本文档编写的目的是为了实现前端nginx代理的高可用,去除前端的单点故障,保证在前端网络出现问题、单台服务器挂掉、nginx崩溃等问题的时候能自动切换到另外一台服务器,保障服务的正常运行。
本方案采用nginx+keepalived来保证前端服务器的高可用。在前端网络层面、系统层面、nginx进程层面由keepalived来保证高可用,在代理后方的网络层面、系统层面、nginx可用性等由nginx自身的故障检查机制来保证高可用。
需要提供和一个网通IP和一个电信IP(和原来的IP在一个子网),用来做虚拟IP。
的安装(两台服务器都需要安装)
wget
ln -s /usr/src/kernels/2.6.18-164.el5-i686/ /usr/src/linux
tar zxvf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
make && make install
wget
tar zxvf keepalived-1.1.19.tar.gz
cd keepalived-1.1.19
./configure --prefix=/usr/local/keepalived
make
make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
mkdir /etc/keepalived
的配置
的配置
vim /etc/keepalived/keepalived.conf
#Configuration File for keepalived
global_defs {
notification_email {
jiankong@test.com
}
notification_email_from jiankong@test.com
smtp_server mail.test.com
smtp_connect_timeout 30
router_id LVS2
}
vrrp_script check_nginx {
#检测nginx是否挂掉的脚本
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance loadbalance {
state MASTER
interface eth1
virtual_router_id 52
priority 180
#mtp_alert
advert_int 1
#发生切换以后报警的脚本
notify /etc/keepalived/alert.sh
authentication {
auth_type PASS
auth_pass ufsoft
}
track_script {
check_nginx
}
virtual_ipaddress {
#电信和网通的虚拟IP
143.20.33.28
142.30.31.124
}
}
的配置
vim /etc/keepalived/keepalived.conf
#Configuration File for keepalived
global_defs {
notification_email {
jiankong@test.com
}
notification_email_from jiankong@test.com
smtp_server mail.test.com
smtp_connect_timeout 30
router_id LVS2
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance loadbalance {
state BACKUP
interface eth1
virtual_router_id 52
priority 150
#mtp_alert
advert_int 1
notify /etc/keepalived/alert.sh
authentication {
auth_type PASS
auth_pass ufsoft
}
track_script {
check_nginx
}
virtual_ipaddress {
143.20.33.28
142.30.31.124
}
}
nginx脚本配置(28、29都需要配置)
vim /etc/keepalived/check_nginx.sh
#!/bin/bash
if [ `ps aux | grep "nginx: master process" | grep -v "grep"|wc -l` -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 5
if [ `ps -aux | grep "nginx: master process" | grep -v "grep"|wc -l` -eq 0 ];then
/etc/rc.d/init.d/keepalived stop
fi
fi
chmod +x /etc/keepalived/check_nginx.sh
(两台服务器都需要配置)
vim /etc/keepalived/alert.sh
#!/bin/bash
group_instance=$1
group_name=$2
event=$3
#用来设置邮件报警
/etc/keepalived/sendmail.pl "keepalived problem, $group_instance $group_name $event please check it out!!!" "keepalived"
#用来设置短信报警
/etc/keepalived/sendsms.pl 手机号码 $group_instance $group_name $event 'keepalived problem,please check it out!!!'
chmod +x /etc/keepalived/alert.sh
的管理和维护
的启动
/etc/rc.d/init.d/keepalived start
测试没有问题以后将此启动语句加入到/etc/rc.local自动启动文件中!
的停止
/etc/rc.d/init.d/keepalived stop
keepalived的日志
tail -f /var/log/messages
通过上面的命令可以查看到日志中keeplived发生切换的过程及发生切换的时间等信息,对于错误的排查很关键。
要测试各个情况下keepalived的切换情况,停掉nginx、停掉keepalived、网络中断等。另外还需要在测试环境测试高负载情况下各种情况的切换速度等。对各个影响做到心中有数!
DNS
更改智能DNS的记录,使域名对应的记录指向两个虚拟IP。
Keepalived上线后需要添加对应的keepalived的监控,以备出现问题后第一时间响应,监控的内容包括keepalived进程的监控、虚拟IP连通性监控。