Keepalived使用
利用keepalived软件,实现对nginx负载均衡服务器的高可用,即实现故障自动切换。下面介绍keepalived的安装和使用。
LB_1 : 172.16.2.130 (Nginx负载均衡服务器群1)
LB_2 : 172.16.2.123 (Nginx负载均衡服务器群2)
VIP : 172.16.2.122 (虚拟IP)
keepalived安装
yum install openssl-devel cd /usr/local/soft wget http://www.keepalived.org/software/keepalived-1.2.8.tar.gz tar xzf keepalived-1.2.8.tar.gz cd keepalived-1.2.8 ./configure --prefix=/usr/local/app/keepalived --sysconf=/etc make && make install chmod a+x /etc/init.d/keepalived chkconfig --add keepalived chkconfig keepalived on ln -s /usr/local/sbin/keepalived /usr/sbin/
keepalived的配置
更详细的keepalived配置文件说明可以执行man keepalived.conf查看。
我们假设主服务器IP:172.16.2.130,从服务器ip:172.16.2.123 虚拟ip:172.16.2.122
下面对主服务器的keepalived进行配置:
! Configuration File for keepalived global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id node1 } vrrp_script chk_http_port { script "/opt/nginx_pid.sh" interval 2 weight 2 } vrrp_instance VI_1 { state MASTER ############ 辅机为 BACKUP interface eth0 virtual_router_id 51 mcast_src_ip 172.16.2.123 priority 240 ########### 权值要比 back 高 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_http_port ### 执行监控的服务 } virtual_ipaddress { 172.16.2.122 } }
从服务器:
! Configuration File for keepalived global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script chk_http_port { script "/opt/nginx_pid.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 mcast_src_ip 172.16.2.130 priority 101 ##########权值 要比 master 低。。 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_http_port ### 执行监控的服务 } virtual_ipaddress { 172.16.2.122 } }
之后分别在主从负载均衡服务器建立nginx的监控脚本:
vim /opt/nginx_pid.sh
#!/bin/bash A=`ps -C nginx --no-header |wc -l` if [ $A -eq 0 ];then /usr/local/app/nginx/sbin/nginx sleep 3 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
然后分别启动主从服务器的keepalived:
service keepalived start
测试:
keepalived的测试
我们在主服务器上执行命令ip a,显示如下:
- eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link/ether 00:0c:29:aa:a1:e4 brd ff:ff:ff:ff:ff:ff
- inet 172.16.2.123/22 brd 172.16.3.255scope global eth0
- inet 172.16.2.122/32 scope global eth0
证明主服务器已经绑定了虚拟ip 172.16.2.122
在从服务器上执行命令ip a,显示如下:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link/ether 00:0c:29:2b:94:3b brd ff:ff:ff:ff:ff:ff
- inet 172.16.2.130/22 brd 172.16.3.255 scope global eth0
显示表明从服务器上没有绑定vip 172.16.2.122,只有本机真实ip172.16.2.130
下面我们停止主服务器的keepalived进程,再看看ip绑定情况:
主服务器的情况:
- eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link/ether 00:0c:29:aa:a1:e4 brd ff:ff:ff:ff:ff:ff
- inet 172.16.2.123/22 brd 172.16.3.255scope global eth0
从服务器的情况:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link/ether 00:0c:29:2b:94:3b brd ff:ff:ff:ff:ff:ff
- inet 172.16.2.130/22 brd 172.16.3.255 scope global eth0
- inet 172.16.2.122/32 scope global eth0
由此可见vip 172.16.2.122已经指向了从服务器。