当前位置: 56net亚洲必嬴 > 操作系统 > 正文

56net亚洲必嬴Keepalived完毕Nginx双主高可用负载均衡

时间:2019-11-01 10:21来源:操作系统
福寿齐天双主模型的ngnix高可用(后生可畏) 实验目标:使用keepalived完成Nginx的双主高可用负载均衡集群。 准备:主机7台 client: 172.18.x.x 调度器:keepalived+nginx 带172.18.x.x/16 网卡 192.168.23

福寿齐天双主模型的ngnix高可用(后生可畏)

56net亚洲必嬴 1

实验目标:使用keepalived完成Nginx的双主高可用负载均衡集群。

56net亚洲必嬴 2

准备:主机7台

client:

172.18.x.x

调度器:keepalived+nginx 带172.18.x.x/16 网卡

192.168.234.27

192.168.234.37

real_server

192.168.234.47

192.168.234.57

192.168.234.67

192.168.234.77

尝试情状:两台Nginx proxy(双主Nginx,各须求两块网卡,eth0连接内网,eth1连接外网)、两台web server(乞求的负载均衡)、一台client用于注解结果。


单主模型IPVS示例

尝试结果

  1 [root@234c17 ~]# for i in {1..4};do curl www.a.com;curl www.b.com;sleep 1;done
  2 234.57
  3 234.77
  4 234.47
  5 234.67
  6 234.57
  7 234.77
  8 234.47
  9 234.67

56net亚洲必嬴 3


配置keepalive

高可用的ipvs集群示例:改革keepalived配置文件

过程:

小心:为了不影响实验结果,在试验起头前先关闭iptables和selinux

一、haproxy和nginx的区别

改革主机:192.168.234.27的keepalived配置文件

  1 [root@234c27 ~]# vim /etc/keepalived/keepalived.conf
  2 ! Configuration File for keepalived
  3 
  4 global_defs {
  5 notification_email {
  6 root@localhost  //接受邮件地址
  7 }
  8 notification_email_from keepalived@localhost  //发送邮件地址
  9 smtp_server 127.0.0.1  //发送邮件服务器IP
 10 smtp_connect_timeout 30  //邮件连接超时时长
 11 router_id kptwo  //路由id
 12 vrrp _mcast_group4 234.10.10.10  //指定vrrp协议的多播地址
 13 }
 14 
 15 vrrp_instance VI_1 {  //vrrp协议的
 16 state MASTER  //lvs的MASTER服务器
 17 interface ens37  //
 18 virtual_router_id 50  //虚拟路由
 19 priority 100  //权重为100.越大越先
 20 advert_int 1  //发送组博包的间隔
 21 authentication {  //验证
 22 auth_type PASS  //方式为pass( 明文)
 23 auth_pass 1111  //密码
 24 }
 25 virtual_ipaddress { //keepalived虚拟ip
 26 10.0.0.100/24
 27 }
 28 }
 29 virtual_server 10.0.0.100 80 {
 30     delay_loop 6  //检查后端服务器的时间间隔
 31     lb_algo wrr  //定义调度方法
 32     lb_kind DR  //集群的类型
 33     #persistence_timeout 50  //持久连接时长
 34     protocol TCP  //服务协议,仅支持TCP
 35     real_server 192.168.234.47 80 {  //后端real_server服务器地址
 36         weight 1 //权重
 37         HTTP_GET {  //应用层检测
 38             url {
 39               path /  //定义要监控的URL
 40               status_code 200  //判断上述检测机制为健康状态的响应码
 41             }
 42             connect_timeout 3  //连接请求的超时时长
 43             nb_get_retry 3  //重试次数
 44             delay_before_retry 3  //重试之前的延迟时长
 45         }
 46     }
 47     real_server 192.168.234.57 80 {
 48         weight 2
 49         HTTP_GET {
 50             url {
 51                 path /
 52                 status_code 200
 53             }
 54             connect_timeout 3
 55             nb_get_retry 3
 56             delay_before_retry 3
 57         }
 58     }
 59 }

一、先配置4台real_server,安装好测量检验用的httpd

  1 [root@234c47 ~]# curl 192.168.234.47;curl 192.168.234.57;curl 192.168.234.67;curl 192.168.234.77
  2 234.47
  3 234.57
  4 234.67
  5 234.77

操作步骤:

