keepalived+nginx 服务器搭建
1、实验环境:此处都使用是Centos 7系统
Hostname | IP | 说明 |
LB01 | 192.168.11.80 | keepalived+nginx |
LB02 | 192.168.11.81 | keepalived+nginx |
web01 | 192.168.11.83 | nginx(web服务) |
web02 | 192.168.11.84 | nginx(web服务) |
测试电脑一台:IP:192.168.11.90
在所有节点服务器上面关闭firewalld、selinux,并安装httpd服务。
2、配置后端web服务器(web01和web02)
[root@web01 ~]# echo "This is web01" >/usr/share/nginx/html/index.html [root@web02 ~]# echo "This is web02" >/usr/share/nginx/html/index.html [root@web01 ~]# curl http://192.168.11.83 This is web01 [root@web02 ~]# curl http://192.168.11.83 This is web02
3、 配置LB两台服务器的nginx (LB01和LB02)
[root@LB01 ~]# vim /etc/nginx/nginx.conf #编辑nginx配置文件
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream backend { server 192.168.11.83:80 weight=1; server 192.168.11.84:80 weight=1; } server { listen 80; server_name www.test.com; location / { proxy_pass http://backend;
proxy_set_header Host $host; #转发请求头信息
proxy_set_header X-Forward-For $remote_addr; #转发请求IP地址
} } }
# systemctl start nginx //启动nginx # systemctl enable nginx //加入开机自启动
以上方法是直接修改nginx.conf 文件,下面还介绍另一种方法,实现的功能一样,自己随便选一个就行。
(1)新建文件proxy.conf,并且写入配置信息;
[root@LB01 ~]#vim /etc/nginx/conf.d/proxy.conf upstream backend { server 192.168.11.83:80 weight=1; server 192.168.11.84:80 weight=1; } server { listen 80; server_name www.test.com; location / { proxy_pass http://backend;
proxy_set_header Host $host; #转发请求头信息
proxy_set_header X-Forward-For $remote_addr; #转发请求IP地址 } }
(2)修改nginx.conf文件中的路径;
[root@LB01 ~]# vim /etc/nginx/nginx.conf user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; include /etc/nginx/conf.d/proxy.conf; #修改此处的中文件路径; }
(3)启动两节点的nginx服务;
# systemctl start nginx
4、配置LB两台服务器的keepalived (LB01和LB02)
[root@LB01 ~] # vim /etc/keepalived/keepalived.conf
global_defs { router_id LVS_19 #id号为唯一,不能重复,与backup服务器不同 vrrp_mcast_group4 224.0.0.19 #这个就是指定多播地址的配置 } vrrp_script chk_nginx { #配置脚本 script "/etc/keepalived/chk_nginx.sh" #脚本位置 interval 2 weight 2 } vrrp_instance VI_1 { #实例名为VI_1,两节点配置一样 state MASTER #状态为MASTER,备节点状态需要为BACKUP interface ens33 #通信(心跳)接口为ens33,此参数备节点设置和主节点相同 virtual_router_id 51 #实例id号,两节点配置一样 priority 100 #优先级 advert_int 1 #通信检查间隔时间1秒 authentication { auth_type PASS #PASS认证类型,此参数备节点设置和主节点相同 auth_pass 1111 #密码1111,此参数备节点设置和主节点相同 } virtual_ipaddress { 192.168.11.85/24 #虚拟IP } track_script { chk_nginx } }
LB02与LB01配置不同处如下:
router_id LVS_19 -> router_id LVS_20 #id号 state MASTER -> state BACKUP #主备模式 priority 100 -> priority 90 #优先级
5、配置两台LB服务器(LB01和LB02)的chk_nginx.sh,在nginx不运行的情况下,停止运行keepalived,让服务切换至另一台服务器运行。
[root@LB01 ~]# vim /etc/keepalived/chk_nginx.sh # nginx 检测脚本(chk_nginx.sh) #!/bin/bash #+检查nginx进程是否存在 counter=$(ps -C nginx --no-header|wc -l) #此行有服务名 if [ "${counter}" = "0" ]; then #尝试启动一次nginx,停止5秒后再次检测 systemctl start nginx #启动服务 sleep 5 counter=$(ps -C nginx --no-header|wc -l) #此行有服务名 if [ "${counter}" = "0" ]; then #如果启动没成功,就杀掉keepalive触发主备切换 systemctl stop keepalived fi fi
