立Flag学习Ng高可用配置

　　立Flag学习Ng高可用配置keepalived高可用配置keepalived高可用配置
　　nginx解决tomcat高可用的思路，是前面加一层负载服务nginx。那当ng挂掉的时候同样需要高可用的方式来处理，如果继续采用ng前面加一层负载或者代理会出现套娃的情况。那么如何解决呢？
　　可以使用keepalived来解决。
　　keepalived的思路，由2台服务器软件虚拟出来一台虚拟网关vip，此vip由两台机器共同协商生成。当有一台机器宕机时，另一台机器一样能维持vip。这保证了，只要两台机器不同时宕机，vip就存在
　　keepalived下载地址：http：www。keepalived。orgdownload。html安装下载wgethttp：www。keepalived。orgsoftwarekeepalived1。4。2。tar。gz解压tarzxvfkeepalived1。4。2。tar。gz安装依赖插件yuminstallygccopenssldevelpoptdevelcdkeepalived1。4。2配置环境变量。configureprefixusrlocalkeepalived编译安装makemakeinstall配置cpusrlocalkeepalived1。4。2keepalivedetcinit。dkeepalivedetcinit。dmkdiretckeepalivedcpusrlocalkeepalivedetckeepalivedkeepalived。confetckeepalivedcpusrlocalkeepalived1。4。2keepalivedetcsysconfigkeepalivedetcsysconfigcpusrlocalkeepalivedsbinkeepalivedusrsbin命令查看网卡用于下面文配置中使用网卡ipaddr修改配置文件vimetckeepalivedkeepalived。confmaster配置！ConfigurationFileforkeepalivedglobaldefs｛一个没重复的名字即可routeridxxoomaster｝检测nginx是否运行vrrpscriptchknginx｛scriptetckeepalivednginxcheck。shinterval2weight20｝vrrpinstanceVI1｛此处不设置为MASTER，通过priority来竞争masterstateBACKUP网卡名字interfaceenp0s3同一个keepalived集群的virtualrouterid相同virtualrouterid51权重，master要大于slavepriority100主备通讯时间间隔advertint1如果两节点的上联交换机禁用了组播，则采用vrrp单播通告的方式本机ipunicastsrcip192。168。0。182unicastpeer｛其他机器ip192。168。0。189｝设置nopreempt防止抢占资源nopreempt主备保持一致authentication｛authtypePASSauthpass1111｝与上方nginx运行状况检测呼应trackscript｛chknginx｝virtualipaddress｛虚拟ip地址（VIP，一个尚未占用的内网ip即可）192。168。0。180｝｝slave配置！ConfigurationFileforkeepalivedglobaldefs｛一个没重复的名字即可routeridxxooslave｝检测nginx是否运行vrrpscriptchknginx｛scriptetckeepalivednginxcheck。shinterval2weight20｝vrrpinstanceVI1｛此处不设置为MASTER，通过priority来竞争masterstateBACKUP网卡名字interfaceenp0s3同一个keepalived集群的virtualrouterid相同virtualrouterid51权重，master要大于slavepriority90主备通讯时间间隔advertint1如果两节点的上联交换机禁用了组播，则采用vrrp单播通告的方式本机ipunicastsrcip192。168。0。189unicastpeer｛其他机器ip192。168。0。182｝设置nopreempt防止抢占资源nopreempt主备保持一致authentication｛authtypePASSauthpass1111｝与上方nginx运行状况检测呼应trackscript｛chknginx｝virtualipaddress｛虚拟ip地址（VIP，一个尚未占用的内网ip即可）192。168。0。180｝｝nginxcheck。sh脚本vimetckeepalivednginxcheck。sh！binbashApsCnginxnoheaderwclif〔Aeq0〕；then重启nginxusrlocalnginxsbinnginxnginx重启失败，则停掉keepalived服务，进行VIP转移if〔psCnginxnoheaderwcleq0〕；then杀掉，vip就漫游到另一台机器killallkeepalivedfifi启动keepalived执行安装目录sbin下。keepalived或者servicekeepalivedstartservicekeepalivedstart配置开机自启动（可选）systemctlenablekeepalived查看网卡观察变化ipaddr防止出现脑裂现象（未验证）指定keepalived配置的网卡：enp0s3（这个看配置中选择的网卡），固定的VRRP广播地址：xxx。x。x。xxxfirewallcmddirectpermanentaddruleipv4filterINPUT0ininterfaceenp0s3destinationxxx。x。x。xxxprotocolvrrpjACCEPTfirewallcmddirectpermanentaddruleipv4filterOUTPUT0outinterfaceenp0s3destinationxxx。x。x。xxxprotocolvrrpjACCEPTfirewallcmdreload查看配置的规则firewallcmddirectgetrulesipv4filterINPUTfirewallcmddirectgetrulesipv4filterOUTPUT
　　flag完成。虽然离立Flag的时间超过了一周，不过学习时间还是差不多一周的（手动狗头）。
　　以后如果遇到其他需要补充的内容再继续来补充吧
　　封面图（侵权删）