keepalived Nginx【主从】集群架构图:
环境准备:
ip | 备注 |
|---|---|
192.168.1.10 | nginx keepalived(主) |
192.168.1.20 | nginx keepalived(从) |
192.168.1.30 | nginx/tomcat |
192.168.1.40 | nginx/tomcat |
192.168.1.200 | VIP |
关闭防火墙沙盒
代码语言:javascript复制systemctl stop firewalld && systemctl disable firewalld && setenforce 0安装nginx
192.168.1.10/20
代码语言:javascript复制`安装依赖`
yum -y install openssl openssl-devel zlib zlib-devel pcre pcre-devel gcc gcc-c make cmake
`解压并安装`
tar -zxf nginx-1.6.2.tar.gz
cd nginx-1.6.2 && ./configure && make && make install
`软连接`
ln -s /usr/local/nginx/sbin/nginx /usr/sbin/安装tomcat
此次实验web采用的是tomcat 192.168.1.30/40
代码语言:javascript复制`安装java环境`
yum -y install java-1.8.0-openjdk
`解压并安装`
tar -zxf apache-tomcat-8.5.42.tar.gz
`修改默认页面`
rm -rf /root/apache-tomcat-8.5.42/webapps/ROOT/index.jsp
echo 'web1/2' > /root/apache-tomcat-8.5.42/webapps/ROOT/index.html
`启动`
/root/apache-tomcat-8.5.42/bin/startup.sh测试访问
Nginx配置反向代理轮询
192.168.1.10/20
代码语言:javascript复制vi /usr/local/nginx/conf/nginx.conf
####配置内容#####
#gzip on;
upstream web {
server 192.168.1.30:8080 weight=1 max_fails=3 fail_timeout=10s;
server 192.168.1.40:8080 weight=1 max_fails=3 fail_timeout=10s;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://web/;
}
#error_page 404 /404.html;
`` ``
nginx #启动
nginx -t #文件检查
nginx -s stop #停止
nginx -s reload #重启
安装keepalived
本次实验直接使用yum安装
代码语言:javascript复制yum install keepalived -y查看服务器使用的网卡名称:ens33
配置keepalived文件 主
代码语言:javascript复制vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs { #keepalived节点出现故障,给管理员发送消息
notification_email { # 管理员的邮箱
123@qq.com
}
notification_email_from abc@qq.com #邮箱的发件者
smtp_server 192.168.1.200 #邮箱服务器的ip
smtp_connect_timeout 30 #邮件服务器连接的超时时间
router_id LVS_DEVEL #节点的标识符(hostname)
}
vrrp_instance VI_1 { #vrrp协议组的名称
state MASTER # 节点的状态 主(master)
interface ens33 #用来发送vrrp的网卡
virtual_router_id 66 #server_id 一个组的ip必须一致
priority 100 #当前节点的优先级 1-255
advert_int 1 #vrrp通告的间隔时间,单位为s
authentication { #认证主和备之间的通讯
auth_type PASS #认证类型
auth_pass 1111 #使用的密钥
}
virtual_ipaddress { #vip的地址
192.168.1.200
}
}
virtual_server 192.168.1.200 80 {
delay_loop 6 #对后端的健康检查间隔的时间
lb_algo rr #调度算法rr
lb_kind DR #调度模式 DR
net_mask 255.255.255.0 #netmask
persistence_timeout 0 #会话保持时间
protocol TCP #使用传输协议时tcp
real_server 192.168.1.10 80 { #后端真实节点 ip端口
weight 1 #节点的权重
connect_port 80 #连接节点的端口
connect_timeout 3 #节点连接等待的时间
nb_get_retry 3 #节点连接的次数
delay_before_retry 3 #每隔多久和节点建立连接
}
real_server 192.168.1.20 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}从
代码语言:javascript复制! Configuration File for keepalived
global_defs {
notification_email {
123@qq.com
}
notification_email_from abc@qq.com
smtp_server 192.168.1.200
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 66
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200
}
}
virtual_server 192.168.1.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
net_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.1.10 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
real_server 192.168.1.20 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}启动keepalived
代码语言:javascript复制systemctl start keepalivedmaster先启动slave后启动 可以看到master节点出现了vip
修改nginx配置文件&server_name为vip
重启nginx
代码语言:javascript复制nginx -s reload测试
访问vip
查看master节点上的nginx:
slave节点上的nginx未输出:
模拟master节点宕机
代码语言:javascript复制[root@SLBmaster ~]# systemctl stop keepalived此时VIP漂移到了slave节点
测试访问:
slave节点nginx日志输出
master节点nginx日志未输出
