目录
1 实现Nginx负载均衡的组件说明
Nginx http功能模块 | 模块说明 |
---|---|
ngx_http_proxy_module | proxy代理模块,用于把请求后抛给服务器节点或upstream服务器池 |
ngx_http_upstream_module | 负载均衡模块,可以实现网站的负载均衡功能及节点的健康检查 |
2 Nginx负载均衡实验环境准备
HOSTNAME | IP | 说明 |
---|---|---|
lb01 | 192.168.90.5 | Nginx主负载均衡器 |
lb02 | 192.168.90.6 | Nginx辅负载均衡器 |
web01 | 192.168.90.8 | web01服务器(Nginx) |
web02 | 192.168.90.7 | web02服务器(Nginx) |
3 Nginx反向代理负载均衡安装
# lb01和lb02都安装所需要的软件包(以lb01为例)
yum install openssl openssl-devel pcre pcre-devel -y
rpm -qa openssl openssl-devel pcre pcre-devel
# 编译安装Nginx
useradd www -s /sbin/nologin -M
mkdir /home/oldboy/tools
cd /home/oldboy/tools
wget -q http://nginx.org/download/nginx-1.6.3.tar.gz
ls -l nginx-1.6.3.tar.gz
tar -xf nginx-1.6.3.tar.gz
cd nginx-1.6.3
./configure --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --prefix=/application/nginx-1.6.3/
make
make install
ln -s /application/nginx-1.6.3 /application/nginx
# 编辑配置文件
egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@lb01 conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream www_server_pools {
server 192.168.90.7:80 weight=1;
server 192.168.90.8:80 weight=1;
}
server {
listen 80;
server_name www.rsq.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://www_server_pools;
proxy_set_header Host $host; # 基于hosts访问,下边会详解
proxy_set_header X-Forwarded-For $remote_addr; # 让节点记录访问源IP地址,默认支持
}
}
}
# 客户端解析然后测试访问
[root@m01 ~]# grep rsq /etc/hosts
172.16.1.5 lb01 www.rsq.com bbs.rsq.com blog.rsq.com rsq.com
# 两个web都是Nginx
[root@m01 ~]# for i in `seq 100`;do curl www.rsq.com;sleep 1;done
nginx www
www
nginx www
www
nginx www
www
nginx www
^C
[root@m01 ~]#
# 可以测试单独使某一个web服务宕掉试试什么情况
[root@web02 www]# pkill nginx
[root@m01 ~]# for i in `seq 100`;do curl www.rsq.com;sleep 1;done
www
nginx www
www
nginx www
www
nginx www
www
nginx www
www
www
www
www
www
^C
# proxy_set_header Host $host; 基于主机访问,无此条目时若server_name改为bbs.rsq.com则还是访问www.rsq.com的内容,因为在TCP协议中负载(lb)默认向后边web中请求的时候不带请求Host头部,故还是访问默认的内容。
# 未配置$host的情况
[root@m01 ~]# for i in `seq 100`;do curl bbs.rsq.com;sleep 1;done
nginx www
www
# 配置完$host的情况
[root@m01 ~]# for i in `seq 100`;do curl bbs.rsq.com;sleep 1;done
bbs
nginx bbs
# proxy_set_header X-Forwarded-For $remote_addr;的作用在于可以使在日志文件中记录到访问源IP地址,而不是代理的IP地址。
# 未配置X-Forwarded-For的日志如下
172.16.1.5 - - [27/Mar/2018:23:18:49 +0800] "GET / HTTP/1.0" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
# 配置完X-Forwarded-For的日志如下
192.168.90.5 - - [27/Mar/2018:23:37:27 +0800] "GET / HTTP/1.0" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "172.16.1.61"
4 keepalived+Nginx实现主备负载均衡
# lb01(MASTER)和lb02(BACKUP)都需要安装
yum install keepalived -y
cp /etc/keepalived/keepalived.conf{,.bak} #备份keepalived配置文件
# 配置文件lb01(MASTER)
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
960503480@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL #不同keepalived要不同
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.90.3/24 dev eth0 label eth0:1
}
}
[root@lb01 ~]# /etc/init.d/keepalived start # 启动服务
# 配置文件lb02(BACKUP)
[root@ld02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
960503480@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL1 #和MASTER不同
}
vrrp_instance VI_1 {
state BACKUP # 为备份
interface eth0
virtual_router_id 51
priority 100 # 优先级比MASTER低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.90.3/24 dev eth0 label eth0:1
}
}
[root@lb02 ~]# /etc/init.d/keepalived start # 启动服务
# 测试,这里的keepalived的作用就是当其中任意一台机器宕掉之后另外一台还可以继续提供基于虚拟IP的访问。
[root@lb01 ~]# ip addr |grep 192.168.90.3 #MASTER的有分配的IP别名
inet 192.168.90.3/24 scope global secondary eth0:1
[root@ld02 ~]# ip addr |grep 192.168.90.3 #BACKUP上没有分配
[root@ld02 ~]#
# 当MASTER的宕掉之后BACKUP上就会分配有IP别名