虚拟ip+keeplalived+nginx 负载实现
2017-10-07 17:36
232 查看
什么是虚拟IP?
高可用性HA(High Availability)指的是通过尽量缩短因日常维护操作(计划)和突发的系统崩溃(非计划)所导致的停机时间,以提高系统和应用的可用性。HA系统是目前企业防止核心计算机系统因故障停机的最有效手段。
实现HA的方式,一般采用两台机器同时完成一项功能,比如数据库服务器,平常只有一台机器对外提供服务,另一台机器作为热备,当这台机器出现故障时,自动动态切换到另一台热备的机器。
怎么实现故障检测的那?
心跳,采用定时发送一个数据包,如果机器多长时间没响应,就认为是发生故障,自动切换到热备的机器上去。
怎么实现自动切换那?
虚IP。何为虚IP那,就是一个未分配给真实主机的IP,也就是说对外提供数据库服务器的主机除了有一个真实IP外还有一个虚IP,使用这两个IP中的 任意一个都可以连接到这台主机,所有项目中数据库链接一项配置的都是这个虚IP,当服务器发生故障无法对外提供服务时,动态将这个虚IP切换到备用主机。
开始我也不明白这是怎么实现的,以为是软件动态改IP地址,其实不是这样,其实现原理主要是靠TCP/IP的ARP协议。因为ip地址只是一个逻辑 地址,在以太网中MAC地址才是真正用来进行数据传输的物理地址,每台主机中都有一个ARP高速缓存,存储同一个网络内的IP地址与MAC地址的对应关 系,以太网中的主机发送数据时会先从这个缓存中查询目标IP对应的MAC地址,会向这个MAC地址发送数据。操作系统会自动维护这个缓存。这就是整个实现
的关键。
下边就是我电脑上的arp缓存的内容。
(192.168.1.219) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.217) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.218) at 00:21:5A:DB:7F:C2 [ether] on bond0
192.168.1.217、192.168.1.218是两台真实的电脑,
192.168.1.217为对外提供数据库服务的主机。
192.168.1.218为热备的机器。
192.168.1.219为虚IP。
大家注意红字部分,219、217的MAC地址是相同的。
再看看那217宕机后的arp缓存
(192.168.1.219) at 00:21:5A:DB:7F:C2 [ether] on bond0
(192.168.1.217) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.218) at 00:21:5A:DB:7F:C2 [ether] on bond0
这就是奥妙所在。当218 发现217宕机后会向网络发送一个ARP数据包,告诉所有主机192.168.1.219这个IP对应的MAC地址是00:21:5A:DB:7F:C2,这样所有发送到219的数据包都会发送到mac地址为00:21:5A:DB:7F:C2的机器,也就是218的机器。
一,首先说明一下网络拓扑结构:
1,Nginx 反向代理Server(HA):
①Nginx master:192.168.1.157
②Nginx backup:192.168.1.158
虚拟IP统一为:192.168.1.110
2,web服务器:
192.168.1.160 ,192.168.1.161,192.168.1.162 即web服务器,已配置好 Tomcat(Jboss等皆可)和Java程序
3,MySQL 数据库Server
mysql主从服务器
二,Nginx安装配置
1,安装
建议先用yum install yum-fastestmirror更新下源
下载并安装nginx1.0.9,下载文件均放到/usr/local/src目录下
cd /usr/local/src
①update yum
yum -y update
②利用CentOS Linux系统自带的yum命令安装、升级所需的程序库
安装依赖包
#yum install gcc pcre pcre-devel zlib zlib-devel openssl openssl-devel
下载nginx
#cd /usr/local/src
#wget http://www.nginx.org/download/nginx-1.0.9.tar.gz #tar zxvf nginx-1.0.9.tar.gz
#cd nginx-1.0.9
配置安装:
#./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock
--user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/tmp/nginx/client/
--http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/
#make
#make install
建立用户:
/usr/sbin/groupadd nginx
/usr/sbin/useradd -g nginx -M nginx
mkdir -p /var/tmp/nginx/client
启动nginx
#/usr/sbin/nginx
ps:如果中途提示缺少库,直接yum install xxx即可。
即:conf-path=/etc/nginx/nginx.conf,用户名为nginx,所属的组为nginx
2,配置
Nginx负载均衡设置:
①修改配置文件:
vi /etc/nginx/nginx.conf
步骤1,添加负载均衡的http upstream模块
upstream esbwebserver {
server 192.168.1.160:8888;
server 192.168.1.161:8888;
}
步骤2,server指令
server
{
listen 80;
server_name localhost;#注意此处为localhost
location / {
proxy_pass http://esbwebserver;# 添加的tomcat集群名称
......
