http://blog.csdn.net/e421083458/article/details/30092795
keepalived+nginx雙機熱備+負載均衡
最近因業務擴展,需要將當前的apache 轉爲nginx(web), 再在web前端放置nginx(負載均衡)。同時結合keepalived 對前端nginx實現HA。
nginx進程基於於Master+Slave(worker)多進程模型,自身具有非常穩定的子進程管理功能。在Master進程分配模式下,Master進程永遠不進行業務處理,只是進行任務分發,從而達到Master進程的存活高可靠性,Slave(worker)進程所有的業務信號都 由主進程發出,Slave(worker)進程所有的超時任務都會被Master中止,屬於非阻塞式任務模型。
Keepalived是Linux下面實現VRRP 備份路由的高可靠性運行件。基於Keepalived設計的服務模式能夠真正做到主服務器和備份服務器故障時IP瞬間無縫交接。二者結合,可以構架出比較穩定的軟件lb方案。
準備4臺電腦來做這個實驗:
192.168.232.132 web服務器
192.168.232.133 web服務器
192.168.232.134 keepalived nginx
192.168.232.135 keepalived nginx
虛擬IP (VIP):192.168.232.16
134\135兩個主機配置虛擬IP
下面以135爲例:
vi /etc/sysconfig/network-scripts/ifcfg-eth2:0
[plain] view plain copy print?
DEVICE=eth2:0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
DNS1=192.168.232.2
IPADDR=192.168.232.16
NETMASK=255.255.255.0
GETWAY=192.168.232.2
service network restart
使用ifconfig查看效果:
[plain] view plain copy print?
eth2 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.135 Bcast:192.168.232.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe49:905b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66322 errors:0 dropped:0 overruns:0 frame:0
TX packets:31860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67624991 (64.4 MiB) TX bytes:2723877 (2.5 MiB)
Interrupt:19 Base address:0x2000
eth2:0 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.16 Bcast:192.168.232.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:22622 errors:0 dropped:0 overruns:0 frame:0
TX packets:22622 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1236328 (1.1 MiB) TX bytes:1236328 (1.1 MiB)
說明生效了。
134\135兩個主機安裝keepalived和nginx
nginx安裝:
1、導入外部軟件庫
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/epel-release-6-5.noarch.rpm
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/ius-release-1.0-10.ius.el6.noarch.rpm
rpm -Uvh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
以下添加註釋
mirrorlist=http://dmirr.iuscommunity.org/mirrorlist?repo=ius-el6&arch=$basearch
以下刪除註釋
#baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/$basearch
2、yum安裝nginx
yum install nginx
keepalived安裝:
安裝依賴
yum -y install gcc gcc+ gcc-c++
yum install popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
安裝內核
yum -y install kernel kernel-devel
當前kernel代碼建立連接 ln -s /usr/src/kerners/2.6....../ /usr/src/linux
安裝keepalived
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar -zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make
make install
拷貝相應的文件
cp /usr/local/sbin/keepalived /usr/sbin/
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
cp -r /usr/local/etc/keepalived/ /etc/
配置keeplived和nginx主機
134/135執行都執行以下操作:
vi /etc/nginx/conf.d/default.conf
[plain] view plain copy print?
server {
listen 8088;
server_name localhost;
location / {
root /var/www/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
135執行以下操作:
vi /var/www/html/index.html
[plain] view plain copy print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.135</h1></center>
</body>
</html>
134執行以下操作:
vi /var/www/html/index.html
[plain] view plain copy print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.134</h1></center>
</body>
</html>
134執行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view plain copy print?
! Configuration File for keepalived
global_defs {
notification_email {
}
#notification_email_from [email protected]
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth2
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
135執行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view plain copy print?
! Configuration File for keepalived
global_defs {
notification_email {
}
#notification_email_from [email protected]
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth2
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
Tips:
state 參數值:主的是MASTER、備用的是BACKUP
priority 參數值: MASTER > BACKUP
virtual_router_id: 參數值要一樣
測試測試:
兩臺測試機134\135均啓動keepalived和nginx
service keepalived restart
service keepalived nginx
驗證nginx啓動正常:
訪問 master:http://192.168.232.134:8088/
訪問 backup: http://192.168.232.135:8088/
查看keepalived的日誌信息:
134\135均打開日誌信息方便查看keepalived動態:
tail -f /var/log/messages
瀏覽器打開虛擬ip訪問:http://192.168.232.16:8080/ ,此時顯示IP爲192.168.232.134
服務器層的雙機熱備(比如服務器宕機、keepalived宕了)測試:
kill 192.168.232.134(master) 的keepalived進程
killall keepalived
134的日誌信息如下:
[plain] view plain copy print?
Jun 11 18:03:10 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 18:03:15 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 19:30:44 localhost Keepalived: Terminating on signal
Jun 11 19:30:44 localhost Keepalived: Stopping Keepalived v1.2.2 (06/10,2014)
Jun 11 19:30:44 localhost Keepalived_vrrp: Terminating VRRP child process on signal
Jun 11 19:30:44 localhost Keepalived_healthcheckers: Terminating Healthchecker child process on signal
135的日誌信息如下:
[plain] view plain copy print?
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:30:50 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:30:55 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此時顯示IP爲192.168.232.135。
再次啓動192.168.232.134的keepalived進程,192.168.232.134會自動接管成爲master,192.168.232.135自動轉爲backup,從測試結果看,備機能成功接管,已經實現了熱備。
應用層(web)的雙機熱備(比如nginx進程被意外kill、web端口不通)試驗:
關閉192.168.232.134(master) 的nginx服務:
service nginx stop
134的日誌信息如下:
[plain] view plain copy print?
Jun 11 19:38:49 localhost Keepalived_vrrp: VRRP_Script(chk_http_port) failed
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 11 19:38:51 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 removed
135的日誌信息如下:
[plain] view plain copy print?
Jun 11 19:38:52 localhost Keepalived_vrrp: VRRP_Instance(VI_1) forcing a new MASTER election
Jun 11 19:38:53 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:38:54 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:38:59 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此時顯示IP爲192.168.232.135。
再次啓動192.168.232.134的nginx進程,192.168.232.134會自動接管成爲master,192.168.232.135自動轉爲backup,從測試結果看,備機能成功接管,已經實現了熱備。
爲什麼主備的參數state都是MASTER,對的你沒有看錯確實要都設置成一樣的,不然並不能實現我們想要的VIP漂浮的效果,我測試很久才發現的.state都設置成MASTER後,會根據priority的值大小競爭來決定誰是真正的MASTER,腳本檢測也是在失敗的時候會把權重減去相應的值,比如原來master(181)的priority=100,如果腳本檢測到端口8088無法連接,就會priority-2=98,< S-B(150)的priority(99),此時 S-B(150) 將競爭成爲master,這樣就實現了web應用的熱備。