前言
单独的nginx作为web代理服务器可以满足一定时间段的需求,但如果遇上大并发的时候就需要考虑可靠的nginx架构,keepalived可以实现ha的功能,即主备功能,避免单点故障。
架构
nginx-122.119.181.100,122.119.181.101(两台服务器需要同时搭建nginx以及keepalived,不过keepalived是要分主次)。
vip-122.119.181.120(虚拟的IP地址,提供给客户访问,然后VIP会分发到对应下的nginx)。
后端-通过nginx的upstream功能实现后端的负载均衡。
安装
nginx-可以通过编译安装或者yum安装
keepalived-同样可以使用yum或者编译安装
配置
keepalived核心点-yum安装后默认在/etc/keepalived/keepalived.conf
master配置
global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script check_ng { script "/opt/app/web/nginx/checknginx.sh" interval 2 } vrrp_instance VI_1 { state MASTER #区分主次标签 interface eth0 #绑定对应的网卡接口 virtual_router_id 51 #固定路由编号,需要和BACKUP保持一致 mcast_src_ip 122.119.181.100 #本地的IP地址 priority 100 #分发的权限,如果只有2台意义不大 advert_int 1 authentication { auth_type PASS #设置账号密码 auth_pass zhouzhifei } virtual_ipaddress { 122.119.181.120/24 dev eth0 label eth0:1 #虚拟IP地址绑定对应的网卡 } track_script { check_ng } }
BACKUP配置
global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script check_ng { script "/opt/app/web/nginx/checknginx.sh" interval 2 } vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 51 mcast_src_ip 122.119.181.101 priority 100 advert_int 1 authentication { auth_type PASS auth_pass zhouzhifei } virtual_ipaddress { 122.119.181.120/24 dev eth1 label eth1:1 } track_script { check_ng } }
基础nginx检测脚本
#!/bin/bash run=`ps -C nginx --no-header | wc -l` if [ $run -eq 0 ];then /opt/app/web/nginx/sbin/nginx -s stop /opt/app/web/nginx/sbin/nginx sleep 3 if [ `ps -C nginx --no-header | wc -l` ];then killall keepalived fi fi
思考
当mater恢复后,如何从BACKUP自动切换到MASTER?
文章评论