Simulation environment: Prepare two Centos environments
Master:10.10.30.100
Backup:10.10.30.101
VIP : 10.10.30.30
Install Nginx
一. gcc 安装
安装 nginx 需要先将官网下载的源码进行编译,编译依赖 gcc 环境,如果没有 gcc 环境,则需要安装:
yum install gcc-c++
二. PCRE pcre-devel 安装
PCRE(Perl Compatible Regular Expressions) 是一个Perl库,包括 perl 兼容的正则表达式库。nginx 的 http 模块使用 pcre 来解析正则表达式,所以需要在 linux 上安装 pcre 库,pcre-devel 是使用 pcre 开发的一个二次开发库。nginx也需要此库。命令:
yum install -y pcre pcre-devel
三. zlib 安装
zlib 库提供了很多种压缩和解压缩的方式, nginx 使用 zlib 对 http 包的内容进行 gzip ,所以需要在 Centos 上安装 zlib 库。
yum install -y zlib zlib-devel
四. OpenSSL 安装
OpenSSL 是一个强大的安全套接字层密码库,囊括主要的密码算法、常用的密钥和证书封装管理功能及 SSL 协议,并提供丰富的应用程序供测试或其它目的使用。
nginx 不仅支持 http 协议,还支持 https(即在ssl协议上传输http),所以需要在 Centos 安装 OpenSSL 库。
yum install -y openssl openssl-devel
下载安装包:
wget http://nginx.org/download/nginx-1.10.3.tar.gz
解压
tar zxvf nginx-1.10.3.tar.gz
cd nginx-1.10.3
./configure --prefix=/usr/local/server/nginx
make && make install
进入/usr/local/nginx/conf/nginx.conf修改配置文件
进入/usr/local/nginx/sbin/nginx 启动nginx
Install keepalived (keepalived must be installed on both Centos machines)
1. Install keepalived
yum install -y keepalived
2. Edit keepalived.conf
进入keepalived.conf所在目录:cd /etc/keepalived
首先清除掉keepalived原有配置:> keepalived.conf
重新编辑keepalived配置文件:vi keepalived.conf
Configure the following in keepalived.conf in 10.10.30.100 (Master):
! Configuration File for keepalived
global_defs {
## keepalived 自带的邮件提醒需要开启 sendmail 服务。 建议用独立的监控或第三方 SMTP
router_id tyd133 ## 标识本节点的字条串,通常为 hostname
}
## keepalived 会定时执行脚本并对脚本执行的结果进行分析,动态调整 vrrp_instance 的优先级。如果脚本执行结果为 0,并且 weight 配置的值大于 0,则优先级相应的增加。如果脚本执行结果非 0,并且 weight配置的值小于 0,则优先级相应的减少。其他情况,维持原本配置的优先级,即配置文件中 priority 对应的值。
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" ## 检测 nginx 状态的脚本路径
interval 2 ## 检测时间间隔
weight -20 ## 如果条件成立,权重-20
}
## 定义虚拟路由, VI_1 为虚拟路由的标示符,自己定义名称
vrrp_instance VI_1 {
state MASTER ## 主节点为 MASTER, 对应的备份节点为 BACKUP
interface enp0s3 ## 绑定虚拟 IP 的网络接口,与本机 IP 地址所在的网络接口相同, 我的是 eth0
virtual_router_id 33 ## 虚拟路由的 ID 号, 两个节点设置必须一样, 可选 IP 最后一段使用, 相同的 VRID 为一个组,他将决定多播的 MAC 地址
mcast_src_ip 10.10.30.100 ## 本机 IP 地址
priority 100 ## 节点优先级, 值范围 0-254, MASTER 要比 BACKUP 高
nopreempt ## 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
advert_int 1 ## 组播信息发送间隔,两个节点设置必须一样, 默认 1s
## 设置验证信息,两个节点必须一致
authentication {
auth_type PASS
auth_pass 1111 ## 真实生产,按需求对应该过来
}
## 将 track_script 块加入 instance 配置块
track_script {
chk_nginx ## 执行 Nginx 监控的服务
} #
# 虚拟 IP 池, 两个节点设置必须一样
virtual_ipaddress {
10.10.30.30 ## 虚拟 ip,可以定义多个
}
}
Configure the following in keepalived.conf of 10.10.30.101 (Backup):
! Configuration File for keepalived
global_defs {
router_id tyd134
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface enp0s3
virtual_router_id 33
mcast_src_ip 10.10.30.101
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
10.10.30.30
}
}
The script check_nginx.sh to detect nginx
# vi /etc/keepalived/nginx_check.sh
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/server/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
Put it in the /etc/keepalived/ directory (both Centos must be placed)
Give execute permission to nginx_check.sh:
chmod +x /etc/keepalived/nginx_check.sh
Start keepalived for testing:
systemctl start keepalived.service
Access: 10.10.30.30
You can see that the nginx page was successfully accessed
test high availability
Shut down the nginx service on 10.10.30.100
Visit 10.10.30.30 again, and also output the nginx page, indicating that the nginx of 10.10.30.101 is accessed at this time, indicating that our keepalived+nginx high availability is successfully built