内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本文档详
风哥提示:
细介绍企业服务的高可用配置方法和实施方案。
Part01-Keepalived安装
1.1 安装Keepalived服务
$ sudo dnf install -y keepalived
Last metadata expiration check: 0:45:23 ago on Fri 04 Apr学习交流加群风哥QQ113257174 2026 01:40:15 AM CST.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
keepalived x86_64 2.2.8-1.el9 appstream 200 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 200 k
Installed size: from PG视频:www.itpux.com500 k
Downloading Packages:
keepalived-2.2.8-1.el9.x86_64.rpm 200 kB/s | 200 kB 00:01
——————————————————————————–
Total 200 kB/s | 200 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : keepalived-2.2.8-1.el9.x86_64 1/1
Running scriptlet: keepalived-2.2.8-1.el9.x86_64 1/1
Verifying : keepalived-2.2.8-1.el9.x86_64 1/1
Installed:
keepalived-2.2.8-1.el9.x86_64
Complete!
# 启动Keepalived服务
$ sudo systemctl start keepalived
# 设置开机自启动
$ sudo systemctl enable keepalived
Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/syst学习交流加群风哥微信: itpux-comem/keepalived.service.
# 查看服务状态
$ sudo systemctl status keepalived
● keepalived.service – LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; preset: disabled)
Active: active (running) since Fri 2026-04-04 01:40:00 CST; 10s ago
Main PID: 12385 (keepalived)
Tasks: 2 (limit: 49152)
Memory: 2.5M
CPU: 20ms
CGroup: /system.slice/keepalived.service
├─12385 /usr/sbin/keepalived -D
└─12386 /usr/sbin/keepalived -D
Apr 04 01:40:00 rhel10 Keepalived[12385]: Starting Keepalived v2.2.8 (04/04,2026)
Apr 04 01:40:00 rhel10 Keepalived[12385]: Running on Linux 5.14.0-284.11.1.el9_2.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Apr 3 00:00:00 UTC 2026 (built for Linux 5.14.0)
Apr 04 01:40:00 rhel10 Keepalived[12385]: Command line: ‘/usr/sbin/keepalived’ ‘-D’
Apr 04 01:40:00 rhel10 Keepalived[12385]: Opening file ‘/etc/keepalived/keepalived.conf’.
Apr 04 01:40:00 rhel10 systemd[1]: Started LVS and VRRP High Availability Monitor.
# 配置防火墙
$ sudo firewall-cmd –permanent –add-protocol=vrrp
success
$ sudo firewall-cmd –reload
success
Part02-Keepalived配置
2.1 主服务器配置
$ sudo tee /etc/keepalived/keepalived.conf << EOF ! Configuration File for keepalived global_defs { router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script check_nginx { script "/usr/local/bin/check_nginx.sh" interval 2 weight -20 fall 2 rise 1 } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1234 } virtual_ipaddress { 192.168.1.200 } track_script { check_nginx } } virtual_server 192.168.1.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.1.20 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.1.21 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF # 创建健康检查脚本 $ sudo tee /usr/local/bin/check_nginx.sh << 'EOF' #!/bin/bash if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then systemctl start nginx sleep 2 fi if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then exit 1 fi exit 0 EOF chmod +x /usr/local/bin/check_nginx.sh # 重启服务 $ sudo systemctl restart keepalived # 查看VIP $ ip addr show ens33 2: ens33:
link/ether 00:0c:29:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.1.200/32 scope global ens33
valid_lft forever preferr更多学习教程公众号风哥教程itpux_comed_lft forever
2.2 备服务器配置
$ sudo tee /etc/keepalived/keepalived.conf << EOF ! Configuration File for keepalived global_defs { router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script check_nginx { script "/usr/local/bin/check_nginx.sh" interval 2 weight -20 fall 2 rise 1 } vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1234 } virtual_ipaddress { 192.168.1.200 } track_script { check_nginx } } virtual_server 192.168.1.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.1.20 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.1.21 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF # 重启服务 $ sudo systemctl restart keepalived # 查看日志 $ sudo tail -f /var/log/messages | grep Keepalived Apr 4 01:45:00 rhel10 Keepalived[12385]: VRRP_Instance(VI_1) Transition to MASTER STATE Apr 4 01:45:01 rhel10 Keepalived[12385]: VRRP_Instance(VI_1) Entering MASTER STATE Apr 4 01:45:01 rhel10 Keepalived[12385]: VRRP_Instance(VI_1) setting protocol VIPs. Apr 4 01:45:01 rhel10 Keepalived[12385]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.1.200
