1,什么是Nginx高可用

  • 需要两台nginx服务器
  • 需在keepalived
  • 需要虚拟 ip

image.png

2,准备工用

1,需要2台服务器 192.168.17.129 和 192.168.17.131
2,在2台服务安装 nginx
3,在2台服务器上安装 keepalived
yum install keepalived -y
安装成功后会在/etc目录中生成 keepalived 目录,有文件keepalived.conf

3,配置一

1,完成高可用配置(主从配置)

1,修改/etc/keepalived/keepalivec.conf 配置文

  1. global_defs {
  2.   notification_email {
  3.   acassen@firewall.loc
  4.   failover@firewall.loc
  5.   sysadmin@firewall.loc
  6.   }
  7.   notification_email_from Alexandre.Cassen@firewall.loc
  8.   smtp_server 192.168.17.129
  9.   smtp_connect_timeout 30
  10.   router_id LVS_DEVEL
  11. }
  12. vrrp_script chk_http_port {
  13.   script "/usr/local/src/nginx_check.sh"
  14.   interval 2 #(检测脚本执行的间隔)
  15.   weight 2
  16. }
  17. vrrp_instance VI_1 {
  18.   state BACKUP # 备份服务器上将 MASTER 改为 BACKUP
  19.   interface ens33 //网卡
  20.   virtual_router_id 51 # 主、备机的 virtual_router_id 必须相同
  21.   priority 90 # 主、备机取不同的优先级,主机值较大,备份机值较小
  22.   advert_int 1
  23.     authentication {
  24.   auth_type PASS
  25.   auth_pass 1111
  26. }
  27. virtual_ipaddress {
  28.   192.168.17.50 // VRRP H 虚拟地址
  29.   }
  30. }

2,在/usr/local/src 添加检测脚本

  1. #!/bin/bash
  2. A=`ps -C nginx –no-header |wc -l`
  3. if [ $A -eq 0 ];then
  4.   /usr/local/nginx/sbin/nginx
  5.   sleep 2
  6.   if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
  7.       killall keepalived
  8.   fi
  9. fi

3,把两台服务器上 nginx 和 和 keepalived 启动
启动 nginx :./nginx
启动 keepalived :systemctl start keepalived.service

2,最终测试

  1.  在浏览器地址栏输入  虚拟 ip  地址 192.168.17.50<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/10374550/1611888443513-3d86ef93-e54f-4a90-bd4d-a395f07c7410.png#align=left&display=inline&height=119&margin=%5Bobject%20Object%5D&name=image.png&originHeight=119&originWidth=472&size=66659&status=done&style=none&width=472)<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/10374550/1611888466387-73996378-779e-4857-9a30-1adf0e91013e.png#align=left&display=inline&height=648&margin=%5Bobject%20Object%5D&name=image.png&originHeight=702&originWidth=562&size=192043&status=done&style=none&width=519)

4,配置二

1,测试环境介绍

系统centos7.4 64位
centos6.9 64位
前端node1服务器:DIP:192.168.92.136
VIP1:192.168.92.23
VIP2:192.168.92.24
前端node2服务器:DIP:192.168.92.133
VIP1:192.168.92.24
VIP2:192.168.92.23
后端服务器:web node3:192.168.92.123
web node4:192.168.92.124
web node5:192.168.92.125
我们开始之前先把防火墙和selinux关掉,很多时候我们服务器之间不通都是这些原因造成的。

2、软件安装

Nginx和keepalive的安装非常简单,我们可以直接使用yun来安装。
yum install keepalived nginx -y
后端服务器我们同样用yum来装上Nginx
后端node3

  1. [root@node3 ~]# yum -y install nginx
  2. [root@node3 ~]# echo "this is 192.168.92.123" > /usr/share/nginx/html/index.html 
  3. [root@node3 ~]# service nginx start
  4. [root@node3 ~]# curl 192.168.92.123
  5. this is 192.168.92.123

