keepalived通過VRRP協議實現高可用功能的。VRRP(Virtual Router Redundancy Protocol)虛擬路由冗余協議。VRRP出現的目的就是為了解決靜態路由單點故障問題,它能保證當個別節點宕機時,整個網絡可以不間斷地運行。
當主節點發生故障時,無法給備節點發送心跳消息,如果備節點無法繼續檢測到來自主節點的心跳。就會調用自身的接管程序,接管主節點的IP資源和服務。當主節點恢復時,備節點又會釋放主節點故障時自身接管的IP資源和服務,恢復到原來的備用角色
3.1.主節點(192.168.80.22)
3.1.1.安裝編譯工具和庫文件
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel
3.1.2.安裝pcre
#進入目錄 cd /usr/local/develop/anginx #上傳安裝文件並解壓 tar -zxvf pcre-8.38.tar.gz #進入安裝目錄 cd pcre-8.38 #檢查配置 ./configure #編譯、安裝 make && make install #查看pcre版本 pcre-config --version
3.1.3.安裝nginx
#進入目錄 cd /usr/local/develop/anginx #上傳安裝文件,並解壓 tar -zxvf nginx-1.8.1.tar.gz #進入安裝目錄 cd nginx-1.8.1 #檢查配置 ./configure --prefix=/usr/local/develop/anginx/webserver/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/develop/anginx/pcre-8.38 #編譯安裝 make && make install #查看nginx版本 /usr/local/develop/anginx/webserver/nginx/sbin/nginx -v -------------------------------------------------------- [root@hadoop02 webserver]# /usr/local/develop/anginx/webserver/nginx/sbin/nginx -v nginx version: nginx/1.8.1 #配置nginx(檢查) /usr/local/develop/anginx/webserver/nginx/sbin/nginx -t #nginx管理命令 /usr/local/develop/anginx/webserver/nginx/sbin/nginx # 啟動 Nginx /usr/local/develop/anginx/webserver/nginx/sbin/nginx -s stop # 停止 Nginx /usr/local/develop/anginx/webserver/nginx/sbin/nginx -s reload # 重新載入配置文件 /usr/local/develop/anginx/webserver/nginx/sbin/nginx -s reopen # 重啟 Nginx
3.1.4.nginx基礎配置
vi nginx.conf #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; #添加tomcat列表,真實應用服務器都放在這 upstream tomcat_pool{ #server tomcat地址:端口號 weight表示權值,權值越大,被分配的幾率越大; server 192.168.80.22:8080 weight=4 max_fails=2 fail_timeout=30s; server 192.168.80.22:8081 weight=4 max_fails=2 fail_timeout=30s; } server { listen 80; server_name tomcat_pool; #charset koi8-r; #access_log logs/host.access.log main; location / { #root html; #index index.html index.htm; proxy_pass http://tomcat_pool; #轉向tomcat處理 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
3.2.備節點(192.168.80.21)
說明:安裝方式同nginx主節點。
4.安裝keepalived
4.1.主節點(192.168.80.22)
#安裝keepalived yum install keepalived -y #啟動keepalived服務 /etc/init.d/keepalived start ------------------------------------------- [root@hadoop02 anginx]# /etc/init.d/keepalived start 正在啟動 keepalived: [確定] [root@hadoop02 anginx]# ps -ef |grep keepalived root 15723 1 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15724 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15725 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15731 15622 0 00:59 pts/1 00:00:00 grep keepalived [root@hadoop02 anginx]# #設置開機自啟動 echo "/etc/init.d/keepalived start" >>/etc/rc.local #關閉keepalived服務 /etc/init.d/keepalived stop #編輯keepalived配置文件 vi /etc/keepalived/keepalived.conf ----------------------------------------------------------- ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id lb01 } vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 55 priority 150 advert_int 1 authentication { auth_type PASS auth_pass server123 } virtual_ipaddress { 192.168.80.100 dev eth1 label eth1:1 } } ...........................................................
