keepalived的安装和配置
Nginx-keepalived高可用负载均衡
架构
keepalive1:10.1.41.60
keepalive2:10.1.41.61
vrrp:10.1.41.88
nginx1:10.1.41.64
nginx2:10.1.41.65
系统版本
#cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
实验目的:用keepalived实现高可用,用nginx的upstream模块反向代理后端的web服务器实现负载均衡
keepalvied安装与配置
安装前的准备
ln -sv /usr/src/kernels/3.10.0-327.el7.x86_64/ /usr/src/linux
从官网下载keepalived的最新版本,本文以当前最新版本1.3.0为例。
编译安装keepalived
wget http://www.keepalived.org/software/keepalived-1.3.0.tar.gz
tar zxf keepalived-1.3.0.tar.gz -C /usr/local
cd /usr/local/keepalived-1.3.0/
yum install openssl-devel libnfnetlink-devel -y
./configure --prefix=/usr/local/keepalived --sbindir=/usr/sbin --sysconfdir=/etc
make -j4 && make install
在Centos6.4版本以后都可以直接yum安装keepalived
yum install keepalived -y
配置文件的修改
vim /etc/keepalived/keepalived.conf
注释掉占时用不到的配置
.,$s/^/#/g 从当前行到结尾的所有行首加上#注释掉
set nohlsearch
在 keepalive1:10.1.41.60 配置
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_60
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 90
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass uRINKmfBsok=
}
virtual_ipaddress {
10.1.41.88/24
}
}
在 keepalive2:10.1.41.61 配置
! Configuration File for keepalived
global_defs {
router_id lvs61
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 90
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass uRINKmfBsok=
}
virtual_ipaddress {
10.1.41.100/24
}
}
配置完成后主副节点都启动keepalived服务
systemctl start keepalived
在keepalive1和keepalive2都安装nginx
nginx版本:nginx-1.8.1.
yum install gcc openssl-devel pcre-devel zlib-devel mod_ssl -y
获取nginx编译安装包
wget http://nginx.org/download/nginx-1.8.1.tar.gz
或者直接到网站进行下载 http://nginx.org/en/download.html
# tar xf nginx-1.8.1.tar.gz
# cd nginx-1.8.1
# groupadd -r nginx
# useradd -r -g nginx -s /sbin/nologin -M nginx
参考官方网站http://nginx.org/en/linux_packages.html#stable 进行编译安装
./configure \--prefix=/etc/nginx \--sbin-path=/usr/sbin/nginx \--conf-path=/etc/nginx/nginx.conf \--error-log-path=/var/log/nginx/error.log \--http-log-path=/var/log/nginx/access.log \--pid-path=/var/run/nginx.pid \--lock-path=/var/run/nginx.lock \--http-client-body-temp-path=/var/cache/nginx/client_temp \--http-proxy-temp-path=/var/cache/nginx/proxy_temp \--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \--http-scgi-temp-path=/var/cache/nginx/scgi_temp \--user=nginx \--group=nginx \--with-http_ssl_module \--with-http_realip_module \--with-http_addition_module \--with-http_sub_module \--with-http_dav_module \--with-http_flv_module \--with-http_mp4_module \--with-http_gunzip_module \--with-http_gzip_static_module \--with-http_random_index_module \--with-http_secure_link_module \--with-http_stub_status_module \--with-http_auth_request_module \--with-threads
make -j4 && make install
参考官方网站进行nginx脚步编写
https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/
Red Hat NGINX Init Script
Red Hat Nginx Init Script Should work on RHEL, Fedora, CentOS. Tested on CentOS 5.
Save this file as /etc/init.d/nginx
vim /etc/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
而后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
# chmod 755 /etc/init.d/nginx
添加至服务管理列表,并让其开机自动启动:
# chkconfig --add nginx
# chkconfig nginx on
而后就可以启动服务并测试了:
# service nginx start
在keepalive1和keepalive2都进行nginx配置文件的更改,要修改的部分如下
#vim /etc/nginx/nginx.conf
upstream myserver {
server 10.1.41.64:80 weight=5;
server 10.1.41.65:80 weight=5;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://myserver;
}
nginx配置文件更改后,检查配置文件语法
nginx -t
对nginx进行优雅重启
nginx -s reload
把nginx1和nginx2安装好nginx后分别配置默认网页
nginx1:10.1.41.64 默认网页 nginx 41.64
nginx2:10.1.41.65 默认网页 nginx 41.65
测试结果如下
root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
在keepalive1(10.1.41.60)关闭keepalived
#systemctl stop keepalived
vrrp(虚拟IP)会自动偏移到keepalive2(10.1.41.61)
下面是在keepalive2上看到的日志
cat /var/log/messages
Mar 7 22:14:13 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Entering MASTER STATE
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) setting protocol VIPs.
