keepalived 虚拟机访问主机ipIP访问故障
点击联系发帖人
时间:2016-04-29 05:39
用Keepalived搭建双Nginx server集群,防止单点故障
用Keepalived搭建双Nginx server集群,防止单点故障
访问虚拟IP: 192.168.1.57, 该虚拟IP被Keepalived接管,两个Keepalived进程分别运行在物理IP为192.168.1.56和192.168.1.59服务器上,这两个服务器上都运行着Nginx server。Nginx server都监听虚拟IP 192.168.1.57. Nginx背后有一些web app集群,已经配置成upstream.
为了防止Nginx自己成为单点瓶颈,这里采用了双Nginx server的方式。每个Server都是Ubuntu 12.04.&
假定我的第一台Ubuntu server物理IP地址是192.168.1.56,已经安装了Nginx server,现在安装Keepalived,后面称这台为master server.
apt-get install keepalived &
另外一台Ubuntu server物理IP是192.168.1.59, 也安装Nginx server和Keapalived. 后面称这台为backup server. Nginx的安装以及配置不是本文关注内容,请参考我的其他文章。
现在开始配置master server. 安装完成keepalived后,通过查看脚本/etc/init.d/keepalived里面发现,启动配置文件的路径是
CONFIG=/etc/keepalived/keepalived.conf &
但是该文件现在还不存在。所以我创建一个,内容如下:
# Settings for notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
global_defs { &
& & notification_email { &
& & # Email address for notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & notification_email_from keepalived@ &# The from address for the notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & smtp_server 127.0.0.1 &
& & smtp_connect_timeout 15 &
# Define the script used to check if haproxy is still working & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
vrrp_script chk_http_port { &
& & script &/etc/keepalived/check_nginx.sh& # check Nginx is alive or not & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & interval 2 # & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & weight 2 &
# Configuation for the virtual interface & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
vrrp_instance VI_1 { &
& & interface eth0 &
& & state MASTER & & & &# set this to BACKUP on the other machine & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & priority 101 & & & &# set this to 100 on the other machine & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & virtual_router_id 51 &
& & smtp_alert & & & & &# Activate email notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & authentication { &
& & auth_type PASS &
& & auth_pass 1111 & & &# Set this to some secret phrase & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & # The virtual ip address shared between the two loadbalancers & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & virtual_ipaddress { &
& & 192.168.1.57 &
& & # Use the script above to check if we should fail over & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & track_script { &
& & chk_http_port &
1. smtp_server必须要用127.0.0.1
2. 自己要创建一个检查nginx进程的脚本
/etc/keepalived/check_nginx.sh &
内容如下:
!/bin/bash &
# try to start nginx if nginx process is dead & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
# shutdonw keepalived process if start nginx failed & & & & & & & & & & & & & & & & & & & &&
pid=`ps -C nginx --no-header |wc -l` &
if [ $pid -eq 0 ];then &
& & service nginx start &
& & sleep 3 &
& & if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then &
& & & & service keepalived stop &
3. 修改nginx的所有server配置,将server_name都改为虚拟IP
server_name &192.168.1.57; &
4. 注意,这里的虚拟IP不是用修改/etc/network/interfaces的方式,而是在keepalived配置文件中直接设置,要想判断是否成功,直接ping 就行了,ifconfig是看不到的。
ping 192.168.1.57 &
PING 192.168.1.57 (192.168.1.57) 56(84) bytes of data. &
64 bytes from 192.168.1.57: icmp_req=1 ttl=64 time=0.024 ms &
64 bytes from 192.168.1.57: icmp_req=2 ttl=64 time=0.020 ms &
对192.168.1.59做相同的配置,略有变化的是:
vrrp_instance VI_1 { &
& & interface eth0 &
& & state BACKUP &// changed &
& & priority 100 &// changed &
通过轮流关闭master和backup,证明keepalived已经有效工作了。
(window.slotbydup=window.slotbydup || []).push({
id: '2467140',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467141',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467142',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467143',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467148',
container: s,
size: '1000,90',
display: 'inlay-fix'当前位置:&>&&>&
LVS+keepalived+Nginx实现负载均衡时前后端故障全自动化处理
时间: 18:23:16    来源:服务器之家    投稿:root
最近帮朋友公司配了一下LVS,实现全自动化处理故障问题,基本环境如下
VIP : 192.168.101.100
LVS1: 192.168.101.103
LVS2: 192.168.101.104
RS1: 192.168.101.105
RS2: 192.168.101.108
后端还有一些服务器IP就不一一写出来了
首先各个服务器上配置好各种需要的环境,所需要依赖包,然后在master 和
backup上装好keepalived 和 LVS,直接yum安装 .不启动LVS,启动keepalived就好,下面直接说配置
全部在keepalived上
[&shell]#&cat&/etc/keepalived/keepalived.conf
!&Configuration&File&for&keepalived
global_defs&{
&&&router_id&LVS_DEVEL
vrrp_sync_group&VGM&{&&&&&###定义一个vrrp组
notify_master&"/data/shell/arp.sh"
notify_backup&"/data/shell/arp.sh"
vrrp_script&chk_nginx&{&&&&####&定义脚本
