zoukankan      html  css  js  c++  java
  • nginx+keepalived实现nginx双主高可用的负载均衡

    http://kling.blog.51cto.com/3320545/1253474

    一、前言:

    在互联网上面,网站为用户提供原始的内容访问,同时为用户提供交互操作。提供稳定可靠的服务,可以给用户带来良好的体验,保证用户的正常访问使用,在网站的可靠性方面,有很多的技术可以来提供,这类技术可以分为:

    高可用:保证服务的可靠,稳定,实现故障的屏蔽,避免了单点故障。

    高性能:多台服务器连接起来,处理一个复杂的计算问题。

    负载均衡:将用户请求引导到后端多台服务器,实现服务器请求的负载。

    我们将这类技术称之为集群负载均衡,可以提供负载均衡和高可用的有硬件和软件,软件方面有haproxy,lvs,keepalived,nginx,heartbeat,corosync等等,而这里我们采用的是nginx-keepalived来构建。

    Nginx有很强的代理功能,但是一台nginx 就形成了单点,现在使用keepalived来解决这个问题,keepalived可以实现故障转移切换,实现后端的健康检查,前端的高可用,使网站故障记录大大降低,避免了单点故障造成网站无法访问的问题,确保了网站业务的正常运行。

    二、Nginx+keepalived有两种配置方案:

    2.1、Nginx+keepalived 主从配置

    这种方案,使用一个vip地址,前端使用2台机器,一台做主,一台做备,但同时只有一台机器工作,另一台备份机器在主机器不出现故障的时候,永远处于浪费状态,对于服务器不多的网站,该方案不经济实惠,所以本次不予采用。

    2.2、Nginx+keepalived 双主配置

    这种方案,使用两个vip地址,前端使用2台机器,互为主备,同时有两台机器工作,当其中一台机器出现故障,两台机器的请求转移到一台机器负担,非常适合于当前架构环境,故本次采用此方案对网站进行高可用架构。

    三、Nginx+keepalived 主从配置

    3.1、Nginx+keepalived 主从配置详情请见http://kling.blog.51cto.com/3320545/1240359

    这里不做重点介绍。

    四、Ningx+Keepalived 双主配置

    4.1、拓扑结构

    4.2、测试环境如下:

    系统:Ceentos 6.4 64位

    前端node1服务器:

    DIP: 192.168.122.2

    VIP: 192.168.122.22

    前端node2服务器:

    DIP: 192.168.122.3

    VIP:192.168.122.23

    后端服务器:

    web server01:192.168.122.4

    web server02:192.168.122.5

    web server03:192.168.122.6

    4.3、软件安装

    分别在两台前端服务器上安装nginx+keepalived,使用脚本如下:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    #!/bin/bash
    # author: kuangl
    # mail: kuangl@orient-media.com
    # description: The installation of Nginx files.
    # -------------------------------------------------------- #
             ## Nginx_install
    # -------------------------------------------------------- #
    # Nginx installation
    #CURRENT_PATH=$(pwd)
    for in $(rpm -q gcc gcc-c++ kernel-devel openssl-devel zlib-devel popt-devel popt-static libnl-devel wget make |grep 'not installed' awk '{print $2}')
    do
        yum -y install $i
    done
    [ -d /root/software ]
    "$?" != 0 ] && mkdir /root/software
    cd /root/software
    [ !  -e pcre-8.33.tar.gz ] && wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.33.tar.gz
    tar -zxvf pcre-8.33.tar.gz
    cd pcre-8.33
    ./configure
    make && make install
    echo $? || [ $? != 0  ] || echo  " installation pcre  failed" || exit 1
    cd /root/software
    [ ! -e nginx-1.2.9.tar.gz ] && wget http://nginx.org/download/nginx-1.2.9.tar.gz
    tar -zxvf nginx-1.2.9.tar.gz
    cd nginx-1.2.9
    ./configure  --prefix=/usr/local/nginx --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module  --with-http_gzip_static_module
    make && make install
    echo $? || [ $? != 0  ] || echo  " installation  nginx  failed" || exit 1
    # -------------------------------------------------------- #
                ## Keepalived_intsall
    # -------------------------------------------------------- #
    # Keepalived installation
    cd /root/softwarae
    [ ! -e keepalived-1.2.4.tar.gz ] &&  wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz
    tar -zxvf keepalived-1.2.4.tar.gz
    cd keepalived-1.2.4
    ln -s /usr/src/kernels/$(uname -r) /usr/src/kernels/linux
    ./configure --prefix=/usr  --bindir=/usr/bin  --sbindir=/usr/bin  --libexecdir=/usr/libexec --localstatedir=/var --libdir=/lib64  --infodir=/usr/share/info  --sysconfdir=/etc --mandir=/usr/local/share/man   --with-kernel-dir=/usr/src/kernels/linux
    make && make install
    echo $? || [ $? != 0  ] || print " installation keepalived  failed" || exit 1
    chkconfig --add keepalived
    chkconfig --level 345 keepalived on

