keepalived实现Nginx单主模式反向代理的高可用

最新推荐文章于 2022-12-24 10:56:51 发布
最新推荐文章于 2022-12-24 10:56:51 发布
阅读量1.7k 收藏
点赞数
分类专栏: Linux运维 文章标签: linux 运维
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_51867896/article/details/124221866
版权

keepalived实现Nginx单主模式反向代理的高可用

环境准备

五台机器:

client:10.0.0.150/24

VIP:10.0.0.10

ka1+nginx:10.0.0.7/24 virtual router ID:66
ka2+nginx:10.0.0.17/24 virtual router ID:66

web1:10.0.0.27/24 httpd
web2:10.0.0.37/24 httpd

[root@ka1 conf.d]#pwd
/etc/keepalived/conf.d
[root@ka1 conf.d]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
       root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1
   vrrp_mcast_group4 224.100.101.33
}
vrrp_script check_down {  #定义一个检测脚本,在global_defs 之外配置
    script "[ ! -f /etc/keepalived/down ]"  #shell命令或脚本路径(注意执行权限)
    interval 1  #间隔时间,单位为秒,默认1秒
    weight -30
    fall 3 #执行脚本连续几次都失败,则转换为失败,建议设为2以上
    rise 2  #执行脚本连续几次都成功,把服务器从失败标记为成功
    timeout 2  #超时时间
}
include /etc/keepalived/conf.d/*.conf

[root@ka1 conf.d]#cat ka1_vrrp.conf

vrrp_instance ka1 {
    state MASTER
    interface eth0
    virtual_router_id 66
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 6iWOIsiu
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.7
    unicast_peer{
        10.0.0.17
    }
    track_script {
    check_down  #调用前面定义的脚本
    }
}

[root@ka2 conf.d]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
       root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2
   vrrp_mcast_group4 224.100.101.33
}
vrrp_script check_down {
    script "[ ! -f /etc/keepalived/down ]"
    interval 1
    weight -30
    fall 3
    rise 2
    timeout 2
}
include /etc/keepalived/conf.d/*.conf

[root@ka2 conf.d]#cat ka1_vrrp.conf
vrrp_instance ka1 {
    state BACKUP
    interface eth0
    virtual_router_id 66
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 6iWOIsiu
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.17
    unicast_peer{
        10.0.0.7
    }
    track_script {
    check_down
    }
}

[root@ka1 conf.d]#systemctl restart keepalived.service
[root@ka2 conf.d]#systemctl restart keepalived.service

[root@ka1 conf.d]#touch /etc/keepalived/down
[root@ka1 conf.d]#hostname -I
10.0.0.7
[root@ka2 conf.d]#hostname -I
10.0.0.17 10.0.0.10

#抓包分析
[root@client ~]#tcpdump -i eth0 -nn src host 10.0.0.17 and dst host 10.0.0.7
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:57:04.034918 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
18:57:05.039176 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
18:57:06.042256 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
18:57:07.043879 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20

[root@ka1 conf.d]#rm -rf /etc/keepalived/down
[root@ka1 conf.d]#hostname -I
10.0.0.7 10.0.0.10
[root@ka2 conf.d]#hostname -I
10.0.0.17

[root@client ~]#tcpdump -i eth0 -nn src host 10.0.0.7 and dst host 10.0.0.17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:23:29.842301 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
19:23:30.828661 ARP, Request who-has 10.0.0.17 tell 10.0.0.7, length 46
19:23:30.850178 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
19:23:31.851128 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 2

#在两个节点都配置nginx反向代理
[root@ka1 conf.d]#vim /etc/nginx/nginx.conf
http {
    upstream webservers {
        server 10.0.0.27:80;
        server 10.0.0.37:80;
    }
    server {
        listen 80;
        location / {
            proxy_pass http://webservers;
        }

    }
}

[root@ka1 conf.d]#nginx -t
[root@ka1 conf.d]#nginx -s reload

#测试
[root@client ~]#curl http://10.0.0.10
10.0.0.27
[root@client ~]#curl http://10.0.0.10
10.0.0.37
[root@client ~]#curl http://10.0.0.10
10.0.0.27
[root@client ~]#curl http://10.0.0.10
10.0.0.27

[root@ka1 conf.d]#scp /etc/nginx/nginx.conf 10.0.0.17:/etc/nginx/
[root@ka2 conf.d]#nginx -s reload

[root@client ~]#curl http://10.0.0.7
10.0.0.37
[root@client ~]#curl http://10.0.0.7
10.0.0.27
[root@client ~]#curl http://10.0.0.7
10.0.0.37
[root@client ~]#curl http://10.0.0.7
10.0.0.27
[root@client ~]#curl http://10.0.0.17
10.0.0.27
[root@client ~]#curl http://10.0.0.17
10.0.0.37
[root@client ~]#curl http://10.0.0.17
10.0.0.27
[root@client ~]#curl http://10.0.0.17
10.0.0.37

