# 什么是高可用？ nginx做负载均衡，能达到分发请求的目的，但是不能很好的避免单点故障 ## nginx集群单点问题 分发器宕机怎么处理？ 假如nginx服务器挂掉了，那么所有的服务也会跟着瘫痪 一种方法是人为监控，发现主分发器宕机后，立马登录备分发器，并给它分配虚ip 另一种办法是用软件来替代人来监控，自动登录备分发器，分配虚ip 数据服务器宕机怎么处理？ 分发器可以自动判断数据服务器的存活状态，不对宕机服务器要数据 ## Keepalived介绍 Keepalived的作用是检测服务器的状态，如果有一台web服务器宕机，或工作出现故障，Keepalived将检测到，并将有故障的服务器从系统中剔除，同时使 其他服务器代替该服务器的工作，当服务器工作正常后Keepalived自动将服务器加入到服务器群中，这些工作全部自动完成，不需要人工干涉，需要人工做的只是修复故障的服务器。   总结来说：Keepalived软件是一个监控+自愈的软件。   运行协议是VRRP，主分发器的keepalived会向网络中发组播，宣告自己还活着，组播地址：224.0.0.18 # 环境介绍 |主机名 |IP |角色 |系统 |配置 |软件| |-------|-------|-------|-------|-------|-------| nginx01|192.168.179.128|主分发器|centos7.5|2核4G|Nginx+keepalived| nginx02|192.168.179.129|备分发器|centos7.5|2核4G|Nginx+keepalived| # 安装nginx和keepalived 两台虚机都安装nginx+keepalived ## 下载nginx ```bash [root@nginx01]# yum -y install nginx [root@nginx01]# systemctl start nginx [root@nginx01]# systemctl enable nginx [root@nginx01]# systemctl status nginx ● nginx.service - nginx - high performance web server Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled) Active: active (running) since Wed 2019-09-18 22:57:11 EDT; 4h 7min ago Docs: http://nginx.org/en/docs/ Process: 11299 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS) Process: 11302 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS) Main PID: 11303 (nginx) CGroup: /system.slice/nginx.service ├─11303 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf └─11304 nginx: worker process Sep 18 22:57:11 A2 systemd[1]: Stopped nginx - high performance web server. Sep 18 22:57:11 A2 systemd[1]: Starting nginx - high performance web server... Sep 18 22:57:11 A2 systemd[1]: PID file /var/run/nginx.pid not readable (yet?) after start. Sep 18 22:57:11 A2 systemd[1]: Started nginx - high performance web server. ``` ## 安装keepalived keepalived官网地址:https://www.keepalived.org/download.html ```bash #yum安装 [root@nginx01]# yum -y insatll keepalived [root@nginx01]# systemctl start keepalived #编译安装 [root@nginx01]# wget http://www.keepalived.org/software/keepalived-2.0.8.tar.gz [root@nginx01]# sh keepalived_install.sh [root@nginx01]# cat keeepalived_install.sh #keepalived安装脚本 #!/bin/bash pkg=keepalived-2.0.8.tar.gz tar xf $pkg yum -y install kernel-devel ln -s /usr/src/kernels/3.10.0-862.14.4.el7.x86_64/ /usr/src/linux cd keepalived-2.0.8/ yum install openssl-* -y ./configure --prefix=/usr/local/keepalived make make install mkdir -pv /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ ln -s /usr/local/keepalived/sbin/keepalived /sbin/ [root@nginx01]# systemctl start keepalived ``` # 配置keepalived 主备区别在设置优先级 ```bash [root@nginx01]# cd /etc/keepalived #备份keepalived配置文件 [root@nginx01 keepalived]# cp keepalived.conf keepalived.conf.bak [root@nginx01 keepalived]# cat keepalived.conf ! Configuration File for keepalived global_defs { router_id nginx01 } vrrp_script check_nginx { # 定义一个脚本 script "/etc/keepalived/check_nginx.sh" # 脚本路径 interval 2 # 探针，此处是每两秒执行一次脚本 fall 1 # 失败次数 1 } vrrp_instance nginx { # 定义名为nginx实例 state MASTER # 主机状态 interface ens33 # 网卡名 mcast_src_ip 192.168.179.128 # 发组播 virtual_router_id 51 # 虚拟id priority 100 # 优先级 advert_int 1 # 探针，一秒发一次组播 authentication { auth_type PASS auth_pass 1111 # 密码 } track_script { check_nginx } virtual_ipaddress { # 虚拟ip 192.168.179.200/24 } } ``` 备keepalived配置 ```bash [root@nginx02 keepalived]# cat keepalived.conf ! Configuration File for keepalived global_defs { router_id nginx02 } vrrp_script check_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 fall 1 } vrrp_instance nginx { state BACKUP interface ens33 mcast_src_ip 192.168.179.129 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { check_nginx } virtual_ipaddress { 192.168.179.200/24 } } ``` # 编写检查脚本 两台都操作 ```bash [root@nginx01]# cd /etc/keepalived [root@nginx01 keepalived]# cat check_nginx.sh #!/bin/bash if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ] then killall keepalived fi [root@nginx01 keepalived]# chmod 777 check_nginx.sh ``` 启动nginx和keepalived ```bash [root@nginx01 keepalived]# ps -ef|grep [n]ginx root 11303 1 0 Sep18 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 11304 11303 0 Sep18 ? 00:00:00 nginx: worker process [root@nginx01 keepalived]# ps -ef|grep [k]eepalived root 11329 1 0 Sep18 ? 00:00:00 /usr/sbin/keepalived -D root 11330 11329 0 Sep18 ? 00:00:00 /usr/sbin/keepalived -D root 11331 11329 0 Sep18 ? 00:00:01 /usr/sbin/keepalived -D ``` 测试 访问vip192.168.179.200正常 在nginx01上： ```bash [root@nginx01 keepalived]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:17:3a:d8 brd ff:ff:ff:ff:ff:ff inet 192.168.179.128/24 brd 192.168.179.255 scope global noprefixroute dynamic ens33 valid_lft 1486sec preferred_lft 1486sec inet 192.168.179.200/24 scope global secondary ens33 valid_lft forever preferred_lft forever inet6 fe80::8e71:7c12:c808:104d/64 scope link noprefixroute valid_lft forever preferred_lft forever ```  ```bash [root@nginx01 keepalived]# Killall nginx [root@nginx01 keepalived]# ps –ef|grep keepalived #发现keepalive也被杀掉 ``` ip addr show ens33 nginx01释放掉VIP  访问vip192.168.179.200正常  只不过切到了备用keepalived服务器了，vip也漂移到nginx02