Nginx+keepalived热切换高可用
一 keepalived简介
keepalived是一个类似于layer3, 4 & 7交换机制的软件,也就是我们平时说的第3层、第4层和第7层交换。
Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
为了方便测试清关闭防火墙 service iptables stop
二 安装
1,本次采用的是centos5.10 两台机器 (master_slave)架构master 192.168.235.101,
slave 192.168.235.102
2,准备编译环境 yum -y install gcc gcc+ gcc-c++ openssl openssl-devel pcre pcre-devel
3,下载软件源代码包
Nginx1.7.0 最新版
wget http://nginx.org/download/nginx-1.7.0.tar.gz
keepalived 1.2.12最新版
wget http://www.keepalived.org/software/keepalived-1.2.12.tar.gz
4,编译安装源代码
a. Nginx的安装(两台机器进行相同的安装即可)
解压nginx
tar xf nginx-1.7.0
cd nginx1.7.0
./configure
make && make install
如果没有报错证明安装成功
测试
/usr/local/nginx/sbin/nginx –t
[root@keepMaster opt]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
表示成功
b. keepalived安装
tar xf keepalived-1.2.12.tar.gz
cd keepalived-1.2.12
./configure
make && make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
chkconfig –add keepalived
chkconfig keepalived on
mkdir /etc/keepalived
ln –s /usr/local/sbin/keepalived /usr/sbin
三 配置
Keepalived的配置
a在master机器(192.168.235.101中的配置)
vi /etc/keepalived/ keepalived.config //这个文件默认是不存在的
使用vi 加入以下的配置
global_defs {
notification_email {
admin@centos.bz
}
notification_email_from keepalived@domain.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/opt/nginx_pid.sh" ############该脚本我们在后面书写
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER ############ 辅机为 BACKUP
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.235.101
priority 102 ########### 权值要比 back 高
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.235.100 ############ 此处的虚拟IP 地址即 我们web所 ####要访问的IP地址 必须在同一网段
}
}
b 配置slave(192.168.235.102)
vi /etc/keepalived/ keepalived.config //这个文件默认是不存在的
使用vi 加入以下的配置
global_defs {
notification_email {
admin@centos.bz
}
notification_email_from keepalived@domain.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/opt/nginx_pid.sh" ############该脚本我们在后####面书写
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.235.102
priority 102 ########### 权值要比 back 低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port ### 执行监控的服务
}
virtual_ipaddress {
192.168.235.100 ############ 此处的虚拟IP 地址即 我们web所 ####要访问的IP地址 必须在同一网段
}
}
c 分别在master slave上建立nginx的监控脚本文件
vi /opt/nginx_pid.sh
输入以下配置
#!/bin/bash
A=`ps –C nginx –no-header |wc -l`
if [$A –eq 0];then
/usr/local/nginx/sbin/nginx
sleep 3
if[`ps –C nginx –no-header |wc -l` -eq 0];then
killall keepalived
fi
fi
四 测试
<!--[if !supportLists]-->1. <!--[endif]-->分别在mster和slave上启动nginx /usr/local/nginx/sbin/nginx
<!--[if !supportLists]-->2. <!--[endif]-->先启动master(101)上的 keepalived service keepalived start 再启动slave(102)
<!--[if !supportLists]-->3. <!--[endif]-->在master上敲入 ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:c2:74:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.235.101/24 brd 192.168.235.255 scope global eth0
inet 192.168.235.110/32 scope global eth0 //虚拟IP成功了 使用该地址访问
inet6 fe80::20c:29ff:fec2:7415/64 scope link
valid_lft forever preferred_lft forever
此时在slave输入ip a 是看不到虚拟ip的
<!--[if !supportLists]-->4. <!--[endif]-->在master上关闭nginx /usr/local/nginx/sbin/nginx –s stop 输入ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:c2:74:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.235.101/24 brd 192.168.235.255 scope global eth0
inet6 fe80::20c:29ff:fec2:7415/64 scope link
valid_lft forever preferred_lft forever
虚拟IP地址没有了
此时在slave下输入ip a
看到inet 192.168.235.110/32 scope global eth0 说明成功了
下面是我测试机器
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:e3:a2:2b brd ff:ff:ff:ff:ff:ff
inet 192.168.235.102/24 brd 192.168.235.255 scope global eth0
inet 192.168.235.110/32 scope global eth0 //看到这个 表示切换成功 秒级别
inet6 fe80::20c:29ff:fee3:a22b/64 scope link
valid_lft forever preferred_lft forever
<!--[if !supportLists]-->5. <!--[endif]-->重新启动master 上的nginx,keepalived会自动切换到master
<!--[if !supportLists]-->6. <!--[endif]-->经测试在master意外断电的情况下任然不影响切换,并在master成功修复,重新启动成功之后,slave会自动切换到master
已有 0人发表留言,猛击->> 这里<<-参与讨论
ITeye推荐