[root@ka1 conf.d]#cat check_nginx.sh
#!/bin/bash
killall -0 nginx &> /dev/null

[root@ka1 conf.d]#chmod +x check_nginx.sh

[root@ka1 conf.d]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
       root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1
   vrrp_mcast_group4 224.100.101.33
}
vrrp_script check_down {
    script "[ ! -f /etc/keepalived/down ]"
    interval 1
    weight -30
    fall 3
    rise 2
    timeout 2
}
vrrp_script check_nginx {
    script "/etc/keepalived/conf.d/check_nginx.sh"
    interval 1
    weight -30
    fall 3
    rise 2
    timeout 2
}
include /etc/keepalived/conf.d/*.conf

[root@ka1 conf.d]#cat ka1_vrrp.conf

vrrp_instance ka1 {
    state MASTER
    interface eth0
    virtual_router_id 66
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 6iWOIsiu
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.7
    unicast_peer{
        10.0.0.17
    }
    track_script {
    check_down
    check_nginx
    }
}

[root@ka1 conf.d]#scp check_nginx.sh 10.0.0.17:/etc/keepalived/conf.d/

[root@ka2 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
       root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2
   vrrp_mcast_group4 224.100.101.33
}
vrrp_script check_down {
    script "[ ! -f /etc/keepalived/down ]"
    interval 1
    weight -30
    fall 3
    rise 2
    timeout 2
}
vrrp_script check_nginx {
    script "/etc/keepalived/conf.d/check_nginx.sh"
    interval 1
    weight -30
    fall 3
    rise 2
    timeout 2
}
include /etc/keepalived/conf.d/*.conf

[root@ka2 conf.d]#cat ka1_vrrp.conf

vrrp_instance ka1 {
    state BACKUP
    interface eth0
    virtual_router_id 66
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 6iWOIsiu
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.17
    unicast_peer{
        10.0.0.7
    }
    track_script {
    check_down
    check_nginx
    }
}

[root@ka1 conf.d]#systemctl restart keepalived.service
[root@ka2 conf.d]#systemctl restart keepalived.service

[root@ka1 conf.d]#hostname -I
10.0.0.7 10.0.0.10

[root@client ~]#tcpdump -i eth0 -nn src host 10.0.0.7 and dst host 10.0.0.17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
21:45:17.787720 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:45:18.791075 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:45:19.813535 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 2

[root@ka1 conf.d]#systemctl stop keepalived.service
[root@client ~]#tcpdump -i eth0 -nn src host 10.0.0.17 and dst host 10.0.0.7
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
21:50:04.521889 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
21:50:05.524361 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20
21:50:06.527239 IP 10.0.0.17 > 10.0.0.7: VRRPv2, Advertisement, vrid 66, prio 80, authtype simple, intvl 1s, length 20

#测试
[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.37
[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.37

[root@ka2 conf.d]#hostname -I
10.0.0.17 10.0.0.10

[root@ka1 conf.d]#systemctl start keepalived.service
[root@client ~]#tcpdump -i eth0 -nn src host 10.0.0.7 and dst host 10.0.0.17
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
21:55:27.708874 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:55:28.719734 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:55:29.525266 ARP, Reply 10.0.0.7 is-at 00:0c:29:33:b7:af, length 46
21:55:29.736392 IP 10.0.0.7 > 10.0.0.17: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20

[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.37
[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.37

[root@ka1 conf.d]#hostname -I
10.0.0.7 10.0.0.10

[root@ka1 conf.d]#killall -9 nginx
[root@ka2 conf.d]#hostname -I
10.0.0.17 10.0.0.10

[root@client ~]#curl 10.0.0.10
10.0.0.27
[root@client ~]#curl 10.0.0.10
10.0.0.37
[root@client ~]#curl 10.0.0.10
10.0.0.37
[root@client ~]#curl 10.0.0.10
10.0.0.27
一直在努力学习的菜鸟
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
Nginx+Keepalived实现nginx高可用和负载均衡详细步骤
02-10
本文档详细介绍了如何利用keepalived实现Nginx高可用和负载均衡的步骤,且已经在生产环境中部署验证通过
Keepalived实现单主模式的Nginx反向代理高可用
y_zilong的博客
06-19 204
在两个节点都配置nginx反向代理 [root@ka1 ~]# vim /etc/nginx/nginx.conf http { upstream websrvs { server 10.0.0.40:80 weight=1; server 10.0.0.50:80 weight=1; } server { listen 80; location / { proxy_pass http://websrvs/; } }
keepalived+nginx反向代理负载均衡配置
Vic的博客
06-07 862
目录1 实现Nginx负载均衡的组件说明2 Nginx负载均衡实验环境准备3 Nginx反向代理负载均衡安装4 keepalived+Nginx实现主备负载均衡1 实现Nginx负载均衡的组件说明Nginx http功能模块模块说明ngx_http_proxy_moduleproxy代理模块,用于把请求后抛给服务器节点或upstream服务器池ngx_http_upstream_module负载均...
04.Keepalived实战----Keepalived实现单主模式的Nginx反向代理高可用
Wsjm666的博客
12-04 151
04.Keepalived实战----Keepalived实现单主模式的Nginx反向代理高可用
keepalived配合nginx反向代理
staight的博客
03-24 576
前言 keepalived的负载均衡功能默认是通过lvs实现的.实际上,也可以配合其他的负载均衡软件一起工作,例如nginx 准备 node1:192.168.10.201 node2:192.168.10.202 node3:192.168.10.203 node4:192.168.10.204 vip:192.168.10.200 其中node1和node2作为dire...
【博客565】nginx + keepalived实现高可用反向代理
qq_43684922的博客
12-24 1266
注意:在listen那里要配置80这样的不带ip的,表示监听0.0.0.0:80,不可以将vip配置进去错误做法:listen vip:80错误原因:如果这样配,当vip飘走的时候,这个节点的nginx会启动失败,因为找不到有绑定vip的网卡,这样下次vip飘回来的时候,得重启nginx才能正常工作。
keepalived实现nginx高可用
09-15
主要为大家详细介绍了keepalived实现nginx高可用,具有一定的参考价值,感兴趣的小伙伴们可以参考一下
详解Keepalived+Nginx实现高可用(HA)
09-30
主要介绍了详解Keepalived+Nginx实现高可用(HA),小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
高可用Keepalived+Nginx实现高可用Web负载均衡
最新发布
11-07
高可用Keepalived+Nginx实现高可用Web负载均衡
keepalived结合nginx实现nginx高可用的方法
09-30
主要介绍了keepalived结合nginx实现nginx高可用的方法,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
Keepalived实现Nginx负载均衡高可用的示例代码
09-29
主要介绍了Keepalived实现Nginx负载均衡高可用的示例代码,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
nginx结合keepalived实现高可用的完整步骤
09-29
主要给大家介绍了关于nginx结合keepalived实现高可用的完整步骤,文中通过示例代码介绍的非常详细,对大家学习或者使用nginx具有一定的参考学习价值,需要的朋友们下面来一起学习学习吧
Nginx+Keepalived实现nginx高可用详细步骤.docx
12-15
Nginx+Keepalived实现nginx高可用详细步骤.docx
keepalived+nginx高可用实现方法示例
09-29
主要介绍了keepalived+nginx高可用实现方法示例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
Keepalived+Nginx+Tomcat 实现高可用Web集群的示例代码
01-10
Keepalived+Nginx+Tomcat 实现高可用Web集群 一、Nginx的安装过程 1.下载Nginx安装包,安装依赖环境包 (1)安装 C++编译环境 yum -y install gcc #C++ (2)安装pcre yum -y install pcre-devel (3)安装zlib yum -y...
keepalived实现高可用nginx反向代理(Web集群)
延瓒
12-22 1531
一、代理服务器概述 代理服务可简的分为正向代理和反向代理: 1)正向代理: 用于代理内部网络对Internet的连接请求(如VPN/NAT),客户端指定代理服务器,并将本来要直接发送给目标Web服务器的HTTP请求先发送到代理服务器上, 然后由代理服务器去访问Web服务器, 并将Web服务器的Response回传给客户端: 2)反向代理:与正向代理相反,如果局域网向Internet提供资...
高可用集群KEEPALIVED及企业级反向代理HAproxy
GRAGON_W的博客
01-14 1538
一、简述keepalived工作原理 二、编译安装haproxy 环境centos7 HAProxy 支持基于lua实现功能扩展,lua是一种小巧的脚本语言,于1993年由巴西里约热内卢天主教大学(Pontifical Catholic University of Rio de Janeiro)里的一个研究小组开发,其设计目的是为了嵌入应用程序中,从而为应用程序提供灵活的扩展和定制功能。 Lua 应用场景 游戏开发 独立应用脚本 Web 应用脚本 扩展和数据库插件,如MySQL Proxy 安全系统,如入
Keepalived+Nginx实现高可用反向代理---Nginx安装及配置
热门推荐
通往精英的成长之路
03-12 2万+
【前言】 项目中总有些研究性的工作来做,记得一年多之前也是在研究Nginx,当时也是苦战了一周左右;时隔一年对它的理解又加深了许多,不过也下了些功夫将它又进行了深入的研究 虽然网上已经有很多文章在写,并且这种技术已经很成熟,不过根据具体的业务场景应用不同以及自己研究的时候还是踩了许多的坑;还是有写出来一是整理一下自己最近的实验,二是或许会对读者有些帮助。 【研究之路】 ...
keepalived高可用nginx反向代理实战
南风喃的博客
08-14 434
1.环境 2.查看nginxkeepalived的配置 2.1查看lb-01主节点配置 2.2查看lb-02备节点配置 3.启动nginx+keepalived 4.测试nginx反向代理 4.1lb-01主节点测试nginx反向代理 4.2lb-02备节点测试nginx反向代理 5.测试keepalived 5.1关掉主节点的keepalived后,查看备节点是否接管 5.2开启主...
keepalived实现nginx反向代理
09-16
对于nginx反向代理,可以使用keepalived实现负载均衡,将请求分发到多个nginx服务器。 在配置文件中,可以定义两个keepalived实例,一个作为主服务器(MASTER),另一个作为备份服务器(BACKUP)。实例之间使用...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

一直在努力学习的菜鸟

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值