1、什么是 nginx 高可用
-
(1)需要兩台 nginx 服務器
-
(2)需要 keepalived
-
(3)需要虛擬 ip
2、配置高可用的准備工作
(1)需要兩台服務器 192.168.17.129 和 192.168.17.131
(2)在兩台服務器安裝 nginx
(3)在兩台服務器安裝 keepalived
3、在兩台服務器安裝 keepalived
(1)keepalived進行安裝
參考:https://www.cnblogs.com/Amywangqing/p/14768232.html
(2)查看keepalived是否啟動
ps -aux | grep keepalived
(3)安裝之后,在 /etc 里面生成目錄 keepalived,有文件 keepalived.conf
keepalived啟動成功后,先關閉keepalived在關閉nginx,在配置高可用
systemctl stop keepalived.service
./nginx -s stop
4、完成高可用配置(主從配置)
Keepalived + Nginx 配合使用
主機192.168.17.129 Nginx
(1)根據原本的keepalived.conf 自己修改/etc/keepalived/keepalivec.conf 配置文件
! Configuration File for keepalived #全局配置 global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.17.129 # 主服務器IP地址 smtp_connect_timeout 30 router_id LVS_DEVEL # 主機名字是在hosts里面配置的如:127.0.0.1 LVS_DEVEL,也可以是主機IP } #腳本配置 vrrp_script chk_http_port { script "/usr/local/src/nginx_check.sh" #檢測腳本的位置 interval 2 #(檢測腳本執行的間隔) weight 2 # 權重 } #虛擬IP的配置 vrrp_instance VI_1 { state MASTER # 備份服務器上將 MASTER 改為 BACKUP interface eth1 # 網卡,通過ifconfig查看你自己的網卡 virtual_router_id 51 # 主、備機的 virtual_router_id 必須相同 priority 100 # 主、備機取不同的優先級,主機值較大,備份機值較小 advert_int 1 #每隔1秒發送一個心跳檢測一下,主機是否還活着 #使用權限的一種方式,需要密碼,密碼為1111 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.17.50 # VRRP H 虛擬地址IP,可以綁定多個虛擬地址IP } }
我的真實的keepalived.conf
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } #腳本配置 vrrp_script chk_http_port { script "/usr/local/src/nginx_check.sh" #檢測腳本的位置 interval 2 #(檢測腳本執行的間隔) weight 2 # 權重 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.16 192.168.200.17 192.168.200.18 } } virtual_server 192.168.200.100 443 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.201.100 443 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.2 1358 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP sorry_server 192.168.200.200 1358 real_server 192.168.200.2 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.3 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.3 1358 { delay_loop 3 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.200.4 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.5 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } }
(2)在/usr/local/src添加檢測腳本:nginx_check.sh
#!/bin/bash A=`ps -C nginx –no-header | wc -l` if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx #檢測nginx是否掛掉 sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
從機 Nginx
(1)修改/etc/keepalived/keepalivec.conf 配置文件
! Configuration File for keepalived #全局配置 global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.17.129 # 主服務器IP地址 smtp_connect_timeout 30 router_id LVS_DEVEL # 主機名字是在hosts里面配置的如:127.0.0.1 LVS_DEVEL,也可以是主機IP } #腳本配置 vrrp_script chk_http_port { script "/usr/local/src/nginx_check.sh" #檢測腳本的位置 interval 2 #(檢測腳本執行的間隔) weight 2 # 權重 } #虛擬IP的配置 vrrp_instance VI_1 { state BACKUP # 備份服務器上將 MASTER 改為 BACKUP interface eth1 # 網卡,通過ifconfig查看你自己的網卡 virtual_router_id 51 # 主、備機的 virtual_router_id 必須相同 priority 90 # 主、備機取不同的優先級,主機值較大,備份機值較小 advert_int 1 #每隔1秒發送一個心跳檢測一下,主機是否還活着 #使用權限的一種方式,需要密碼,密碼為1111 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.17.50 # VRRP H 虛擬地址IP,可以綁定多個虛擬地址IP } }
(2)在/usr/local/src添加檢測腳本:nginx_check.sh
#!/bin/bash A=`ps -C nginx –no-header | wc -l` if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx #檢測nginx是否掛掉 sleep 2 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
啟動 Nginx
分別啟動主從 Nginx ,切換到/usr/local/nginx/sbin/,執行
./nginx
啟動 Nginx ,如果已經啟動過,就選擇重啟
./nginx -s reload
測試 Nginx 是否啟動成功
ps -ef | grep nginx
啟動 keepalived
啟動keepalived
systemctl start keepalived.service
驗證keepalived是否啟動成功
ps -aux | grep keepalived
通過命令ip a可用查看主機是否綁定了虛擬IP
注意:如果只做一台主服務器的話,沒有做從服務器的話,通過虛擬IP是訪問不了nginx
5、最終測試
(1)在瀏覽器地址欄輸入 虛擬 ip 地址:http://192.168.17.50/
此時便可以通過虛擬 ip 地址訪問到 Nginx 。
(2)把主服務器(192.168.17.129)nginx 和 keepalived 停止,再輸入 192.168.17.50
關閉keepalived
systemctl stop keepalived.service
關閉nginx
./nginx -s stop
在瀏覽器地址欄輸入 虛擬 ip 地址:http://192.168.17.50/
此時主機 192.168.17.130 宕機了,從機變為主機。