script&"/data/shell/check_nginx.sh"
interval&1
vrrp_script&chk_nginx2&{&&&&&&####&定义脚本
script&"/data/shell/check_nginx2.sh"
interval&1
vrrp_instance&VI_1&{
&&&&state&MASTER&&&&###backup上配置相同,只需要改下相关权重等
&&&&interfaceð1
&&&&virtual_router_id&51
&&&&priority&101
&&&&advert_int&1
&&&&authentication&{
&&&&&&&&auth_type&PASS
&&&&&&&&auth_pass&1111
track_script&{&&&&####&执行脚本检测
chk_nginx2
&&&&virtual_ipaddress&{
&&&&&&&&192.168.101.100
virtual_server&192.168.101.100&80&{
&&&&delay_loop&2
&&&&lb_algo&wrr
&&&&lb_kind&DR
&&&&persistence_timeout&60
&&&&protocol&TCP
&&&&real_server&192.168.101.105&80&{
&&&&&&&weight&3
&&&&&&&&HTTP_GET&{
&&&&&&&&url&{
&&&&&&&&path&/test.html
&&&&&&&&digest&9a8acfd3c07a45099bcde1a97a9fb7c5
&&&&&&&&connect_timeout&5
&&&&&&&&nb_get_retry&3
&&&&&&&&delay_before_retry&3
&&&&&&&&connect_port&80
&real_server&192.168.101.108&80&{
&&&&&&&&weight&3
&&&&&&&&HTTP_GET&{
&&&&&&&&url&{
&&&&&&&&path&/test2.html
&&&&&&&&digest&ff240e1f2a4
&&&&&&&&connect_timeout&5
&&&&&&&&nb_get_retry&3
&&&&&&&&delay_before_retry&3
&&&&&&&&connect_port&80
[ shell]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
&& router_id LVS_DEVEL
vrrp_sync_group VGM {&&&& ###定义一个vrrp组
notify_master "/data/shell/arp.sh"
notify_backup "/data/shell/arp.sh"
vrrp_script chk_nginx {&&&&#### 定义脚本
script "/data/shell/check_nginx.sh"
interval 1
vrrp_script chk_nginx2 {&&&&&&####
script "/data/shell/check_nginx2.sh"
interval 1
vrrp_instance VI_1 {
MASTER&&&&###backup上配置相同,只需要改下相关权重等
&&&&interface eth1
&&&&virtual_router_id 51
&&&&priority 101
&&&&advert_int 1
&&&&authentication {
&&&&&&&&auth_type
&&&&&&&&auth_pass
track_script {&&&&#### 执行脚本检测
chk_nginx2
&&&&virtual_ipaddress {
&&&&&&&&192.168.101.100&&
virtual_server 192.168.101.100 80 {
&&&&delay_loop 2
&&&&lb_algo wrr
&&&&lb_kind DR
&&&&persistence_timeout 60
&&&&protocol TCP
&&&&real_server 192.168.101.105 80 {
&&&&&& weight 3
&&&&HTTP_GET {
&&&&&&&&url {
&&&&&&&&path
/test.html
&&&&&&&&digest
9a8acfd3c07a45099bcde1a97a9fb7c5
&&&&connect_timeout 5
&&&&nb_get_retry 3
&&&&delay_before_retry 3
&&&&connect_port 80
real_server 192.168.101.108 80 {
&&&&weight 3
&&&&HTTP_GET {
&&&&&&&&url {
&&&&&&&&path
/test2.html
&&&&&&&&digest
ff240e1f2a4
&&&&connect_timeout 5
&&&&nb_get_retry 3
&&&&delay_before_retry 3
&&&&connect_port 80
如果你前端开启了防火墙或者selinux,请关闭防火墙测试或者selinux测试,否则你会出现两个master,哈哈,两个vip地址同时出现,或者起不来服务,如果不关闭iptables,请加入以下策略
###允许80端口对外提供服务
-A&INPUT&-m&state&--state&NEW&-m&tcp&-p&tcp&--dport&80&-j&ACCEPT
###DR模式,当用户请求LVS-DR&VIP时,只有DR响应客户端的ARP广播包,允许vrrp虚拟路由器冗余协议-A&&&INPUT&&&-d&&&224.0.0.0/8&&&-j&&&ACCEPT
-A&&&INPUT&&&&-p&&&vrrp&&&-j&&&ACCEPT
###允许80端口对外提供服务&&
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j
###DR模式,当用户请求LVS-DR
VIP时,只有DR响应客户端的ARP广播包,允许vrrp虚拟路由器冗余协议-A&&
INPUT&& -d&& 224.0.0.0/8&&
-j&& ACCEPT&&
-A&& INPUT&&&&-p&&
vrrp&& -j&& ACCEPT
下面是几个在master 和backup上执行的高效脚本,检测后端nginx的
[&shell]#&cat&arp.sh
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping&-Ið1&-c&5&-s&$VIP&$GATEWAY&&&/dev/null
########################################################
[&shell]#&cat&check_nginx.sh
!/bin/bash
url="http://192.168.101.105"&&&&&&####realserver&web地址检测
status=$(/usr/bin/curl&-s&--head&"$url"&|&awk&'/HTTP/&{print&$2}')
if&[&"$status"&!=&"200"&];&then
/data/shell/arp.sh&start
[&shell]#&cat&check_nginx2.sh
!/bin/bash
url="http://192.168.101.108"&&&&&&####realserver&web地址检测
status=$(/usr/bin/curl&-s&--head&"$url"&|&awk&'/HTTP/&{print&$2}')
if&[&"$status"&!=&"200"&];&then
/data/shell/arp.sh&start
[ shell]# cat arp.sh
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping -I eth1 -c 5 -s $VIP $GATEWAY
&&/dev/null
########################################################
[ shell]# cat check_nginx.sh
!/bin/bash
url="http://192.168.101.105"&&&&&&####realserver
web地址检测
status=$(/usr/bin/curl -s --head "$url" | awk '/HTTP/ {print
if [ "$status" != "200" ]; then
/data/shell/arp.sh start
[ shell]# cat check_nginx2.sh
!/bin/bash
url="http://192.168.101.108"&&&&&&####realserver
web地址检测
status=$(/usr/bin/curl -s --head "$url" | awk '/HTTP/ {print
if [ "$status" != "200" ]; then
/data/shell/arp.sh start
&arp缓存清理shell &{arp.sh}
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping&-Ið1&-c&5&-s&192.168.101.100&192.168.101.1&&&/dev/null
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping -I eth1 -c 5 -s 192.168.101.100 192.168.101.1
&&/dev/null
&这个配置会实现
无论前端调度或者后端nginx服务任意一台中断都会在最短的时间响应到正常的请求,经测试,lvs前端两台故障几乎是0秒切换,后端nginx的web服务故障也就是几秒钟的自动切换,如果是DNS解析,请做好解析定时缓存清理
转载请注明原文地址:新手搭keepalived时主备机都有虚拟IP启动问题..._百度知道
新手搭keepalived时主备机都有虚拟IP启动问题...
