目录
安装篇
操作环境
主调度机master 192.168.42.133 nginx+keepalived
从调度机backup 192.168.42.132 nginx+keepalived
web服务器rs1 192.168.42.134 nginx
web服务器rs2 192.168.42.135 nginx
安装nginx
#安装依赖
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel lsof elinks
#安装包放置位置
cd /usr/src
tar -zxvf nginx-1.15.5.tar.gz
#编译安装
cd nginx-1.15.5
./configure –prefix=/usr/local/nginx
make && make install
#杀死nginx
yum install psmisc
killall nginx
#启动nginx
./usr/local/nginx/sbin/nginx
//检测nginx开启
lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 4191 root 6u IPv4 21646 0t0 TCP *:http (LISTEN)
nginx 4192 nobody 6u IPv4 21646 0t0 TCP *:http (LISTEN)
安装keepalived
Keepalived的作⽤用是检测服务器器的状态,如果有⼀一台web服务器宕机,或工作出现故障, Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器器代替该服 务器的工作,当服务器器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作 全部自动完成,不不需要人干涉,需要人工做的只是修复故障的服务器器。 协议 vrrp ,主分发器器的KP 会向网络中发组播 宣告自己还活着。
wget http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
#!/bin/bash
tar xf keepalived-2.0.8.tar.gz
yum -y install kernel-devel
ln -s /usr/src/kernels/2.6.32-754.10.1.el6.x86_64/ /usr/src/linux
cd keepalived-2.0.8/
yum install openssl-* -y
./configure --prefix=/usr/local/keepalived
make
make install
mkdir -pv /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/
keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
配置篇
web服务器设置默认访问页
#web01
[root@web01 ~]# sh nginx_install
[root@web01 ~]# echo web01 > /usr/local/nginx/html/index.html
[root@web01 ~]# /usr/local/nginx/sbin/nginx
[root@web01 ~]# elinks http://localhost --dump
#web02
[root@web02 ~]# sh nginx_install
[root@web02 ~]# echo web02 > /usr/local/nginx/html/index.html
[root@web02 ~]# yum -y install elinks &>/dev/null
[root@web02 ~]# /usr/local/nginx/sbin/nginx
[root@web02 ~]# elinks http://localhost --dump
负载均衡分发器配置
[root@localhost ~]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
laowangkeepalive_timeout 65;
upstream web{
server 192.168.42.134;
server 192.168.42.135;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://web;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}}}
测试
访问分发器服务器vip时,均衡向两个web服务器发起请求
[root@localhost ~]# elinks http://192.168.42.133 -dump
web02
[root@localhost ~]# elinks http://192.168.42.133 -dump
web01
高可用负载均衡配置
keepalived配置文件
#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id NGINX_DEVEL
}定义一个脚本
vrrp_script check_nginx {脚本路径
script "/etc/keepalived/nginx_pid.sh"每两秒运行一次
interval 2失败次数
fall 1
}定义一个实例集群
vrrp_instance nginx {状态为主分发器时用master,从分发器用backup
state MASTER
interface ens33
mcast_src_ip 192.168.42.133
virtual_router_id 51优先级100,从分发器需低于主的优先级
priority 100探针1秒发一次组播
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {运行监控脚本
check_nginx
}
virtual_ipaddress {
192.168.42.213/24
}
}
创建keepalived检测脚本
#chmod 755 /etc/keepalived/nginx_pid.sh
#cat /etc/keepalived/nginx_pid.sh
#!/bin/bash
nginx_kp_check () {检测nginx服务
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ];then检测不到时启动nginx
/usr/local/nginx/sbin/nginx1秒后继续检测
sleep 1
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ];then启动服务失败后关闭keepalived
systemctl stop keepalived
fi
fi
}
nginx_kp_check
测试篇
主从分发器服务器故障测试
访问keepalived配置的公网vip
[root@localhost ~]# elinks http://192.168.42.200 --dump
web01
[root@localhost ~]# elinks http://192.168.42.200 --dump
web02
停止nginx服务,nginx_pid.sh检测脚本将自动启动nginx
[root@localhost ~]# killall nginx
[root@localhost ~]# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 18462 root 6u IPv4 59924 0t0 TCP *:http (LISTEN)
nginx 18464 nobody 6u IPv4 59924 0t0 TCP *:http (LISTEN)
强制停止master的nginx服务,主检测脚本发现不能启动nginx,直接杀死主keepalived服务,backup自己组播vip代替master
watch -n1 killall nginx
[root@localhost keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:17:46:b7 brd ff:ff:ff:ff:ff:ff
inet 192.168.42.132/24 brd 192.168.42.255 scope global noprefixroute dynamic ens32
valid_lft 1161sec preferred_lft 1161sec
inet 192.168.42.200/24 scope global secondary ens32
valid_lft forever preferred_lft forever
恢复master的keepalived服务,正常运行,backup退出vip
systemctl restart keepalived
[root@localhost keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:17:46:b7 brd ff:ff:ff:ff:ff:ff
inet 192.168.42.132/24 brd 192.168.42.255 scope global noprefixroute dynamic ens32
valid_lft 1663sec preferred_lft 1663sec
inet6 fe80::774a:584:ef92:f527/64 scope link noprefixroute
valid_lft forever preferred_lft forever
web服务器故障测试
web服务器容错机制
每个设备的状态设置为:
1.down 表示单前的server暂时不参与负载
2.weight 默认为1.weight越⼤,负载的权重就越⼤。
3.max_fails :允许请求失败的次数默认为1.当超过最⼤次数时,返回
proxy_next_upstream 模块定义的错误
4.fail_timeout:失败超时时间,在连接Server时,如果在超时时间之内超过
max_fails指定的失败次数,会认为在fail_timeout时间内Server不可⽤。默认为
10s。
5.backup: 其它所有的⾮backup机器down或者忙的时候,请求backup机器。所以这台
机器压⼒会最轻。在nginx配置文件中配置rs
upstream web{
server 192.168.42.134 max_fails=2 fail_timeout=5;
server 192.168.42.135 max_fails=2 fail_timeout=5;
}
web01服务器故障,分发器自动将请求分发到web02上面,web01 nginx恢复,请求分发正常
[root@localhost ~]# killall nginx
[root@localhost ~]# lsof -i :80
[root@localhost ~]# elinks http://192.168.42.200 --dump
web02
[root@localhost ~]# elinks http://192.168.42.200 --dump
web02
[root@localhost ~]# elinks http://192.168.42.200 --dump
web02
[root@localhost ~]# /usr/local/nginx/sbin/nginx
[root@localhost ~]# elinks http://192.168.42.200 --dump
web02
[root@localhost ~]# elinks http://192.168.42.200 --dump
web01
