nginx+keepalived高可用性负载均衡

一、前言
nginx进程基于于Master+Slave(worker)多进程模型,自 身具有非常稳定的子进程管理功能。在Master进程分配模式下,Master进程永远不进行业务处理,只是进行任务分发,从而达到Master进程的存 活高可靠性,Slave(worker)进程所有的业务信号都 由主进程发出,Slave(worker)进程所有的超时任务都会被Master中止,属于非阻塞式任务模型。
Keepalived是Linux下面实现VRRP 备份路由的高可靠性运行件。基于Keepalived设计的服务模式能够真正做到主服务器和备份服务器故障时IP瞬间无缝交接。二者结合,可以构架出比较稳定的软件lb方案。
二、nginx+keepalived架构实战
采用两台服务器做nginx主备,后端采用两个realserver(可以随意扩展),数据库采用mysql主从(这里就不说主从的配置了!)
1、 架构图如下:
             
       
Server 
ip
nginx master 
192.168.1.108
nginx backup
192.168.1.110
vip
192.168.1.100
real server1
192.168.1.105
real server2
192.168.1.103
 
2、 安装配置
(1)、安装keepalived(在nginx的mater和backup都安装)
 wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz
tar zxvf keepalived-1.1.19.tar.gz
cd keepalived-1.1.19
./configure --prefix=/usr/local/keepalived
make
make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
mkdir /etc/keepalived
cd /etc/keepalived/
 配置nginx master的keepalived配置文件
[root@zhang1 keepalived]# cat /etc/keepalived/keepalived.conf
 
bal_defs {
        notification_email {
               jimo291@gmail.com
        }
        notification_email_from jimo291@gmail.com
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id test1
 
}
 
vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 51
        priority 100
        advert_int 1
        smtp_alert
        authentication {
                auth_type PASS
                auth_pass 123
        }
        virtual_ipaddress {
                192.168.1.100
        }
}
 
            配置nginx backup的keepalived配置文件
       [root@zhang1 keepalived]# cat /etc/keepalived/keepalived.conf
 
bal_defs {
        notification_email {
                jimo291@gmail.com
        }
        notification_email_from jimo291@gmail.com
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id test2
 
}
 
vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        virtual_router_id 51
        priority 80
        advert_int 1
        smtp_alert
        authentication {
                auth_type PASS
                auth_pass 123
        }
        virtual_ipaddress {
                192.168.1.100
        }
}
 
            启动keepalived!,查看虚拟IP是否绑定!
            [root@zhang1 ~]# /etc/rc.d/init.d/keepalived start
            Starting keepalived:                                       [ OK ]
            [root@zhang1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:65:b4:ed brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.108/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.100/32 scope global eth0
    inet6 fe80::20c:29ff:fe65:b4ed/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:65:b4:f7 brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
         红色部分显示IP已经加载过来了!
 
3、 nginx的安装和配置
 1、创建供Nginx使用的组和帐号:
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
2、编译安装rewrite模块支持包
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.7.tar.gz
tar zxvf pcre-7.7.tar.gz
cd pcre-7.7/
./configure
make && make install
cd ../
3、编译安装Nginx
wget http://sysoev.ru/nginx/nginx-0.7.64.tar.gz
tar zxvf nginx-0.7.64.tar.gz
cd nginx-0.7.64/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-http_flv_module
make && make install
cd ../
4、备份默认nginx.conf配置文件
mv /usr/local/nginx/conf/nginx.conf  /usr/local/nginx/conf/nginx.old
5、配置nginx(两个nginx配置一样!)
[root@linux4 keepalived]# cat /usr/local/nginx/conf/nginx.conf
user    www     www;
worker_processes 8;
pid     /var/run/nginx.pid;
worker_rlimit_nofile 51200;
 
events
{
        use epoll;
        worker_connections      5120;
}
 
http
{
        include           mime.types;
        default_type application/octet-stream;
        charset gb2312;
 
        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
 
        sendfile on;
        tcp_nopush         on;
        keepalive_timeout 60;
 
        tcp_nodelay on;
        gzip on;
        gzip_min_length 1k;
        gzip_buffers         4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 2;
        gzip_types           text/plain application/x-javascript text/css application/xml;
        gzip_vary on;
 
        upstream srtweb {
                server 192.168.1.105:80;
                server 192.168.1.103:80;
        }
 
 
        server {
                listen 80;
                server_name www.carl.com;
 
                location /{
                        proxy_pass      http://srtweb;
                        proxy_set_header Host   $host;
                        proxy_set_header X-Real-IP      $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                }
 
        }
 
}
 
 
4、 测试
首先单独对nginx测试看是否工作正常,(更改hosts文件来测试!)
其次对keepalived进行测试,停掉nginx master上的keepalived,看backup服务器是否接管!

转载声明:本文为红盾科技技术分享平台的原创文章,转载请注明原文地址,谢谢合作

发表评论: