1、Nginx+Keepalived实现站点高可用
1. Keepalived介绍
Keepalived是一个基于VRRP协议来实现的服务高可用方案,可以利用其来避免IP单点故障,类似的工具还有heartbeat、corosync、pacemaker。但是它一般不会单独出现,而是与其它负载均衡技术(如lvs、haproxy、nginx)一起工作来达到集群的高可用。
VRRP全称 Virtual Router Redundancy Protocol,即 虚拟路由冗余协议。可以认为它是实现路由器高可用的容错协议,即将N台提供相同功能的路由器组成一个路由器组(Router Group),这个组里面有一个master和多个backup,但在外界看来就像一台一样,构成虚拟路由器,拥有一个虚拟IP(vip,也就是路由器所在局域网内其他机器的默认路由),占有这个IP的master实际负责ARP相应和转发IP数据包,组中的其它路由器作为备份的角色处于待命状态。master会发组播消息,当backup在超时时间内收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master,保证路由器的高可用。
在VRRP协议实现里,虚拟路由器使用 00-00-5E-00-01-XX 作为虚拟MAC地址,XX就是唯一的 VRID (Virtual Router IDentifier),这个地址同一时间只有一个物理路由器占用。在虚拟路由器里面的物理路由器组里面通过多播IP地址 224.0.0.18 来定时发送通告消息。每个Router都有一个 1-255 之间的优先级别,级别最高的(highest priority)将成为主控(master)路由器。通过降低master的优先权可以让处于backup状态的路由器抢占(pro-empt)主路由器的状态,两个backup优先级相同的IP地址较大者为master,接管虚拟IP。
1.2 Keepalived + nginx
VIP:192.168.80.150
NGINX1:192.168.80.100
NGINX2:192.168.80.200
本例是当本机curl nginx主页连续三次没有响应就认为nginx服务进程异常,自动切换
NGINX1:192.168.80.100 配置文件 /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script nginx {
script "/etc/keepalived/nginx.sh"
interval 2
weight -20
fall 3
rise 2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.150/24
}
track_script {
nginx
}
}
NGINX1:192.168.80.100 脚本文件 /etc/keepalived/nginx.sh
#!/bin/bash
for((i=0;i<2;i++))
do
http_code=`curl -I -m 10 -o /dev/null -s -w "%{http_code}\\n" http://192.168.80.100/index.html`
if [ "$http_code" != "200" ];then
count=$(($count+1))
continue
else
count=0
break
fi
done
if [ $count -ne 0 ];then
systemctl stop keepalived
exit 1
else
exit 0
fi
NGINX2:192.168.80.200 配置文件 /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script nginx {
script "/etc/keepalived/nginx.sh"
interval 2
weight -20
fall 3
rise 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.150/24
}
track_script {
nginx
}
}
NGINX2:192.168.80.100 脚本文件 /etc/keepalived/nginx.sh
#!/bin/bash
for((i=0;i<2;i++))
do
http_code=`curl -I -m 10 -o /dev/null -s -w "%{http_code}\\n" http://192.168.80.200/index.html`
if [ "$http_code" != "200" ];then
count=$(($count+1))
continue
else
count=0
break
fi
done
if [ $count -ne 0 ];then
systemctl stop keepalived
exit 1
else
exit 0
fi
2、实现keepalived主主模型
在两台服务器上都安装tomcat8
NGINX1服务器在1的基础上添加一下配置文件
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.160/24
}
}
NGINX2服务器在1的基础上添加一下配置文件
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.160/24
}
}
3、采用varnish为ngin实现缓存加速
varnish地址:192.168.80.150
nginx地址:192.168.80.120
1.安装varnish
yum install varnish -y
2. 配置varnish
在/etc/varnish目录下的varnish.params文件中修改VARNISH_VCL_CONF=/etc/varnish/default.vcl,将vcl文件指向要使用的vcl文件,文件中其他内容则按需修改
VARNISH_VCL_CONF=/etc/varnish/default.vcl #vcl文件路径
VARNISH_LISTEN_PORT=80 #varnish自己工作于那个端口。默认是6081
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 #管理接口
VARNISH_ADMIN_LISTEN_PORT=6082 #管理接口监听端口
VARNISH_SECRET_FILE=/etc/varnish/secret #密钥文件
VARNISH_MIN_THREADS=50 #最少空闲线程
VARNISH_MAX_THREADS=1000 #最多启动线程
VARNISH_THREAD_TIMEOUT=120 #work超时时长
#VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin #存储文件
VARNISH_STORAGE_SIZE=64M #存储文件文件大小
#VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" #存储方式file
VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SIZE}" #基于内存方式
VARNISH_TTL=120
3.修改配置文件
#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "192.168.80.120";
.port = "80";
}
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
#跳过缓存
if(req.url ~ "^/zhangsan.html$"){
return(pass);
}
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
}
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from " + server.ip;
} else {
set resp.http.X-Cache = "MISS from " + server.ip;
}
}
4、LNMP结合varnish实现动静分离
varnish地址:192.168.80.150
nginx地址:192.168.80.120
php地址:192.168.80.130
backend default {
.host = "192.168.80.120";
.port = "80";
}
backend php {
.host = "192.168.80.130";
.port = "80";
}
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
if ( req.url ~ "(?i)\.php$") {
set req.backend_hint = php;
} else {
set req.backend_hint = default;
}
#跳过缓存
if(req.url ~ "^/zhangsan.html$"){
return(pass);
}
}