1、什么是 nginx 高可用
-
(1)需要两台 nginx 服务器
-
(2)需要 keepalived
-
(3)需要虚拟 ip
2、配置高可用的准备工作
(1)需要两台服务器 192.168.17.129 和 192.168.17.131
(2)在两台服务器安装 nginx
(3)在两台服务器安装 keepalived
3、在两台服务器安装 keepalived
(1)keepalived进行安装
参考:https://www.cnblogs.com/Amywangqing/p/14768232.html
(2)查看keepalived是否启动
ps -aux | grep keepalived
(3)安装之后,在 /etc 里面生成目录 keepalived,有文件 keepalived.conf
keepalived启动成功后,先关闭keepalived在关闭nginx,在配置高可用
systemctl stop keepalived.service
./nginx -s stop
4、完成高可用配置(主从配置)
Keepalived + Nginx 配合使用
主机192.168.17.129 Nginx
(1)根据原本的keepalived.conf 自己修改/etc/keepalived/keepalivec.conf
配置文件
! Configuration File for keepalived
#全局配置
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.17.129 # 主服务器IP地址
smtp_connect_timeout 30
router_id LVS_DEVEL # 主机名字是在hosts里面配置的如:127.0.0.1 LVS_DEVEL,也可以是主机IP
}
#脚本配置
vrrp_script chk_http_port {
script "/usr/local/src/nginx_check.sh" #检测脚本的位置
interval 2 #(检测脚本执行的间隔)
weight 2 # 权重
}
#虚拟IP的配置
vrrp_instance VI_1 {
state MASTER # 备份服务器上将 MASTER 改为 BACKUP
interface eth1 # 网卡,通过ifconfig查看你自己的网卡
virtual_router_id 51 # 主、备机的 virtual_router_id 必须相同
priority 100 # 主、备机取不同的优先级,主机值较大,备份机值较小
advert_int 1 #每隔1秒发送一个心跳检测一下,主机是否还活着
#使用权限的一种方式,需要密码,密码为1111
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.17.50 # VRRP H 虚拟地址IP,可以绑定多个虚拟地址IP
}
}
我的真实的keepalived.conf
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } #脚本配置 vrrp_script chk_http_port { script "/usr/local/src/nginx_check.sh" #检测脚本的位置 interval 2 #(检测脚本执行的间隔) weight 2 # 权重 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.16 192.168.200.17 192.168.200.18 } } virtual_server 192.168.200.100 443 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.201.100 443 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.2 1358 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP sorry_server 192.168.200.200 1358 real_server 192.168.200.2 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.3 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.3 1358 { delay_loop 3 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.200.4 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.5 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } }
(2)在/usr/local/src
添加检测脚本:nginx_check.sh
#!/bin/bash
A=`ps -C nginx –no-header | wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx #检测nginx是否挂掉
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
从机 Nginx
(1)修改/etc/keepalived/keepalivec.conf
配置文件
! Configuration File for keepalived #全局配置 global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.17.129 # 主服务器IP地址 smtp_connect_timeout 30 router_id LVS_DEVEL # 主机名字是在hosts里面配置的如:127.0.0.1 LVS_DEVEL,也可以是主机IP } #脚本配置 vrrp_script chk_http_port { script "/usr/local/src/nginx_check.sh" #检测脚本的位置 interval 2 #(检测脚本执行的间隔) weight 2 # 权重 } #虚拟IP的配置 vrrp_instance VI_1 { state BACKUP # 备份服务器上将 MASTER 改为 BACKUP interface eth1 # 网卡,通过ifconfig查看你自己的网卡 virtual_router_id 51 # 主、备机的 virtual_router_id 必须相同 priority 90 # 主、备机取不同的优先级,主机值较大,备份机值较小 advert_int 1 #每隔1秒发送一个心跳检测一下,主机是否还活着 #使用权限的一种方式,需要密码,密码为1111 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.17.50 # VRRP H 虚拟地址IP,可以绑定多个虚拟地址IP } }
(2)在/usr/local/src
添加检测脚本:nginx_check.sh
#!/bin/bash A=`ps -C nginx –no-header | wc -l` if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx #检测nginx是否挂掉 sleep 2 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
启动 Nginx
分别启动主从 Nginx ,切换到/usr/local/nginx/sbin/,执行
./nginx
启动 Nginx ,如果已经启动过,就选择重启
./nginx -s reload
测试 Nginx 是否启动成功
ps -ef | grep nginx
启动 keepalived
启动keepalived
systemctl start keepalived.service
验证keepalived是否启动成功
ps -aux | grep keepalived
通过命令ip a可用查看主机是否绑定了虚拟IP
注意:如果只做一台主服务器的话,没有做从服务器的话,通过虚拟IP是访问不了nginx
5、最终测试
(1)在浏览器地址栏输入 虚拟 ip 地址:http://192.168.17.50/
此时便可以通过虚拟 ip 地址访问到 Nginx 。
(2)把主服务器(192.168.17.129)nginx 和 keepalived 停止,再输入 192.168.17.50
关闭keepalived
systemctl stop keepalived.service
关闭nginx
./nginx -s stop
在浏览器地址栏输入 虚拟 ip 地址:http://192.168.17.50/
此时主机 192.168.17.130 宕机了,从机变为主机。