nginx keepalived lvs

Others 2022-04-28 19:11:19 views: 0

1. Environmental preparation

There are a total of 4 virtual machines, 4 centos7 virtual machines created by the parallels desktop of the mac

master 192.168.20.104
salve 192.168.20.103
node1 192.168.20.102
node2 192.168.20.98

You can install a virtual machine first, and then clone it.

2. Configure the virtual machine

1. Install the keepalived of the master, refer to the following script:

# -------------------------------------------------------- #
            ## Keepalived_intsall
# -------------------------------------------------------- #
# Keepalived installation
yum install -y gcc openssl-devel popt-devel
# error libnfnetlink headers missing
yum install -y libnfnetlink-devel
cd /root/software
[ ! -e keepalived-1.2.24.tar.gz ] &&  wget http://www.keepalived.org/software/keepalived-1.2.24.tar.gz
tar -zxvf keepalived-1.2.24.tar.gz
cd keepalived-1.2.24
./configure --prefix=/usr/local/keepalived
make && make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir -p /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
chmod +x /etc/init.d/keepalived
echo $? || [ $? != 0  ] || print " installation keepalived  failed" || exit 1
chkconfig --add keepalived
chkconfig --level 345 keepalived on

 The above is to download the corresponding compressed package, and then install and configure it.

Centos7 this time I use yum installation, run the command directly on the command line:

yum install keepalived //installation
keepalived -v //check version 

To configure keepalived of master and corresponding salve, run the command:

vim /usr/local/keepalived/keepalived.conf //edit configuration file
! Configuration File for keepalived

global_defs {
   notification_email {
        root@localhost
        [email protected] ##Set email alarm address
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 3
   router_id LVS_DEVEL
}
vrrp_instance VI_1 { ##Configure vrrp instance 1
    state MASTER ##BACKUP is modified to BACKUP
    interface eth0
    virtual_router_id 51
    priority 101 ##BACKUP modified to 100 or less
    advert_int 1
    garp_master_delay 5
    authentication {
        auth_type PASS
        auth_pass 1111
    }
virtual_ipaddress {
        192.168.20.10
    }
virtual_server 192.168.20.10 80 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT #Load balancing forwarding rule DR NAT TUN. Consistent with the working mode setting of the LVS you will start
    nat_mask 255.255.255.0
    persistence_timeout 5
    protocol TCP
    real_server 192.168.20.98 80 {
        weight 10
        HTTP_GET {
            url {
              path /
            status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
      }
    }
real_server 192.168.20.102 80 {
        weight 10
        HTTP_GET {
            url {
              path /
            status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

2. Firewall settings, run the command:

sysemctl stop firewalld.service //close
sysemctl disable firewalld.service //Disable startup at boot

3. Install ipvsadm, run the command:

yum install ipvsadm //install
ipvsadm -v //check version

4. (Optional) To install the iptables firewall, you need to configure the corresponding firewall policy. Run the command:

vim /etc/sysconfig/iptables

eg:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -s 172.21.4.51 -j ACCEPT
-A INPUT -s 172.21.4.52 -j ACCEPT
-A INPUT -s 172.21.4.91 -j ACCEPT
-A INPUT -s 172.21.4.92 -j ACCEPT

 Open the corresponding port.

 

5. Install nginx on the node, pay attention to setting the corresponding firewall so that nginx port 80 can be accessed, refer to the script:

#!/bin/bash
# author: kuangl
# mail: [email protected]
# description: The installation of Nginx files.
# -------------------------------------------------------- #
         ## Nginx_install
# -------------------------------------------------------- #
# Nginx installation
#CURRENT_PATH=$(pwd)
for i in $(rpm -q gcc gcc-c++ kernel-devel openssl-devel zlib-devel popt-devel popt-static libnl-devel wget make |grep 'not installed' | awk '{print $2}')
do
    yum -y install $i
done
[ -d /root/software ]
[ "$?" != 0 ] && mkdir /root/software
cd /root/software
[ !  -e pcre-8.40.tar.gz ] && wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz
tar -zxvf pcre-8.40.tar.gz
cd pcre-8.40
./configure
make && make install
echo $? || [ $? != 0  ] || echo  " installation pcre  failed" || exit 1
cd /root/software
[ ! -e nginx-1.11.5.tar.gz ] && wget http://nginx.org/download/nginx-1.11.5.tar.gz
tar -zxvf nginx-1.11.5.tar.gz
cd nginx-1.11.5
./configure  --prefix=/usr/local/nginx --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module  --with-http_gzip_static_module
make && make install
echo $? || [ $? != 0  ] || echo  " installation  nginx  failed" || exit 1

