Nginx高可用群集架构(Keepalived+nginx+ipvsadm)
案例说明
为了解决Nginx的单点故障问题,使用Keepalived实现双机热备,Keepalived 是一种高性能的服务器高可用或热备解决方案, Keepalived 可以用来防止服务器单点故障的发生,通过配合 Nginx 可以实现 web 前端服务的高可用。使用ipvsadm轮询规则实现负载均衡。
案例拓扑
案例环境
主机 | 操作系统 | ip地址 | 主要软件 |
---|---|---|---|
keepalivedMaster | Centos7 | 192.168.100.130 | keepalived、ipvsadm |
keepalivedBackup | Centos7 | 192.168.100.140 | keepalived、ipvsadm |
nginx1 | Centos7 | 192.168.100.100 | nginx-1.14.0 |
nginx2 | Centos7 | 192.168.100.110 | nginx-1.14.0 |
客户机 | win7 | 192.168.100.55 | 网页浏览器 |
案例操作
一、安装两台nginx服务器
1、安装环境包
yum install gcc gcc-c++ pcre pcre-devel zlib-devel -y
2、下载nginx包
cd /usr/local/
wget http://nginx.org/download/nginx-1.14.0.tar.gz
3、解压编译
tar zxf nginx-1.14.0.tar.gz
cd nginx-1.14.0
useradd -M -s /sbin/nologin nginx
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
make && make install
4、优化
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
5、修改网页站点
[root@bogon nginx]# cd /usr/local/nginx/html/
6、关闭防火墙、开启Nginx服务
[root@bogon html]# systemctl stop firewalld.service
[root@bogon sbin]# setenforce 0
[root@bogon sbin]# nginx
[root@bogon sbin]# netstat -ntap | grep nginx #检测nginx端口有没有开启
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 40686/nginx: master
7、客户机测试访问
二、配置ipvsamd调度服务器
1、下载ipvsadm和keepaliveed
[root@bogon ~]# yum install keepalived ipvsadm -y
2、关闭防火墙,开启路由转发功能
[root@bogon ~]# systemctl stop firewalld.service
[root@bogon ~]# systemctl disable firewalld.service
[root@bogon ~]# setenforce 0
[root@bogon ~]# vim /etc/sysctl.conf #添加如下四行内容
net.ipv4.ip_forward=1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects =
sysctl -p #刷新即时生效
3、复制ens33网卡,设置虚拟ip
[root@bogon ~]# cd /etc/sysconfig/network-scripts/
[root@bogon network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0
[root@bogon network-scripts]# vim ifcfg-ens33:0 #删除原有内容,添加如下4行
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
[root@bogon network-scripts]# ifup ens33:0 #启动ens33:0网卡
4、配置ipvsadm启动脚本
vim /etc/init.d/dr.sh
#!/bin/bash GW=192.168.100.1 #网关 VIP=192.168.100.10 #虚拟ip RIP1=192.168.100.100 #nginx1服务器ip RIP2=192.168.100.110 #nginx2服务器ip case "$1" in start) /sbin/ipvsadm --save > /etc/sysconfig/ipvsadm systemctl start ipvsadm /sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up /sbin/route add -host $VIP dev ens33:0 /sbin/ipvsadm -A -t $VIP:80 -s rr /sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g /sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g echo "ipvsadm starting --------------------[ok]" ;; stop) /sbin/ipvsadm -C systemctl stop ipvsadm ifconfig ens33:0 down route del $VIP echo "ipvsamd stoped----------------------[ok]" ;; status) if [ ! -e /var/lock/subsys/ipvsadm ];then echo "ipvsadm stoped---------------" exit 1 else echo "ipvsamd Runing ---------[ok]" fi ;; *) echo "Usage: $0 {start|stop|status}" exit 1 esac exit 0
5、添加脚本权限,启动ipvsadm
[root@bogon network-scripts]# chmod +x /etc/init.d/dr.sh
