keepalived + nginx 高可用实现

技术文档 - Linux 作者: xcheng1986 发布于:2016-11-16 阅读(1600) (暂无评论)  

keepalived可以认为是VRRP协议在Linux上的实现,主要有三个模块,分别是core、check和vrrp。core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查,包括常见的各种检查方式。vrrp模块是来实现VRRP协议的.
nginx Master   :192.168.154.141
nginx Backup  :192.168.154.142
VIP                 :192.168.154.150

一、软件安装
安装keepalived,(nginx安装不介绍)
apt-get install libpopt-dev daemon  openssl  libssl-dev

cd /usr/local/src/;
wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz
tar zxvf keepalived-1.1.19.tar.gz
cd keepalived-1.1.19/
./configure --prefix=/usr/local/keepalived
make && make install

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

cd /etc/keepalived/
cp keepalived.conf keepalived.conf.bakup



二、keepalived配置(/etc/keepalived/keepalived.conf)
Master:
! Configuration File for keepalived
global_defs {
    notification_email {
        #test@test.com
    }
    #notification_email_from test@example.com
    #smtp_server mail.example.com
    #smtp_connect_timeout 30
    router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/etc/keepalived/check_nginx.sh" # 自己写的检测脚本。也可以是一行命令如killall -0 nginx
    interval 2 # 每2s检测一次
    weight -10 # 检测失败(脚本返回非0)则优先级 -10
    fall 3  # 检测连续 2 次失败才算确定是真失败。会用weight减少优先级(1-255之间)
    rise 2 # 检测 1 次成功就算成功。但不修改优先级
}

vrrp_instance VI_1 {
    state MASTER                                #其他 BACKUP
    interface eth0                              #实例绑定的网卡,因为在配置虚拟IP的时候必须是在已有的网卡上添加的
    mcast_src_ip  192.168.154.141       #本机IP  发送多播数据包时的源IP地址
    virtual_router_id 51                        #这里设置VRID,这里非常重要,相同的VRID为一个组,他将决定多播的MAC地址
    priority 100                                        #其他  95,设置本节点的优先级,优先级高的为master
    advert_int 2                                        #检查间隔,默认为1秒。这就是VRRP的定时器,MASTER每隔这样一个时间间隔,就会发送一个advertisement报文以通知组内其他路由器自己工作正常
    nopreempt                                           #仅在主机设置
    authentication {                            #定义认证方式和密码,主从必须一样
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
        192.168.154.150 #虚拟出来的IP
    }

    track_script {
       chk_nginx  # 引用VRRP脚本,即在 vrrp_script 部分指定的名字。定期运行它们来改变优先级,并最终引发主备切换
    }
}

Backup:
! Configuration File for keepalived
global_defs {
    notification_email {
        #test@test.com
    }
    #notification_email_from test@example.com
    #smtp_server mail.example.com
    #smtp_connect_timeout 30
    router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/etc/keepalived/check_nginx.sh"
    interval 2
    weight -10
    fall 3
    rise 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0                             
    mcast_src_ip  192.168.154.142
    virtual_router_id 51
    priority 95
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
        192.168.154.150
    }

    track_script {
       chk_nginx
    }
}

检测nginx状态
/etc/keepalived/check_nginx.sh:
#!/bin/bash

check_code=`curl --connect-timeout 3 -s -w "%{http_code}" http://127.0.0.1/index.php  -o /dev/null`
if [ "$check_code" != "200" ]; then
        exit 1
else
        exit 0
fi
chmod +x /etc/keepalived/check_nginx.sh
(一定不能忘记赋权限)

三、启动并测试
分别在两台服务器上 启动keepalived
keepalived -D
创建测试php文件/var/www/html/index.php,并写入本机IP;
echo "<?php echo '`ifconfig eth0 |grep 'inet addr'|cut -d':' -f2 |cut -d' ' -f1`';" > /var/www/html/index.php
用浏览器打开 VIP (http://192.168.154.150) ,正常应该是141上的页面,
再关闭PHP (service php5-fpm stop),
再次打开 VIP 此时应该是142上的页面。