nginx+keeplive实现高可用

主机规划

主机	服务
192.168.158.128	nginx keepalived
192.168.158.129	Nginx keepalived

虚IP : 192.168.158.50

前置

服务器上已经有nginx，可以访问80端口。

架构

下载及准备

https://www.keepalived.org/

wget --no-check-certificate https://www.keepalived.org/software/keepalived-1.2.18.tar.gz

编译并安装

tar -xvzf keepalived-1.2.18.tar.gz
cd /usr/local/keepalived-1.2.18
./configure --prefix=/usr/local/keepalived
make && make install

Keepalived安装成Linux服务

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/

设置开机启动

chkconfig keepalived on

创建nginx状态检查脚本

脚本描述：如果 nginx 停止运行，尝试启动，如果无法启动则杀死本机的 keepalived 进程

vi /etc/keepalived/nginx_check.sh

内容：

#!/bin/bash 
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
    /usr/local/nginx/sbin/nginx
    sleep 2
    counter=$(ps -C nginx --no-heading|wc -l)
    if [ "${counter}" = "0" ]; then
        systemctl stop keepalived
    fi
fi

权限:

chmod +x /etc/keepalived/nginx_check.sh

配置keepalived.conf

cd /etc/keepalived/
vim keepalived.conf

keepalived.conf解释

! Configuration File for keepalived 
 
global_defs { 
   ## keepalived 自带的邮件提醒需要开启 sendmail 服务。建议用独立的监控或第三方 SMTP 
   router_id TS1  ## 标识本节点的字条串，通常为 hostname 
} 
##  keepalived 会定时执行脚本并对脚本执行的结果进行分析，动态调整 vrrp_instance 的优先级。如果脚本执行结果为 0，并且 weight 配置的值大于 0，则优先级相应的增加。如果脚本执行结果非 0，并且 weight配置的值小于 0，则优先级相应的减少。其他情况，维持原本配置的优先级，即配置文件中 priority 对应的值。 
vrrp_script chk_nginx { 
    script "/etc/keepalived/nginx_check.sh"  ## 检测 nginx 状态的脚本路径 
    interval 2  ## 检测时间间隔 
    weight -20  ## 如果条件成立，权重-20  
} 
## 定义虚拟路由，VI_1 为虚拟路由的标示符，自己定义名称 
vrrp_instance VI_1 { 
    state MASTER  ## 主节点为 MASTER，对应的备份节点为 BACKUP 
    interface eth0  ## 绑定虚拟 IP 的网络接口，与本机 IP 地址所在的网络接口相同，我的是 eth1 
    virtual_router_id 51  ## 虚拟路由的 ID 号，两个节点设置必须一样，可选 IP 最后一段使用,  相同的 VRID 为一个组，他将决定多播的 MAC 地址 
    mcast_src_ip 192.168.150.132  ## 本机 IP 地址 
    priority 100  ## 节点优先级，值范围 0-254，MASTER 要比BACKUP 高 
    nopreempt ## 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题 
    advert_int 1  ## 组播信息发送间隔，两个节点设置必须一样，默认 1s 
    ## 设置验证信息，两个节点必须一致 

    ## 将 track_script 块加入instance 配置块 
    track_script { 
        chk_nginx  ## 执行 Nginx 监控的服务 
    } 
    ## 虚拟 IP 池, 两个节点设置必须一样 
    virtual_ipaddress { 
        192.168.150.138/24   dev  eth0  label  eth0:2
    } 
}

192.168.158.128 主机配置keepalived.conf：

! Configuration File for keepalived

global_defs {
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2 
    weight 20 
}

vrrp_instance VI_1 {
    state MASTER
    interface ens160
    virtual_router_id 51
    priority 100
    advert_int 1
    mcast_src_ip 192.168.158.128
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.158.50
    }
    track_script { 
        chk_nginx
    } 
}

192.168.158.129 主机配置keepalived.conf：

! Configuration File for keepalived

global_defs {
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2 
    weight 20 
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens160
    virtual_router_id 51
    priority 90
    advert_int 1
    mcast_src_ip 192.168.158.128
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.158.50
    }
    track_script { 
        chk_nginx
    } 
}

防火墙设置

需要vrrp 的组播(多播)

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens160 --destination 224.0.0.18 --protocol vrrp -j ACCEPT

firewall-cmd --reload

firewall-cmd --direct --get-all-rules

ens160 为网卡名称。

启动

service keepalived start
service keepalived status
service keepalived stop
service keepalived restart

访问http://192.168.158.50/

可以看到nginx的index.html

测试

修改两台nginx的index.html添加IP标识