一、場景需求
![](https://img.laitimes.com/img/_0nNw4CM6IyYiwiM6ICdiwiIyVGduV2QvwVe0lmdhJ3ZvwFM38CXlZHbvN3cpR2Lc1TPB10QGtWUCpEMJ9CXsxWam9CXwADNvwVZ6l2c052bm9CXUJDT1wkNhVzLcRnbvZ2LcZXUYpVd1kmYr50MZV3YyI2cKJDT29GRjBjUIF2LcRHelR3LcJzLctmch1mclRXY39jM3ETNzMDM5AzNxQDM2EDMy8CX0Vmbu4GZzNmLn9Gbi1yZtl2Lc9CX6MHc0RHaiojIsJye.jpg)
二、Keepalived 簡要介紹
Keepalived 是一種高性能的伺服器高可用或熱備解決方案,Keepalived 可以用來防止伺服器單點故障的發生,通過配合 Nginx 可以實作 web 前端服務的高可用。
Keepalived 以 VRRP 協定為實作基礎,用 VRRP 協定來實作高可用性(HA)。VRRP(VirtualRouter
Redundancy Protocol)協定是用于實作路由器備援的協定,VRRP 協定将兩台或多台路由器裝置虛拟成一個裝置,對外提供虛拟路由器 IP(一個或多個),而在路由器組内部,如果實際擁有這個對外 IP 的路由器如果工作正常的話就是 MASTER,或者是通過算法選舉産生,MASTER 實作針對虛拟路由器 IP 的各種網絡功能,
如 ARP 請求,ICMP,以及資料的轉發等;其他裝置不擁有該虛拟 IP,狀态是 BACKUP,除了接收 MASTER 的VRRP 狀态通告資訊外,不執行對外的網絡功能。當主機失效時,BACKUP 将接管原先 MASTER 的網絡功能。VRRP 協定使用多點傳播資料來傳輸 VRRP 資料,VRRP 資料使用特殊的虛拟源 MAC 位址發送資料而不是自身網卡的 MAC 位址,VRRP 運作時隻有 MASTER 路由器定時發送 VRRP 通告資訊,表示 MASTER 工作正常以及虛拟路由器 IP(組),BACKUP 隻接收 VRRP 資料,不發送資料,如果一定時間内沒有接收到 MASTER 的通告資訊,各 BACKUP 将宣告自己成為 MASTER,發送通告資訊,重新進行 MASTER 選舉狀态。
三、方案規劃
四、安裝 Nginx
1、安裝編譯 Nginx 所需的依賴包
Connecting to 192.168.1.121:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Sat Apr 16 17:55:20 2016 from 192.168.1.61
[[email protected] ~]# yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel
2、上傳 Nginx(nginx-1.6.2.tar.gz)到 /usr/local/src 目錄
3、編譯安裝 Nginx
[[email protected] ~]# cd /usr/local/src/
[[email protected] src]# ls
keepalived-1.2.18.tar.gz nginx-1.6.2.tar.gz
[[email protected] src]# tar -zxvf nginx-1.6.2.tar.gz
[[email protected] src]# cd nginx-1.6.2
[[email protected] nginx-1.6.2]# ./configure --prefix=/usr/local/nginx
[[email protected] nginx-1.6.2]# make && make install
[root@edu-proxy--01 nginx-1.6.2]# vi /usr/local/nginx/conf/nginx.conf
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 88;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
修改 Nginx 歡迎首頁内容(用于後面測試,用于區分兩個節點的 Nginx):
vi /usr/local/nginx/html/index.html
192.168.1.121 中的标題加 1
Welcome to nginx! 1
192.168.1.122 中的标題加 2
Welcome to nginx! 2
5、系統防火牆打開對應的端口 88
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
service iptables restart
6、測試 Nginx 是否安裝成功
/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
7、啟動 Nginx
/usr/local/nginx/sbin/nginx
重新開機
/usr/local/nginx/sbin/nginx -s reload
8、設定 Nginx 開機啟動
vi /etc/rc.local
加入
/usr/local/nginx/sbin/nginx
分别通路兩個nginx
nginx1
2.nginx2
五、安裝 Keepalived ( http://www.keepalived.org/download.html )
1、上傳或下載下傳 keepalived(keepalived-1.2.18.tar.gz)到 /usr/local/src 目錄
2、解壓安裝
cd /usr/local/src
tar -zxvf keepalived-1.2.18.tar.gz
cd keepalived-1.2.18
./configure --prefix=/usr/local/keepalived
make && make install
3、将 keepalived 安裝成 Linux 系統服務:
因為沒有使用 keepalived 的預設路徑安裝(預設是/usr/local),安裝完成之後,需要做一些工作
複制預設配置檔案到預設路徑
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
複制 keepalived 服務腳本到預設的位址
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
設定 keepalived 服務開機啟動
chkconfig keepalived on
4、修改 Keepalived 配置檔案
注意,如果linux用的網卡是eth0,interface就要寫成eth1,用的是eth1就要寫成eth1
(1) MASTER 節點配置檔案(192.168.1.121)
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id edu-proxy-01
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.121
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.1.120
}
BACKUP節點配置 (192.168.1.122)
! Configuration File for keepalived
global_defs {
router_id edu-proxy-02
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.122
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.1.120
}
}
5.編寫Nginx狀态檢測腳本/etc/keepalived/nginx_check.sh(keepalived.conf中配置)
腳本要求:如果nginx停止運作,嘗試啟動,如果無法啟動則殺死本機的keepalived程序,keepaied将虛拟ip綁定到BACKUP機器上,内容如下
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
儲存後給腳本授鄧權限
chmod -x /etc/keepalived/nginx_check.sh
6.啟動keepalived
serivce keepalived start
我們在cmd中檢視arp
在edu-proxy-01
[[email protected] keepalived]# ip add
這裡我們通路192.168.1.120:88
7.Keepalived+nginx的高可用測試
(1)關閉192.168.1.121的Nginx,Keepalived會将它重新啟動
[roo[email protected] keepalived]# /usr/local/nginx/sbin/nginx -s stop
(2)關閉192.168.1.121中的Keepalived,VIP會切換到192.168.1.122中
[[email protected] keepalived]# service keepalived stop
[email protected] keepalived]# ip add
檢視虛拟ip
說明此時VIP已經漂移到主機192.168.1.122上了
再能過VIP來通路Nginx叢集,通路到的也是192.168.1.122
(3)重新啟動192.168.1.121中的Keepalived,VIP又會切回到192.168.1.121中來
[[email protected] keepalived]# service keepalived start
檢視虛拟機IP
ip add
Keepalived啟動後,網絡接口上又會建立出VIP192.168.1.120
Keepalived服務管理指令:
停止: service keepalived stop
啟動: service keepalived start
重新開機: service keepalived restart
檢視狀态: service keepalived status
其他參考資料:
keepalived之vrrp_script總結:http://my.oschina.net/hncscwc/blog/158746
keepalived雙機熱備實作故障時發送郵件通知:http://www.2cto.com/os/201407/317795.html
基于keepalived實作VIP轉移,lvs,nginx的高可用;:http://www.tuicool.com/articles/eu26Vz