Nginx + Keepalived

 


Nginx+Keepalived实现高可用

 

Master:192.168.1.1  #提供负载均衡

Backup:192.168.1.2 #均衡备机

VIP:192.168.1.250   #虚IP

 

原理:通过ip地址漂移技术实现高可用和双主节点负载均衡,虚IP 是外网访问的IP地址,通过 keepalived 设置,以及 VRRP 将 VIP 绑定到主机和备机上,通过权重实现控制。当主机宕掉后,keepalived 释放对主机的控制,备机接管虚IP。

 

1.安装Nginx

http://www.cnblogs.com/wazy/p/8108824.html

2.安装Keepalived

wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
tar -zxf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/3.10.0-514.el7.x86_64/

#可能会出现configure: error: Popt libraries is required
解决方法:
    yum -y install popt-devel
再次./configure

make && make install

设置成为服务并开机启动:
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/keepalived/   /etc
 
/etc/rc.d/init.d/keepalived status
chkconfig --add keepalived
chkconfig keepalived on

3.修改配置文件

  1)Master

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    mcast_src_ip 192.168.1.1
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.250
    }
}

  2)Backup

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    mcast_src_ip 192.168.1.2
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.250
    }
}

启动keepalivd,然后查看Master的网卡,有两个ip,一个本机ip一个VIP

这时候ping 192.168.1.250应该是通的
实际上这时候 108 是被绑到主机上的。在主机上:

查看系统日志
#tailf /var/log/messages
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.201.100]:443.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.2]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.3]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.4]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.5]:1358.
Dec 26 15:31:05 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.201.100]:443.
Dec 26 15:31:05 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.2]:1358.
......
可以看到.VRRP(虚拟路由冗余协议)已经启动.我们可以通过命令 ip addr 来检查主 Nginx 上的 IP 分配情况.

#ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d4:83:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.250/32 scope global eth0
    inet6 fe80::20c:29ff:fed4:83a4/64 scope link 
       valid_lft forever preferred_lft forever

#tcpdump 抓包
tcpdump vrrp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:16:37.890619 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:38.892503 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:39.900436 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:40.902613 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:41.905640 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:42.907636 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
...
到这里我们已经完成了一个 nginx + keepalived

  

接下来我们可以完善一下,做一个主备切换

加上实时监控,如果发现负载均衡的 Nginx 出现问题,就将该机器上的 Keepalived 服务停掉。

vi /etc/rc.d/init.d/nginxcheck

#!/bin/bash
#描述:这是用于监控nginx服务的脚本
#chkconfig: - 57 75

while :
        do
                nginxpid=`ps -C nginx --no-header | wc -l`
                if [ $nginxpid -eq 0 ]; then
                        service keepalived stop
                        sleep 3
                        echo $nginxpid  >> /tmp/nginx_info
                elif [ $nginxpid -ne 0 ]; then
                        service keepalived start
                        sleep 3
                        echo $nginxpid >> /tmp/nginx_infoa
                fi
        done


chkconfig --add nginxcheck
chkconfig nginxcheck on

或者在/etc/rc.local 将脚本放进去

  然后关闭nginx看看是否能访问192.168.1.250,以及Backup的vip是否绑定

 


 

posted @ 2017-12-26 16:23  qwerdf六连  阅读(430)  评论(0编辑  收藏  举报