nginx高可用集群
防止单点故障
原理:
使用nginx做负载均衡,代理后端web进行转发,防止web服务单点故障,而使用keepalive健康检查nginx服务,防止负载均衡单点故障
架构:
实验:
#环境
#客户端 192.168.5.4
nginx+keepalived1 192.168.5.5
nginx+keepalived2 192.168.5.6
httpd1 192.168.5.7
httpd2 192.168.5.8
#web1和web2
yum -y install httpd
echo httpd1 > /var/www/html/index.html
echo httpd2 > /var/www/html/index.html
systemctl restart httpd
systemctl stop firewalld
setenforce 0
curl 192.168.5.7
httpd1
#nginx+keepalived 5.5/5.6
#两台安装nginx
#两台安装keepalive
yum -y install popt-devel kernel-devel openssl openssl-devel
tar -zxf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13/
./configure --prefix=/ --with-kernel-dir=/usr/src/kernel && make && make install
#更改keepalive 5.5
vim /etc/keepalived/keepalived.conf
vrrp_script chk_nginx { #检查nginx的健康状态的模块
script '/etc/keepalived/check_nginx.sh' #使用的脚本文件
interval 2 #每隔两秒钟执行脚本
weight -20 #权重
}
vrrp_instance VI_1 {
state MASTER
nopreempt #开启非抢占模式
interface ens33 #接收漂移ip的网卡
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.5.150/24 #漂移ip
}
track_script { #vrrp协议组使用上面的检查模块
chk_nginx
}
}
#书写上述keepalive所配置脚本内容,让其如果nginx如果有问题,则nginx服务关掉,keepalived,宕掉,漂移ip则飘到从上
vim /etc/keepalived/check_nginx.sh
#!/bin/bash
killall -0 nginx #检查nginx的状态
if [ $? -ne 0 ] #如果反馈不等于0
then
/etc/init.d/keepalived stop #则keepalived停止,漂移ip就会到从上
fi
#复制配置文件及脚本
scp /etc/keepalived/keepalived.conf root@192.168.5.6:/etc/keepalived/
scp /etc/keepalived/check_nginx.sh root@192.168.5.6:/etc/keepalived/
#更改nginx 5.5,使其所有请求转向httpd
vim /usr/local/nginx/conf/nginx.conf
upstream apache { #负载均衡模块,与server平级
server 192.168.5.7 max_fails=2 fail_timeout=30;
server 192.168.5.8 max_fails=2 fail_timeout=30;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
# root html;
# index index.html index.htm;
proxy_pass http://apache;
}
#复制nginx配置文件到5.6
scp /usr/local/nginx/conf/nginx.conf root@192.168.5.6:/usr/local/nginx/conf/
#更改keepalived 5.6
vim /etc/keepalived/keepalived.conf
state BACKUP #主备
priority 90 #优先级
#两台nginx+keepalived给脚本加权限
chmod a+x /etc/keepalived/check_nginx.sh
#两台nginx+keepalived重启服务
nginx -s
killall -9 nginx
nginx
systemctl stop firewalld
setenforce 0
#两台启动keepalived
service keepalived start
#验证nginx+keepalived1虚拟IP
ip a
inet 192.168.5.150/32 scope global ens33
valid_lft forever preferred_lft forever
#主的nginx服务关闭,查看飘移IP地址
主: killall -9 nginx
从: ip a
inet 192.168.5.6/24 brd 192.168.5.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.5.150/24 scope global secondary ens33
valid_lft forever preferred_lft forever
#飘移到从上后恢复主nginx,飘移IP地址并未回到主,查看是否是因为抢占模式,主备身份和优先级
#client通过虚拟ip访问
curl 192.168.5.150
apache
curl 192.168.5
apache2
#第一次依然访问不到150,可以ping150通畅,curl5.7/5.8没有问题,删除抢占模式,增加虚拟ip子网掩码后正常
client通过虚拟ip访问
curl 192.168.5.150
apache
curl 192.168.5
apache2
#第一次依然访问不到150,可以ping150通畅,curl5.7/5.8没有问题,删除抢占模式,增加虚拟ip子网掩码后正常