论坛 › keepalived › Centos6下nginx+keepalived构建高可用web集群

CHSHJ 发表于 2018-12-31 11:22:16

Centos6下nginx+keepalived构建高可用web集群

　　1）拓扑描述：
http://s2.运维网.com/wyfs02/M01/89/CA/wKiom1gcU2yTgDzgAADirr4wI8M594.png
　　2) nginx的安装准备
　　pcre:兼容的正则表达式，nginx也要支持伪静态
# yum -y install pcre pcre-devel
# yum -y install openssl*
# mkdir -p /application/nginx1.6.2
# ln -s /application/nginx1.6.2 /application/nginx　　3) 安装nginx

# cd /usr/local/src
# tar xf nginx-1.6.2.tar.gz
# cd nginx-1.6.2
# useradd nginx -s /sbin/nologin -M
# ./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
# echo $?
0
# make && make install　　4) 启动nginx

检查语法：
# /application/nginx1.6.2/sbin/nginx -t
nginx: the configuration file /application/nginx1.6.2/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx1.6.2/conf/nginx.conf test is successful
启动nginx：
# /application/nginx/sbin/nginx
查看端口号：
# lsof -i :80
COMMAND   PIDUSER   FD   TYPE DEVICE SIZE/OFF NODE NAME
nginx   14603root    6uIPv429397      0t0TCP *:http (LISTEN)
nginx   14604 nginx    6uIPv429397      0t0TCP *:http (LISTEN)
# netstat -tunlp | grep nginx
tcp      0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      14603/nginx
测试网页页面：
# curl -I localhost
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Tue, 20 Sep 2016 02:17:20 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 20 Sep 2016 02:11:05 GMT
Connection: keep-alive
ETag: "57e09ab9-264"
Accept-Ranges: bytes　　5）配置nginx启动脚本

# vim /etc/init.d/nginx
#!/bin/sh
# chkconfig: 2345 85 15
# description:Nginx Server
# nginx的安装目录
NGINX_HOME=/application/nginx
# nginx的命令
NGINX_SBIN=$NGINX_HOME/sbin/nginx
# nginx的配置文件
NGINX_CONF=$NGINX_HOME/conf/nginx.conf
# nginx的pid
NGINX_PID=$NGINX_HOME/logs/nginx.pid
NGINX_NAME="Nginx"
. /etc/rc.d/init.d/functions
if [ ! -f $NGINX_SBIN ]
then
    echo "$NGINX_NAME startup: $NGINX_SBIN not exists! "
    exit
fi
start() {
    $NGINX_SBIN -c $NGINX_CONF
    ret=$?
    if [ $ret -eq 0 ]; then
      action $"Starting $NGINX_NAME: " /bin/true
    else
      action $"Starting $NGINX_NAME: " /bin/false
    fi
}
stop() {
    kill `cat $NGINX_PID`
    ret=$?
    if [ $ret -eq 0 ]; then
      action $"Stopping $NGINX_NAME: " /bin/true
    else
      action $"Stopping $NGINX_NAME: " /bin/false
    fi
}
restart() {
    stop
    start
}
check() {
    $NGINX_SBIN -c $NGINX_CONF -t
}

reload() {
    kill -HUP `cat $NGINX_PID` && echo "reload success!"
}
relog() {
    kill -USR1 `cat $NGINX_PID` && echo "relog success!"
}
case "$1" in
    start)
      start
      ;;
    stop)
      stop
      ;;
    restart)
      restart
      ;;
    check|chk)
      check
      ;;
    status)
      status -p $NGINX_PID
      ;;
    reload)
      reload
      ;;
    relog)
      relog
      ;;
    *)
      echo $"Usage: $0 {start|stop|restart|reload|status|check|relog}"
      exit 1
esac
# chmod +x /etc/init.d/nginx
# /etc/init.d/nginx start
# chkconfig --add nginx
# chkconfig nginx on　　6) 配置nginx的upstream功能（两台负载均衡器上做相同的配置）
# egrep -v '#' /application/nginx/conf/nginx.conf|grep -v '^$'
worker_processes1;
events {
    worker_connections1024;
}
http {
    include       mime.types;
    default_typeapplication/octet-stream;
    include extra/upstream01.conf;
    sendfile      on;
    keepalive_timeout65;
    server {
      listen       80;
      server_namelocalhost;
      location / {
            root   html;
            indexindex.html index.htm;
      }
      error_page   500 502 503 504/50x.html;
      location = /50x.html {
            root   html;
      }
    }
}
说明：注意include extra/upstream01.conf这个文件，是引用此文件(两台负载均衡器上做系统的nginx配置)
# mkdir -p /application/nginx/conf/extra/
# vim /application/nginx/conf/extra/upstream01.conf
upstream nginx.wanwan.com {
server 10.10.10.128:80 weight=5;
server 10.10.10.132:80 weight=5;
    }
server {
listen80;
server_namenginx.wanwan.com;
location / {
proxy_pass http://nginx.wanwan.com;
}
}
# /etc/init.d/nginx restart
Stopping Nginx:                                          [确定]
Starting Nginx:                                          [确定]　　

