PART1 安装、配置Nginx
1.下载nginx
手动下载 http://nginx.org/en/download.html
或者 wget http://nginx.org/download/nginx-<version>.tar.gz
2.安装nginx
官方参考 http://nginx.org/en/linux_packages.html
2.1 安装依赖包
因为使用的RHEL6环境和上述网址不通,所以把依赖包下载好配置本地yum源安装
查看当前环境以下哪些包没有,使用yum装上这些包
# yum --enablerepo=NGINX install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel
2.2 编译安装nginx
# cd /usr/local/src/
# tar -zxvf nginx-1.18.0.tar.gz
# cd nginx-1.18.0
# ./configure --prefix=/usr/local/nginx
# make && make instal
3.配置 Nginx
3.1 nginx.conf
# vi /usr/local/nginx/conf/nginx.conf
默认监听端口为80,如有必要可修改
server {
listen 8888;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
3.2 nginx/html/index.html
多个节点(例如两台)为了便于测试时区分,需要修改主页内容
4.防火墙打开对应端口
防火墙打开3.1中的监听端口8888
# vi /etc/sysconfig/iptables
## Nginx
-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
或者关闭防火墙 service iptables stop
RHEL7/CentOS7使用 systemctl firewalld stop
5.启动 Nginx
# /usr/local/nginx/sbin/nginx
设置 Nginx 开机启动
# vi /etc/rc.local
加入以下行
/usr/local/nginx/sbin/nginx
@nginx相关命令
测试 Nginx 是否安装成功
# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
查看 Nginx 版本号
# /usr/local/nginx/sbin/nginx -v
nginx version: nginx/1.18.0
重启 Nginx
# /usr/local/nginx/sbin/nginx -s reload
关闭 Nginx
# /usr/local/nginx/sbin/nginx -s stop
6.浏览器分别访问各个节点 => http://<noed IP>:8888
PART2 安装、配置Keepalived
1.下载keepalived
http://www.keepalived.org
2.安装keepalived
# cd /usr/local/src
# tar -zxvf keepalived-2.0.20.tar.gz
# cd keepalived-2.0.20
# ./configure --prefix=/usr/local/keepalived
# make && make install
3.复制配置文档到系统默认路径
因为没有使用 keepalived 的默认路径安装(/usr/local),需要复制配置文件到默认路径
复制 keepalived 配置文件到默认路径
# mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
复制 keepalived 服务脚本到默认路径
# cp /usr/local/src/keepalived-2.0.20/keepalived/etc/init.d/keepalived /etc/init.d/ 注:make后的路径里没有所以从源码包复制
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
设置软链接
# ln -s /usr/local/sbin/keepalived /usr/sbin/
# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
设置 keepalived 服务开机启动
# chkconfig keepalived on
4.修改keepalived.conf
以MASTER节点为例
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id testhost1 #定义节点名称,可参考/etc/hosts中的主机名
}
#keepalived 会定时执行脚本并对脚本执行的结果进行分析,动态调整 vrrp_instance 的优先级(后附说明)
#如果weight大于0 && 脚本检测成功 =>使用weight =>优先级相应地增加;
#如果weight小于0 && 脚本检测失败 =>使用weight =>优先级相应地减少;
#其它情况,维持原本配置的优先级,即配置文件中 priority 对应的值。
#此处,每隔2秒中去执行/etc/keepalived/nginx_check.sh脚本一次,脚本执行当判断异常时,把这个节点的优先级降低20
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER #主节点为 MASTER,备份节点为 BACKUP
interface eth1 #绑定虚拟 IP 的网络接口
virtual_router_id 51 #虚拟路由的 ID 号,主备节点设置必须一致
mcast_src_ip 192.168.11.121 #本机 IP 地址
priority 100 #节点优先级(0-254),MASTER 要比 BACKUP 高
advert_int 1 # 组播信息发送间隔,主备节点设置必须一致,默认 1s
#验证信息,主备节点必须一致
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx #和前面的vrrp_script后的chk_nginx一致
}
#虚拟地址池(可以设置多个,网页访问虚拟地址即可),主备节点设置必须一样
virtual_ipaddress {
192.168.11.124
192.168.11.125
}
}
……
@关于vrrp_script中weight的说明
注意:weight的绝对值要大于Master和Backup节点priority值之差
vrrp_script中指定的脚本,
(1)weight为正数时
检测成功,权重=priority+weight
检测失败,权重=priority
Master节点vrrp_script脚本检测成功时,(Master)priority+weight > (Backup)priority+weight => 不发生切换
Master节点vrrp_script脚本检测失败时,(Master)priority < (Backup)priority+weight => 主、备切换
(2)weight为负数时
检测成功,权重=priority
