一、場景需求

二、Keepalived 簡要介紹

Keepalived 是一種高性能的服務器高可用或熱備解決方案，Keepalived 可以用來防止服務器單點故障的發(fā)生，通過配合 Nginx 可以實現(xiàn) web 前端服務的高可用。

Keepalived 以 VRRP 協(xié)議為實現(xiàn)基礎，用 VRRP 協(xié)議來實現(xiàn)高可用性(HA)。VRRP(VirtualRouter

Redundancy Protocol)協(xié)議是用于實現(xiàn)路由器冗余的協(xié)議，VRRP 協(xié)議將兩臺或多臺路由器設備虛擬成一個設備，對外提供虛擬路由器 IP(一個或多個)，而在路由器組內(nèi)部，如果實際擁有這個對外 IP 的路由器如果工作正常的話就是 MASTER，或者是通過算法選舉產(chǎn)生，MASTER 實現(xiàn)針對虛擬路由器 IP 的各種網(wǎng)絡功能，

如 ARP 請求，ICMP，以及數(shù)據(jù)的轉(zhuǎn)發(fā)等；其他設備不擁有該虛擬 IP，狀態(tài)是 BACKUP，除了接收 MASTER 的VRRP 狀態(tài)通告信息外，不執(zhí)行對外的網(wǎng)絡功能。當主機失效時，BACKUP 將接管原先 MASTER 的網(wǎng)絡功能。VRRP 協(xié)議使用多播數(shù)據(jù)來傳輸 VRRP 數(shù)據(jù)，VRRP 數(shù)據(jù)使用特殊的虛擬源 MAC 地址發(fā)送數(shù)據(jù)而不是自身網(wǎng)卡的 MAC 地址，VRRP 運行時只有 MASTER 路由器定時發(fā)送 VRRP 通告信息，表示 MASTER 工作正常以及虛擬路由器 IP(組)，BACKUP 只接收 VRRP 數(shù)據(jù)，不發(fā)送數(shù)據(jù)，如果一定時間內(nèi)沒有接收到 MASTER 的通告信息，各 BACKUP 將宣告自己成為 MASTER，發(fā)送通告信息，重新進行 MASTER 選舉狀態(tài)。

三、方案規(guī)劃

四、安裝 Nginx

1、安裝編譯?Nginx 所需的依賴包

Connecting to 192.168.1.121:22...

Connection established.

To escape to local shell, press 'Ctrl+Alt+]'.

Last login: Sat Apr 16 17:55:20 2016 from 192.168.1.61

[root@edu-proxy--01 ~]#?yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel

2、上傳?Nginx(nginx-1.6.2.tar.gz)到?/usr/local/src?目錄

3、編譯安裝?Nginx

[root@edu-proxy--01 ~]#?cd /usr/local/src/

[root@edu-proxy--01 src]# ls

keepalived-1.2.18.tar.gz ?nginx-1.6.2.tar.gz

[root@edu-proxy--01 src]# tar -zxvf nginx-1.6.2.tar.gz

[root@edu-proxy--01 src]# cd nginx-1.6.2

[root@edu-proxy--01 nginx-1.6.2]#?./configure --prefix=/usr/local/nginx

[root@edu-proxy--01 nginx-1.6.2]#?make && make install

[root@edu-proxy--01 nginx-1.6.2]#?vi /usr/local/nginx/conf/nginx.conf

user ?root;

worker_processes ?1;

#error_log ?logs/error.log;

#error_log ?logs/error.log ?notice;

#error_log ?logs/error.log ?info;

#pid ? ? ? ?logs/nginx.pid;

events {

worker_connections ?1024;

}

http {

include ? ? ? mime.types;

default_type ?application/octet-stream;

#log_format ?main ?'$remote_addr - $remote_user [$time_local] "$request" '

# ? ? ? ? ? ? ? ? ?'$status $body_bytes_sent "$http_referer" '

# ? ? ? ? ? ? ? ? ?'"$http_user_agent" "$http_x_forwarded_for"';

#access_log ?logs/access.log ?main;

sendfile ? ? ? ?on;

#tcp_nopush ? ? on;

#keepalive_timeout ?0;

keepalive_timeout ?65;

#gzip ?on;

server {

listen ? ? ? 88;

server_name ?localhost;

#charset koi8-r;

#access_log ?logs/host.access.log ?main;

location / {

root ? html;

index ?index.html index.htm;

}

#error_page ?404 ? ? ? ? ? ? ?/404.html;

# redirect server error pages to the static page /50x.html

error_page ? 500 502 503 504 ?/50x.html;

location = /50x.html {

root ? html;

