贯彻双主模型的nginx的高可用,Keepalived落成Nginx双主高可用负载均衡集群

图片 20
亚洲城ca88手机版官网

编纂http的的安插文件扩充基于FQDN虚拟主机

[root@234c47 ~]# vim /etc/httpd/conf.d/vhost.conf

<virtualhost 192.168.234.167:80>
 documentroot /data/web1
 servername www.a.com
< directory /data/web1>
 require all granted
< /directory>
< /virtualhost>

        state MASTER

只顾,要是在生育中装置,一定要留意安装软件的版本要滞后最新版本壹到七个,不然,新本子中出现了bug异常的小概化解将是致命的。

另3个主机也丰盛虚拟主机

[root@234c57 ~]# vim /etc/httpd/conf.d/vhost.conf

<virtualhost 192.168.234.177:80>
documentroot /data/web1
servername www.a.com
<directory /data/web1>
require all granted
< /directory>
< /virtualhost>

        priority 98

17二.1陆.五.200是笔者物理机的IP地址

准备:主机7台

client:

172.18.x.x

调度器:keepalived+nginx 带172.18.x.x/16 网卡

192.168.234.27

192.168.234.37

real_server

192.168.234.47

192.168.234.57

192.168.234.67

192.168.234.77

    vrrp_mcast_group4 224.0.100.39

hdrhosts)格式

一、先配置4台real_server,安装好测试用的httpd

  1 [root@234c47 ~]# curl 192.168.234.47;curl 192.168.234.57;curl 192.168.234.67;curl 192.168.234.77
  2 234.47
  3 234.57
  4 234.67
  5 234.77

    }


过程:

        advert_int 1

node1:# yum -y install haproxy
node2:# yum -y install haproxy
# cd /etc/haproxy
# mv haproxy.cfg haproxy.bak
# vim haproxy.cfg
global
log         127.0.0.1 local2
chroot      /var/lib/haproxy
pidfile     /var/run/haproxy.pid
maxconn     4000
user        haproxy
group       haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode                    http
log                     global
option                  httplog
option                  dontlognull
option http-server-close
option forwardfor       except 127.0.0.0/8 header X-Forward-For
option                  redispatch
retries                 3
timeout http-request    10s
timeout queue           1m
timeout connect         10s
timeout client          1m
timeout server          1m
timeout http-keep-alive 10s
timeout check           10s
maxconn                 3000
listen stats #专门弄个端口进行状态管理
bind *:1080
stats                   enable
stats                   hide-version
stats                   realm haproxy\ stats
stats                   auth admin:admin
stats                   admin if TRUE
stats                   uri /abc
frontend web
    bind *:80
    acl danymic path_end -i .php
    acl abc src 172.16.5.100
    block if abc
    use_backend php if danymic
    default_backend static
backend static
    balance     roundrobin
    server      www.web1.com 172.16.5.16:8080 check rise 2 fall 1 weight 1
    server      www.web2.com 172.16.5.15:8080 check rise 2 fall 1 weight 1
backend php
    balance roundrobin
    server    www.web3.com 172.16.6.1:80 check rise 2 fall 1 weight 1
    server    www.web4.com 172.16.6.2:80 check rise 2 fall 1 weight 1
# scp haproxy.cfg b:/etc/haproxy/

最近扩张实验

        rise 1

独立使用一个端口来监听stats状态音信。

贯彻双主模型的ngnix高可用(壹)

图片 1

    vrrp_script chk_nginx {

# touch /var/log/haproxy.log
# vim /etc/rsyslog.conf
$ModLoad imudp
$UDPServerRun 514
# service rsyslog restart
# tail -f /var/log/haproxy.log
Oct  6 10:45:22 localhost haproxy[22208]: 172.16.5.200:50332 [06/Oct/2013:10:45:22.852] web static/www.web1.com 6/0/2/4/32 200 45383 - - ---- 3/3/0/1/0 0/0 "GET / HTTP/1.1"

3.配置nginx主机234.27/37

先配置http语块

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    upstream web1{  //
        server 192.168.234.47:80;
        server 192.168.234.57:80;
        }
    upstream web2{
        server 192.168.234.67:80;
        server 192.168.234.77:80;
        }

