1. Environmental preparation
There are a total of 4 virtual machines, 4 centos7 virtual machines created by the parallels desktop of the mac
master 192.168.20.104 salve 192.168.20.103 node1 192.168.20.102 node2 192.168.20.98
You can install a virtual machine first, and then clone it.
2. Configure the virtual machine
1. Install the keepalived of the master, refer to the following script:
# -------------------------------------------------------- # ## Keepalived_intsall # -------------------------------------------------------- # # Keepalived installation yum install -y gcc openssl-devel popt-devel # error libnfnetlink headers missing yum install -y libnfnetlink-devel cd /root/software [ ! -e keepalived-1.2.24.tar.gz ] && wget http://www.keepalived.org/software/keepalived-1.2.24.tar.gz tar -zxvf keepalived-1.2.24.tar.gz cd keepalived-1.2.24 ./configure --prefix=/usr/local/keepalived make && make install cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ mkdir -p /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf chmod +x /etc/init.d/keepalived echo $? || [ $? != 0 ] || print " installation keepalived failed" || exit 1 chkconfig --add keepalived chkconfig --level 345 keepalived on
The above is to download the corresponding compressed package, and then install and configure it.
Centos7 this time I use yum installation, run the command directly on the command line:
yum install keepalived //installation keepalived -v //check version
To configure keepalived of master and corresponding salve, run the command:
vim /usr/local/keepalived/keepalived.conf //edit configuration file
! Configuration File for keepalived global_defs { notification_email { root@localhost [email protected] ##Set email alarm address } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 3 router_id LVS_DEVEL } vrrp_instance VI_1 { ##Configure vrrp instance 1 state MASTER ##BACKUP is modified to BACKUP interface eth0 virtual_router_id 51 priority 101 ##BACKUP modified to 100 or less advert_int 1 garp_master_delay 5 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.20.10 } virtual_server 192.168.20.10 80 { delay_loop 6 lb_algo rr lb_kind NAT #Load balancing forwarding rule DR NAT TUN. Consistent with the working mode setting of the LVS you will start nat_mask 255.255.255.0 persistence_timeout 5 protocol TCP real_server 192.168.20.98 80 { weight 10 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.20.102 80 { weight 10 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
2. Firewall settings, run the command:
sysemctl stop firewalld.service //close sysemctl disable firewalld.service //Disable startup at boot
3. Install ipvsadm, run the command:
yum install ipvsadm //install ipvsadm -v //check version
4. (Optional) To install the iptables firewall, you need to configure the corresponding firewall policy. Run the command:
vim /etc/sysconfig/iptables
eg:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -s 172.21.4.51 -j ACCEPT -A INPUT -s 172.21.4.52 -j ACCEPT -A INPUT -s 172.21.4.91 -j ACCEPT -A INPUT -s 172.21.4.92 -j ACCEPT
Open the corresponding port.
5. Install nginx on the node, pay attention to setting the corresponding firewall so that nginx port 80 can be accessed, refer to the script:
#!/bin/bash # author: kuangl # mail: [email protected] # description: The installation of Nginx files. # -------------------------------------------------------- # ## Nginx_install # -------------------------------------------------------- # # Nginx installation #CURRENT_PATH=$(pwd) for i in $(rpm -q gcc gcc-c++ kernel-devel openssl-devel zlib-devel popt-devel popt-static libnl-devel wget make |grep 'not installed' | awk '{print $2}') do yum -y install $i done [ -d /root/software ] [ "$?" != 0 ] && mkdir /root/software cd /root/software [ ! -e pcre-8.40.tar.gz ] && wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz tar -zxvf pcre-8.40.tar.gz cd pcre-8.40 ./configure make && make install echo $? || [ $? != 0 ] || echo " installation pcre failed" || exit 1 cd /root/software [ ! -e nginx-1.11.5.tar.gz ] && wget http://nginx.org/download/nginx-1.11.5.tar.gz tar -zxvf nginx-1.11.5.tar.gz cd nginx-1.11.5 ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module --with-http_gzip_static_module make && make install echo $? || [ $? != 0 ] || echo " installation nginx failed" || exit 1
6. Set up lvs on the nginx node
ipvsadm -C ipvsadm -At 192.168.20.10:80 -s rr ipvsadm -at 192.168.20.10:80 -r 192.168.20.98 -m ipvsadm -at 192.168.20.10:80 -r 192.168.20.102 -m -a specify the real server -t VIP on lvs -r real server ip and port -w weight value -g select DR mode first -m is NAT mode
7. Start and verify
Two ways to start keepalived (1) Install the compressed package yourself, refer to the installation sh script in this directory, and start the command: /etc/init.d/keepalived start (2) centos7 yum installation, configured as a service systemctl daemon-reload reload systemctl enable keepalived.service Set to automatically start at boot systemctl disable keepalived.service Cancel automatic startup at boot systemctl start keepalived.service start systemctl stop keepalived.service停止 (3) Check the startup status systemctl status keepalived.service External inaccessibility after nginx is started (1) Check the linux firewall (2) View the firewall configuration Linux firewall (Iptables) restart the system to take effect On: chkconfig iptables on Off: chkconfig iptables off Linux firewall (Iptables) takes effect immediately and fails after restart Start: service iptables start Shutdown: service iptables stop nginx related commands: nginx -v //View version ps -ef|grep nginx //View process, there are two, the main process and the child process kill -9 process number //kill the process pkill -9 nginx //Force stop nginx -c /usr/local/nginx/nginx.conf //Start nginx -s stop //quick stop or shutdown nginx -s qiut //Stop or shut down normally nginx -s reload //Reload after configuration file modification
8. Precautions
1. Output log information: /var/log/messages , more specific log information output needs to add the -d parameter when starting keepalived. 2. When both are MASTER and the priority is the same, the back-started node (service vrrp start) will replace the running node and become the main one. 3. When one is MASTER and has high priority, it is not affected by the down/up of the secondary node, and when it changes from down to up, it will grab control. 4. In the case of both MASTER and the same priority, if the running master node is down (disconnected from the network), the secondary node will automatically take over, and the master node will not snatch control when it gets up again. #keepalived will execute the script regularly and analyze the result of the script execution, and dynamically adjust the priority of vrrp_instance. #If the script execution result is 0, and the value of the weight configuration is greater than 0, the priority will be increased accordingly #If the script execution result is not 0 and the value of the weight configuration is less than 0, the priority will be reduced accordingly #In other cases, maintain the priority of the original configuration, that is, the value corresponding to the priority in the configuration file. # Note that: #1) The priority "will not" continuously increase or decrease, and when the object of the track is restored, it is consistent #2) You can write multiple detection scripts and set different weights for each detection script #3) Regardless of whether the priority is increased or decreased, the final priority range is [1,254], and there will be no priority less than or equal to 0 or priority greater than or equal to 255 #In this way, the script can be used to detect the status of the business process and dynamically adjust the priority to realize the master-standby switch.
9. Reference link
http://blog.csdn.net/yinwenjie/article/details/47211551
http://www.linuxidc.com/Linux/2015-07/120179.htm
http://blog.csdn.net/nimasike/article/details/51867046
http://os.51cto.com/art/201103/249045.htm
https://github.com/jiji87432/nginx_sh //Related installation configuration scripts