PART1 安裝、配置Nginx
1.下載nginx
手動下載 http://nginx.org/en/download.html
或者 wget http://nginx.org/download/nginx-<version>.tar.gz
2.安裝nginx
官方參考 http://nginx.org/en/linux_packages.html
2.1 安裝依賴包
因爲使用的RHEL6環境和上述網址不通,所以把依賴包下載好配置本地yum源安裝
查看當前環境以下哪些包沒有,使用yum裝上這些包
# yum --enablerepo=NGINX install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel
2.2 編譯安裝nginx
# cd /usr/local/src/
# tar -zxvf nginx-1.18.0.tar.gz
# cd nginx-1.18.0
# ./configure --prefix=/usr/local/nginx
# make && make instal
3.配置 Nginx
3.1 nginx.conf
# vi /usr/local/nginx/conf/nginx.conf
默認監聽端口爲80,如有必要可修改
server {
listen 8888;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
3.2 nginx/html/index.html
多個節點(例如兩臺)爲了便於測試時區分,需要修改主頁內容
4.防火牆打開對應端口
防火牆打開3.1中的監聽端口8888
# vi /etc/sysconfig/iptables
## Nginx
-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
或者關閉防火牆 service iptables stop
RHEL7/CentOS7使用 systemctl firewalld stop
5.啓動 Nginx
# /usr/local/nginx/sbin/nginx
設置 Nginx 開機啓動
# vi /etc/rc.local
加入以下行
/usr/local/nginx/sbin/nginx
@nginx相關命令
測試 Nginx 是否安裝成功
# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
查看 Nginx 版本號
# /usr/local/nginx/sbin/nginx -v
nginx version: nginx/1.18.0
重啓 Nginx
# /usr/local/nginx/sbin/nginx -s reload
關閉 Nginx
# /usr/local/nginx/sbin/nginx -s stop
6.瀏覽器分別訪問各個節點 => http://<noed IP>:8888
PART2 安裝、配置Keepalived
1.下載keepalived
http://www.keepalived.org
2.安裝keepalived
# cd /usr/local/src
# tar -zxvf keepalived-2.0.20.tar.gz
# cd keepalived-2.0.20
# ./configure --prefix=/usr/local/keepalived
# make && make install
3.複製配置文檔到系統默認路徑
因爲沒有使用 keepalived 的默認路徑安裝(/usr/local),需要複製配置文件到默認路徑
複製 keepalived 配置文件到默認路徑
# mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
複製 keepalived 服務腳本到默認路徑
# cp /usr/local/src/keepalived-2.0.20/keepalived/etc/init.d/keepalived /etc/init.d/ 注:make後的路徑裏沒有所以從源碼包複製
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
設置軟鏈接
# ln -s /usr/local/sbin/keepalived /usr/sbin/
# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
設置 keepalived 服務開機啓動
# chkconfig keepalived on
4.修改keepalived.conf
以MASTER節點爲例
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id testhost1 #定義節點名稱,可參考/etc/hosts中的主機名
}
#keepalived 會定時執行腳本並對腳本執行的結果進行分析,動態調整 vrrp_instance 的優先級(後附說明)
#如果weight大於0 && 腳本檢測成功 =>使用weight =>優先級相應地增加;
#如果weight小於0 && 腳本檢測失敗 =>使用weight =>優先級相應地減少;
#其它情況,維持原本配置的優先級,即配置文件中 priority 對應的值。
#此處,每隔2秒中去執行/etc/keepalived/nginx_check.sh腳本一次,腳本執行當判斷異常時,把這個節點的優先級降低20
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER #主節點爲 MASTER,備份節點爲 BACKUP
interface eth1 #綁定虛擬 IP 的網絡接口
virtual_router_id 51 #虛擬路由的 ID 號,主備節點設置必須一致
mcast_src_ip 192.168.11.121 #本機 IP 地址
priority 100 #節點優先級(0-254),MASTER 要比 BACKUP 高
advert_int 1 # 組播信息發送間隔,主備節點設置必須一致,默認 1s
#驗證信息,主備節點必須一致
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx #和前面的vrrp_script後的chk_nginx一致
}
#虛擬地址池(可以設置多個,網頁訪問虛擬地址即可),主備節點設置必須一樣
virtual_ipaddress {
192.168.11.124
192.168.11.125
}
}
……
@關於vrrp_script中weight的說明
注意:weight的絕對值要大於Master和Backup節點priority值之差
vrrp_script中指定的腳本,
(1)weight爲正數時
檢測成功,權重=priority+weight
檢測失敗,權重=priority
Master節點vrrp_script腳本檢測成功時,(Master)priority+weight > (Backup)priority+weight => 不發生切換
Master節點vrrp_script腳本檢測失敗時,(Master)priority < (Backup)priority+weight => 主、備切換
(2)weight爲負數時
