背景
? ? ? ? ?前面再说LNMT的架构中Nginx做负载均衡的时候,为了避免Nginx故障导致整体架构瘫痪,我们需要对Nginx做高可用处理,接下来就通过实验来感受一下!
?部署Keepalived
?1.? ? ? ? 主备节点安装keepalived
root@xhz-uos:~# apt install -y keepalived
root@xhz-uos:~# 2.? ? ?Master节点配置
# 拷贝配置模板
root@xhz-uos:/etc/keepalived# cp /usr/share/doc/keepalived/samples/keepalived.conf.vrrp ./
root@xhz-uos:/etc/keepalived# mv keepalived.conf.vrrp keepalived.conf
##修改配置
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from xhz@qq.com
smtp_server 192.168.65.129
smtp_connect_timeout 30
router_id keepalived-MASTER
}
vrrp_instance VI_1 {
state MASTER
interface ens33
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.65.200
}
}
3.? ? ?Backup节点配置?
## 拷贝配置模板
root@xhz-uos:/etc/keepalived# cp /usr/share/doc/keepalived/samples/keepalived.conf.vrrp ./
root@xhz-uos:/etc/keepalived# mv keepalived.conf.vrrp keepalived.conf
#配置文件
root@xhz-uos:/etc/keepalived# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from xhz@qq.com
smtp_server 192.168.65.133
smtp_connect_timeout 30
router_id keepalived-backup
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 90
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.65.200
}
}
4.? ? ?验证结果
?4.1? ? ? ? Master节点
?断开master的网络,vip切换至BACKUP节点。
?恢复MASTER节点的网络,vip又切回至Master
?配置非抢占模式:
1)两个节点的store都必须配置为BACKUP;
2)两个节点都在vrrp_instance中添加nopreempt;
3)其中一个节点的优先级必须高于另外一个节点优先级。
?地址漂移触发条件:
1)keepalived停止运行;
2)网关停止,(监听的网卡断网);
3)无法检查到对方存活:? HTTP_GET|SSL_GET :? 用于应用层检测;脚本检测;TCP_CHECK|SMTP_CHECK|MISC_CHECK: 用于传输层检测
Keepalived? +? Nginx?
? ? ? ? ?配置LNMT架构:LNMT配置
?1.? ?配置Nginx
? ? ? ? ?两台Nginx配置一致
root@nginx:/etc/nginx/conf.d# cat tomcat.conf
upstream tomcat_server {
server 192.168.65.130:8080;
server 192.168.65.131:8080;
}
server {
listen 80;
server_name zrlog.tomcat.com www.zrlog.tomcat.com;
access_log /var/log/nginx/zrlog.access.log main;
location / {
proxy_pass http://tomcat_server;
include proxy_params;
}
}2.? ?修改host解析
192.168.65.200 zrlog.tomcat.com www.zrlog.tomcat.com?3.? 访问测试
?3.1? ? 关闭master上的Nginx服务
? ? ? ? ?此时vip没有漂移,LNMT访问错误。
?3.2? ? 修改Keepalived配置文件
? ? ? ? ?通过自定义vrrp_script自定义检测脚本,来使得vip漂移。
####配置说明:
vrrp_script <SCRIPT_NAME> { #定义一个检测脚本,在global_defs之外配置
script <STRING>|<QUOTED-STRING> #shell命令或脚本路径
interval <INTEGER> #间隔时间,单位为秒,默认1秒
timeout <INTEGER> #超时时间
weight <INTEGER:-254..254> #此值为负数,表示fall((脚本返回值为非0)时,会将此值与本节点权重相加可以降低本节点权重,如果是正数,表示 rise (脚本返回值为0)成功后,会将此值与本节点权重相加可以提高本节点权重,通常使用负值较多
fall <INTEGER> #脚本几次失败转换为失败,建议设为2以上
rise <INTEGER> #脚本连续监测成功后,把服务器从失败标记为成功的次数
user USERNAME [GROUPNAME] #执行监测脚本的用户或组
init_fail #设置默认标记为失败状态,监测成功之后再转换为成功状态
}
###配置实例:
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from xhz@qq.com
smtp_server 192.168.65.129
smtp_connect_timeout 30
router_id keepalived-MASTER
}
vrrp_script check_nginx_server {
script "/etc/keepalived/check_nginx.sh "
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.65.200
}
track_script {
check_nginx_server
}
}
check_nginx_sererv脚本:脚本很简单,只是一个示例
#!/bin/bash
nginx_pid=`pidof nginx |wc -l`
if [ $nginx_pid == 0 ];then
systemctl stop keepalived
fi?3.3? ? 验证
?暂停129的nginx:
?VIP漂移:
?访问依然正常:
?