/*
ngx_http_upstream_module
ngx_http_upstream_module模块
用于将多个服务器定义成服务器组,而由proxy_pass, fastcgi_pass等指令
进行引用
1、upstream name { ... }
定义后端服务器组,会引入一个新的上下文
默认调度算法是wrr
Context: http
upstream httpdsrvs {
server ...
server...
...
*/

然后配置server

    server {
        listen       80 default_server; //默认监听80端口
        server_name www.a.com //域名
        listen       [::]:80 default_server;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
                proxy_pass http://web1 ;  //定义访问80端口的请求,以web1提供服务。而指定的web1在http语块中为 192.168.234.47/57:80 提供服务
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
    server {
        server_name www.b.com
        listen 80;
        location / {
                proxy_pass http://web2 ; //定义访问80端口的请求,以web2提供服务。而指定的web2在http语块中为 192.168.234.147/157:80 提供服务

        }
    }
}

那样访问 www.a.com固然访问1玖二.16八.23四.47/五七:80

访问 www.b.com即便访问1九二.16八.23四.67/7柒:80

前日客户机将host增加www.a/b.com

172.18.0.100 www.a.com
172.18.0.200
www.b.com

    客户端将www.a.com 解析 172.18.0.100

[root@234c17 ~]# ping www.a.com
PING www.a.com (172.18.0.100) 56(84) bytes of data.
64 bytes from www.a.com (172.18.0.100): icmp_seq=1 ttl=64 time=0.358 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=2 ttl=64 time=0.376 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=3 ttl=64 time=0.358 ms
64 bytes from www.a.com (172.18.0.100): icmp_seq=4 ttl=64 time=0.366 ms

    客户端将www.b.com 解析 172.18.0.200

[root@234c17 ~]# ping www.b.com
PING www.b.com (172.18.0.200) 56(84) bytes of data.
64 bytes from www.b.com (172.18.0.200): icmp_seq=1 ttl=64 time=0.582 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=2 ttl=64 time=0.339 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=3 ttl=64 time=0.524 ms
64 bytes from www.b.com (172.18.0.200): icmp_seq=4 ttl=64 time=0.337 ms

结果:

  1 [root@234c17 ~]# for i in {1..4};do curl www.a.com;curl www.b.com;sleep 1;done
  2 234.57
  3 234.77
  4 234.47
  5 234.67
  6 234.57
  7 234.77
  8 234.47
  9 234.67

4、配置代理(两台Nginx proxy都做一样配备)

1致性hash负载均衡

实行结果

  1 [root@234c17 ~]# for i in {1..4};do curl www.a.com;curl www.b.com;sleep 1;done
  2 234.57
  3 234.77
  4 234.47
  5 234.67
  6 234.57
  7 234.77
  8 234.47
  9 234.67

        script “[[ -f /etc/keepalived/down ]] && exit 1 || exit 0”

六、结合keepalived做高可用代理

金玉锦绣双主模型的ngnix高可用(2)

图片 2

        track_script {

hdrwww.a.com)实例

1.配置keepalived主机234.27

[root@234c27 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    notification_email {
      root@localhost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id kpone
    vrrp _mcast_group4 234.10.10.10
 }
 vrrp_instance VI_1 {
     state MASTER
     interface ens33
     virtual_router_id 50
     priority 100
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 1111
     }
     virtual_ipaddress {
         172.18.0.100/16  //这ip调度 192.168.234.47/57
     }
 }
vrrp_instance VI_2 {
     state BACKUP
     interface ens33
     virtual_router_id 51
     priority 80
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 2222
     }
     virtual_ipaddress {
         172.18.0.200/16  //这ip调度 192.168.234.147/157
     }
}

三、配置sorry_server(此服务配置于Nginx proxy主机上,两台Nginx
proxy都做同样配备,只需修改暗许主页中的IP地址为本机的IP就可以,以示差距)

Haproxy综合布署事例

2.配置keepalived主机234.37

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    notification_email {
      root@localhost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id kpone
    vrrp _mcast_group4 234.10.10.10
 }
 vrrp_instance VI_1 {
     state BACKUP
     interface ens33
     virtual_router_id 50
     priority 80
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 1111
     }
     virtual_ipaddress {
         172.18.0.100/16  //这ip调度 192.168.234.47/57
     }
 }
vrrp_instance VI_2 {
     state MASTER
     interface ens33
     virtual_router_id 51
     priority 100
     advert_int 1
     authentication {
         auth_type PASS
         auth_pass 2222
     }
     virtual_ipaddress {
         172.18.0.200/16  //这ip调度 192.168.234.147/157
     }
}

