如何实现Nginx+Keepalived中Nginx进程的高可用
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了如何实现Nginx+Keepalived中Nginx进程的高可用相关的知识,希望对你有一定的参考价值。
此架构我简单说明下:
一般为了维护方便,企业网站的服务器都在自己的内部机房里,只开放了Keepalived的VIP地址的两个端口80、443,通过Juniper SSG550防火墙映射出去,外网DNS对应映射后的公网IP。此架构的防火墙及网络安全说明如下:此系统架构仅映射内网VIP的80及443端口于外网的Juniper SSG550防火墙下,其他端口均关闭,内网所有机器均关闭iptables及ipfw防火墙;外网DNS指向即通过Juniper或华赛USG5000映射出来的外网地址。本节内容出自我的项目方案,这种负载均衡方式同时也应用于我公司的电子商务网站中,目前已稳定上线一年多了。通过下面的内容,大家可以迅速架构一个企业级 的负载均衡高可用的Web环境。在负载均衡高可用技术上,我一直主力推崇以nginx+Keepalived作Web的负载均衡高可用架构,并积极将其应 用于真实项目中,此架构极适合灵活稳定的环境。Nginx负载均衡作服务器遇到的故障一般有:服务器网线松动等网络故障;服务器硬件故障发生损坏现象而crash;Nginx服务进程死掉(这种情况理论上会遇到,但事实上我线上的服务器没有出现过这种情况,足以证明了Nginx作为负载均衡器/反向代理服务器的稳定性,我们可以通过技术手段来解决这一问题);
具体实施步骤如下:
一、安装和配置Nginx及Keepalived,没什么技术含量,大家可以参考我的专题系列的文章,如下地址http://network.51cto.com/art/201007/209823.htm。
二、编写SHELL脚本,来实现Nginx服务进程的高HA,脚本内容如下:
#!/bin/bashwhile :
do
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 5
nginxpid=`ps -C nginx --no-header | wc -l`
echo $nginxpid
if [ $nginxpid -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi
sleep 5
done
我稍为解释一下,这是一个无限循环的脚本,放在主Nginx机器上(因为目前主要 是由它提供服务),每隔5秒执行一次,用ps -C 命令来收集nginx的PID值到底是否为0,如果是0的话(即Nginx进程死掉了),尝试启动nginx进程;如果继续为0,即nginx启动失改, 则关闭本机的Keeplaived进程,VIP地址则会由备机接管,当然了,整个网站就会由备机的Nginx来提供服务了,这样保证Nginx进程的高可用。
当然还有别的办法,比如我们可以写另外的SHELL脚本,每隔5秒wget首页的index.php或index.jsp文件或ping网站的VIP地 址,如果$?返回码为非零值(即错误),我们也可以关闭主Nginx机器,由备机接管,有兴趣的朋友可以自行编写这些脚本。
参考技术A LVS哦 看wo 网名行解决问题哦啊Nginx+Keepalived高可用负载均衡
转自 https://www.jianshu.com/p/da26df4f7d60 Keepalived+Nginx实现高可用Web负载均衡 Master 192.168.0.69 nginx、keepalived Centos7.4 backup 192.168.0.70 nginx、keepalived Centos7.4 vip(虚拟IP) 192.168.0.180 192.168.0.181 1、两台都安装nginx,参照安装nginx文档 2、 两台都安装Keepalived yum install -y libnl libnl-devel libnfnetlink-devel popt-devel cd /usr/local/src/ tar -zxvf keepalived-1.2.18.tar.gz cd keepalived-1.2.18 ./configure --prefix=/usr/local/keepalived make && make install 3、将keepalived安装成Linux系统服务 mkdir /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ ln -s /usr/local/sbin/keepalived /usr/sbin/ ln -s /usr/local/keepalived/sbin/keepalived /sbin/ ln -s /usr/local/keepalived/sbin/keepalived /usr/local/sbin/ chkconfig keepalived on 4、修改keepalived配置文件 接下来就是配置了,很简单,之前的删除,直接复制下面配置文件 先是主服务器: vi /etc/keepalived/keepalived.conf global_defs { notification_email #通知email,根据实际情况配置 { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 stmp_connect_timeout 30 router_id node1 #节点名标识,主要用于通知中 } vrrp_script chk_http_port { script "/usr/local/keepalived/nginx.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_instance VI_NODE_1 { state MASTER #配置为主服务器 interface ens33 #通讯网卡 virtual_router_id 100 #路由标识 priority 200 #优先级,0-254 advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时 authentication { auth_type PASS auth_pass 123456 #验证密码,用于通讯主机间验证 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.180 #虚拟ip,可以定义多个 } } vrrp_instance VI_NODE_2 { state MASTER #配置为主服务器 interface ens33 #通讯网卡 virtual_router_id 101 #路由标识 priority 100 #优先级,0-254 advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时 authentication { auth_type PASS auth_pass 123456 #验证密码,用于通讯主机间验证 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.181 #虚拟ip,可以定义多个 } } 接下是从服务器设置: vi /etc/keepalived/keepalived.conf global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 stmp_connect_timeout 30 router_id node2 } vrrp_script chk_http_port { script "/usr/local/keepalived/nginx.