你的位置:9学知识网 > Linux > keepalive+nginx负载均衡高可用

    keepalive+nginx负载均衡高可用

    Linux piniu 874浏览 0评论
    服务器  IP地址 说明
    虚拟IP  172.17.20.111
    Nginx proxy A 172.17.20.122
    Nginx proxy B 172.17.20.124
    Web站点A  172.17.20.121
    Web站点B 172.17.20.123
    Web站点C 172.17.20.125

    1. 分别在 Nginx proxy A 和 Nginx proxy B 服务器上安装 keepalived.

    先下载地址: http://www.keepalived.org/index.html

    [root@myordb ~]# tar zxvf keepalived-1.3.6.tar.gz
[root@myordb ~]# cd keepalived-1.3.6
[root@myordb ~]# ./configure --prefix=/usr/local/keepalived
[root@myordb ~]# make
[root@myordb ~]# make install

    2.配置keepalived

    #keepalived默认配置文件从/etc/keepalived下读取
[root@myordb ~]# mkdir /etc/keepalived

#一个二进制执行文件,直接拷贝过去即可
[root@myordb ~]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

#脚本的额外配置文件读取位置
[root@myordb ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

#将启动脚本拷贝到/etc/init.d/
[root@myordb ~]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

    本人没找到这个文件: /usr/local/keepalived/etc/rc.d/init.d/keepalived,但是本人拷贝的源码包(keepalived-1.3.6)里面的 keepalived/etc/init.d/keepalived

    #keepalived的配置文件 

    [root@myordb ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

    修改Nginx proxy A服务器上的 /etc/keepalived/keepalived.conf 

    ! Configuration File for keepalived
 
global_defs {
   notification_email { ##出故障发送邮件给谁
      acassen@firewall.loc
      failover@firewall.loc
      sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc ##故障用哪个邮箱发送邮件
   smtp_server 192.168.200.1 ##SMTP_Server IP
   smtp_connect_timeout 30 ##超时时间
   router_id LVS_DEVEL ##服务器标识
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}
 
vrrp_instance VI_1 {
      #state MASTER
      state BACKUP ##状态,都为BACKUP,它们会推选Master,如果你写MASTER,它就会是 
      Master,##当Master故障时Backup会成为Master,当原来的Master恢复后,原来的 
      Master会成为Master
      interface eth0 ##发送VRRP的接口,仔细看你的是不是eth0
      virtual_router_id 51 ##虚拟路由标识,同一个组应该用一个,即Master与Backup同一个
      priority 100 ##优先级
      nopreempt ##不抢占,一个故障时,重启后恢复后不抢占意资源
      advert_int 1 ##同步间隔时长
      authentication { ##认证
      auth_type PASS ##认证方式
      auth_pass 123456 ##密钥
   }
   virtual_ipaddress { ##虚拟IP(即:VIP)
      172.17.20.111 
   }
}

    3.同理修改Nginx proxy B服务器上的 /etc/keepalived/keepalived.conf

    只需修改 priority 90 即可, 其他参数都相同。

    4. 分别在 Nginx proxy A 和 Nginx proxy B 服务器上,启动keepalived

    [root@myordb ~]# service keepalived start

    5.查看日志
    Sep 15 11:18:00 myordb Keepalived[16509]: Starting Keepalived v1.3.6 (08/14,2017), git commit v1.3.6-1-g8ee15ec
    Sep 15 11:18:00 myordb Keepalived[16509]: Opening file ‘/etc/keepalived/keepalived.conf’.
    Sep 15 11:18:00 myordb Keepalived[16510]: Starting Healthcheck child process, pid=16511
    Sep 15 11:18:00 myordb Keepalived[16510]: Starting VRRP child process, pid=16512
    Sep 15 11:18:00 myordb Keepalived_healthcheckers[16511]: Opening file ‘/etc/keepalived/keepalived.conf’.
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: Registering Kernel netlink reflector
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: Registering Kernel netlink command channel
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: Registering gratuitous ARP shared channel
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: Opening file ‘/etc/keepalived/keepalived.conf’.
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: VRRP_Instance(VI_1) removing protocol VIPs.
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: Using LinkWatch kernel netlink reflector…
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: VRRP_Instance(VI_1) Entering BACKUP STATE
    Sep 15 11:18:00 myordb Keepalived_vrrp[16512]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
    Sep 15 11:18:03 myordb Keepalived_vrrp[16512]: VRRP_Instance(VI_1) Transition to MASTER STATE
    Sep 15 11:18:04 myordb Keepalived_vrrp[16512]: VRRP_Instance(VI_1) Entering MASTER STATE
    Sep 15 11:18:04 myordb Keepalived_vrrp[16512]: VRRP_Instance(VI_1) setting protocol VIPs.
    Sep 15 11:18:04 myordb Keepalived_vrrp[16512]: Sending gratuitous ARP on eth0 for 172.17.20.111

    6. 查看vip绑定到哪台机器上

    [root@myordb ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:9a:31:a8 brd ff:ff:ff:ff:ff:ff
inet 172.17.20.122/24 brd 172.17.20.255 scope global eth0
inet 172.17.20.111/32 scope global eth0
inet6 fe80::250:56ff:fe9a:31a8/64 scope link
valid_lft forever preferred_lft forever

    7.查看是否能过访问VIP,本人已经配置了web服务器和nginx服务器支持https协议,所以通过如下命令:

    [root@gj_css_php1 ~]# elinks -dump -eval 'set connection.ssl.cert_verify = 0' https://172.17.20.111

    172.17.20.121
    注: -eval ‘set connection.ssl.cert_verify = 0’ 使用这个参数,是为了跳过证书验证,因为测试服务器上没有正版证书。


    与本文相关的文章

    发表我的评论
    取消评论
    表情

    Hi,您需要填写昵称和邮箱!

    • * 昵称:
    • * 邮箱: