Nginx+Keepalived双机热备说明
理论:
介绍
nginx:是一款工作在应用层的web服务器,主要用于反向代理、高并发,前台处理静态页面功能。
Keepalived:是一个很有效的作为HA的软件,可以确保线上所有服务的运行状态以及出现问题能够及时解决的开源产品。
为什么要用Nngix+Keepalived
假如,我的前端有两个nginx做为处理高并发的数据应用,当大量访问请求出现时,两台nginx谁先谁后都不能很好的处理,而且其中一台down掉,还得需要运维人员手动处理服务的开关,并且不能实时地监测服务的负载。因此,才需要keepalived这款高性能的HA产品来解决处理这些问题
实践:
两台服务器作为前端的nginx,IP分别为:
192.168.1.100 mast
192.168.1.102 backup
虚拟IP为:192.168.1.24
开始安装配置:
为两台服务器安装相应的依赖包:
[root@localhost home]# yum -y install gcc* openssl*
下载并安装nginx
因为nginx需要pcre模块的支持,所以先安装pcre后装nginx
[root@localhosthome]#wget http://blog.s135.com/soft/linux/nginx_php/pcre/pcre/pcre-8.20.tar.gz
[root@localhost home]# tar -zxvf pcre-8.20.tar.gz
[root@localhost home]# cd pcre-8.20
[root@localhost pcre-8.20]# ./configure
[root@localhost pcre-8.20]# make && make install
[root@localhost home]#wget http://wiki.nginx.org/NginxChs/nginx-1.2.3
[root@localhost home]# tar -zxvf nginx-1.2.3.tar.gz
[root@localhost home]#groupadd www
[root@localhost home]#useradd -g www www
[root@localhost home]#chown -R www:www /data/logs/
[root@localhost nginx-1.2.3]# ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/home/pcre-8.20/ --with-pcre-jit
[root@localhost nginx-1.2.3]#make && make install
配置nginx.conf
vim /usr/local/nginx/conf/nginx.conf
user www www; #运行用户、组 此为上面建立的用户名、用户组
worker_processes 8;# 启动进程,一般设置成跟服务器的CPU核数相同或者比它高一些也行
pid /usr/local/nginx/logs/nginx.pid;#nginx的pid路径
events { #工作模式及连接数上限
worker_connections 1024; ;#单个后台worker process进程的最大并发链接数
use epoll; #epoll是多路复用IO(I/O Multiplexing)中的一种方式,但是仅用于linux2.6以上内核,可以大大提高nginx的性能
}
http { #设定http服务器,利用它的反向代理功能提供负载均衡支持
include mime.types; #设定mime类型,类型由mime.type文件定义
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" ' #设定日志格式
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#指令指定 nginx 是否调用 sendfile 函数(zero copy 方式)来输出文件,对于普通应用,
#必须设为 on,如果用来进行下载等应用磁盘IO重负载应用,可设置为 off,以平衡磁盘与网络I/O处理速度,降低系统的uptime.
tcp_nopush on;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 65; #连接超时时间
gzip on; #开启gzip压缩
upstream srtweb { #指定负载的Ip
server 192.168.1.24;
}
server {
listen 80; #指定监听的端口
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
2.更改完nginx.conf后,执行
/usr/local/nginx/sbin/nginx,
再执行losf -i:80 查看nginx是否已启动
3.安装keepalived
[root@localhost home]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
[root@localhost home]# tar -zxvf keepalived-1.2.7.tar.gz
[root@localhost home]# cd keepalived-1.2.7
[root@localhost home]# ./configure --prefix=/usr/local/keepalived
[root@localhost home]# make && make install
[root@localhost home]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin
[root@localhost home]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@localhost home]# cp /usr/local/keepalived/etc/rc.d/init.d/
4.分别设置主和备nginx上的keepalived配置文件。
[root@localhost home]# mkdir /etc/keepalived
[root@localhost home]# cd /etc/keepalived/
[root@localhost keepalived]# vim keepalived.conf(此为新的)
! Configuration File for keepalived
global_defs {
router_id nginx-proxy-ha
}
vrrp_script check_nginx {
script "/nginx_ip.sh" #监测脚本
interval 2
weight 2
}
vrrp_instance VI_1 {
state BAKEUP #主备名称
interface eth0 #监测网卡
virtual_router_id 51 #认证的ID号
priority 20 #优先级,值越高越优先
advert_int 1
authentication {
auth_type PASS
auth_pass 1234 #认证密码
}
track_interface {
eth0
}
track_script {
check_nginx
}
virtual_ipaddress {
192.168.1.24 #vip地址
}
}
在这里,我分别在主备两台keepalived机器上嵌入了脚本,得以完善
主机:
[root@localhost /]# cat nginxpid.sh
#!/bin/bash
while :
do
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 3
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi
sleep 3
done
备机:
[root@localhost /]# cat nginx_ip.sh
#!/bin/bash
while :
do
for((i=1;i<=3;i++));do
ping -c1 192.168.1.23 >& /dev/null
if [ $? -eq 0 ];
then
break
/etc/init.d/keepalived restart
fi
done
sleep 5
done
5.分别重启两台nginx上的keepalived
[root@localhost /]# /etc/init.d/keepalived restart
这样nginx+keepalived就配置好了
测试,当我把主nginx关掉以后(keepalived保持开启状态)
测试成功!
测试表明:当主nginx遇到不明原因关闭时,keepalived会自动把请求跳转到备机上,再运用主、备两机的脚本进行监测,如果主nginx重启成功,则请求会自动转到主nginx上。
