varnish配置
关闭上次实验集群
[root@server1 ~]# pcs cluster stop --all
server1: Stopping Cluster (pacemaker)...
server4: Stopping Cluster (pacemaker)...
server4: Stopping Cluster (corosync)...
server1: Stopping Cluster (corosync)...
[root@server1 ~]# pcs cluster disable --all
server1: Cluster Disabled
server4: Cluster Disabled
[root@server1 ~]# pcs status
Error: cluster is not currently running on this node
[root@server1 ~]# systemctl disable --now pcsd
Removed symlink /etc/systemd/system/multi-user.target.wants/pcsd.service.
[root@server1 ~]# ssh server4 systemctl disable --now pcsd
Removed symlink /etc/systemd/system/multi-user.target.wants/pcsd.service.
[root@server1 ~]#
[root@server1 ~]# netstat -antlp #查看端口进程是否结束
一、varnish初步安装配置
1.安装并配置varnish
[root@server1 ~]# ls
jemalloc-3.6.0-1.el7.x86_64.rpm varnish-4.0.5-1.el7.x86_64.rpm
jemalloc-devel-3.6.0-1.el7.x86_64.rpm varnish-libs-4.0.5-1.el7.x86_64.rpm
[root@server1 ~]# yum install -y *
[root@server1 ~]# cd /etc/varnish/
[root@server1 varnish]# ls
default.vcl secret varnish.params
[root@server1 varnish]# vim default.vcl
[root@server1 varnish]# vim varnish.params
VARNISH_LISTEN_PORT=80
[root@server1 varnish]# vim /usr/lib/systemd/system/varnish.service
[root@server1 varnish]# vim /etc/security/limits.conf
[root@server1 varnish]# tail -n3 /etc/security/limits.conf
varnish - nofile 140000
varnish - memlock 100000
[root@server1 varnish]# systemctl start varnish #启动服务
[root@server1 varnish]# systemctl status varnish
[root@server1 varnish]# netstat -antlp |grep :80 #查看端口,保证服务启动
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4404/varnishd
tcp6 0 0 :::80 :::* LISTEN 4404/varnishd
配置文件 default.vcl
(1)根据不同的域名,分发到不同的后端主机:
(2)配置文件varnish.params
(3)Server3和Serve2,启动http服务,修改默认页面
[root@server2 ~]# echo 'www.westos.org' > /var/www/html/index.html
[root@server2 ~]# systemctl start httpd
[root@server3 ~]# echo 'bbs.westos.org' > /var/www/html/index.html
[root@server3 ~]# systemctl start httpd
2.真机访问
cdn缓存存放时间是120秒,每120秒重新获取
二、设置负载均衡及健康检测
1.负载均衡
[root@server1 varnish]# vim default.vcl
backend web3 {
.host = "172.25.15.4";
.port = "80";
}
import directors;
sub vcl_init {
new web_cluster = directors.round_robin();
web_cluster.add_backend(web1);
web_cluster.add_backend(web3);
}
[root@server1 varnish]# systemctl reload varnish.service
修改server2和server3的http默认发布文件
2.健康监测
probe backend_healthcheck {
.url = "/index.html";
.window = 3;
.threshold = 2;
.interval = 3s;
}
backend web1 {
.host = "172.25.15.2";
.port = "80";
.probe = backend_healthcheck;
}
backend web2 {
.host = "172.25.15.3";
.port = "80";
.probe = backend_healthcheck;
}
backend web3 {
.host = "172.25.15.4";
.port = "80";
.probe = backend_healthcheck;
}
关闭server3的http服务
真机测试
只访问server2
三、nginx代理
1.安装nginx
[root@server4 ~]# ls
nginx-1.20.1.tar.gz
[root@server4 ~]# tar -zxf nginx-1.20.1.tar.gz
[root@server4 ~]# cd nginx-1.20.1/
[root@server4 nginx-1.20.1]# ls
auto CHANGES.ru configure html man src
CHANGES conf contrib LICENSE README
[root@server4 nginx-1.20.1]# yum install -y gcc
[root@server4 nginx-1.20.1]# ls
auto CHANGES.ru configure html man src
CHANGES conf contrib LICENSE README
[root@server4 nginx-1.20.1]# ./configure --with-http_ssl_module
[root@server4 nginx-1.20.1]# make
[root@server4 nginx-1.20.1]# make install
2.配置nginx