[root@bogon network-scripts]# service dr.sh start
三、回到Nginx节点服务器配置虚拟ip
1、复制ifcfg-lo网卡,进行修改
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0 #删除原本内容,添加如下4行
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.0
ONBOOT=yes
2、设置ifcfg-lo:0启动脚本
[root@localhost network-scripts]# cd /etc/init.d/
[root@localhost init.d]# vim lo.sh
#!/bin/bash VIP=192.168.100.10 #虚拟ip case "$1" in start) ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP /sbin/route add -host $VIP dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1 echo "RealServer Start OK " ;; stop) ifconfig lo:0 down route del $VIP /dev/null 2>&1 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stopd" ;; *) echo "Usage: $0 {start|stop}" exit 1 esac exit 0
3、添加脚本权限,启动lo:0网卡
[root@localhost init.d]# chmod +x lo.sh
[root@localhost init.d]# service lo.sh start
[root@localhost init.d]# ifup lo:0
4、本地再次自测站点
[root@localhost init.d]# firefox "http://127.0.0.1/" &
四、配置Keepalived
vim /etc/keepalived/keepalived.conf (主从服务器配置内容如下)
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 #指向本地地址 smtp_connect_timeout 30 router_id LVS_01 #从服务器LVS_02加以区分 vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER #从服务器为BACKUP interface ens33 #绑定真实网卡为ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { #虚拟ip地址 192.168.100.10 } } virtual_server 192.168.100.10 80 { #虚拟ip地址,端口号80 delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.100.100 80 { #nginx1ip地址,端口80 weight 1 TCP_CHECK { #改为TCP_CHECK,删除原有的url8行 connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.100.110 443 { #nginx2ip地址,端口80 weight 1 TCP_CHECK { #改为TCP_CHECK,删除原有的url8行 connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
2、开启keepalived服务
[root@bogon ~]# systemctl start keepalived.service
[root@bogon ~]# systemctl status keepalived.service #查看状态
五、客户机测试
1、通过访问虚拟ip测试nginx网站
2、宕掉Master的keepalived服务器的虚拟ip,再次访问
[root@bogon network-scripts]# systemctl stop keepalived.service
结尾小结:
1、因本文使用的虚拟机模拟案例,所以先用NAT模式下好了所有软件包,然后修改为仅主机模式。
2、关于keepalived宕机再开的问题,要查看防火墙,重新关闭一次。
3、测试时宕掉了master的keepalved,发现无法访问站点,需要检查虚拟IP,重新启动ipvsadm。
- nginx+keepalived+proxy_cache 配置高可用nginx群集和高速缓存
- Docker+Nginx+Keepalived实现架构高可用
- 高可用web架构: LVS+keepalived+nginx+apache+php+eaccelerator(+nfs可选 可不选)
- 搭建 Keepalived + Nginx + Tomcat 的高可用负载均衡架构
- 架构设计:负载均衡层设计方案(6)——Nginx + Keepalived构建高可用的负载层
- 分布式架构高可用架构篇_04_Keepalived+Nginx实现高可用Web负载均衡
- 如何搭建高可用架构(三)--Nginx双主热备(Keepalived实现)
- Keepalived + Nginx + Tomcat 的高可用负载均衡架构搭建
- 分布式架构高可用架构_Keepalived+Nginx实现高可用Web负载均衡
- 分布式架构高可用架构篇_04_Keepalived+Nginx实现高可用Web负载均衡
- (2)LVS+Keepalived+nginx高可用负载均衡架构原理及配置
- nginx+keepalived高可用web架构
- 搭建 Keepalived + Nginx + Tomcat 的高可用负载均衡架构
- 架构设计:负载均衡层设计方案(6)——Nginx + Keepalived构建高可用的负载层
- 高可用web架构: LVS+keepalived+nginx+apache+php+eaccelerator(+nfs可选 可不选)
- Nginx + keepalived 实现高可用HA 【主从架构】
- 搭建Keepalived + Nginx + Tomcat的高可用负载均衡架构
- 分布式架构高可用架构_Keepalived+Nginx实现高可用Web负载均衡
- keepalived双主模式实现nginx高可用及LNAMMP架构