com/zhidao/wh%3D450%2C600/sign=ca142c0ecf1b9d168aee98b9/bf096b63fe10ca5eaf81a4c500fa270.求思路与解决方法.hiphotos.jpg" esrc="http.baidu我是用VM搭的.hiphotos://e.com/zhidao/wh%3D600%2C800/sign=/zhidao/pic/item/e0cf364b0f72a0b46f21fbf09aa98.://f,用ip a查看时发现备用机的IP也包含虚拟/zhidao/wh%3D600%2C800/sign=0b74f70d55e736deab6063fa/e0cf364b0f72a0b46f21fbf09aa98.主./zhidao/pic/item/6a63fafcfd8f9a15e!://f.hiphotos.baidu.,按照网上的教程搭建.jpg" />求解.hiphotos.jpg" target="_blank" title="点击查看大图" class="ikqb_img_alink">在备用机存在虚拟IP.com/zhidao/wh%3D450%2C600/sign=0ad562f25dd8e9d221bcd9//zhidao/wh%3D450%2C600/sign=1afdfad839ceea81bfa062/6a63fafcfd8f9a15e.jpg" esrc="http.hiphotos://d,搭完后备用机一启动keepalived就自动从BACKUP切换到MASTER(另一机并未关keepalived服务).com/zhidao/pic/item/bf096b63fe10ca5eaf81a4c500fa270.baidu.jpg" />备:
采纳率100%
其他类似问题
为您推荐:
keepalived的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁技术交流QQ群:& && && &
现在的位置:
Nginx+Keepalived实现Web服务器负载均衡
操作系统:CentOS 5.X 64位
Web服务器:192.168.21.127、192.168.21.128
站点:和部署在两台Web服务器上
实现目的:
增加两台服务器(主主模式),通过Nginx+Keepalived实现Web服务器负载均衡
架构规划:
负载均衡服务器:192.168.21.129、192.168.21.130
虚拟服务器(VIP):192.168.21.252、192.168.21.253
部署完成之后:
1、VIP:192.168.21.253指向192.168.21.129;VIP:192.168.21.252指向192.168.21.130;
2、当192.168.21.129宕机时,VIP:192.168.21.253漂移到192.168.21.130上;
3、当192.168.21.130宕机时,VIP:192.168.21.252漂移到192.168.21.129上;
这样的主主模式好处是,两台服务器在提供服务的同时,又互为对方的备份服务器。
具体操作:
第一部分:在两台Nginx服务器上分别操作
一、关闭SElinux、配置防火墙
1、vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
setenforce 0 #使配置立即生效
2、vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -d 224.0.0.18 -j ACCEPT
#允许组播地址通信
-A RH-Firewall-1-INPUT -p
#允许VRRP(虚拟路由器冗余协)通信
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
#允许80端口通过防火墙
:wq! #保存退出
/etc/init.d/iptables restart #重启防火墙使配置生效
二、安装Nginx
1、安装编译工具包(使用CentOS yum命令安装,安装的包比较多,方便以后配置lnmp环境)
yum install -y make apr* autoconf automake curl curl-devel gcc gcc-c++ gtk+-devel zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat*
cpp glibc libgomp libstdc++-devel keyutils-libs-devel libsepol-devel libselinux-devel krb5-devel
libXpm* freetype freetype-devel freetype* fontconfig fontconfig-devel
libjpeg* libpng* php-common php-gd gettext gettext-devel ncurses* libtool* libxml2 libxml2-devel patch policycoreutils bison
2、下载软件包
(1)http://nginx.org/download/nginx-1.4.7.tar.gz
#下载Nginx
(2)ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.34.tar.gz
#下载pcre (支持nginx伪静态)
(3)/files/ngx_cache_purge-2.1.tar.gz
#下载ngx_cache_purge(方便以后扩展配置nginx缓存服务器)
上传以上软件包到/usr/local/src 目录
3、安装pcre
cd /usr/local/src
mkdir /usr/local/pcre #创建安装目录
tar zxvf pcre-8.34.tar.gz
cd pcre-8.34
./configure --prefix=/usr/local/pcre #配置
make install
4、安装Nginx
cd /usr/local/src
#添加www组
useradd -g www www -s /bin/false
#创建nginx运行账户www并加入到www组,不允许www用户直接登录系统
cd /usr/local/src
#进入安装目录
ngx_cache_purge-2.1.tar.gz
zxvf nginx-1.4.7.tar.gz
cd nginx-1.4.7
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/usr/local/src/pcre-8.34
--add-module=../ngx_cache_purge-2.1
注意:--with-pcre=/usr/local/src/pcre-8.34指向的是源码包解压的路径,而不是安装的路径,否则会报错
make install #安装
/usr/local/nginx/sbin/nginx #启动nginx
设置nginx开启启动
vi /etc/rc.d/init.d/nginx #编辑启动文件添加下面内容
=======================================================
# nginx - this script starts and stops the nginx daemon
# chkconfig:
# description:
Nginx is an HTTP(S) server, HTTP(S) reverse \
proxy and IMAP/POP3 proxy server
# processname: nginx
/etc/nginx/nginx.conf
/usr/local/nginx/conf/nginx.conf
# pidfile:
/usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2&&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
if [ -z "`grep $user /etc/passwd`" ]; then
useradd -M -s /bin/nologin $user
options=`$nginx -V 2&&1 | grep 'configure arguments:'`
for opt in $ do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
[ $retval -eq 0 ] && touch $lockfile
return $retval
echo -n $"Stopping $prog: "
killproc $prog -QUIT
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
restart() {
#configtest || return $?
reload() {
#configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
force_reload() {
configtest() {
$nginx -t -c $NGINX_CONF_FILE
rh_status() {
status $prog
rh_status_q() {
rh_status &/dev/null 2&&1
case "$1" in
rh_status_q && exit 0
rh_status_q || exit 0
restart|configtest)
rh_status_q || exit 7
force-reload)
force_reload
condrestart|try-restart)
rh_status_q || exit 0
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
=======================================================
:wq! #保存退出
chmod 775 /etc/rc.d/init.d/nginx #赋予文件执行权限
chkconfig nginx on #设置开机启动
/etc/rc.d/init.d/nginx restart
#重新启动Nginx
service nginx restart
=======================================================
三、配置Nginx
cp /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/conf/nginx.confbak
#备份nginx配置文件
1、设置nginx运行账
/usr/local/nginx/conf/nginx.conf
#编辑,修改
找到修改为
:wq! #保存退出
2、禁止nginx空主机头
vi /usr/local/nginx/conf/nginx.conf
找到server,在上面一行添加如下内容:
##############################
server_name
location / {
return 404;
location ~ /.ht {
##############################
:wq! #保存退出
/etc/rc.d/init.d/nginx restart
#重启nginx
这样设置之后,空主机头访问会直接跳转到nginx404错误页面。
3、添加nginx虚拟主机包含文件
cd /usr/local/nginx/conf/
#进入nginx安装目录
mkdir vhost
#建立虚拟目录
/usr/local/nginx/conf/nginx.conf
找到上一步添加的代码,在最后添加如下内容:
:wq! #保存退出
##############################
server_name
location / {
return 404;
location ~ /.ht {
##############################
4、添加Web服务器列表文件
/usr/local/nginx/conf/
mysvrhost.conf
/usr/local/nginx/conf/nginx.conf
找到上一步添加的代码,在下面添加一行
mysvrhost.
:wq! #保存退出
5、设置nginx全局参数
/usr/local/nginx/conf/nginx.conf
worker_processes 2;
# 工作进程数,为CPU的核心数或者两倍
worker_connections 65535;
#修改为65535,最大连接数。
#############以下代码在http { 部分增加与修改##############
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
keepalive_timeout
#增加,不显示nginx版本信息
gzip_min_length
gzip_buffers
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types
text/plain application/x-javascript text/css application/
6、设置Web服务器列表
/usr/local/nginx/conf/
vi mysvrhost.conf
#编辑,添加以下代码
osyunweihost {
server 192.168.21.127:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.21.128:80 weight=1 max_fails=2 fail_timeout=30s;
7、新建虚拟主机配置文件
cd /usr/local/nginx/conf/vhost
#进入虚拟主机目录
touch osyunwei.conf #建立虚拟主机配置文件
osyunwei.conf #编辑
log_format
'$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
location /
proxy_next_upstream http_502 http_504 error timeout invalid_
proxy_pass http://
proxy_set_header Host
proxy_set_header X-Forwarded-For
location /NginxStatus {
auth_basic
"NginxStatus";
#auth_basic_user_
access_log
/usr/local/nginx/logs/access.