Part03-HAProxy负载均衡
3.1 安装HAProxy
$ sudo dnf install -y haproxy
# 配置HAProxy
$ sudo tee /etc/haproxy/haproxy.cfg << EOF
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
defaults
mode tcp
log global
option tcplog
option dontlognull
option redispatch
retries 3
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
maxconn 3000
frontend webfrontend
bind 192.168.1.200:80
mode http
default_backend webservers
backend webservers
mode http
balance roundrobin
option httpchk GET /
server web1 192.168.1.20:80 check inter 2000 rise 2 fall 3
server web2 192.168.1.21:80 check inter 2000 rise 2 fall 3
server web3 192.168.1.22:80 check inter 2000 rise 2 fall 3
listen stats
bind *:8080
mode http
stats enable
stats uri /haproxy?stats
stats realm HAProxy\ Statistics
stats auth admin:admin
stats refresh 30s
EOF
# 启动HAProxy
$ sudo systemctl start haproxy
$ sudo systemctl enable haproxy
# 配置防火墙
$ sudo firewall-cmd --permanent --add-port=8080/tcp
success
$ sudo firewall-cmd --reload
success
# 访问统计页面
http://192.168.1.200:8080/haproxy?stats
Part04-数据库高可用
4.1 MySQL主从复制
$ sudo tee /etc/my.cnf << EOF [mysqld] server-id=1 log-bin=mysql-bin binlog-format=ROW gtid_mode=ON enforce_gtid_consistency=ON log-slave-updates=ON master_info_repository=TABLE relay_log_info_repository=TABLE EOF # 创建复制用户 $ mysql -u root -p << EOF CREATE USER 'repl'@'%' IDENTIFIED BY 'ReplPassword123!'; GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%'; FLUSH PRIVILEGES; EOF # 从服务器配置 $ sudo tee /etc/my.cnf << EOF [mysqld] server-id=2 log-bin=mysql-bin binlog-format=ROW gtid_mode=ON enforce_gtid_consistency=ON log-slave-updates=ON master_info_repository=TABLE relay_log_info_repository=TABLE read_only=ON EOF # 配置从服务器 $ mysql -u root -p << EOF CHANGE MASTER TO MASTER_HOST='192.168.1.30', MASTER_USER='repl', MASTER_PASSWORD='ReplPassword123!', MASTER_AUTO_POSITION=1; START SLAVE; EOF # 配置Keepalived实现MySQL高可用 $ sudo tee /etc/keepalived/keepalived.conf << EOF vrrp_script check_mysql { script "/usr/local/bin/check_mysql.sh" interval 2 weight -20 } vrrp_instance VI_MYSQL { state BACKUP interface ens33 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass mysql } virtual_ipaddress { 192.168.1.201 } track_script { check_mysql } } EOF # MySQL健康检查脚本 $ sudo tee /usr/local/bin/check_mysql.sh << 'EOF' #!/bin/bash if [ $(mysqladmin ping -u root -pMyPassword123 2>/dev/null | grep -c alive) -eq 0 ]; then
exit 1
fi
exit 0
EOF
chmod +x /usr/local/bin/check_mysql.sh
Part05-故障切换测试
5.1 测试高可用
$ ip addr show ens33 | grep 192.168.1.200
inet 192.168.1.200/32 scope global ens33
# 停止主服务器Keepalived
$ sudo systemctl stop keepalived
# 在备服务器查看VIP
$ ip addr show ens33 | grep 192.168.1.200
inet 192.168.1.200/32 scope global ens33
# 查看日志
$ sudo tail -f /var/log/messages | grep Keepalived
Apr 4 01:50:00 rhel10 Keepalived[12386]: VRRP_Instance(VI_1) Transition to MASTER STATE
Apr 4 01:50:01 rhel10 Keepalived[12386]: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 4 01:50:01 rhel10 Keepalived[12386]: VRRP_Instance(VI_1) setting protocol VIPs.
Apr 4 01:50:01 rhel10 Keepalived[12386]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.1.200
# 测试Web服务
$ curl http://192.168.1.200
Welcome to nginx!
# 测试MySQL高可用
$ mysql -h 192.168.1.201 -u root -p -e “SELECT @@hostname;”
+————+
| @@hostname |
+————+
| db1 |
+————+
# 停止主数据库
$ sudo systemctl stop mysqld
# 查看VIP切换
$ ip addr show ens33 | grep 192.168.1.201
inet 192.168.1.201/32 scope global ens33
# 再次测试MySQL连接
$ mysql -h 192.168.1.201 -u root -p -e “SELECT @@hostname;”
+————+
| @@hostname |
+————+
| db2 |
+————+
# 恢复主服务器
$ sudo systemctl start keepalived
$ sudo systemctl start mysqld
# 查看VIP回切
$ ip addr show ens33 | grep 192.168.1.200
inet 192.168.1.200/32 scope global ens33
1. 配置健康检查脚本
2. 设置合理的优先级
3. 测试故障切换流程
4. 监控服务状态
5. 定期演练故障恢复
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