檢測成功,權重=priority
檢測失敗,權重=priority+weight
Master節點vrrp_script腳本檢測成功時,(Master)priority > (Backup)priority => 不發生切換
Master節點vrrp_script腳本檢測失敗時,(Master)priority+weight < (Backup)priority => 主、備切換
5.Nginx狀態檢測腳本
# vi /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ $A -eq 0 ];then
service keepalived stop
fi
fi
# chmod 755 /etc/keepalived/nginx_check.sh
先做如下測試,nginx服務運行,執行ps -C nginx
# ps -C nginx
PID TTY TIME CMD
16189 ? 00:00:00 nginx
16191 ? 00:00:00 nginx
# ps -C nginx --no-header
21376 ? 00:00:00 nginx
21378 ? 00:00:00 nginx
nginx服務停止,執行 ps -C nginx --no-header 返回爲空
nginx_check.sh該腳本如果檢測不到nginx服務,會嘗試啓動,2s後再檢測nginx服務是否起來,如果沒有則停掉keepalived,然後會切換到備機
在主備機上執行ip a命令也可以看到虛擬地址在哪臺虛擬機上
例如,
有虛擬地址池的設備(用虛擬地址訪問網頁連的是這臺設備)
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0d:59:66:77:dd brd ff:ff:ff:ff:ff:ff
inet 192.168.11.123/22 brd 192.168.12.255 scope global eth1
inet 192.168.11.124/32 scope global eth1
inet 192.168.11.125/32 scope global eth1
inet6 fe99::40c:21ff:fa58:68a2/64 scope link
valid_lft forever preferred_lft forever
沒有虛擬地址池的設備
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0d:59:66:77:de brd ff:ff:ff:ff:ff:ff
inet 192.168.11.121/22 brd 192.168.12.255 scope global eth1
inet6 fe99::40c:21ff:fa58:68a3/64 scope link
valid_lft forever preferred_lft forever
6.啓動 Keepalived
# service keepalived start
Starting keepalived: [ OK ]
PART3 Keepalived+Nginx 的高可用測試
測試環境 兩臺rhel6.7虛擬機(nginx-1.18.0 + keepalived-2.0.20),一臺MASTER,一臺BACKUP
實驗一:keepalived.conf中,MASTER優先級100,BACKUP優先級90,weight爲-20
1)同時啓動主備的Nginx和Keepalived,通過虛擬地址訪問Nginx => 連的是Server1(MASTER)
2)Server1上執行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
3)通過虛擬地址訪問Nginx => 連的是Server2(BACKUP)
4)Server1上執行如下命令
service keepalived start
5)通過虛擬地址訪問Nginx => 連的是Server1(MASTER)
說明:
MASTER產生故障
MASTER上,檢測到nginx掛了,priority減少20,權重變爲80;低於BACKUP的priority
=> MASTER變成BACKUP,BACKUP變成MASTER
MASTER故障恢復
MASTER上,檢測到nginx是啓動的,原MASTER的權重變回100,高於原BACKUP的priority
=> 原MASTER由BACKUP又搶佔成了MASTER,原BACKUP由MASTER又變了BACKUP
實驗二:keepalived.conf中,MASTER優先級100,BACKUP優先級80,weight爲-10
因爲100+(-10)=90 > 80,預期不切換,但結果同實驗一,迷惑。。
實驗三:keepalived.conf中,MASTER優先級-100,BACKUP優先級-150,weight爲-20(優先級要配正數?胡亂試的)
1)同時啓動主備的Nginx和Keepalived,通過虛擬地址訪問Nginx => 連的是Server1(MASTER)
2)Server1上執行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
service keepalived start
3)通過虛擬地址訪問Nginx => 連的是Server2(BACKUP)
4)Server1上執行如下命令
service keepalived start
5)通過虛擬地址訪問Nginx => 連的是Server2(BACKUP)
6)Server2上執行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
7)通過虛擬地址訪問Nginx => 連的是Server1(MASTER)
8)Server2上執行如下命令
service keepalived start
9)通過虛擬地址訪問Nginx => 連的是Server1(MASTER)
實驗四:keepalived.conf中,MASTER優先級-100,BACKUP優先級-110,weight爲20,結果同實驗三
測試結果:失敗了就會切,不管weight和優先級的關係(迷惑……);優先級是否可配置爲負數?實驗結果,配置爲正數,原MASTER恢復了就會切回來,配置爲負數,原MASTER恢復了也不會切回來,當前MASTER失敗了纔會切(迷惑x2……暫時也沒有在網上找到相關資料,可能選舉機制沒有這麼簡單,暫時保留結果)
參考資料:
Keepalived之——Keepalived + Nginx 實現高可用 Web 負載均衡 https://blog.csdn.net/l1028386804/article/details/72801492
keepalived結合nginx實現nginx高可用 https://www.cnblogs.com/wlandwl/p/keepalived.html
High Availability--keepalived詳解篇(四)之keepalive配置實例-master選舉策略 https://blog.51cto.com/wangaimin/1903842
keepalived中vrrp_script,track_script,notify的使用方法 https://blog.51cto.com/liuzhengwei521/1929589