service nginx restart
#重启nginx
四、安装keepalived
温馨提醒:qihang01原创内容(C)版权所有,转载请注明出处及原文链接
下载keeplived:http://www.keepalived.org/software/keepalived-1.2.12.tar.gz
上传keepalived-1.2.12.tar.gz到/usr/local/src目录
cd /usr/local/src
tar zxvf keepalived-1.2.12.tar.gz
cd keepalived-1.2.12
./configure
--prefix=/usr/local/keepalived
#配置,必须看到以下提示,说明配置正确,才能继续安装
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework
make #编辑
make install
cp /usr/local/keepalived/etc/sysconfig/keepalived
/etc/sysconfig/keepalived
mkdir /etc/keepalived
ln -s /usr/local/keepalived/etc/keepalived/keepalived.conf
/etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived
/etc/rc.d/init.d/
chmod +x /etc/rc.d/init.d/keepalived
#添加执行权限
chkconfig keepalived on
#设置开机启动
service keepalived start #启动
service keepalived stop
service keepalived restart
五、配置keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf
/usr/local/keepalived/etc/keepalived/keepalived.conf-bak
vi /usr/local/keepalived/etc/keepalived/keepalived.conf
#编辑,修改为以下代码
#########################################################
#以下为192.168.21.129服务器
! Configuration File for keepalived
global_defs {
notification_email {
notification_email_from
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
#Nginx服务监控脚本
interval 2
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
track_script {
chk_nginx #监测nginx进程状态
virtual_ipaddress {
192.168.21.253
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.253"
#更新虚拟服务器(VIP)地址的arp记录到网关
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
virtual_ipaddress {
192.168.21.252
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.252"
#更新虚拟服务器(VIP)地址的arp记录到网关
#########################################################
:wq! #保存退出
#########################################################
#以下为192.168.21.130服务器
! Configuration File for keepalived
global_defs {
notification_email {
notification_email_from
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
#Nginx服务监控脚本
interval 2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
track_script {
chk_nginx #监测nginx进程状态
virtual_ipaddress {
192.168.21.253
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.253"
#更新虚拟服务器(VIP)地址的arp记录到网关
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
virtual_ipaddress {
192.168.21.252
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.252"
#更新虚拟服务器(VIP)地址的arp记录到网关
#########################################################
:wq! #保存退出
六、设置nginx服务监控脚本
touch /usr/local/keepalived/check_nginx.sh
ln -s /usr/local/keepalived/check_nginx.sh
/etc/keepalived/check_nginx.sh
/etc/keepalived/check_nginx.sh #编辑,添加以下代码
#########################################################
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/nginx
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/keepalived
#########################################################
:wq! #保存退出
chmod +x /usr/local/keepalived/check_nginx.sh
#添加执行权限
七、设置更新虚拟服务器(VIP)地址的arp记录到网关脚本
/usr/local/keepalived/clean_arp.sh
/usr/local/keepalived/clean_arp.sh
/etc/keepalived/clean_arp.sh
/etc/keepalived/clean_arp.sh
#编辑,添加以下代码
GATEWAY=192.168.21.2 #网关地址
/sbin/arping -I eth0 -c 5 -s $VIP $GATEWAY &&/dev/null
chmod +x /usr/local/keepalived/clean_arp.sh
#添加脚本执行权限
service nginx restart #重启nginx
service keepalived restart
#重启keepalived
第二部分:测试Nginx+Keepalived是否正常运行
一、 解析到192.168.21.253; 解析到192.168.21.252;
在两台Nginx服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
温馨提醒:qihang01原创内容(C)版权所有,转载请注明出处及原文链接
可以看出现在VIP:192.168.21.253指向192.168.21.129;VIP:192.168.21.252指向192.168.21.130;
在浏览器中打开
如下图所示:
此时,bbs和sns域名都被均衡到192.168.21.127上面
二、停止192.168.21.127上面的nginx服务
service nginx stop
继续打开上面的两个网址,如下图所示:
此时,bbs和sns域名都被均衡到192.168.21.128上面(由于192.168.21.127服务器nginx服务被关闭,实现了故障转移)
三、关闭192.168.21.129上面的Keepalived服务
service keepalived stop
此时,在两台Keepalived服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
可以看出VIP:192.168.21.253和192.168.21.252均指向到192.168.21.130;
此时,打开/如下图所示:
可以正常访问
四、恢复192.168.21.129上面的keepalived服务,恢复192.168.21.127上面的nginx服务,停止192.168.21.130上面的Keepalived服务
service keepalived stop
在两台Keepalived服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
可以看出VIP:192.168.21.253和192.168.21.252均指向到192.168.21.129;
此时,打开/如下图所示:
可以正常访问
至此,Nginx+Keepalived实现Web服务器负载均衡配置完成。
&&&&&>> 本文链接:>> 订阅本站:>> 转载请注明来源: >>
&&系统运维技术交流QQ群:①& ②& ③&
【上篇】【下篇】
您可能还会对这些文章感兴趣!
您必须才能发表留言!
本分类最新文章
日志总数:311篇
评论总数:1030条
分类总数:70个
标签总数:458个
友情链接:34个
网站运行:1738天
最后更新:日
欢迎PR值≥3的IT类技术博客与本站友情链接(申请前请先做好本站链接)
Copyright&
系统运维 All rights reserved
版权声明:本站所有文章均为作者原创内容,如需转载,请注明出处及原文链接}
用Keepalived搭建双Nginx server集群,防止单点故障
访问虚拟IP: 192.168.1.57, 该虚拟IP被Keepalived接管,两个Keepalived进程分别运行在物理IP为192.168.1.56和192.168.1.59服务器上,这两个服务器上都运行着Nginx server。Nginx server都监听虚拟IP 192.168.1.57. Nginx背后有一些web app集群,已经配置成upstream.
为了防止Nginx自己成为单点瓶颈,这里采用了双Nginx server的方式。每个Server都是Ubuntu 12.04.&
假定我的第一台Ubuntu server物理IP地址是192.168.1.56,已经安装了Nginx server,现在安装Keepalived,后面称这台为master server.
