nginx + keepalived 雙機熱備

原創 jeffy_zwm 2019-02-22 14:27

雙機熱備是指兩臺機器都在運行,但並非兩臺機器同時在提供服務。
當提供服務的一臺出現故障的時候,另外一臺會馬上自動接管並且提供服務,且切換的時間非常短。

keepalived的工作原理是VRRP——虛擬路由冗餘協議。

測試環境如下:

ip

vip

master

192.168.174.135

192.168.174.140

backup

192.168.174.137

192.168.174.140

回到頂部
nginx
安裝

sudo apt-get install nginx
查找配置文件位置

sudo find / -name nginx.conf
/etc/nginx/nginx.conf
修改配置文件(nginx.conf)

複製代碼
user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
worker_connections 1024;
}

http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_type application/octet-stream;

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

server {
    listen 80 default_server;
    server_name test;
    charset utf-8;

    location / {
    root html;
    index index.html index.htm;
    proxy_set_header X-Real_IP $remote_addr;
    client_max_body_size 100m;
    }
}

}
複製代碼
文件/usr/share/nginx/html/index.html

在192.168.174.135上加上 <h1>Welcome to nginx! 135 </h1>

在192.168.174.137上加上 <h1>Welcome to nginx! 137 </h1>

啓動

sudo service nginx start
關閉

sudo service nginx stop
回到頂部
keepalived
安裝

下載keepalived-1.2.19.tar.gz

tar –zxvf keepalived-1.2.19.tar.gz
cd keepalived-1.2.19
./configure --prefix=/usr/local/keepalived
make
sudo make install
期間可能出現問題:

!!! OpenSSL is not properly installed on your system. !!!
!!! Can not include OpenSSL headers files. !!!

解決

sudo apt-get install libssl.dev
建立軟鏈接

sudo ln -s /usr/local/keepalived/sbin/keepalived /sbin/
sudo ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
sudo ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
啓動

sudo keepalived -D -f /usr/local/keepalived/etc/keepalived/keepalived.conf
關閉

sudo killall keepalived
配置(keepalived.conf):

複製代碼
global_defs {
router_id NODEA
}

vrrp_instance VI_1 {
state MASTER
interface eth0 #監測網絡接口
virtual_router_id 50 #主、備必須一樣
priority 100 #優先級:主>備
advert_int 1
authentication {
auth_type PASS #VRRP認證,主備一致
auth_pass 1111 #密碼
}

virtual_ipaddress {
192.168.174.140/24 #VRRP HA虛擬地址
}
}
複製代碼
備用節點的配置

複製代碼
global_defs {
router_id NODEB
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}

virtual_ipaddress {
192.168.174.140/24
}
}
複製代碼
回到頂部
測試
雙擊熱備

兩臺機子均啓動nginx和keepalived,瀏覽器各自訪問

瀏覽器訪問:http://192.168.174.140/,顯示的是MASTER的頁面

同樣用ip appr可以驗證:

135機器:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

   valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

   valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

link/ether 00:0c:29:39:d4:88 brd ff:ff:ff:ff:ff:ff

inet 192.168.174.135/24 brd 192.168.174.255 scope global eth0

   valid_lft forever preferred_lft forever

inet 192.168.174.140/24 scope global secondary eth0

   valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe39:d488/64 scope link

   valid_lft forever preferred_lft forever

137機器:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

   valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

   valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000

link/ether 00:0c:29:cf:23:62 brd ff:ff:ff:ff:ff:ff

inet 192.168.174.137/24 brd 192.168.174.255 scope global eth0

   valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fecf:2362/64 scope link

   valid_lft forever preferred_lft forever

現在關閉135機器的keepalived。

但當nginx宕掉或整個機子宕機後,這種情況不行了——通過瀏覽器訪問192.168.174.140訪問不到資源。

nginx宕掉/機器宕掉熱備

爲了解決上一問題,可以利用腳本,當檢測到nginx進程宕掉後,自動關閉keepalived進程,從而實現熱備份。

主節點的配置

複製代碼
global_defs {
router_id NODEA
}

vrrp_script chk_http_port {
script "/home/jimite/keepalived/chk_nginx_pid.sh"
interval 2
weight 2
}

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.174.140/24
}
}
複製代碼
備用節點的配置

複製代碼
global_defs {
router_id NODEB
}

vrrp_script chk_http_port {
script "/home/jihite/keepalived/chk_nginx_pid.sh"
interval 2
weight 2
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}

virtual_ipaddress {
192.168.174.140/24
}

}
複製代碼
其中/home/jimite/keepalived/chk_nginx_pid.sh爲

複製代碼
#!/bin/bash
A=ps -C nginx --no-header |wc -l
if [ $A -eq 0 ]
then
echo 'nginx server is died'
sudo killall keepalived
fi
問題:殺死keepalived進程後,可以實現vip的偏移,但是原機器的vip無法自動刪除
原因:VRRP協議原理是:只有MASTER對外發送消息。各BACKUP接受消息,當接受不到消息時會在剩下的BACKUP機器中選出新的MASTER。
之前用kill -9 pid 或killall pid殺死keepalived進程,導致安裝keepalived不能發送信息,BACKUP收不到信息升級爲MASTER,但是由於進程被殺死【非正常關閉】,導致keepalived沒有能力自己刪除vip。
解決方案:關閉keepalived時用命令
service keepalived stop 或 kill -15 pid(注:只刪除第一個進程號)
存在問題:
非正常關閉keepalived。 禁止使用kill -9 或killall殺死keepalived。

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

Linux核心技能与应用

wy53780 2020-04-23 14:02:05

Python與家國天下

豌豆花下貓 2019-02-24 22:22:40

linux上安裝Docker(非常簡單的安裝方法)

幸運券發放 2019-02-24 19:38:01

2019年Java面試-併發容器篇

王知無 2019-02-24 15:12:46

淺淡個人學習嵌入式Linux過程

wx5c317e5b736d2 2019-02-24 13:31:30

DHCP服務原理與搭建(Linux系統+路由器,二選一方案)

wx5c7174443c6f9 2019-02-24 13:23:18

Redis安裝與配置

劉遄 2019-02-24 13:12:51

linux知識寶庫

wbzjacky 2019-02-24 13:12:37

Linux查看CPU和內存使用情況

wbzjacky 2019-02-24 13:12:37

相關Linux安全方面的知識點

slqbj 2019-02-24 13:02:39

忘記了Linux密碼,使用GRUB重新設置

slqbj 2019-02-24 13:02:39

2019重新起航

sharkwu 2019-02-24 12:59:32

Oracle11g 基於linux 6.3下安裝

love壁虎 2019-02-24 12:55:06

Oracle基於Linux 7下的安裝

love壁虎 2019-02-24 12:55:05

服務器雙機熱備解決方案

wbzjacky 2019-02-24 13:12:37