nginx+keepalived双机热备+负载均衡

一、原理/需求

结合keepalived 对前端nginx实现HA；
nginx进程基于Master+Slave(worker)多进程模型，自身具备很是稳定的子进程管理功能。在Master进程分配模式下，Master进程永远不进行业务处理，只是进行任务分发，从而达到Master进程的存活高可靠性，Slave(worker)进程全部的业务信号都由主进程发出，Slave(worker)进程全部的超时任务都会被Master停止，属于非阻塞式任务模型。
Keepalived是Linux下面实现VRRP备份路由的高可靠性运行件。基于Keepalived设计的服务模式可以真正作到主服务器和备份服务器故障时IP瞬间无缝交接。两者结合，能够构架出比较稳定的软件lb方案。

二、环境说明
192.168.2.4        keepalived nginx
192.168.2.5        keepalived nginx
虚拟IP (VIP)：192.168.2.6

三、安装keepalived和nginx

yum -y install openssl-devel

yum -y install libnl libnl-devel

yum install -y libnfnetlink-devel

[root@master keepalived-1.3.9]# ./configure --prefix=/usr/local/keepalived

[root@master keepalived-1.3.9]# make && make install

[root@master ~]# mkdir /etc/keepalived

[root@master ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

[root@master ~]# /usr/local/keepalived/sbin/keepalived -D

四、配置MASTER  keepalived
vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
#标识本节点的名称
   router_id master	
}

vrrp_script chk_nginx {  
	script "/etc/keepalived/nginx_check.sh"
	#每2秒检测一次nginx的运行状态
	interval 2
	#失败一次，将本身的优先级调整为-20
	weight	-20
} 

vrrp_instance VI_1 {
	#状态，主节点为MASTER
	state MASTER
	#绑定VIP的网络接口
	interface ens33
	#虚拟路由的ID号，两个节点设置必须同样
	virtual_router_id 51
	#节点优先级，值范围0~254，MASTER>BACKUP
	priority 100
	#组播信息发送时间间隔，两个节点必须设置同样，默认为1秒
	advert_int 1
	#设置验证信息，两个节点必须一致
	authentication {
	        auth_type PASS
        	auth_pass 1111
    	}
	#虚拟IP，两个节点设置必须一致，能够设置多个
	virtual_ipaddress {
        	192.168.1.106
    	}
    	#nginx存活状态检测脚本
	track_script {
		chk_nginx
	}
}

五、配置BACKUP  keepalived
vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id backup
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2
    weight -20
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.106
    }
    track_script {
        chk_nginx
    }
}

Tips：
state   参数值：主的是MASTER、备用的是BACKUP
priority 参数值： MASTER > BACKUP
virtual_router_id： 参数值要同样

调用的脚本nginx_check.sh

#!/bin/bash  
A=`ps -C nginx -no-header |wc -l`  
if [ $A -eq 1 ];then 
        pkill keepalived  
fi

测试：

两台测试机4\5均启动keepalived和nginx
service keepalived restart
service keepalived nginx

验证nginx启动正常：
访问 master：http://192.168.2.4:80/
访问 backup: http://192.168.2.5:80/

查看keepalived的日志信息：

4\5均打开日志信息方便查看keepalived动态：
tail -f /var/log/messages

浏览器打开虚拟ip访问：http://192.168.2.6:80/ ，此时显示IP为192.168.2.4

服务器层的双机热备（好比服务器宕机、keepalived宕了）测试：

kill 192.168.2.4（master) 的keepalived进程
killall keepalived

4的日志信息以下：

Jun 11 18:03:10 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6  
Jun 11 18:03:15 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6  
Jun 11 19:30:44 localhost Keepalived: Terminating on signal  
Jun 11 19:30:44 localhost Keepalived: Stopping Keepalived v1.2.2 (06/10,2014)  
Jun 11 19:30:44 localhost Keepalived_vrrp: Terminating VRRP child process on signal  
Jun 11 19:30:44 localhost Keepalived_healthcheckers: Terminating Healthchecker child process on signal

5的日志信息以下：

Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.  
Jun 11 19:30:50 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6  
Jun 11 19:30:50 localhost Keepalived_healthcheckers: Netlink reflector reports IP 192.168.2.6 added  
Jun 11 19:30:55 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.2.6

刷新http://192.168.2.6:80/ ， 此时显示IP为192.168.2.5。 再次启动192.168.2.4的keepalived进程，192.168.2.4会自动接管成为master，192.168.2.5自动转为backup，从测试结果看，备机能成功接管，已经实现了热备。