一、简述

配置Nginx HA模式,防止访问高并发导致Nginx宕机造成服务停止;
1、Nginx+keepalived 主从配置
这种方案,使用一个vip地址,前端使用2台机器,一台做主,一台做备,但同时只有一台机器工作,另一台备份机器在主机器不出现故障的时候,永远处于浪费状态,对于服务器不多的网站,该方案不经济实惠。
2、Nginx+keepalived 双主配置
这种方案,使用两个vip地址,前端使用2台机器,互为主备,同时有两台机器工作,当其中一台机器出现故障,两台机器的请求转移到一台机器负担,非常适合于当前架构环境。

二、部署

**1.服务器信息**

用户名

IP

root

192.168.200.100

root

192.168.200.110

Nginx版本:nginx-1.20.2.tar.gz
Keepalived:Keepalived v2.2.4
2.基础配置及安装Nginx依赖包

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# yum -y install gcc* zlib zlib-devel pcre-devel openssl openssl-devel

如安装失败极可能因为没有yum仓库

[root@localhost ~]# mount /dev/sr0 /media/cdrom/ [ root@localhost ~]# mount /dev/sr0 on /media/cdrom type iso9660 (ro,relatime) [root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost yum.repos.d]# mkdir backup/ [root@localhost yum.repos.d]# mv * backup/ [root@localhost yum.repos.d]# vi CentOS-Media.repo

nginx如何绑核 nginx加keepalive_centos


[yum] 【yum仓库唯一标识符,避免与其他仓库冲突】


name 【仓库的名称描述,易于识别仓库用处】


baseurl=file:// 【提供方式包括FTP(ftp://…)、HTTP(http://…)、本地(file:///…)】


enabled=1 【设置此源是否可用,1为可用,0为禁用】


gpgcheck=0 【设置此源是否校验文件,1为校验,0为不校验】

[root@localhost yum.repos.d]# yum clean all && yum makecache
yum clean all 【清理缓存】
yum makecache 【重新建立缓存】

现在重新安装依赖即可;

3.部署Nginx,两台同样的操作

[root@localhost ~]# useradd -M -s /sbin/nologin nginx
[root@localhost ~]# tar xf tools/nginx-1.15.10.tar.gz -C /opt/
[root@localhost ~]# cd /opt/nginx-1.20.2/
[root@localhost nginx-1.15.10]# ./configure --prefix=/opt/nginx --user=nginx --group=nginx --with-http_stub_status_module
[root@localhost nginx-1.20.2]# make && make install
[root@localhost ~]# cd /opt/nginx/sbin/
[root@localhost sbin]# ./nginx
[root@localhost sbin]# ps -ef| grep nginx
root 9855 1 0 20:19 ? 00:00:00 nginx: master process ./nginx
nginx 9856 9855 0 20:19 ? 00:00:00 nginx: worker process

修改Nginx的html文件便于测试分辨

nginx如何绑核 nginx加keepalive_运维_02

nginx如何绑核 nginx加keepalive_linux_03

补充nginx命令:
./nginx 启动
./nginx -s stop 关闭
./nginx -s reload 重启
./nginx -t 检查配置文件
./nginx -V 查看Nginx版本号
4.部署Keepalived
keepalived主节点

[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf_bak
[root@localhost keepalived]# vi keepalived.conf (Master节点conf文件)
! Configuration File for keepalived

global_defs { notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1 #邮箱地址
smtp_connect_timeout 30 #邮箱超时时间
router_id NGIINX_01 #主备节点id
}
vrrp_script check_nginx {
script “/etc/keepalived/check_nginx.sh” #心跳执行的脚本,检测nginx是否启动
interval 2 #(检测脚本执行的间隔,单位是秒)
}

vrrp_instance VI_1 {
state MASTER #主节点为Master
interface ens33 #修改网卡名称
virtual_router_id 51
priority 100 #优先级,从节点需比主节点低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.11/24 #VIP地址
}
track_script {
check_nginx
}
}
修改完后重启Keepalived
systemctl restart keepalived

Keepaliced从节点

[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf_bak
[root@localhost keepalived]# vi keepalived.conf (Backup节点conf文件)
! Configuration File for keepalived

global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGIINX_02
}
vrrp_script check_nginx {
script “/etc/keepalived/check_nginx.sh” #心跳执行的脚本,检测nginx是否启动
interval 2 #(检测脚本执行的间隔,单位是秒)
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.11
}
track_script {
check_nginx
}
}
修改完后重启Keepalived
systemctl restart keepalived

5.编写脚本
Nginx 状态检测脚本 /etc/keepalived/nginx_check.sh脚本要求:如果 nginx 停止运行,尝试启动,如果无法启动则杀死本机的 keepalived 进程, keepalied将虚拟 ip 绑定到 BACKUP 机器上。 内容如下:

[root@localhost keepalived]# vi check_nginx.sh
#!/bin/bash
#检测nginx是否启动了
A=netstat -lnpt | grep 80 | grep nginx | wc -l if [ $A -eq 0 ];then #如果nginx没有启动就启动nginx
/opt/nginx/sbin/nginx #重启nginx sleep 2
if [ netstat -lnpt | grep 80 | grep nginx | wc -l -eq 0 ];then #nginx重启失败,则停掉keepalived服务,进行VIP转移
killall keepalived
fi fi

三、测试

访问VIP地址,出现的页面为200.100服务器的网页内容

nginx如何绑核 nginx加keepalive_linux_04


手动关闭Nginx和Keepalived,重新进行访问

nginx如何绑核 nginx加keepalive_linux_05


现在可以正常进行灾备切换。

四、双主模式

1、双主模式只需要修改Keepalived的配置文件即可;
增加新的VIP192.168.200.12,192.168.200.11是100机器上主虚拟VIP,192.168.200.12是110机器上主虚拟VIP;

192.168.200.100
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.12/24
}
}

192.168.200.110
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.12/24
} }

修改完conf配置文件,重启Keepalived测试即可;

2.测试

nginx如何绑核 nginx加keepalive_centos_06


关闭110节点上的Nginx和keepalived,重新进行访问。

nginx如何绑核 nginx加keepalive_nginx如何绑核_07


搞定!!!!!