Haproxy的干活方式:代理形式为http和tcp做代办,可认为多样服务做代理,它是二个专程的代理服务器,本人无法成为web服务。

修改主机:192.168.234.37的keepalived配置文件

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id kptwo
   vrrp _mcast_group4 234.10.10.10
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens37
    virtual_router_id 50
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       10.0.0.100/24
    }
}
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP
    sorry_server 127.0.0.1:80
    real_server 192.168.234.47 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.234.57 80 {
        weight 2
        HTTP_GET {
            url {
              path /
                status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

二、配置keepalived

因为是双主模型

一、配置IP

56net亚洲必嬴,nginx的劳作情势:web形式和代办,Nginx只为WEB服务做代理。

查看keepalived

[root@234c37 ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
…………
[root@234c37 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
//暂无ipvsadm

1.配置keepalived主机234.27

[root@234c27 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    notification_email {
      root@localhost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id kpone
    vrrp _mcast_group4 234.10.10.10
 }
 vrrp_instance VI_1 {
     state MASTER
     interface ens33
     virtual_router_id 50
     priority 100
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 1111
     }
     virtual_ipaddress {
         172.18.0.100/16  //这ip调度 192.168.234.47/57
     }
 }
vrrp_instance VI_2 {
     state BACKUP
     interface ens33
     virtual_router_id 51
     priority 80
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 2222
     }
     virtual_ipaddress {
         172.18.0.200/16  //这ip调度 192.168.234.147/157
     }
}

1.配置A主机的IP


起步服务

[root@234c27 keepalived]# systemctl start keepalived.service
[root@234c27 keepalived]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2018-08-31 20:30:02 CST; 12s ago
  Process: 9657 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 9658 (keepalived)
………………
[root@234c27 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 wrr
  -> 192.168.234.47:80            Route   1      0          0
  -> 192.168.234.57:80            Route   2      0          0
//启动服务lvs vs已配置好

2.配置keepalived主机234.37

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    notification_email {
      root@localhost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id kpone
    vrrp _mcast_group4 234.10.10.10
 }
 vrrp_instance VI_1 {
     state BACKUP
     interface ens33
     virtual_router_id 50
     priority 80
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 1111
     }
     virtual_ipaddress {
         172.18.0.100/16  //这ip调度 192.168.234.47/57
     }
 }
vrrp_instance VI_2 {
     state MASTER
     interface ens33
     virtual_router_id 51
     priority 100
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 2222
     }
     virtual_ipaddress {
         172.18.0.200/16  //这ip调度 192.168.234.147/157
     }
}

如此那般双主模型简单的就搭建好了

# ip addr add dev eth0 192.168.10.2/24

二、安装配置

后端real_server准备

3.配置nginx主机234.27/37

先配置http语块

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    upstream web1{  //
        server 192.168.234.47:80;
        server 192.168.234.57:80;
        }
    upstream web2{
        server 192.168.234.67:80;
        server 192.168.234.77:80;
        }

/*
ngx_http_upstream_module
ngx_http_upstream_module模块
用于将多个服务器定义成服务器组,而由proxy_pass, fastcgi_pass等指令
进行引用
1、upstream name { ... }
定义后端服务器组,会引入一个新的上下文
默认调度算法是wrr
Context: http
upstream httpdsrvs {
server ...
server...
...
*/

接下来配置server

    server {
        listen       80 default_server; //默认监听80端口
        server_name www.a.com //域名
        listen       [::]:80 default_server;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
                proxy_pass http://web1 ;  //定义访问80端口的请求,以web1提供服务。而指定的web1在http语块中为 192.168.234.47/57:80 提供服务
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
    server {
        server_name www.b.com
        listen 80;
        location / {
                proxy_pass http://web2 ; //定义访问80端口的请求,以web2提供服务。而指定的web2在http语块中为 192.168.234.147/157:80 提供服务

        }
    }
}

如此那般访谈 www.a.com尽管访谈192.168.234.47/57:80

访问 www.b.com正是访谈192.168.234.67/77:80

今天顾客机将host增加www.a/b.com

172.18.0.100 www.a.com
172.18.0.200
www.b.com

    客商端将www.a.com 解析 172.18.0.100

[root@234c17 ~]# ping www.a.com
PING www.a.com (172.18.0.100) 56(84) bytes of data.
64 bytes from www.a.com (172.18.0.100): icmp_seq=1 ttl=64 time=0.358 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=2 ttl=64 time=0.376 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=3 ttl=64 time=0.358 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=4 ttl=64 time=0.366 ms

