【架构搭建】nginx+keepalived高可用负载均衡

Carol ·

更新时间:2024-11-14

· 619 次阅读

Keepalived主备模式搭建

keepalived下载地址：https://www.keepalived.org/download.html

keepalived的工作原理：
keepalived是基于VRRP协议实现的保证集群高可用的一个服务软件，主要功能是实现真机的故障隔离和负载均衡器间的失败切换，防止单点故障。

VRRP协议：Virtual Route Redundancy Protocol虚拟路由冗余协议。是一种容错协议，保证当主机的下一跳路由出现故障时，由另一台路由器来代替出现故障的路由器进行工作，从而保持网络通信的连续性和可靠性。

虚拟路由器：由一个 Master 路由器和多个 Backup 路由器组成，主机将虚拟路由器当作默认网关。

优先级： VRRP 根据优先级来确定虚拟路由器中每台路由器的地位。

环境部署

主服务器host1(192.168.233.201)   nginx+keepalived    vip(192.168.233.255)
从服务器host2(192.168.233.202)   nginx+keepalived    vip(192.168.233.255)

keepalived部署安装

安装keepalived依赖的包,部署
[root@host ~]# yum install gcc openssl-devel libnl3-devel popt-devel iptables-devel libnfnetlink-devel net-snmp-devel -y
[root@host ~]# wget -c https://www.keepalived.org/software/keepalived-1.3.5.tar.gz
[root@host ~]# tar -zxvf keepalived-1.3.5.tar.gz
[root@host ~]# cd keepalived-1.3.5
[root@host ~]# ./configure --prefix=/usr/local/keepalived
[root@host ~]# make && make install
复制默认配置文件到默认路径
[root@host ~]# mkdir /etc/keepalived
[root@host ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@host ~]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@host ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@host ~]# cd keepalived-1.3.5
[root@host ~]# cp ./keepalived/etc/init.d/keepalived /etc/init.d/
[root@host ~]# chmod +x /etc/init.d/keepalived

配置Master配置文件(192.168.233.201)

[root@host1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {              # 全局配置,配置收件人
notification_email {       # 通知机制,收件人
xxxxxx@qq.com }
notification_email_from keepalived@domain.com   # 发件人
smtp_server 192.168.233.201       # 发件服务器
smtp_connect_timeout 30           # 服务器连接超时时间
router_id LVS_DEVEL1               # 路由器标志,区分主从是谁,邮件附属人
}
vrrp_script check_nginx {     # 集群资源监控，组合track_script进行
script "/etc/keepalived/nginx_check.sh"   # 检测 nginx 状态的脚本路径
interval 2                      # 检测时间间隔
weight -20                      # 条件成立 权重减20
}
vrrp_instance HAPROXY_HA {   # 起个名字HAPROXY_HA
state MASTER            # 主节点，备用节点为BACKUP
interface eth0          # 指定HA监测网络接口，可以用ifconfig查看来决定设置哪一个
virtual_router_id 80    # 虚拟路由标识，同一个VRRP实例要使用同一个标识，主备机
# 因为当前环境中VRRP组播有问题，改为使用单播发送VRRP报文 如果VRRP组播没问题，以下这块的内容可以注释掉。
# 这个地方需要关注，之前未做此设置，结果主备节点互相不能发现，因此主备节点都升级成了MASTER，并且绑定了VIP
# 主节点时，内容为：
#unicast_src_ip 192.168.233.201
# unicast_peer {
# 192.168.233.202
#}
priority 100       # 设置优先级，确保主节点的优先级高过备用节点
advert_int 2       # 用于设定主备节点间同步检查时间间隔
nopreempt          # 设置高可用集群中不抢占功能,在主机down后,从机接管,当主机重新恢复后,设置此功能,备机将继续提供服务,从而避免因切换导致的隐患
authentication {   # 设置主备节点间的通信验证类型及密码,同一个VRRP实例中需一致
auth_type PASS
auth_pass 1234
}
track_script {     # 集群资源监控,组合vrrp_script进行
check_nginx
}
virtual_ipaddress {
192.168.233.255    # 虚拟ip配置完之后就用它访问
}
}

配置BACKUP配置文件(192.168.233.202）

[root@host2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
xxxxxx@qq.com }
notification_email_from keepalived@domain.com
smtp_server 192.168.233.202       # 发件服务器
smtp_connect_timeout 30
router_id LVS_DEVEL2              # 路由器标志,区分主从是谁,邮件附属人
}
vrrp_script check_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance HAPROXY_HA {
state BACKUP            # 备节点，主用节点为MASTER
interface eth0
virtual_router_id 80
#unicast_src_ip 192.168.233.202
# unicast_peer {
# 192.168.233.201
#}
priority 50       # 设置优先级，确保主节点的优先级高过备用节点
advert_int 2
authentication {
auth_type PASS
auth_pass 1234
}
track_script {
check_nginx
}
virtual_ipaddress {
192.168.233.255    # 虚拟ip配置完之后就用它访问
}
}

配置 nginx 的 systemctl 系统启动服务文件

[root@host ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
重新加载systemcyl，让操作系统安装上面写的找到路径
[root@vlnx251101 nginx-1.12.1]# systemctl daemon-reload ；systemctl start nginx

配置nginx检测脚本(nginx故障，重启nginx后仍启动不了服务，则关闭keepalived服务)

[root@host ~]# vim /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header | wc -l`
if [ $A -eq 0 ]
	then systemctl restart nginx
	sleep 2
	if [ `ps -C nginx --no-header | wc -l ` -eq 0 ]
	then service keepalived stop
	fi
fi
[root@host ~]# chmod +x /etc/keepalived/nginx_check.sh

测试高可用性

[root@host ~]# service keepalived start
[root@host ~]# systemctl start nginx
[root@host ~]# ip addr show | grep 192.168.233.255
[root@host ~]# curl 192.168.233.255

作者：密西西凌

keepalived 负载均衡 Nginx 架构

1024 个赞