[root@LB01 ~]# systemctl restart keepalived
[root@LB02 ~]# systemctl restart keepalived
6、先测试nginx负载均衡情况
[root@node ~]# for i in {1..10};do curl http://192.168.11.85; done This is web01 This is web02 This is web01 This is web02 This is web01 This is web02 This is web01 This is web02 This is web01 This is web02
以上轮询显示正常。
7、再测试keepalived的高可用性能
关闭LB01节点上的keepalived后,VIP会漂移到LB02上面,显示正常。
[root@LB02 ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:dd:f0:9b brd ff:ff:ff:ff:ff:ff inet 192.168.11.80/24 brd 192.168.11.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.11.85/24 scope global secondary ens33 #VIP已经漂移过到LB02上面 valid_lft forever preferred_lft forever inet6 fe80::3219:2961:c226:619c/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:a9:1f:a7 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:a9:1f:a7 brd ff:ff:ff:ff:ff:ff
上以配置是Keepalived+nginx 的主备模式,下面讲下Keepalived+nginx的双主模式;
(1)配置 LB01 节点
[root@LB01 ~] # vim /etc/keepalived/keepalived.conf global_defs { router_id LVS_19 #id号为唯一,不能重复,与backup服务器不同 vrrp_mcast_group4 224.0.0.19 #这个就是指定多播地址的配置 } vrrp_instance VI_1 { #实例名为VI_1,两节点配置一样 state MASTER #状态为MASTER,备节点状态需要为BACKUP interface ens33 #通信(心跳)接口为ens33,此参数备节点设置和主节点相同 virtual_router_id 51 #实例id号,两节点配置一样 priority 100 #优先级 advert_int 1 #通信检查间隔时间1秒 authentication { auth_type PASS #PASS认证类型,此参数备节点设置和主节点相同 auth_pass 1111 #密码1111,此参数备节点设置和主节点相同 } virtual_ipaddress { 192.168.11.85/24 #VIP地址 } }
vrrp_instance VI_2 { #实例名为VI_2,两节点配置一样
state BACKUP #状态为BACKUP,备节点改为MASTER
interface ens33 #网卡接口名称
virtual_router_id 52 #实例id号,两节点配置一样
priority 90 #优先级为90
advert_int 1 #通信检查间隔时间1秒
authentication {
auth_type PASS #认证类型 两节点都一样
auth_pass 2222 #密码配置,两节点都一样
}
virtual_ipaddress {
192.168.11.86/24 #VIP地址
}
}
(2)配置 LB02 节点
[root@LB01 ~] # vim /etc/keepalived/keepalived.conf global_defs { router_id LVS_20 #id号为唯一,不能重复,与backup服务器不同 vrrp_mcast_group4 224.0.0.19 #这个就是指定多播地址的配置 } vrrp_instance VI_1 { #实例名为VI_1,两节点配置一样 state BACKUP #状态为MASTER,备节点状态需要为BACKUP interface ens33 #通信(心跳)接口为ens33,此参数备节点设置和主节点相同 virtual_router_id 51 #实例id号,两节点配置一样 priority 90 #优先级 advert_int 1 #通信检查间隔时间1秒 authentication { auth_type PASS #PASS认证类型,此参数备节点设置和主节点相同 auth_pass 1111 #密码1111,此参数备节点设置和主节点相同 } virtual_ipaddress { 192.168.11.85/24 #VIP地址 } } vrrp_instance VI_2 { #实例名为VI_2,两节点配置一样 state MASTER #状态为BACKUP,备节点改为MASTER interface ens33 #网卡接口名称 virtual_router_id 52 #实例id号,两节点配置一样 priority 100 #优先级为100 advert_int 1 #通信检查间隔时间1秒 authentication { auth_type PASS #认证类型 两节点都一样 auth_pass 2222 #密码配置,两节点都一样 } virtual_ipaddress { 192.168.11.86/24 #VIP地址 } }