}
②,重启Nginx,加载修改过的配置文件:
步骤1, 停止nginx引擎
killall -9 nginx
步骤2,启动nginx
/usr/sbin/nginx
到此为止,我们的负载均衡就实现了,下面实现Nginx的高可用,即双机热备。
三,Keepalived 安装配置
1,下载并安装keepalived-1.1.15.tar.gz,下载文件均放到/usr/local/src目录下
cd /usr/local/src
wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz
①解压缩
tar zxvf keepalived-1.1.15.tar.gz
②安装
cd keepalived-1.1.15
./configure --prefix=/usr/local/keepalived
make && make install
③安装成功后做成服务模式,方便启动和关闭
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
④ 分别设置主和备Nginx上的 安装Keepalived配置文件。
配置文件位置:
/usr/local/keepalived/etc/keepalived/keepalived.conf
步骤一,先配置主Nginx server上的keepalived.conf文件,如下所示:
! Configuration File for keepalived
global_defs {
notification_email {
644856452@qq.com
}
notification_email_from 644856452@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_run {
script "/root/bin/nginx_check.sh"
interval 5
}
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.157
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
步骤二,配置backup 服务器的keepalived.conf文件,如下所示:
! Configuration File for keepalived
global_defs {
notification_email {
644856452@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_run {
script "/root/bin/nginx_check.sh"
interval 5
}
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
参考下例配置:
-----------------------------------------------------带注释的示例----------------------------------------------------
在主服务器编写配置文件
vrrp_script check_run{
script "/opt/nginx_pid.sh" ###监控脚本
interval 2 ###监控时间
weight 2 ###如果检测返回值不为真weight
2 表示减2,权重值降低,backup server权重值>现Master的,切换
}
vrrp_instance VI_1 {
state MASTER ### 设置为 主
interface eth0 ### 监控网卡
virtual_router_id 51 ### 这个两台服务器必须一样
priority 101 ### 权重值 MASTRE 一定要高于 BAUCKUP
authentication {
auth_type PASS ### 加密
auth_pass 1111 ###加密的密码,两台服务器一定要一样,不然会出错
}
track_script {
check_run ### 执行监控的服务
}
virtual_ipaddress {
192.168.1.110 ### VIP 地址
}
}
6.在backup server 服务器 keepalived 配置
vrrp_script check_run{
script "/opt/nginx_pid.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP ### 设置为 辅机
interface eth0
virtual_router_id 51 ### 与 MASTRE 设置 值一样
priority 100 ### 比 MASTRE权重值 低
authentication {
auth_type PASS
auth_pass eric ### 密码 与 MASTRE 一样
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
----------------------------------------------over-------------------------------------------------------------------
说明:
1,绑定虚拟IP:
ifconfig eth0:1 192.168.1.110 broadcast 192.168.1.255 netmask 255.255.255.0 up
route add -host 192.168.1.110 dev eth0:1
2, 启动,关闭keepalived :
service keepalived start
service keepalived stop
3,测试可用性:
①主Nginx停止Nginx或直接断网情况下(backup正常),访问虚拟IP:192.168.1.110的相关Web服务,正常,测试通过
②backup Nginx停止Nginx或直接断网情况下(Master正常),访问虚拟IP:192.168.1.110的相关Web服务,正常,测试通过
4,监控
可用安装Nagios监控服务,详细请网络搜寻,很多这种资料的。
也可以参考:
http://blog.csdn href="http://lib.csdn.net/base/dotnet" target=_blank>.NET/luxiaoyu_sdc/article/details/7333416
下面以135为例:
vi /etc/sysconfig/network-scripts/ifcfg-eth2:0
[plain] view
plain copy
print?
