nginx+keepalived实现双机热备的高可用

环境
192.168.199.181 keepalived主 nginx 虚拟ip192.168.199.183
192.168.199.182 keepalived主 nginx 虚拟ip192.168.199.183

keepalived+nginx环境搭建

keepalived-1.2.2安装

yum install popt-devel openssl-devel -y
cd /tmp
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar xzf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make && make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
chkconfig --add keepalived
chkconfig keepalived on
mkdir /etc/keepalived
ln -s /usr/local/sbin/keepalived /usr/sbin/

nginx安装
参考：https://github.com/reaperhero/DevelopmentScripts/blob/master/install_nginx.sh

keepalived配置

192.168.199.181 配置

global_defs {
   notification_email {
     admin@centos.bz
   }
   notification_email_from keepalived@domain.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_http_port {
                script "/opt/nginx_pid.sh"                   # nginx的监控脚本
                interval 2                    # 监测时间间隔
                weight 2
}
vrrp_instance VI_1 {
    state MASTER 
    interface ens33                      # 网卡名称
    virtual_router_id 51
    mcast_src_ip 192.168.199.181              # 主机IP
    priority 102                         #主的优先级
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
track_script { 
        chk_http_port               ### 执行监控的服务 
        }
    virtual_ipaddress {
       192.168.199.183              # 虚拟IP
    }
}

192.168.199.182 配置

global_defs {
   notification_email {
     admin@centos.bz
   }
   notification_email_from keepalived@domain.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_http_port {
                script "/opt/nginx_pid.sh"
                interval 2
                weight 2
}
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    mcast_src_ip 192.168.199.182
    priority 101
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
track_script { 
        chk_http_port 
        }
    virtual_ipaddress {
       192.168.199.183
    }
}

监控脚本

在192.168.199.182、192.168.199.181创建/opt/nginx_pid.sh，并授权

#!/bin/bash
A=`ps -C nginx --no-header |wc -l`               
if [ $A -eq 0 ];then                                       
                /usr/local/nginx/sbin/nginx
                sleep 3
                if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
                       killall keepalived
                fi
fi

服务启动

在192.168.199.181、192.168.199.182先启动nginx，再依次启动keepalived

/usr/local/nginx/sbin/nginx 
service keepalived start

注意：若在192.168.199.182备机上先启动keepalived服务，那不会抢占IP

功能测试

停止nginx服务

[root@centos7 ~]# /usr/local/nginx/sbin/nginx -s stop
[root@centos7 ~]# cat /dev/null >  /var/log/messages
[root@centos7 ~]#  tail -f  /var/log/messages                      # nginx停止之后，系统会自动执行监测脚本，自动启动nginx
Feb 21 09:51:15 centos7 Keepalived_vrrp: VRRP_Script(chk_http_port) timed out
Feb 21 09:51:15 centos7 Keepalived_vrrp: Process [36583] didn't respond to SIGTERM
Feb 21 09:51:15 centos7 Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded

[root@centos7 ~]# ps -ef|grep nginx
root      36507      1  0 09:50 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody    36509  36507  0 09:50 ?        00:00:00 nginx: worker process
root      36581    959  0 09:51 pts/0    00:00:00 grep --color=auto nginx

keepalived服务测试

192.168.199.181

service keepalived stop        #停止完毕，IP192.168.199.183会飘到192.168.199.182上，日志文件/var/log/messages
service keepalived start        #重启开启，IP192.168.199.183会飘到192.168.199.181上

192.168.199.182
停止启动keepalived 不会飘IP，两边的主机都会追加日志文件