负载均衡回顾
1.四层和七层的区别,实际环境;四层分流,七层根据域名负载到后端服务器
2.负载均衡的选择
nginx 四层和七层
LVS 四层 (nat,iptables)
HAproxy 四层和七层
F5 四层和七层
SLB 四层和七层
3.session
会话保持:ip_hash
会话共享:写入redis或mysql
写入浏览器:
手机客户端:
http {
......
upstream firefox {
server 172.31.57.133:80;
}
upstream chrome {
server 172.31.57.133:80;
}
upstream iphone {
server 172.31.57.133:80;
}
upstream android {
server 172.31.57.133:80;
}
upstream default {
server 172.31.57.133:80;
}
}
server {
listen 80;
server_name www.xuliangwei.com;
location / {
if ($http_user_agent ~* "Firefox") {
proxy_pass http://firefox;
}
if ($http_user_agent ~* "Chrome") {
proxy_pass http://chrome;
}
if ($http_user_agent ~* "iphone") {
proxy_pass http://iphone;
}
if ($http_user_agent ~* "android") {
proxy_pass http://andriod;
}
proxy_pass http://default;
include proxy_conf;
}
}
高可用
双机热备
hot standby
HSRP
VRRP
1.将所有设备加入到一个虚拟组
2.具有相同的虚拟IP
3.主机会在发送数据的时候,在数据包的目标地址写上虚拟的IP和MAC
4.虚拟组收到数据后,会将目标地址转换成当前虚拟组的master这个的IP和MAC
角色:一主多备
实际工作角色:主
通过优先级选举主备:越高越优先 最大值100
裂脑
keepalived高可用搭建
1.环境准备
2.安装软件
yum -y install keepalived
3.配置文件(router_ID, state priority不一样,其他都一样)
vim /etc/keepalived/keepalived.conf
global_defs {
router_id LB01 #LB02
script_user root
enable_script_security
}
vrrp_instance VI_1 {
state MASTER #BACKUP
interface eth0
virtual_router_id 51 #尽量设置成别的数字
priority 100 #90
adver_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
systemctl start keepalived
systemctl enable keepalived
ip address #查看虚拟IP 是否存在于master上
ip add show dev eth 0
nmcli connection down eth 0 #down 主设备接口
高可用裂脑
网线松动、硬件故障,开启了firewalld,nginx服务不正常
解决方法
1.在备节点上编写脚本,测试如果能ping同主且备节点还有VIP,则认为是裂脑
-a #并且
cat check_split_brain.sh
#!/bin/sh
lb01_vip=10.0.0.3
lb01_ip=10.0.0.5
while true; do
ping -c 2 -w 3 $lb01_ip &>/dev/null
if [ $? -eq 0 -a `ip add |grep "$lb01_vip" |wc -l` -eq 1 ]; then
ehco "ha is split bran.warining."
else
ehco "ha is ok"
fi
sleep 5
done
2.在主设备上,编写一个脚本检测,检测nginx的存活状态,如果不存活则kill nginx和keepalived
检测一次,开启nginx,再检测一次,如果不存活,则关闭keepalived
vim /server/scripts/check_web.sh\
#!/bin/sh
while true;do
nginxpid=$(ps -C nginx --no-header|wc -l)
if [ $nginxpid -eq 0 ]; then
systemctl start nginx
sleep 5
nginxpid=$(ps -C nginx --no-header|wc -l)
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
exit 1
fi
fi
sleep 5
done
3.在keepalived配置文件中调用脚本,主备都需要操作
global_defs {
router_id LVS_01
}
vrrp_script check_web {
script "/server/scripts/check_web.sh"
interval 2
weight 50
}
vrrp_instance V1_1 {
track_script {
check_web
}
}
源码安装keepalived
1.下载源码
wget https://www.keepalived.org/software/keepalived-2.2.0.tar.gz --no-check-certificate
2.安装依赖
yum -y install openssl openssl-devel libnl* libnfnetlink-devel
3.编译安装
# 解压
tar -zxvf keepalived-2.2.0.tar.gz
# 进入目录
cd /server/soft/keepalived-2.2.0
# 创建安装目录
mkdir /usr/local/keepalived
# 配置安装目录
./configure --prefix=/usr/local/keepalived/
#编译
make && make install
4.配置
# 创建/etc/keepalived目录
mkdir /etc/keepalived
# 拷贝文件到目录
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
# 这个从keepalived源码目录复制,安装目录中没有
cp /server/soft/keepalived-2.2.0/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/
# 开机启动
chkconfig keepalived on
service keepalived start #启动服务
service keepalived stop #停止服务
service keepalived restart #重启服务
service keepalived status #状态
#查看keepalived进程
ps -ef | grep keepalived
keepalived systemd 管理
[root@nginx001 scripts]# cat /usr/lib/systemd/system/keepalived.service
[Unit]
Description=LVS and VRRP High Availability Monitor
After=network-online.target syslog.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/keepalived.pid
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
指定配置文件,配置文件错误,可能会报错 Fail to start LVS and VRRP Avaliability Monitor
cat /etc/sysconfig/keepalived
KEEPALIVED_Options="-f /etc/keepalived/keepalived.conf -D -S 0"
4326
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
