Linux运维 --- Keepalived + Nginx 实现高可用 Web 负载均衡

Keepalived 是一种高性能的服务器高可用或热备解决方案, Keepalived 可以用来防止服务器单点故障的发生,通过配合 Nginx 可以实现 web 前端服务的高可用。

主机名       IP地址       虚拟IP           角色
lb01192.168.203.150192.168.203.88keepalived(Master)
lb02192.168.203.148192.168.203.89keepalived(Backup)
web1192.168.203.136          nginx 
web2192.168.203.135          nginx 


需要准备的依赖包和安装包

[root@web1 ~]# ls | grep tar*
keepalived-2.0.2.tar.gz
libevent-2.1.12-stable.tar.gz
nginx-1.6.0.tar.gz
openssl-1.0.1h.tar.gz
pcre-8.35.tar.gz
zlib-1.2.8.tar.gz

安装openssl

[root@web1 ~]# tar -xf openssl-1.0.1h.tar.gz 
[root@web1 ~]# cd openssl-1.0.1h/
[root@web1 openssl-1.0.1h]# ./config --prefix=/usr/local/openssl
[root@web1 openssl-1.0.1h]# make && make install

安装pcre

[root@web1 ~]# tar -xf pcre-8.35.tar.gz 
[root@web1 ~]# cd pcre-8.35/
[root@web1 pcre-8.35]# ./configure --prefix=/usr/local/pcre
[root@web1 pcre-8.35]# make && make install

安装zlib

[root@web1 ~]# tar -xf zlib-1.2.8.tar.gz 
[root@web1 ~]# cd zlib-1.2.8/
[root@web1 zlib-1.2.8]# ./configure --prefix=/usr/local/zlib
[root@web1 zlib-1.2.8]# make && make install

安装Nginx

[root@web1 src]# wget http://nginx.org/download/nginx-1.6.0.tar.gz
[root@web1 src]# tar -xf nginx-1.6.0.tar.gz
[root@web1 src]# cd nginx-1.6.0/ 
[root@web1 nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --with-openssl=../openssl-1.0.1h --with-pcre=../pcre-8.35 --with-zlib=../zlib-1.2.8 --with-http_ssl_module
[root@web1 nginx-1.6.0]# make && make install
[root@web1 nginx-1.6.0]# useradd www -s /sbin/nologin -M   # 创建用户

修改Nginx配置文件

[root@web1 conf]# egrep -v "#|^$" nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
 server {
        listen       80;
        server_name  192.168.203.136;
        charset utf-8;
        location / {
            root   html;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}
[root@web1 conf]#

启动Nginx

[root@web1 ~]# /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
[root@web1 ~]# /usr/local/nginx/sbin/nginx -s reload

查看nginx进程启动情况

[root@web1 ~]# ps -ef | grep nginx
root      54235      1  0 17:51 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www       54244  54235  0 17:51 ?        00:00:00 nginx: worker process
root      54258   8945  0 17:51 pts/0    00:00:00 grep --color=auto nginx
[root@web1 ~]# 

基于域名配置nginx虚拟主机

[root@web1 nginx]# cd html
[root@web1 html]# mkdir www
[root@web1 html]# vim www/index.html
192.168.203.136 www.chd.comm
[root@web1 html]# cd ..
[root@web1 nginx]# sbin/nginx -t   # 检查语句
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@web1 nginx]# sbin/nginx    # 启动nginx
[root@web1 nginx]# sbin/nginx -s reload   # 重启nginx
[root@web1 nginx]# ps -ef |grep nginx   # 查看nginx进程号
nobody      509 130219  0 15:19 ?        00:00:00 nginx: worker process
root        512 111842  0 15:19 pts/2    00:00:00 grep --color=auto nginx
root     130219      1  0 14:34 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
[root@web1 nginx]# echo "192.168.203.136 www.chd.com mail.chd.com mail.cnd.com" >>/etc/hosts   将解析追加到hosts文件中
[root@web1 nginx]# tail -1 /etc/hosts    # 查看hosts文件最后一行内容
192.168.203.136  www.chd.com ftp.chd.com mail.chd.com
[root@web1 nginx]#

