1.keepalived介紹
keepalived最初是專為LVS負(fù)載均衡軟件設(shè)計的�,用來管理并監(jiān)控LVS集群系統(tǒng)中各個服務(wù)節(jié)點(diǎn)的狀態(tài)����,后來又加入了實現(xiàn)高可用的VRRP功能。keepalived除了能夠管理LVS軟件外�����,還能支持其他服務(wù)的高可用解決方案�。
keepalived通過VRRP協(xié)議實現(xiàn)高可用功能的。VRRP(Virtual Router Redundancy Protocol)虛擬路由冗余協(xié)議���。VRRP出現(xiàn)的目的就是為了解決靜態(tài)路由單點(diǎn)故障問題����,它能保證當(dāng)個別節(jié)點(diǎn)宕機(jī)時��,整個網(wǎng)絡(luò)可以不間斷地運(yùn)行��。
2.keepalived高可用故障轉(zhuǎn)移原理
keepalived高可用服務(wù)之間的故障轉(zhuǎn)移��,是通過VRRP來實現(xiàn)的����。在keepalived服務(wù)工作時,主Master節(jié)點(diǎn)會不斷地向備節(jié)點(diǎn)發(fā)送(多播的方式)心跳消息�����,用來告訴備Backup節(jié)點(diǎn)自己還活著���。
當(dāng)主節(jié)點(diǎn)發(fā)生故障時���,無法給備節(jié)點(diǎn)發(fā)送心跳消息,如果備節(jié)點(diǎn)無法繼續(xù)檢測到來自主節(jié)點(diǎn)的心跳����。就會調(diào)用自身的接管程序,接管主節(jié)點(diǎn)的IP資源和服務(wù)�。當(dāng)主節(jié)點(diǎn)恢復(fù)時,備節(jié)點(diǎn)又會釋放主節(jié)點(diǎn)故障時自身接管的IP資源和服務(wù)�,恢復(fù)到原來的備用角色
3.安裝nginx
3.1.主節(jié)點(diǎn)(192.168.80.22)
3.1.1.安裝編譯工具和庫文件
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel
3.1.2.安裝pcre
#進(jìn)入目錄
cd /usr/local/develop/anginx
#上傳安裝文件并解壓
tar -zxvf pcre-8.38.tar.gz
#進(jìn)入安裝目錄
cd pcre-8.38
#檢查配置
./configure
#編譯、安裝
make && make install
#查看pcre版本
pcre-config --version
3.1.3.安裝nginx
#進(jìn)入目錄
cd /usr/local/develop/anginx
#上傳安裝文件�,并解壓
tar -zxvf nginx-1.8.1.tar.gz
#進(jìn)入安裝目錄
cd nginx-1.8.1
#檢查配置
./configure --prefix=/usr/local/develop/anginx/webserver/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/develop/anginx/pcre-8.38
#編譯安裝
make && make install
#查看nginx版本
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -v
--------------------------------------------------------
[root@hadoop02 webserver]# /usr/local/develop/anginx/webserver/nginx/sbin/nginx -v
nginx version: nginx/1.8.1
#配置nginx(檢查)
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -t
#nginx管理命令
/usr/local/develop/anginx/webserver/nginx/sbin/nginx # 啟動 Nginx
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -s stop # 停止 Nginx
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -s reload # 重新載入配置文件
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -s reopen # 重啟 Nginx
3.1.4.nginx基礎(chǔ)配置
vi nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#添加tomcat列表,真實應(yīng)用服務(wù)器都放在這
upstream tomcat_pool{
#server tomcat地址:端口號 weight表示權(quán)值���,權(quán)值越大����,被分配的幾率越大;
server 192.168.80.22:8080 weight=4 max_fails=2 fail_timeout=30s;
server 192.168.80.22:8081 weight=4 max_fails=2 fail_timeout=30s;
}
server {
listen 80;
server_name tomcat_pool;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
#root html;
#index index.html index.htm;
proxy_pass http://tomcat_pool; #轉(zhuǎn)向tomcat處理
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
3.2.備節(jié)點(diǎn)(192.168.80.21)
說明:安裝方式同nginx主節(jié)點(diǎn)。
4.安裝keepalived
4.1.主節(jié)點(diǎn)(192.168.80.22)
#安裝keepalived
yum install keepalived -y
#啟動keepalived服務(wù)
/etc/init.d/keepalived start
-------------------------------------------
[root@hadoop02 anginx]# /etc/init.d/keepalived start
正在啟動 keepalived: [確定]
[root@hadoop02 anginx]# ps -ef |grep keepalived
root 15723 1 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15724 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15725 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15731 15622 0 00:59 pts/1 00:00:00 grep keepalived
[root@hadoop02 anginx]#
#設(shè)置開機(jī)自啟動
echo "/etc/init.d/keepalived start" >>/etc/rc.local
#關(guān)閉keepalived服務(wù)
/etc/init.d/keepalived stop
#編輯keepalived配置文件
vi /etc/keepalived/keepalived.conf
-----------------------------------------------------------
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass server123
}
virtual_ipaddress {
192.168.80.100 dev eth1 label eth1:1
}
}
...........................................................
