Nginx+keepalived热切换高可用
一?keepalived简介
keepalived是一个类似于layer3,?4?&?7交换机制的软件,也就是我们平时说的第3层、第4层和第7层交换。
Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
为了方便测试清关闭防火墙?service?iptables?stop
二?安装
1,本次采用的是centos5.10?两台机器?(master_slave)架构master?192.168.235.101,
slave?192.168.235.102
2,准备编译环境?yum?-y?install?gcc?gcc+?gcc-c++?openssl?openssl-devel?pcre?pcre-devel
3,下载软件源代码包
Nginx1.7.0?最新版
wget??http://nginx.org/download/nginx-1.7.0.tar.gz
keepalived?1.2.12最新版
wget??http://www.keepalived.org/software/keepalived-1.2.12.tar.gz
4,编译安装源代码
a.?Nginx的安装(两台机器进行相同的安装即可)
解压nginx
tar?xf?nginx-1.7.0
cd?nginx1.7.0
./configure
make?&&?make?install
如果没有报错证明安装成功
测试
/usr/local/nginx/sbin/nginx?–t
[root@keepMaster?opt]#?/usr/local/nginx/sbin/nginx?-t
nginx:?the?configuration?file?/usr/local/nginx/conf/nginx.conf?syntax?is?ok
nginx:?configuration?file?/usr/local/nginx/conf/nginx.conf?test?is?successful
表示成功
b.?keepalived安装
tar?xf?keepalived-1.2.12.tar.gz
cd?keepalived-1.2.12
./configure
make?&&?make?install
cp?/usr/local/etc/rc.d/init.d/keepalived?/etc/init.d/
cp?/usr/local/etc/sysconfig/keepalived?/etc/sysconfig/
chmod?+x?/etc/init.d/keepalived
chkconfig?–add?keepalived
chkconfig?keepalived?on
mkdir?/etc/keepalived
ln?–s?/usr/local/sbin/keepalived?/usr/sbin
三?配置
Keepalived的配置
a在master机器(192.168.235.101中的配置)
vi?/etc/keepalived/?keepalived.config?//这个文件默认是不存在的
使用vi?加入以下的配置
global_defs?{
notification_email?{
admin@centos.bz
}
notification_email_from?keepalived@domain.com
smtp_server?127.0.0.1
smtp_connect_timeout?30
router_id?LVS_DEVEL
}
vrrp_script?chk_http_port?{
script?”/opt/nginx_pid.sh”?############该脚本我们在后面书写
interval?2
weight?2
}
vrrp_instance?VI_1?{
state?MASTER????????############?辅机为?BACKUP
interface?eth0
virtual_router_id?51
mcast_src_ip?192.168.235.101
priority?102??????????????????###########?权值要比?back?高
advert_int?1
authentication?{
auth_type?PASS
auth_pass?1111
}
track_script?{
chk_http_port?###?执行监控的服务
}
virtual_ipaddress?{
192.168.235.100?############?此处的虚拟IP?地址即?我们web所??????????????????????????????????????????????????????####要访问的IP地址??必须在同一网段
}
}
b?配置slave(192.168.235.102)
vi?/etc/keepalived/?keepalived.config?//这个文件默认是不存在的
使用vi?加入以下的配置
global_defs?{
notification_email?{
admin@centos.bz
}
notification_email_from?keepalived@domain.com
smtp_server?127.0.0.1
smtp_connect_timeout?30
router_id?LVS_DEVEL
}
vrrp_script?chk_http_port?{
script?”/opt/nginx_pid.sh”?############该脚本我们在后####面书写
interval?2
weight?2
}
vrrp_instance?VI_1?{
state?BACKUP
interface?eth0
virtual_router_id?51
mcast_src_ip?192.168.235.102
priority?102??????????????????###########?权值要比?back?低
advert_int?1
authentication?{
auth_type?PASS
auth_pass?1111
}
track_script?{
chk_http_port?###?执行监控的服务
}
virtual_ipaddress?{
192.168.235.100?############?此处的虚拟IP?地址即?我们web所??????????????????????????????????????????????????????####要访问的IP地址??必须在同一网段
}
}
c?分别在master?slave上建立nginx的监控脚本文件
vi?/opt/nginx_pid.sh
输入以下配置
#!/bin/bash
A=`ps?–C?nginx?–no-header?|wc?-l`
if?[$A?–eq?0];then
/usr/local/nginx/sbin/nginx
sleep?3
if[`ps?–C?nginx?–no-header?|wc?-l`?-eq?0];then
killall?keepalived
fi
fi
四?测试
<!–[if !supportLists]–>1.?<!–[endif]–>分别在mster和slave上启动nginx??/usr/local/nginx/sbin/nginx
<!–[if !supportLists]–>2.?<!–[endif]–>先启动master(101)上的?keepalived??service?keepalived?start?再启动slave(102)
<!–[if !supportLists]–>3.?<!–[endif]–>在master上敲入?ip?a
2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?qlen?1000
link/ether?00:0c:29:c2:74:15?brd?ff:ff:ff:ff:ff:ff
inet?192.168.235.101/24?brd?192.168.235.255?scope?global?eth0
inet?192.168.235.110/32?scope?global?eth0?//虚拟IP成功了?使用该地址访问
inet6?fe80::20c:29ff:fec2:7415/64?scope?link
valid_lft?forever?preferred_lft?forever
此时在slave输入ip?a?是看不到虚拟ip的
<!–[if !supportLists]–>4.?<!–[endif]–>在master上关闭nginx??/usr/local/nginx/sbin/nginx?–s?stop?输入ip?a
2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?qlen?1000
link/ether?00:0c:29:c2:74:15?brd?ff:ff:ff:ff:ff:ff
inet?192.168.235.101/24?brd?192.168.235.255?scope?global?eth0
inet6?fe80::20c:29ff:fec2:7415/64?scope?link
valid_lft?forever?preferred_lft?forever
虚拟IP地址没有了
此时在slave下输入ip?a
看到inet?192.168.235.110/32?scope?global?eth0?说明成功了
下面是我测试机器
2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?qlen?1000
link/ether?00:0c:29:e3:a2:2b?brd?ff:ff:ff:ff:ff:ff
inet?192.168.235.102/24?brd?192.168.235.255?scope?global?eth0
inet?192.168.235.110/32?scope?global?eth0?//看到这个?表示切换成功?秒级别
inet6?fe80::20c:29ff:fee3:a22b/64?scope?link
valid_lft?forever?preferred_lft?forever
<!–[if !supportLists]–>5.?<!–[endif]–>重新启动master?上的nginx,keepalived会自动切换到master
<!–[if !supportLists]–>6.?<!–[endif]–>经测试在master意外断电的情况下任然不影响切换,并在master成功修复,重新启动成功之后,slave会自动切换到master