诸如此类双主模型轻松的就搭建好了

                server 192.168.10.3:80;

global
pidfile /var/run/haproxy.pid
log 127.0.0.1 local0 info
defaults
mode http
clitimeout   600000
srvtimeout   600000
timeout connect 8000
stats enable
stats auth  admin:admin
stats uri/monitor
stats refresh5s
option httpchk GET /status
retries5
option redispatch
errorfile 503 /path/to/503.text.file
balanceroundrobin# each server is used in turns, according to assigned weight
frontend http
bind :80
monitor-uri  /haproxy # end point to monitor HAProxy status (returns 200)
acl api1 path_reg ^/api1/?
acl api2 path_reg ^/api2/?
use_backend api1 if api1
use_backend api2 if api2
backend api1
# option httpclose
server srv0 172.16.5.15:80 weight 1 maxconn 100 check inter 4000
server srv1 172.16.5.16:80 weight 1 maxconn 100 check inter 4000
server srv2 172.16.5.16:80 weight 1 maxconn 100 check inter 4000
backend api2
option httpclose
server srv01 172.16.5.18:80 weight 1 maxconn 50 check inter 4000

将192.168.234.47/57主机加ip地址

[root@234c47 ~]#ip a a dev ens37 192.168.167/24

[root@234c57 ~]#ip a a dev ens37 192.168.177/24

# service keepalived start

listen webfarm
bind 192.168.0.99:80
mode http
stats enable
stats auth someuser:somepassword
balance roundrobin
cookie JSESSIONID prefix
option httpclose
option forwardfor
option httpchk HEAD /check.txt HTTP/1.0
server webA 192.168.0.102:80 cookie A check
server webB 192.168.0.103:80 cookie B check

重启httpd服务

结果:访问www.a.com

  1 [root@234c17 ~]# for i in {1..8};do curl www.a.com;done
  2 234.167
  3 234.177
  4 234.47
  5 234.57
  6 234.167
  7 234.167
  8 234.177
  9 234.47
 10 

访问www.b.com

  1 [root@234c17 ~]# for i in {1..8};do curl www.b.com;done
  2 234.67
  3 234.67
  4 234.77
  5 234.67
  6 234.77
  7 234.67
  8 234.77
  9 234.77

! Configuration File for keepalived

node2

二、配置keepalived

因为是双主模型

        server {

该配置文件重大落成的功用:1、五个实例VI,完成了双主模型,首要为前端dns负载均衡使用;2、单个主从模型能够兑现高可用,前提是若是针对有个别服务,那几个服务必须在keepalived运转从前运营,而且要对之监察和控制;3、当然,也要抓牢对keepalived服务自个儿的监督,那就须求编写制定其它的台本,脚本所在的目录必须与notify_master”/etc/keepalived/notify.shmaster”中关系的等同。

CentOS 7下Keepalived + HAProxy 搭建配置详解 
http://www.linuxidc.com/Linux/2017-03/141593.htm

************************全局配置*****************************

        }


            }

配置keepalived

1.安装keepalived

图片 3

    vrrp_instance ngx {

default_backendstatic

构建高可用集群Keepalived+Haproxy负载均衡
http://www.linuxidc.com/Linux/2016-12/138917.htm


        }

ip:172.16.5.16

Nginx+Keepalived完结站点高可用 
http://www.linuxidc.com/Linux/2016-12/137883.htm

frontend main *:5000  # 前端定义服务器名称和端口
acl url_static  path_beg -i /static /images /javascript /stylesheets
acl url_static  path_end -i .jpg .gif .png .css .js
use_backend static     if url_static
default_backend       app
定义访问控制,如果符合 url_static,就代理到static,如果不是url_static,就使用默认的后端服务