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_healthcheckers[7493]: Netlink reflector reports IP 10.1.41.88 added
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
[root@keepalive2 ~]# ip addr | grep 41.88
inet 10.1.41.88/24 scope global secondary ens160
这时我们在进行访问测试
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
OK 这样简单的nginx-keepalived高可用负载均衡就实现了
架构
keepalive1:10.1.41.60
keepalive2:10.1.41.61
vrrp:10.1.41.88
nginx1:10.1.41.64
nginx2:10.1.41.65
系统版本
#cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
实验目的:用keepalived实现高可用,用nginx的upstream模块反向代理后端的web服务器实现负载均衡
keepalvied安装与配置
安装前的准备
ln -sv /usr/src/kernels/3.10.0-327.el7.x86_64/ /usr/src/linux
从官网下载keepalived的最新版本,本文以当前最新版本1.3.0为例。
编译安装keepalived
wget http://www.keepalived.org/software/keepalived-1.3.0.tar.gz
tar zxf keepalived-1.3.0.tar.gz -C /usr/local
cd /usr/local/keepalived-1.3.0/
yum install openssl-devel libnfnetlink-devel -y
./configure --prefix=/usr/local/keepalived --sbindir=/usr/sbin --sysconfdir=/etc
make -j4 && make install
在Centos6.4版本以后都可以直接yum安装keepalived
yum install keepalived -y
配置文件的修改
vim /etc/keepalived/keepalived.conf
注释掉占时用不到的配置
.,$s/^/#/g 从当前行到结尾的所有行首加上#注释掉
set nohlsearch
在 keepalive1:10.1.41.60 配置
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_60
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 90
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass uRINKmfBsok=
}
virtual_ipaddress {
10.1.41.88/24
}
}
在 keepalive2:10.1.41.61 配置
! Configuration File for keepalived
global_defs {
router_id lvs61
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 90
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass uRINKmfBsok=
}
virtual_ipaddress {
10.1.41.100/24
}
}
配置完成后主副节点都启动keepalived服务
systemctl start keepalived
在keepalive1和keepalive2都安装nginx
nginx版本:nginx-1.8.1.
yum install gcc openssl-devel pcre-devel zlib-devel mod_ssl -y
获取nginx编译安装包
wget http://nginx.org/download/nginx-1.8.1.tar.gz
或者直接到网站进行下载 http://nginx.org/en/download.html
# tar xf nginx-1.8.1.tar.gz
# cd nginx-1.8.1
# groupadd -r nginx
# useradd -r -g nginx -s /sbin/nologin -M nginx
参考官方网站http://nginx.org/en/linux_packages.html#stable 进行编译安装
./configure \--prefix=/etc/nginx \--sbin-path=/usr/sbin/nginx \--conf-path=/etc/nginx/nginx.conf \--error-log-path=/var/log/nginx/error.log \--http-log-path=/var/log/nginx/access.log \--pid-path=/var/run/nginx.pid \--lock-path=/var/run/nginx.lock \--http-client-body-temp-path=/var/cache/nginx/client_temp \--http-proxy-temp-path=/var/cache/nginx/proxy_temp \--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \--http-scgi-temp-path=/var/cache/nginx/scgi_temp \--user=nginx \--group=nginx \--with-http_ssl_module \--with-http_realip_module \--with-http_addition_module \--with-http_sub_module \--with-http_dav_module \--with-http_flv_module \--with-http_mp4_module \--with-http_gunzip_module \--with-http_gzip_static_module \--with-http_random_index_module \--with-http_secure_link_module \--with-http_stub_status_module \--with-http_auth_request_module \--with-threads
make -j4 && make install
参考官方网站进行nginx脚步编写
https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/
Red Hat NGINX Init Script
Red Hat Nginx Init Script Should work on RHEL, Fedora, CentOS. Tested on CentOS 5.
Save this file as /etc/init.d/nginx
vim /etc/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
而后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
# chmod 755 /etc/init.d/nginx
添加至服务管理列表,并让其开机自动启动:
# chkconfig --add nginx
# chkconfig nginx on
而后就可以启动服务并测试了:
# service nginx start
在keepalive1和keepalive2都进行nginx配置文件的更改,要修改的部分如下
#vim /etc/nginx/nginx.conf
upstream myserver {
server 10.1.41.64:80 weight=5;
server 10.1.41.65:80 weight=5;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://myserver;
}
nginx配置文件更改后,检查配置文件语法
nginx -t
对nginx进行优雅重启
nginx -s reload
把nginx1和nginx2安装好nginx后分别配置默认网页
nginx1:10.1.41.64 默认网页 nginx 41.64
nginx2:10.1.41.65 默认网页 nginx 41.65
测试结果如下
root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
在keepalive1(10.1.41.60)关闭keepalived
#systemctl stop keepalived
vrrp(虚拟IP)会自动偏移到keepalive2(10.1.41.61)
下面是在keepalive2上看到的日志
cat /var/log/messages
Mar 7 22:14:13 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Entering MASTER STATE
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) setting protocol VIPs.
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:14 centos7 Keepalived_healthcheckers[7493]: Netlink reflector reports IP 10.1.41.88 added
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
Mar 7 22:14:19 centos7 Keepalived_vrrp[7494]: Sending gratuitous ARP on ens160 for 10.1.41.88
[root@keepalive2 ~]# ip addr | grep 41.88
inet 10.1.41.88/24 scope global secondary ens160
这时我们在进行访问测试
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
[root@mynginx ~]# curl 10.1.41.88
nginx 41.65
[root@mynginx ~]# curl 10.1.41.88
nginx 41.64
OK 这样简单的nginx-keepalived高可用负载均衡就实现了