lvs+keepalived+nginx环境搭建

buhong

Redhat搭建centos镜像作为yum源

1.查询redhat的yum安装包

[root@localhost ~]# rpm -qa | grep yum

yum-plugin-fastestmirror-1.1.30-37.el6.noarch
yum-metadata-parser-1.1.2-16.el6.i686
yum-utils-1.1.30-37.el6.noarch
yum-plugin-security-1.1.30-37.el6.noarch
yum-3.2.29-75.el6.centos.noarch
yum-rhn-plugin-0.9.1-43.el6.noarch

2.删除原有的yum

[root@localhost ~]# rpm -qa | grep yum |xargs rpm -e --nodeps

[root@localhost ~]# rpm -qa | grep yum

3.下载需要的安装包

python-urlgrabber-3.9.1-11.el6.noarch.rpm

yum-metadata-parser-1.1.2-16.el6.x86_64.rpm

yum-3.2.29-81.el6.centos.noarch.rpm

yum-plugin-fastestmirror-1.1.30-40.el6.noarch.rpm

yum-utils-1.1.30-40.el6.noarch.rpm

4.安装rpm包

[root@localhost soft]# rpm -ivh --force python-urlgrabber-3.9.1-11.el6.noarch.rpm

[root@localhost soft]# rpm -ivh yum-*.rpm

[root@localhost ~]# mkdir /yum

上传镜像到/yum目录下面，并且配置yum源

[root@localhost soft]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# vi redhat.repo

[base]

name=RedHat

baseurl=file:///yum

enabled=1

gpgcheck=0

gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

[root@localhost yum.repos.d]# yum clean all

[root@localhost yum.repos.d]# yum repolist

                           Nginx代理HA集群的配置

1.在两台机器上分别安装keepalived,做nginx代理的HA集群。

主机安装keepalived

[root@localhost soft]# tar -zxvf keepalived-1.2.7.tar.gz

[root@localhost soft]# cd keepalived-1.2.7

[root@localhost keepalived-1.2.7]# yum -y install popt-devel

[root@localhost keepalived-1.2.7]# ./configure --prefix=/usr/local/keepalived/

[root@localhost keepalived-1.2.7]# make

[root@localhost keepalived-1.2.7]# make install

[root@localhost keepalived-1.2.7]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

[root@localhost keepalived-1.2.7]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

[root@localhost keepalived-1.2.7]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@localhost keepalived-1.2.7]# mkdir /etc/keepalived

[root@localhost keepalived-1.2.7]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

[root@localhost keepalived-1.2.7]# cd /etc/keepalived/

[root@localhost keepalived-1.2.7]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_instance VI_1 {

    state MASTER                （主的身份）

    interface eth0                （主的网卡接口）

    virtual_router_id 51

    mcast_src_ip 192.168.0.111        （主的IP地址）

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.0.114

    }

}

备机安装keepalived

安装过程一致如上，配置文件如下

[root@localhost keepalived]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_instance VI_1 {

    state SLAVER

    interface eth0

    virtual_router_id 51

    mcast_src_ip 192.168.0.112

    priority 90

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.0.114

    }

}

2.两台机器上启动keepalived服务

[root@localhost ~]# service  keepalived restart

3.在主机上查看是否有虚拟IP地址

4.监控和主备切换

编写脚本

[root@localhost ~]# cat nginx_check.sh

#!/bin/bash

a=`ps -C nginx --no-header | wc -l`

if [ $a -eq 0 ];then

    /usr/local/nginx/sbin/nginx &> /dev/null

    sleep 3

    if [ `ps -C nginx --no-header | wc -l` -eq 0 ];then

        service keepalived stop &> /dev/null

    fi

fi

[root@localhost ~]# chmod +x /root/nginx_check.sh

脚本写好后，现在到keepalived的配置文件中调用脚本

[root@localhost ~]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_script check_nginx_status {

    script "/root/nginx_check.sh"

    interval 2

    }

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    mcast_src_ip 192.168.0.111

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    track_script {

        check_nginx_status

    }

    virtual_ipaddress {

        192.168.0.114

    }

}

Lvs负载均衡

1.在主机器上安装ipvsadm

[root@bogon ~]# yum -y install ipvsadm

2.使用keepalived来管理lvs

[root@bogon ~]# cat  /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_script check_nginx_status {

    script "/root/nginx_check.sh"

    interval 2

    }

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

     track_script {

        check_nginx_status

    }

    virtual_ipaddress {

        192.168.0.114

    }

}

virtual_server 192.168.0.114 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    nat_mask 255.255.255.0

    persistence_timeout 50

    protocol TCP

    real_server 192.168.0.111 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

    }

}

    real_server 192.168.0.112 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

        }

    }

}

3.编写lvs管理脚本

[root@bogon ~]# cat lvs_keepd.sh

#!/bin/sh

#description:start realserver

vip=192.168.0.114

source /etc/rc.d/init.d/functions

case "$1" in

start)

    echo "start server"

    /sbin/ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up

    echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore

    echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce

    echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

    echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

;;

stop)

    echo "stop server"

    /sbin/ifconfig lo:0 down

    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore

    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce

    echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore

    echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce

;;

*)

    echo "Usage: $0 (start | stop)"

  exit 1

esac

exit 0

4.启动脚本

[root@bogon ~]# bash /root/lvs_keepd.sh start

5.测试lvs是否启动

[root@bogon ~]# ipvsadm -ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  192.168.0.114:80 rr persistent 50

  -> 192.168.0.111:80             Local   1      1          0         

  -> 192.168.0.112:80             Route   1      0          0         

备机上操作也是一样