    4.4、在后端服务器上安装apached

        后端node4

    1
    2
    3
    4
    5
    [root@node4 ~]# yum  -y install httpd
    [root@node4 html]# echo "this is 192.168.122.4" > /var/www/htmlindex.html
    [root@node4 ~]# service httpd start
    [root@node4 html]# curl  192.168.122.4
    this is 192.168.122.4

      后端node5

    1
    2
    3
    4
    5
    [root@node5 ~]# yum  -y install httpd
    [root@node5 html]# echo "this is 192.168.122.5" > /var/www/htmlindex.html
    [root@node5 ~]# service httpd start
    [root@node5 html]# curl  192.168.122.5
    this is 192.168.122.5

      后端node6

    1
    2
    3
    4
    5
    [root@node6 ~]# yum  -y install httpd
    [root@node6 html]# echo "this is 192.168.122.6" > /var/www/htmlindex.html
    [root@node6 ~]# service httpd start
    [root@node6 html]# curl  192.168.122.6
    this is 192.168.122.6

    4.5、node2、node3上配置nginx

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    [root@node2 ~]# vim /usr/local/nginx/conf/nginx.conf
    upstream web1       ##定义负载均衡组为web1
        {
            ip_hash;
            server 192.168.122.4:80;
            server 192.168.122.5:80;
            server 192.168.122.6:80;
        }
     server {
            listen       80;
            server_name  dev.test01.com;
            location /
            {
            root /home/kuangl/;
            index index.html index.htm;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://web1;
            }
          }

    4.6、在node2上配置keepalived

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    [root@node2 conf]# vim /etc/keepalived/keepalived.conf
    ! Configuration File for keepalived
    global_defs {
       notification_email {
         404060945@qq.com
       }
       notification_email_from root@localhost
       smtp_server 127.0.0.1
       smtp_connect_timeout 30
       router_id LVS_DEVEL
    }
    vrrp_script chk_haproxy {
        script "/etc/keepalived/chk_nginx.sh"
        interval 2
        weight 2
    }
    vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 200
        priority 250
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass kuanglnginx
        }
       track_script {
            chk_nginx
        }
        virtual_ipaddress {
            192.168.122.22
        }
    }
    vrrp_instance VI_2 {
        state BACKUP
        interface eth0
        virtual_router_id 251
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass kuangl
        }
        track_script {
            chk_nginx
        }
        virtual_ipaddress {
            192.168.122.23
        }
    }

    4.7、在node3上配置keepalived

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    ! Configuration File for keepalived
    global_defs {
       notification_email {
         404060945@qq.com
       }
       notification_email_from root@localhost
       smtp_server 127.0.0.1
       smtp_connect_timeout 30
       router_id LVS_DEVEL
    }
    vrrp_script chk_haproxy {
        script "/etc/keepalived/chk_nginx.sh"
        interval 2
        weight 2
    }
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        virtual_router_id 200
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass kuanglnginx
        }
        track_script {
            chk_nginx
        }
        virtual_ipaddress {
            192.168.122.22
        }
    }
    vrrp_instance VI_2 {
        state MASTER
        interface eth0
        virtual_router_id 251
        priority 250
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass kuangl
        }
        track_script {
            chk_nginx
        }
        virtual_ipaddress {
            192.168.122.23
        }
    }

    4.8、在两台双主服务器上添加自动检测脚本

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    #!/bin/bash
    # description:
    # 定时查看nginx是否存在,如果不存在则启动nginx
    # 如果启动失败,则停止keepalived
    status=$(ps -C nginx --no-heading|wc -l)
    if "${status}" "0" ]; then
            /usr/local/nginx/sbin/nginx
            status2=$(ps -C nginx --no-heading|wc -l)
            if "${status2}" "0"  ]; then
                    /etc/init.d/keepalived stop
            fi
    fi

