zoukankan      html  css  js  c++  java
  • nginx+keepalived高可用web负载均衡

    一:安装环境

    准备2台虚拟机,都安装好环境 centos 7
    keepalived:
    vip: 192.168.1.112
    192.168.1.110

    nginx
    ip 192.168.1.109 master nginx:88
    ip 192.168.1.110 backup nginx:88

    二:下载nginx keepalived

    wget http://nginx.org/download/nginx-1.7.10.tar.gz

    wget http://www.keepalived.org/software/keepalived-1.2.21.tar.gz

    三:编译安装 nginx

    安装nginx的依赖包

    # yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel

    编译安装 nginx

    tar -zxvf nginx-1.7.10.tar.gz
    cd ./nginx-1.7.10
    ./configure --prefix=/usr/local/nginx
    make && make install

    四:配置nginx

    vi /usr/local/nginx/conf/nginx.conf

    修改2处:
    user nobody; -> user root;
    listen 80; -> listen 88;

    修改index.html
    vi /usr/local/nginx/html/index.html
    在192.168.1.110这台机子加上 192.168.1.110-s
    在192.168.1.109这台机子加上 192.168.1.109-m

    五:打开系统防火墙 88 端口

    因为我是centos7啊
    它防火墙是 firewall
    命令如下,永久打开tcp 88 端口
    firewall-cmd --zone=public --add-port=88/tcp --permanent
    重启: firewall-cmd --reload

    如果是 centos 7 以下,可以用如下方法来打开 88 端口:
    # vi /etc/sysconfig/iptables
    ## Nginx
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
    # service iptables restart

    六:测试nginx是否安装成功

    /usr/local/nginx/sbin/nginx -t
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

    七: 启动nginx

    /usr/local/nginx/sbin/nginx 

    重启nginx

    /usr/local/nginx/sbin/nginx -s reload

    安装keepalived

    八:keepalived解压安装

    # cd /software  
    # tar -zxvf keepalived-1.2.21.tar.gz  
    # cd keepalived-1.2.21  
    # ./configure --prefix=/usr/local/keepalived

    编译成功最后出现下面的信息

    Keepalived configuration
    ------------------------
    Keepalived version       : 1.2.21
    Compiler                 : gcc
    Compiler flags           : -g -O2
    Extra Lib                : -lssl -lcrypto -lcrypt 
    Use IPVS Framework       : Yes
    IPVS sync daemon support : Yes
    IPVS use libnl           : No
    fwmark socket support    : Yes
    Use VRRP Framework       : Yes
    Use VRRP VMAC            : Yes
    Use VRRP authentication  : Yes
    SNMP keepalived support  : No
    SNMP checker support     : No
    SNMP RFCv2 support       : No
    SNMP RFCv3 support       : No
    SHA1 support             : No
    Use Debug flags          : No
    libnl version            : None
    Use IPv4 devconf         : No
    Use libiptc              : No
    Use libipset             : No

    九:keepalived安装

    # make && make install 

    十:将 keepalived安装成 linux 系统服务

    因为没有使用 keepalived 的默认路径安装(默认是/usr/local) ,安装完成之后,需要做一些工作复制默认配置文件到默认路径
    # mkdir /etc/keepalived
    # cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

    复制 keepalived 服务脚本到默认的地址
    cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
    cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

    ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/

    设置 keepalived 服务开机启动
    # chkconfig keepalived on

    十一:修改 keepalived 配置

    (1) MASTER 节点配置文件(192.168.1.109)

