基于keepalived的nginx负载均衡的双机热备

说明：

• 环境为centos 6.6
• nginx软件为 nginx-1.6.2.tar.gz

一、安装nginx

### 一定要配置好yum

# 1.6.1安装nginx所需的pcre库
yum install pcre pcre-devel -y
rpm -qa pcre pcre-devel

# 1.6.2安装openssl openssl-devel以及zlib程序
yum -y install zlib zlib-devel
yum -y install openssl openssl-devel

# 1.6.3 创建nginx账号
useradd -s /sbin/nologin -M nginx

# 安装
tar -zxvf nginx-1.6.2.tar.gz 

cd nginx-1.6.2
./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.2 --with-http_stub_status_module --with-http_ssl_module && make && make install

echo $?
# 1.6.5指定软连接
ln -s  /application/nginx-1.6.2/ /application/nginx
# 检查nginx的配置文件的语法
/application/nginx/sbin/nginx -t

# 1.将nginx的路径加入系统默认的搜索路径并写入登录脚本
echo  'PATH=$PATH:/application/nginx/sbin' >>/etc/profile

# 重新加载系统脚本
. /etc/profile

# 1.7 测试访问nginx的网站
# 1方法1
# curl -I 127.0.0.1
# 方法2
# wget 127.0.0.1

二、nginx负载均衡配合keepalived服务案例实战

0. 拓扑

		[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-TC6CfZUx-1586523244533)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410180900979.png)]

角色	ip地址	软件安装
lb01	192.168.1.11	keepalived、nginx
lb02	192.168.1.12	keepalived、nginx
web01	192.168.1.13	apache
web02	192.168.1.14	apache

1. 在192.168.1.11和192.168.1.12上配置nginx的代理服务器功能，配置如下

1.11 nginx配置

​ cat /application/nginx/conf/nginx.conf

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream www_server_pools {
       server 192.168.1.13:80 weight=1;
       server 192.168.1.14:80 weight=1;
   	}
    server {
        listen		192.168.1.113:80;
        server_name  www.hdxy.com;
        location / {
            proxy_pass http://www_server_pools;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
        }
    }
}

1.12 nginx配置

​ cat /application/nginx/conf/nginx.conf

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream www_server_pools {
       server 192.168.1.13:80 weight=1;
       server 192.168.1.14:80 weight=1;
        }
    server {
        listen       192.168.1.113:80;
        server_name  www.hdxy.com;
        location / {
                proxy_pass http://www_server_pools;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $remote_addr;
        }
    }
}

2. 在192.168.1.11 和192.168.1.12 上配置keepalived服务

​ ( 首先用 yum -y install keepalived 安装keepalived)

1.11 keepalived配置

​ cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

    notification_email {
        [email protected]
        [email protected]
        [email protected]
    }

    notification_email_from [email protected]
    smtp_server 192.168.200.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL01
}

vrrp_instance VI_1 {

    state MASTER
    interface eth0 # 注意本机网卡
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
    	192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡
    }
}

1.12 keepalived配置

​ cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

    notification_email {
        [email protected]
        [email protected]
        [email protected]
    }
    
    notification_email_from [email protected]
    smtp_server 192.168.200.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL02
}

vrrp_instance VI_1 {

    state BACKUP
    interface eth0 # 注意本机网卡 
    virtual_router_id 51
    priority 90
    advert_int 1

    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
    	192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡
    }
}

3. 启动nginx和keepalived服务

/application/nginx/sbin/nginx
/etc/init.d/keepalived start

4. 解决服务监听网卡上不存在ip地址问题

echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf 
sysctl -p

5. yum安装1.13 和 1.14的apache

yum -y install httpd

6. 配置首页

echo "wo shi 192.168.1.13 " >/var/www/html/index.html
echo "wo shi 192.168.1.14 " >/var/www/html/index.html

7. 启动httpd服务

/etc/init.d/httpd start

8. 在windows上测试

# 先关闭防火墙 和 setenforce
service iptables stop
setenforce 0

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-85qQqhvc-1586523244535)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410203441155.png)]

9. 将主用lb的服务关闭

/etc/init.d/keepalived stop # 停掉 keepalived

ip addr|grep 192.168.1.113 # 查看ip信息
#inet 192.168.1.113/32 scope global eth0:1

​ 发现备用lb可以正常接管

10. 实验到此结束 ！

问题：

​ 正常情况下，keepalived软件仅仅在对方机器宕机或keepalived停掉的时候才会接管业务，但在实际中，有一种情况是，nginx反向代理停掉，而keepalived服务还在工作的情况，这个问题会导致用户访问的vip无法找到对应的服务，如何解决这个问题呢？

• 可以写守护程序 当nginx业务有问题的时候，就停掉本地的keepalived服务，实现备用lb的自动接管

  #!/bin/bash
  # file name check_nginx.sh
  
  while true
  do
      if [ `netstat -lntup|grep nginx|wc -l` -ne 1 ] ;then
          /etc/init.d/keepalived stop
      fi 
  	sleep 2
  done
  

• 在后台运行脚本

  sh check_nginx.sh &
  

• 模拟nginx业务挂掉

  /application/nginx/sbin/nginx -s stop
  
  ip addr|grep 192.168.1.113
  #inet 192.168.1.113/32 scope global eth0:1
  
  

• 发现ip地址漂移到备用lb了

ived stop
fi
sleep 2
done

- 在后台运行脚本

```shell
sh check_nginx.sh &

• 模拟nginx业务挂掉

  /application/nginx/sbin/nginx -s stop
  
  ip addr|grep 192.168.1.113
  #inet 192.168.1.113/32 scope global eth0:1
  
  

• 发现ip地址漂移到备用lb了