Keepalived é uma solução de alta disponibilidade ou hot standby de servidor de alto desempenho. Keepalived pode ser usado para evitar um único ponto de falha do servidor. Ao cooperar com o Nginx, ele pode alcançar alta disponibilidade de serviços de front-end da web.
Nome da CPU | endereço de IP | IP Virtual | Personagem |
lb01 | 192.168.203.150 | 192.168.203.88 | manter-se vivo (Mestre) |
lb02 | 192.168.203.148 | 192.168.203.89 | keepalived (Backup) |
web1 | 192.168.203.136 | nginx | |
web2 | 192.168.203.135 | nginx |
Pacotes dependentes e pacotes de instalação que precisam ser preparados
[root@web1 ~]# ls | grep tar*
keepalived-2.0.2.tar.gz
libevent-2.1.12-stable.tar.gz
nginx-1.6.0.tar.gz
openssl-1.0.1h.tar.gz
pcre-8.35.tar.gz
zlib-1.2.8.tar.gz
Instalar o openssl
[root@web1 ~]# tar -xf openssl-1.0.1h.tar.gz
[root@web1 ~]# cd openssl-1.0.1h/
[root@web1 openssl-1.0.1h]# ./config --prefix=/usr/local/openssl
[root@web1 openssl-1.0.1h]# make && make install
Instalar pcre
[root@web1 ~]# tar -xf pcre-8.35.tar.gz
[root@web1 ~]# cd pcre-8.35/
[root@web1 pcre-8.35]# ./configure --prefix=/usr/local/pcre
[root@web1 pcre-8.35]# make && make install
Instale zlib
[root@web1 ~]# tar -xf zlib-1.2.8.tar.gz
[root@web1 ~]# cd zlib-1.2.8/
[root@web1 zlib-1.2.8]# ./configure --prefix=/usr/local/zlib
[root@web1 zlib-1.2.8]# make && make install
Instale o Nginx
[root@web1 src]# wget http://nginx.org/download/nginx-1.6.0.tar.gz
[root@web1 src]# tar -xf nginx-1.6.0.tar.gz
[root@web1 src]# cd nginx-1.6.0/
[root@web1 nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --with-openssl=../openssl-1.0.1h --with-pcre=../pcre-8.35 --with-zlib=../zlib-1.2.8 --with-http_ssl_module
[root@web1 nginx-1.6.0]# make && make install
[root@web1 nginx-1.6.0]# useradd www -s /sbin/nologin -M # 创建用户
Modificar arquivo de configuração Nginx
[root@web1 conf]# egrep -v "#|^$" nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name 192.168.203.136;
charset utf-8;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@web1 conf]#
Inicie o Nginx
[root@web1 ~]# /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
[root@web1 ~]# /usr/local/nginx/sbin/nginx -s reload
Veja o início do processo nginx
[root@web1 ~]# ps -ef | grep nginx
root 54235 1 0 17:51 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 54244 54235 0 17:51 ? 00:00:00 nginx: worker process
root 54258 8945 0 17:51 pts/0 00:00:00 grep --color=auto nginx
[root@web1 ~]#
Configure o host virtual nginx com base no nome de domínio
[root@web1 nginx]# cd html
[root@web1 html]# mkdir www
[root@web1 html]# vim www/index.html
192.168.203.136 www.chd.comm
[root@web1 html]# cd ..
[root@web1 nginx]# sbin/nginx -t # 检查语句
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@web1 nginx]# sbin/nginx # 启动nginx
[root@web1 nginx]# sbin/nginx -s reload # 重启nginx
[root@web1 nginx]# ps -ef |grep nginx # 查看nginx进程号
nobody 509 130219 0 15:19 ? 00:00:00 nginx: worker process
root 512 111842 0 15:19 pts/2 00:00:00 grep --color=auto nginx
root 130219 1 0 14:34 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
[root@web1 nginx]# echo "192.168.203.136 www.chd.com mail.chd.com mail.cnd.com" >>/etc/hosts 将解析追加到hosts文件中
[root@web1 nginx]# tail -1 /etc/hosts # 查看hosts文件最后一行内容
192.168.203.136 www.chd.com ftp.chd.com mail.chd.com
[root@web1 nginx]#
Abra o navegador e digite o endereço IP para acessar o Nginx
O Nginx inicia automaticamente após a inicialização
[root@web1 ~]# vim /etc/rc.local
/usr/local/nginx/sbin/nginx
Configure um balanceamento de carga simples
Modifique o arquivo de configuração principal nginx.conf do servidor lb01
[root@web1 nginx]# cat conf/nginx.conf | grep -v "^#"
user www www;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
upstream webServer {
server 192.168.203.135:80 weight=5;
server 192.168.203.136:80 weight=6;
}
server {
listen 80;
server_name www.chd.cn;
charset utf-8;
#access_log logs/host.access.log main;
location / {
proxy_pass http://webServer;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
Modifique o arquivo de configuração principal nginx.conf do servidor lb02
[root@web2 nginx]# cat conf/nginx.conf | grep -v "^#"
user www www;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
upstream webServer {
server 192.168.203.135:80 weight=5;
server 192.168.203.136:80 weight=6;
}
server {
listen 80;
server_name 192.168.203.148;
charset utf-8;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
proxy_pass http://webServer;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
Verificação: ao analisar o servidor www.chd.cn, ele alternará entre web1 e web2
[root@lb01 nginx]# curl www.chd.cn
192.168.203.135 www.chd.com
[root@lb01 nginx]# curl www.chd.cn
192.168.203.136 www.chd.com
Configure o balanceamento de carga keepalived
Instalar Keepalived
1.yum安装:
yum install keepalived -y # 推荐使用yum安装,简单、快捷、高效
2.源码包安装:
[root@lb01 ~]# ls | grep keepalived*
keepalived-2.0.2.tar.gz
[root@lb01 ~]# tar -xf keepalived-2.0.2.tar.gz
[root@lb01 ~]# cd keepalived-2.0.2/
[root@lb01 keepalived-2.0.2]# ./configure --prefix=/usr/local/keepalived
[root@lb01 keepalived-2.0.2]# make && make install
[root@lb01 keepalived-2.0.2]# cp keepalived/etc/init.d/keepalived /etc/init.d/
[root@lb01 keepalived-2.0.2]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@lb01 keepalived-2.0.2]# mkdir /etc/keepalived
