之前有做过lvs+keepalived来实现高可用。可是现在nginx已经用到了很多公司的web服务器上,并且也表现出优良的性能。
那么在架构中,nginx放在前端用作负载均衡和处理静态页面以及缓存,是一个很重要的位置,必须要保证nginx服务器的高可用,
今天简单介绍下用nginx+keepalived来实现nginx服务器的高可用,即实现故障自动切换。
环境:
主nginx服务器:192.168.2.117
备nginx服务器:192.168.0.170
VIP:192.168.2.114
nginx服务器的安装和配置在此不做介绍,不会的话可以参考:
http://www.linuxyan.com/web-server/6.html
1、keepalived安装(在主和备2台nginx服务器上都安装)
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar xzf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure –prefix=/usr/local/keepalived
make && make install
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
mkdir /etc/keepalived
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
然后对主nginx服务器的keepalived进行配置
vi /etc/keepalived/keepalived.conf
global_defs {
notification_email {
admin@centos.bz #接收警报的email地址,可以添加多个
}
notification_email_from keepalived@domain.com ###发件人地址
smtp_server 127.0.0.1 ###发送邮件的服务器
smtp_connect_timeout 30 ###超时时间
router_id LVS_DEVEL ####load balancer 的标识 ID,用于email警报
}
vrrp_script chk_http_port {
script “/opt/nginx_pid.sh” ####检测nginx状态的脚本路径
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER ############ 辅机为 BACKUP
interface eth0 ####HA 监测网络接口
virtual_router_id 51 #主、备机的 virtual_router_id 必须相同
mcast_src_ip 192.168.2.117 ###本机IP地址
priority 102 ########### 权值要比 back 高
advert_int 1 #主备之间的通告间隔秒数
authentication {
auth_type PASS ###主备切换时的验证
auth_pass 1111
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.2.114 ####vip的地址
}
}
备nginx服务器上配置
global_defs {
notification_email {
admin@centos.bz
}
notification_email_from keepalived@domain.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script “/opt/nginx_pid.sh” ##检测nginx状态的脚本
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51 #### 保持主从服务器一致
mcast_src_ip 192.168.0.170 ###本机的IP地址
priority 101 ##########权值 要比 master 低。。
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.2.114 ###vip的地址
}
}
之后分别在主从服务器建立nginx的监控脚本:
vi /opt/nginx_pid.sh
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx ##这个地方写你nginx命令的路径
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
配置好之后,分别在2台服务器上启动nginx和keepalived
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
/etc/init.d/keepalived start
在主nginx服务器上执行ip a
[root@localhost ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:58:58:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.2.117/22 brd 192.168.3.255 scope global eth0
inet 192.168.2.114/32 scope global eth0
inet6 fe80::20c:29ff:fe58:585f/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
可以看到2.114这个vip已经绑定在主nginx服务器上了,这个时候把nginx停掉
[root@localhost ~]# killall nginx
[root@localhost ~]# ps aux |grep nginx
root 9175 0.0 0.3 43268 916 ? Ss 05:45 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx 9176 0.0 0.5 43648 1468 ? S 05:45 0:00 nginx: worker process
root 9187 0.0 0.2 61180 716 pts/0 R+ 05:45 0:00 grep nginx
额额,,,怎么停不掉,,,,
注意看监控nginx的脚本,当脚本检测到nginx没有运行的时候,会尝试启动一次,如果启动成功,则不转移vip。如果启动失败,则把keepalived停掉,从机的keepalived会把vip绑定到备nginx服务器上,这个时候就是备nginx的服务器在提供服务了。
为了看下效果,暂且把这个脚本修改一下,不让他尝试启动nginx服务
这个时候把nginx服务停掉,我们用ip a来看下vip是否还在主nginx服务器上绑定着
[root@localhost ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:58:58:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.2.117/22 brd 192.168.3.255 scope global eth0
inet6 fe80::20c:29ff:fe58:585f/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
可以看到已经没有vip这个地址了
去看备nginx服务器上看vip是否绑定在了上面
[root@localhost etc]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:34:cc:f9 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.170/22 brd 192.168.1.255 scope global eth0
inet 192.168.2.114/32 scope global eth0
inet6 fe80::20c:29ff:fe34:ccf9/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
ok,可以看到vip已经绑定在备nginx服务器上了。
(责任编辑:IT) |