nginx+keepalived主辅切换
环境
Server 1 : ubuntu-server 8.04.4 192.168.6.162
Server 2 : userver-server 8.04.4 192.168.6.188
keepalived-1.1.17.tar.gz 这个版本在REDHAT5.1中可以运行,其他版本不行
软件
Keepalived 1.1.17
nginx-0.8.35
pcre-8.02
1.
分别在两台服务器上安
#tar zxvfkeepalived-1.1.7.tar.gz
#cd keepalived-1.1.7
#./configure --prefix=/usr/local/keepalived
#make && make install
#cd keepalived-1.1.7
#./configure --prefix=/usr/local/keepalived
#make && make install
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ 把启动文件放入/etc/rc.d/init.d/ 下就可以service 程序名 stop/start/restart
service httpd restart 由三部分组成service(服务)、httpd(程序名)、restart(相关命令)少一不可
service: 是系统已经定义可的。无需更改。默认会查找/etc/init.d/* httpd: 程序名这个是已经确定的。restart: 相关命令,如start 这个是控制程序走向。 cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
2.添加进服务chkconfig --add keepalived3.设置服务自启动chkconfig keepalived on
加入启动项
2.
分别在两台服务器编写配置文件
vim /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 1;
error_log logs/error.log notice;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
index index.html index.htm;
root /var/www;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
user www www;
worker_processes 1;
error_log logs/error.log notice;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
index index.html index.htm;
root /var/www;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
3.
分别在两台机器创建测试文件
echo "192.168.6.162" > /var/www/index.html
echo "192.168.6.188" > /var/www/index.html
echo "192.168.6.188" > /var/www/index.html
4.
安装 keepalived
apt-get install keepalived
5.
在server 1服务器编写配置文件
! Configuration File for keepalived
global_defs {
notification_email {
wanghaikuo@hysec.com
wanghaikuo@gmail.com
}
notification_email_from wanghaikuo@hysec.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx_master
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.190.130
}
}
global_defs {
notification_email {
wanghaikuo@hysec.com
wanghaikuo@gmail.com
}
notification_email_from wanghaikuo@hysec.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx_master
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.190.130
}
}
6.
在 server 2 服务器 keepalived 配置
! Configuration File for keepalived
global_defs {
notification_email {
wanghaikuo@hysec.com
wanghaikuo@gmail.com
}
notification_email_from wanghaikuo@hysec.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx_backup
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.190.130
}
}
global_defs {
notification_email {
wanghaikuo@hysec.com
wanghaikuo@gmail.com
}
notification_email_from wanghaikuo@hysec.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx_backup
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.190.130
}
}
7.
编写监控nginx监控脚本
vim /opt/nginxpid.sh
- #!/bin/bash
- while :
- do
- nginxpid=`ps -C nginx --no-header | wc -l`
- if [ $nginxpid -eq 0 ];then
- /usr/local/nginx/sbin/nginx
- sleep 5
- nginxpid=`ps -C nginx --no-header | wc -l`
- echo $nginxpid
- if [ $nginxpid -eq 0 ];then
- /etc/init.d/keepalived stop
- fi
- fi
- sleep 5
- done
- nohup sh /root/nginxpid.sh &
不要忘了设置脚本的执行权限,否则不起作用。
假设上述脚本放在/opt/chk_nginx.sh,则keepalived.conf中增加如下配置:
vrrp_script chk_http_port { script "/opt/chk_nginx.sh" interval 2 weight 2 } track_script { chk_http_port }
更进一步,为了避免启动keepalived之前没有启动nginx , 可以在/etc/init.d/keepalived的start中首先启动nginx:
start() { /usr/local/nginx/sbin/nginx sleep 3 echo -n $"Starting $prog: " daemon keepalived ${KEEPALIVED_OPTIONS} RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog }
8、
测试,分别在两个服务器 启动 nginx 和 keepalived
/usr/local/nginx/sbin/nginx
/etc/init.d/keepalived start
/etc/init.d/keepalived start
监控 server 1 的日志
Apr 20 18:37:39 nginx Keepalived_vrrp: Registering Kernel netlink command channel
Apr 20 18:37:39 nginx Keepalived_vrrp: Registering gratutious ARP shared channel
Apr 20 18:37:39 nginx Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:37:39 nginx Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:37:39 nginx Keepalived_healthcheckers: Configuration is using : 3401 Bytes
Apr 20 18:37:39 nginx Keepalived_vrrp: Configuration is using : 35476 Bytes
Apr 20 18:37:40 nginx Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Apr 20 18:37:41 nginx Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 20 18:37:41 nginx Keepalived_vrrp: Netlink: skipping nl_cmd msg...