图片 4

acl clear   dst_port 80
acl secure   dst_port 8080
acl login_page url_beg  /login
acl logout   url_beg  /logout
acl uid_given url_reg  /login?userid=[^&]+
acl cookie_set hdr_sub(cookie) SEEN=1
redirect prefix  https://mysite.com set-cookie SEEN=1 if !cookie_set
redirect prefix  https://mysite.com      if login_page !secure
redirect prefix  http://mysite.com drop-query if login_page !uid_given
redirect location http://mysite.com/      if !login_page secure
redirect location / clear-cookie USERID=    if logout

        virtual_router_id 15

**************************************************************************************************修改配置文件,将拒绝访问的ip改为客户端ip,获得如下页面

<h1>sorry_server:192.168.10.2</h1>

defaults
mode  http      # 为http服务代理,http为7层协议,tcp4层
log   global     # 全局日志
option httplog      # 日志类别为http日志格式
option dontlognull   # 不记录健康查询的日志
#########健康状况检测的意义在于,后端服务器若挂掉了,就不会再向它发送请求信息。
option http-server-close  # 每次请求完后主动关闭http通道,支持客户端长连接
option forwardfor  except 127.0.0.0/8 # 如果后端服务器需要获得客户端真实ip需要配置的参数,可以从http header中获得客户端ip
option  redispatch   #serverid对应的服务器挂掉后,强制定向到其他健康的服务器
retries  3       #3次连接失败就认为服务不可用,也可以通过后面设置
timeout http-request 10s # 请求超时间
timeout queue  1m   # 排队超时
timeout connect 10s   # 连接超时
timeout client  1m   # 客户端超时
timeout server  1m   # 服务器端超时
timeout http-keep-alive 10s # 保持连接超时
timeout check  10s    # 健康检测超时
maxconn    3000   # 每个进程最大连接数,可以在global中配置

# yum -y install apache

bind*:80

            192.168.20.100/24 dev eth1

图片 5

            location / {

图片 6

图片 7

###########################keepalived的双主模型完结的负荷均衡##################################

        state BACKUP

图片 8

    notification_email_from keepalived@localhost

图片 9

<h1>192.168.10.3</h1>


CentOS陆.5下 Keepalived高可用服务单实例配置
http://www.linuxidc.com/Linux/2016-12/138110.htm

frontend web
bind *:80
acl url_static    path_beg    -i /static /images /javascript /stylesheets
#字符形式
acl url_static    path_reg    -i ^/static ^/images ^/javascript ^/stylesheets
#正则表达式
acl url_static    path_end    -i .jpg .jpeg .gif .png .css .js
#字符
acl url_static    path_reg   -i .jpg $.jpeg$ .gif $.png$ .css$ .js$
# 正则表达式
#一般能用字符,就不要用正则表达式,字符的比正则表达式快。
use_backend static_servers     if url_static
default_backend dynamic_servers
backend static_servers
balance roundrobin
server imgsrv1 172.16.200.7:80 check maxconn 6000
server imgsrv2 172.16.200.8:80 check maxconn 6000
backend dynamic_servers
balance source
server websrv1 172.16.200.7:80 check maxconn 1000
server websrv2 172.16.200.8:80 check maxconn 1000
server websrv3 172.16.200.9:80 check maxconn 1000

        weight -5

frontendweb

        }

2、配置详解

3.配置C主机的IP


专注:为了不影响实验结果,在推行始于前先关闭iptables和selinux

haproxylisten配置示范:

    }

# yum -y install haproxy

# vim /var/www/html/index.html

************************前者代理配置******************************

    }


正文长久更新链接地址:http://www.linuxidc.com/Linux/2017-05/143738.htm

############################意况分离之静态页面负载均衡############################

四.起步服务


            auth_type PASS


# service httpd start

#local2.*/var/log/haproxy.log

    vrrp_instance ngx2 {

backend static
balance   roundrobin  #负载均衡调度算法
server   static 127.0.0.1:4331 check # 定义了一个后端服务器并做健康状况检测
backend app
balance   roundrobin
server app1 127.0.0.1:5001 check rise 2 fall 1
server app2 127.0.0.1:5002 check rise 2 fall 1
server app3 127.0.0.1:5003 check rise 2 fall 1
server app4 127.0.0.1:5004 check rise 2 fall 1
# check rise 2 fall 1 健康状况检查,rise表示后端realserver从stop到start检查的次数,fall表示从start到stop检查的次数