后端node4

  1. [root@node4 ~]# yum -y install nginx
  2. [root@node4 ~]# echo "this is 192.168.92.124" > /usr/share/nginx/html/index.html 
  3. [root@node4 ~]# service nginx start
  4. [root@node4 ~]# curl 192.168.92.124
  5. this is 192.168.92.124

后端node5

  1. [root@node5 ~]# yum -y install nginx
  2. [root@node5 ~]# echo "this is 192.168.92.125" > /usr/share/nginx/html/index.html 
  3. [root@node5 ~]# service nginx start
  4. [root@node5 ~]# curl 192.168.92.125
  5. this is 192.168.92.125

3、在node1、node2上配置Nginx

  1. [root@node2 ~]# vim /etc/nginx/conf.d/node2.conf     #在扩展配置目录中配置需要注释掉主配置文件中的server部分
  2. upstream web1 {
  3.         #ip_hash;     #hash绑定ip
  4.         server 192.168.92.123:80;
  5.         server 192.168.92.124:80;
  6.         server 192.168.92.125:80;
  7.     }
  8.  server {
  9.         listen       80;
  10.         server_name  www.node.com;
  11.         index index.html index.htm;
  12.         location / {
  13.         proxy_set_header Host $host;
  14.         proxy_set_header X-Forwarded-For $remote_addr;
  15.         proxy_pass http://web1;
  16.         }
  17.       }

4、在node1上配置keepalive

  1. [root@node1 ~]# cat /etc/keepalived/keepalived.conf 
  2. ! Configuration File for keepalived
  3. global_defs {
  4.    notification_email {
  5.     root@localhost
  6.    }
  7.    notification_email_from Alexandre.Cassen@firewall.loc
  8.    smtp_server 127.0.0.1
  9.    smtp_connect_timeout 30
  10.    router_id node1
  11.    vrrp_mcast_gruop4 224.0.100.23
  12. }
  13. vrrp_script chk_haproxy {
  14.     script "/etc/keepalived/chk_nginx.sh"
  15.     interval 2
  16.     weight 2
  17. }
  18. vrrp_instance VI_1 {
  19.     state MASTER
  20.     interface ens37
  21.     virtual_router_id 51
  22.     priority 100
  23.     advert_int 1
  24.     authentication {
  25.         auth_type PASS
  26.         auth_pass 111123
  27.     }
  28.     track_script {
  29.     chk_nginx
  30.     }
  31.     virtual_ipaddress {
  32.         192.168.92.23
  33.     }
  34. }
  35. vrrp_instance VI_2 {
  36.     state BACKUP
  37.     interface ens37
  38.     virtual_router_id 151
  39.     priority 98
  40.     advert_int 1
  41.     authentication {
  42.         auth_type PASS
  43.         auth_pass 123123
  44.     }
  45.     track_script {
  46.     chk_nginx
  47.     }
  48.     virtual_ipaddress {
  49.         192.168.92.24
  50.     }
  51. }

5、在node2上配置keepalive

  1. [root@node2 ~]# cat /etc/keepalived/keepalived.conf 
  2. ! Configuration File for keepalived
  3. global_defs {
  4.    notification_email {
  5.     root@localhost
  6.    }
  7.    notification_email_from Alexandre.Cassen@firewall.loc
  8.    smtp_server 127.0.0.1
  9.    smtp_connect_timeout 30
  10.    router_id node1
  11.    vrrp_mcast_gruop4 224.0.100.23
  12. }
  13. vrrp_script chk_haproxy {
  14.     script "/etc/keepalived/chk_nginx.sh"
  15.     interval 2
  16.     weight 2
  17. }
  18. vrrp_instance VI_1 {
  19.     state BACKUP
  20.     interface ens34
  21.     virtual_router_id 51
  22.     priority 98
  23.     advert_int 1
  24.     authentication {
  25.         auth_type PASS
  26.         auth_pass 111123
  27.     }
  28.     track_script {
  29.     chk_nginx
  30.     }
  31.     virtual_ipaddress {
  32.         192.168.92.23
  33.     }
  34. }
  35. vrrp_instance VI_2 {
  36.     state MASTER
  37.     interface ens34
  38.     virtual_router_id 151
  39.     priority 100
  40.     advert_int 1
  41.     authentication {
  42.         auth_type PASS
  43.         auth_pass 123123
  44.     }
  45.     track_script {
  46.     chk_nginx
  47.     }
  48.     virtual_ipaddress {
  49.         192.168.92.24
  50.     }
  51. }

