nginx负载均衡高可用

nginx负载均衡高可用

keepalived概述

keepalived是一个高可用软件，可以和任何应用配合使用

什么是高可用

一般是指2台机器启动着完全相同的业务系统，当有一台机器down机了，另外一台服务器能快速的接管，对于访问的用户都是无感知的。

高可用软件

# 硬件
	F5
# 软件
	keepalived
	heartbeat
# MySQL
	MGR
	MHA
# Redis
	Redis-Cluster
	Sentinel

keepalived实现原理

keepalived底层协议 ：VRRP (虚拟路由冗余协议)

VRRP原理

如何才能做到故障自动转移，此时VRRP就出现了，我们的VRRP其实是通过软件或者硬件的形式在Master和Backup外面增加一个虚拟的MAC地址(VMAC)和虚拟IP(VIP) ，那么在这种情况下，pc请求vip的时候，无论是Master处理还是Backup处理，pc仅会在ARP缓存表中葫芦VMAC与VIP的信息

高可用keepalived使用场景

通常业务系统需要保证7×24小时不down机，比如公司内部的OA系统，每天公司都需要使用，则不允许down机，作为业务系统来说随时都可用

高可用keepalived核心理念

1.如何确定谁是主节点谁是被节点 (选举投票，优先级)

2.如果Master故障，Backup自动接管，那么Master回复后会夺权吗(抢占式、非抢占式)

3.如果两台服务器都认为自己是Madter会出现什么问题(脑裂)

keepalived安装配置

环境准备

主机名	WanIP	LanIP	角色	应用
lb01	10.0.0.5	172.16.1.5	Master keepalived主节点	keepalived
lb02	10.0.0.5	172.16.1.6	Backuo keepalived备节点	keepalived

部署keepalived

# 1.安装keepalived
[root@ib01 ~]# yum -y install keepalived
[root@ib01 ~]# yum -y install keepalived

# 2.查找keepalived配置文件
[root@ib01 ~]# rpm -ql keepalived 
/etc/keepalived

# 3.修改Master配置文件
[root@ib01 ~]# vim /etc/keepalived/keepalived.conf 
global_defs {  				# 全局配置
        router_id lb01		#  标识省份->名称
}

vrrp_instance VI_1 {
        state MASTER		# 标识角色状态
        interface eth0		# 网卡绑定接口
        virtual_router_id 50	# 虚拟路由id
        priority 150	# 优先级
        advert_int 1	# 检测间隔时间
        authentication {	# 认证
                auth_type PASS	# 认证方式
                auth_pass 1111	# 认证密码
        }
        virtual_ipaddress {
                10.0.0.3	# 虚拟vip地址
        }
}

[root@ib02 ~]# vim /etc/keepalived/keepalived.conf 

bal_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3
    }
}

# 1.启动master上的keepalived
[root@ib01 ~]# systemctl start keepalived
[root@ib02 ~]# systemctl start keepalived

# 注意：只要停掉Keepalived，vip会漂移到另外一个节点

keepalived配置区别	Master节点配置	Backup节点配置
router_id	lb01	lb02
state	MASTER	BACKUP
priority	150	100

非抢占式配置

# 配置需求
1.两个节点的state都必须配置为BACKUP
2.两个节点都必须加上配置 nopreempt
3.其中一个节点的优先级必须要高于另外一个节点

# master节点配置
[root@ib01 ~]# vim /etc/keepalived/keepalived.conf 
global_defs {
        router_id lb01
}

vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        nopreempt
        virtual_router_id 50
        priority 150
        advert_int 1
        authentication {
                auth_type PASS
                auth_pass 1111
        }
        virtual_ipaddress {
                10.0.0.3
        }
}

# BACKUP节点配置
[root@ib02 ~]# vim /etc/keepalived/keepalived.conf 
bal_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    nopreempt
    virtual_router_id 50
    priority 100
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3
    }
}

脑裂的原因

1. 服务器网线松动等网络故障

2. 服务器硬件故障发生损坏现象而崩溃

3. 主备都开启firewalld防火墙

# 解决脑裂故障
[root@lb02 ~]# cat check_split_brain.sh
#!/bin/sh 
vip=10.0.0.3
lb01_ip=10.0.0.5 
while true;do
	ping -c 2 $lb01_ip &>/dev/null
    if [ $? -eq 0 -a `ip add|grep "$vip"|wc -l` -eq 1 ];then
    	echo "ha is split brain.warning." 
    else
    	echo "ha is ok" 
    fi 
sleep 5
done

关联nginx

# 公司使用脚本
#!/bin/sh 
nginx_count=$(ps -ef|grep [n]ginx|wc -l) 
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginx_count -eq 0 ];then
	systemctl start nginx 
	sleep 3 
	#2.等待3秒后再次获取一次Nginx状态 
	nginx_count=$(ps -ef|grep [n]ginx|wc -l) 
	#3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本 
	if [ $nginx_count -eq 0 ];then 
		systemctl stop keepalived 
	fi 
fi


# 上课使用脚本
#!/bin/sh 
nginx_count=$(ps -ef|grep [n]ginx|wc -l) 
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx 
if [ $nginx_count -eq 0 ];then 
	systemctl stop keepalived 
fi

配置两台负载均衡

# lb01
upstream blog.zh.com{
        server 10.0.0.7;
        server 10.0.0.8;
}

server{
        listen 80;
        server_name blog.zh.com;

        location /{
                proxy_pass http://blog.zh.com;
                include fzjhxh.youhua;
        }
}

# lb02
upstream blog.zh.com{
        server 10.0.0.7;
        server 10.0.0.8;
}

server{
        listen 80;
        server_name blog.zh.com;

        location /{
                proxy_pass http://blog.zh.com;
                include fzjhxh.youhua;
        }
}

keepalived关联nginx

# 修改keepalived配置文件
global_defs {
        router_id lb01
}
vrr_script check_web_zh {
        script "/root/check_web.sh"
        interval 5
}

vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 50
        priority 150
        advert_int 1
        authentication {
                auth_type PASS
                auth_pass 1111
        }
        virtual_ipaddress {
                10.0.0.3
        }
        track_script {
                check_web_zh
        }
}

# 给执行脚本加上执行权限
[root@lb01 ~]# chmod +x /root/check_web.sh

# 域名解析在VIP上
10.0.0.3     blog.zh.com