1、Nginx+Keepalived實(shí)現(xiàn)站點(diǎn)高可用

Keepalived軟件起初是專為L(zhǎng)VS負(fù)載均衡軟件設(shè)計(jì)的，用來(lái)管理并監(jiān)控LVS集群系統(tǒng)中各個(gè)服務(wù)節(jié)點(diǎn)的狀態(tài)，后來(lái)又加入了可以實(shí)現(xiàn)高可用的VRRP功能。因此累盗，keepalived除了能夠管理LVS軟件外，還可以作為其他服務(wù)的高可用解決方案軟件突琳。

keepalived軟件主要是通過(guò)VRRP協(xié)議實(shí)現(xiàn)高可用功能的若债。VRRP是Virtual? Router? Redundancy Protocol（虛擬路由冗余協(xié)議）的縮寫，VRRP出現(xiàn)的目的就是為了解決靜態(tài)路由的單點(diǎn)故障問(wèn)題的拆融，它能保證當(dāng)個(gè)別節(jié)點(diǎn)宕機(jī)時(shí)蠢琳，整個(gè)網(wǎng)絡(luò)可以不間斷地運(yùn)行。所以镜豹，keepalived一方面具有配置管理LVS的功能傲须，同時(shí)還具有對(duì)LVS下面節(jié)點(diǎn)進(jìn)行健康檢查的功能，另一方面也可以實(shí)現(xiàn)系統(tǒng)網(wǎng)絡(luò)服務(wù)的高可用功能趟脂。

Keepalived高可用服務(wù)對(duì)之間的故障切換轉(zhuǎn)移泰讽，是通過(guò)VRRP來(lái)實(shí)現(xiàn)的。在keepalived服務(wù)工作時(shí)，主Master節(jié)點(diǎn)會(huì)不斷地向備節(jié)點(diǎn)發(fā)送（多播的方式）心跳消息已卸，用來(lái)告訴備Backup節(jié)點(diǎn)自己還活著佛玄。當(dāng)主節(jié)點(diǎn)發(fā)生故障時(shí)，就無(wú)法發(fā)送心跳的消息了累澡，備節(jié)點(diǎn)也因此無(wú)法繼續(xù)檢測(cè)到來(lái)自主節(jié)點(diǎn)的心跳了梦抢。于是就會(huì)調(diào)用自身的接管程序，接管主節(jié)點(diǎn)的IP資源和服務(wù)愧哟。當(dāng)主節(jié)點(diǎn)恢復(fù)時(shí)奥吩，備節(jié)點(diǎn)又會(huì)釋放主節(jié)點(diǎn)故障時(shí)自身接管的IP資源和服務(wù)，恢復(fù)到原來(lái)的備用角色蕊梧。

準(zhǔn)備兩臺(tái)主機(jī)安裝Keepalived霞赫，Nginx，一臺(tái)為主節(jié)點(diǎn)一臺(tái)為備節(jié)點(diǎn)肥矢，每個(gè)節(jié)點(diǎn)為單網(wǎng)卡绩脆。網(wǎng)頁(yè)目錄掛載為共享存儲(chǔ)。

yum install keepalived nginx epel-release -y?

配置默認(rèn)站點(diǎn)主頁(yè)橄抹，測(cè)試效果

配置Keepalived vim /etc/Keepalived/keepalived.conf

專用參數(shù)：

state MASTER|BACKUP：當(dāng)前節(jié)點(diǎn)在此虛擬路由器上的初始狀態(tài)；只能有一個(gè)是MASTER惕味，余下的都應(yīng)該為BACKUP楼誓；

interface IFACE_NAME：綁定為當(dāng)前虛擬路由器使用的物理接口；

virtual_router_id VRID：當(dāng)前虛擬路由器的惟一標(biāo)識(shí)名挥，范圍是0-255疟羹；

priority 100：當(dāng)前主機(jī)在此虛擬路徑器中的優(yōu)先級(jí)；范圍1-254禀倔；

advert_int 1：vrrp通告的時(shí)間間隔榄融；

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node2

vrrp_mcast_group4 224.0.100.20

}

vrrp_script chk_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

interval 1

weight -5

}

vrrp_script chk_nginx {

script "killall -0 nginx && exit 0 || exit 1"

interval 1

weight -5

fall 2

rise 1

}

vrrp_instance VI_1 {

state BACKUP

interface eno16777736

virtual_router_id 14

priority 96

advert_int 1

authentication {

auth_type PASS

auth_pass 571f97b2

}

virtual_ipaddress {

10.1.0.93/16 dev eno16777736

}

track_script {

chk_down

chk_nginx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

2、實(shí)現(xiàn)keepalived主主模型

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node1

vrrp_mcast_group4 224.0.100.19

}

vrrp_instance VI_1 {

state MASTER

interface eno16777736

virtual_router_id 14

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 571f97b2

}

virtual_ipaddress {

10.1.0.91/16 dev eno16777736

}

}

vrrp_instance VI_2 {

state BACKUP

interface eno16777736

virtual_router_id 15

priority 98

advert_int 1

authentication {

auth_type PASS

auth_pass 578f07b2

}

virtual_ipaddress {

10.1.0.92/16 dev eno16777736

}

}

另一個(gè)節(jié)點(diǎn)替換state 和修改權(quán)重值router_id值救湖。

3愧杯、采用varnish為nginx實(shí)現(xiàn)緩存加速

Name? ? : varnish

Arch? ? ? : x86_64

Version? : 4.0.5

Release? : 1.el7

Size? ? ? ? : 1.2 M

Repo? ? ? ? : installed

From repo? : epel

Summary? ? : High-performance HTTP accelerator

URL? ? ? ? : http://www.varnish-cache.org/

License? ? : BSD

Description : This is Varnish Cache, a high-performance HTTP accelerator.

