keepalive+nginx 热备跟负载均衡
结构图
keepalived配置
master跟backup除了state跟优先级,其它一样,优先级master需大于backup
! Configuration File for keepalived global_defs { notification_email { #acassen@firewall.loc #failover@firewall.loc #sysadmin@firewall.loc } #notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_nginx { script "/etc/keepalived/chk_nginx.sh" interval 2 } vrrp_instance VI_1 { state BACKUP interface ens192 virtual_router_id 51 priority 30 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.0.0.233 } notify_master "/usr/bin/python2.7 /etc/keepalived/send.py XXX@qq.com 报!222成为主机! 报!222成为主机!" notify_fault "/usr/bin/python2.7 /etc/keepalived/send.py XXX@qq.com 报!222已挂! 10.0.0.222故障!请尽快修复!" track_script { chk_nginx } }
其中检测nginx状态的脚本如下,当发现自身nginx没有运行,杀掉keepalived的进程
脚本运行不了可能是centos shell运行报语法错误: 未预期的文件结尾
#!/bin/bash run=`ps -C nginx --no-header | wc -l` if [ $run -eq 0 ]; then /usr/local/nginx/sbin/nginx -s stop /usr/local/nginx/sbin/nginx sleep 3 if [ `ps -C nginx --no-header | wc -l` -eq 0 ]; then systemctl stop keepalived fi fi
其中,调用python发送邮件的代码
# coding=utf-8 import smtplib,sys from email.mime.text import MIMEText class Msmtp(): def __init__(self, target, subject, content):#收件人、标题、内容 self.msg_from = '发出邮件的邮箱' self.password = '邮箱的授权码' self.sender = smtplib.SMTP_SSL("smtp.qq.com", 465) self.msg_to = target self.subject = subject self.content = content def _login(self): self.sender.login(self.msg_from, self.password) def _msg(self): self.msg = MIMEText(self.content) self.msg['Subject'] = self.subject self.msg['From'] = self.msg_from self.msg['To'] = self.msg_to def send_mail(self): self._login() self._msg() self.sender.sendmail(self.msg_from, self.msg_to, self.msg.as_string()) self.sender.quit() if __name__ == '__main__': a = Msmtp(sys.argv[1], sys.argv[2], sys.argv[3]) a.send_mail()
nginx配置
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream hello1 {#负载均衡 server 10.0.0.111:6666 max_fails=3 fail_timeout=3600s;#后台有问题3600s内不访问 server 10.0.0.222:6666 max_fails=3 fail_timeout=3600s;#后台性能瓶颈的话直接在此加后台 #server 10.0.0.18:80 max_fails=3 fail_timeout=3600s;#可直接转发到nginx或者tomcat等其他服务器上 } server { listen 80; server_name localhost; charset utf-8; location / { root html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 666; server_name 10.0.0.233;#监听虚拟IP charset utf-8; location /{ root html; index index.html index.htm; } location /hello{ proxy_pass http://hello1/hello; } } }
测试后台代码
# encoding=utf8 from flask import Flask, request app = Flask(__name__) app.app_context().push() @app.route('/hello') def hello(): ip = request.remote_addr return 'hello world<br/>我是10.0.0.222<br/>访问者IP为: '+ip def runFlask(port): app.run(host='0.0.0.0',port=port) CORS(app, supports_credentials=True) if '__main__' == __name__: runFlask(6666)
检测数据包代码
tcpdump -nn -c 20 -i any host 224.0.0.18
测试(我是xxx,是后台ip,访问者ip为nginx ip)
1. 10.0.0.111跟10.0.0.222均开启nginx及keepalived,虚拟ip在111上,随机访问后台
2. 10.0.0.111关掉nginx,关掉keepalived(模拟启动nginx失败场景),虚拟ip转到222上,随机访问后台,并且收到ip转移邮件
/usr/local/nginx/sbin/nginx -s stop
systemctl stop keepalived
3. 关掉10.0.0.111上的后台,只访问222的后台,速度正常
4.启动10.0.0.111上的nginx跟keepalived,虚拟ip重回111
Become a Linux Programmer