Nginx+Keepalived实现站点高可用
说明:前端通过Nginx服务器把访问反代到后端的web服务器上,前端部署两台Nginx通过keepalived实现主备模式
一、软件安装
1、安装环境
CentOS Linux release 7.5.1804 (Core)
注意两台服务器时间同步,关闭firewalld和selinux
2、反代服务器安装
安装keepalived
# yum –y install keepalived
安装nginx
nginx包需要先安装epel源
# yum –y install epel-release
# yum –y install nginx
3、web服务器安装
本次实验和后端服务器关系不大,可以随意安装nginx或apache都行。
# yum –y install httpd
# systemctl start httpd
为方便测试,建立两个测试页面
web A:192.168.1.101
# echo AAAAAA > /var/www/html/index.html
web B:192.168.1.102
# echo BBBBB > /var/www/html/index.html
二、配置反代服务器nginx服务
1、注释掉nginx的默认server配置
# vim /etc/nginx/nginx.conf # server { # listen 80 default_server; # listen [::]:80 default_server; # server_name _; # root /usr/share/nginx/html; # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # location / { # } # # error_page 404 /404.html; # location = /40x.html { # } # error_page 500 502 503 504 /50x.html; # location = /50x.html { # }
2、新建反代的配置
# vim /etc/nginx/conf.d/my.conf upstream webservers { server 192.168.1.101:80; server 192.168.1.102:80; } server { listen 80; location / { proxy_pass http://webservers; } }
3、开启nginx并测试
# systemctl start nginx
随便找一台测试机访问192.168.1.2 和192.168.1.3 反代是否正常运行
三、配置反代服务器keepalived服务
1、keepalived的基本配置
通过基本配置可以当反代服务器1宕机的时候可以跳转到反代服务器2上
反代1(192.168.1.2)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_instance VI_1 { state MASTER interface ens32 virtual_router_id 99 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } }
反代2(192.168.1.3)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_instance VI_1 { state BACKUP interface ens32 virtual_router_id 99 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } }
启动服务测试
# systemctl start keepalived
问题说明
这种方法只有当反代服务器1上的keepalived服务挂掉,或者整个服务器宕机、断网等情况,导致keepalived无法进行心跳验证的情况下才会切换到备机。但是如果nginx服务挂了以后无法切换,那么可以采用下面的方案来实现。
2、keepalived进阶-监控nginx服务
反代1(192.168.1.2)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_script chk_nginx { script "/etc/keepalived/watch_nginx.sh" interval 1 weight -20 } vrrp_instance VI_1 { state MASTER interface ens32 virtual_router_id 99 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } track_script { chk_nginx } } # vim /etc/keepalived/watch_nginx.sh #!/bin/bash killall -0 nginx &> /dev/null || exit 1
反代2(192.168.1.3)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_script chk_nginx { script "/etc/keepalived/watch_nginx.sh" interval 1 weight -20 } vrrp_instance VI_1 { state BACKUP interface ens32 virtual_router_id 99 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } track_script { chk_nginx } } # vim /etc/keepalived/watch_nginx.sh #!/bin/bash killall -0 nginx &> /dev/null || exit 1
重启服务测试
# systemctl restart keepalived
问题说明
nginx服务down了以后,直接切换到反代2上。可以通过notify脚本来使nginx服务进行重启。不过这种方法有弊有利,请根据实际情况斟酌。详细配置方法见下方案
3、keepalived进阶-nginx服务自动重启
反代1(192.168.1.2)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_script chk_nginx { script "/etc/keepalived/watch_nginx.sh" interval 1 weight -20 } vrrp_instance VI_1 { state MASTER interface ens32 virtual_router_id 99 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } track_script { chk_nginx } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" } #==================================== # vim /etc/keepalived/watch_nginx.sh #!/bin/bash killall -0 nginx &> /dev/null || exit 1 #==================================== # yum install -y mailx # vim /etc/keepalived/notify.sh #!/bin/bash vip=192.168.1.1 contact='root@localhost' notify() { mailsubject="`date '+%F %H:%M:%S'` HOST:`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'` : vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact } case "$1" in master) notify master exit 0 ;; backup) notify backup systemctl restart nginx exit 0 ;; fault) notify fault exit 0 ;; *) echo 'Usage: `basename $0` {master|backup|fault}' exit 1 ;; esac
反代2(192.168.1.3)上配置
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id node1 } vrrp_script chk_nginx { script "/etc/keepalived/watch_nginx.sh" interval 1 weight -20 } vrrp_instance VI_1 { state BACKUP interface ens32 virtual_router_id 99 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.1.1 } track_script { chk_nginx } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" } #==================================== # vim /etc/keepalived/watch_nginx.sh #!/bin/bash killall -0 nginx &> /dev/null || exit 1 #==================================== # yum install -y mailx # vim /etc/keepalived/notify.sh #!/bin/bash vip=192.168.1.1 contact='root@localhost' notify() { mailsubject="`date '+%F %H:%M:%S'` HOST:`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'` : vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact } case "$1" in master) notify master exit 0 ;; backup) notify backup systemctl restart nginx exit 0 ;; fault) notify fault exit 0 ;; *) echo 'Usage: `basename $0` {master|backup|fault}' exit 1 ;; esac
重启服务测试
# systemctl restart keepalived