打开浏览器,输入IP地址访问Nginx

Nginx开机自启动

[root@web1 ~]# vim /etc/rc.local
/usr/local/nginx/sbin/nginx

配置一个简单的负载均衡

修改lb01服务器的nginx.conf主配置文件

[root@web1 nginx]# cat conf/nginx.conf | grep -v "^#"
user  www www;
worker_processes  1;
​
events {
    worker_connections  1024;
}
​
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    gzip  on;
    
    upstream webServer {
    server 192.168.203.135:80  weight=5;
    server 192.168.203.136:80  weight=6;
    }
    
    server {
        listen       80;
        server_name  www.chd.cn;
        charset utf-8;
        #access_log  logs/host.access.log  main;
        location / {
        proxy_pass    http://webServer;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

修改lb02服务器的nginx.conf主配置文件

[root@web2 nginx]# cat conf/nginx.conf | grep -v "^#"
user  www www;
worker_processes  1;
​
events {
    worker_connections  1024;
}
​
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    gzip  on;
​
    upstream webServer {
    server 192.168.203.135:80  weight=5;
    server 192.168.203.136:80  weight=6;
    }
    
    server {
        listen       80;
        server_name  192.168.203.148;
        charset utf-8;
        #access_log  logs/host.access.log  main;
        location / {
            root   html;
            index  index.html index.htm;
        proxy_pass    http://webServer;
        }
​
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

验证:在解析www.chd.cn服务器的时候会在web1和web2之间切换

​[root@lb01 nginx]# curl www.chd.cn
192.168.203.135 www.chd.com
[root@lb01 nginx]# curl www.chd.cn
192.168.203.136 www.chd.com

配置keepalived负载均衡

安装Keepalived

1.yum安装:
yum install keepalived -y     # 推荐使用yum安装,简单、快捷、高效


2.源码包安装:
[root@lb01 ~]# ls | grep keepalived*
keepalived-2.0.2.tar.gz
[root@lb01 ~]# tar -xf keepalived-2.0.2.tar.gz 
[root@lb01 ~]# cd keepalived-2.0.2/
[root@lb01 keepalived-2.0.2]# ./configure --prefix=/usr/local/keepalived 
[root@lb01 keepalived-2.0.2]# make && make install
[root@lb01 keepalived-2.0.2]# cp keepalived/etc/init.d/keepalived /etc/init.d/
[root@lb01 keepalived-2.0.2]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@lb01 keepalived-2.0.2]# mkdir /etc/keepalived
[root@lb01 keepalived-2.0.2]# chmod +755 /etc/keepalived/
[root@lb01 keepalived-2.0.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@lb01 keepalived-2.0.2]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@lb01 keepalived-2.0.2]# ./keepalived/etc/init.d/keepalived start
Starting keepalived:                                       [  OK  ]
[root@lb01 keepalived-2.0.2]#

注意:在编译时发出警告解决办法
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
​​安装
[root@localhost keepalived-2.0.2]# yum -y install libnl libnl-devel
[root@localhost keepalived-2.0.2]# yum install -y libnfnetlink-devel
主配置文件   /etc/keepalived/keepalived.conf
环境配置文件   /etc/sysconfig/keepalived

修改lb1的/etc/keepalived/keepalived.conf配置文件

[root@lb01 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {
   notification_email {
     chuid52@126.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb1
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
​
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.203.88/24
    }
 }
 virtual_server 192.168.203.88 80 {
    delay_loop 6
    lb_algo rr 
    lb_kind DR
    persistence_timeout 50
    protocol TCP
    }   
[root@lb01 nginx]# /etc/init.d/keepalived restart      
Restarting keepalived (via systemctl):                     [  OK  ]
[root@lb01 nginx]# ip addr | grep 192.168.203.88
    inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#

