nginx+keepalived实现高可用负载均衡方案

学习文档目录1.引言........................................................................................................................................................32.环境说明................................................................................................................................................33.Nginx安装配置.....................................................................................................................................34.Keepalived安装配置..............................................................................................................................55.验证........................................................................................................................................................91.引言本学习文档主要介绍了采用Nginx负载均衡，通过keepalived实现Nginx双机互备，保证实现的WEB服务高可用方案。2.环境说明主nginx负载均衡器：172.20.52.20端口81(CentOSrelease5.8)副nginx负载均衡器：172.20.52.21端口81(CentOSrelease5.8)Tomcat1:172.20.52.19端口3030Tomcat2:172.20.52.20端口4040VIP:172.20.52.22软件：keepalived-1.2.12nginx-1.4.4说明：keepalived是一个基于VRRP协议来实现的WEB服务高可用方案，可以利用其来避免单点故障。一个WEB服务至少会有2台服务器运行Keepalived，一台为主服务器（MASTER），一台为备份服务器（BACKUP），但是对外表现为一个虚拟IP，主服务器会发送特定的消息给备份服务器，当备份服务器收不到这个消息的时候，即主服务器宕机的时候，备份服务器就会接管虚拟IP，继续提供服务，从而保证了高可用性。3.Nginx安装配置1.安装Nginx获取Nginx稳定版，把Nginx安装到/usr/local/nginx目录下(两台机器都安装)的详细步骤:yum–yinstallgccopenssl-develpcre-develzlib-devel(安装相关组件)tarzxvfnginx-1.4.4.tar.gzcdnginx-1.4.4./configure--prefix=/usr/local/nginx--with-http_ssl_module--with-http_flv_module--with-http_gzip_static_module--with-http_stub_status_modulemake&&makeinstall2.分别在两台服务器编写配置文件vim/usr/local/nginx/conf/nginx.conf#usernobody;worker_processes1;#pidlogs/nginx.pid;events{worker_connections1024;}http{includemime.types;default_typeapplication/octet-stream;sendfileon;#tcp_nopushon;keepalive_timeout65;upstreamcart{server172.20.52.19:3030weight=1;server172.20.52.20:4040weight=1;#ip_hash;#在没有做共享session的情况下ip_hash可以解决session问题}server{listen81;server_name172.20.52.20;#另外一台填写另外IPcharsetutf-8;location/cart{roothtml;indexindex.htmlindex.htm;proxy_next_upstreamerrortimeouthttp_500http_502http_504;proxy_read_timeout10s;proxy_pass:81;#没用默认80端口需要加入proxy_set_headerX-Real-IP$remote_addr;proxy_set_headerX-Forwarded-For$proxy_add_x_forwarded_for;}error_page500502503504/50x.html;location=/50x.html{roothtml;}log_formataccess_log'$remote_addr-$remote_user[$time_local]$request''$status$body_bytes_sent$http_referer''$http_user_agent$http_x_forwarded_for';access_log/usr/local/nginx/logs/access.logaccess_log;}}3.验证配置文件正确性/usr/local/nginx/sbin/nginx–t显示以下信息为正确的theconfigurationfile/usr/local/nginx/conf/nginx.confsyntaxisokconfigurationfile/usr/local/nginx/conf/nginx.conftestissuccessful4.启动/usr/local/nginx/sbin/nginx4.Keepalived安装配置1.安装(两台nginx机器都安装)#安装poptyum-yinstallpoptpopt-develtarzxvfkeepalived-1.2.12.tar.gzcdkeepalived-1.2.12./configure--prefix=/usr/local/keepalived--sysconf=/etcmake&&makeinstallcp/usr/local/keepalived/sbin/keepalived/bin/chkconfig--addkeepalived#设置开机启动chkconfigkeepalivedon#启动keepalive服务/etc/init.d/keepalivedstartservicekeepalivedrestart2.配置cp/etc/keepalived/keepalived.conf/etc/keepalived/keepalived.conf_bakMASTERvim/etc/keepalived/keepalived.conf!ConfigurationFileforkeepalivedglobal_defs{notification_email{jiyulong@capinfo.com.cngufanbiao@capinfo.com.cn}notification_email_fromjiyulong@capinfo.com.cnsmtp_server127.0.0.1smtp_connect_timeout30router_idLVS_DEVEL}vrrp_scriptMonitor_Nginx{script/root/monitor/monitor_nginx.shinterval2weight2}vrrp_instanceVI_1{stateMASTER#(主机为MASTER，备用机为BACKUP)interfaceeth0#(HA监测网络接口)virtual_router_id51#(主、备机的virtual_router_id必须相同)priority100#(主、备机取不同的优先级，主机值较大，备份机值较小,值越大优先级越高)advert_int1#(VRRPMulticast广播周期秒数)authentication{auth_typePASS#(VRRP认证方式)auth_pass1111#(密码)}track_script{Monitor_Nginx#(调用nginx进程检测脚本)}virtual_ipaddress{172.20.52.22#(VRRPHA虚拟地址)}}BACKUP方面只需要修改state为BACKUP,priority比MASTER稍低即可3.监控脚本vim/root/monitor_nginx.sh当检测到nginx进程不存在的时候，就干掉所有的keepalived，这时候，请求将会由keepalived的backup接管！！vim/opt/nginx_pid.sh#!/bin/bash#varsion0.0.2#根据一网友说这样做不科学，如果nginx服务起来了，但是我把keepalived杀掉了，我的理由是，如果nginx死掉了，我觉得就很难在起来，再有就是nagios当然要给你报警了啊。不过这位同学说的有道理，所以就稍加改了一下脚本##查看是否有nginx进程把值赋给变量AA=`ps-Cnginx--no-header|wc-l`if[$A-eq0];then##如果没有进程值得为零/usr/local/nginx/sbin/nginxsleep3if[`ps-Cnginx--no-header|wc-l`-eq0];thenkillallkeepalived##则结束keepalived进程fifi运行chmod+x/root/monitor_nginx.sh赋权限注意：运行monitor_nginx.sh脚本时出现了这错误/bin/bash^M:badinterpreter:没有那个文件或目录。原因：linux和windows之间的不完全兼容。。。具体细节不管，如果验证：vimXXX.sh:setff?如果出现fileforma＝dos那么就基本可以确定是这个问题了。:setfileformat=unix:wqOK了。。。。。。。4.启动172.20.52.20172.20.52.21都重新启动keepalived：servicekeepalivedrestart这里请注意，当keepalived启动后，我们可以用命令：ipaddshoweth0来看我们的eth0网卡确实被添加了虚拟IP，如图注：给大家提供加虚IP的方法egifconfigeth0:0166.111.69.100netmask255.255.255.0upipaddshoweth0来看我们的eth0网卡确实被添加了虚拟IP5.验证1．访问VIP看是否能够正常访问后端的tomcat2．停止其中一个tomcat看是否能将访问转到另一台上3．停止两台nginx上任何一个nginx进程看监控进程脚本是否会自动启动nginx4．停止任何一台nginx上的keepalived进程看另一台是否接管vip比如停止Master上的keepalived,例如如下killallkeepalived,查看BACKUP机器是否已经接管，如果BACKUP接管后，BACKU