基于keepalived的nginx负载均衡的双机热备

文章目录说明：一、安装nginx二、nginx负载均衡配合keepalived服务案例实战0. 拓扑1. 在192.168.1.11和192.168.1.12上配置nginx的代理服务器功能，配置如下1.11 nginx配置1.12 nginx配置2. 在192.168.1.11 和192.168.1.12 上配置keepalived服务1.11 keepalived配置1.12 keepalived配置3. 启动nginx和keepalived服务4. 解决服务监听网卡上不存在ip地址问题5. yum安装1.13 和 1.14的apache6. 配置首页7. 启动httpd服务8. 在windows上测试9. 将主用lb的服务关闭10. 实验到此结束 ！问题： 说明： 环境为centos 6.6 nginx软件为 nginx-1.6.2.tar.gz 一、安装nginx ### 一定要配置好yum # 1.6.1安装nginx所需的pcre库 yum install pcre pcre-devel -y rpm -qa pcre pcre-devel # 1.6.2安装openssl openssl-devel以及zlib程序 yum -y install zlib zlib-devel yum -y install openssl openssl-devel # 1.6.3 创建nginx账号 useradd -s /sbin/nologin -M nginx # 安装 tar -zxvf nginx-1.6.2.tar.gz cd nginx-1.6.2 ./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.2 --with-http_stub_status_module --with-http_ssl_module && make && make install echo $? # 1.6.5指定软连接 ln -s /application/nginx-1.6.2/ /application/nginx # 检查nginx的配置文件的语法 /application/nginx/sbin/nginx -t # 1.将nginx的路径加入系统默认的搜索路径并写入登录脚本 echo 'PATH=$PATH:/application/nginx/sbin' >>/etc/profile # 重新加载系统脚本 . /etc/profile # 1.7 测试访问nginx的网站 # 1方法1 # curl -I 127.0.0.1 # 方法2 # wget 127.0.0.1 二、nginx负载均衡配合keepalived服务案例实战 0. 拓扑 [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-TC6CfZUx-1586523244533)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410180900979.png)]

角色	ip地址	软件安装
lb01	192.168.1.11	keepalived、nginx
lb02	192.168.1.12	keepalived、nginx
web01	192.168.1.13	apache
web02	192.168.1.14	apache

1. 在192.168.1.11和192.168.1.12上配置nginx的代理服务器功能，配置如下 1.11 nginx配置

​ cat /application/nginx/conf/nginx.conf

worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream www_server_pools { server 192.168.1.13:80 weight=1; server 192.168.1.14:80 weight=1; } server { listen 192.168.1.113:80; server_name www.hdxy.com; location / { proxy_pass http://www_server_pools; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } } 1.12 nginx配置

​ cat /application/nginx/conf/nginx.conf

worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream www_server_pools { server 192.168.1.13:80 weight=1; server 192.168.1.14:80 weight=1; } server { listen 192.168.1.113:80; server_name www.hdxy.com; location / { proxy_pass http://www_server_pools; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } } 2. 在192.168.1.11 和192.168.1.12 上配置keepalived服务

​ ( 首先用 yum -y install keepalived 安装keepalived)

1.11 keepalived配置

​ cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL01 } vrrp_instance VI_1 { state MASTER interface eth0 # 注意本机网卡 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡 } } 1.12 keepalived配置

​ cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL02 } vrrp_instance VI_1 { state BACKUP interface eth0 # 注意本机网卡 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡 } } 3. 启动nginx和keepalived服务 /application/nginx/sbin/nginx /etc/init.d/keepalived start 4. 解决服务监听网卡上不存在ip地址问题 echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf sysctl -p 5. yum安装1.13 和 1.14的apache yum -y install httpd 6. 配置首页 echo "wo shi 192.168.1.13 " >/var/www/html/index.html echo "wo shi 192.168.1.14 " >/var/www/html/index.html 7. 启动httpd服务 /etc/init.d/httpd start 8. 在windows上测试 # 先关闭防火墙 和 setenforce service iptables stop setenforce 0

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-85qQqhvc-1586523244535)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410203441155.png)]

9. 将主用lb的服务关闭 /etc/init.d/keepalived stop # 停掉 keepalived ip addr|grep 192.168.1.113 # 查看ip信息 #inet 192.168.1.113/32 scope global eth0:1

​ 发现备用lb可以正常接管

10. 实验到此结束 ！ 问题：

​ 正常情况下，keepalived软件仅仅在对方机器宕机或keepalived停掉的时候才会接管业务，但在实际中，有一种情况是，nginx反向代理停掉，而keepalived服务还在工作的情况，这个问题会导致用户访问的vip无法找到对应的服务，如何解决这个问题呢？

可以写守护程序 当nginx业务有问题的时候，就停掉本地的keepalived服务，实现备用lb的自动接管

#!/bin/bash # file name check_nginx.sh while true do if [ `netstat -lntup|grep nginx|wc -l` -ne 1 ] ;then /etc/init.d/keepalived stop fi sleep 2 done

在后台运行脚本

sh check_nginx.sh &

模拟nginx业务挂掉

/application/nginx/sbin/nginx -s stop ip addr|grep 192.168.1.113 #inet 192.168.1.113/32 scope global eth0:1

发现ip地址漂移到备用lb了

ived stop
fi
sleep 2
done

- 在后台运行脚本 ```shell sh check_nginx.sh &

模拟nginx业务挂掉

/application/nginx/sbin/nginx -s stop ip addr|grep 192.168.1.113 #inet 192.168.1.113/32 scope global eth0:1

发现ip地址漂移到备用lb了

作者：Yomance

双机热备 keepalived nginx负载均衡 Nginx