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_instance VI_NODE_1 { state BACKUP #与主服务器对应 interface ens33 #从服务器的通信网卡 virtual_router_id 100 #路由标识,和主服务器相同 priority 100 #优先级,小于主服务器即可 advert_int 5 #这里是接受通知间隔,与主服务器要设置相同 authentication { auth_type PASS auth_pass 123456 #验证密码,与主服务器相同 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.180 #虚拟IP,也要和主服务器相同 } } vrrp_instance VI_NODE_2 { state BACKUP #与主服务器对应 interface ens33 #从服务器的通信网卡 virtual_router_id 101 #路由标识,和主服务器相同 priority 100 #优先级,小于主服务器即可 advert_int 5 #这里是接受通知间隔,与主服务器要设置相同 authentication { auth_type PASS auth_pass 123456 #验证密码,与主服务器相同 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.181 #虚拟IP,也要和主服务器相同 } } 5 两个节点配置check_ngixn脚本 当脚本检测到nginx没有运行的时候会尝试去启动nginx以此,如果失败则停掉keepalived进程 vi /usr/local/keepalived/nginx.sh #!/bin/bash A=`ps -C nginx –no-header |wc -l` if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx #nginx命令的路径 sleep 3 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi 6、启动keepalived [[email protected] ~]# service keepalived start Starting keepalived (via systemctl): [ OK ] 7、查看虚拟ip在哪台上, 注意过两分钟才出现vip [[email protected] ~]# ip a [[email protected] ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:24:21:c4 brd ff:ff:ff:ff:ff:ff inet 192.168.0.69/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.0.180/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.0.181/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::d675:3ae7:5113:ad71/64 scope link noprefixroute valid_lft forever preferred_lft forever 8、我们修改两个nginx的首页信息,在首页中加入各自的IP地址 vi /usr/local/nginx/html/index.html <h1>Welcome to nginx! 192.168.0.69</h1> 9、访问:http://192.168.0.180/ http://192.168.0.181/ Welcome to nginx! 192.168.0.69 If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx. 10、高可用切换 在192.168.0.69停止keepalived , 查看192.168.0.180飘到了192.168.0.70上 service keepalived stop 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:ba:67:74 brd ff:ff:ff:ff:ff:ff inet 192.168.0.70/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.0.180/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::6c33:a5d6:2ea9:d781/64 scope link noprefixroute valid_lft forever preferred_lft forever inet6 fe80::d675:3ae7:5113:ad71/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft forever
报错解决:
1、
[[email protected] keepalived-1.3.5]# ./configure --prefix=/usr/local/keepalived
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS
yum -y install libnl libnl-devel
2、
configure: error: libnfnetlink headers missing
yum install -y libnfnetlink-devel
3、
安装keepalived出错./configure: error: Popt libraries is required
yum? -y? install? popt-devel
4、
[[email protected] keepalived-1.2.8]# /etc/rc.d/init.d/keepalived start
Starting keepalived (via systemctl): Job for keepalived.service failed because the control process exited with error code. See "systemctl status keepalived.service" and "journalctl -xe" for details.
[FAILED]
[[email protected] keepalived-1.2.8]# ln -s /usr/local/keepalived/sbin/keepalived /usr/bin/
[[email protected] keepalived-1.2.8]# /etc/init.d/keepalived start
Starting keepalived (via systemctl): [ OK ]
以上是关于如何实现Nginx+Keepalived中Nginx进程的高可用的主要内容,如果未能解决你的问题,请参考以下文章