通过ip地址漂移技术(keepalived)实现高可用和双主节点负载均衡
Master:192.168.1.1 #提供负载均衡
Backup:192.168.1.2 #均衡备机
VIP:192.168.1.250 :虚IP
原理:虚IP 是外网访问的IP地址,通过 keepalived 设置,以及 VRRP 将 VIP 绑定到主机和备机上,通过权重实现控制。当主机宕掉后,keepalived 释放对主机的控制,备机接管虚IP。
1.安装Nginx
http://www.cnblogs.com/wazy/p/8108824.html
2.安装Keepalived
wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
tar -zxf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/3.10.0-514.el7.x86_64/
#可能会出现configure: error: Popt libraries is required
解决方法:
yum -y install popt-devel
再次./configure
make && make install
设置成为服务并开机启动:
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/keepalived/ /etc
/etc/rc.d/init.d/keepalived status
chkconfig --add keepalived
chkconfig keepalived on
3.修改配置文件
1)Master
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.250
}
}
2)Backup
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
mcast_src_ip 192.168.1.2
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.250
}
}
启动keepalivd,然后查看Master的网卡,有两个ip,一个本机ip一个VIP
这时候ping 192.168.1.250应该是通的
实际上这时候 108 是被绑到主机上的。在主机上:
查看系统日志
#tailf /var/log/messages
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.201.100]:443.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.2]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.3]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.4]:1358.
Dec 26 15:30:59 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.5]:1358.
Dec 26 15:31:05 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.201.100]:443.
Dec 26 15:31:05 localhost Keepalived_healthcheckers[38737]: Timeout connect, timeout server [192.168.200.2]:1358.
......
可以看到.VRRP(虚拟路由冗余协议)已经启动.我们可以通过命令 ip addr 来检查主 Nginx 上的 IP 分配情况.
#ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d4:83:a4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.250/32 scope global eth0
inet6 fe80::20c:29ff:fed4:83a4/64 scope link
valid_lft forever preferred_lft forever
#tcpdump 抓包
tcpdump vrrp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:16:37.890619 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:38.892503 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:39.900436 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:40.902613 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:41.905640 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
22:16:42.907636 IP ACA832B0.ipt.aol.com > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
...
到这里我们已经完成了一个 nginx + keepalived
接下来我们可以完善一下,做一个主备切换
加上实时监控,如果发现负载均衡的 Nginx 出现问题,就将该机器上的 Keepalived 服务停掉。
vi /etc/rc.d/init.d/nginxcheck
#!/bin/bash
#描述:这是用于监控nginx服务的脚本
#chkconfig: - 57 75
while :
do
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ]; then
service keepalived stop
sleep 3
echo $nginxpid >> /tmp/nginx_info
elif [ $nginxpid -ne 0 ]; then
service keepalived start
sleep 3
echo $nginxpid >> /tmp/nginx_infoa
fi
done
chkconfig --add nginxcheck
chkconfig nginxcheck on
或者在/etc/rc.local 将脚本放进去
然后关闭nginx看看是否能访问192.168.1.250,以及Backup的vip是否绑定