    客商端将www.b.com 解析 172.18.0.200

[root@234c17 ~]# ping www.b.com
PING www.b.com (172.18.0.200) 56(84) bytes of data.
64 bytes from www.b.com (172.18.0.200): icmp_seq=1 ttl=64 time=0.582 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=2 ttl=64 time=0.339 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=3 ttl=64 time=0.524 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=4 ttl=64 time=0.337 ms

结果:

  1 [root@234c17 ~]# for i in {1..4};do curl www.a.com;curl www.b.com;sleep 1;done
  2 234.57
  3 234.77
  4 234.47
  5 234.67
  6 234.57
  7 234.77
  8 234.47
  9 234.67

2.配置B主机的IP

1、安装

追加ip在网卡上 校正约束arp通知及应答品级 rs1 rs2都做,网关并指向路由

ip a a 10.0.0.100/32 dev ens37

echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce

route add default gw 192.168.234.17

安装httpd服务 写好网页文件

落到实处双主模型的ngnix高可用(二)

56net亚洲必嬴 4

# ip addr add dev eth0 192.168.10.23/24

# yum -y install haproxy

起步服务

56net亚洲必嬴 5

今日扩充实验

3.配置C主机的IP

注意,即使在生育中安装,应当要小心安装软件的本子要滞后最新版本生机勃勃到七个,不然,新本子中冒出了bug没办法消除将是致命的。

多主模型IPVS示例

56net亚洲必嬴 6

将192.168.234.47/57主机加ip地址

[root@234c47 ~]#ip a a dev ens37 192.168.167/24

[root@234c57 ~]#ip a a dev ens37 192.168.177/24

# ip addr add dev eth0 192.168.10.3/24

2、配置精解

配置keepalive

高可用的ipvs集群示例:改良keepalived配置文件

编排http的的安排文件扩张基于FQDN虚构主机

[root@234c47 ~]# vim /etc/httpd/conf.d/vhost.conf

<virtualhost 192.168.234.167:80>
 documentroot /data/web1
 servername www.a.com
< directory /data/web1>
 require all granted
< /directory>
< /virtualhost>

4.配置D主机的IP

************************全局配置*****************************

校订主机:192.168.234.27的keepalived配置文件

[root@234c27 keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id kpone
   vrrp _mcast_group4 234.10.10.10
}

vrrp_instance VI_1 {
    state MASTER
    interface ens37
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       10.0.0.100/24
    }
}
vrrp_instance VI_2 {
    state BACKUP
    interface ens37
    virtual_router_id 51
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 2222
    }
    virtual_ipaddress {
        10.0.0.200/24
    }
}
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP
    #sorry_server 127.0.0.1:80
    real_server 192.168.234.47 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
virtual_server 10.0.0.200 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP
    #sorry_server 127.0.0.1:80
    real_server 192.168.234.57 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

另贰个主机也丰裕设想主机

[root@234c57 ~]# vim /etc/httpd/conf.d/vhost.conf

<virtualhost 192.168.234.177:80>
documentroot /data/web1
servername www.a.com
<directory /data/web1>
require all granted
< /directory>
< /virtualhost>

# ip addr add dev eth0 192.168.10.33/24

Global
log     127.0.0.1 local2  # 定义全局日志服务器
chroot   /var/lib/haproxy  # 修改haproxy的工作目录到制定的目录,提高安全性
pidfile   /var/run/haproxy.pid # pid文件位置
maxconn   4000      # 最大连接数
user    haproxy     # 服务运行时的身份,也可以用uid来表示
group    haproxy     # 服务运行时的身份所属的组,可以用gid来表示
Daemon           # 服务以守护进程的身份运行
# turn on stats unix socket    # 默认打开UNIX socket
stats socket /var/lib/haproxy/stats # 指明unix socket 所在的位置
Node      www.a.com  # 定义当前节点的名称,用于HA场景中多haproxy进程共享同一个IP地址时
ulimit-n    100       # 设定每进程所能够打开的最大文件描述符数目,默认情况下其会自动进行计算,因此不推荐修改此选项