    4.9、开启nginx、keepalived服务

    1
    2
    3
    4
    [root@node2 ~]# service keepalived start
    [root@node2 ~]# /usr/local/nginx/sbin/nginx
    [root@node3 ~]# service keepalived start
    [root@node3 ~]# /usr/local/nginx/sbin/nginx

    4.10、用 ip a 查看VIP

    4.11、测试访问

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    [kuangl@node01 ~]$ curl http://192.168.122.22
    this is 192.168.122.6
    [kuangl@node01 ~]$ curl http://192.168.122.22
    this is 192.168.122.4
    [kuangl@node01 ~]$ curl http://192.168.122.22
    this is 192.168.122.5
    [kuangl@node01 ~]$ curl http://192.168.122.23
    this is 192.168.122.6
    [kuangl@node01 ~]$ curl http://192.168.122.23
    this is 192.168.122.4
    [kuangl@node01 ~]$ curl http://192.168.122.23
    this is 192.168.122.5

    五、后端用rsync做数据同步

      node5-node6上配置进程模式,以node5为例

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    [root@node5 ~]# yum -y install rsync
    [root@node5 ~]# vim /etc/rsynsd.conf
    uid = root
    gid = root
    use chroot = no
    max connections = 5
    pid file /var/run/rsyncd.pid
    lock file /var/run/rsync.lock
    log file /var/log/rsyncd.log
    [web01]                      
    path=/home/kuangl/          
    comment = update          
    ignore errors              
    read only = no             
    list = no                 
    hosts allow = 192.168.122.0/24
    auth users = root        
    uid = root
    gid = root
    secrets file /etc/rsyncd.secrets
    [root@node5 ~]# vim /etc/rsyncd.secrets
    root:123456
    [root@node5 ~]# chmod 0600 /etc/rsyncd.secrets
    [root@node5 ~]# ll /etc/rsyncd.secrets
    -rw-------. 1 root root 12 Jul 20 19:41 /etc/rsyncd.secrets
    [root@node5 ~]# rsync --daemon
    [root@node5 ~]# echo "rsync --daemon" >> /etc/rc.local

     node4上配置命令模式:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    [root@node4 ~]# yum -y install rsync
    [root@node4 ~]# vim /etc/rsyncd.secrets
    123456
    [root@node4 ~]# chmod 0600 /etc/rsyncd.secrets
    root@node4 kuangl]# rsync -vzrtopg --delete --progress --password-file=/etc/rsyncd.secrets  rsync+inotify root@192.168.122.5::web01
    sending incremental file list
    rsync+inotify/
    rsync+inotify/inotify-tools-3.14.tar.gz
          358772 100%    1.85MB/s    0:00:00 (xfer#1, to-check=2/4)
    rsync+inotify/rsync+inotify_client.sh
             617 100%    3.11kB/s    0:00:00 (xfer#2, to-check=1/4)
    rsync+inotify/rsync+inotify_server.sh
             900 100%    4.03kB/s    0:00:00 (xfer#3, to-check=0/4)
    sent 360679 bytes  received 69 bytes  240498.67 bytes/sec
    total size is 360289  speedup is 1.00

     查看结果

    1
    2
    3
    4
    5
    [root@node5 ~]# cd /home/kuangl/
    [root@node5 kuangl]# ll
    total 8
    -rw-r--r--. 1 root root   22 Jul 20 15:16 index.html
    drwxr-xr-x. 2 root root 4096 Nov 11  2012 rsync+inotify

    本文出自 “&思远晨曦” 博客,请务必保留此出处http://kling.blog.51cto.com/3320545/1253474

  • 相关阅读:
    递归和消去递归
    Time complexity analysis of algorithms
    algorithms中计算时间的渐近表示
    OAuth认证协议原理分析及同步消息到Twitter和Facebook使用方法
    javascript实现URL编码与解码
    before伪类的超有用应用技巧——水平菜单竖线分隔符
    在线工具(转)
    程序员小抄大全
    Web设计的速查卡(转)
    一个简单的AJAX示例(转)
  • 原文地址:https://www.cnblogs.com/fx2008/p/4010547.html
Copyright © 2011-2022 走看看