 label ens160:vip
}
track_script {
check_port
}
}
3、检测脚本配置
#!/bin/bash
ports=80
arr=$(echo $ports|tr "," "\n")
for x in $arr; do
</dev/tcp/127.0.0.1/$x
if [ $? -eq 0 ]; then
echo "succeed"
else
exit 1
fi
done