更正主机:192.168.234.37的keepalived配置文件

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id kptwo
   vrrp _mcast_group4 234.10.10.10
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens37
    virtual_router_id 50
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       10.0.0.100/24
    }
}
vrrp_instance VI_2 {
    state MASTER
    interface ens37
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 2222
    }
    virtual_ipaddress {
        10.0.0.200/24
    }
}
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP
    #sorry_server 127.0.0.1:80
    real_server 192.168.234.47 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
virtual_server 10.0.0.200 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP
    #sorry_server 127.0.0.1:80
    real_server 192.168.234.57 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

让10.0.0.100的ip优分至192.168.234.47 192.168.234.57备用

让10.0.0.200的ip优分至192.168.234.57 192.168.234.47备用

重启httpd服务

结果:访问www.a.com

  1 [root@234c17 ~]# for i in {1..8};do curl www.a.com;done
  2 234.167
  3 234.177
  4 234.47
  5 234.57
  6 234.167
  7 234.167
  8 234.177
  9 234.47
 10 

访问www.b.com

  1 [root@234c17 ~]# for i in {1..8};do curl www.b.com;done
  2 234.67
  3 234.67
  4 234.77
  5 234.67
  6 234.77
  7 234.67
  8 234.77
  9 234.77

二、配置web服务(C和D主机都做相似配备,只需改革暗许主页中的IP地址为本机的IP就可以,以示差距)

log``127.0``.``0.1``local2要想启用,可以看到默认配置文件中有这么一行注释

后端real_server准备

修改192.168.234.57的vip为10.0.0.200/32

  1 [root@234c27 keepalived]# ipvsadm -Ln
  2 IP Virtual Server version 1.2.1 (size=4096)
  3 Prot LocalAddress:Port Scheduler Flags
  4   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
  5 TCP  10.0.0.100:80 wrr
  6   -> 192.168.234.47:80            Route   1      0          0
  7 TCP  10.0.0.200:80 wrr
  8   -> 192.168.234.57:80            Route   1      0          0

56net亚洲必嬴 7

近些日子宕掉二个lvs

  1 [root@234c27 keepalived]# systemctl stop keepalived.service
  2 [root@234c27 keepalived]# ipvsadm -Ln
  3 IP Virtual Server version 1.2.1 (size=4096)
  4 Prot LocalAddress:Port Scheduler Flags
  5   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
  6 

56net亚洲必嬴 8

长期以来提供劳动

  1 [root@234c37 ~]# ipvsadm -Ln
  2 IP Virtual Server version 1.2.1 (size=4096)
  3 Prot LocalAddress:Port Scheduler Flags
  4   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
  5 TCP  10.0.0.100:80 wrr
  6   -> 192.168.234.47:80            Route   1      0          21
  7 TCP  10.0.0.200:80 wrr
  8   -> 192.168.234.57:80            Route   1      0          39

后二个贯彻基于前三个的根基上改变来的

1.安装apache

#local2.*/var/log/haproxy.log

风度翩翩旦要兑现sorry_server

1.把rs服务都停掉。然后在lvs上安装apache或许nginx服务

2.将keepalived配置文件中的

  1 virtual_server 10.0.0.200 80 {
  2     delay_loop 6
  3     lb_algo wrr
  4     lb_kind DR
  5     #persistence_timeout 50
  6     protocol TCP
  7     #sorry_server 127.0.0.1:80  //这一行来修改 写出服务出错之后的页面
  8     real_server 192.168.234.57 80 {
  9         weight 1
 10         HTTP_GET {
 11             url {
 12               path /
 13               status_code 200
 14             }
 15             connect_timeout 3
 16             nb_get_retry 3
 17             delay_before_retry 3
 18         }
 19     }
 20 }

# yum -y install apache

做如下配置就能够启用

2.成立暗许主页

# touch /var/log/haproxy.log
# vim /etc/rsyslog.conf
$ModLoad imudp
$UDPServerRun 514
# service rsyslog restart
# tail -f /var/log/haproxy.log
Oct  6 10:45:22 localhost haproxy[22208]: 172.16.5.200:50332 [06/Oct/2013:10:45:22.852] web static/www.web1.com 6/0/2/4/32 200 45383 - - ---- 3/3/0/1/0 0/0 "GET / HTTP/1.1"