DEVICE=eth2:0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
DNS1=192.168.232.2
IPADDR=192.168.232.16
NETMASK=255.255.255.0
GETWAY=192.168.232.2
service network restart
使用ifconfig查看效果:
[plain] view
plain copy
print?
eth2 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.135 Bcast:192.168.232.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe49:905b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66322 errors:0 dropped:0 overruns:0 frame:0
TX packets:31860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67624991 (64.4 MiB) TX bytes:2723877 (2.5 MiB)
Interrupt:19 Base address:0x2000
eth2:0 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.16 Bcast:192.168.232.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:22622 errors:0 dropped:0 overruns:0 frame:0
TX packets:22622 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1236328 (1.1 MiB) TX bytes:1236328 (1.1 MiB)
说明生效了。
nginx安装:
1、导入外部软件库
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/epel-release-6-5.noarch.rpm rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/ius-release-1.0-10.ius.el6.noarch.rpm rpm -Uvh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm 以下添加注释
mirrorlist=http://dmirr.iuscommunity.org/mirrorlist?repo=ius-el6&arch=$basearch
以下删除注释
#baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/$basearch
2、yum安装nginx
yum install nginx
keepalived安装:
安装依赖
yum -y install gcc gcc+ gcc-c++
yum install popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
安装内核
yum -y install kernel kernel-devel
当前kernel代码建立连接 ln -s /usr/src/kerners/2.6....../ /usr/src/linux
安装keepalived
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz tar -zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make
make install
拷贝相应的文件
cp /usr/local/sbin/keepalived /usr/sbin/
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
cp -r /usr/local/etc/keepalived/ /etc/
134/135执行都执行以下操作:
vi /etc/nginx/conf.d/default.conf
[plain] view
plain copy
print?
server {
listen 8088;
server_name localhost;
location / {
root /var/www/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
135执行以下操作:
vi /var/www/html/index.html
[plain] view
plain copy
print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.135</h1></center>
</body>
</html>
134执行以下操作:
vi /var/www/html/index.html
[plain] view
plain copy
print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.134</h1></center>
</body>
</html>
134执行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view
plain copy
print?
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth2
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
135执行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view
plain copy
print?
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
Tips:
state 参数值:主的是MASTER、备用的是BACKUP
priority 参数值: MASTER > BACKUP
virtual_router_id: 参数值要一样
两台测试机134\135均启动keepalived和nginx
service keepalived restart
service keepalived nginx
验证nginx启动正常:
访问 master:http://192.168.232.134:8088/
访问 backup: http://192.168.232.135:8088/
查看keepalived的日志信息:
134\135均打开日志信息方便查看keepalived动态:
tail -f /var/log/messages
浏览器打开虚拟ip访问:http://192.168.232.16:8080/ ,此时显示IP为192.168.232.134
kill 192.168.232.134(master) 的keepalived进程
killall keepalived
134的日志信息如下:
[plain] view
plain copy
print?
Jun 11 18:03:10 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 18:03:15 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 19:30:44 localhost Keepalived: Terminating on signal
Jun 11 19:30:44 localhost Keepalived: Stopping Keepalived v1.2.2 (06/10,2014)
Jun 11 19:30:44 localhost Keepalived_vrrp: Terminating VRRP child process on signal
Jun 11 19:30:44 localhost Keepalived_healthcheckers: Terminating Healthchecker child process on signal
135的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:30:50 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:30:55 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此时显示IP为192.168.232.135。
再次启动192.168.232.134的keepalived进程,192.168.232.134会自动接管成为master,192.168.232.135自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
关闭192.168.232.134(master) 的nginx服务:
service nginx stop
134的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:38:49 localhost Keepalived_vrrp: VRRP_Script(chk_http_port) failed
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 11 19:38:51 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 removed
135的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:38:52 localhost Keepalived_vrrp: VRRP_Instance(VI_1) forcing a new MASTER election
Jun 11 19:38:53 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:38:54 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:38:59 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此时显示IP为192.168.232.135。
再次启动192.168.232.134的nginx进程,192.168.232.134会自动接管成为master,192.168.232.135自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
为什么主备的参数state都是MASTER,对的你没有看错确实要都设置成一样的,不然并不能实现我们想要的VIP漂浮的效果,我测试很久才发现的.state都设置成MASTER后,会根据priority的值大小竞争来决定谁是真正的MASTER,脚本检测也是在失败的时候会把权重减去相应的值,比如原来master(181)的priority=100,如果脚本检测到端口8088无法连接,就会priority-2=98,< S-B(150)的priority(99),此时 S-B(150) 将竞争成为master,这样就实现了web应用的热备。
如果以上实验都没有问题了,那么就该nginx负载均衡的配置了,配置修改参见如下:http://blog.csdn.net/e421083458/article/details/30086413
高可用性HA(High Availability)指的是通过尽量缩短因日常维护操作(计划)和突发的系统崩溃(非计划)所导致的停机时间,以提高系统和应用的可用性。HA系统是目前企业防止核心计算机系统因故障停机的最有效手段。
实现HA的方式,一般采用两台机器同时完成一项功能,比如数据库服务器,平常只有一台机器对外提供服务,另一台机器作为热备,当这台机器出现故障时,自动动态切换到另一台热备的机器。
怎么实现故障检测的那?