[root@lb01 keepalived-2.0.2]# chmod +755 /etc/keepalived/
[root@lb01 keepalived-2.0.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@lb01 keepalived-2.0.2]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@lb01 keepalived-2.0.2]# ./keepalived/etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lb01 keepalived-2.0.2]#
注意:在编译时发出警告解决办法
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
安装
[root@localhost keepalived-2.0.2]# yum -y install libnl libnl-devel
[root@localhost keepalived-2.0.2]# yum install -y libnfnetlink-devel
Arquivo de configuração principal | /etc/keepalived/keepalived.conf |
Arquivo de configuração de ambiente | / etc / sysconfig / keepalived |
Modifique o arquivo de configuração /etc/keepalived/keepalived.conf de lb1
[root@lb01 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.88/24
}
}
virtual_server 192.168.203.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
}
[root@lb01 nginx]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl): [ OK ]
[root@lb01 nginx]# ip addr | grep 192.168.203.88
inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#
Modifique o arquivo de configuração /etc/keepalived/keepalived.conf do lb2
[root@lb02 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 52
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.88/24
}
}
virtual_server 192.168.203.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
}
[root@lb02 ~]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl): [ OK ]
[root@lb02 ~]# ip addr | grep 192.168.203.88
[root@lb02 ~]#
Você pode ver que agora é o endereço IP virtual assumido pelo nó mestre. Se o nó mestre estiver inativo, veja se o nó de backup assumirá automaticamente o controle keepalived
[root@lb01 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl): [ OK ]
[root@lb01 nginx]#
[root@lb02 nginx]# ip addr | grep 192.168.203.88
inet 192.168.203.88/24 scope global secondary ens33
[root@lb02 nginx]#
Você pode ver que o nó de backup assumiu automaticamente o endereço IP virtual!
[root@lb01 nginx]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl): [ OK ]
[root@lb01 nginx]# ip addr | grep 192.168.203.88
inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#
Se o nó mestre for iniciado, o nó mestre assumirá automaticamente o serviço keepalived
Configurar modo principal duplo de keepalived
Modifique o arquivo de configuração /etc/keepalived/keepalived.conf de lb1
[root@lb01 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.88/24
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 53
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.89/24
}
}
Modifique o arquivo de configuração /etc/keepalived/keepalived.conf do lb2
[root@lb02 nginx]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 52
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.88/24
}
}
virtual_server 192.168.203.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 53
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.203.89/24
}
}
Reinicie o keepalived após modificar o arquivo de configuração
[root@lb01 nginx]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl): [ OK ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.88/24 scope global secondary ens33
Depois de reiniciar o nó de backup, você pode ver que o endereço IP virtual 192.168.203.89 foi assumido pelo nó de backup
[root@lb02 nginx]# /etc/init.d/keepalived restart
Restarting keepalived (via systemctl): [ OK ]
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.89/24 scope global secondary ens33
[root@lb02 nginx]#
Abaixo do nó mestre, verifique o status do nó de backup
[root@lb01 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl): [ OK ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
[root@lb01 nginx]#
Você pode ver que depois que o nó mestre está inativo, o nó de backup assumiu dois endereços IP virtuais
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.89/24 scope global secondary ens33
inet 192.168.203.88/24 scope global secondary ens33
Se o nó mestre for iniciado novamente neste momento, ele assumirá 192.168.203.88 novamente
[root@lb01 nginx]# /etc/init.d/keepalived start
Starting keepalived (via systemctl): [ OK ]
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.88/24 scope global secondary ens33
[root@lb01 nginx]#
O status do nó em espera também será divulgado em breve 192.168.203.88
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.89/24 scope global secondary ens33
[root@lb02 nginx]#
Depois que o nó de backup estiver inativo, verifique o status do nó mestre
[root@lb02 nginx]# /etc/init.d/keepalived stop
Stopping keepalived (via systemctl): [ OK ]
[root@lb02 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
[root@lb02 nginx]#
Você pode ver que o nó mestre rapidamente assumiu 192.168.203.89
[root@lb01 nginx]# ip add|egrep "192.168.203.88|192.168.203.89"
inet 192.168.203.88/24 scope global secondary ens33
inet 192.168.203.89/24 scope global secondary ens33
[root@lb01 nginx]#
Até agora, o cluster de alta disponibilidade nginx + keepalived realiza o balanceamento de carga.
Resumo: Independentemente de o nó primário lb1 ou o nó de espera lb2 estar inativo, o endereço IP virtual será alternado e assumido. Quando o nó inativo for iniciado novamente, o IP virtual será assumido novamente!