# vim /var/www/html/index.html

显示了顾客端ip和realserver主机名等音讯

<h1>192.168.10.3</h1>

**********************暗中认可配置*********************************

3.启动apache

defaults
mode  http      # 为http服务代理,http为7层协议,tcp4层
log   global     # 全局日志
option httplog      # 日志类别为http日志格式
option dontlognull   # 不记录健康查询的日志
#########健康状况检测的意义在于,后端服务器若挂掉了,就不会再向它发送请求信息。
option http-server-close  # 每次请求完后主动关闭http通道,支持客户端长连接
option forwardfor  except 127.0.0.0/8 # 如果后端服务器需要获得客户端真实ip需要配置的参数,可以从http header中获得客户端ip
option  redispatch   #serverid对应的服务器挂掉后,强制定向到其他健康的服务器
retries  3       #3次连接失败就认为服务不可用,也可以通过后面设置
timeout http-request 10s # 请求超时间
timeout queue  1m   # 排队超时
timeout connect 10s   # 连接超时
timeout client  1m   # 客户端超时
timeout server  1m   # 服务器端超时
timeout http-keep-alive 10s # 保持连接超时
timeout check  10s    # 健康检测超时
maxconn    3000   # 每个进程最大连接数,可以在global中配置

# service httpd start

************************前端代理配置******************************

三、配置sorry_server(此服务配置于Nginx proxy主机上,两台Nginx proxy都做同样配备,只需更改私下认可主页中的IP地址为本机的IP即可,以示分裂)

frontend main *:5000  # 前端定义服务器名称和端口
acl url_static  path_beg -i /static /images /javascript /stylesheets
acl url_static  path_end -i .jpg .gif .png .css .js
use_backend static     if url_static
default_backend       app
定义访问控制,如果符合 url_static,就代理到static,如果不是url_static,就使用默认的后端服务

1.安装apache

***********************后端服务器配置*****************************

# yum -y install apache

backend static
balance   roundrobin  #负载均衡调度算法
server   static 127.0.0.1:4331 check # 定义了一个后端服务器并做健康状况检测
backend app
balance   roundrobin
server app1 127.0.0.1:5001 check rise 2 fall 1
server app2 127.0.0.1:5002 check rise 2 fall 1
server app3 127.0.0.1:5003 check rise 2 fall 1
server app4 127.0.0.1:5004 check rise 2 fall 1
# check rise 2 fall 1 健康状况检查,rise表示后端realserver从stop到start检查的次数,fall表示从start到stop检查的次数

2.成立默许主页


# vim /var/www/html/index.html


<h1>sorry_server:192.168.10.2</h1>

三、实例配置

3.改善监听端口为8080,避防与nginx所监听的端口冲突

本机ip:172.16.5.16

# vim /etc/httpd/conf/httpd.conf

翻开forward转发功效

Listen 8080

#sysctl-wnet.ipv4.ip_forward=1

4.启动apache服务

关门防火墙

四、配置代理(两台Nginx proxy都做相近配备)

为后端ip:172.16.6.1做代理

1.安装nginx

为后端服务器提供页面并运营httpd

# yum -y install nginx

# vim /var/www/html/index.html
<h1>welcome!</>
# service httpd start
global
log     127.0.0.1 local2
chroot   /var/lib/haproxy
pidfile   /var/run/haproxy.pid
maxconn   4000
user    haproxy
group    haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode          http
log           global
option         httplog
option         dontlognull
option http-server-close
option forwardfor    except 127.0.0.0/8 header X-Forward-For # 后端服务器日志中记录远程客户端ip,别忘了在后端服务器上修改log格式
option         redispatch
retries         3
timeout http-request  10s
timeout queue      1m
timeout connect     10s
timeout client     1m
timeout server     1m
timeout http-keep-alive 10s
timeout check      10s
maxconn         3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend web
bind *:80
default_backend static
也可以写成
frontend web 172.16.5.16:80
dfault_backend static
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
server   www.web1.com 172.16.6.1:80 check
stats          enable # 开启服务器状态信息
stats          hide-version # 隐藏版本信息
stats          realm haproxy stats # 说明认证信息  转译了一个空格
stats          auth admin:admin # 认证用户
stats          admin if TRUE # 通过认证就允许管理
stats          uri /abc # 自定义stats显示页面uri

2.定义upstream集群组,在http{}段中定义;

效果图

# vim /etc/nginx/nginx.conf

56net亚洲必嬴 9

        http {

独立使用贰个端口来监听stats状态消息。

编辑:操作系统 本文来源:56net亚洲必嬴Keepalived完毕Nginx双主高可用负载均衡

关键词: