Nginx + Keepalived高可用
1、环境准备
| 角色 | IP |
|---|---|
| nginx-master | 10.10.10.98 |
| nginx-backup | 10.10.10.99 |
| apache | 10.10.10.66 |
| apache | 10.10.10.67 |
| vip | 10.10.10.55 |
2、nginx-master & nginx-backup主机安装nginx
]# yum -y install gcc pcre-devel openssl-devel
]# tar -xvf nginx-1.12.2.tar.gz
]# cd nginx-1.12.2
]# ./configure
]# make && make install
3、apache主机安装httpd
~]# yum -y install httpd
~]# systemctl start httpd
~]# echo "this is apache-66" > /var/www/html/index.html
~]# echo "this is apache-67" > /var/www/html/index.html
~]# curl 10.10.10.66
this is apache-66
~]# curl 10.10.10.67
this is apache-67
4、nginx-master修改nginx配置文件
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream webserver{
server 10.10.10.66:80;
server 10.10.10.67:80;
}
server {
listen 80;
server_name www.webserver.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://webserver;
root html;
index index.html index.htm;
}
5、启动nginx
]# /usr/local/nginx/sbin/nginx
]# scp /usr/local/nginx/conf/nginx.conf [email protected]:/usr/local/nginx/conf/
]# /usr/local/nginx/sbin/nginx # nginx-backup执行
]# curl 10.10.10.98
this is apache-66
]# curl 10.10.10.98
this is apache-67
]# curl 10.10.10.99
this is apache-66
]# curl 10.10.10.99
this is apache-67
6、nginx-master & nginx-backup主机安装keepalived
]# yum -y install keepalived
]# systemctl start keepalived
nginx-master修改keepalived配置文件
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb01
vrrp_iptables
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx_port{ # 定义监控脚本
script "/etc/keepalived/nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.55
}
track_script {
check_nginx_port # 执行 nginx 监控的服务,要与上面名称相同
}
}
virtual_server 10.10.10.55 80 { # 虚拟ip和nginx访问端口
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 5
protocol TCP
real_server 10.10.10.98 80 { # 物理机ip端口
weight 1
notify_down /etc/keepalived/nginx.sh
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80 #监测的nginx的访问的TCP端口
}
}
}
7、nginx-backup修改keepalived配置文件
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb02
vrrp_iptables
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx_port{
script "/etc/keepalived/nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.55
}
track_script {
check_nginx_port
}
}
virtual_server 10.10.10.55 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 5
protocol TCP
real_server 10.10.10.99 80 {
weight 1
notify_down /etc/keepalived/nginx.sh
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
监控脚本
]# more /etc/keepalived/nginx.sh
#/bin/bash
d=`date +%Y%m%d_%H:%M:%S`
while true
do
code=`netstat -ntulp | grep nginx | wc -l`
if [ $code -eq 0 ];then
echo "$d nginx down!" >> /var/log/check_nginx.log
systemctl stop keepalived
fi
sleep 5
done
8、 重启keepalived,98主机占有vip
]# systemctl restart keepalived
]# ip a s
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:26:fa:3d brd ff:ff:ff:ff:ff:ff
inet 10.10.10.98/24 brd 10.10.10.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 10.10.10.55/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::831f:123b:cf85:b731/64 scope link noprefixroute
valid_lft forever preferred_lft forever
]# curl 10.10.10.55
this is apache-66
]# curl 10.10.10.55
this is apache-67
9、测试,停止98主机nginx服务模拟故障,99主机查看ip发现vip已经飘到99了
]# /usr/local/nginx/sbin/nginx -s stop
]# ip a s
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:6d:94:5b brd ff:ff:ff:ff:ff:ff
inet 10.10.10.99/24 brd 10.10.10.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 10.10.10.55/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::87c1:4925:5c0c:9085/64 scope link noprefixroute
valid_lft forever preferred_lft forever