apt-get install keepalived &
另外一台Ubuntu server物理IP是192.168.1.59, 也安装Nginx server和Keapalived. 后面称这台为backup server. Nginx的安装以及配置不是本文关注内容,请参考我的其他文章。
现在开始配置master server. 安装完成keepalived后,通过查看脚本/etc/init.d/keepalived里面发现,启动配置文件的路径是
CONFIG=/etc/keepalived/keepalived.conf &
但是该文件现在还不存在。所以我创建一个,内容如下:
# Settings for notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
global_defs { &
& & notification_email { &
& & # Email address for notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & notification_email_from keepalived@ &# The from address for the notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & smtp_server 127.0.0.1 &
& & smtp_connect_timeout 15 &
# Define the script used to check if haproxy is still working & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
vrrp_script chk_http_port { &
& & script &/etc/keepalived/check_nginx.sh& # check Nginx is alive or not & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & interval 2 # & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & weight 2 &
# Configuation for the virtual interface & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
vrrp_instance VI_1 { &
& & interface eth0 &
& & state MASTER & & & &# set this to BACKUP on the other machine & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & priority 101 & & & &# set this to 100 on the other machine & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & virtual_router_id 51 &
& & smtp_alert & & & & &# Activate email notifications & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & authentication { &
& & auth_type PASS &
& & auth_pass 1111 & & &# Set this to some secret phrase & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & # The virtual ip address shared between the two loadbalancers & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & virtual_ipaddress { &
& & 192.168.1.57 &
& & # Use the script above to check if we should fail over & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &&
& & track_script { &
& & chk_http_port &
1. smtp_server必须要用127.0.0.1
2. 自己要创建一个检查nginx进程的脚本
/etc/keepalived/check_nginx.sh &
内容如下:
!/bin/bash &
# try to start nginx if nginx process is dead & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
# shutdonw keepalived process if start nginx failed & & & & & & & & & & & & & & & & & & & &&
pid=`ps -C nginx --no-header |wc -l` &
if [ $pid -eq 0 ];then &
& & service nginx start &
& & sleep 3 &
& & if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then &
& & & & service keepalived stop &
3. 修改nginx的所有server配置,将server_name都改为虚拟IP
server_name &192.168.1.57; &
4. 注意,这里的虚拟IP不是用修改/etc/network/interfaces的方式,而是在keepalived配置文件中直接设置,要想判断是否成功,直接ping 就行了,ifconfig是看不到的。
ping 192.168.1.57 &
PING 192.168.1.57 (192.168.1.57) 56(84) bytes of data. &
64 bytes from 192.168.1.57: icmp_req=1 ttl=64 time=0.024 ms &
64 bytes from 192.168.1.57: icmp_req=2 ttl=64 time=0.020 ms &
对192.168.1.59做相同的配置,略有变化的是:
vrrp_instance VI_1 { &
& & interface eth0 &
& & state BACKUP &// changed &
& & priority 100 &// changed &
通过轮流关闭master和backup,证明keepalived已经有效工作了。
(window.slotbydup=window.slotbydup || []).push({
id: '2467140',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467141',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467142',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467143',
container: s,
size: '1000,90',
display: 'inlay-fix'
(window.slotbydup=window.slotbydup || []).push({
id: '2467148',
container: s,
size: '1000,90',
display: 'inlay-fix'当前位置:&>&&>&
LVS+keepalived+Nginx实现负载均衡时前后端故障全自动化处理
时间: 18:23:16    来源:服务器之家    投稿:root
最近帮朋友公司配了一下LVS,实现全自动化处理故障问题,基本环境如下
VIP : 192.168.101.100
LVS1: 192.168.101.103
LVS2: 192.168.101.104
RS1: 192.168.101.105
RS2: 192.168.101.108
后端还有一些服务器IP就不一一写出来了
首先各个服务器上配置好各种需要的环境,所需要依赖包,然后在master 和
backup上装好keepalived 和 LVS,直接yum安装 .不启动LVS,启动keepalived就好,下面直接说配置
全部在keepalived上
[&shell]#&cat&/etc/keepalived/keepalived.conf
!&Configuration&File&for&keepalived
global_defs&{
&&&router_id&LVS_DEVEL
vrrp_sync_group&VGM&{&&&&&###定义一个vrrp组
notify_master&"/data/shell/arp.sh"
notify_backup&"/data/shell/arp.sh"
vrrp_script&chk_nginx&{&&&&####&定义脚本
script&"/data/shell/check_nginx.sh"
interval&1
vrrp_script&chk_nginx2&{&&&&&&####&定义脚本
script&"/data/shell/check_nginx2.sh"
interval&1
vrrp_instance&VI_1&{
&&&&state&MASTER&&&&###backup上配置相同,只需要改下相关权重等
&&&&interfaceð1
&&&&virtual_router_id&51
&&&&priority&101
&&&&advert_int&1
&&&&authentication&{
&&&&&&&&auth_type&PASS
&&&&&&&&auth_pass&1111
track_script&{&&&&####&执行脚本检测
chk_nginx2
&&&&virtual_ipaddress&{
&&&&&&&&192.168.101.100
virtual_server&192.168.101.100&80&{
&&&&delay_loop&2
&&&&lb_algo&wrr
&&&&lb_kind&DR
&&&&persistence_timeout&60
&&&&protocol&TCP
&&&&real_server&192.168.101.105&80&{
&&&&&&&weight&3
&&&&&&&&HTTP_GET&{
&&&&&&&&url&{
&&&&&&&&path&/test.html
&&&&&&&&digest&9a8acfd3c07a45099bcde1a97a9fb7c5
&&&&&&&&connect_timeout&5
&&&&&&&&nb_get_retry&3
&&&&&&&&delay_before_retry&3
&&&&&&&&connect_port&80
&real_server&192.168.101.108&80&{
&&&&&&&&weight&3
&&&&&&&&HTTP_GET&{
&&&&&&&&url&{
&&&&&&&&path&/test2.html
