Nginx

Nginx+keepalived实现高可用

nginx

Nginx (engine x) 是一个高性能的HTTP和反向代理服务器,也是一个IMAP/POP3/SMTP服务器。Nginx是一款轻量级的Web 服务器/反向代理服务器及电子邮件(IMAP/POP3)代理服务器,并在一个BSD-like 协议下发行。其特点是占有内存少,并发能力强

Keepalived

Keepalived是一个基于VRRP协议来实现的服务高可用方案,可以利用其来避免IP单点故障,类似的工具还有heartbeat、corosync、pacemaker。但是它一般不会单独出现,而是与其它负载均衡技术(如lvs、haproxy、nginx)一起工作来达到集群的高可用。

 

环境如下:

192.168.200.10    nginx+keepalived-master

192.168.200.20    nginx+keepalived-backup

vip:192.168.200.200

开始配置:

安装nginx

wget http://nginx.org/download/nginx-1.12.2.tar.gz   #下载nginx

解压后开始安装

tar -zxvf nginx-1.12.2.tar.gz

解决依赖关系

yum  groupinstall  "Development Tools"   "Server Platform Development"    -y
yum -y install openssl-devel  pcre-devel   zlib-devel

创建nginx用户

useradd -r  nginx      #-r 系统用户
开始编译
cd  nginx-1.12.2
./configure   \
--prefix=/usr/local/nginx   \
--conf-path=/etc/nginx/nginx.conf   \
--user=nginx   \
--group=nginx    \
--error-log-path=/var/log/nginx/error.log   \
--http-log-path=/var/log/nginx/access.log   \
--pid-path=/var/run/nginx/nginx.pid   \
--lock-path=/var/lock/nginx.lock    \
--with-http_ssl_module    \
--with-http_gzip_static_module   \
--with-debug   \
--with-http_stub_status_module
make &&  make install

启动nginx

/usr/local/nginx/sbin/nginx
[root@i-lqmeefrx html]# netstat   -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      11472/nginx         
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      8463/sshd           
tcp        0      0 :::22                       :::*                        LISTEN      8463/sshd           
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               12527/dhclient

两台机器都需要安装nginx

 

安装keepalived

这里可以yum安装也可以去keepalived官网下载编译安装。  飞机票

yum  install  keepalived  -y

安装完成修改keepalived配置文件

vim /etc/keepalived/keepalived.conf

MASTER配置

! Configuration File for keepalived

global_defs {
   notification_email {    
#keepalived在发生诸如切换操作时需要发送email通知地址,后面的 smtp_server 相比也都知道是邮件服务器地址。也可以通过其它方式报警,毕竟邮件不是实时通知的。
        627848678@qq.com
   }
   notification_email_from 627848678@qq.com
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id LVS_DEVEL    #机器标识,通常可设为hostname。故障发生时,邮件通知会用到
}

vrrp_instance VI_1 {      
    state MASTER
#指定instance(Initial)的初始状态,就是说在配置好后,这台服务器的初始状态就是这里指定的,但这里指定的不算,还是得要通过竞选通过优先级来确定。如果这里设置为MASTER,但如若他的优先级不及另外一台,那么这台在发送通告时,会发送自己的优先级,另外一台发现优先级不如自己的高,那么他会就回抢占为MASTER
    interface eth1  #实例绑定的网卡,因为在配置虚拟IP的时候必须是在已有的网卡上添加的
    virtual_router_id 51  #这里设置VRID,这里非常重要,相同的VRID为一个组,他将决定多播的MAC地址
    priority 100    #设置本节点的优先级,优先级高的为master
    advert_int 1    #检查间隔,默认为1秒。这就是VRRP的定时器,MASTER每隔这样一个时间间隔,就会发送一个advertisement报文以通知组内其他路由器自己工作正常
    authentication {   #定义认证方式和密码,主从必须一样
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
#这里设置的就是VIP,也就是虚拟IP地址,他随着state的变化而增加删除,当state为master的时候就添加,当state为backup的时候删除,这里主要是有优先级来决定的,和state设置的值没有多大关系,这里可以设置多个IP地址
        192.168.200.200
    }
}

BACKUP配置

! Configuration File for keepalived

global_defs {
   notification_email {
     627848678@qq.com
   }
   notification_email_from 627848678@qq.com
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth1
    virtual_router_id 51
    priority 50       #设置本节点的优先级,优先级低的为BACKUP
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.200

    }
}

启动keepalived

service  keepalived  start

查看虚vip

192.168.200.10机器查看

[root@i-lqmeefrx ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:e2:e2:73:3e brd ff:ff:ff:ff:ff:ff
    inet 10.58.23.110/24 brd 10.58.23.255 scope global eth0
    inet6 fe80::5054:e2ff:fee2:733e/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:4a:85:23:6e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.10/24 brd 192.168.200.255 scope global eth1
    inet 192.168.200.200/32 scope global eth1
    inet6 fe80::5054:4aff:fe85:236e/64 scope link 
       valid_lft forever preferred_lft forever

从上面可以看到vip地址 192.168.200.200

 

测试

同段机器打开浏览器访问 192.168.200.200

模拟故障,停掉master上nginx,keepalived

[root@i-lqmeefrx ~]# service keepalived stop
Stopping keepalived:                                       [  OK  ]
[root@i-lqmeefrx ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:e2:e2:73:3e brd ff:ff:ff:ff:ff:ff
    inet 10.58.23.110/24 brd 10.58.23.255 scope global eth0
    inet6 fe80::5054:e2ff:fee2:733e/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:4a:85:23:6e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.10/24 brd 192.168.200.255 scope global eth1
    inet6 fe80::5054:4aff:fe85:236e/64 scope link 
       valid_lft forever preferred_lft forever

此时vip已不在master上

查看backup,vip已在192.168.200.20上

[root@i-ekcv7omx html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:80:ba:d8:5c brd ff:ff:ff:ff:ff:ff
    inet 10.58.27.228/24 brd 10.58.27.255 scope global eth0
    inet6 fe80::5054:80ff:feba:d85c/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:81:c7:4d:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.20/24 brd 192.168.200.255 scope global eth1
    inet 192.168.200.200/32 scope global eth1
    inet6 fe80::5054:81ff:fec7:4d0a/64 scope link 
       valid_lft forever preferred_lft forever

浏览器再次访问

(0)

本文由 樱花博客 作者:樱花 发表,转载请注明来源!

关键词:, ,

热评文章

发表评论