keepalive+nginx 熱備跟負載均衡

結構圖

keepalived配置

master跟backup除了state跟優先級，其它同樣，優先級master需大於backup

! Configuration File for keepalived

global_defs {
   notification_email {
     #acassen@firewall.loc
     #failover@firewall.loc
     #sysadmin@firewall.loc
   }
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script chk_nginx {         
    script "/etc/keepalived/chk_nginx.sh"   
    interval 2             
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens192
    virtual_router_id 51
    priority 30
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.233
    }
    notify_master "/usr/bin/python2.7 /etc/keepalived/send.py XXX@qq.com 報！222成爲主機！ 報！222成爲主機！"
    notify_fault "/usr/bin/python2.7 /etc/keepalived/send.py XXX@qq.com 報！222已掛！ 10.0.0.222故障！請儘快修復！"
    track_script {
      chk_nginx                 
    }    
}

其中檢測nginx狀態的腳本以下，當發現自身nginx沒有運行，殺掉keepalived的進程

腳本運行不了多是centos shell運行報語法錯誤: 未預期的文件結尾

#!/bin/bash
run=`ps -C nginx --no-header | wc -l`
if [ $run -eq 0 ]; then
    /usr/local/nginx/sbin/nginx -s stop
    /usr/local/nginx/sbin/nginx
    sleep 3
    if [ `ps -C nginx --no-header | wc -l` -eq 0 ]; then
        systemctl stop keepalived
    fi
fi

其中，調用python發送郵件的代碼

# coding=utf-8
import smtplib,sys
from email.mime.text import MIMEText

class Msmtp():
    def __init__(self, target, subject, content):#收件人、標題、內容
        self.msg_from = '發出郵件的郵箱'
        self.password = '郵箱的受權碼'
        self.sender = smtplib.SMTP_SSL("smtp.qq.com", 465)
        self.msg_to = target
        self.subject = subject
        self.content = content

    def _login(self):
        self.sender.login(self.msg_from, self.password)

    def _msg(self):
        self.msg = MIMEText(self.content)
        self.msg['Subject'] = self.subject
        self.msg['From'] = self.msg_from
        self.msg['To'] = self.msg_to

    def send_mail(self):
        self._login()
        self._msg()
        self.sender.sendmail(self.msg_from, self.msg_to, self.msg.as_string())
        self.sender.quit()



if __name__ == '__main__':
    a = Msmtp(sys.argv[1], sys.argv[2], sys.argv[3])
    a.send_mail()

nginx配置

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    upstream hello1 {#負載均衡
        server 10.0.0.111:6666 max_fails=3 fail_timeout=3600s;#後臺有問題3600s內不訪問
        server 10.0.0.222:6666 max_fails=3 fail_timeout=3600s;#後臺性能瓶頸的話直接在此加後臺
        #server 10.0.0.18:80 max_fails=3 fail_timeout=3600s;#可直接轉發到nginx或者tomcat等其餘服務器上
    }

    server {
        listen       80;
        server_name  localhost;

        charset utf-8;

        location / {
            root   html;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    server {
        listen       666;
        server_name  10.0.0.233;#監聽虛擬IP

        charset utf-8;
        
        location /{
            root   html;
            index  index.html index.htm;
        }
        location /hello{
            proxy_pass   http://hello1/hello;
        }
    }
}

測試後臺代碼

# encoding=utf8
from flask import Flask, request


app = Flask(__name__)
app.app_context().push()


@app.route('/hello')
def hello():
    ip = request.remote_addr
        return 'hello world<br/>我是10.0.0.222<br/>訪問者IP爲: '+ip


def runFlask(port):
    app.run(host='0.0.0.0',port=port)
    CORS(app, supports_credentials=True)


if '__main__' == __name__:
    runFlask(6666)

 檢測數據包代碼

tcpdump -nn -c 20 -i any host 224.0.0.18

 

 

 

測試（我是xxx，是後臺ip，訪問者ip爲nginx ip）

1. 10.0.0.111跟10.0.0.222均開啓nginx及keepalived，虛擬ip在111上，隨機訪問後臺

2. 10.0.0.111關掉nginx，關掉keepalived(模擬啓動nginx失敗場景)，虛擬ip轉到222上，隨機訪問後臺，而且收到ip轉移郵件

/usr/local/nginx/sbin/nginx -s stop

systemctl stop keepalived

 

 

3. 關掉10.0.0.111上的後臺，只訪問222的後臺，速度正常

 4.啓動10.0.0.111上的nginx跟keepalived,虛擬ip重回111