检测失败,权重=priority+weight
Master节点vrrp_script脚本检测成功时,(Master)priority > (Backup)priority => 不发生切换
Master节点vrrp_script脚本检测失败时,(Master)priority+weight < (Backup)priority => 主、备切换
5.Nginx状态检测脚本
# vi /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ $A -eq 0 ];then
service keepalived stop
fi
fi
# chmod 755 /etc/keepalived/nginx_check.sh
先做如下测试,nginx服务运行,执行ps -C nginx
# ps -C nginx
PID TTY TIME CMD
16189 ? 00:00:00 nginx
16191 ? 00:00:00 nginx
# ps -C nginx --no-header
21376 ? 00:00:00 nginx
21378 ? 00:00:00 nginx
nginx服务停止,执行 ps -C nginx --no-header 返回为空
nginx_check.sh该脚本如果检测不到nginx服务,会尝试启动,2s后再检测nginx服务是否起来,如果没有则停掉keepalived,然后会切换到备机
在主备机上执行ip a命令也可以看到虚拟地址在哪台虚拟机上
例如,
有虚拟地址池的设备(用虚拟地址访问网页连的是这台设备)
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0d:59:66:77:dd brd ff:ff:ff:ff:ff:ff
inet 192.168.11.123/22 brd 192.168.12.255 scope global eth1
inet 192.168.11.124/32 scope global eth1
inet 192.168.11.125/32 scope global eth1
inet6 fe99::40c:21ff:fa58:68a2/64 scope link
valid_lft forever preferred_lft forever
没有虚拟地址池的设备
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0d:59:66:77:de brd ff:ff:ff:ff:ff:ff
inet 192.168.11.121/22 brd 192.168.12.255 scope global eth1
inet6 fe99::40c:21ff:fa58:68a3/64 scope link
valid_lft forever preferred_lft forever
6.启动 Keepalived
# service keepalived start
Starting keepalived: [ OK ]
PART3 Keepalived+Nginx 的高可用测试
测试环境 两台rhel6.7虚拟机(nginx-1.18.0 + keepalived-2.0.20),一台MASTER,一台BACKUP
实验一:keepalived.conf中,MASTER优先级100,BACKUP优先级90,weight为-20
1)同时启动主备的Nginx和Keepalived,通过虚拟地址访问Nginx => 连的是Server1(MASTER)
2)Server1上执行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
3)通过虚拟地址访问Nginx => 连的是Server2(BACKUP)
4)Server1上执行如下命令
service keepalived start
5)通过虚拟地址访问Nginx => 连的是Server1(MASTER)
说明:
MASTER产生故障
MASTER上,检测到nginx挂了,priority减少20,权重变为80;低于BACKUP的priority
=> MASTER变成BACKUP,BACKUP变成MASTER
MASTER故障恢复
MASTER上,检测到nginx是启动的,原MASTER的权重变回100,高于原BACKUP的priority
=> 原MASTER由BACKUP又抢占成了MASTER,原BACKUP由MASTER又变了BACKUP
实验二:keepalived.conf中,MASTER优先级100,BACKUP优先级80,weight为-10
因为100+(-10)=90 > 80,预期不切换,但结果同实验一,迷惑。。
实验三:keepalived.conf中,MASTER优先级-100,BACKUP优先级-150,weight为-20(优先级要配正数?胡乱试的)
1)同时启动主备的Nginx和Keepalived,通过虚拟地址访问Nginx => 连的是Server1(MASTER)
2)Server1上执行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
service keepalived start
3)通过虚拟地址访问Nginx => 连的是Server2(BACKUP)
4)Server1上执行如下命令
service keepalived start
5)通过虚拟地址访问Nginx => 连的是Server2(BACKUP)
6)Server2上执行如下命令
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
7)通过虚拟地址访问Nginx => 连的是Server1(MASTER)
8)Server2上执行如下命令
service keepalived start
9)通过虚拟地址访问Nginx => 连的是Server1(MASTER)
实验四:keepalived.conf中,MASTER优先级-100,BACKUP优先级-110,weight为20,结果同实验三
测试结果:失败了就会切,不管weight和优先级的关系(迷惑……);优先级是否可配置为负数?实验结果,配置为正数,原MASTER恢复了就会切回来,配置为负数,原MASTER恢复了也不会切回来,当前MASTER失败了才会切(迷惑x2……暂时也没有在网上找到相关资料,可能选举机制没有这么简单,暂时保留结果)
参考资料:
Keepalived之——Keepalived + Nginx 实现高可用 Web 负载均衡 https://blog.csdn.net/l1028386804/article/details/72801492
keepalived结合nginx实现nginx高可用 https://www.cnblogs.com/wlandwl/p/keepalived.html
High Availability--keepalived详解篇(四)之keepalive配置实例-master选举策略 https://blog.51cto.com/wangaimin/1903842
keepalived中vrrp_script,track_script,notify的使用方法 https://blog.51cto.com/liuzhengwei521/1929589