一、Keepalived工作原理
Keepalived 是一种高性能的服务器高可用或热备解决方案, Keepalived 可以用来防止服务器单点故障的发生,通过配合 Nginx 可以实现 web 前端服务的高可用。Keepalived 以 VRRP 协议为实现基础,用 VRRP 协议来实现高可用性(HA)。
VRRP(Virtual RouterRedundancy Protocol)协议是用于实现路由器冗余的协议,VRRP协议将两台或多台路由器设备虚拟成一个设备,对外提供虚拟路由器 IP(一个或多个),而在路由器组内部,实际拥有这个对外虚拟IP的路由器就是 MASTER。MASTER 实现针对虚拟路由器 IP 的各种网络功能,如 ARP 请求, ICMP,以及数据的转发等。其他设备不拥有该虚拟 IP,状态是 BACKUP,除了接收MASTER 的VRRP 状态通告信息外,不执行对外的网络功能。当主机失效时, BACKUP 将接管原先 MASTER 的网络功能。
VRRP 协议使用多播数据来传输 VRRP 数据, VRRP 数据使用特殊的虚拟源 MAC 地址发送数据。MASTER 路由器定时发送 VRRP 通告信息,表示 MASTER 工作正常以及虚拟路由器 IP(组), BACKUP 只接收 VRRP 数据,不发送数据。如果一定时间内没有接收到 MASTER 的通告信息,各BACKUP 将宣告自己成为 MASTER,发送通告信息,重新进行 MASTER选举。
二、方案规划
VIP IP 主机名 Nginx端口 默认主从
192.168.32.200 192.168.32.128 centos7-master 80 MASTER
192.168.32.200 192.168.32.129 centos7-slaver 80 BACKUP
使用的软件:
CentOS 7.6 x64
keepalived-2.0.20.tar.gz
nginx:1.19-alpine docker镜像
三、安装Nginx
1、拉取nginx镜像
docker pull nginx:1.19.0-alpine
2、在两台机器上,分别创建Nginx容器
192.168.32.128上执行:
docker run -d --restart=always --name nginx_master -p 80:80 nginx:1.19-alpine
192.168.32.129上执行:
docker run -d --restart=always --name nginx_slaver -p 80:80 nginx:1.19-alpine
3、修改Nginx容器内的配置
[root@centos7 ~]# vi /etc/nginx/conf.d/default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
3、修改Nginx容器的主页代码
vi /usr/share/nginx/html/index.html
192.168.32.128 Nginx容器中的标题设置_master
<h1>Welcome to nginx_master! </h1>
192.168.32.129 Nginx容器中的标题设置_slaver
<h1>Welcome to nginx_slaver! </h1>
4、关闭系统防火墙
firewall-cmd--state #查看防火墙状态
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
5、在两台机器上,分别重启Nginx容器
192.168.32.128上执行:
docker restart nginx_master
192.168.32.129上执行:
docker restart nginx_slaver
6、浏览器分别访问两个站点,验证Nginx部署
四、源码安装 Keepalived
1、访问https://www.keepalived.org/download.html,下载最新版的keepalived源码包到当前用户根目录。
cd ~
wget https://www.keepalived.org/software/keepalived-2.0.20.tar.gz
2、安装keepalived环境依赖
yum install -y gcc openssl-devel popt-devel ipvsadm
3、解压编译源码安装
tar -zxvf keepalived-2.0.20.tar.gz
mv keepalived-2.0.20 /usr/
cd /usr/keepalived-2.0.20
./configure --prefix=/usr/keepalived-2.0.20
make && make install
4、 将 keepalived 安装成 Linux系统服务
keepalived的默认路径是/usr/local ,编译安装完成之后,需要复制配置文件到默认路径。
mkdir /etc/keepalived
cp /usr/keepalived-2.0.20/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/keepalived-2.0.20/keepalived/etc/init.d/keepalived /etc/init.d/
cp /usr/keepalived-2.0.20/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/keepalived-2.0.20/bin/keepalived /usr/bin/
ln -s /usr/keepalived-2.0.20/sbin/keepalived /sbin/
设置 keepalived 服务开机启动