心跳,采用定时发送一个数据包,如果机器多长时间没响应,就认为是发生故障,自动切换到热备的机器上去。
怎么实现自动切换那?
虚IP。何为虚IP那,就是一个未分配给真实主机的IP,也就是说对外提供数据库服务器的主机除了有一个真实IP外还有一个虚IP,使用这两个IP中的 任意一个都可以连接到这台主机,所有项目中数据库链接一项配置的都是这个虚IP,当服务器发生故障无法对外提供服务时,动态将这个虚IP切换到备用主机。
开始我也不明白这是怎么实现的,以为是软件动态改IP地址,其实不是这样,其实现原理主要是靠TCP/IP的ARP协议。因为ip地址只是一个逻辑 地址,在以太网中MAC地址才是真正用来进行数据传输的物理地址,每台主机中都有一个ARP高速缓存,存储同一个网络内的IP地址与MAC地址的对应关 系,以太网中的主机发送数据时会先从这个缓存中查询目标IP对应的MAC地址,会向这个MAC地址发送数据。操作系统会自动维护这个缓存。这就是整个实现
的关键。
下边就是我电脑上的arp缓存的内容。
(192.168.1.219) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.217) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.218) at 00:21:5A:DB:7F:C2 [ether] on bond0
192.168.1.217、192.168.1.218是两台真实的电脑,
192.168.1.217为对外提供数据库服务的主机。
192.168.1.218为热备的机器。
192.168.1.219为虚IP。
大家注意红字部分,219、217的MAC地址是相同的。
再看看那217宕机后的arp缓存
(192.168.1.219) at 00:21:5A:DB:7F:C2 [ether] on bond0
(192.168.1.217) at 00:21:5A:DB:68:E8 [ether] on bond0
(192.168.1.218) at 00:21:5A:DB:7F:C2 [ether] on bond0
这就是奥妙所在。当218 发现217宕机后会向网络发送一个ARP数据包,告诉所有主机192.168.1.219这个IP对应的MAC地址是00:21:5A:DB:7F:C2,这样所有发送到219的数据包都会发送到mac地址为00:21:5A:DB:7F:C2的机器,也就是218的机器。
一,首先说明一下网络拓扑结构:
1,Nginx 反向代理Server(HA):
①Nginx master:192.168.1.157
②Nginx backup:192.168.1.158
虚拟IP统一为:192.168.1.110
2,web服务器:
192.168.1.160 ,192.168.1.161,192.168.1.162 即web服务器,已配置好 Tomcat(Jboss等皆可)和Java程序
3,MySQL 数据库Server
mysql主从服务器
二,Nginx安装配置
1,安装
建议先用yum install yum-fastestmirror更新下源
下载并安装nginx1.0.9,下载文件均放到/usr/local/src目录下
cd /usr/local/src
①update yum
yum -y update
②利用CentOS Linux系统自带的yum命令安装、升级所需的程序库
安装依赖包
#yum install gcc pcre pcre-devel zlib zlib-devel openssl openssl-devel
下载nginx
#cd /usr/local/src
#wget http://www.nginx.org/download/nginx-1.0.9.tar.gz #tar zxvf nginx-1.0.9.tar.gz
#cd nginx-1.0.9
配置安装:
#./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock
--user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/tmp/nginx/client/
--http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/
#make
#make install
建立用户:
/usr/sbin/groupadd nginx
/usr/sbin/useradd -g nginx -M nginx
mkdir -p /var/tmp/nginx/client
启动nginx
#/usr/sbin/nginx
ps:如果中途提示缺少库,直接yum install xxx即可。
即:conf-path=/etc/nginx/nginx.conf,用户名为nginx,所属的组为nginx
2,配置
Nginx负载均衡设置:
①修改配置文件:
vi /etc/nginx/nginx.conf
步骤1,添加负载均衡的http upstream模块
upstream esbwebserver {
server 192.168.1.160:8888;
server 192.168.1.161:8888;
}
步骤2,server指令
server
{
listen 80;
server_name localhost;#注意此处为localhost
location / {
proxy_pass http://esbwebserver;# 添加的tomcat集群名称
......
