IT技术互动交流平台

基于keepalived主从模型实现Nginx的高可用

作者:月下溪泉  发布日期:2013-05-21 09:04:51

置前提:两台主机,主机名为NG1、NG2,分别装有Nginx和keepalived,使用的均为RedHat 6的32位系统,其IP分部如下:

NG1:IP=172.16.15.100
NG2:IP=172.16.15.101

飘逸IP:

IP=172.16.15.200
IP=172.16.15.201

Nginx的安装,需要手动编译;在NG1、NG2主机分别编译安装nginx过程如下:
在编译时确保编译环境是否安好,且pcre-devel、openssl-devel是否安装? www.it165.net
安装编译环境:


# yum groupinstall 'Development Tools' 'Server Platform Libraries' 
# yum install pcre-devel openssl-devel

解压nginx包,并安装:

 

# groupadd -r nginx 
# useradd -r -g nginx -s /sbin/false -M nginx 
# tar -xf nginx-1.4.1.tar.gz 
# ./configure \ 
--prefix=/usr \#默认安装路径 
--sbin-path=/usr/sbin/nginx \#可执行文件路径 
--conf-path=/etc/nginx/nginx.conf \#主配置文件路径 
--error-log-path=/var/log/nginx/error.log \#错误日志路径 
--http-log-path=/var/log/nginx/access.log \#访问日志路径 
--pid-path=/var/run/nginx/nginx.pid  \#pid文件路径 
--lock-path=/var/lock/nginx.lock \#锁文件路径 
--user=nginx \ 
--group=nginx \ 
--with-http_ssl_module \#安装ssl模块 
--with-http_flv_module \#安装flv模块 
--with-http_stub_status_module \#安装状态模块 
--with-http_gzip_static_module \#安装压缩模块 
--http-client-body-temp-path=/var/tmp/nginx/client/ \ #请求报文的主体缓冲路径 
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \ #安装代理路径 
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \ 
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \ 
--http-scgi-temp-path=/var/tmp/nginx/scgi \ 
--with-pcre#安装pcre 
# make && make install

创建Nginx的服务脚本:

 

# vim /etc/rc.d/init.d/nginx 
#!/bin/sh 
# 
# nginx - this script starts and stops the nginx daemon 
# 
# chkconfig:   - 85 15 
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \ 
#               proxy and IMAP/POP3 proxy server 
# processname: nginx 
# config:      /etc/nginx/nginx.conf 
# config:      /etc/sysconfig/nginx 
# pidfile:     /var/run/nginx.pid 
# Source function library. 
. /etc/rc.d/init.d/functions
# Source networking configuration. 
. /etc/sysconfig/network
# Check that networking is up. 
[ "$NETWORKING" = "no" ] && exit 0 
nginx="/usr/sbin/nginx"
prog=$(basename $nginx) 
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() { 
# make required directories 
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -` 
options=`$nginx -V 2>&1 | grep 'configure arguments:'` 
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2` 
if [ ! -d "$value" ]; then
# echo "creating" $value 
mkdir -p $value && chown -R $user $value 
fi
fi
done
} 
start() { 
[ -x $nginx ] || exit 5 
[ -f $NGINX_CONF_FILE ] || exit 6 
make_dirs 
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE 
retval=$? 
echo
[ $retval -eq 0 ] && touch $lockfile 
return $retval 
} 
stop() { 
echo -n $"Stopping $prog: "
killproc $prog -QUIT 
retval=$? 
echo
[ $retval -eq 0 ] && rm -f $lockfile 
return $retval 
} 
restart() { 
configtest || return $? 
stop 
sleep 1 
start 
} 
reload() { 
configtest || return $? 
echo -n $"Reloading $prog: "
killproc $nginx -HUP 
RETVAL=$? 
echo
} 
force_reload() { 
restart 
} 
configtest() { 
$nginx -t -c $NGINX_CONF_FILE 
} 
rh_status() { 
status $prog 
} 
rh_status_q() { 
rh_status >/dev/null 2>&1 
} 
case "$1" in
start) 
rh_status_q && exit 0 
$1 
;; 
stop) 
rh_status_q || exit 0 
$1 
;; 
restart|configtest) 
$1 
;; 
reload) 
rh_status_q || exit 7 
$1 
;; 
force-reload) 
force_reload 
;; 
status) 
rh_status 
;; 
condrestart|try-restart) 
rh_status_q || exit 0 
;; 
*) 
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2: 
# chmod +x /etc/rc.d/init.d/nginx 
# chkconfig --add nginx 
# chkconfig nginx on 
# service nginx start

浏览器上访问其地址,可以看到如下图,说明安装成功!
 