6、在双主服务器上添加检测脚本

此脚本作用是检测Nginx是否运行,如果没有运行就启动Nginx
如果启动失败则停止keepalive,保证备用服务器正常运行。

  1. [root@node2 ~]# cat /etc/keepalived/chk_nginx.sh 
  2. #!/bin/bash
  3. status=$(ps -C nginx --no-heading|wc -l)
  4. if [ "${status}" = "0" ]; then
  5.             systemctl start nginx
  6.         status2=$(ps -C nginx --no-heading|wc -l)
  7.         if [ "${status2}" = "0"  ]; then
  8.                 systemctl stop keepalived
  9.         fi
  10. fi

7、启动Nginx、keepalive服务

  1. [root@node2 ~]# service nginx start
  2. [root@node2 ~]# service keepalived start
  3. [root@node3 ~]# service nginx start
  4. [root@node3 ~]# service keepalived start

8、查看VIP并测试访问

  1. [root@node2 ~]# ip a
  2. ..........
  3. ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
  4.     link/ether 00:0c:29:ca:0b:2b brd ff:ff:ff:ff:ff:ff
  5.     inet 192.168.92.133/24 brd 192.168.92.255 scope global dynamic ens34
  6.        valid_lft 1293sec preferred_lft 1293sec
  7.     inet 192.168.92.24/32 scope global ens34
  8.        valid_lft forever preferred_lft forever
  9.     inet6 fe80::9bff:2e2b:aebb:e35/64 scope link 
  10.        valid_lft forever preferred_lft forever
  11. .........
  12. [root@node1 ~]# ip a
  13. ..........
  14. ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
  15.     link/ether 00:0c:29:04:b6:17 brd ff:ff:ff:ff:ff:ff
  16.     inet 192.168.92.136/24 brd 192.168.92.255 scope global dynamic ens37
  17.        valid_lft 1567sec preferred_lft 1567sec
  18.     inet 192.168.92.23/32 scope global ens37
  19.        valid_lft forever preferred_lft forever
  20.     inet6 fe80::7ff4:9608:5903:1a4b/64 scope link 
  21.        valid_lft forever preferred_lft forever
  22. ..........
  1. [root@node1 ~]# curl http://192.168.92.23
  2. this is 192.168.92.123
  3. [root@node1 ~]# curl http://192.168.92.23
  4. this is 192.168.92.124
  5. [root@node1 ~]# curl http://192.168.92.23
  6. this is 192.168.92.125
  7. [root@node1 ~]# curl http://192.168.92.24
  8. this is 192.168.92.124

9、测试脚本是否能正常运行

手动停止Nginx后自动恢复启动

  1. [root@node1 ~]# systemctl stop nginx
  2. [root@node1 ~]# ss -tnlp
  3. State       Recv-Q Send-Q         Local Address:Port                        Peer Address:Port              
  4. LISTEN      0      128                        *:80                                     *:*                   users:(("nginx",pid=20257,fd=6),("nginx",pid=20256,fd=6))
  5. LISTEN      0      128                        *:22                                     *:*                   users:(("sshd",pid=913,fd=3))
  6. LISTEN      0      100                127.0.0.1:25                                     *:*                   users:(("master",pid=991,fd=13))
  7. LISTEN      0      128                       :::22                                    :::*                   users:(("sshd",pid=913,fd=4))
  8. LISTEN      0      100                      ::1:25                                    :::*