}
②,重启Nginx,加载修改过的配置文件:
步骤1, 停止nginx引擎
killall -9 nginx
步骤2,启动nginx
/usr/sbin/nginx
到此为止,我们的负载均衡就实现了,下面实现Nginx的高可用,即双机热备。
三,Keepalived 安装配置
1,下载并安装keepalived-1.1.15.tar.gz,下载文件均放到/usr/local/src目录下
cd /usr/local/src
wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz
①解压缩
tar zxvf keepalived-1.1.15.tar.gz
②安装
cd keepalived-1.1.15
./configure --prefix=/usr/local/keepalived
make && make install
③安装成功后做成服务模式,方便启动和关闭
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
④ 分别设置主和备Nginx上的 安装Keepalived配置文件。
配置文件位置:
/usr/local/keepalived/etc/keepalived/keepalived.conf
步骤一,先配置主Nginx server上的keepalived.conf文件,如下所示:
! Configuration File for keepalived
global_defs {
notification_email {
644856452@qq.com
}
notification_email_from 644856452@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_run {
script "/root/bin/nginx_check.sh"
interval 5
}
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.157
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
步骤二,配置backup 服务器的keepalived.conf文件,如下所示:
! Configuration File for keepalived
global_defs {
notification_email {
644856452@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_run {
script "/root/bin/nginx_check.sh"
interval 5
}
vrrp_sync_group VG1 {
group {
VI_1
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
参考下例配置:
-----------------------------------------------------带注释的示例----------------------------------------------------
在主服务器编写配置文件
vrrp_script check_run{
script "/opt/nginx_pid.sh" ###监控脚本
interval 2 ###监控时间
weight 2 ###如果检测返回值不为真weight
2 表示减2,权重值降低,backup server权重值>现Master的,切换
}
vrrp_instance VI_1 {
state MASTER ### 设置为 主
interface eth0 ### 监控网卡
virtual_router_id 51 ### 这个两台服务器必须一样
priority 101 ### 权重值 MASTRE 一定要高于 BAUCKUP
authentication {
auth_type PASS ### 加密
auth_pass 1111 ###加密的密码,两台服务器一定要一样,不然会出错
}
track_script {
check_run ### 执行监控的服务
}
virtual_ipaddress {
192.168.1.110 ### VIP 地址
}
}
6.在backup server 服务器 keepalived 配置
vrrp_script check_run{
script "/opt/nginx_pid.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP ### 设置为 辅机
interface eth0
virtual_router_id 51 ### 与 MASTRE 设置 值一样
priority 100 ### 比 MASTRE权重值 低
authentication {
auth_type PASS
auth_pass eric ### 密码 与 MASTRE 一样
}
track_script {
check_run
}
virtual_ipaddress {
192.168.1.110
}
}
----------------------------------------------over-------------------------------------------------------------------
说明:
1,绑定虚拟IP:
ifconfig eth0:1 192.168.1.110 broadcast 192.168.1.255 netmask 255.255.255.0 up
route add -host 192.168.1.110 dev eth0:1
2, 启动,关闭keepalived :
service keepalived start
service keepalived stop
3,测试可用性:
①主Nginx停止Nginx或直接断网情况下(backup正常),访问虚拟IP:192.168.1.110的相关Web服务,正常,测试通过
②backup Nginx停止Nginx或直接断网情况下(Master正常),访问虚拟IP:192.168.1.110的相关Web服务,正常,测试通过
4,监控
可用安装Nagios监控服务,详细请网络搜寻,很多这种资料的。
也可以参考:
http://blog.csdn href="http://lib.csdn.net/base/dotnet" target=_blank>.NET/luxiaoyu_sdc/article/details/7333416
keepalived+nginx双机热备+负载均衡
最近因业务扩展,需要将当前的apache 转为nginx(web), 再在web前端放置nginx(负载均衡)。同时结合keepalived 对前端nginx实现HA。
nginx进程基于于Master+Slave(worker)多进程模型,自身具有非常稳定的子进程管理功能。在Master进程分配模式下,Master进程永远不进行业务处理,只是进行任务分发,从而达到Master进程的存活高可靠性,Slave(worker)进程所有的业务信号都 由主进程发出,Slave(worker)进程所有的超时任务都会被Master中止,属于非阻塞式任务模型。
