nginx+keepalived tutorial
1. Course Objectives
1.1. Understand the concept of reverse proxy and load balancing
1.2. Master the installation and use of Nginx
1.3. Using Nginx to achieve load balancing
2. Nginx related concepts
2.1. Reverse proxy
Reverse Proxy means that the proxy server accepts connection requests on the internet, then forwards the request to the server on the internal network, and returns the result obtained from the server to the client requesting the connection on the internet. At this time, the proxy server appears as a server to the outside world.
2.2. Load Balancing
Load balancing, the English name is Load Balance, refers to building on the existing network structure and providing a cheap, effective and transparent method to expand the bandwidth of network devices and servers, increase throughput, strengthen network data processing capabilities, and improve network performance. flexibility and availability. The principle is that data traffic is distributed to multiple servers for execution, reducing the pressure on each server , and multiple servers work together to complete work tasks, thereby improving data throughput.
3. Nginx installation
3.1. Download nginx
Official website: http://nginx.org/
3.2. Upload and decompress nginx
tar -zxvf nginx-1.8.1.tar.gz -C /usr/local/src
3.3. Compile nginx
#Enter the nginx source directory
cd /usr/local/src/nginx-1.8.1
#Check the installation environment and specify the path to be installed in the future
./configure --prefix=/usr/local/nginx
#missing package error./configure: error: C compiler cc is not found
# use YUM to install missing packages
yum -y install gcc pcre-devel openssl openssl-devel
#Compile and install
make && make install
After installation, test whether it is normal:
/usr/loca/nginx/sbin/nginx
Check if there is an ngnix process listening on the port
netstat -ntlp | grep 80
4. Configure nginx
4.1. Configure reverse proxy
1. Modify the nginx configuration file
server { listen 80; server_name nginx-01.itcast.cn; #hostname of the server where nginx is located #Reverse proxy configuration location / { #Intercept all requests root html; proxy_pass http://192.168.0.21:8080; #Here is the target server to which the proxy goes: tomcat } } |
2. Start tomcat on tomcat-01
3. Start nginx on nginx-01
./nginx
Reboot:
kill -HUP `cat /usr/local/nginx/logs/nginx.pid `
Reference URL: http://www.cnblogs.com/jianxie/p/3990377.html
4.2. Dynamic and static separation
#dynamic resource index.jsp
location ~ .*\.(jsp|do|action)$ { proxy_pass http://tomcat-01.itcast.cn:8080; } |
#static resources
location ~ .*\.(html|js|css|gif|jpg|jpeg|png)$ { expires 3d; } |
4.3. Load Balancing
Configure a name called upstream under the http section. The name behind it can be chosen at will, but it must be consistent with the proxy_pass http:// under location.
http { It is in http, already http, not in server, outside server upstream tomcats { server shizhan02:8080 weight=1;#weight indicates how many server shizhan03:8080 weight=1; server shizhan04:8080 weight=1; } #Uninstall the server location ~ .*\.(jsp|do|action) { proxy_pass http://tomcats; #tomcats is the logical group number of the following tomcat server group } } |
5. Use keepalived to achieve high reliability (HA)
5.1. High reliability concept
HA (High Available), high availability cluster, is an effective solution to ensure business continuity. Generally, there are two or more nodes, which are divided into active nodes and standby nodes.