        state BACKUP

Haproxy的劳作方式:代理形式为http和tcp做代理,可以为三种劳动做代办,它是三个特地的代理服务器,本人无法形成web服务。

四.将后端的web
server关闭壹台,访问192.16八.20.十0或1九二.168.20.200,响应请求的将只是另壹台平常运维web
server的主机


1.开发银行两台Nginx proxy的keepalived服务

source:后端服务器时动态服务器时使用,类似于nginx的iphash

贰.创建暗中同意主页

图片 10

    }

当客户端ip为17二.16.五.100时,重定向到

        authentication {

#sysctl-wnet.ipv4.ip_forward=1

三.修改监听端口为8080,避防与nginx所监听的端口冲突

以上海市计算,有不足之处,望指教。。

            auth_type PASS

frontend web
bind *:8080
default_backend static
acl abc src 172.16.5.100
redirect prefix http://172.16.5.16/def if abc

B主机也作同样配备,稍作修改就可以,供给修改的地点如下:

呈现了客户端ip和realserver主机名等消息

        virtual_ipaddress {

global
log     127.0.0.1 local2
chroot   /var/lib/haproxy
pidfile   /var/run/haproxy.pid
maxconn   4000
user    haproxy
group    haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode          http
log           global
option         httplog
option         dontlognull
option http-server-close
option forwardfor    except 127.0.0.0/8
option         redispatch
retries         3
timeout http-request  10s
timeout queue      1m
timeout connect     10s
timeout client     1m
timeout server     1m
timeout http-keep-alive 10s
timeout check      10s
maxconn         3000
listen stats
bind *:1080
stats          enable
stats          hide-version
stats          realm haproxy\ stats
stats          auth admin:admin
stats          admin if TRUE
stats          uri /abc
frontend web
bind *:80
default_backend static
backend static
server   www.web1.com 172.16.6.1:80 check

        }

Hash-type:consistent动态一致性hashhash环

    }


        priority 100

requestheader请求首部

            }

图片 11

    smtp_connect_timeout 30

node1:

                proxy_pass http://wersrvs;

修改原配置文件,完成境况分离

2.创办私下认可主页


            chk_down

走访阻止

        interface eth1

表达效率

        }

# vim /etc/keepalived/notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=172.16.5.100
contact='[email protected]'
Notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy restart
exit 0
;;
fault)
notify fault
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac

3.拜访192.16八.20.200,结果应是后端的web server轮询响应请求

一、haproxy和nginx的区别

# ip addr add dev eth0 192.168.10.33/24

为后端ip:172.16.6.1做代理

操作步骤:

4、负载均衡–调治算法

            upstream websrvs {

uri依照用户访问的uri来负载均衡,它也有hash表,同样有hash-type,第贰次访问的结果被负载到哪些服务器,保存在了hash表中,在来走访同一的uri,就会平昔到那台服务器。

4.启动apache服务

node第22中学也要如此安排,可是要修改主从和优先级,这里不再罗嗦。

    vrrp_instance ngx2 {


Nginx+Keepalived达成站点高可用(负载均衡) 
http://www.linuxidc.com/Linux/2016-12/138221.htm


# ip addr add dev eth0 192.168.10.23/24

计划完事后,运行了haproxy和keepalived之后,对配置做下校验。

实验景况:两台Nginx
proxy(双主Nginx,各需求两块网卡,eth0连接内网,eth1连接外网)、两台web
server(请求的载重均衡)、1台client用于注明结果。

acl要和redirectprefix恐怕redirectlocation搭配使用

二.定义upstream集群组,在http{}段中定义;

**************************************************************************************************做客专门设定的用于查看代理状态的页面

        script “killall -0 nginx && exit 0 || exit 1”


# ip addr add dev eth0 192.168.10.3/24

图片 12

1.安装apache

**********************默许配置*********************************

        priority 98

node1

图片 13


# yum -y install keepalived

url_param依据用户帐号音讯,将请求发往同二个服务器,一样有hash-type。

    global_defs {


            chk_down

***********************后端服务器配置*****************************

        virtual_ipaddress {

闭馆防火墙

Linux下Keepalived服务安装文档 
http://www.linuxidc.com/Linux/2017-03/141441.htm

配置haproxy

        root@localhost


    notification_email {


A主机上操作

hostname:www.b.com

            chk_nginx

1、安装

            192.168.20.200/24 dev eth1

hostname:www.a.com

    }

frontend web
bind *:8080
default_backend static
acl abc src 172.16.5.100
block if abc  # 阻止访问

