nginx + keepalive

hjjie2006

一、拓扑环境：
 
主nginx负载均衡器 192.168.166.203
辅nginx负载均衡器 192.168.166.177
VIP地址 192.168.166.178

http://www.keepalived.org/download.html
tar -zxvf keepalived-1.2.1.tar.gz
cd keepalived-1.2.1
./configure --prefix=/usr/local/keepalived --sysconf=/etc

make && make install
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/sbin/keepalived /bin/
chkconfig --add keepalived
chmod 755 /etc/init.d/keepalived
chkconfig keepalived on
service keepalived start

二．修改配置文件为以下内容:　[master slave]
MASTER
vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

 notification_email {
 xxx@xxx.com
}

notification_email_from xxx@xxx.com
smtp_server xxx.smtp.com
smtp_connect_timeout 30
router_id LVS_DEVEL
}

vrrp_script Monitor_Nginx {
 script "/root/monitor_nginx.sh"
 interval 2
 weight 2
}

vrrp_instance VI_1 {
 state MASTER #(主机为MASTER，备用机为BACKUP)
 interface eth0 #(HA监测网络接口)
 virtual_router_id 61 #(主、备机的virtual_router_id必须相同)
 #mcast_src_ip 192.168.166.203 #(多播的源IP，设置为本机外网IP，与VIP同一网卡)此项可不设置
 priority 90 #(主、备机取不同的优先级，主机值较大，备份机值较小,值越大优先级越高)
 advert_int 1 #(VRRP Multicast广播周期秒数)
 authentication {
 auth_type PASS #(VRRP认证方式)
 auth_pass 1234 #(密码)
}
 track_script {
 Monitor_Nginx #(调用nginx进程检测脚本)
}
 virtual_ipaddress {
 192.168.166.178 #(VRRP HA虚拟地址)
 }
}

###BACKUP方面只需要修改state为BACKUP , priority比MASTER稍低就OK了

三：注：monitor_nginx.sh为监控nginx进程的脚本,内容如下

#!/bin/bash
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
 /usr/local/nginx/sbin/nginx
 sleep 5
 if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
 then
 killall keepalived
 fi
fi

#chmod +x monitor_nginx.sh

四.启动keepalived
service keepalived start
或
/usr/local/keepalived/sbin/keepalived -D -f /etc/keepalived/keepalived.conf

 

五．测试步骤

1．    访问VIP看是否能够正常访问后端的web
2．    停止其中一个web看是否能将访问转到另一台上
3．    停止两台nginx上任何一个nginx进程看监控进程脚本是否会自动启动nginx
4．    停止任何一台nginx上的keepalived进程看另一台是否接管vip

track_interface的意思是将Linux中你想监控的网络接口卡监控起来，当其中的一块出现故障是keepalived都将视为路由器出现故障。
这里请注意： virtual_router_id 61，同一组master/backup中，也就是如果你设置了多个VRRP，同一组这个ID必须相同，不然启动的时候主从都会把VIP给启动了

keepalived 通过发送和接收组播包中的同一个virtual_router_id 的中的成员的存活，来确定对方的不可用，一旦检测到对方的不可用，即会切换它的备份角色为主。
即：当真实机192.168.166.177上的keepalived 检测到 真实机192.168.166.203上的keepalived 不可用时，177上将使用vip:192.168.166.178对外服务并由backup角色转变为master