nginx+keepalived雙主高可用負載均衡

實驗環境及軟體版本：

CentOS版本： 6.6(2.6.32.-504.el6.x86_64)

nginx版本： nginx-1.6.3

keepalived版本：keepalived-1.2.7

主LB1：LB-110-05

主LB2：LB-111-06

一、安裝準備及依賴（用SecureCRT的互動視窗同時對兩台LB操作，隻貼出LB1的操作過程在此）

[root@LB-110-05 ~]# mkdir tools

[root@LB-110-05 ~]# mkdir /application

[root@LB-110-05 ~]# yum -y install pcre pcre-devel openssl openssl-devel gcc gcc-c++ make automake popt-devel

[root@LB-110-05 ~]# cd tools

[root@LB-110-05 tools]# tar xf nginx-1.6.3.tar.gz

二、Nginx+keepalived安裝實戰（用SecureCRT的互動視窗同時對兩台LB操作，隻貼出LB1的操作過程在此）

1. 安裝nginx

[root@LB-110-05 tools]# cd nginx-1.6.3

[root@LB-110-05 nginx-1.6.3]# useradd nginx -s /sbin/nologin -M

[root@LB-110-05 nginx-1.6.3]# ./configure --prefix=/application/nginx-1.6.3 --with-http_stub_status_module --with-http_ssl_module --user=nginx --group=nginx

[root@LB-110-05 nginx-1.6.3]# echo $?   #檢查上一步操作是否正确，正确傳回結果為0，反之為1

[root@LB-110-05 nginx-1.6.3]# make && make install

[root@LB-110-05 nginx-1.6.3]# ln -s /application/nginx-1.6.3 /application/nginx

[root@LB-110-05 nginx-1.6.3]# /application/nginx/sbin/nginx -t  #檢查nginx的文法是否正确和測試是否成功

nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok

nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful

[root@LB-110-05 nginx-1.6.3]# /application/nginx/sbin/nginx   #啟動nginx服務

[root@LB-110-05 nginx-1.6.3]# netstat -tunlp|grep 80   #檢查nginx服務是否啟動成功

tcp              0              0 0.0.0.0:80              0.0.0.0:*             LISTEN            4329/nginx

2. 安裝keepalived

[root@LB-110-05 nginx-1.6.3]# cd..

[root@LB-110-05 tools]# tar xf keepalived-1.2.7.tar.gz

[root@LB-110-05 tools]# cd keepalived-1.2.7

[root@LB-110-05 keepalived-1.2.7]# ./configure

[root@LB-110-05 keepalived-1.2.7]# make && make install

[root@LB-110-05 keepalived-1.2.7]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/

[root@LB-110-05 keepalived-1.2.7]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

[root@LB-110-05 keepalived-1.2.7]# mkdir /etc/keepalived

[root@LB-110-05 keepalived-1.2.7]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/

[root@LB-110-05 keepalived-1.2.7]# cp /usr/local/sbin/keepalived /usr/sbin/

3. 加入開機啟動

[root@LB-110-05 ~]# cat >>/etc/rc.local<<EOF

> /usr/local/nginx/sbin/nginx

> /etc/init.d/keepalived start

> EOF

[root@LB-110-05 ~]# cat /etc/rc.local

#!/bin/sh

#

# This script will be executed *after* all the other init scripts.

# You can put your own initialization stuff in here if you don't

# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local

/application/nginx/sbin/nginx

/etc/init.d/keepalived start

三、配置nginx+keepalived

1. 配置nginx

[root@LB-110-05 ~]# cd /application/nginx/conf

[root@LB-110-05 conf]# cp nginx.conf nginx.conf.bak

[root@LB-110-05 conf]# vi nginx.conf

user nginx nginx;

worker_processes 1;

events {

           worker_connections 1024;

     }

http {

        include mime.types;

        default_type application/octet-stream;

        sendfile on;

        keepalive_timeout 65;

upstream myserver{

                      ip_hash;       #用ip雜湊演算法保持會話

                      server 10.0.0.7:80 max_fails=3 fail_timeout=20s;

                      server 10.0.0.8:80 max_fails=3 fail_timeout=20s;