&&&&&&&&digest&ff240e1f2a4
&&&&&&&&connect_timeout&5
&&&&&&&&nb_get_retry&3
&&&&&&&&delay_before_retry&3
&&&&&&&&connect_port&80
[ shell]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
&& router_id LVS_DEVEL
vrrp_sync_group VGM {&&&& ###定义一个vrrp组
notify_master "/data/shell/arp.sh"
notify_backup "/data/shell/arp.sh"
vrrp_script chk_nginx {&&&&#### 定义脚本
script "/data/shell/check_nginx.sh"
interval 1
vrrp_script chk_nginx2 {&&&&&&####
script "/data/shell/check_nginx2.sh"
interval 1
vrrp_instance VI_1 {
MASTER&&&&###backup上配置相同,只需要改下相关权重等
&&&&interface eth1
&&&&virtual_router_id 51
&&&&priority 101
&&&&advert_int 1
&&&&authentication {
&&&&&&&&auth_type
&&&&&&&&auth_pass
track_script {&&&&#### 执行脚本检测
chk_nginx2
&&&&virtual_ipaddress {
&&&&&&&&192.168.101.100&&
virtual_server 192.168.101.100 80 {
&&&&delay_loop 2
&&&&lb_algo wrr
&&&&lb_kind DR
&&&&persistence_timeout 60
&&&&protocol TCP
&&&&real_server 192.168.101.105 80 {
&&&&&& weight 3
&&&&HTTP_GET {
&&&&&&&&url {
&&&&&&&&path
/test.html
&&&&&&&&digest
9a8acfd3c07a45099bcde1a97a9fb7c5
&&&&connect_timeout 5
&&&&nb_get_retry 3
&&&&delay_before_retry 3
&&&&connect_port 80
real_server 192.168.101.108 80 {
&&&&weight 3
&&&&HTTP_GET {
&&&&&&&&url {
&&&&&&&&path
/test2.html
&&&&&&&&digest
ff240e1f2a4
&&&&connect_timeout 5
&&&&nb_get_retry 3
&&&&delay_before_retry 3
&&&&connect_port 80
如果你前端开启了防火墙或者selinux,请关闭防火墙测试或者selinux测试,否则你会出现两个master,哈哈,两个vip地址同时出现,或者起不来服务,如果不关闭iptables,请加入以下策略
###允许80端口对外提供服务
-A&INPUT&-m&state&--state&NEW&-m&tcp&-p&tcp&--dport&80&-j&ACCEPT
###DR模式,当用户请求LVS-DR&VIP时,只有DR响应客户端的ARP广播包,允许vrrp虚拟路由器冗余协议-A&&&INPUT&&&-d&&&224.0.0.0/8&&&-j&&&ACCEPT
-A&&&INPUT&&&&-p&&&vrrp&&&-j&&&ACCEPT
###允许80端口对外提供服务&&
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j
###DR模式,当用户请求LVS-DR
VIP时,只有DR响应客户端的ARP广播包,允许vrrp虚拟路由器冗余协议-A&&
INPUT&& -d&& 224.0.0.0/8&&
-j&& ACCEPT&&
-A&& INPUT&&&&-p&&
vrrp&& -j&& ACCEPT
下面是几个在master 和backup上执行的高效脚本,检测后端nginx的
[&shell]#&cat&arp.sh
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping&-Ið1&-c&5&-s&$VIP&$GATEWAY&&&/dev/null
########################################################
[&shell]#&cat&check_nginx.sh
!/bin/bash
url="http://192.168.101.105"&&&&&&####realserver&web地址检测
status=$(/usr/bin/curl&-s&--head&"$url"&|&awk&'/HTTP/&{print&$2}')
if&[&"$status"&!=&"200"&];&then
/data/shell/arp.sh&start
[&shell]#&cat&check_nginx2.sh
!/bin/bash
url="http://192.168.101.108"&&&&&&####realserver&web地址检测
status=$(/usr/bin/curl&-s&--head&"$url"&|&awk&'/HTTP/&{print&$2}')
if&[&"$status"&!=&"200"&];&then
/data/shell/arp.sh&start
[ shell]# cat arp.sh
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping -I eth1 -c 5 -s $VIP $GATEWAY
&&/dev/null
########################################################
[ shell]# cat check_nginx.sh
!/bin/bash
url="http://192.168.101.105"&&&&&&####realserver
web地址检测
status=$(/usr/bin/curl -s --head "$url" | awk '/HTTP/ {print
if [ "$status" != "200" ]; then
/data/shell/arp.sh start
[ shell]# cat check_nginx2.sh
!/bin/bash
url="http://192.168.101.108"&&&&&&####realserver
web地址检测
status=$(/usr/bin/curl -s --head "$url" | awk '/HTTP/ {print
if [ "$status" != "200" ]; then
/data/shell/arp.sh start
&arp缓存清理shell &{arp.sh}
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping&-Ið1&-c&5&-s&192.168.101.100&192.168.101.1&&&/dev/null
#!/bin/bash
VIP=192.168.101.100
GATEWAY=192.168.101.1
/sbin/arping -I eth1 -c 5 -s 192.168.101.100 192.168.101.1
&&/dev/null
&这个配置会实现
无论前端调度或者后端nginx服务任意一台中断都会在最短的时间响应到正常的请求,经测试,lvs前端两台故障几乎是0秒切换,后端nginx的web服务故障也就是几秒钟的自动切换,如果是DNS解析,请做好解析定时缓存清理
转载请注明原文地址:新手搭keepalived时主备机都有虚拟IP启动问题..._百度知道
新手搭keepalived时主备机都有虚拟IP启动问题...
com/zhidao/wh%3D450%2C600/sign=ca142c0ecf1b9d168aee98b9/bf096b63fe10ca5eaf81a4c500fa270.求思路与解决方法.hiphotos.jpg" esrc="http.baidu我是用VM搭的.hiphotos://e.com/zhidao/wh%3D600%2C800/sign=/zhidao/pic/item/e0cf364b0f72a0b46f21fbf09aa98.://f,用ip a查看时发现备用机的IP也包含虚拟/zhidao/wh%3D600%2C800/sign=0b74f70d55e736deab6063fa/e0cf364b0f72a0b46f21fbf09aa98.主./zhidao/pic/item/6a63fafcfd8f9a15e!://f.hiphotos.baidu.,按照网上的教程搭建.jpg" />求解.hiphotos.jpg" target="_blank" title="点击查看大图" class="ikqb_img_alink">在备用机存在虚拟IP.com/zhidao/wh%3D450%2C600/sign=0ad562f25dd8e9d221bcd9//zhidao/wh%3D450%2C600/sign=1afdfad839ceea81bfa062/6a63fafcfd8f9a15e.jpg" esrc="http.hiphotos://d,搭完后备用机一启动keepalived就自动从BACKUP切换到MASTER(另一机并未关keepalived服务).com/zhidao/pic/item/bf096b63fe10ca5eaf81a4c500fa270.baidu.jpg" />备:
采纳率100%
其他类似问题
为您推荐:
keepalived的相关知识
等待您来回答
下载知道APP
随时随地咨询
出门在外也不愁技术交流QQ群:& && && &
现在的位置:
Nginx+Keepalived实现Web服务器负载均衡
操作系统:CentOS 5.X 64位
Web服务器:192.168.21.127、192.168.21.128
站点:和部署在两台Web服务器上
实现目的:
增加两台服务器(主主模式),通过Nginx+Keepalived实现Web服务器负载均衡
架构规划:
负载均衡服务器:192.168.21.129、192.168.21.130
虚拟服务器(VIP):192.168.21.252、192.168.21.253
部署完成之后:
1、VIP:192.168.21.253指向192.168.21.129;VIP:192.168.21.252指向192.168.21.130;
2、当192.168.21.129宕机时,VIP:192.168.21.253漂移到192.168.21.130上;
3、当192.168.21.130宕机时,VIP:192.168.21.252漂移到192.168.21.129上;
这样的主主模式好处是,两台服务器在提供服务的同时,又互为对方的备份服务器。
具体操作:
第一部分:在两台Nginx服务器上分别操作
一、关闭SElinux、配置防火墙
1、vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
