目錄
安裝篇
操作環境
安裝nginx
安裝keepalived
配置篇
web伺服器設定預設通路頁
負載均衡分發器配置
高可用負載均衡配置
測試篇
主從分發器伺服器故障測試
web伺服器故障測試
安裝篇
操作環境
主排程機master 192.168.42.133 nginx+keepalived
從排程機backup 192.168.42.132 nginx+keepalived
web伺服器rs1 192.168.42.134 nginx
web伺服器rs2 192.168.42.135 nginx
安裝nginx
#安裝依賴
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel lsof elinks
#安裝包放置位置
cd /usr/src
tar -zxvf nginx-1.15.5.tar.gz
#編譯安裝
cd nginx-1.15.5
./configure –prefix=/usr/local/nginx
make && make install
#殺死nginx
yum install psmisc
killall nginx
#啟動nginx
./usr/local/nginx/sbin/nginx
//檢測nginx開啟
lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 4191 root 6u IPv4 21646 0t0 TCP *:http (LISTEN)
nginx 4192 nobody 6u IPv4 21646 0t0 TCP *:http (LISTEN)
安裝keepalived
Keepalived的作⽤用是檢測伺服器器的狀态,如果有⼀一台web服務器當機,或工作出現故障, Keepalived将檢測到,并将有故障的服務器從系統中剔除,同時使用其他伺服器器代替該服 務器的工作,當伺服器器工作正常後Keepalived自動将伺服器加入到服務器群中,這些工作 全部自動完成,不不需要人幹涉,需要人工做的隻是修複故障的伺服器器。 協定 vrrp ,主分發器器的KP 會向網絡中發多點傳播 宣告自己還活着。
wget http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
#!/bin/bash
tar xf keepalived-2.0.8.tar.gz
yum -y install kernel-devel
ln -s /usr/src/kernels/2.6.32-754.10.1.el6.x86_64/ /usr/src/linux
cd keepalived-2.0.8/
yum install openssl-* -y
./configure --prefix=/usr/local/keepalived
make
make install
mkdir -pv /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/
keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
配置篇
web伺服器設定預設通路頁
#web01
[[email protected] ~]# sh nginx_install
[[email protected] ~]# echo web01 > /usr/local/nginx/html/index.html
[[email protected] ~]# /usr/local/nginx/sbin/nginx
[[email protected] ~]# elinks http://localhost --dump
#web02
[[email protected] ~]# sh nginx_install
[[email protected] ~]# echo web02 > /usr/local/nginx/html/index.html
[[email protected] ~]# yum -y install elinks &>/dev/null
[[email protected] ~]# /usr/local/nginx/sbin/nginx
[[email protected] ~]# elinks http://localhost --dump
負載均衡分發器配置
[[email protected] ~]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
laowangkeepalive_timeout 65;
upstream web{
server 192.168.42.134;
server 192.168.42.135;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://web;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}}}
測試
通路分發器伺服器vip時,均衡向兩個web伺服器發起請求
[[email protected] ~]# elinks http://192.168.42.133 -dump
web02
[[email protected] ~]# elinks http://192.168.42.133 -dump
web01
高可用負載均衡配置
keepalived配置檔案
#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id NGINX_DEVEL
}
定義一個腳本
vrrp_script check_nginx {
腳本路徑
script "/etc/keepalived/nginx_pid.sh"
每兩秒運作一次
interval 2
失敗次數
fall 1
}
定義一個執行個體叢集
vrrp_instance nginx {
狀态為主分發器時用master,從分發器用backup
state MASTER
interface ens33
mcast_src_ip 192.168.42.133
virtual_router_id 51
優先級100,從分發器需低于主的優先級
priority 100
探針1秒發一次多點傳播
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
運作監控腳本
check_nginx
}
virtual_ipaddress {
192.168.42.213/24
}
}
建立keepalived檢測腳本
#chmod 755 /etc/keepalived/nginx_pid.sh
#cat /etc/keepalived/nginx_pid.sh
#!/bin/bash
nginx_kp_check () {
檢測nginx服務
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ];then
檢測不到時啟動nginx
/usr/local/nginx/sbin/nginx
1秒後繼續檢測
sleep 1
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ];then
啟動服務失敗後關閉keepalived
systemctl stop keepalived
fi
fi
}
nginx_kp_check
測試篇
主從分發器伺服器故障測試
通路keepalived配置的公網vip
[[email protected] ~]# elinks http://192.168.42.200 --dump
web01
[[email protected] ~]# elinks http://192.168.42.200 --dump
web02
停止nginx服務,nginx_pid.sh檢測腳本将自動啟動nginx
[[email protected] ~]# killall nginx
[[email protected] ~]# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 18462 root 6u IPv4 59924 0t0 TCP *:http (LISTEN)
nginx 18464 nobody 6u IPv4 59924 0t0 TCP *:http (LISTEN)
強制停止master的nginx服務,主檢測腳本發現不能啟動nginx,直接殺死主keepalived服務,backup自己多點傳播vip代替master
watch -n1 killall nginx
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:17:46:b7 brd ff:ff:ff:ff:ff:ff
inet 192.168.42.132/24 brd 192.168.42.255 scope global noprefixroute dynamic ens32
valid_lft 1161sec preferred_lft 1161sec
inet 192.168.42.200/24 scope global secondary ens32
valid_lft forever preferred_lft forever
恢複master的keepalived服務,正常運作,backup退出vip
systemctl restart keepalived
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:17:46:b7 brd ff:ff:ff:ff:ff:ff
inet 192.168.42.132/24 brd 192.168.42.255 scope global noprefixroute dynamic ens32
valid_lft 1663sec preferred_lft 1663sec
inet6 fe80::774a:584:ef92:f527/64 scope link noprefixroute
valid_lft forever preferred_lft forever
web伺服器故障測試
web伺服器容錯機制
每個裝置的狀态設定為:
1.down 表示單前的server暫時不參與負載
2.weight 預設為1.weight越⼤,負載的權重就越⼤。
3.max_fails :允許請求失敗的次數預設為1.當超過最⼤次數時,傳回
proxy_next_upstream 子產品定義的錯誤
4.fail_timeout:失敗逾時時間,在連接配接Server時,如果在逾時時間之内超過
max_fails指定的失敗次數,會認為在fail_timeout時間内Server不可⽤。預設為
10s。
5.backup: 其它所有的⾮backup機器down或者忙的時候,請求backup機器。是以這台
機器壓⼒會最輕。
在nginx配置檔案中配置rs
upstream web{
server 192.168.42.134 max_fails=2 fail_timeout=5;
server 192.168.42.135 max_fails=2 fail_timeout=5;
}
web01伺服器故障,分發器自動将請求分發到web02上面,web01 nginx恢複,請求分發正常
[[email protected] ~]# killall nginx
[[email protected] ~]# lsof -i :80
[[email protected] ~]# elinks http://192.168.42.200 --dump
web02
[[email protected] ~]# elinks http://192.168.42.200 --dump
web02
[[email protected] ~]# elinks http://192.168.42.200 --dump
web02
[[email protected] ~]# /usr/local/nginx/sbin/nginx
[[email protected] ~]# elinks http://192.168.42.200 --dump
web02
[[email protected] ~]# elinks http://192.168.42.200 --dump
web01