陆.闭馆一台Nginx proxy
的nginx服务,备server将把IP地址加多到本机,继续提供劳务,此时作客1九二.16八.20.十0或1九二.168.20.200并不会有其它察觉


        }

准备干活请参见此前写的博客,无非正是光阴同步,双机互信,主机名称可以互为解析。

        }

# yum -y install keepalived
# cd /etc/keepalived/
# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight 2
}
#vrrp_script chk_mantaince_down {
#   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
#   interval 1
#   weight 2
#}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 5
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 11111
}
virtual_ipaddress {
172.16.5.100/16
}
track_script {
chk_mantaince_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 11111
}
virtual_ipaddress {
172.16.5.101/16
}
track_script {
chk_mantaince_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}

# yum -y install apache

基于权重weight动态

        priority 100


        interval 1

#service haproxy start
#service keepalived start
node1
# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:a5:31:22 brd ff:ff:ff:ff:ff:ff
inet 172.16.5.15/16 brd 172.16.255.255 scope global eth0
inet 172.16.5.101/16 scope global secondary eth0
inet6 fe80::20c:29ff:fea5:3122/64 scope link
valid_lft forever preferred_lft forever
node2
# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:cc:55:6d brd ff:ff:ff:ff:ff:ff
inet 172.16.5.16/16 brd 172.16.255.255 scope global eth0
inet 172.16.5.100/16 scope global secondary eth0
inet6 fe80::20c:29ff:fecc:556d/64 scope link
valid_lft forever preferred_lft forever

# vim /var/www/html/index.html

效果图:

        advert_int 1

效果图

二.编辑A主机的配备文件/etc/keepalived/keepalived.conf,作如下配置:

log``127.0``.``0.1``local2要想启用,可以看到默认配置文件中有这么一行注释

    smtp_server 127.0.0.1


        weight -5

aclabcsrc172.16.5.200

3.启动apache

roundrobin动态帮助权重和在服务器运营时调度,支持慢速运行

    }

图片 14

Listen 8080

拓扑图

Keepalived高可用集群应用场景与布署
http://www.linuxidc.com/Linux/2017-03/141866.htm

三、实例配置

                server 127.0.0.1:8080 backup;

# vim /var/www/html/index.html
<h1>welcome!</>
# service httpd start
global
log     127.0.0.1 local2
chroot   /var/lib/haproxy
pidfile   /var/run/haproxy.pid
maxconn   4000
user    haproxy
group    haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode          http
log           global
option         httplog
option         dontlognull
option http-server-close
option forwardfor    except 127.0.0.0/8 header X-Forward-For # 后端服务器日志中记录远程客户端ip,别忘了在后端服务器上修改log格式
option         redispatch
retries         3
timeout http-request  10s
timeout queue      1m
timeout connect     10s
timeout client     1m
timeout server     1m
timeout http-keep-alive 10s
timeout check      10s
maxconn         3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend web
bind *:80
default_backend static
也可以写成
frontend web 172.16.5.16:80
dfault_backend static
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
server   www.web1.com 172.16.6.1:80 check
stats          enable # 开启服务器状态信息
stats          hide-version # 隐藏版本信息
stats          realm haproxy\ stats # 说明认证信息 \ 转译了一个空格
stats          auth admin:admin # 认证用户
stats          admin if TRUE # 通过认证就允许管理
stats          uri /abc # 自定义stats显示页面uri

2.造访1玖二.16八.20.十0,结果应是后端的web server轮询响应请求

    }


Keepalived安装与布局
http://www.linuxidc.com/Linux/2017-02/140421.htm

法定实例,将用户登6后的url重定向到https安全连接。

    vrrp_instance ngx {

Hash-type:map-based静态hash码取余总计ip的hash码除以全体的劳动器数,余数得几就位于第多少个服务器上

# vim /etc/nginx/conf.d/default.conf

二、安装配备

    vrrp_script chk_down {

图片 15

        interface eth1

haproxy 和 nginx 的分别 Haproxy
的专门的学业形式:代理方式为 http 和 tcp
做代理,可以为八种劳务做代办,它是一个特意的代理服务器,本人不…