 6. Set up lvs on the nginx node

ipvsadm -C
ipvsadm -At 192.168.20.10:80 -s rr
ipvsadm -at 192.168.20.10:80 -r 192.168.20.98 -m
ipvsadm -at 192.168.20.10:80 -r 192.168.20.102 -m
-a specify the real server -t VIP on lvs -r real server ip and port -w weight value -g select DR mode first -m is NAT mode

 7. Start and verify

Two ways to start keepalived
(1) Install the compressed package yourself, refer to the installation sh script in this directory, and start the command: /etc/init.d/keepalived start
(2) centos7 yum installation, configured as a service
    systemctl daemon-reload reload
    systemctl enable keepalived.service Set to automatically start at boot
    systemctl disable keepalived.service Cancel automatic startup at boot
    systemctl start keepalived.service start
    systemctl stop keepalived.service停止
(3) Check the startup status
    systemctl status keepalived.service
External inaccessibility after nginx is started
(1) Check the linux firewall
(2) View the firewall configuration
    Linux firewall (Iptables) restart the system to take effect
    On: chkconfig iptables on
    Off: chkconfig iptables off
    
    Linux firewall (Iptables) takes effect immediately and fails after restart
    Start: service iptables start
    Shutdown: service iptables stop
nginx related commands:
    nginx -v //View version
    ps -ef|grep nginx //View process, there are two, the main process and the child process
    kill -9 process number //kill the process
    pkill -9 nginx //Force stop
    nginx -c /usr/local/nginx/nginx.conf //Start
    nginx -s stop //quick stop or shutdown
    nginx -s qiut //Stop or shut down normally
    nginx -s reload //Reload after configuration file modification

 

8. Precautions

1. Output log information: /var/log/messages , more specific log information output needs to add the -d parameter when starting keepalived.
2. When both are MASTER and the priority is the same, the back-started node (service vrrp start) will replace the running node and become the main one.
3. When one is MASTER and has high priority, it is not affected by the down/up of the secondary node, and when it changes from down to up, it will grab control.
4. In the case of both MASTER and the same priority, if the running master node is down (disconnected from the network), the secondary node will automatically take over, and the master node will not snatch control when it gets up again.
#keepalived will execute the script regularly and analyze the result of the script execution, and dynamically adjust the priority of vrrp_instance.
#If the script execution result is 0, and the value of the weight configuration is greater than 0, the priority will be increased accordingly
#If the script execution result is not 0 and the value of the weight configuration is less than 0, the priority will be reduced accordingly
#In other cases, maintain the priority of the original configuration, that is, the value corresponding to the priority in the configuration file.
# Note that:
#1) The priority "will not" continuously increase or decrease, and when the object of the track is restored, it is consistent
#2) You can write multiple detection scripts and set different weights for each detection script
#3) Regardless of whether the priority is increased or decreased, the final priority range is [1,254], and there will be no priority less than or equal to 0 or priority greater than or equal to 255
#In this way, the script can be used to detect the status of the business process and dynamically adjust the priority to realize the master-standby switch. 

9. Reference link

http://blog.csdn.net/yinwenjie/article/details/47211551

http://www.linuxidc.com/Linux/2015-07/120179.htm

http://blog.csdn.net/nimasike/article/details/51867046

http://os.51cto.com/art/201103/249045.htm

https://github.com/jiji87432/nginx_sh  //Related installation configuration scripts

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326489862&siteId=291194637
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com