            }

server {

           listen 80;

           server_name 192.168.0.110;

           location / {

           index index.php index.htm index.html;

           proxy_redirect off;

           proxy_set_header Host $host;

           proxy_set_header X-Real-IP $remote_addr;

           proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;

           proxy_set_header X-Forwarded-For $remote_addr;

           proxy_pass http://myserver;

             }

      }

}

儲存退出，把LB1的nginx.conf配置檔案用scp推送到LB2的/application/nginx/conf目錄下就行。

[root@LB-110-05 conf]# /application/nginx/sbin/nginx -t  

[root@LB-110-05 conf]# /application/nginx/sbin/nginx -s reload  #平滑重新開機nginx,不影響服務使用，提高使用者體驗

[root@LB-110-05 conf]# ps -ef|grep nginx|grep -v grep   #檢查nginx服務是否啟動成功

root 4329 1 0 17:08 ? 00:00:00 nginx: master process /application/nginx/sbin/nginx

nginx 6330 4329 0 18:01 ? 00:00:00 nginx: worker process

2. 配置keepalived

2.1 LB1的keepalived配置

[root@LB-110-05 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

[root@LB-110-05 ~]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

     notification_email {

         [email protected]

         [email protected]

         [email protected]

         }

     notification_email_from [email protected]

     smtp_server 192.168.200.1

     smtp_connect_timeout 30

     router_id Nginx_DEVEL

vrrp_instance Nginx_HA1 {

      state MASTER

      interface eth1

      virtual_router_id 51

      priority 100

      advert_int 1

      authentication {

          auth_type PASS

          auth_pass 1111

      virtual_ipaddress {

             192.168.0.110/24 dev eth1

       }

vrrp_instance Nginx_HA2 {

      state BACKUP

      virtual_router_id 52

      priority 99

            auth_type PASS

            auth_pass 1111

         192.168.0.111/24 dev eth1

2.2 LB2的keepalived配置

[root@LB-111-06 ~]# vi /etc/keepalived/keepalived.conf

        notification_email {

        [email protected]

        [email protected]

        [email protected]

        }

        notification_email_from [email protected]

        smtp_server 192.168.200.1

        smtp_connect_timeout 30

        router_id Nginx_DEVEL

      interface eth2

             auth_type PASS

             auth_pass 1111

       virtual_ipaddress {

               192.168.0.110/24 dev eth2

              auth_type PASS

              auth_pass 1111

               192.168.0.111/24 dev eth2

3. 啟動keepalived

[root@LB-110-05~]# /etc/init.d/keepalived start   #先啟動主LB1

[root@LB-111-06 ~]# /etc/init.d/keepalived start  #随後再啟動主LB2

四、檢視服務啟動成功後的結果

[root@LB-110-05 ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host 

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:5c:2d:57 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.110/24 brd 192.168.0.255 scope global eth0

inet6 fe80::20c:29ff:fe5c:2d57/64 scope link 

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:5c:2d:61 brd ff:ff:ff:ff:ff:ff

inet 10.0.0.5/24 brd 10.0.0.255 scope global eth1

inet 192.168.0.110/24 scope global eth1

inet6 fe80::20c:29ff:fe5c:2d61/64 scope link 

[root@LB-111-06 ~]# ip a

2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:50:8e:3a brd ff:ff:ff:ff:ff:ff

inet 192.168.0.111/24 brd 192.168.0.255 scope global eth1

inet6 fe80::20c:29ff:fe50:8e3a/64 scope link 

3: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:50:8e:44 brd ff:ff:ff:ff:ff:ff

inet 10.0.0.6/24 brd 10.0.0.255 scope global eth2

inet 192.168.0.111/24 scope global eth2

inet6 fe80::20c:29ff:fe50:8e44/64 scope link 

五、測試高可用

[root@LB-111-06 ~]# /etc/init.d/keepalived stop

Stopping keepalived: [ OK ]

inet 192.168.0.111/24 scope global secondary eth1

本文轉自 linuxzkq 51CTO部落格，原文連結:http://blog.51cto.com/linuxzkq/1688272