setenforce 0 #使配置立即生效
2、vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -d 224.0.0.18 -j ACCEPT
#允许组播地址通信
-A RH-Firewall-1-INPUT -p
#允许VRRP(虚拟路由器冗余协)通信
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
#允许80端口通过防火墙
:wq! #保存退出
/etc/init.d/iptables restart #重启防火墙使配置生效
二、安装Nginx
1、安装编译工具包(使用CentOS yum命令安装,安装的包比较多,方便以后配置lnmp环境)
yum install -y make apr* autoconf automake curl curl-devel gcc gcc-c++ gtk+-devel zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat*
cpp glibc libgomp libstdc++-devel keyutils-libs-devel libsepol-devel libselinux-devel krb5-devel
libXpm* freetype freetype-devel freetype* fontconfig fontconfig-devel
libjpeg* libpng* php-common php-gd gettext gettext-devel ncurses* libtool* libxml2 libxml2-devel patch policycoreutils bison
2、下载软件包
(1)http://nginx.org/download/nginx-1.4.7.tar.gz
#下载Nginx
(2)ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.34.tar.gz
#下载pcre (支持nginx伪静态)
(3)/files/ngx_cache_purge-2.1.tar.gz
#下载ngx_cache_purge(方便以后扩展配置nginx缓存服务器)
上传以上软件包到/usr/local/src 目录
3、安装pcre
cd /usr/local/src
mkdir /usr/local/pcre #创建安装目录
tar zxvf pcre-8.34.tar.gz
cd pcre-8.34
./configure --prefix=/usr/local/pcre #配置
make install
4、安装Nginx
cd /usr/local/src
#添加www组
useradd -g www www -s /bin/false
#创建nginx运行账户www并加入到www组,不允许www用户直接登录系统
cd /usr/local/src
#进入安装目录
ngx_cache_purge-2.1.tar.gz
zxvf nginx-1.4.7.tar.gz
cd nginx-1.4.7
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/usr/local/src/pcre-8.34
--add-module=../ngx_cache_purge-2.1
注意:--with-pcre=/usr/local/src/pcre-8.34指向的是源码包解压的路径,而不是安装的路径,否则会报错
make install #安装
/usr/local/nginx/sbin/nginx #启动nginx
设置nginx开启启动
vi /etc/rc.d/init.d/nginx #编辑启动文件添加下面内容
=======================================================
# nginx - this script starts and stops the nginx daemon
# chkconfig:
# description:
Nginx is an HTTP(S) server, HTTP(S) reverse \
proxy and IMAP/POP3 proxy server
# processname: nginx
/etc/nginx/nginx.conf
/usr/local/nginx/conf/nginx.conf
# pidfile:
/usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2&&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
if [ -z "`grep $user /etc/passwd`" ]; then
useradd -M -s /bin/nologin $user
options=`$nginx -V 2&&1 | grep 'configure arguments:'`
for opt in $ do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
[ $retval -eq 0 ] && touch $lockfile
return $retval
echo -n $"Stopping $prog: "
killproc $prog -QUIT
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
restart() {
#configtest || return $?
reload() {
#configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
force_reload() {
configtest() {
$nginx -t -c $NGINX_CONF_FILE
rh_status() {
status $prog
rh_status_q() {
rh_status &/dev/null 2&&1
case "$1" in
rh_status_q && exit 0
rh_status_q || exit 0
restart|configtest)
rh_status_q || exit 7
force-reload)
force_reload
condrestart|try-restart)
rh_status_q || exit 0
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
=======================================================
:wq! #保存退出
chmod 775 /etc/rc.d/init.d/nginx #赋予文件执行权限
chkconfig nginx on #设置开机启动
/etc/rc.d/init.d/nginx restart
#重新启动Nginx
service nginx restart
=======================================================
三、配置Nginx
cp /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/conf/nginx.confbak
#备份nginx配置文件
1、设置nginx运行账
/usr/local/nginx/conf/nginx.conf
#编辑,修改
找到修改为
:wq! #保存退出
2、禁止nginx空主机头
vi /usr/local/nginx/conf/nginx.conf
找到server,在上面一行添加如下内容:
##############################
server_name
location / {
return 404;
location ~ /.ht {
##############################
:wq! #保存退出
/etc/rc.d/init.d/nginx restart
#重启nginx
这样设置之后,空主机头访问会直接跳转到nginx404错误页面。
3、添加nginx虚拟主机包含文件
cd /usr/local/nginx/conf/
#进入nginx安装目录
mkdir vhost
#建立虚拟目录
/usr/local/nginx/conf/nginx.conf
找到上一步添加的代码,在最后添加如下内容:
:wq! #保存退出
##############################
server_name
location / {
return 404;
location ~ /.ht {
##############################
4、添加Web服务器列表文件
/usr/local/nginx/conf/
mysvrhost.conf
/usr/local/nginx/conf/nginx.conf
找到上一步添加的代码,在下面添加一行
mysvrhost.
:wq! #保存退出
5、设置nginx全局参数
/usr/local/nginx/conf/nginx.conf
worker_processes 2;
# 工作进程数,为CPU的核心数或者两倍
worker_connections 65535;
#修改为65535,最大连接数。
#############以下代码在http { 部分增加与修改##############
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
keepalive_timeout
#增加,不显示nginx版本信息
gzip_min_length
gzip_buffers
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types
text/plain application/x-javascript text/css application/
6、设置Web服务器列表
/usr/local/nginx/conf/
vi mysvrhost.conf
#编辑,添加以下代码
osyunweihost {
server 192.168.21.127:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.21.128:80 weight=1 max_fails=2 fail_timeout=30s;
7、新建虚拟主机配置文件
cd /usr/local/nginx/conf/vhost
#进入虚拟主机目录
touch osyunwei.conf #建立虚拟主机配置文件
osyunwei.conf #编辑
log_format
'$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
location /
proxy_next_upstream http_502 http_504 error timeout invalid_
proxy_pass http://
proxy_set_header Host
proxy_set_header X-Forwarded-For
location /NginxStatus {
auth_basic
"NginxStatus";
#auth_basic_user_
access_log
/usr/local/nginx/logs/access.
