04.nginx+keepalive

1.1 机器规划和架构图

角色 IP
nginx反向代理+keepalive-master 192.168.56.61
web01 192.168.56.62
web02 192.168.56.63
nginx反向代理+keepalive-slave 192.168.56.64

 

 

1.2 部署nginx负载均衡

192.168.56.61(keepalive-master)
192.168.56.64(keepalive-slave)

1.2.1 配置nginx负载

安装nginx服务


[root@linux-node4 ~]# yum -y install nginx
配置反向代理


[root@lb-master ~]# vim /etc/nginx/nginx.conf
stream {
    log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/django-access.log  main;
    upstream django-apiserver {
                server 192.168.56.62:80;
                server 192.168.56.63:80;
            }
   
    server {
       listen 88;
       proxy_pass django-apiserver;
    }
}

1.2.2 完整配置如下

看一下即可,都是nginx默认配置


[root@lb-master ~]# cat /etc/nginx/nginx.conf 
user  nginx;
worker_processes  1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}

stream {
    log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/django-access.log  main;
    upstream django-apiserver {
                server 192.168.56.62:80;
                server 192.168.56.63:80;
            }
   
    server {
       listen 80;
       proxy_pass django-apiserver;
    }
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  65;
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}

1.2.3 测试反向代理可用性

测试集群可用性


http://192.168.56.62/        # web01
http://192.168.56.63/        # web02
# 可以停止一个nginx服务,测试可用性
服务管理


[root@lb-slave ~]# systemctl start nginx
[root@lb-slave ~]# systemctl enable nginx

2.3 keepalive安装与配置

2.3.1 安装keepalive

[root@lb-master ~]# yum -y install keepalived

2.3.2 keepalive-master配置修改

==注:默认的keepalived.conf配置太多,直接删除,用下面配置替换即可==
192.168.56.61


[root@lb-master ~]# vim /etc/keepalived/keepalived.conf 

global_defs { 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_MASTER
} 

# 健康监测nginx
vrrp_script check_nginx {
    script "/etc/keepalived/check_nginx.sh"      # 设置检查nginx是否存活的脚本位置
}

# keepalive热备组配置
vrrp_instance VI_1 { 
    state MASTER            # 配置当前keepalive为master角色
    interface eth0           # 网卡名字,必须和实际网卡名称一致,默认是ens33
    virtual_router_id 51       # VRRP 路由 ID实例,每个实例是唯一的 
    priority 100            # 优先级,备服务器设置 90 
    advert_int 1            # 指定VRRP 心跳包通告间隔时间,默认1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111       # 设置keepalive的master和slave之间简单的秘钥认证
    }  
    virtual_ipaddress { 
        192.168.56.60/24     # 设置keepalive虚拟IP地址
    } 
    track_script {
        check_nginx
    } 
}

2.3.3 keepalive-slave配置修改

==注:默认的keepalived.conf配置太多,直接删除,用下面配置替换即可==

192.168.56.64


[root@lb-master ~]# vim /etc/keepalived/keepalived.conf 
 
global_defs { 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_BACKUP
} 

vrrp_script check_nginx {
    script "/etc/keepalived/check_nginx.sh"
}

vrrp_instance VI_1 { 
    state BACKUP            # 设置keepalive角色为backend
    interface eth0           # 设置虚拟网卡名称
    virtual_router_id 51       # VRRP 路由 ID实例,每个实例是唯一的,master和slave保持一致即可
    priority 90             # 优先级,备服务器设置 90 
    advert_int 1            # 指定VRRP 心跳包通告间隔时间,默认1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111 
    }  
    virtual_ipaddress { 
        192.168.56.60/24     # 设置虚拟网卡地址
    } 
    track_script {
        check_nginx
    } 
}

2.3.4 添加nginx健康监测脚本

[root@lb-master keepalived]# vim /etc/keepalived/check_nginx.sh
#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ];then
    exit 1
else
    exit 0
fi
[root@lb-master keepalived]# chmod +x /etc/keepalived/check_nginx.sh         # 给脚本添加一个可执行权限

#2.3.5 启动keepalive

root@lb-master ~]#  systemctl start keepalived
[root@lb-master ~]#  systemctl enable keepalived

2.4 测试keepalive高可用

1、测试使用 http://192.168.56.60:88/ 虚拟IP访问
  在浏览器中访问: http://192.168.56.60 http://192.168.56.61 http://192.168.56.64 都可以访问web1和web2服务
2、关闭lb-master(192.168.56.61)的nginx测试VIP是否漂移到备节点
  在192.168.56.61中停止nginx服务(lb-master),lb-slave中可以接替master的服务
  依然可以使用 http://192.168.56.60:88/ 访问web01和web02服务

 

posted @ 2021-03-27 21:17  小虾米爱吃鱼  阅读(513)  评论(0编辑  收藏  举报