Nginx+Keepalived負(fù)載均衡

什么是負(fù)載均衡:

負(fù)載均衡(Load Balance)是分布式系統(tǒng)架構(gòu)設(shè)計(jì)中必須考慮的因素之一,它通常是指,將請求數(shù)據(jù)【均勻】分?jǐn)偟蕉鄠€(gè)操作單元上執(zhí)行,負(fù)載均衡的關(guān)鍵在于【均勻】。
  這里我用nginx做負(fù)載均衡,nginx不單可以作為強(qiáng)大的web服務(wù)器,也可以作為一個(gè)反向代理服務(wù)器,而且nginx還可以按照調(diào)度規(guī)則實(shí)現(xiàn)動(dòng)態(tài)、靜態(tài)頁面的分離,可以按照輪詢、ip哈希、權(quán)重等多種方式對后端服務(wù)器做負(fù)載均衡,同時(shí)還支持后端服務(wù)器的健康檢查。

什么是keepalived:

Keepalived的作用是檢測web服務(wù)器的狀態(tài),如果有一臺web服務(wù)器死機(jī),或工作出現(xiàn)故障,Keepalived將檢測到,并將有故障的web服務(wù)器從系統(tǒng)中剔除,當(dāng)web服務(wù)器工作正常后Keepalived自動(dòng)將web服務(wù)器加入到服務(wù)器群中,這些工作全部自動(dòng)完成,不需要人工干涉,需要人工做的只是修復(fù)故障的web服務(wù)器。

配置環(huán)境:

服務(wù)器均為CENTOS7的系統(tǒng)
192.168.1.162: 主Keepalived、nginx 服務(wù)器
192.168.1.163: 備keepalived、nginx 服務(wù)器
192.168.1.164: 虛擬IP地址
192.168.1.147: tomcat應(yīng)用服務(wù)器(后端應(yīng)用服務(wù)器)

關(guān)閉防火墻并關(guān)閉開機(jī)啟動(dòng):

systemctl stop firewalld.service
systemctl disable firewalld.service

關(guān)閉SELinux安全機(jī)制(為避免出現(xiàn)不必要麻煩):

1.臨時(shí)關(guān)閉:
setenforce 0       ##(設(shè)置SELinux 成為permissive模式)
            ##(setenforce 1 設(shè)置SELinux 成為enforcing模式)
2.永久關(guān)閉(修改配置文件需要重啟機(jī)器):
修改/etc/selinux/config
文件將SELINUX=enforcing改為SELINUX=disabled
重啟機(jī)器即可

分別在162、163服務(wù)器上面安裝keepalived、nginx。

安裝keepalived:

yum –y install keepalived

修改配置文件:

主keepalived配置:
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak  ##(將原配置文件備份,防止出錯(cuò)。)
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived
global_defs {
 notification_email {
  admin@lvtao.net                       
}
 notification_email_from Alexandre.Cassen@firewall.loc
 smtp_server mail.smtp.163.com
 smtp_connect_timeout 30
 router_id LVS_DEVEL
}
vrrp_script check_nginx {
 script "/home/nginx_pid.sh"  ##(監(jiān)控NGINX 服務(wù)運(yùn)行shell腳本)   
 interval 2          ##(時(shí)間間隔為2秒檢測一次)                
 weight -15           ##(當(dāng)nginx的進(jìn)程不存在了,就把當(dāng)前的權(quán)重-15)                  
}
vrrp_instance VI_1 {
 state MASTER         ##(主機(jī)為MASTER,備用機(jī)為BACKUP)                  
 interface eth0       ##(網(wǎng)絡(luò)適配器名稱)
 virtual_router_id 51     ##(同一實(shí)例下virtual_router_id必須相同,MASTRE/BACKUP 設(shè)置值要一樣)
 priority 200        ##(定義優(yōu)先級,數(shù)字越大,優(yōu)先級越高,把此份Conf拷貝到另一臺機(jī)器上時(shí),設(shè)置的priority值要比MASTRE權(quán)重值低)
 advert_int 1        ##(#MASTER與BACKUP負(fù)載均衡器之間同步檢查的時(shí)間間隔,單位是秒)                
 authentication {               
  auth_type PASS            
  auth_pass 1111      ##(驗(yàn)證類型和密碼,認(rèn)證密碼主備服務(wù)器之間一定要一致,否則出錯(cuò))         
 }
 track_script {
  check_nginx       ##(檢測腳本,即上面的check_nginx)                    
 }
 virtual_ipaddress {
  192.168.1.164       ##(#設(shè)置虛擬IP,可以有多個(gè)地址,每個(gè)地址占一行,不需掩碼。)         
 }
}

這里不做LVS,刪除后面的virtual_server內(nèi)容部分

上面 nginx_pid.sh 腳本內(nèi)容:

#!/bin/bash
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
 /usr/local/nginx/sbin/nginx
 sleep 5
 if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
 then
 killall keepalived
 fi
fi

從keeplived的配置文件:

! Configuration File for keepalived

global_defs {
   notification_email {
    admin@lvtao.net   
}
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server mail.smtp.163.com
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script check_nginx {
     script "/home/nginx_pid.sh"
     interval 2
     weight 2
     }

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    track_script {
     check_nginx
    }

    virtual_ipaddress {
        192.168.1.164
    }
}

檢查keeplived是否生效:
Master:
啟動(dòng)keepalived之前查看IP addr:

[root@zabbix162 ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:15:5d:01:13:0f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.162/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fe01:130f/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever

啟動(dòng)keepalived:

[root@zabbix162 ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:15:5d:01:13:0f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.162/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 192.168.1.164/32 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fe01:130f/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever

可以看到多了一個(gè)虛擬IP:

  inet 192.168.1.164/32 scope global eth0

將MASTER的keepalived停止,啟動(dòng)BACKUP服務(wù)器上的keepalived,查看是否接管192.168.1.164的虛擬IP,以此方式測試。

設(shè)置keepalived 開機(jī)啟動(dòng):

systemctl enable keepalived.service

參考網(wǎng)站:
http://linux.blog.163.com/blog/static/9297023201099102637777/
http://www.cnblogs.com/liuquan/p/5583816.html
http://www.linuxde.net/2013/04/13381.html

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

推薦閱讀更多精彩內(nèi)容