　　7）keepalived的安装
# cd /usr/local/src
# wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz
# ln -s /usr/src/kernels/2.6.32-573.el6.x86_64/ /usr/src/linux
# ls -l /usr/src
总用量 244
drwxr-xr-x. 2 root root   4096 9月23 2011 debug
-rw-r--r--1 root root 241437 1月28 2014 keepalived-1.1.19.tar.gz
drwxr-xr-x. 3 root root   4096 7月   5 23:49 kernels
lrwxrwxrwx1 root root   39 8月31 08:49 linux -> /usr/src/kernels/2.6.32-573.el6.x86_64/
# tar xf keepalived-1.1.19.tar.gz
# cd keepalived-1.1.19
# ./configure
# make && make install
# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
# mkdir -p /etc/keepalived
# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
# cp /usr/local/sbin/keepalived /usr/sbin/
# /etc/init.d/keepalived start
正在启动 keepalived：                                    [确定]
# ps -ef | grep keepalived
root      18750      10 22:55 ?      00:00:00 keepalived -D
root      18752187500 22:55 ?      00:00:00 keepalived -D
root      18753187500 22:55 ?      00:00:00 keepalived -D
root      18755186640 22:55 pts/0    00:00:00 grep keepalived
keepalived-master的配置文件/etc/keepalived/keepalived.conf
# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
   314324506@qq.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id nginx_7
}
vrrp_instance VI_231 {
    state MASTER
    interface eth0
    virtual_router_id 231
    priority 150
    advert_int 1
    authentication {
      auth_type PASS
      auth_pass 1111
    }
    virtual_ipaddress {
      10.10.10.231/24
    }
}
}
keepalived-slave的配置文件/etc/keepalived/keepalived.conf
# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
   314324506@qq.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id nginx_7
}
vrrp_instance VI_231 {
    state BACKUP
    interface eth0
    virtual_router_id 231
    priority 100
    advert_int 1
    authentication {
      auth_type PASS
      auth_pass 1111
    }
    virtual_ipaddress {
      10.10.10.231/24
    }
}
}　　8) 测试keepalived的功能（VIP为10.10.10.231)
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:3e:f8 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.131/24 brd 10.10.10.255 scope global eth0
    inet 10.10.10.231/24 scope global secondary eth0
    inet6 fe80::20c:29ff:fed7:3ef8/64 scope link
       valid_lft forever preferred_lft forever
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:71:33:eb brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.135/24 brd 10.10.10.255 scope global eth0
    inet6 fe80::20c:29ff:fe71:33eb/64 scope link
       valid_lft forever preferred_lft forever
关闭主负载均衡上的keepalived功能
# /etc/init.d/keepalived stop
停止 keepalived：                                          [确定]
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:3e:f8 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.131/24 brd 10.10.10.255 scope global eth0
    inet6 fe80::20c:29ff:fed7:3ef8/64 scope link
       valid_lft forever preferred_lft forever
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:71:33:eb brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.135/24 brd 10.10.10.255 scope global eth0
    inet 10.10.10.231/24 scope global secondary eth0
    inet6 fe80::20c:29ff:fe71:33eb/64 scope link
       valid_lft forever preferred_lft forever
由上，我们可以知道vip很快就进行了切换，那么我们恢复主负载均衡器上的keepalived功能：
# /etc/init.d/keepalived start
正在启动 keepalived：                                    [确定]
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:3e:f8 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.131/24 brd 10.10.10.255 scope global eth0
    inet 10.10.10.231/24 scope global secondary eth0
    inet6 fe80::20c:29ff:fed7:3ef8/64 scope link
       valid_lft forever preferred_lft forever
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:71:33:eb brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.135/24 brd 10.10.10.255 scope global eth0
    inet6 fe80::20c:29ff:fe71:33eb/64 scope link
       valid_lft forever preferred_lft forever
由上，我们发现当主负载均衡器恢复后，vip很快就切换过来了（因为主负载均衡器上的优先级更高）　　9）测试nginx的反向代理功能

# curl 10.10.10.128
mysql successful by oldboy !
# curl 10.10.10.132
this is web02's website　　然后我们在客户端打开nginx.wanwan.com
http://s1.运维网.com/wyfs02/M02/89/C8/wKioL1gcU-DjowozAABMVcbnhoU953.png
　　按F5刷新：
http://s1.运维网.com/wyfs02/M00/89/CA/wKiom1gcU-DRKKrtAAA_BlFDMCI648.png
# /etc/init.d/nginx stop
Stopping Nginx:                                          [确定]
# ip add list
1: lo:mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:3e:f8 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.131/24 brd 10.10.10.255 scope global eth0
    inet 10.10.10.231/24 scope global secondary eth0
    inet6 fe80::20c:29ff:fed7:3ef8/64 scope link
       valid_lft forever preferred_lft forever
# /etc/init.d/keepalived stop
停止 keepalived：http://s5.运维网.com/wyfs02/M02/89/C8/wKioL1gcVOahs1YUAABK74YFZYY434.png
http://s1.运维网.com/wyfs02/M01/89/C8/wKioL1gcVOfzfB13AABH_SsJYKs009.png
　　由上可知，后端网页仍旧正常。
　　

　　10）注意事项
　　a、注意关闭负载均衡器以及web后端服务器的iptables以及selinux功能

　　b、两台负载均衡器上关于nginx配置是一致的，keepalived有不同的优先级
　　

查看完整版本: Centos6下nginx+keepalived构建高可用web集群