前言首先介绍一下Keepalived,它是一种高性能的服务器高可用或双机热备方案。它最初是为LVS负载均衡软件设计的。Keepalived主要是为了防止服务器单点故障,通过它与Nginx的配合可以实现web服务器的高可用。Keepalived基于VRRP协议。VRRP是虚拟路由器冗余协议(VirtualRouterRedundancyProtocol)的缩写。VRRP协议将两台或多台路由器设备虚拟成一台设备,对外提供虚拟路由器IP(一个或多个)。.VRRP的目的是解决静态路由的单点故障问题。它可以保证当个别节点宕机时,整个网络可以不间断地运行。下面介绍一下nginxkeepalived高可用方案的部署安装。环境准备在两台主机准备如下压缩文件:keepalived-2.0.20.tar.gznginx-1.16.1.tar.gz虚拟IP真实IPnginx端口master-slave192.168.124.20192.168.124.1380MASTER192.168.124.20192.168.124.1480BACKUP安装nginx,新建用户:useraddtianyan确定安装目录。我这里的安装目录是:/home/tianyan/tianyan_soft/nginx.install。在该目录下新建两个目录用于安装nginx和keepalived,解压两个压缩包。执行安装命令:./configure--prefix=/home/tianyan/tianyan_soft/nginx.install\--sbin-path=/home/tianyan/tianyan_soft/nginx.install/sbin/nginx--conf-path=/home/tianyan/tianyan_soft/nginx.install/conf/nginx.conf\--error-log-path=/home/tianyan/tianyan_soft/nginx.install/error.log\--http-log-path=/home/tianyan/tianyan_soft/nginx.install/access.log\--pid-path=/home/tianyan/tianyan_soft/nginx.install/nginx.pid\--lock-path=/home/tianyan/tianyan_soft/nginx.install/nginx.lock\--user=tianyan--group=tianyan\--with-http_stub_status_module\--with-http_gzip_static_module\--with-http_ssl_module\--with-http_realip_module\--with-threads\--with-pcre\--http-client-body-temp-path=/home/tianyan/tianyan_soft/nginx.install/client/\--http-proxy-temp-path=/home/tianyan/tianyan_soft/nginx.install/proxy/\--http-fastcgi-temp-path=/home/tianyan/tianyan_soft/nginx.install/fcgi/\--http-uwsgi-temp-path=/home/tianyan/tianyan_soft/nginx.install/uwsgi\--http-scgi-temp-path=/home/tianyan/tianyan_soft/nginx.install/scgi如果报错记得安装相关依赖:yuminstallgccgcc-c++nginx:[emerg]bind()to0.0.0.0:80failed(13:Permissiondenied)注意:非root权限启动时,会出现nginx:[emerg]bind()to0.0.0.0:80failed(13:Permissiondenied)错误。原因:linux中只有root用户才能使用1024以下的端口解决方法:1、以root权限启动2、将/usr/local/nginx/conf/nginx.conf文件中的80端口修改为1024以上。安装keepalived./configure--prefix=/usr/local/keepalived上面的命令执行完后继续执行:make&&makeinstall安装完成后目录如下:将配置文件复制到系统对应目录mkdir/etc/keepalivedcp/usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived/keepalived.confcp/usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/keepalived编辑主节点keepalived.confvim/etc参考/keepalived/keepalived.conf内容如下:ConfigurationFileforkeepalivedglobal_defs{#一个名字不重复即可router_idhyq_slave}#ng是否运行vrrp_scriptchk_nginx{script"/etc/keepalived/nginx_check.sh"interval2weight-20}vrrp_instanceVI_1{stateBACKUP#必选,可以是MASTER或BACKUP接口ens33virtual_router_id101priority90advert_int