[root@server4 nginx-1.20.1]# cd /usr/local/nginx/
[root@server4 nginx]# ls
conf html logs sbin
[root@server4 nginx]# cd sbin/
[root@server4 sbin]# pwd
/usr/local/nginx/sbin
[root@server4 sbin]# ls
nginx
[root@server4 sbin]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/
[root@server4 sbin]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server4 sbin]#
[root@server4 sbin]# cd /usr/local/nginx/conf/
[root@server4 conf]# ls
fastcgi.conf koi-win scgi_params
fastcgi.conf.default mime.types scgi_params.default
fastcgi_params mime.types.default uwsgi_params
fastcgi_params.default nginx.conf uwsgi_params.default
koi-utf nginx.conf.default win-utf
[root@server4 conf]# vim nginx.conf
[root@server4 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server4 conf]# nginx
[root@server4 conf]#
配置vim /usr/local/nginx/conf/nginx.conf
[root@server1 varnish]# vim default.vcl
[root@server1 varnish]# systemctl reload varnish.service #重启服务
3.启动并测试
真机172.25.254.15
www.westos.org -server2
[root@foundation15 ~]# curl www.westos.org
www.westos.org -server3
[root@foundation15 ~]# curl www.westos.org
www.westos.org -server2
[root@foundation15 ~]# curl www.westos.org
www.westos.org -server3
[root@foundation15 ~]# curl www.westos.org
www.westos.org -server2
(1)负载均衡
(2)产看日志,访问来源
[root@server2 ~]# tail /var/log/httpd/access_log -f
从172.25.15.4上调取
4.获取来源改为真机ip172.25.15.250
(1)server3安装nginx并配置
[root@server3 ~]# systemctl stop httpd.service #关闭http服务
[root@server3 ~]# ls
nginx-1.20.1.tar.gz
[root@server3 ~]# tar -zxf nginx-1.20.1.tar.gz
[root@server3 ~]# ls
nginx-1.20.1 nginx-1.20.1.tar.gz
[root@server3 ~]# cd nginx-1.20.1/
[root@server3 nginx-1.20.1]# l
s-bash: l: command not found
[root@server3 nginx-1.20.1]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE man README src
[root@server3 nginx-1.20.1]# yum install -y gcc pcre-devel openssl-devel
[root@server3 nginx-1.20.1]# ./configure --with-http_realip_module --with-http_ssl_module
[root@server3 nginx-1.20.1]# make
[root@server3 nginx-1.20.1]# make install
[root@server3 nginx-1.20.1]# ln /usr/local/nginx/sbin/nginx /usr/local/bin
[root@server3 nginx-1.20.1]# cd /usr/local/nginx/conf/
[root@server3 conf]# ls
fastcgi.conf koi-win scgi_params
fastcgi.conf.default mime.types scgi_params.default
fastcgi_params mime.types.default uwsgi_params
fastcgi_params.default nginx.conf uwsgi_params.default
koi-utf nginx.conf.default win-utf
[root@server3 conf]# vim nginx.conf
location / {
root html;
index index.html index.htm;
real_ip_header X-Forwarded-For; #添加
real_ip_recursive on; #添加
set_real_ip_from 172.25.15.0/24; #添加
}
[root@server3 conf]# nginx -t
[root@server3 ~]# nginx
(2)server4配置
[root@server4 conf]# vim nginx.conf
http {
upstream westos {
server 172.25.15.3:80;
#server 172.25.15.2:80; #注释
}
[root@server4 conf]# nginx -s reload #刷新nginx服务
(3)真机访问,server3查看nginx访问日志
[root@foundation15 ~]# curl www.westos.org
[root@server3 ~]# tail -n3 /usr/local/nginx/logs/access.log
172.25.15.1 - - [13/Jul/2021:02:24:19 -0400] "GET /index.html HTTP/1.1" 200 612 "-" "-"
172.25.15.250 - - [13/Jul/2021:02:24:26 -0400] "GET / HTTP/1.0" 200 612 "-" "curl/7.61.1"
172.25.15.250 - - [13/Jul/2021:02:24:27 -0400] "GET / HTTP/1.0" 200 612 "-" "curl/7.61.1"
[root@server3 ~]#
日志可以看到客户端的真实ip:172.25.15.250