Apr 20 18:37:41 nginx Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded
Apr 20 18:37:39 nginx Keepalived_vrrp: Registering gratutious ARP shared channel
Apr 20 18:37:39 nginx Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:37:39 nginx Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:37:39 nginx Keepalived_healthcheckers: Configuration is using : 3401 Bytes
Apr 20 18:37:39 nginx Keepalived_vrrp: Configuration is using : 35476 Bytes
Apr 20 18:37:40 nginx Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Apr 20 18:37:41 nginx Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 20 18:37:41 nginx Keepalived_vrrp: Netlink: skipping nl_cmd msg...
Apr 20 18:37:41 nginx Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded
监控 server 2的日志
Apr2018:38:23 varnish Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:38:23 varnish Keepalived_healthcheckers: Configuration is using : 3405 Bytes
Apr 20 18:38:23 varnish Keepalived_vrrp: Using MII-BMSR NIC polling thread...
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering Kernel netlink reflector
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering Kernel netlink command channel
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering gratutious ARP shared channel
Apr 20 18:38:23 varnish Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:38:23 varnish Keepalived_vrrp: Configuration is using : 35486 Bytes
Apr 20 18:38:23 varnish Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Apr 20 18:38:25 varnish Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded
Apr 20 18:38:23 varnish Keepalived_healthcheckers: Configuration is using : 3405 Bytes
Apr 20 18:38:23 varnish Keepalived_vrrp: Using MII-BMSR NIC polling thread...
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering Kernel netlink reflector
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering Kernel netlink command channel
Apr 20 18:38:23 varnish Keepalived_vrrp: Registering gratutious ARP shared channel
Apr 20 18:38:23 varnish Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Apr 20 18:38:23 varnish Keepalived_vrrp: Configuration is using : 35486 Bytes
Apr 20 18:38:23 varnish Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Apr 20 18:38:25 varnish Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded
看日志可以看出,两台服务器的 MASTRE 和 BACUKUP 已经都正常了
现在我们在 server 1 把 nginx 服务器停到
Server 1 $> killall nginx
这时候看server 1的日志
Apr 20 18:41:26 nginx Keepalived_healthcheckers: Terminating Healthchecker child process on signal
Apr 20 18:41:26 nginx Keepalived_vrrp: Terminating VRRP child process on signal
Apr 20 18:41:26 nginx Keepalived_vrrp: Terminating VRRP child process on signal
可以看出keepalived 的进程已经停到
这时候看server 2的日志,看是否已经接管
Apr 20 18:41:23 varnish Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Apr 20 18:41:24 varnish Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 20 18:41:24 varnish Keepalived_vrrp: Netlink: skipping nl_cmd msg...
Apr 20 18:41:24 varnish Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 20 18:41:24 varnish Keepalived_vrrp: Netlink: skipping nl_cmd msg...
