前言
nginx使用docker部署;keepalived使用传统部署。 准备两台服务器:192.168.1.6 和192.168.1.7
| 名称 | IP地址 | 用途 |
|---|---|---|
| 01-master | 192.168.1.6 | 主节点(MASTER) |
| 02-backup | 192.168.1.7 | 子节点(BACKUP) |
部署nginx
在两台服务器都部署nginx
- 拉取nginx镜像
docker pull nginx:1.21.6
- 配置文件
创建
/docker/nginx/conf/目录并在其下创建nginx.conf配置文件
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
server_tokens off; #隐藏nginx版本号
charset utf-8,gbk; #设置字符集
server {
listen 80;
server_name server02;
location / {
root /www; #前端资源路径
index index.html index.htm;
}
}
}
创建/docker/nginx/www/目录并在其下创建index.html文件
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body>
<h1>Welcome to nginx!</h1>
ip地址:192.168.1.6
</body>
</html>
PS:ip地址记得改成对应的服务器地址,方便后面的测试
- 运行
docker run --network=host --name nginx -d --restart=always \
-v /etc/localtime:/etc/localtime:ro \
-v /docker/nginx/www:/www -v /docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \
-v /docker/nginx/log:/var/log/nginx \
nginx:1.21.6
- 查看nginx运行状态
docker ps
- 防火墙放行端口号
放行80端口
firewall-cmd --permanent --add-port=80/tcp
重启防火墙
firewall-cmd --reload
- 测试
至此,nginx部署完成!
部署keepalived
keepalived可以将多个无状态的单点通过虚拟IP(VIP)漂移的方式搭建成一个高可用服务
- 官网文档
www.keepalived.org/doc/install…
- 下载 官网下载:
www.keepalived.org/download.ht…
这里下载最新的版本V2.2.7:
www.keepalived.org/software/ke…
- 先决条件-安装基础依赖
yum install curl gcc openssl-devel libnl3-devel net-snmp-devel
- 解压并编译、安装
tar -xzvf keepalived-2.2.7.tar.gz
cd keepalived-2.2.7
配置安装目录与核心配置文件
./configure --prefix=/usr/local/keepalived-2.2.7 --sysconf=/etc
prefix:keepalived安装位置
sysconf:keepalived配置文件位置,默认/etc
编译
make
安装
sudo make install
- 配置
创建/etc/keepalived/keepalived.conf配置文件:
主节点(MASTER)的配置:
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
子节点(BACKUP)的配置:
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 2
priority 90
advert_int 1
nopreemt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
state MASTER 表示该节点为主节点;
virtual_router_id 1 虚拟路由id,取值范围0-255,主节点(MASTER)和子节点(BACKUP)不要设置一致;
interface ens33 指定网卡名称,使用ip addr查看;
advert_int 1 主、子节点心跳频率,单位为秒
mcast_src_ip 192.168.1.6 指定节点的IP地址;
authentication 用户名密码,主节点(MASTER)和子节点(BACKUP)设置一致;
virtual_ipaddress { 192.168.1.100 }虚拟IP(VIP)地址,待会测试就是使用该IP地址访问;最好跟服务器同一个网段;主节点(MASTER)和子节点(BACKUP)设置一致;
启动
systemctl start keepalived
重启
systemctl restart keepalived
停止
systemctl stop keepalived
查看运行状态
systemctl status keepalived
开机自启
systemctl enable keepalived
- 测试
主节点和子节点都启动keepalived,通过VIP访问,默认访问到主节点
主节点停止keepalived,子节点启动keepalived,通过VIP访问,默认访问到子节点
把主节点keepalived恢复,通过VIP访问,默认访问到主节点
至此,已经实现高可用基本功能!
- 编写检测nginx脚本
基本思路:
编写脚本,通过脚本来检测nginx的启用状态,nginx停止了则尝试重启nginx,若重启失败则停止keepalived
检测nginx脚本:nginx_check.sh
创建/etc/keepalived/nginx_check.sh脚本:
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ]
then
echo "nginx死掉了!,正在重启"
docker restart nginx
echo "重启完成,检测重启结果...."
sleep 4
B=`ps -C nginx --no-header |wc -l`
if [ $B -eq 0 ]
then
echo "nginx重启失败!正在停止keepalived...."
systemctl stop keepalived
echo "keepalived停止成功!"
else
echo "nginx重启成功!"
fi
else
echo "nginx正常运行!"
fi
说明
ps -C nginx --no-header |wc -l是查看当前nginx进程;
A=`ps -C nginx --no-header |wc -l` 会把结果赋值给变量A
A大于0则说明存在nginx进程,反之说明nginx已经死掉!
修改nginx_check.sh权限
chmod +x nginx_check.sh
- 修改keepalived.conf配置文件
主节点(MASTER)的配置:
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
track_script {
chk_nginx
}
}
子节点(BACKUP)的配置:
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 2
priority 90
advert_int 1
nopreemt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
track_script {
chk_nginx
}
}
重启主、子节点的keepalived
另外:nginx自身的负载均衡也可以配置,可以应对更多的复杂场景
至此,所有工作已经完成!