Keepalived是Linux下面实现VRRP 备份路由的高可靠性运行件。基于Keepalived设计的服务模式能够真正做到主服务器和备份服务器故障时IP瞬间无缝交接。二者结合,可以构架出比较稳定的软件lb方案。
准备4台电脑来做这个实验:
192.168.232.132 web服务器
192.168.232.133 web服务器
192.168.232.134 keepalived nginx
192.168.232.135 keepalived nginx
虚拟IP (VIP):192.168.232.16
134\135两个主机配置虚拟IP
下面以135为例:vi /etc/sysconfig/network-scripts/ifcfg-eth2:0
[plain] view
plain copy
print?
DEVICE=eth2:0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
DNS1=192.168.232.2
IPADDR=192.168.232.16
NETMASK=255.255.255.0
GETWAY=192.168.232.2
service network restart
使用ifconfig查看效果:
[plain] view
plain copy
print?
eth2 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.135 Bcast:192.168.232.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe49:905b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66322 errors:0 dropped:0 overruns:0 frame:0
TX packets:31860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67624991 (64.4 MiB) TX bytes:2723877 (2.5 MiB)
Interrupt:19 Base address:0x2000
eth2:0 Link encap:Ethernet HWaddr 00:0C:29:49:90:5B
inet addr:192.168.232.16 Bcast:192.168.232.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:22622 errors:0 dropped:0 overruns:0 frame:0
TX packets:22622 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1236328 (1.1 MiB) TX bytes:1236328 (1.1 MiB)
说明生效了。
134\135两个主机安装keepalived和nginx
nginx安装:1、导入外部软件库
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/epel-release-6-5.noarch.rpm rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/i386/ius-release-1.0-10.ius.el6.noarch.rpm rpm -Uvh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm 以下添加注释
mirrorlist=http://dmirr.iuscommunity.org/mirrorlist?repo=ius-el6&arch=$basearch
以下删除注释
#baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/$basearch
2、yum安装nginx
yum install nginx
keepalived安装:
安装依赖
yum -y install gcc gcc+ gcc-c++
yum install popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
安装内核
yum -y install kernel kernel-devel
当前kernel代码建立连接 ln -s /usr/src/kerners/2.6....../ /usr/src/linux
安装keepalived
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz tar -zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make
make install
拷贝相应的文件
cp /usr/local/sbin/keepalived /usr/sbin/
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
cp -r /usr/local/etc/keepalived/ /etc/
配置keeplived和nginx主机
134/135执行都执行以下操作:vi /etc/nginx/conf.d/default.conf
[plain] view
plain copy
print?
server {
listen 8088;
server_name localhost;
location / {
root /var/www/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
135执行以下操作:
vi /var/www/html/index.html
[plain] view
plain copy
print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.135</h1></center>
</body>
</html>
134执行以下操作:
vi /var/www/html/index.html
[plain] view
plain copy
print?
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx! 192.168.232.134</h1></center>
</body>
</html>
134执行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view
plain copy
print?
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth2
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
135执行以下操作:
vi /etc/keepalived/keepalived.conf
[plain] view
plain copy
print?
