欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

【Nginx那些事】nginx配置实例(四)搭建高可用集群

程序员文章站 2022-03-02 22:25:37
...

nginx 实现高可用

思考如果所有服务都基于nginx代理,一旦nginx服务器发生宕机,那么将导致所有代理的服务都不可用。
如果搭建nginx集群,一个nginx服务器宕机,另一个nginx服务器顶上,那么就能实现nginx高可用。

要点

  1. 用虚拟ip绑定所有集群服务器的ip,对外暴露的仅仅是虚拟ip。
  2. 安装keepalived

安装keepalived

yum install keepalived -y

keepalived配置

配置文件在/etc/keepalived/keepalived.conf。默认配置如下

! Configuration File for keepalived

global_defs {
   notification_email {
     [email protected]
     [email protected]
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}

virtual_server 192.168.200.100 443 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.201.100 443 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            url {
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url {
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url {
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url {
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url {
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url {
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

主Nginx服务器配置

ip: 192.168.227.3

主Nginx服务器的keepalived配置文件修改如下

# 全局配置
global_defs {
	notification_email {
	  [email protected]
	  [email protected]
	  [email protected]
	}
  script_user root
  enable_script_security
	notification_email_from [email protected]
	smtp_ server 192.168.227.3 
	smtp_connect_timeout 30
	router_id bq8023	# bq8023 这字段在/etc/hosts文件中看;通过它访问到主机
}

# 检测脚本配置
vrrp_script chk_http_ port {
  # 脚本路径
	script "/usr/local/src/nginx_check.sh" # 脚本内容见下方
	interval 2   # (检测脚本执行的间隔)2s
	weight 2  #权重,如果这个脚本检测为真,服务器权重+2
}

vrrp_instance VI_1 {
  # 标识主/从服务器
	state MASTER   # 备份服务器上将 MASTER 改为BACKUP
  # 绑定网卡 通过 ifconfig 查看
	interface ens33 //网卡名称
  # 主/从服务器的路由id
	virtual_router_id 51 # 主、备机的virtual_router_id必须相同
  # 优先级
	priority 100   #主、备机取不同的优先级,主机值较大,备份机值较小
	advert_int 1	#每隔1s发送一次心跳
  # 权限校验配置
	authentication {	# 校验方式, 类型是密码,密码1111
        auth type PASS
        auth pass 1111
    }
  # 虚拟ip配置
	virtual_ipaddress { # 虛拟ip
		192.168.227.10 // VRRP H虛拟ip地址
	}
}

说明:
router_id bq8023,bq8023 这字段在/etc/hosts文件中添加,例如:

cat /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 bq8023  # 自己添加的

/usr/local/src/nginx_check.sh脚本


#! /bin/bash
# 检测 nginx 运行状态
A=`ps -C nginx -no-header | wc - 1`
if [ $A -eq 0];then
	/usr/local/nginx/sbin/nginx
	sleep 2
	if [`ps -C nginx --no-header| wc -1` -eq 0 ];then
		systemctl stop keepalived
	fi
fi

从nginx服务器配置

ip: 192.168.227.4
从nginx服务器的keepalived配置文件修改如下

global_defs {
	notification_email {
	  [email protected]
	  [email protected]
	  [email protected]
	}
  script_user root
  enable_script_security
	notification_email_from [email protected]
	smtp_ server 192.168.227.4
	smtp_connect_timeout 30
	router_id LVS_DEVEL	# LVS_DEVEL这字段在/etc/hosts文件中看;通过它访问到主机
}

vrrp_script chk_http_ port {
	script "/usr/local/src/nginx_check.sh"
	interval 2   # (检测脚本执行的间隔)2s
	weight 2  #权重,如果这个脚本检测为真,服务器权重+2
}

vrrp_instance VI_1 {
	state BACKUP   # 备份服务器上将 MASTER 改为BACKUP
	interface ens33 //网卡名称
	virtual_router_id 51 # 主、备机的virtual_router_id必须相同
	priority 90   #主、备机取不同的优先级,主机值较大,备份机值较小
	advert_int 1	#每隔1s发送一次心跳
	authentication {	# 校验方式, 类型是密码,密码1111
        auth type PASS
        auth pass 1111
    }
	virtual_ipaddress { # 虛拟ip
		192.168.227.10 // VRRP H虛拟ip地址
	}
}

/usr/local/src/nginx_check.sh脚本

#! /bin/bash
A=`ps -C nginx -no-header | wc - 1`
if [ $A -eq 0];then
	/usr/local/nginx/sbin/nginx
	sleep 2
	if [`ps -C nginx --no-header| wc -1` -eq 0 ];then
		systemctl stop keepalived
	fi
fi

脚本文件权限设置

chmod 755 /usr/local/src/nginx_check.sh

启动 keepalived 和 nginx

分别启动两台服务器的 keepalived 和 nginx

# keepalived启动
systemctl start keepalived.service
# 查看keepalived是否启动
ps -ef | grep keepalived

cd /usr/local/nginx/sbin/
# nginx启动
./nginx