最近一直想弄懂负载均衡的东东,之前也没怎么了解,感觉自己out了,所以最近学习了下keepalived+nginx,后面再介绍nginx+http负载均衡。
所以特地装了两个虚拟机来测试,具体怎么安装虚拟机,可以参考我转载的一篇文章:
https://www.cnblogs.com/zgz21/articles/11148203.html
因为是新装的两个虚拟机,很多依赖包没安装,所以导致后面出现了一些问题,具体下面再聊聊。
首先,到官网下载安装包:
https://www.keepalived.org/download.html
http://nginx.org/en/download.html
我下载的都是最新的安装包:keepalived-2.0.17.tar.gz,nginx-1.17.1.tar.gz。
一.安装Nginx
1.安装编译Nginx所需的依赖包
# yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel
2.上传nginx-1.17.1.tar.gz到/usr/local/src
3.编译安装Nginx
# cd /usr/local/src
# tar -zxvf nginx-1.17.1.tar.gz
# cd nginx-1.17.1
# ./configure --prefix=/usr/local/nginx
# make && make install
4.配置Nginx
# vi /usr/local/nginx/conf/nginx.conf
#user nobody; user root; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 88; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ .php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ .php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
配置Nginx首页,标识区分是不同的Nginx服务(用于测试):
# vi /usr/local/nginx/html/index.html
192.168.0.103的标题加103
<h1>Welcome to nginx!103</h>
192.168.0.102的标题加102
<h1>Welcome to nginx!102</h>
5.系统防火墙打开对应的端口 88
# vi /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 88 -j ACCEPT
# serivce iptables restart
6.启动Nginx
/usr/local/nginx/sbin/nginx
7.设置开机启动
# vi /etc/rc.local
添加:
/usr/local/nginx/sbin/nginx
注意:要给rc.local添加执行权限,不然不起效果(chmod +x /etc/rc.local)
8.分别访问两个Nginx:
二.安装keepalived
1.上传keepalived-2.0.17.tar.gz到/usr/local/src
2.编译安装keepalived
# cd /usr/local/src
# tar -zxvf keepalived-2.0.17.tar.gz
# cd keepalived-2.0.17
# ./configure --prefix=/usr/local/keepalived
# make && make install
3.将keepalived安装成Linux系统服务:
因为没有使用keepalived的默认路径安装(默认是/usr/local),安装后,需要做一些工作
复制默认配置文件到默认路径
# mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
复制keepalived服务脚本到默认地址
# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# ln -s /usr/local/sbin/keepalived /usr/sbin/
# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
设置keepalived服务开机启动
# chkconfig keepalived on
4.修改配置文件
(1)MASTER(192.168.0.103)的keepvalied.conf配置
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs { #notification_email { # acassen@firewall.loc # failover@firewall.loc # sysadmin@firewall.loc #} #notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id bogon #vrrp_skip_check_adv_addr #vrrp_strict #vrrp_garp_interval 0 #vrrp_gna_interval 0 }
#检测Nginx的脚本 vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" #脚本路径 interval 2 weight -20 } vrrp_instance VI_1 { state MASTER interface enp0s3 #网络接口 ip a 命令可以查看 virtual_router_id 51 mcast_src_ip 192.168.0.103 priority 100 #nopreempt advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_nginx }
virtual_ipaddress { 192.168.0.104 } }
(2)BACKUP(192.168.0.102)的keepvalied.conf配置
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs { #notification_email { # acassen@firewall.loc # failover@firewall.loc # sysadmin@firewall.loc #} #notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id bogon #vrrp_skip_check_adv_addr #vrrp_strict #vrrp_garp_interval 0 #vrrp_gna_interval 0 } vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" interval 2 weight -20 } vrrp_instance VI_1 { state BACKUP interface enp0s3 virtual_router_id 51 mcast_src_ip 192.168.0.102 priority 90 #要比MASTER的权重小 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_nginx } virtual_ipaddress { 192.168.0.104 } }
(3)检测Nginx的脚本,因为不检测的话,Nginx挂了,keepalived还没杀死进程的话,keepalived是还会继续生效。所以写个Nginx检测脚本,如果Nginx挂了,
也杀死keepalived
/etc/keepalived/nginx_check.sh
#!/bin/bash n=`ps -C nginx --no-heading|wc -l` echo $n; if [ $n -eq "0" ]; then killall keepalived fi
注意:因为脚本检测的原因,要先启动MASTER机器的Nginx,再启动MASTER机器的keepalived,然后就是启动BACKUP机器的Nginx,再启动BACKUP机器的keepalived.
启动完之后,就可以通过192.168.0.104:88来访问了,但问题来了,103是主节点,但是显示的是102的Nginx首页,原因是103跟102的keepalived的通信有问题,好像缺少了
个依赖包:kdump(yum install kexec-tools),导致102以为103挂了,自己升为MASTER了,所以一定要检查依赖包是否都安装了。
可以自己测试,关掉103的Nginx,访问104是否转移到102。
(4)检测VIP对应的MAC地址,Windos的CMD命令查看(下图可以看出VIP目前映射的是103机器):
以上描述如有误,请联系我得以修改出错地方,谢谢。