keepalived+Nginx【主从】集群架构图:
环境准备:
| ip | 备注 |
|---|---|
| 192.168.1.10 | nginx+keepalived(主) |
| 192.168.1.20 | nginx+keepalived(从) |
| 192.168.1.30 | nginx/tomcat |
| 192.168.1.40 | nginx/tomcat |
| 192.168.1.200 | VIP |
关闭防火墙沙盒
systemctl stop firewalld && systemctl disable firewalld && setenforce 0
安装nginx
192.168.1.10/20
`安装依赖`
yum -y install openssl openssl-devel zlib zlib-devel pcre pcre-devel gcc gcc-c++ make cmake
`解压并安装`
tar -zxf nginx-1.6.2.tar.gz
cd nginx-1.6.2 && ./configure && make && make install
`软连接`
ln -s /usr/local/nginx/sbin/nginx /usr/sbin/
安装tomcat
此次实验web采用的是tomcat
192.168.1.30/40
`安装java环境`
yum -y install java-1.8.0-openjdk
`解压并安装`
tar -zxf apache-tomcat-8.5.42.tar.gz
`修改默认页面`
rm -rf /root/apache-tomcat-8.5.42/webapps/ROOT/index.jsp
echo 'web1/2' > /root/apache-tomcat-8.5.42/webapps/ROOT/index.html
`启动`
/root/apache-tomcat-8.5.42/bin/startup.sh
测试访问
Nginx配置反向代理轮询
192.168.1.10/20
vi /usr/local/nginx/conf/nginx.conf
####配置内容#####
#gzip on;
upstream web {
server 192.168.1.30:8080 weight=1 max_fails=3 fail_timeout=10s;
server 192.168.1.40:8080 weight=1 max_fails=3 fail_timeout=10s;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://web/;
}
#error_page 404 /404.html;
`` ``
nginx #启动
nginx -t #文件检查
nginx -s stop #停止
nginx -s reload #重启
安装keepalived
本次实验直接使用yum安装
yum install keepalived -y
查看服务器使用的网卡名称:ens33
配置keepalived文件
主
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
#keepalived节点出现故障,给管理员发送消息
notification_email {
# 管理员的邮箱
[email protected]
}
notification_email_from [email protected] #邮箱的发件者
smtp_server 192.168.1.200 #邮箱服务器的ip
smtp_connect_timeout 30 #邮件服务器连接的超时时间
router_id LVS_DEVEL #节点的标识符(hostname)
}
vrrp_instance VI_1 {
#vrrp协议组的名称
state MASTER # 节点的状态 主(master)
interface ens33 #用来发送vrrp的网卡
virtual_router_id 66 #server_id 一个组的ip必须一致
priority 100 #当前节点的优先级 1-255
advert_int 1 #vrrp通告的间隔时间,单位为s
authentication {
#认证主和备之间的通讯
auth_type PASS #认证类型
auth_pass 1111 #使用的密钥
}
virtual_ipaddress {
#vip的地址
192.168.1.200
}
}
virtual_server 192.168.1.200 80 {
delay_loop 6 #对后端的健康检查间隔的时间
lb_algo rr #调度算法rr
lb_kind DR #调度模式 DR
net_mask 255.255.255.0 #netmask
persistence_timeout 0 #会话保持时间
protocol TCP #使用传输协议时tcp
real_server 192.168.1.10 80 {
#后端真实节点 ip端口
weight 1 #节点的权重
connect_port 80 #连接节点的端口
connect_timeout 3 #节点连接等待的时间
nb_get_retry 3 #节点连接的次数
delay_before_retry 3 #每隔多久和节点建立连接
}
real_server 192.168.1.20 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
从
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.1.200
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 66
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200
}
}
virtual_server 192.168.1.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
net_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.1.10 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
real_server 192.168.1.20 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
启动keepalived
systemctl start keepalived
master先启动slave后启动
可以看到master节点出现了vip
修改nginx配置文件&server_name为vip
重启nginx
nginx -s reload
测试
访问vip
查看master节点上的nginx:
slave节点上的nginx未输出:
模拟master节点宕机
[root@SLBmaster ~]# systemctl stop keepalived
此时VIP漂移到了slave节点
测试访问:
slave节点nginx日志输出
master节点nginx日志未输出
