keepalived+nginx

　　最近一直想弄懂负载均衡的东东，之前也没怎么了解，感觉自己out了，所以最近学习了下keepalived+nginx，后面再介绍nginx+http负载均衡。

　　所以特地装了两个虚拟机来测试，具体怎么安装虚拟机，可以参考我转载的一篇文章：

　　https://www.cnblogs.com/zgz21/articles/11148203.html

　　因为是新装的两个虚拟机，很多依赖包没安装，所以导致后面出现了一些问题，具体下面再聊聊。

　　首先，到官网下载安装包：

　　https://www.keepalived.org/download.html

　　http://nginx.org/en/download.html

　　我下载的都是最新的安装包：keepalived-2.0.17.tar.gz，nginx-1.17.1.tar.gz。

　　一.安装Nginx

　　　　1.安装编译Nginx所需的依赖包

　　　　# yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel

　　　　2.上传nginx-1.17.1.tar.gz到/usr/local/src

　　　　3.编译安装Nginx

　　　　# cd /usr/local/src

　　　　# tar -zxvf nginx-1.17.1.tar.gz

　　　　# cd nginx-1.17.1

　　　　# ./configure --prefix=/usr/local/nginx

　　　　# make && make install

　　　　4.配置Nginx

　　　　# vi /usr/local/nginx/conf/nginx.conf

#user nobody;
user  root;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       88;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

　　　　配置Nginx首页，标识区分是不同的Nginx服务（用于测试）：

　　　　# vi /usr/local/nginx/html/index.html

　　　　192.168.0.103的标题加103

　　　　<h1>Welcome to nginx!103</h>

　　　　192.168.0.103的标题加102

　　　　<h1>Welcome to nginx!102</h>

　　　　5.系统防火墙打开对应的端口 88

　　　　# vi /etc/sysconfig/iptables

　　　　-A INPUT -p tcp -m state --state NEW -m tcp --dport 88 -j ACCEPT

　　　　# serivce iptables restart

　　　　6.启动Nginx

　　　　/usr/local/nginx/sbin/nginx

　　　　7.设置开机启动

　　　　# vi /etc/rc.local

　　　　添加：

　　　　/usr/local/nginx/sbin/nginx

　　　　注意：要给rc.local添加执行权限，不然不起效果（chmod +x /etc/rc.local）

　　　　8.分别访问两个Nginx:

　　　　

　　　　

　　二.安装keepalived

　　1.上传keepalived-2.0.17.tar.gz到/usr/local/src

　　2.编译安装keepalived

　　# cd /usr/local/src

　　# tar -zxvf keepalived-2.0.17.tar.gz

　　# cd keepalived-2.0.17

　　# ./configure --prefix=/usr/local/keepalived

　　# make && make install

　　3.将keepalived安装成Linux系统服务：

　　因为没有使用keepalived的默认路径安装（默认是/usr/local），安装后，需要做一些工作

　　复制默认配置文件到默认路径

　　# mkdir /etc/keepalived

　　# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

　　复制keepalived服务脚本到默认地址

　　# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

　　# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

　　# ln -s /usr/local/sbin/keepalived /usr/sbin/

　　# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

　　设置keepalived服务开机启动

　　# chkconfig keepalived on

　　4.修改配置文件

　　（1）MASTER(192.168.0.103)的keepvalied.conf配置

　　# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   #notification_email {
   #  acassen@firewall.loc
   #  failover@firewall.loc
   # sysadmin@firewall.loc
   #}
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id bogon
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}

#检测Nginx的脚本
vrrp_script chk_nginx {
        script "/etc/keepalived/nginx_check.sh"  #脚本路径
        interval 2
        weight -20
}

vrrp_instance VI_1 {
    state MASTER
    interface enp0s3 #网络接口 ip a 命令可以查看
    virtual_router_id 51
    mcast_src_ip 192.168.0.103
    priority 100
    #nopreempt
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
　　
    virtual_ipaddress {
        192.168.0.104
    }
}

　　

　　（2）BACKUP(192.168.0.102)的keepvalied.conf配置

　　# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   #notification_email {
   #  acassen@firewall.loc
   #  failover@firewall.loc
   # sysadmin@firewall.loc
   #}
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id bogon
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}

vrrp_script chk_nginx {
        script "/etc/keepalived/nginx_check.sh"
        interval 2
        weight -20
}

vrrp_instance VI_1 {
    state BACKUP
    interface enp0s3
    virtual_router_id 51
    mcast_src_ip 192.168.0.102
    priority 90 #要比MASTER的权重小
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        192.168.0.104
    }
}

　　（3）检测Nginx的脚本，因为不检测的话，Nginx挂了，keepalived还没杀死进程的话，keepalived是还会继续生效。所以写个Nginx检测脚本，如果Nginx挂了，

　　也杀死keepalived

　　/etc/keepalived/nginx_check.sh

#!/bin/bash
n=`ps -C nginx --no-heading|wc -l`
echo $n;
if [ $n -eq "0" ]; then
        killall keepalived
fi

　　注意：因为脚本检测的原因，要先启动MASTER机器的Nginx，再启动MASTER机器的keepalived，然后就是启动BACKUP机器的Nginx，再启动BACKUP机器的keepalived.

　　启动完之后，就可以通过192.168.0.104:88来访问了，但问题来了，103是主节点，但是显示的是102的Nginx首页，原因是103跟102的keepalived的通信有问题，好像缺少了

　　个依赖包：kdump（yum install kexec-tools），导致102以为103挂了，自己升为MASTER了，所以一定要检查依赖包是否都安装了。

　　可以自己测试，关掉103的Nginx，访问104是否转移到102。

　　（4）检测VIP对应的MAC地址，Windos的CMD命令查看（下图可以看出VIP目前映射的是103机器）：

　　

　　以上描述如有误，请联系我得以修改出错地方，谢谢。

 

 

　　

　　　　

转载于:https://www.cnblogs.com/zgz21/p/11148729.html