1#如果在两个节点的上行链路交换机上禁用多播,那么将使用vrrp单播通知#本地ipunicast_src_ip192.168.124.14unicast_peer{#其他机器ip192.168.124.13}#设置nopreempt防止资源抢占nopreemptauthentication{auth_typePASSauth_pass1111}#对应上面的nginx健康检测track_script{chk_nginx}virtual_ipaddress{192.168.124.20}}编辑从节点的keepalived.confvim/etc/keepalived/keepalived.conf!ConfigurationFileforkeepalivedglobal_defs{#Anamethatnotrepeatrouter_idhyq_slave}#ng是否运行vrrp_scriptchk_nginx{script"/etc/keepalived/nginx_check.sh"interval2weight-20}vrrp_instanceVI_1{stateBACKUP#必填,可以MASTERorBACKUPinterfaceens33virtual_router_id101#priorityint90ad如果两个节点的上行交换机都关闭了组播,则采用vrrp单播通知的方式#Localipunicast_src_ip192.168.124.14unicast_peer{#Othermachineip192.168.124.13}#设置nopreempt防止资源抢占nopreemptauthentication{auth_typePASSauth_pass1111}#和上面的nginx健康检测相呼应track_script{chk_nginx}virtual_ipaddress{192.168.124.20}}写nginx_check.sh脚本,在/etc/新建nginx_check.sh脚本keepalived目录touchnginx_che编辑ck.sh如下:#!/bin/shA=`ps-Cnginx--no-header|wc-l`if[$A-eq0]then/usr/sbin/nginxsleep1A2=`ps-Cnginx--no-header|wc-l`if[$A2-eq0]thensystemctlstopkeepalivedfifi表示:如果nginx停止运行,尝试启动它,但如果启动失败,则杀死本地keepalived进程,keepalied会将虚拟ip绑定到BACKUP机器上注意:/usr/sbin/nginx是nginx的启动命令,如果安装到其他目??录,相应替换。Keepalived日志Keepalived日志的默认位置在/var/log/messages目录中。让我们稍微修改一下。由于系统是centos7,修改位置为:/lib/systemd/system/keepalived.service原内容:EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalivedExecStart=/usr/local/keepalived/sbin/keepalived$KEEPALIVED_OPTIONS改为:reloadservicesystemctldaemon-reload修改后创建命令软连接:ln-s/usr/local/keepalived/sbin/keepalived/usr/sbin/keepalived执行:keepalived-D-f/etc/keepalived/keepalived.conf-D会把log输出到message日志,默认log也是message-f是指定配置文件修改/etc/sysconfig/keepalived,将KEEPALIVED_OPTIONS="-D"改为:KEEPALIVED_OPTIONS="-D-d-S0”在/etc/rsyslog.conf末尾添加local0.*/var/log/keepalived.log最后执行命令:servicersyslogrestart重启keepalived后可以看到日志是在/var/log/keepalived.log下。测试验证VIPkeepalived和nginx都启动后,我们来测试一下。首先在浏览器中访问三个地址http://192.168.124.20(vip)http://192.168.124.13(master)http://192.168.124.14(slave)我修改了nginx的index.html,可以看到即当前vip指向13的master节点:然后,我们手动停止13上的nginx,再次访问http://192.168.124.20。这意味着安装成功。其中,可以通过ipaddress命令观察网卡的变化。至此,我们就完成了keepalived+nginx主从配置的安装部署。思考:如何开启双主模式?什么是双主模式?分别介绍一下两种配置1.Nginx+keepalived主从配置上面介绍了这个方案,使用vip地址,前端使用2台机器,一台为主备,但是只有一台机器在同时工作,另一台备份机在主机不发生故障时一直处于废弃状态,仅用于容灾,平时闲置。2、Nginx+keepalived双主配置方案,使用两个vip地址,前端使用两台机器,互为主备,两台机器同时工作。当其中一台机器出现故障时,将两台机器的请求转移到一台机器负担,如下图:【实战】elasticsearch写入速度提升案例分享使用java制作微信群聊机器人,可以使money(PC协议)Mysql百万级数据高效导入Redisjava在线故障分析+性能调优
