网站架构
基于Docker容器里构建高并发网站
拓扑图:
上文讲述了简单的基于Docker的配置Nginx反向代理和负载均衡
本文讲述Keepalived与Nginx共同实现高可用实例
| IP地址 | 容器名 | 功能 |
|---|---|---|
| 172.18.0.11 | nginx1 | nginx+keepalived |
| 172.18.0.12 | nginx2 | nginx+keepalived |
| 172.18.0.10 | VIP |
安装配置keepalived
使用nginx镜像生成nginx-keep镜像
-
启动nginx容器并进入
docker run -d --privileged nginx /usr/sbin/init -
在nginx容器中使用yum方式安装keepalived
yum install -y keepalived -
保存容器为镜像
docker commit 容器ID nginx-keep
使用nginx-keep镜像启动nginx1和nginx2两个容器
-
创建docker网络
docker network create --subnet=172.18.0.0/16 cluster -
查看宿主机上的docker网络类型种类
docker network ls -
启动容器nginx1,设定地址为172.18.0.11
docker run -d --privileged --net cluster --ip 172.18.0.11 --name nginx1 nginx-keep /usr/sbin/init -
启动容器nginx2,设定地址为172.18.0.12
docker run -d --privileged --net cluster --ip 172.18.0.12 --name nginx2 nginx-keep /usr/sbin/init -
配置容器nginx1, nginx2的web服务,编辑首页内容为“nginx1”,“nginx2”, 在宿主机访问
[root@localhost ~]# curl 172.18.0.12
nginx2
[root@localhost ~]# curl 172.18.0.11
nginx1
[root@localhost ~]#
在nginx1和nginx2两个容器配置keepalived
- 在nginx1编辑 /etc/keepalived/keepalived.conf ,启动keepalived服务
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nginx1
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.0.10
}
}
- 在nginx2编辑 /etc/keepalived/keepalived.conf ,启动keepalived服务
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nginx2
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.0.10
}
}
注意:
在 /etc/keepalived/keepalived.conf配置文件中将#vrrp_strict注释掉, 否则会出现ping VIP不通的现象
vrrp_strict
#严格遵守VRRP协议。 这将禁止:
0 VIPs
unicast peers (单播对等体)
IPv6 addresses in VRRP version 2(VRRP版本2中的IPv6地址)
即vrrp_strict:严格遵守VRRP协议。下列情况将会阻止启动Keepalived:1. 没有VIP地址。2. 单播邻居。3. 在VRRP版本2中有IPv6地址。
- 在宿主机使用浏览器访问虚拟地址
curl http:// 172.18.0.10
[root@localhost ~]# curl 172.18.0.10
nginx1
-
在nginx1上当掉网卡
ifconfig eth0 down -
在宿主机使用浏览器访问虚拟地址
curl http:// 172.18.0.10
[root@localhost ~]# curl 172.18.0.10
nginx2
配置keepalived 支持nginx高可用
编写 Nginx 状态检测脚本
- 在nginx1上编写 Nginx 状态检测脚本
/etc/keepalived/nginx_check.sh
#!/bin/bash
if [ `ps -C nginx --no-header |wc -l` -eq 0 ]
then
systemctl start nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ]
then
kill keepalived
fi
fi
脚本说明: 当检测nginx没有进程时选择启动nginx, 如果启动失败则关闭keepalived
- 赋予/etc/keepalived/nginx_check.sh执行权限
chmod a+x /etc/keepalived/nginx_check.sh
配置keepalived 支持nginx高可用
- 在nginx1上编辑/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nginx1
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_nginx{
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script{
chk_nginx
}
virtual_ipaddress {
172.18.0.10
}
}
- 重新启动keepalived,在主机使用浏览器访问虚拟地址
[root@localhost ~]# curl 172.18.0.10
nginx1
- 在nginx1停止nginx服务,在主机使用浏览器访问虚拟地址
[root@localhost ~]# curl 172.18.0.10
nginx2
原因: weight -20 每当运行一次vrrp_script chk_nginx脚本, 本机的权重减20
扫一扫
441
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