關(guān)于配置說明:
- 【router_id】 是路由標(biāo)識��,在一個局域網(wǎng)里面應(yīng)該是唯一的
- 【vrrp_instance VI_1】{...}這是一個VRRP實例����,里面定義了keepalived的主備狀態(tài)、接口��、優(yōu)先級�、認(rèn)證和IP信息
- 【state】 定義了VRRP的角色
- 【interface】定義使用的接口,這里我的服務(wù)器用的網(wǎng)卡都是eth1
- 【virtual_router_id】是虛擬路由ID標(biāo)識�,一組的keepalived配置中主備都是設(shè)置一致
- 【priority】是優(yōu)先級,數(shù)字越大����,優(yōu)先級越大,
- 【auth_type】是認(rèn)證方式
- 【auth_pass】是認(rèn)證的密碼
- 【virtual_ipaddress】 {...}定義虛擬IP地址��,可以配置多個IP地址����,這里我定義為192.168.80.100���,綁定了eth1的網(wǎng)絡(luò)接口,虛擬接口eth1:1
4.2.備節(jié)點(diǎn)(192.168.80.21)
#安裝keepalived
yum install keepalived -y
#啟動keepalived服務(wù)
/etc/init.d/keepalived start
-------------------------------------------
[root@hadoop02 anginx]# /etc/init.d/keepalived start
正在啟動 keepalived: [確定]
[root@hadoop02 anginx]# ps -ef |grep keepalived
root 15723 1 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15724 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15725 15723 0 00:59 ? 00:00:00 /usr/sbin/keepalived -D
root 15731 15622 0 00:59 pts/1 00:00:00 grep keepalived
[root@hadoop02 anginx]#
#設(shè)置開機(jī)自啟動
echo "/etc/init.d/keepalived start" >>/etc/rc.local
#關(guān)閉keepalived服務(wù)
/etc/init.d/keepalived stop
#編輯keepalived配置文件
vi /etc/keepalived/keepalived.conf
-----------------------------------------------------------------
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass server123
}
virtual_ipaddress {
192.168.80.100 dev eth1 label eth1:1
}
}
.............................................................
5.測試
5.1.啟動主備節(jié)點(diǎn)的keepalived服務(wù)
#在節(jié)點(diǎn)一執(zhí)行(192.168.80.22)
/etc/init.d/keepalived start
-------------------------------------
[root@hadoop02 anginx]# ps -ef |grep keepalived
root 15788 1 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D
root 15790 15788 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D
root 15791 15788 0 01:09 ? 00:00:00 /usr/sbin/keepalived -D
root 15807 15622 0 01:33 pts/1 00:00:00 grep keepalived
[root@hadoop02 anginx]#
#在節(jié)點(diǎn)二執(zhí)行(192.168.80.21)
/etc/init.d/keepalived start
---------------------------------------
[root@hadoop01 ~]# ps -ef |grep keepalived
root 11542 1 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D
root 11544 11542 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D
root 11545 11542 0 01:30 ? 00:00:00 /usr/sbin/keepalived -D
root 11550 11512 0 01:33 pts/1 00:00:00 grep keepalived
[root@hadoop01 ~]#
5.2.通過虛ip訪問服務(wù)
http://192.168.80.100/session-redis-demo/
5.3.停止主節(jié)點(diǎn)keepalived服務(wù)
#在節(jié)點(diǎn)一執(zhí)行(192.168.80.22)
/etc/init.d/keepalived stop
#觀察備節(jié)點(diǎn)變化
ip addr
-------------------------------------------
[root@hadoop01 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:50:56:38:e5:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.21/24 brd 192.168.80.255 scope global eth1
inet 192.168.80.100/32 scope global eth1:1
inet6 fe80::250:56ff:fe38:e546/64 scope link
valid_lft forever preferred_lft forever
[root@hadoop01 ~]#
5.4.繼續(xù)通過虛ip訪問服務(wù)
http://192.168.80.100/session-redis-demo/
6.keepalived+nginx整合
說明:編寫nginx守護(hù)腳本���,如果nginx服務(wù)出現(xiàn)故障,則停止當(dāng)前節(jié)點(diǎn)的keepalived服務(wù)�����。自動切換到備用節(jié)點(diǎn)�����。
6.1.編寫nginx守護(hù)腳本
vi nginx_check.sh
--------------------------------------
#!/bin/bash
while true
do
if [ $(netstat -tlnp|grep nginx|wc -l) -ne 1 ]
then
/etc/init.d/keepalived stop
fi
sleep 2
done
#給腳本授權(quán)
chmod u+x nginx_check.sh
#執(zhí)行腳本
nohup /usr/local/develop/anginx/shell/nginx_check.sh &
6.2.停止主節(jié)點(diǎn)nginx服務(wù)
#停止主節(jié)點(diǎn)nginx服務(wù)
/usr/local/develop/anginx/webserver/nginx/sbin/nginx -s stop
#查找進(jìn)程
[root@hadoop02 ~]# ps -ef |grep nginx
root 15915 1 0 01:51 ? 00:00:00 /bin/bash /usr/local/develop/anginx/shell/nginx_check.sh
root 16516 15753 0 01:54 pts/5 00:00:00 grep nginx
[root@hadoop02 ~]#
#觀察備用節(jié)點(diǎn)變化【服務(wù)正?��!?
ip addr
--------------------------------------
[root@hadoop01 shell]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:50:56:38:e5:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.21/24 brd 192.168.80.255 scope global eth1
inet 192.168.80.100/32 scope global eth1:1
inet6 fe80::250:56ff:fe38:e546/64 scope link
valid_lft forever preferred_lft forever
[root@hadoop01 shell]#
#再次重新啟動主節(jié)點(diǎn)nginx和keepalived服務(wù)
/usr/local/develop/anginx/webserver/nginx/sbin/nginx
/etc/init.d/keepalived start
以上就是本文的全部內(nèi)容��,希望對大家的學(xué)習(xí)有所幫助�,也希望大家多多支持腳本之家���。