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.16
}
track_script {
chk_http_port
}
}
Tips:
state 参数值:主的是MASTER、备用的是BACKUP
priority 参数值: MASTER > BACKUP
virtual_router_id: 参数值要一样
测试测试:
两台测试机134\135均启动keepalived和nginxservice keepalived restart
service keepalived nginx
验证nginx启动正常:
访问 master:http://192.168.232.134:8088/
访问 backup: http://192.168.232.135:8088/
查看keepalived的日志信息:
134\135均打开日志信息方便查看keepalived动态:
tail -f /var/log/messages
浏览器打开虚拟ip访问:http://192.168.232.16:8080/ ,此时显示IP为192.168.232.134
服务器层的双机热备(比如服务器宕机、keepalived宕了)测试:
kill 192.168.232.134(master) 的keepalived进程killall keepalived
134的日志信息如下:
[plain] view
plain copy
print?
Jun 11 18:03:10 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 18:03:15 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.232.16
Jun 11 19:30:44 localhost Keepalived: Terminating on signal
Jun 11 19:30:44 localhost Keepalived: Stopping Keepalived v1.2.2 (06/10,2014)
Jun 11 19:30:44 localhost Keepalived_vrrp: Terminating VRRP child process on signal
Jun 11 19:30:44 localhost Keepalived_healthcheckers: Terminating Healthchecker child process on signal
135的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:30:50 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:30:55 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此时显示IP为192.168.232.135。
再次启动192.168.232.134的keepalived进程,192.168.232.134会自动接管成为master,192.168.232.135自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
应用层(web)的双机热备(比如nginx进程被意外kill、web端口不通)试验:
关闭192.168.232.134(master) 的nginx服务:service nginx stop
134的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:38:49 localhost Keepalived_vrrp: VRRP_Script(chk_http_port) failed
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 11 19:38:51 localhost Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 11 19:38:51 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 removed
135的日志信息如下:
[plain] view
plain copy
print?
Jun 11 19:38:52 localhost Keepalived_vrrp: VRRP_Instance(VI_1) forcing a new MASTER election
Jun 11 19:38:53 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 11 19:38:54 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
Jun 11 19:38:54 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.232.16 added
Jun 11 19:38:59 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth2 for 192.168.232.16
刷新http://192.168.232.16:8080/ , 此时显示IP为192.168.232.135。
再次启动192.168.232.134的nginx进程,192.168.232.134会自动接管成为master,192.168.232.135自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
为什么主备的参数state都是MASTER,对的你没有看错确实要都设置成一样的,不然并不能实现我们想要的VIP漂浮的效果,我测试很久才发现的.state都设置成MASTER后,会根据priority的值大小竞争来决定谁是真正的MASTER,脚本检测也是在失败的时候会把权重减去相应的值,比如原来master(181)的priority=100,如果脚本检测到端口8088无法连接,就会priority-2=98,< S-B(150)的priority(99),此时 S-B(150) 将竞争成为master,这样就实现了web应用的热备。
如果以上实验都没有问题了,那么就该nginx负载均衡的配置了,配置修改参见如下:http://blog.csdn.net/e421083458/article/details/30086413
相关文章推荐
- 虚拟ip +keeplalived+nginx 负载实现
- Nginx根据IP区分实现虚拟主机
- 框架 day84 涛涛商城项目-订单系统,系统架构梳理及nginx实现虚拟主机
- Nginx+Tomcat+Redis实现负载均衡与Session共享之四 — Nginx+Tomcat实现负载均衡
- tomcat+nginx+redis实现均衡负载、session共享(二)
- windows使用nginx实现网站负载均衡测试实例
- Nginx 配置轮询分流-实现负载均衡【测试通过】
- Docker的安装和镜像管理并利用Docker容器实现nginx的负载均衡、动静分离 Docker的安装 一、Docker的概念 Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用
- Nginx实现负载均衡
- nginx 作为反向代理实现负载均衡的例子
- Nginx实战基础篇三 Nginx上虚拟主机的实现过程
- nginx 实现mysql的负载均衡【转】
- Nginx+keepalive实现高可用热备负载均衡
- 高性能网站架构之负载均衡 Nginx+tomcat+redis实现tomcat集群
- 比较核心的技术了 虚拟ip的一种实现方式(手工添加和C#添加)
- nginx实现集群服务器的负载均衡
- nginx 作为反向代理实现负载均衡的例子
- 老男孩教育每日一题-第80天-如何实现 Nginx 代理的节点访问日志记录客户的 IP 而不是代理的 IP?
- 用NginX+keepalived实现高可用的负载均衡
- 【nginx】配置Nginx实现负载均衡