nginx+keepalived实现双主负载均衡

gir 发表于 2013-9-26 09:31:20

测试环境如下：

系统：Ceentos 6.4 64位

nginx服务器 no1：172.16.4.7 vip：172.16.4.55

nginx服务器 no2：172.16.4.11 vip：172.16.4.56

No1、no2双机互信

#vim /etc/hosts

172.16.4.7 no1.test.com no1

172.16.4.11 no2.test.com no2

No1:

#ssh-keygen -t rsa -P ‘’

#ssh-copy-id -i .ssh/id_rsa.pub root@no2.test.com

No2:

#ssh-keygen -t rsa -P ‘’

#ssh-copy-id -i .ssh/id_rsa.pub root@no1.test.com

还要确保两个节点时间同步

一、Nginx+keepalived 安装

nginx-1.4.2.tar.gz

#yum -y install keepalived

1、安装编译所依赖的包pcre-devel openssl-devel

# yum -y install pcre-devel openssl-devel

2、解压并添加用户nginx，以nginx的身份运行服务

#tar xf nginx-1.4.2.tar.gz -C /usr/local/

#cd /usr/local/nginx-1.4.2

# groupadd -r nginx

# useradd -r -g nginx nginx

3、编译和安装

# ./configure

--prefix=/usr

--sbin-path=/usr/sbin/nginx

--conf-path=/etc/nginx/nginx.conf

--error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log

--pid-path=/var/run/nginx/nginx.pid

--lock-path=/var/lock/nginx.lock

--user=nginx

--group=nginx

--with-http_ssl_module

--with-http_flv_module

--with-http_stub_status_module

--with-http_gzip_static_module

--http-client-body-temp-path=/var/tmp/nginx/client/

--http-proxy-temp-path=/var/tmp/nginx/proxy/

--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/

--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi

--http-scgi-temp-path=/var/tmp/nginx/scgi

--with-pcre

编译过程中如果提示我们还需要依赖某个包时，我们要安装对应的devel包

# make && make install

4、为nginx提供SysV init脚本

脚本存放位置/etc/rc.d/init.d/nginx

#!/bin/sh

#

# nginx - this script starts and stops the nginx daemon

#

# chkconfig: - 85 15

# description: Nginx is an HTTP(S) server, HTTP(S) reverse

# proxy and IMAP/POP3 proxy server

# processname: nginx

# config: /etc/nginx/nginx.conf

# config: /etc/sysconfig/nginx

# pidfile: /var/run/nginx.pid

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/sbin/nginx"

prog=$(basename $nginx)

NGINX_CONF_FILE="/etc/nginx/nginx.conf"

[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx

lockfile=/var/lock/subsys/nginx

make_dirs() {

# make required directories

user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=([^ ]*).*//g' -`

options=`$nginx -V 2>&1 | grep 'configure arguments:'`

for opt in $options; do

if [ `echo $opt | grep '.*-temp-path'` ]; then

value=`echo $opt | cut -d "=" -f 2`

if [ ! -d "$value" ]; then

# echo "creating" $value

mkdir -p $value && chown -R $user $value

fi

fi

done

}

start() {

[ -x $nginx ] || exit 5

[ -f $NGINX_CONF_FILE ] || exit 6

make_dirs

echo -n $"Starting $prog: "

daemon $nginx -c $NGINX_CONF_FILE

retval=$?

echo

[ $retval -eq 0 ] && touch $lockfile

return $retval

}

stop() {

echo -n $"Stopping $prog: "

killproc $prog -QUIT

retval=$?

echo

[ $retval -eq 0 ] && rm -f $lockfile

return $retval

}

restart() {

configtest || return $?

stop

sleep 1

start

}

reload() {

configtest || return $?

echo -n $"Reloading $prog: "

killproc $nginx -HUP

RETVAL=$?

echo

}

force_reload() {

restart

}

configtest() {

$nginx -t -c $NGINX_CONF_FILE

}

rh_status() {

status $prog

}

rh_status_q() {

rh_status >/dev/null 2>&1

}

case "$1" in

start)

rh_status_q && exit 0

$1

;;

stop)

rh_status_q || exit 0

$1

;;

restart|configtest)

$1

;;

reload)

rh_status_q || exit 7

$1

;;

force-reload)

force_reload

;;

status)

rh_status

;;

condrestart|try-restart)

rh_status_q || exit 0

;;

*)

echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"

exit 2

esac

而后为此脚本赋予执行权限：

# chmod +x /etc/rc.d/init.d/nginx

添加至服务管理列表，并让其开机自动启动：

# chkconfig --add nginx

# chkconfig nginx on

而后就可以启动服务并测试了：

# service nginx start

二、no1 配置

# mkdir -p /web/htdocs

# echo "172.16.4.7" > /web/htdocs/index.html

#vim /etc/nginx/nginx.conf

server {

listen 80;

server_name localhost;

location / {

root /web/htdocs;

index index.html index.htm;

}

配置完成后重新加载服务

#service nginx reload

测试使用curl命令请求或在浏览器访问

# curl 172.16.4.7

172.16.4.7

三、no1的Keepalived配置

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from keepadmin@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_nginx {

script "killall -0 nginx"

interval 2

weight -2

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 55

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

172.16.4.55

}

track_script {

chk_nginx

}

}

vrrp_instance VI_2 {

state BACKUP

interface eth0

virtual_router_id 56

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

172.16.4.56

}

track_script {

chk_nginx

}

}

四、no2的nginx配置以及keepalived配置

可以将no1的配置发送到no2上
#cd /etc/keepalived
#scp keepalived.conf no2:/etc/keepalived/
然后在其keepalived配置中修改下面选项：

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 55

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

172.16.4.55

}

track_script {

chk_nginx

}

}

vrrp_instance VI_2 {

state MASTER

interface eth0

virtual_router_id 56

priority100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

172.16.4.56

}

track_script {

chk_nginx

}

}

五、测试

分别在2台nginx上重启启动nginx和keepalived服务，然后停掉其中一台的服务，查看资源能否转移到另一台nginx上,

查看方式：

#ip addr show

#ip a
查看no1：

查看no2：

将no1节点服务停掉，然后查看资源转移情况

再将no1的服务开启查看资源转移

#tail /var/log/messages

#tail -f /var/log/messages #实时查看，不会退出日志

或者在浏览器访问我们定义的vip查看，这里我们就不演示了

shaerzzr 发表于 2013-9-30 03:15:29

关羽五绺长髯，风度翩翩，手提青龙偃月刀，江湖人送绰号——刀郎。

shilang 发表于 2013-10-6 23:16:07

修养的艺术,其实就是说谎的艺术。

天成1 发表于 2013-10-13 13:47:49

人生重要的不是所站的位置，而是所朝的方向!

sqtsqt 发表于 2013-10-21 19:30:07

沒有激情的亲吻，哪來床上的翻滾？

鄂破机看 发表于 2013-10-30 18:23:01

俺从不写措字，但俺写通假字!

359025439 发表于 2013-11-17 22:54:51

关羽五绺长髯，风度翩翩，手提青龙偃月刀，江湖人送绰号——刀郎。

页: [1]

运维网's Archiver

nginx+keepalived实现双主负载均衡