nginx+keepalived实现双机热备高可用

发表于 更新于 分类于

这篇文章简单介绍利用keepalived软件,实现对nginx服务器的高可用,即实现故障自动切换.

安装nginx(两台安装配置都一样!):

1
2
3
4
5
6
7
8
9
10
11
#添加运行nginx的用户和组www
groupadd www
useradd -g www www
#安装依赖
yum install pcre pcre-devel
#开始安装nginx
wget http://sysoev.ru/nginx/nginx-0.7.51.tar.gz
tar zxvf nginx-0.7.51.tar.gz
cd nginx-0.7.51/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install

keepalived安装:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
yum install openssl-devel
cd /tmp
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar xzf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make && make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
chkconfig --add keepalived
chkconfig keepalived on
mkdir /etc/keepalived
ln -s /usr/local/sbin/keepalived /usr/sbin/
keepalived的配置 更详细的keepalived配置

文件说明可以执行man keepalived.conf查看.
我们假设主服务器IP:192.168.1.103,从服务器ip:192.168.1.101,虚拟ip:192.168.1.110.
下面对主服务器的keepalived进行配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
vi /etc/keepalived/keepalived.conf
global_defs {
    notification_email {
    admin@centos.bz
    }
    notification_email_from keepalived@domain.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL
}
vrrp_script chk_http_port {
    script "/opt/nginx_pid.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
    state MASTER ############ 辅机为 BACKUP
    interface eth0
    virtual_router_id 51
    mcast_src_ip 192.168.1.103
    priority 102 ########### 权值要比 back 高
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 1111
    }
track_script {
    chk_http_port ### 执行监控的服务
    }
    virtual_ipaddress {
        192.168.1.110
    }
}

从服务器:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
global_defs {
    notification_email {
    admin@centos.bz
    }
    notification_email_from keepalived@domain.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL
}
vrrp_script chk_http_port {
    script "/opt/nginx_pid.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    mcast_src_ip 192.168.1.101
    priority 101 ##########权值 要比 master 低..
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 1111
}
track_script {
    chk_http_port ### 执行监控的服务
    }
    virtual_ipaddress {
        192.168.1.110
    }
}

之后分别在主从服务器建立nginx的监控脚本:

1
2
3
4
5
6
7
8
9
10
vi /opt/nginx_pid.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
    /usr/local/nginx/sbin/nginx
    sleep 3
    if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
        killall keepalived
    fi
fi

然后分别启动主从服务器的keepalived:

1
service keepalived start

keepalived的测试,我们在主服务器上执行命令ip a,显示如下:

1
2
3
4
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:aa:a1:e4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0
inet 192.168.1.110/32 scope global eth0

证明主服务器已经绑定了虚拟ip 192.168.1.110 在从服务器上执行命令ip a,显示如下:

1
2
3
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:2b:94:3b brd ff:ff:ff:ff:ff:ff
inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0

显示表明从服务器上没有绑定vip 192.168.1.110,只有本机真实ip192.168.1.101 下面我们停止主服务器的nginx进程,再看看ip绑定情况: 主服务器的情况:

1
2
3
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:aa:a1:e4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0

从服务器的情况:

1
2
3
4
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:2b:94:3b brd ff:ff:ff:ff:ff:ff
inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0
inet 192.168.1.110/32 scope global eth0

由此可见vip已经指向了从服务器.