之前有做過lvs+keepalived來實現高可用。可是現在nginx已經用到了很多公司的web服務器上,并且也表現出優良的性能。
那么在架構中,nginx放在前端用作負載均衡和處理靜態頁面以及緩存,是一個很重要的位置,必須要保證nginx服務器的高可用,
今天簡單介紹下用nginx+keepalived來實現nginx服務器的高可用,即實現故障自動切換。
環境:
主nginx服務器:192.168.2.117
備nginx服務器:192.168.0.170
VIP:192.168.2.114
nginx服務器的安裝和配置在此不做介紹,不會的話可以參考:
http://www.linuxyan.com/web-server/6.html
1、keepalived安裝(在主和備2臺nginx服務器上都安裝)
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar xzf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure –prefix=/usr/local/keepalived
make && make install
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
mkdir /etc/keepalived
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
然后對主nginx服務器的keepalived進行配置
vi /etc/keepalived/keepalived.conf
global_defs {
notification_email {
admin@centos.bz #接收警報的email地址,可以添加多個
}
notification_email_from keepalived@domain.com ###發件人地址
smtp_server 127.0.0.1 ###發送郵件的服務器
smtp_connect_timeout 30 ###超時時間
router_id LVS_DEVEL ####load balancer 的標識 ID,用于email警報
}
vrrp_script chk_http_port {
script “/opt/nginx_pid.sh” ####檢測nginx狀態的腳本路徑
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER ############ 輔機為 BACKUP
interface eth0 ####HA 監測網絡接口
virtual_router_id 51 #主、備機的 virtual_router_id 必須相同
mcast_src_ip 192.168.2.117 ###本機IP地址
priority 102 ########### 權值要比 back 高
advert_int 1 #主備之間的通告間隔秒數
authentication {
auth_type PASS ###主備切換時的驗證
auth_pass 1111
}
track_script {
chk_http_port ### 執行監控的服務
}
virtual_ipaddress {
192.168.2.114 ####vip的地址
}
}
備nginx服務器上配置
global_defs {
notification_email {
admin@centos.bz
}
notification_email_from keepalived@domain.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script “/opt/nginx_pid.sh” ##檢測nginx狀態的腳本
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51 #### 保持主從服務器一致
mcast_src_ip 192.168.0.170 ###本機的IP地址
priority 101 ##########權值 要比 master 低。。
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port ### 執行監控的服務
}
virtual_ipaddress {
192.168.2.114 ###vip的地址
}
}
之后分別在主從服務器建立nginx的監控腳本:
vi /opt/nginx_pid.sh
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx ##這個地方寫你nginx命令的路徑
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
配置好之后,分別在2臺服務器上啟動nginx和keepalived
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
/etc/init.d/keepalived start
在主nginx服務器上執行ip a
[root@localhost ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:58:58:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.2.117/22 brd 192.168.3.255 scope global eth0
inet 192.168.2.114/32 scope global eth0
inet6 fe80::20c:29ff:fe58:585f/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
可以看到2.114這個vip已經綁定在主nginx服務器上了,這個時候把nginx停掉
[root@localhost ~]# killall nginx
[root@localhost ~]# ps aux |grep nginx
root 9175 0.0 0.3 43268 916 ? Ss 05:45 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx 9176 0.0 0.5 43648 1468 ? S 05:45 0:00 nginx: worker process
root 9187 0.0 0.2 61180 716 pts/0 R+ 05:45 0:00 grep nginx
額額,,,怎么停不掉,,,,
注意看監控nginx的腳本,當腳本檢測到nginx沒有運行的時候,會嘗試啟動一次,如果啟動成功,則不轉移vip。如果啟動失敗,則把keepalived停掉,從機的keepalived會把vip綁定到備nginx服務器上,這個時候就是備nginx的服務器在提供服務了。
為了看下效果,暫且把這個腳本修改一下,不讓他嘗試啟動nginx服務
這個時候把nginx服務停掉,我們用ip a來看下vip是否還在主nginx服務器上綁定著
[root@localhost ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:58:58:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.2.117/22 brd 192.168.3.255 scope global eth0
inet6 fe80::20c:29ff:fe58:585f/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
可以看到已經沒有vip這個地址了
去看備nginx服務器上看vip是否綁定在了上面
[root@localhost etc]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:34:cc:f9 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.170/22 brd 192.168.1.255 scope global eth0
inet 192.168.2.114/32 scope global eth0
inet6 fe80::20c:29ff:fe34:ccf9/64 scope link
valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
ok,可以看到vip已經綁定在備nginx服務器上了。