systemctl enable keepalived.service
systemctl start keepalived.service
5、修改 Keepalived 配置文件
192.168.32.128节点配置文件修改:
[root@centos7 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id CentOS7.6 #节点标识字条串,通常为hostname
}
#配置 nginx 状态检测
vrrp_script chk_nginx {
script "/usr/keepalived-2.0.20/container_check.sh" #脚本存放路径
interval 1 #检测时间间隔
weight -20 #配置节点权重
}
## 定义虚拟路由, VI_1 为虚拟路由的标示符
vrrp_instance VI_1 {
state MASTER # 主节点为 MASTER, 对应的备份节点为 BACKUP
interface ens33 #绑定虚拟 IP 的网络接口,与本机 IP 地址接口相同
virtual_router_id 33 #虚拟路由的 ID 号, 两个节点设置必须一样
mcast_src_ip 192.168.32.128 #本机 IP 地址
priority 101 # 节点优先级,值范围 0-254,MASTER要比BACKUP高
nopreempt #配置MASTER异常恢复后再次抢占
advert_int 1 # 组播信息发送间隔,两个节点设置必须一样, 默认 1s
#设置验证信息,两个节点必须一致
authentication {
auth_type PASS
auth_pass 1111 #自定义配置
}
#将 track_script 块加入 instance 配置块
track_script {
chk_nginx #执行Nginx状态检测的服务
}
# 设置虚拟 IP 池, 两个节点设置必须一样
virtual_ipaddress {
192.168.32.200 #虚拟 ip,可以定义多个
}
}
192.168.32.129节点配置文件修改:
[root@centos7 ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id CentOS7.6
}
vrrp_script chk_nginx {
script "/usr/keepalived-2.0.20/container_check.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 33
mcast_src_ip 192.168.32.129
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.32.200
}
}
6、 编写Nginx容器状态检测脚本
脚本要求:判断nginx容器状态,若未运行则尝试启动,启动不成功则停止keepalived服务,让虚拟 ip 漂移到 BACKUP机则器上。
内容如下:
[root@centos7 ~]# vi /usr/keepalived-2.0.20/container_check.sh
#!/bin/bash
containerName=nginx_master #容器名称,BACKUP机器为nginx_slaver
time=$(date "+%Y-%m-%d %H:%M:%S")
echo "Nginx状态检查开始,当前时间是"$time >> checkLog.txt 2>&1
#判断容器是否启动
exist=`docker inspect --format '{{.State.Running}}' ${containerName}`
#如果存在,关闭并删除该容器
echo "Nginx容器启动状态1为"$exist >> checkLog.txt 2>&1
if [ "${exist}" != "true" ]
then
docker start ${containerName}
sleep 3
#再次判断容器是否启动
exist=`docker inspect --format '{{.State.Running}}' ${containerName}`
echo "Nginx容器启动状态2为"$exist >> checkLog.txt 2>&1
if [ "${exist}" != "true" ]
then
systemctl stop keepalived
else
echo ${containerName}" is start up!!!" >> checkLog.txt 2>&1
fi
else
echo ${containerName}" is already up!!!" >> checkLog.txt 2>&1
fi
给脚本赋执行权限:
chmod +x /usr/keepalived-2.0.20/container_check.sh
7、 启动Keepalived服务,各节点分别执行
systemctl start keepalived
8、 验证Keepalived+Nginx的高可用配置
两台机器同时Nginx和Keepalived,通过VIP(192.168.32.200)来访问Nginx,主页显示如下:
停止192.168.32.128上的keepalived服务,主页显示如下:
在启动192.168.32.128上的keepalived服务,主页显示如下:
手动停止nginx_master容器,keepalived会调用脚本再启动,检测时间间隔1s,浏览器端不会感知到。因此,测试中可以将间隔调大,以验证自动检测脚本是否正常工作。至此,Keepalived + Nginx 实现高可用 Web 负载均衡搭建完毕。
网友评论