环境准备(继续服用hadoop节点)
slave1 192.168.2.201(CentOs 7)
slave2 192.168.2.202(CentOs 7)
slave1 和 slave2 上都安装nginx+keepalived
web 192.168.2.100 再iis上启动了9011/9012/9013三个端口的web应用
------------------------------------------------------------------------------------------------------
1.首先在slave节点上安装nginx(slave节点安装相同,需要修改的地方我会注释出来) 或者通过 rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm 后yum -y install nginx进行安装,免除编译
#安装编译nginx需要的相关依赖
yum -y install pcre-devel openssl-devel perl-ExtUtils-Embed
cd /usr/local/src
#获取nginx
wget http://nginx.org/download/nginx-1.5.3.tar.gz
#解压
tar -zxvf nginx-1.5.3.tar.gz
cd nginx-1.5.3
#创建www组下www用户
useradd -s /sbin/nologin -M www
#配置路径及参数(注意最后那部分标红色的参数)
./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_gzip_static_module --without-http_uwsgi_module --without-http_scgi_module --without-http_upstream_ip_hash_module --with-http_perl_module --with-pcre --with-ld-opt="-Wl,-E"
#编译及安装
make && make install
#测试用默认配置文件是否成功
[root@slave1 nginx-1.5.3]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#修改nginx配置文件
vi /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 8;
error_log logs/error.log;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
upstream web_server_pool {
#ip_hash; #如果需要保持session一致,需要开启这个选项,可以保证同一台机器每次访问都分配到同一服务器
server 192.168.2.100:9011 weight=4 max_fails=2 fail_timeout=30s;
server 192.168.2.100:9012 weight=4 max_fails=2 fail_timeout=30s;
server 192.168.2.100:9013 weight=4 max_fails=2 fail_timeout=30s;
}
server {
listen 80;
server_name slave1; # node2 改为slave2 或者ip地址
location / {
root html;
index index.html index.htm;
proxy_pass http://web_server_pool;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
#启动nginx
/usr/local/nginx/sbin/nginx #默认会加载其上级目录conf中的nginx.conf
#如果加载其他路径的配置文件按照如下方式进行
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
#检查运行情况
[root@slave1 nginx-1.5.3]# ps -ef | grep nginx
root 5112 1 0 21:34 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 5113 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5114 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5115 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5116 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5117 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5118 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5119 5112 0 21:34 ? 00:00:00 nginx: worker process
www 5120 5112 0 21:34 ? 00:00:00 nginx: worker process
root 5317 2537 0 21:53 pts/0 00:00:00 grep --color=auto nginx
输入slave1的IP地址 http://192.168.2.201/ 进行访问,结果如下(默认为轮训,请多次刷新浏览器)
salve2方法类似,注意配置文件中红色部分,修改为salve2即可
===========================================================================================================================================================================================================
2.安装keepalived
yum -y install keepalived
顺便提下: 最初我采用和nginx一样的下载源码编译方式安装,一直没通过,甚至还修改了Makefile也不行,C语言丢了好多年了,就没继续折腾了
#编辑配置文件
vi /etc/keepalived/keepalived.conf
global_defs {
notification_email { #指定keepalived在发生事情的时候,发送邮件告知,可以有多个地址,每行一个。
changw.xiao@qq.com
}
notification_email_from changw.xiao@qq.com #指定发件人
smtp_server smtp.qq.com #发送email的smtp地址
smtp_connect_timeout 30 #超时时间
router_id NODEA #运行keepalived的机器的一个标识,多个节点标识可以相同,也可以不同
vrrp_skip_check_adv_addr
vrrp_strict #严格执行VRRP协议规范,此模式不支持节点单播
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_http_port {
script "/usr/local/chk_nginx_pid.sh" #这用于keepalived检测nginx是否还在运行
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER #主节点用master,其他都用backup
interface ens33 #网卡名称
virtual_router_id 50 #所有节点参数要一致
priority 100 #权重,值越大,优先分派
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.2.199/24 #虚拟ip,暴露给调用方使用的,调用方就通过这个ip获取服务,不会关心nginx和具体服务地址
}
}
同时我把backup节点配置信息也一并贴出来
global_defs {
router_id NODEB
}
vrrp_script chk_http_port {
script "/usr/local/chk_nginx_pid.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.2.199/24
}
}
backup节点配置文件中少了邮件通知配置,不过邮件通知配置是错误的,没生效,具体日后研究了贴配置
配置文件中有一个shell脚本用于检测nginx是否启动
vi /usr/local/chk_nginx_pid.sh
#!/bin/bash
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
systemclt start nginx.service #尝试重启(通过编译方式安装的貌似不生效)
sleep 5
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
killall keepalived #关掉keepalived,以便进行切换VIP指向
fi
fi
记得修改shell权限
chmod 775 /usr/local/chk_nginx_pid.sh
启动keepalived
keepalived -D -f /etc/keepalived/keepalived.conf
[root@slave1 nginx-1.5.3]# ps -ef |grep keepalived
root 5635 1 0 22:20 ? 00:00:00 keepalived -D -f /etc/keepalived/keepalived.conf
root 5636 5635 0 22:20 ? 00:00:00 keepalived -D -f /etc/keepalived/keepalived.conf
root 5637 5635 0 22:20 ? 00:00:00 keepalived -D -f /etc/keepalived/keepalived.conf
root 5972 5637 0 22:22 ? 00:00:00 keepalived -D -f /etc/keepalived/keepalived.conf
root 5980 2537 0 22:22 pts/0 00:00:00 grep --color=auto keepalived
[root@slave1 nginx-1.5.3]#
同样的方式在salve2上配置,注意配置文件红色标记的地方
在浏览器输入虚拟ip 192.168.2.199 进行访问
此时通过ip addr 命令进行ip查询
slave1
slave2
keepalived + nginx就是为了实现高可用,如果任意一台nginx或者keepalived挂掉之后,只要环境中还有一台机器正在执行,用户都应该能对应用进行访问
下面模拟环境发生故障
根据keepalived里面配置的检测nginx的脚本,如果检测到nginx挂掉后,应该会尝试重启,如果重启不成功,就会关掉该服务器上对应的keepalived,这样就会进行VIP切换
1.由于现在slave1为VIP指向地址,现在关闭掉slave1上的nginx
[root@slave1 nginx-1.5.3]# date
Tue Sep 12 22:36:30 CST 2017
[root@slave1 nginx-1.5.3]# ps -ef | grep nginx
root 5371 1 0 21:59 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 5372 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5373 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5374 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5375 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5376 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5377 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5378 5371 0 21:59 ? 00:00:00 nginx: worker process
www 5379 5371 0 21:59 ? 00:00:00 nginx: worker process
root 9142 9141 0 22:36 ? 00:00:00 sh -c /usr/local/chk_nginx_pid.sh
root 9143 9142 0 22:36 ? 00:00:00 vi /usr/local/chk_nginx_pid.sh
root 9149 2537 0 22:36 pts/0 00:00:00 grep --color=auto nginx
[root@slave1 nginx-1.5.3]# kill -quit 5371
[root@slave1 nginx-1.5.3]#
在查看slave1上的ip信息(没有了199)
再查看slave2上的ip信息
再通过 http://192.168.2.199/ 进行访问,你会发现,访问一切正常,符合预期
===============================================================================================================
按照同样方式,可以部署任意多个backup节点, 如果是线上高并发环境,最好在不同机房,不同线路上均部署上,并且根据设备好坏配置对应的优先级
