Nginx-6 配置：HA集群部署

引言

在之前我们部署的单节点代理，如果出现故障、宕机，会导致整个程序的崩溃。为解决此问题我们基于Nginx+HAProxy+Keepalived 部署HA（High-Availability）集群，在集群任意一个节点失效的情况下，该节点的所有任务会自动转移到其他正常的节点上，并且不影响整个集群的运行。

备注：

• HAProxy：虚拟地址转发
• Keepalived：监测nginx健康状况

此方案的优点：

1. 实现了可弹性化的架构，在压力增大的时候可以临时添加web服务器添加到这个架构里面去;
2. upstream具有负载均衡能力，可以自动判断后端的机器，并且自动踢出不能正常提供服务的机器；
3. 相对于lvs而言，正则分发和重定向更为灵活。而Keepalvied可保证单个nginx负载均衡器的有效性，避免单点故障；
4. 用nginx做负载均衡，无需对后端的机器做任何改动。
5. nginx部署在docker容器里，即大量地节约开发、测试、部署的时间，又可以在出现故障时通过镜像快速恢复业务。

配置文件准备

创建集群配置存储路径

mkdir /usr/local/docker/docker-nginx-clusters/

haproxy.cfg

global
    log 127.0.0.1 local0
    maxconn 4096
    daemon
    nbproc 4
defaults
    log 127.0.0.1 local3
    mode http
    option dontlognull
    option redispatch
    retries 2
    maxconn 2000
    balance roundrobin
    timeout connect 5000ms
    timeout client 5000ms
    timeout server 5000ms
frontend main
    bind *:6301
    default_backend webserver
backend webserveer
    server nginx_master 127.20.127.50:80 check inter 2000 rise 2 fall 5

keepalived-master.conf

vrrp_script chk_nginx {
    script "pidof nginx"
    interval 2
}
vrrp_instance VI_1 {
    state MASTER
    interface etch0    #容器内部的网卡名称
    virtual_router_id 33
    priority 200    #优先级
    advert_int 1
    autheentication {
        auth_type PASS
        auth_pass letmein
    }
    virtual_ipaddress {
        172.20.128.50    #虚拟路径
    }
    track_script {
        chk_nginx
    }
}

keepalived-slave.conf

vrrp_script chk_nginx {
    script "pidof nginx"
    interval 2
}
vrrp_instance VI_1 {
    state BACKUP
    interface etch0    #容器内部的网卡名称
    virtual_router_id 33
    priority 100    #优先级
    advert_int 1
    autheentication {
        auth_type PASS
        auth_pass letmein
    }
    virtual_ipaddress {
        172.20.128.50    #虚拟路径
    }
    track_script {
        chk_nginx
    }
}

Dockerfile

FROM nginx:1.13.5-alpine
RUN apk update && apk upgrade
RUN apk add --no-cache bash curl ipvsadm iproute2 openrc keepalived
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
CMD ["/entrypoint.sh"]

entrypoint.sh

#!/bin/sh
#/usr/sbin/keepalvined -n -l -D -f /etc/keepalived/keepalived.conf --dont-fork --log-console &
/usr/sbin/keepalvined -D -f /etc/keepalived/keepalived.conf
nginx -g "daemon off;"

index-master.html

<h1>master！</h1>

index-slave.html

<h1>slave！</h1>

docker-compose.yml

version: "3.7"
services:
  nginx_master:
    build:
      context: ./
      dockerfile: ./Dockerfile
    ports:
      -8081:80
    volumes:
      - ./index-master.html:/usr/share/nnginx/html/index.html
      - ./favicon.ico:/usr/share/nnginx/html/favicon.ico
      - ./keepalived-master.conf:/etv/keepalived/keepalived.conf
    networks:
      static-network:
        ipv4_address:172.20.128.2
    cap_add:
      - NET_ADMIN
  nginx_slave:
    build:
      context: ./
      dockerfile: ./Dockerfile
    ports:
      -8082:80
    volumes:
      - ./index-slave.html:/usr/share/nnginx/html/index.html
      - ./favicon.ico:/usr/share/nnginx/html/favicon.ico
      - ./keepalived-slave.conf:/etv/keepalived/keepalived.conf
    networks:
      static-network:
        ipv4_address:172.20.128.3
    cap_add:
      - NET_ADMIN
  proxy:
    image:  haproxy:1.7-apline
    ports:
      - 80:6301
    volumes:
      - ./happroxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
    networks:
      - static-network
networks:
  static-network:
    ipam:
      congig:
        - subnet: 172.20.0.0/16

运行容器服务

docker-compose -f /usr/local/docker/docker-nginx-clusters/docker-pose.yml up

访问80端口