在某种强大力量的推动下,写了人生中第一篇博文,主要是最近学习了一些集群知识,然后当做是做一下笔记。前端用nginx反向代理加上keepalived,两台nginx代理服务器做的是双主双备,代理到后端的两台web服务器,实现一个简单的集群吧。拓扑图如下:
centos1(nginx反向代理服务器):192.168.40.145
centos2(nginx反向代理服务器):192.168.40.146
centosA(后端web服务器):192.168.40.12
centosB(后端web服务器):192.168.40.19
vip:192.168.40.100
192.168.40.200
首先是centos1的nginx反向代理的设置:
nginx的反向代理就是指将Internet的访问送达到内网服务器,然后将得到的结果返回给Internet连接的客户端,对外就表现成一个服务器。
更改nginx的配置文件,/usr/local/nginx/conf/nginx.conf
先更改upstream模块,upstream模块就是它通过请求后端服务器得到内容而不是自己产生内容。Upstream能够使nginx实现网络数据接收,处理和转发。
http { . . . upstream web_up{ server 192.168.40.12:80 max_fails=3 fail_timeout=20s weight=2; server 192.168.40.19:80 max_fails=3 fail_timeout=20s weight=2; } server { . . . } }
server添加两台后端服务器,分别是192.168.40.12:80和192.168.40.19:80,然后是max_fails=3,最大错误连接次数为3次,超过就直接剔除该服务器。fail_timeout=20s,连接错误时间是20s,weight=2权重为2。
接下来是server板块:
server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { proxy_pass http://web_up; ##对应上面upstream定义的web_up proxy_store off; ##启用本地缓存功能 proxy_redirect off; ##指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; ##定义或添加字段传递给代理服务器的请求头。 proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; }
然后就跟上面一样的方式去配置另外一台nginx反向代理服务器。
然后都检测一下配置是否有问题:
[root@centos1 ~]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@centos2 ~]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
检查都没问题后开启nginx:
[root@centos1 ~]# /usr/local/nginx/sbin/nginx [root@centos2 ~]# /usr/local/nginx/sbin/nginx
接下来就要配置keepalived了。
先安装keepalived:
yum install keepalived -y
修改centos1的keepalived的配置文件,这里做的是双主双备。
[root@centos1 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { ##邮件接受者 root@localhost } notification_email_from [email protected] ##邮件发送者 smtp_server 127.0.0.1 ##邮件发送地址 smtp_connect_timeout 30 ##超时时长 } vrrp_script chk_http_port { ##这个部分定义nginx反向代理服务的检测脚本 script "/tmp/nginx_check.sh" ##脚本路径 interval 2 ##检测周期 weight -2 ##如果脚本被执行,那么优先级将会降低2 fall 2 ##指监控几次判断为失败 rise 1 ##指监控几次判断为成功 } vrrp_instance VI_1 { state MASTER ##状态 interface ens33 ##心跳网卡 virtual_router_id 50 ##两台keepalived的同一个vrrp_instance里面的 id要相同 priority 100 ##优先级,优先级高的将拥有vip advert_int 1 ##间隔时间 authentication { ##认证信息。两台keepalived设置成一样的 auth_type PASS auth_pass 1111 } virtual_ipaddress { ##vip 192.168.40.100 } track_script { chk_http_port ##指定检测脚本 } } vrrp_instance VI_ ##配置第二个vip state BACKUP interface ens33 virtual_router_id 17 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 2222 } virtual_ipaddress { 192.168.40.200 } track_script { chk_http_port } }
修改centos2的keepalived配置文件:
配置基本一样,就是注意吧优先级改一下。
[root@centos2 tmp]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 } vrrp_script chk_http_port { script "/tmp/nginx_check.sh" interval 2 weight -2 fall 2 rise 1 } vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 50 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.40.100 } track_script { chk_http_port } } vrrp_instance VI_2 { state MASTER interface ens33 virtual_router_id 17 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 2222 } virtual_ipaddress { 192.168.40.200 } track_script { chk_http_port } }
接下来是写一个检测脚本,检测脚本的写法有很多种。这是我的检测脚本,写得有些low:
[root@centos2 tmp]# cat /tmp/nginx_check.sh #!/bin/bash NGINX_PID=/usr/local/nginx/logs/nginx.pid if [ -f $NGINX_PID ]; then netstat -ntlp | grep `cat $NGINX_PID` if [ $? -eq 0 ]; then echo "your nginx is running" else systemctl stop keepalived fi else systemctl stop keepalived echo "your nginx is no running" fi
给它可执行权限:
chmod a+x /tmp/nginx_check.sh
两台keepalived的脚本是一样的。
接下来配置一下两台后端的web服务器:
先安装个nginx服务,这里就不写了。然后把默认主页改一下,为了测试有个好效果。
[root@centosa ~]# cat /usr/local/nginx/html/index.html aaa [root@centosb ~]# cat /usr/local/nginx/html/index.html bbb
然后都开启web服务:
[root@centosa ~]# /usr/local/nginx/sbin/nginx [root@centosb ~]# /usr/local/nginx/sbin/nginx