 

为了能更好的显示keepalived双主模型,将两台主机提供不同的页面!
NG1:
 

# mkdir -pv /web/html 
# echo “<h1>NG1.jun.com</h1>” >> /web/html/index.html 
# vim /etc/nginx/nginx.conf 
Server { 
listen 80; 
server_name localhost; 
location / { 
root /web/html; 
index index.html index.htm 
} 
# service nginx reload

访问结果如图:
 


 

NG2:

 

# mkdir -pv /web/html 
# echo “<h1>NG2.jun.com</h1>” >> /web/html/index.html 
# vim /etc/nginx/nginx.conf 
Server { 
listen 80; 
server_name localhost; 
location / { 
root /web/html; 
index index.html index.htm 
} 
# nginx -t    测试配置是否有误 
# service nginx reload

访问测试结果如下图:
 


 

一切就绪,开始手动编译安装keepalived-1.2.7,在编译前请确保openssl-devel、popt-devel是否安装了,不然在编译时会出错!
NG1:
 

# yum install ipvsadm 
# tar -xf keepalived-1.2.7.tar.gz 
# cd keepalived-1.2.7 
# ./configure --prefix=/usr 
# make && make install

Keepalived-1.2.7在安装完成后,其配置文件放在了/usr/etc/keepalived/keepalived.conf,而服务器脚本则放在了/usr/etc/rc.d/init.d/keepalived;为了方便管理应将其配置文件,服务脚本均放在/etc下!

 

# mkdir /etc/keepalived 
# cp /usr/etc/keepalived/keepalived.conf /etc/keepalived/ 
# cp /usr/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/

修改keepalived的服务脚本:

 

# vim /etc/rc.d/init.d/keepalived

只需修改如下内容: 
. /usr/etc/sysconfig/keepalived

配置keepalived.conf实现nginx的高可用:

 

# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived 
global_defs { 
notification_email { 
root@jun.com 
} 
notification_email_from Alexandre.Cassen@firewall.loc 
smtp_server 172.16.15.100 
smtp_connect_timeout 30 
router_id LVS_DEVEL 
} 
vrrp_instance VI_1 { 
stateMASTER 
interface eth0 
virtual_router_id 15 
priority 101 
advert_int 1 
authentication { 
auth_type PASS 
auth_pass 1111 
} 
track_interface { 
eth0 
} 
virtual_ipaddress { 
172.16.15.200/16 dev eth0 label eth0:0 
} 
} 
virtual_server 172.16.15.200 80 { 
delay_loop 6 
lb_algo rr 
lb_kind DR 
nat_mask 255.255.0.0 
persistence_timeout 50 
protocol TCP 
real_server 172.16.15.100 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
real_server 172.16.15.101 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
} 
vrrp_instance VI_2 { 
state BACKUP 
interface eth0 
virtual_router_id 13 
priority 100 
advert_int 1 
authentication { 
auth_type PASS 
auth_pass 1111 
} 
track_interface { 
eth0 
} 
virtual_ipaddress { 
172.16.15.201/16 dev eth0 label eth0:1 
} 
} 
virtual_server 172.16.15.201 80 { 
delay_loop 6 
lb_algo rr 
lb_kind DR 
nat_mask 255.255.0.0 
persistence_timeout 50 
protocol TCP 
real_server 172.16.15.100 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
real_server 172.16.15.101 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
} 
# ipvsadm -L -n


通过浏览器访问飘逸IP172.16.15.200,如下图:

 

 

 

NG2的配置、安装和NG1一样!只不过keepalived.conf的配置和NG2有所不同


# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived 
global_defs { 
notification_email { 
root@jun.com 
} 
notification_email_from Alexandre.Cassen@firewall.loc 
smtp_server 172.16.15.101 
smtp_connect_timeout 30 
router_id LVS_DEVEL 
} 
vrrp_instance VI_1 { 
state BACKUP 
interface eth0 
virtual_router_id 15 
priority 100 
advert_int 1 
authentication { 
auth_type PASS 
auth_pass 1111 
} 
track_interface { 
eth0 
} 
virtual_ipaddress { 
172.16.15.200/16 dev eth0 label eth0:0 
} 
} 
virtual_server 172.16.15.200 80 { 
delay_loop 6 
lb_algo rr 
lb_kind DR 
nat_mask 255.255.0.0 
persistence_timeout 50 
protocol TCP 
real_server 172.16.15.100 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
real_server 172.16.15.101 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
} 
vrrp_instance VI_2 { 
state MASTER 
interface eth0 
virtual_router_id 13 
priority 101 
advert_int 1 
authentication { 
auth_type PASS 
auth_pass 1111 
} 
track_interface { 
eth0 
} 
virtual_ipaddress { 
172.16.15.201/16 dev eth0 label eth0:1 
} 
} 
virtual_server 172.16.15.201 80 { 
delay_loop 6 
lb_algo rr 
lb_kind DR 
nat_mask 255.255.0.0 
persistence_timeout 50 
protocol TCP 
real_server 172.16.15.100 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
real_server 172.16.15.101 80 { 
weight 1 
HTTP_GET { 
url { 
path / 
status_code 200 
} 
connect_timeout 2 
nb_get_retry 3 
delay_before_retry 1 
} 
} 
}

通过浏览器访问飘逸IP172.16.15.201,结果如下图:
 


模拟NG2主机损坏,看NG2中的飘逸IP的变化!


# service keepalived stop 
# ifconfig

可以看到eth0:1不在显示,此IP飘逸到了NG1主机上了,如下图!
 


Nginx的高可用实现成功!


Tag标签: keepalived   主从模型   Nginx  
  • 专题推荐

About IT165 - 广告服务 - 隐私声明 - 版权申明 - 免责条款 - 网站地图 - 网友投稿 - 联系方式
本站内容来自于互联网,仅供用于网络技术学习,学习中请遵循相关法律法规