修改lb2的/etc/keepalived/keepalived.conf配置文件

[root@lb02 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {
   notification_email {
     chuid52@126.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb02
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
​
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 52
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.203.88/24
    }
 }   
    virtual_server 192.168.203.88 80 {
    delay_loop 6
    lb_algo rr 
    lb_kind DR 
    persistence_timeout 50
    protocol TCP
    }  
[root@lb02 ~]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl):                     [  OK  ]
[root@lb02 ~]# ip addr | grep 192.168.203.88
[root@lb02 ~]#

可以看到现在是主节点接管的虚拟IP地址,如果把master主节点down了,看backup备节点会不会自动接管keepalived

[root@lb01 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl):                       [  OK  ]
[root@lb01 nginx]# 
​
[root@lb02 nginx]# ip addr | grep 192.168.203.88
    inet 192.168.203.88/24 scope global secondary ens33
[root@lb02 nginx]#

可以看到backup备节点已经自动接管了虚拟IP地址!

[root@lb01 nginx]# /etc/init.d/keepalived restart      
Restarting keepalived (via systemctl):                     [  OK  ]
[root@lb01 nginx]# ip addr | grep 192.168.203.88       
    inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#

如果把主节点启动起来,那么主节点又会自动接管keepalived服务

配置keepalived双主模式

修改lb1的/etc/keepalived/keepalived.conf配置文件

[root@lb01 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {
   notification_email {
     chuid52@126.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb1
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
​
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.203.88/24
    }
 }
​
vrrp_instance VI_2 {
    state BACKUP
    interface ens33
    virtual_router_id 53
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.203.89/24
    }   
}   

修改lb2的/etc/keepalived/keepalived.conf配置文件

[root@lb02 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {
   notification_email {
     chuid52@126.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb02
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
​
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 52
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.203.88/24
    }
 }   
    virtual_server 192.168.203.88 80 {
    delay_loop 6
    lb_algo rr 
    lb_kind DR 
    persistence_timeout 50
    protocol TCP
    }  
​
vrrp_instance VI_2 {
    state MASTER
    interface ens33
    virtual_router_id 53
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.203.89/24
    }   
} 

修改完配置文件之后重启keepalived

[root@lb01 nginx]# /etc/init.d/keepalived restart              
Restarting keepalived (via systemctl):                     [  OK  ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.88/24 scope global secondary ens33

重启backup备节点之后可以看到虚拟IP地址 192.168.203.89已经被备节点接管了

[root@lb02 nginx]# /etc/init.d/keepalived restart              
Restarting keepalived (via systemctl):                     [  OK  ]
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.89/24 scope global secondary ens33
[root@lb02 nginx]#

把master主节点down了,查看backup备节点的状态

[root@lb01 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl):                       [  OK  ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
[root@lb01 nginx]#

可以看到master主节点down了之后,backup备节点接管了两个虚拟IP地址

[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.89/24 scope global secondary ens33
    inet 192.168.203.88/24 scope global secondary ens33

如果此时将master主节点再次启动,又会重新接管192.168.203.88

[root@lb01 nginx]# /etc/init.d/keepalived start
Starting keepalived (via systemctl):                       [  OK  ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#

而备节点的状态也会很快释放192.168.203.88

[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.89/24 scope global secondary ens33
[root@lb02 nginx]#

把backup备节点down之后,看master主节点的状态

[root@lb02 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl):                       [  OK  ]
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
[root@lb02 nginx]#

可以看到master主节点很快就接管了192.168.203.89

[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
    inet 192.168.203.88/24 scope global secondary ens33
    inet 192.168.203.89/24 scope global secondary ens33
[root@lb01 nginx]#

至此nginx + keepalived高可用集群实现负载均衡完成

总结:不管是lb1主节点、lb2备节点任意一端down了,虚拟IP地址都会被互相切换接管,当down的节点再次启动时,虚拟IP又会被重新接管回来!

©️2020 CSDN 皮肤主题: 书香水墨 设计师:CSDN官方博客 返回首页