Keepalive之nginx调度架构

单主模式Keepalive之Nginx 调度

实验目的

实现Nginx调度的高可用,当一台Nginx调度器故障时,启用备用的Nginx调度,在架构中,启用了kepalive节点状态通知脚本机制,当keepalive的状态由MASTER变为BACKUP或由BACKUP变为MASTER时,以邮件通知用户,通过在通知脚本文件中定义BACKUP状态的节点启用nginx服务,是为了防止因Nginx服务故障导致节点权重降低从而变为BACKUP状态,为了避免此种现象,故在转换为BACKUP状态时需启动一次Nginx服务。

实验环境

keepalive-A 172.16.253.108
keepalive-B 172.16.253.105
Nginx-A     172.16.253.108
Nginx-B     172.16.253.105
LVS-RS1     172.16.250.127
LVS-RS2     172.16.253.193
VIP         172.16.253.150
client      172.16.253.177

web服务集群

为了更好的观察实验结果,故在此将RS1和RS2的web页面内容设置不一致,以致可以更清晰的区分RS1服务端和RS2服务端

LVS-RS1

[root@LVS-RS1 ~]# systemctl restart chronyd  \\多台服务器时间同步
[root@LVS-RS1 ~]# iptables -F
[root@LVS-RS1 ~]# setenforce 0
[root@LVS-RS1 ~]# yum -y install nginx
[root@LVS-RS1 ~]# vim /usr/share/nginx/html/index.html 
<h1> Web RS1 </h1>
[root@LVS-RS1 ~]# systemctl start nginx

LVS-RS2

[root@LVS-RS2 ~]# systemctl restart chronyd  \\多台服务器时间同步
[root@LVS-RS2 ~]# iptables -F
[root@LVS-RS2 ~]# setenforce 0
[root@LVS-RS2 ~]# yum -y install nginx
[root@LVS-RS2 ~]# vim /usr/share/nginx/html/index.html
<h1> Web RS2 </h1>
[root@LVS-RS2 ~]# systemctl start nginx

nginx调度集群

nginx-A

[root@nginx-A ~]# yum -y install nginx
[root@nginx-A ~]# vim /usr/share/nginx/html/index.html 
</h1> sorry from keepalive-A </h1>
[root@nginx-A ~]# vim /etc/nginx/nginx.conf
http {
    upstream websrvs {
        server 172.16.250.127:80;
        server 172.16.253.193:80;
    }
}
server {
    listen       80 default_server;
    location / {
        proxy_pass http://websrvs;
    }
}
[root@nginx-A ~]# systemctl start nginx

nginx-B

[root@nginx-B ~]# yum -y install nginx
[root@nginx-B ~]# vim /usr/share/nginx/html/index.html 
</h1> sorry from keepalive-B </h1>
[root@nginx-B ~]# vim /etc/nginx/nginx.conf
http {
    upstream websrvs {
        server 172.16.250.127:80;
        server 172.16.253.193:80;
    }
}
server {
    listen       80 default_server;
    location / {
        proxy_pass http://websrvs;
    }
}
[root@nginx-B ~]# systemctl start nginx

keepalive集群

keepalive-A

[root@keepalive-A ~]# yum -y install keepalived
[root@keepalive-A ~]# vim /etc/keepalived/notify.sh  \\定义状态检测通知脚本,当节点变为BACKUP时,启动nginx服务
#!/bin/bash 
    #
    contact='root@localhost'  \\通知的联系者,即本地邮件服务器的通知邮件接受者

    notify() {
       local mailsubject="$(hostname) to be $1, vip floating" \\指定邮件标题
       local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"  \\指定邮件正文
       echo "$mailbody" | mail -s "$mailsubject" $contact  \\发送通知信息邮件到邮件接收者
    }

    case $1 in
        master)
           notify master
           ;;
        backup)
            notify backup
            systemctl start nginx
            ;;      
        fault)
            notify fault    
            ;;
        *)
            echo "Usage: $(basename $0) {master|backup|fault}"
            exit 1
            ;;
        esac
[root@keepaliveA ~]# vim /etc/keepalived/keepalived.conf
global_defs {
    notification_email {
        jevon@danran.com
    }
    notification_email_from ka_admin@danran.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id keepaliveA
    vrrp_mcast_group4 224.103.5.5
}
vrrp_script chk_mant_down { \\定义检测脚本
    script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" \\检测/etc/keepalived/down文件是否存在,若文件存在,则weight权重-10,若文件不存在,则每隔一秒检测
    interval 1 \\每隔一秒检测
    weight -10
    fall 2 \\检测两次故障则表示节点故障
    rise 1 \\检测一次正常则表示节点正常
}
vrrp_script chk_nginx { \\检测nginx服务是否运行脚本
    script "killall -0 nginx" \\-0为探测信号,当nginx进程存在时,返回值$?=0,当nginx进程不存在时,返回值$?为非零,则权重减10
    interval 2
    weight -10
    fall 2
    rise 2
}