很明显的看出 server 2 已经接管了,已经变为 MASTER 了
参考:
vrrp_script chk_http_port {
script "/opt/nginx_pid.sh" ###监控脚本
interval 2 ###监控时间
weight 2 ###目前搞不清楚
}
vrrp_instance VI_1 {
state MASTER ### 设置为 主
interface eth0 ### 监控网卡
virtual_router_id 51 ### 这个两台服务器必须一样
priority 101 ### 权重值 MASTRE 一定要高于 BAUCKUP
authentication {
auth_type PASS ### 加密
auth_pass eric ### 加密的密码,两台服务器一定要一样,不然会出错
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.6.7 ### VIP 地址
}
}
script "/opt/nginx_pid.sh" ###监控脚本
interval 2 ###监控时间
weight 2 ###目前搞不清楚
}
vrrp_instance VI_1 {
state MASTER ### 设置为 主
interface eth0 ### 监控网卡
virtual_router_id 51 ### 这个两台服务器必须一样
priority 101 ### 权重值 MASTRE 一定要高于 BAUCKUP
authentication {
auth_type PASS ### 加密
auth_pass eric ### 加密的密码,两台服务器一定要一样,不然会出错
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.6.7 ### VIP 地址
}
}
cp nginx / etc / init.d / chmod + x / etc / init.d / nginx chkconfig -- add nginx chkconfig nginx on cd / root /
配置nginx:
# !/bin/bash # nginx Startup script for the Nginx HTTP Server # # chkconfig: - 85 15 # description: Nginx is a high-performance web and proxy server. # It has a lot of features, but it's not for everyone. # processname: nginx # pidfile: /var/run/nginx.pid # config: /usr/local/nginx/conf/nginx.conf nginxd =/ usr / local / nginx / sbin / nginx nginx_config =/ usr / local / nginx / conf / nginx.conf nginx_pid =/ var / run / nginx.pid RETVAL = 0 prog = " nginx " # Source function library. . / etc / rc.d / init.d / functions # Source networking configuration. . / etc / sysconfig / network # Check that networking is up. [ ${NETWORKING} = " no " ] && exit 0 [ - x $nginxd ] || exit 0 # Start nginx daemons functions. start() { if [ - e $nginx_pid ];then echo " nginx already running.... " exit 1 fi echo - n $ " Starting $prog: " daemon $nginxd - c ${nginx_config} RETVAL =$? echo [ $RETVAL = 0 ] && touch / var / lock / subsys / nginx return $RETVAL } # Stop nginx daemons functions. stop() { echo - n $ " Stopping $prog: " killproc $nginxd RETVAL =$? echo [ $RETVAL = 0 ] && rm -f / var / lock / subsys / nginx / var / run / nginx.pid } # reload nginx service functions. reload() { echo - n $ " Reloading $prog: " # kill -HUP `cat ${nginx_pid}` killproc $nginxd - HUP RETVAL =$? echo } # See how we were called. case " $1 " in start) start ;; stop) stop ;; reload) reload ;; restart) stop start ;; status) status $prog RETVAL =$? ;; * ) echo $ " Usage: $prog {start|stop|restart|reload|status|help} " exit 1 esac exit $RETVAL
cp nginx / etc / init.d / chmod + x / etc / init.d / nginx chkconfig -- add nginx chkconfig nginx on cd / root /
配置nginx:
# !/bin/bash # nginx Startup script for the Nginx HTTP Server # # chkconfig: - 85 15 # description: Nginx is a high-performance web and proxy server. # It has a lot of features, but it's not for everyone. # processname: nginx # pidfile: /var/run/nginx.pid # config: /usr/local/nginx/conf/nginx.conf nginxd =/ usr / local / nginx / sbin / nginx nginx_config =/ usr / local / nginx / conf / nginx.conf nginx_pid =/ var / run / nginx.pid RETVAL = 0 prog = " nginx " # Source function library. . / etc / rc.d / init.d / functions # Source networking configuration. . / etc / sysconfig / network # Check that networking is up. [ ${NETWORKING} = " no " ] && exit 0 [ - x $nginxd ] || exit 0 # Start nginx daemons functions. start() { if [ - e $nginx_pid ];then echo " nginx already running.... " exit 1 fi echo - n $ " Starting $prog: " daemon $nginxd - c ${nginx_config} RETVAL =$? echo [ $RETVAL = 0 ] && touch / var / lock / subsys / nginx return $RETVAL } # Stop nginx daemons functions. stop() { echo - n $ " Stopping $prog: " killproc $nginxd RETVAL =$? echo [ $RETVAL = 0 ] && rm -f / var / lock / subsys / nginx / var / run / nginx.pid } # reload nginx service functions. reload() { echo - n $ " Reloading $prog: " # kill -HUP `cat ${nginx_pid}` killproc $nginxd - HUP RETVAL =$? echo } # See how we were called. case " $1 " in start) start ;; stop) stop ;; reload) reload ;; restart) stop start ;; status) status $prog RETVAL =$? ;; * ) echo $ " Usage: $prog {start|stop|restart|reload|status|help} " exit 1 esac exit $RETVAL