5.2. 高可靠软件keepalived
keepalive是一款可以实现高可靠的软件,通常部署在2台服务器上,分为一主一备。Keepalived可以对本机上的进程进行检测,一旦Master检测出某个进程出现问题,将自己切换成Backup状态,然后通知另外一个节点切换成Master状态。
5.3. keepalived安装
下载keepalived官网:http://keepalived.org
将keepalived解压到/usr/local/src目录下
tar -zxvf keepalived-1.2.19.tar.gz -C /usr/local/src
进入到/usr/local/src/keepalived-1.2.19目录
cd /usr/local/src/keepalived-1.2.19
开始configure
./configure --prefix=/usr/local/keepalived
#编译并安装
make && make install
5.4. 将keepalived添加到系统服务中
拷贝执行文件
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
将init.d文件拷贝到etc下,加入开机启动项
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived
将keepalived文件拷贝到etc下
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
创建keepalived文件夹
mkdir -p /etc/keepalived
将keepalived配置文件拷贝到etc下
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
添加可执行权限
chmod +x /etc/init.d/keepalived
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ mkdir -p /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf chmod +x /etc/init.d/keepalived chkconfig --add keepalived chkconfig keepalived on |
添加keepalived到开机启动
chkconfig --add keepalived
chkconfig keepalived on
5.5. 配置keepalived虚拟IP
修改配置文件: /etc/keepalived/keepalived.conf
#MASTER节点
global_defs { } vrrp_instance VI_1 { state MASTER #指定A节点为主节点 备用节点上设置为BACKUP即可 interface eth0 #绑定虚拟IP的网络接口 virtual_router_id 51 #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组 priority 100 #主节点的优先级(1-254之间),备用节点必须比主节点优先级低 advert_int 1 #组播信息发送间隔,两个节点设置必须一样 authentication { #设置验证信息,两个节点必须一致 auth_type PASS auth_pass 1111 } virtual_ipaddress { #指定虚拟IP, 两个节点设置必须一样 192.168.33.60/24 #如果两个nginx的ip分别是192.168.33.61,,...62,则此处的虚拟ip跟它俩同一个网段即可 } } |
#BACKUP节点
global_defs { } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.33.60/24 } } |
#分别启动两台机器上的keepalived
service keepalived start
测试:
杀掉master上的keepalived进程,你会发现,在slave机器上的eth0网卡多了一个ip地址
查看ip地址的命令: ip addr
5.6. 配置keepalived心跳检查
原理:
Keepalived并不跟nginx耦合,它俩完全不是一家人
但是keepalived提供一个机制:让用户自定义一个shell脚本去检测用户自己的程序,返回状态给keepalived就可以了
#MASTER节点
global_defs { }
vrrp_script chk_health { script "[[ `ps -ef | grep nginx | grep -v grep | wc -l` -ge 2 ]] && exit 0 || exit 1" interval 1 #每隔1秒执行上述的脚本,去检查用户的程序ngnix weight -2 }
vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 1 priority 100 advert_int 2 authentication { auth_type PASS auth_pass 1111 }
track_script { chk_health }
virtual_ipaddress { 10.0.0.10/24 }
notify_master "/usr/local/keepalived/sbin/notify.sh master" notify_backup "/usr/local/keepalived/sbin/notify.sh backup" notify_fault "/usr/local/keepalived/sbin/notify.sh fault" } |
#添加切换通知脚本
vi /usr/local/keepalived/sbin/notify.sh
#!/bin/bash
case "$1" in master) /usr/local/nginx/sbin/nginx exit 0 ;; backup) /usr/local/nginx/sbin/nginx -s stop /usr/local/nginx/sbin/nginx exit 0 ;; fault) /usr/local/nginx/sbin/nginx -s stop exit 0 ;; *) echo 'Usage: notify.sh {master|backup|fault}' exit 1 ;; esac |
#添加执行权限
chmod +x /usr/local/keepalived/sbin/notify.sh
global_defs { }
vrrp_script chk_health { script "[[ `ps -ef | grep nginx | grep -v grep | wc -l` -ge 2 ]] && exit 0 || exit 1" interval 1 weight -2 }
vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 1 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 1111 }
track_script { chk_health }
virtual_ipaddress { 10.0.0.10/24 }
notify_master "/usr/local/keepalived/sbin/notify.sh master" notify_backup "/usr/local/keepalived/sbin/notify.sh backup" notify_fault "/usr/local/keepalived/sbin/notify.sh fault" } |
#在第二台机器上添加notify.sh脚本
#分别在两台机器上启动keepalived
service keepalived start
chkconfig keepalived on