service nginx restart
#重启nginx
四、安装keepalived
温馨提醒:qihang01原创内容(C)版权所有,转载请注明出处及原文链接
下载keeplived:http://www.keepalived.org/software/keepalived-1.2.12.tar.gz
上传keepalived-1.2.12.tar.gz到/usr/local/src目录
cd /usr/local/src
tar zxvf keepalived-1.2.12.tar.gz
cd keepalived-1.2.12
./configure
--prefix=/usr/local/keepalived
#配置,必须看到以下提示,说明配置正确,才能继续安装
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework
make #编辑
make install
cp /usr/local/keepalived/etc/sysconfig/keepalived
/etc/sysconfig/keepalived
mkdir /etc/keepalived
ln -s /usr/local/keepalived/etc/keepalived/keepalived.conf
/etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived
/etc/rc.d/init.d/
chmod +x /etc/rc.d/init.d/keepalived
#添加执行权限
chkconfig keepalived on
#设置开机启动
service keepalived start #启动
service keepalived stop
service keepalived restart
五、配置keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf
/usr/local/keepalived/etc/keepalived/keepalived.conf-bak
vi /usr/local/keepalived/etc/keepalived/keepalived.conf
#编辑,修改为以下代码
#########################################################
#以下为192.168.21.129服务器
! Configuration File for keepalived
global_defs {
notification_email {
notification_email_from
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
#Nginx服务监控脚本
interval 2
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
track_script {
chk_nginx #监测nginx进程状态
virtual_ipaddress {
192.168.21.253
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.253"
#更新虚拟服务器(VIP)地址的arp记录到网关
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
virtual_ipaddress {
192.168.21.252
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.252"
#更新虚拟服务器(VIP)地址的arp记录到网关
#########################################################
:wq! #保存退出
#########################################################
#以下为192.168.21.130服务器
! Configuration File for keepalived
global_defs {
notification_email {
notification_email_from
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
#Nginx服务监控脚本
interval 2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
track_script {
chk_nginx #监测nginx进程状态
virtual_ipaddress {
192.168.21.253
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.253"
#更新虚拟服务器(VIP)地址的arp记录到网关
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
virtual_ipaddress {
192.168.21.252
notify_master "/etc/keepalived/clean_arp.sh
192.168.21.252"
#更新虚拟服务器(VIP)地址的arp记录到网关
#########################################################
:wq! #保存退出
六、设置nginx服务监控脚本
touch /usr/local/keepalived/check_nginx.sh
ln -s /usr/local/keepalived/check_nginx.sh
/etc/keepalived/check_nginx.sh
/etc/keepalived/check_nginx.sh #编辑,添加以下代码
#########################################################
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/nginx
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/keepalived
#########################################################
:wq! #保存退出
chmod +x /usr/local/keepalived/check_nginx.sh
#添加执行权限
七、设置更新虚拟服务器(VIP)地址的arp记录到网关脚本
/usr/local/keepalived/clean_arp.sh
/usr/local/keepalived/clean_arp.sh
/etc/keepalived/clean_arp.sh
/etc/keepalived/clean_arp.sh
#编辑,添加以下代码
GATEWAY=192.168.21.2 #网关地址
/sbin/arping -I eth0 -c 5 -s $VIP $GATEWAY &&/dev/null
chmod +x /usr/local/keepalived/clean_arp.sh
#添加脚本执行权限
service nginx restart #重启nginx
service keepalived restart
#重启keepalived
第二部分:测试Nginx+Keepalived是否正常运行
一、 解析到192.168.21.253; 解析到192.168.21.252;
在两台Nginx服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
温馨提醒:qihang01原创内容(C)版权所有,转载请注明出处及原文链接
可以看出现在VIP:192.168.21.253指向192.168.21.129;VIP:192.168.21.252指向192.168.21.130;
在浏览器中打开
如下图所示:
此时,bbs和sns域名都被均衡到192.168.21.127上面
二、停止192.168.21.127上面的nginx服务
service nginx stop
继续打开上面的两个网址,如下图所示:
此时,bbs和sns域名都被均衡到192.168.21.128上面(由于192.168.21.127服务器nginx服务被关闭,实现了故障转移)
三、关闭192.168.21.129上面的Keepalived服务
service keepalived stop
此时,在两台Keepalived服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
可以看出VIP:192.168.21.253和192.168.21.252均指向到192.168.21.130;
此时,打开/如下图所示:
可以正常访问
四、恢复192.168.21.129上面的keepalived服务,恢复192.168.21.127上面的nginx服务,停止192.168.21.130上面的Keepalived服务
service keepalived stop
在两台Keepalived服务器:192.168.21.129、192.168.21.130上执行命令:ip addr
如下图所示:
可以看出VIP:192.168.21.253和192.168.21.252均指向到192.168.21.129;
此时,打开/如下图所示:
可以正常访问
至此,Nginx+Keepalived实现Web服务器负载均衡配置完成。
&&&&&>> 本文链接:>> 订阅本站:>> 转载请注明来源: >>
&&系统运维技术交流QQ群:①& ②& ③&
【上篇】【下篇】
您可能还会对这些文章感兴趣!
您必须才能发表留言!
本分类最新文章
日志总数:311篇
评论总数:1030条
分类总数:70个
标签总数:458个
友情链接:34个
网站运行:1738天
最后更新:日
欢迎PR值≥3的IT类技术博客与本站友情链接(申请前请先做好本站链接)
Copyright&
系统运维 All rights reserved
版权声明:本站所有文章均为作者原创内容,如需转载,请注明出处及原文链接}
我要回帖
更多关于 keepalived 虚拟ip 的文章
更多推荐
- ·我们是一家电商推广平台平台,预计会有大量订单爆发式增长,成都是否有云仓能满足这种需求?
- ·2024年现在做跨境电商怎么样领域还存在哪些蓝海市场?
- ·影响消费者购买决策的因素有哪些没有适应零售模式的变革,对于企业来说有怎样的影响?
- ·如何简化跨境电商收款方式有哪些流程?
- ·朗逸1.6手动挡价格手动舒适版1.6好吗?
- ·红包被win7受限制解决方法7天怎么解决
- ·百度的echarts width 百分比bar图标怎么显示百分比
- ·为什么更新了还没得到红包?我朋友给我发了二十多啊!垃圾腾讯手机管家红包闹钟
- ·笔记本装系统按哪个键用哪个系统好用
- ·docker 容器自动启动Compose启动数据卷容器为什么只能启动最后那一个
- ·这5000元电脑配置单5000高吗?不带显示器。
- ·说一说 饿了么 qq钱包支付不被秒退秒退的问题 还是原来的QQqq钱包支付不被秒退
- ·如何使用真机调试android 选择调试应用应用
- ·神曲但丁的神曲下载
- ·美的空调和格力空调那款性价比高哪个好?哪个性价比较高?
- ·求百度网盘或者360网盘的隔世追凶国语版资源
- ·catl认证stringmgr有什么用
- ·买乐网swlsseswisse grape seedseed多少钱一瓶
- ·晚上,看的,电影,上爱库网18av千部在线,各国,各类,一人 一号 ,一个号,里面上千,部 , 微 tjh26
- ·castep软件怎么获得总能态密度度图tdos
- ·keepalived 虚拟机访问主机ipIP访问故障
- ·miniStation的手机酷络app在哪里下载可以下载?
- ·sg-crl-b型温热家用直饮水机机
- ·学习机 诺亚舟舟学生手板电脑u19有前后摄像头吗
- ·这是软件微信昵称找人的软件是什么?
- ·siliconsmart 2013提取结果需要修正吗
- ·macbook pro屏幕涂层是dr屏幕吗
- ·锐捷rg s2928g e网络RG-S2928G-E与华为S5700-24TP-SI哪个好
- ·有没有特别懂电脑的大神note3?
- ·求 妖狐x仆ss福利本子 或者 关于老公完全听不懂在说什么 的动漫百度云 要钱的别来 就求百度云 咱
- ·类似像图片这样的qq红包变成红色文字字QQ消息怎么弄
- ·中兴中兴axon天机maxini打不了字了,找不到打字键盘了,谁知道在哪?帮帮我
- ·3401909893的公积金初始密码是多少?
- ·新蒙休眠电流amh卵巢功能正常 数值数值是多少
- ·360F4moto360设置中文文步骤
- ·巨人通力电梯怎么样报0042.照明灯亮着是怎回事