}

}

}

修改 Nginx?歡迎首頁內(nèi)容（用于后面測試，用于區(qū)分兩個節(jié)點的 Nginx）：

vi /usr/local/nginx/html/index.html

192.168.1.121 中的標題加?1

Welcome to nginx!?1

192.168.1.122 中的標題加?2

Welcome to nginx!?2

5、系統(tǒng)防火墻打開對應的端口?88

vi /etc/sysconfig/iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport?88?-j ACCEPT

service iptables restart

6、測試?Nginx 是否安裝成功

/usr/local/nginx/sbin/nginx -t

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok

nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

7、啟動?Nginx

/usr/local/nginx/sbin/nginx

重啟

/usr/local/nginx/sbin/nginx -s reload

8、設置?Nginx 開機啟動

vi /etc/rc.local

加入

/usr/local/nginx/sbin/nginx

分別訪問兩個nginx

nginx1

2.nginx2

五、安裝 Keepalived?（http://www.keepalived.org/download.html）

1、上傳或下載?keepalived（keepalived-1.2.18.tar.gz）到?/usr/local/src?目錄

2、解壓安裝

cd /usr/local/src

tar -zxvf keepalived-1.2.18.tar.gz

cd keepalived-1.2.18

./configure --prefix=/usr/local/keepalived

make && make install

3、將?keepalived 安裝成Linux系統(tǒng)服務：

因為沒有使用 keepalived?的默認路徑安裝（默認是/usr/local）,安裝完成之后，需要做一些工作

復制默認配置文件到默認路徑

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

復制 keepalived?服務腳本到默認的地址

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

ln -s /usr/local/sbin/keepalived /usr/sbin/

ln -s /usr/local/keepalived/sbin/keepalived /sbin/

設置 keepalived?服務開機啟動

chkconfig keepalived on

4、修改?Keepalived 配置文件

注意，如果linux用的網(wǎng)卡是eth0,interface就要寫成eth1，用的是eth1就要寫成eth1

(1) MASTER 節(jié)點配置文件（192.168.1.121）

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id edu-proxy-01

}

vrrp_script chk_nginx {

script "/etc/keepalived/nginx_check.sh"

interval 2

weight -20

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 51

mcast_src_ip?192.168.1.121

priority 100

nopreempt

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

track_script {

chk_nginx

}

virtual_ipaddress {

192.168.1.120

}

BACKUP節(jié)點配置 （192.168.1.122）

! Configuration File for keepalived

global_defs {

router_id edu-proxy-02

}

vrrp_script chk_nginx {

script "/etc/keepalived/nginx_check.sh"

interval 2

weight -20

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 51

mcast_src_ip?192.168.1.122

priority 90

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

track_script {

chk_nginx

}

virtual_ipaddress {

192.168.1.120

}

}

5.編寫Nginx狀態(tài)檢測腳本/etc/keepalived/nginx_check.sh(keepalived.conf中配置)

腳本要求:如果nginx停止運行，嘗試啟動，如果無法啟動則殺死本機的keepalived進程，keepaied將虛擬ip綁定到BACKUP機器上，內(nèi)容如下

#!/bin/bash

A=`ps -C nginx –no-header |wc -l`

if [ $A -eq 0 ];then

/usr/local/nginx/sbin/nginx

sleep 2

if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then

killall keepalived

fi

fi

保存后給腳本授鄧權(quán)限

chmod -x /etc/keepalived/nginx_check.sh

6.啟動keepalived

serivce keepalived start

我們在cmd中查看arp

在edu-proxy-01

[root@edu-proxy--01 keepalived]# ip add

這里我們訪問192.168.1.120:88

7.Keepalived+nginx的高可用測試

(1)關(guān)閉192.168.1.121的Nginx,Keepalived會將它重新啟動

[root@edu-proxy--01 keepalived]# /usr/local/nginx/sbin/nginx -s stop

(2)關(guān)閉192.168.1.121中的Keepalived,VIP會切換到192.168.1.122中

[root@edu-proxy--01 keepalived]#?service keepalived stop

root@edu-proxy-02 keepalived]#?ip add

查看虛擬ip

說明此時VIP已經(jīng)漂移到主機192.168.1.122上了

再能過VIP來訪問Nginx集群，訪問到的也是192.168.1.122

(3)重新啟動192.168.1.121中的Keepalived,VIP又會切回到192.168.1.121中來

[root@edu-proxy--01 keepalived]# service keepalived start

查看虛擬機IP

ip add

Keepalived啟動后，網(wǎng)絡接口上又會創(chuàng)建出VIP192.168.1.120

Keepalived服務管理命令:

停止: service keepalived stop

啟動: service keepalived start

重啟: service keepalived restart

查看狀態(tài): service keepalived status

其他參考資料:

keepalived之vrrp_script總結(jié):http://my.oschina.NET/hncscwc/blog/158746

keepalived雙機熱備實現(xiàn)故障時發(fā)送郵件通知:http://www.2cto.com/os/201407/317795.html

基于keepalived實現(xiàn)VIP轉(zhuǎn)移，lvs,nginx的高可用;:http://www.tuicool.com/articles/eu26Vz