图片 16

规划:

1.安装apache


                index index.html;

hdr:首部基于请求首部调治,同样有hash-type

        http {

reponseheader响应首部

# vim /etc/httpd/conf/httpd.conf


        virtual_router_id 14

后端realserver令人家代做

1.配置A主机的IP

nginx的职业情势:web情势和代办,Nginx只为WEB服务做代理。

6、模拟故障,验证结果


图片 17

图片 18

        interval 1

ip:172.16.5.15

        track_script {

本机ip:172.16.5.16

# ip addr add dev eth0 192.168.10.2/24

编辑对keepalived服务本人的监督脚本

叁.调用定义的集群组,在server{}段的location{}段中调用;

做如下配置就能够启用

# yum -y install nginx


        }

        fall 2

leastconn最少连接,只提出接纳相当短的对话

一、配置IP

敞开forward转载效用

2.配置B主机的IP

本文出自 “秋风颂”
博客,请务必保留此出处

1.安装nginx

图片 19

        state MASTER

瞩目:本脚本中关系了vip,而本实验是双主模型,个中有三个vip,尽管想方便,就写三个就行了,借使求准确,可以复制那么些剧本,修改vip然后在安排文件中期维修改另七个实例中的notify.sh的路线。

贰、配置web服务(C和D主机都做一样配备,只需修改暗许主页中的IP地址为本机的IP就能够,以示差别)


4.配置D主机的IP

blockifabc

图片 20

static-rr静态不协助在服务器运转时调节,不辅助慢速运转

        chk_nginx

图片 21

        authentication {


            auth_pass XYZ41fTp

############################状态分离之动态页面负载均衡##############################

五、配置keepalived

为后端服务器提供页面并运转httpd

尝试目标:使用keepalived完毕Nginx的双主高可用负载均衡集群。


                server 192.168.10.33:80;

global
log     127.0.0.1 local2
chroot   /var/lib/haproxy
pidfile   /var/run/haproxy.pid
maxconn   4000
user    haproxy
group    haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode          http
log           global
option         httplog
option         dontlognull
option http-server-close
option forwardfor    except 127.0.0.0/8
option         redispatch
retries         3
timeout http-request  10s
timeout queue      1m
timeout connect     10s
timeout client     1m
timeout server     1m
timeout http-keep-alive 10s
timeout check      10s
maxconn         3000
listen stats
bind *:1080
stats          enable
stats          hide-version
stats          realm haproxy\ stats
stats          auth admin:admin
stats          admin if TRUE
stats          uri /abc
frontend web
bind *:80
default_backend static
backend static
balance   source
hash-type  consistent
server   www.web1.com 172.16.6.1:80 check weight 3
server   www.web2.com 172.16.6.2:80 check weight 1

图片 22

5、acl访问调整

            auth_pass MDQ41fTp

Global
log     127.0.0.1 local2  # 定义全局日志服务器
chroot   /var/lib/haproxy  # 修改haproxy的工作目录到制定的目录,提高安全性
pidfile   /var/run/haproxy.pid # pid文件位置
maxconn   4000      # 最大连接数
user    haproxy     # 服务运行时的身份,也可以用uid来表示
group    haproxy     # 服务运行时的身份所属的组,可以用gid来表示
Daemon           # 服务以守护进程的身份运行
# turn on stats unix socket    # 默认打开UNIX socket
stats socket /var/lib/haproxy/stats # 指明unix socket 所在的位置
Node      www.a.com  # 定义当前节点的名称,用于HA场景中多haproxy进程共享同一个IP地址时
ulimit-n    100       # 设定每进程所能够打开的最大文件描述符数目,默认情况下其会自动进行计算,因此不推荐修改此选项

    router_id CentOS6

# service nginx start

一对有关Keepalived相关课程集结

# vim /etc/nginx/nginx.conf

伍.将后端的web
server都关闭,此时作客192.16八.20.100或1九2.16捌.20.200,响应请求的将只是Nginx
proxy中定义的主server中的sorry_server

发表评论

电子邮件地址不会被公开。 必填项已用*标注

网站地图xml地图