vrrp_instance VI_A {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 95
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQHuL
    }
    virtual_ipaddress {
    172.16.253.150/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    track_script { \\脚本调用
        chk_mant_down
        chk_nginx \\调用chk_nginx脚本
    }
}
[root@keepalive-A ~]# systemctl start keepalived
[root@keepalive-A ~]# systemctl status keepalived

keepalive-B

[root@keepalive-B ~]# yum -y install keepalived
[root@keepalive-A ~]# vim /etc/keepalived/notify.sh  \\定义状态检测通知脚本
#!/bin/bash 
    #
    contact='root@localhost'  \\通知的联系者,即本地邮件服务器的通知邮件接受者

    notify() {
       local mailsubject="$(hostname) to be $1, vip floating" \\指定邮件标题
       local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"  \\指定邮件正文
       echo "$mailbody" | mail -s "$mailsubject" $contact  \\发送通知信息邮件到邮件接收者
    }

    case $1 in
        master)
           notify master
           ;;
        backup)
            notify backup
            systemctl start nginx
            ;;      
        fault)
            notify fault    
            ;;
        *)
            echo "Usage: $(basename $0) {master|backup|fault}"
            exit 1
            ;;
        esac
[root@keepalive-B ~]# vim /etc/keepalived/keepalived.conf
global_defs {
    notification_email {
        jevon@danran.com
    }
    notification_email_from ka_admin@danran.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id keepaliveA
    vrrp_mcast_group4 224.103.5.5
} 
vrrp_script chk_mant_down { \\定义检测脚本
    script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" \\检测/etc/keepalived/down文件是否存在,若文件存在,则weight权重-10,若文件不存在,则每隔一秒检测
    interval 1 \\每隔一秒检测
    weight -10
    fall 2 \\检测两次故障则表示节点故障
    rise 1 \\检测一次正常则表示节点正常
}
vrrp_script chk_nginx { \\检测nginx服务是否运行脚本
    script "killall -0 nginx" \\-0为探测信号,当nginx进程存在时,返回值$?=0,当nginx进程不存在时,返回值$?为非零,则权重减10
    interval 2
    weight -10
    fall 2
    rise 2
}

vrrp_instance VI_A {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 95
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQHuL
    }
    virtual_ipaddress {
    172.16.253.150/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    
    track_script { \\脚本调用
        chk_mant_down
        chk_nginx \\调用chk_nginx脚本
    }
}
[root@keepalive-B ~]# systemctl start keepalived
[root@keepalive-A ~]# systemctl start keepalived

测试

访问测试调度

[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>

测试检测监控Nginx服务资源的外部脚本

[root@keepalive-A ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.150/32 scope global ens33
        valid_lft forever preferred_lft forever

手动停止Nginx服务,keepalive-A变成了BACKUP节点

[root@keepalive-A ~]# systemctl stop nginx
[root@keepalive-A ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff

几秒种后,Nginx服务再次自动启动,则Keepalive-A再次成为MASTER节点

[root@keepalive-A ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.150/32 scope global ens33
        valid_lft forever preferred_lft forever

当Nginx的80端口占用时,Nginx服务停止之后不会再次启动,则keepalive-A变为BACKUP

[root@keepalive-A ~]# yum -y install httpd 
[root@keepalive-A ~]# systemctl stop nginx && systemctl start httpd \\停止nginx的同时启动httpd
[root@keepalive-A ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
[root@keepalive-A ~]# systemctl status keepalived.service 
Sep 05 21:21:14 cxjing.com Keepalived_vrrp[24153]: VRRP_Script(chk_nginx) failed

在HTTP进程停止之后,80端口被释放,则keepalive-A上的Nginx也不会再次重启

双主模式的Nginx调度(一般不会做会话绑定)

双主模式的目的是为了解决访问路径的单点故障,当一个web虚拟路由故障时,可使用另外一个web路径访问,最终是实现集群的高可用性

实验环境

keepalive-A 172.16.253.108
keepalive-B 172.16.253.105
Nginx-A     172.16.253.108
Nginx-B     172.16.253.105
LVS-RS1     172.16.250.127
LVS-RS2     172.16.253.193
VI-A        172.16.253.150
VI-B        172.16.253.140
client      172.16.253.177

环境拓扑图

实现过程

keepalive-A

[root@keepalive-A ~]# vim /etc/keepalived/notify.sh 
#!/bin/bash
#
contact='root@localhost'

notify() {
    local mailsubject="$(hostname) to be $1, vip floating"
    local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
    echo "$mailbody" | mail -s "$mailsubject" $contact
}

case $1 in
master)
    notify master
    ;;
backup)
    notify backup
    systemctl start nginx
    ;;
fault)
    notify fault
    ;;
*)
    echo "Usage: $(basename $0) {master|backup|fault}"
    exit 1
    ;;
esac
[root@keepalive-A ~]# systemctl stop keepalived  
[root@keepalive-A ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
    jevon@danran.com
}
notification_email_from ka_admin@danran.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepaliveA
vrrp_mcast_group4 224.103.5.5
}
vrrp_script chk_mant_down {
    script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
    interval 1
    weight -10
    fall 2
    rise 1
}
vrrp_script chk_nginx {
    script "killall -0 nginx"
    interval 2
    weight -10
    fall 2
    rise 2
}
vrrp_instance VI_A {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQHuL
    }
    virtual_ipaddress {
        172.16.253.150/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    track_script {
        chk_mant_down
        chk_nginx
    }
}
vrrp_instance VI_B {
    state BACKUP
    interface ens33
    virtual_router_id 52
    priority 95
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQH99
    }
    virtual_ipaddress {
        172.16.253.140/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    track_script {
        chk_mant_down
        chk_nginx
    }
}
[root@keepalive-A ~]# systemctl start keepalived

keepalive-B

[root@keepalive-A ~]# vim /etc/keepalived/notify.sh 
#!/bin/bash
#
contact='root@localhost'

notify() {
    local mailsubject="$(hostname) to be $1, vip floating"
    local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
    echo "$mailbody" | mail -s "$mailsubject" $contact
}

case $1 in
master)
    notify master
    ;;
backup)
    notify backup
    systemctl start nginx
    ;;
fault)
    notify fault
    ;;
*)
    echo "Usage: $(basename $0) {master|backup|fault}"
    exit 1
    ;;
esac
[root@keepalive-B ~]# systemctl stop keepalived  
[root@keepalive-B ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
    jevon@danran.com
}
notification_email_from ka_admin@danran.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepaliveA
vrrp_mcast_group4 224.103.5.5
}
vrrp_script chk_mant_down {
    script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
    interval 1
    weight -10
    fall 2
    rise 1
}
vrrp_script chk_nginx {
    script "killall -0 nginx"
    interval 2
    weight -10
    fall 2
    rise 2
}
vrrp_instance VI_A {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 95
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQHuL
    }
    virtual_ipaddress {
        172.16.253.150/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    track_script {
        chk_mant_down
        chk_nginx
    }
}
vrrp_instance VI_B {
    state MASTER
    interface ens33
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass qr8hQH99
    }
    virtual_ipaddress {
        172.16.253.140/32
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
    }
    track_script {
        chk_mant_down
        chk_nginx
    }
}
[root@keepalive-B ~]# systemctl start keepalived

查看keepalive-A和keepalive-B IP地址,确认虚拟路由配置正确

[root@keepalive-A ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.150/32 scope global ens33
   valid_lft forever preferred_lft forever
[root@keepalive-B ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:0e:47:87 brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.140/32 scope global ens33
   valid_lft forever preferred_lft forever

测试Nginx调度

[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
[root@client ~]# for i in {1..10};do curl http://172.16.253.140;done
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 206,839评论 6 482
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 88,543评论 2 382
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 153,116评论 0 344
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 55,371评论 1 279
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 64,384评论 5 374
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,111评论 1 285
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,416评论 3 400
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,053评论 0 259
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 43,558评论 1 300
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,007评论 2 325
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,117评论 1 334
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 33,756评论 4 324
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,324评论 3 307
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,315评论 0 19
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,539评论 1 262
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 45,578评论 2 355
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 42,877评论 2 345

推荐阅读更多精彩内容

  • 第一章 Nginx简介 Nginx是什么 没有听过Nginx?那么一定听过它的“同行”Apache吧!Ngi...
    JokerW阅读 32,642评论 24 1,002
  • 《老男孩Linux运维》Nginx Documentation 集群简介 集群就是指一组(若干)相互独立的计算机,...
    Zhang21阅读 3,373评论 0 51
  • 上一篇《WEB请求处理一:浏览器请求发起处理》,我们讲述了浏览器端请求发起过程,通过DNS域名解析服务器IP,并建...
    七寸知架构阅读 80,925评论 21 356
  • Nginx简介 解决基于进程模型产生的C10K问题,请求时即使无状态连接如web服务都无法达到并发响应量级一万的现...
    魏镇坪阅读 1,991评论 0 9
  • 斑妃泪洒池塘边, 夜里来風影相连。 几度明灭岁月老, 溪声有情伴人眠。
    霑露饮冰小先生阅读 213评论 0 0