    # vi /etc/keepalived/keepalived.conf
    ! Configuration File for keepalived
    global_defs {
        ## keepalived 自带的邮件提醒需要开启 sendmail 服务。 建议用独立的监控或第三方 SMTP
        router_id nginx_m_109 ## 标识本节点的字条串,通常为 hostname
    } 
    ## keepalived 会定时执行脚本并对脚本执行的结果进行分析,动态调整 vrrp_instance 的优先级。如果脚本执行结果为 0,并且 weight 配置的值大于 0,则优先级相应的增加。如果脚本执行结果非 0,并且 weight配置的值小于 0,则优先级相应的减少。其他情况,维持原本配置的优先级,即配置文件中 priority 对应的值。
    vrrp_script chk_nginx {
        script "/etc/keepalived/nginx_check.sh" ## 检测 nginx 状态的脚本路径
        interval 2 ## 检测时间间隔
        weight -20 ## 如果条件成立,权重-20
    }
    ## 定义虚拟路由, VI_1 为虚拟路由的标示符,自己定义名称
    vrrp_instance VI_1 {
        state MASTER ## 主节点为 MASTER, 对应的备份节点为 BACKUP
        interface eth0 ## 绑定虚拟 IP 的网络接口,与本机 IP 地址所在的网络接口相同, 我的是 eth0
        virtual_router_id 33 ## 虚拟路由的 ID 号, 两个节点设置必须一样, 可选 IP 最后一段使用, 相同的 VRID 为一个组,他将决定多播的 MAC 地址
        mcast_src_ip 192.168.1.109 ## 本机 IP 地址
        priority 100 ## 节点优先级, 值范围 0-254, MASTER 要比 BACKUP 高
        nopreempt ## 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
        advert_int 1 ## 组播信息发送间隔,两个节点设置必须一样, 默认 1s
        ## 设置验证信息,两个节点必须一致
        authentication {
            auth_type PASS
            auth_pass 1111 ## 真实生产,按需求对应该过来
        }
        ## 将 track_script 块加入 instance 配置块
        track_script {
            chk_nginx ## 执行 Nginx 监控的服务
        } #
        # 虚拟 IP 池, 两个节点设置必须一样
        virtual_ipaddress {
            192.168.1.112 ## 虚拟 ip,可以定义多个
        }
    }

    (2)BACKUP 节点配置文件(192.168.1.110)

    # vi /etc/keepalived/keepalived.conf

    ! Configuration File for keepalived
    global_defs {
        router_id nginx_s_110
    }
    vrrp_script chk_nginx {
        script "/etc/keepalived/nginx_check.sh"
        interval 2
        weight -20
    }
    vrrp_instance VI_1 {
        state BACKUP
        interface eth1
        virtual_router_id 33
        mcast_src_ip 192.168.1.110
        priority 90
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        track_script {
            chk_nginx
        }
        virtual_ipaddress {
            192.168.1.112
        }
    }

    十二:编写检测nginx状态的脚本

    编写 Nginx 状态检测脚本 /etc/keepalived/nginx_check.sh (已在 keepalived.conf 中配置)脚本要求:如果 nginx 停止运行,尝试启动,如果无法启动则杀死本机的 keepalived 进程, keepalied将虚拟 ip 绑定到 BACKUP 机器上。 内容如下:
    # vi /etc/keepalived/nginx_check.sh

    #!/bin/bash  
    A=`ps -C nginx –no-header |wc -l`  
    if [ $A -eq 0 ];then  
    /usr/local/nginx/sbin/nginx  
    sleep 2  
    if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then  
        killall keepalived  
    fi  
    fi

    保存后,给脚本赋执行权限:
    # chmod +x /etc/keepalived/nginx_check.sh

    十三:启动 keepalived

    # service keepalived start
    Starting keepalived: [ OK ]

    十四: Keepalived+Nginx 的高可用测试

    1:

    同时启动192.168.1.109和192.168.1.110上的Nginx和Keepalived,我们通过VIP(192.168.1.112)来访问Nginx,如下,都能正确访问
    http://192.168.1.112:88/

    2:

    我们关闭192.168.1.109上的Keepalived和Nginx

    在192.168.1.109执行如下命令:
    service keepalived stop
    /usr/local/nginx/sbin/nginx -s stop
    此时,再通过VIP(192.168.1.112)来访问Nginx,如下

    3:

    我们再开启192.168.1.109上的Keepalived和Nginx
    在192.168.1.109执行如下命令:
    /usr/local/nginx/sbin/nginx
    service keepalived start
    或者只执行
    service keepalived start
    因为我们写了脚本nginx_check.sh,这个脚本会为我们自动自动Nginx

    此时,我们再通过VIP(192.168.1.112)来访问Nginx,如下

     参考:https://blog.csdn.net/l1028386804/article/details/72801492

  • 相关阅读:
    看完了红米5 Plus发布会,我觉得魅蓝Note6降价降多了
    红米5/红米5 Plus逼出最强魅蓝Note6?降价后已成性价比神机
    java.lang.NoClassDefFoundError: org/apache/ibatis/mapping/DatabaseIdProvider
    mac tree命令
    spring boot集成dubbo
    玩转Spring Boot 集成Dubbo
    Linux下复制粘贴快捷键
    用创业舞动飞扬的青春
    SpringMVC 学习笔记(一) Hello World
    从 Kubernetes 谈容器网络
  • 原文地址:https://www.cnblogs.com/jiujuan/p/9005225.html
Copyright © 2011-2022 走看看