接下来回到centos1和centos2,开启keepalived服务:
[root@centos1 ~]# systemctl start keepalived [root@centos2 ~]# systemctl start keepalived
看一下keepalived的状态:
[root@centos1 ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since 四 2017-10-19 23:49:14 CST; 3s ago Process: 15709 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 15710 (keepalived) CGroup: /system.slice/keepalived.service ├─15710 /usr/sbin/keepalived -D ├─15711 /usr/sbin/keepalived -D └─15712 /usr/sbin/keepalived -D 10月 19 23:49:14 centos1 Keepalived_vrrp[15712]: VRRP_Script(chk_http_port) succeeded 10月 19 23:49:14 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) Transition to MASTER STATE 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) Entering MASTER STATE 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) setting protocol VIPs. 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.40.100 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:15 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100
可以看到本机的主备状态和获取vip的状态。
用ip addr sh命令看一下vip:
[root@centos1 ~]# ip addr sh ens33 2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:83:05:b0 brd ff:ff:ff:ff:ff:ff inet 192.168.40.145/24 brd 192.168.40.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::8783:64ef:f718:b05f/64 scope link valid_lft forever preferred_lft forever
可以看到是拥有一个192.168.40.100的vip的。
看第二台的keepalived状态:
[root@centos2 ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since 四 2017-10-19 23:49:00 CST; 5min ago Process: 85581 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 85582 (keepalived) CGroup: /system.slice/keepalived.service ├─85582 /usr/sbin/keepalived -D ├─85583 /usr/sbin/keepalived -D └─85584 /usr/sbin/keepalived -D 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) setting protocol VIPs. 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 99 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) Entering BACKUP STATE 10月 19 23:49:14 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) removing protocol VIPs.
用ip addr sh查看一下vip:
[root@centos2 ~]# ip addr sh ens33 2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:18:67:af brd ff:ff:ff:ff:ff:ff inet 192.168.40.146/24 brd 192.168.40.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.200/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe18:67af/64 scope link valid_lft forever preferred_lft forever
接下来开启一台测试主机来检测一下:
[root@test ~]# curl http://192.168.40.100 aaa [root@test ~]# curl http://192.168.40.100 bbb [root@test ~]# curl http://192.168.40.100 aaa [root@test ~]# curl http://192.168.40.100 bbb
先curl第一个vip能看到轮替效果。
访问第二个vip也能有同样的效果。
[root@test ~]# curl http://192.168.40.200 aaa [root@test ~]# curl http://192.168.40.200 bbb [root@test ~]# curl http://192.168.40.200 aaa [root@test ~]# curl http://192.168.40.200 bbb
停止centos1的nginx服务:
[root@centos1 ~]# /usr/local/nginx/sbin/nginx -s stop
keepalived也自动停止了。
[root@centos1 ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: inactive (dead) 10月 19 23:49:20 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.40.100 10月 19 23:49:20 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:20 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:20 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:49:20 centos1 Keepalived_vrrp[15712]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:14 centos1 Keepalived[15710]: Stopping 10月 19 23:56:14 centos1 systemd[1]: Stopping LVS and VRRP High Availability Monitor... 10月 19 23:56:14 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) sent 0 priority 10月 19 23:56:14 centos1 Keepalived_vrrp[15712]: VRRP_Instance(VI_1) removing protocol VIPs. 10月 19 23:56:15 centos1 systemd[1]: Stopped LVS and VRRP High Availability Monitor.
