1、原理/需求
结合keepalived 对前端nginx实现HA;
nginx进程基于Master+Slave(worker)多进程模型,自身具有非常稳定的子进程管理功能。在Master进程分配模式下,Master进程永远不进行业务处理,只是进行任务分发,从而达到Master进程的存活高可靠性,Slave(worker)进程所有的业务信号都由主进程发出,Slave(worker)进程所有的超时任务都会被Master中止,属于非阻塞式任务模型。
Keepalived是Linux下面实现VRRP备份路由的高可靠性运行件。基于Keepalived设计的服务模式能够真正做到主服务器和备份服务器故障时IP瞬间无缝交接。二者结合,可以构架出比较稳定的软件lb方案。
2、环境说明
192.168.2.4 keepalived nginx
192.168.2.5 keepalived nginx
虚拟IP (VIP):192.168.2.6
3、安装keepalived和nginx
yum -y install openssl-devel
yum -y install libnl libnl-devel
yum install -y libnfnetlink-devel
[root@master keepalived-1.3.9]# ./configure --prefix=/usr/local/keepalived
[root@master keepalived-1.3.9]# make && make install
[root@master ~]# mkdir /etc/keepalived
[root@master ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@master ~]# /usr/local/keepalived/sbin/keepalived -D
4、配置MASTER keepalived
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
#标识本节点的名称
router_id master
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
#每2秒检测一次nginx的运行状态
interval 2
#失败一次,将自己的优先级调整为-20
weight -20
}
vrrp_instance VI_1 {
#状态,主节点为MASTER
state MASTER
#绑定VIP的网络接口
interface ens33
#虚拟路由的ID号,两个节点设置必须一样
virtual_router_id 51
#节点优先级,值范围0~254,MASTER>BACKUP
priority 100
#组播信息发送时间间隔,两个节点必须设置一样,默认为1秒
advert_int 1
#设置验证信息,两个节点必须一致
authentication {
auth_type PASS
auth_pass 1111
}
#虚拟IP,两个节点设置必须一致,可以设置多个
virtual_ipaddress {
192.168.1.106
}
#nginx存活状态检测脚本
track_script {
chk_nginx
}
}
5、配置BACKUP keepalived
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id backup
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.106
}
track_script {
chk_nginx
}
}
Tips:
state 参数值:主的是MASTER、备用的是BACKUP
priority 参数值: MASTER > BACKUP
virtual_router_id: 参数值要一样
调用的脚本nginx_check.sh
#!/bin/bash
A=`ps -C nginx -no-header |wc -l`
if [ $A -eq 1 ];then
pkill keepalived
fi
测试:
两台测试机4\5均启动keepalived和nginx
service keepalived restart
service keepalived nginx
验证nginx启动正常:
访问 master:http://192.168.2.4:80/
访问 backup: http://192.168.2.5:80/
查看keepalived的日志信息:
4\5均打开日志信息方便查看keepalived动态:
tail -f /var/log/messages
浏览器打开虚拟ip访问:http://192.168.2.6:80/ ,此时显示IP为192.168.2.4
服务器层的双机热备(比如服务器宕机、keepalived宕了)测试:
kill 192.168.2.4(master) 的keepalived进程
killall keepalived
4的日志信息如下:
Jun 11 18:03:10 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6
Jun 11 18:03:15 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6
Jun 11 19:30:44 localhost Keepalived: Terminating on signal
Jun 11 19:30:44 localhost Keepalived: Stopping Keepalived v1.2.2 (06/10,2014)
Jun 11 19:30:44 localhost Keepalived_vrrp: Terminating VRRP child process on signal
Jun 11 19:30:44 localhost Keepalived_healthcheckers: Terminating Healthchecker child process on signal
5的日志信息如下:
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6
Jun 11 19:30:50 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.2.6 added
Jun 11 19:30:55 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6
刷新http://192.168.2.6:80/ , 此时显示IP为192.168.2.5。
再次启动192.168.2.4的keepalived进程,192.168.2.4会自动接管成为master,192.168.2.5自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。