關於配置說明:
【router_id】 是路由標識,在一個局域網里面應該是唯一的
【vrrp_instance VI_1】{...}這是一個VRRP實例,里面定義了keepalived的主備狀態、接口、優先級、認證和IP信息
【state】 定義了VRRP的角色
【interface】定義使用的接口,這里我的服務器用的網卡都是eth1
【virtual_router_id】是虛擬路由ID標識,一組的keepalived配置中主備都是設置一致
【priority】是優先級,數字越大,優先級越大,
【auth_type】是認證方式
【auth_pass】是認證的密碼
【virtual_ipaddress】 {...}定義虛擬IP地址,可以配置多個IP地址,這里我定義為192.168.80.100,綁定了eth1的網絡接口,虛擬接口eth1:1
4.2.備節點(192.168.80.21)
#安裝keepalived yum install keepalived -y #啟動keepalived服務 /etc/init.d/keepalived start ------------------------------------------- [root@hadoop02 anginx]# /etc/init.d/keepalived start 正在啟動 keepalived: [確定] [root@hadoop02 anginx]# ps -ef |grep keepalived root 15723 1 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15724 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15725 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D root 15731 15622 0 00:59 pts/1 00:00:00 grep keepalived [root@hadoop02 anginx]# #設置開機自啟動 echo "/etc/init.d/keepalived start" >>/etc/rc.local #關閉keepalived服務 /etc/init.d/keepalived stop #編輯keepalived配置文件 vi /etc/keepalived/keepalived.conf ----------------------------------------------------------------- ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id lb02 } vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 55 priority 100 advert_int 1 authentication { auth_type PASS auth_pass server123 } virtual_ipaddress { 192.168.80.100 dev eth1 label eth1:1 } } .............................................................
5.測試
5.1.啟動主備節點的keepalived服務
#在節點一執行(192.168.80.22) /etc/init.d/keepalived start ------------------------------------- [root@hadoop02 anginx]# ps -ef |grep keepalived root 15788 1 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D root 15790 15788 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D root 15791 15788 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D root 15807 15622 0 01:33 pts/1 00:00:00 grep keepalived [root@hadoop02 anginx]# #在節點二執行(192.168.80.21) /etc/init.d/keepalived start --------------------------------------- [root@hadoop01 ~]# ps -ef |grep keepalived root 11542 1 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D root 11544 11542 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D root 11545 11542 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D root 11550 11512 0 01:33 pts/1 00:00:00 grep keepalived [root@hadoop01 ~]#
5.2.通過虛ip訪問服務
http://192.168.80.100/session-redis-demo/
5.3.停止主節點keepalived服務
#在節點一執行(192.168.80.22) /etc/init.d/keepalived stop #觀察備節點變化 ip addr ------------------------------------------- [root@hadoop01 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:38:e5:46 brd ff:ff:ff:ff:ff:ff inet 192.168.80.21/24 brd 192.168.80.255 scope global eth1 inet 192.168.80.100/32 scope global eth1:1 inet6 fe80::250:56ff:fe38:e546/64 scope link valid_lft forever preferred_lft forever [root@hadoop01 ~]#
5.4.繼續通過虛ip訪問服務
http://192.168.80.100/session-redis-demo/
6.keepalived+nginx整合
說明:編寫nginx守護腳本,如果nginx服務出現故障,則停止當前節點的keepalived服務。自動切換到備用節點。
6.1.編寫nginx守護腳本
vi nginx_check.sh -------------------------------------- #!/bin/bash while true do if [ $(netstat -tlnp|grep nginx|wc -l) -ne 1 ] then /etc/init.d/keepalived stop fi sleep 2 done #給腳本授權 chmod u+x nginx_check.sh #執行腳本 nohup /usr/local/develop/anginx/shell/nginx_check.sh &
6.2.停止主節點nginx服務
#停止主節點nginx服務 /usr/local/develop/anginx/webserver/nginx/sbin/nginx -s stop #查找進程 [root@hadoop02 ~]# ps -ef |grep nginx root 15915 1 0 01:51 ? 00:00:00 /bin/bash /usr/local/develop/anginx/shell/nginx_check.sh root 16516 15753 0 01:54 pts/5 00:00:00 grep nginx [root@hadoop02 ~]# #觀察備用節點變化【服務正常】 ip addr -------------------------------------- [root@hadoop01 shell]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:38:e5:46 brd ff:ff:ff:ff:ff:ff inet 192.168.80.21/24 brd 192.168.80.255 scope global eth1 inet 192.168.80.100/32 scope global eth1:1 inet6 fe80::250:56ff:fe38:e546/64 scope link valid_lft forever preferred_lft forever [root@hadoop01 shell]# #再次重新啟動主節點nginx和keepalived服務 /usr/local/develop/anginx/webserver/nginx/sbin/nginx /etc/init.d/keepalived start