配置epel倉(cāng)庫(kù)后安裝，yum install varnish -y

/etc/varnish/varnish.params： 配置varnish服務(wù)進(jìn)程的工作特性鞋既，例如監(jiān)聽(tīng)的地址和端口力九，RELOAD_VCL=1 VARNISH_VCL_CONF的策略文件地址 VARNISH_LISTEN_PORT監(jiān)聽(tīng)的端口 管理地址和端口 VARNISH_ADMIN_LISTEN_ADDRESS?VARNISH_ADMIN_LISTEN_PORT?VARNISH_STORAGE?緩存機(jī)制(內(nèi)存緩存還是磁盤緩存)?

配置接口：VCL ：Varnish Configuration Language,

vcl complier --> c complier --> shared object 每編譯一次生成一個(gè)新的版本

主程序：/usr/sbin/varnishd

CLI interface：/usr/bin/varnishadm

Shared Memory Log交互工具：

/usr/bin/varnishhist

/usr/bin/varnishlog

/usr/bin/varnishncsa

/usr/bin/varnishstat

/usr/bin/varnishtop

測(cè)試工具程序：

/usr/bin/varnishtest

VCL配置文件重載程序：

/usr/sbin/varnish_reload_vcl

Systemd Unit File：

/usr/lib/systemd/system/varnish.service

varnish服務(wù)

/usr/lib/systemd/system/varnishlog.service

/usr/lib/systemd/system/varnishncsa.service

日志持久的服務(wù)，把共享內(nèi)存中的日志信息保存到持久化的存儲(chǔ)上邑闺，一遍統(tǒng)計(jì)分析跌前。

配置

vim /etc/varnish/varnish.params 修改一下參數(shù)

VARNISH_LISTEN_PORT=80

VARNISH_STORAGE="file,/data/varnish/cache,1g"

創(chuàng)建緩存文件路徑

mkdir /data/varnish/cache -pv

chown -R varnish.varnish?/data/varnish/cache

編輯vcl文件?vim /etc/varnish/default.vcl 定義后端主機(jī)

backend default {

? ? .host = "192.168.10.11";

? ? .port = "80";

}

sub vcl_deliver {

? ? if (obj.hits > 0) {

????????set resp.http.X-Cache = "cached";

????????} else {

????????????set resp.http.x-Cache = "uncached";

}}

啟動(dòng)varnish服務(wù)?

# systemctl start varnish.service

# ss -tnl

State? ? ? Recv-Q Send-Q? ? ? ? ? ? ? ? ? ? Local Address:Port? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? Peer Address:Port? ? ? ? ? ? ?

LISTEN? ? 0? ? ? 128? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? *:80? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? *:*? ? ? ? ? ?

編譯vcl

# varnish_reload_vcl

Loading vcl from /etc/varnish/default.vcl

Current running config name is

Using new config name reload_2019-06-30T10:21:32

VCL compiled.

VCL 'reload_2019-06-30T10:21:32' now active

available? ? ? 0 boot

active? ? ? ? ? 0 reload_2019-06-30T10:21:32

Done

指定新的策略版本

# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.use reload_2019-06-30T10:21:32

200

測(cè)試

Via: 1.1 varnish-v4

X-Cache: cached

4、LNMP結(jié)合varnish實(shí)現(xiàn)動(dòng)靜分離

前端兩臺(tái)主機(jī)都配置Keepalived和varnish陡舅，實(shí)現(xiàn)高可用抵乓，Keepalived使用主主模型。

vcl定義不同后端主機(jī)資源類型并健康檢查（后端可用nginx代理，實(shí)現(xiàn)再擴(kuò)展負(fù)載均衡灾炭，第三級(jí)使用httpd+php）, 數(shù)據(jù)庫(kù)使用共享存儲(chǔ)茎芋。

probe www_probe {

.url = "/index.html";

.internal = 1s;

.timeout = 1s;

.window = 8;

.threshold = 5;

}

backend imgsrv1 {

.host = "192.168.10.11";

.port = "80";

.probe = www_probe;

}

backend imgsrv2 {

.host = "192.168.10.12";

.port = "80";

.probe = www_probe;

}

backend appsrv1 {

.host = "192.168.10.21";

.port = "80";

.probe = www_probe;

}

backend appsrv2 {

.host = "192.168.10.22";

.port = "80";

.probe = www_probe;

}

sub vcl_init {

new imgsrvs = directors.random();

imgsrvs.add_backend(imgsrv1,10);

imgsrvs.add_backend(imgsrv2,20);

new staticsrvs = directors.round_robin();

appsrvs.add_backend(appsrv1);

appsrvs.add_backend(appsrv2);

new appsrvs = directors.hash();

appsrvs.add_backend(appsrv1,1);

appsrvs.add_backend(appsrv2,1);

}

sub vcl_recv {

if (req.url ~ "(?i)\.(css|js|htm|html)$" {

set req.backend_hint = staticsrvs.backend();

}

if (req.url ~ "(?i)\.(jpg|jpeg|png|gif)$" {

set req.backend_hint = imgsrvs.backend();

} else {

set req.backend_hint = appsrvs.backend(req.http.cookie);

}

}