然后去到centos2看一下keepalived状态:
[root@centos2 ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since 四 2017-10-19 23:49:00 CST; 9min ago Process: 85581 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 85582 (keepalived) CGroup: /system.slice/keepalived.service ├─85582 /usr/sbin/keepalived -D ├─85583 /usr/sbin/keepalived -D └─85584 /usr/sbin/keepalived -D 10月 19 23:56:15 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:15 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:15 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:15 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 19 23:56:20 centos2 Keepalived_vrrp[85584]: Sending gratuitous ARP on ens33 for 192.168.40.100
查看一下vip:
[root@centos2 ~]# ip addr sh ens33 2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:18:67:af brd ff:ff:ff:ff:ff:ff inet 192.168.40.146/24 brd 192.168.40.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.200/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe18:67af/64 scope link valid_lft forever preferred_lft foreve
可以看到已经拥有两个vip了,接下来再访问一下:
[root@test ~]# curl http://192.168.40.100 aaa [root@test ~]# curl http://192.168.40.100 bbb [root@test ~]# curl http://192.168.40.200 aaa [root@test ~]# curl http://192.168.40.200 bbb
可以看到没有什么问题。
centos1重新开启nginx后:
[root@centos1 ~]# /usr/local/nginx/sbin/nginx [root@centos1 ~]# [root@centos1 ~]# systemctl start keepalived [root@centos1 ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since 四 2017-10-19 23:59:58 CST; 15s ago Process: 16786 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 16787 (keepalived) CGroup: /system.slice/keepalived.service ├─16787 /usr/sbin/keepalived -D ├─16788 /usr/sbin/keepalived -D └─16789 /usr/sbin/keepalived -D 10月 20 00:00:00 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:00 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:00 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:00 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100 10月 20 00:00:05 centos1 Keepalived_vrrp[16789]: Sending gratuitous ARP on ens33 for 192.168.40.100
[root@centos1 ~]# ip addr sh ens33 2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:83:05:b0 brd ff:ff:ff:ff:ff:ff inet 192.168.40.145/24 brd 192.168.40.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::8783:64ef:f718:b05f/64 scope link valid_lft forever preferred_lft forever
可以看到重新抢占回原来的vip了。
再看看centos2:
[root@centos2 ~]# ip addr sh ens33 2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:18:67:af brd ff:ff:ff:ff:ff:ff inet 192.168.40.146/24 brd 192.168.40.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.40.200/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe18:67af/64 scope link valid_lft forever preferred_lft forever
其实检测脚本写得有点累赘和low,但效果还是可以实现的。也可以稍微修改一下,只是为了测试没有让脚本开启nginx。
[root@centos2 ~]# cat /tmp/nginx_check.sh #!/bin/bash NGINX_PID=/usr/local/nginx/logs/nginx.pid /usr/local/nginx/sbin/nginx sleep 5 if [ -f $NGINX_PID ]; then netstat -ntlp | grep `cat $NGINX_PID` if [ $? -eq 0 ]; then echo "your nginx is running" else systemctl stop keepalived fi else systemctl stop keepalived echo "your nginx is no running" fi
完。