代理负责把连接请求直接转发到后台某个web节点
负载均衡负责把请求使用某种调度算法分散发布给后台所有web节点
---------------------------------------------------------------------------------------------------------------------------------
面对高并发web请求,使用各种调度算法(rr,wrr,lc,wlc,ip_hash),分散转发到后台web群集节点,提高数据吞吐量,高容灾
常见的LB:
软件:lvs nginx haproxy
硬件:F5
云LB:阿里云SLB 腾讯云CLB 青云QLB ucloud ULB
四层负载:ip地址 tcp/udp 端口号
七层负载:HTTP https ftp SMTP
---------------------------------------------------------------------------------------------------------------------------------
协议:VRRP(虚拟路由冗余协议) 公有协议 224.0.0.18
HSRP(热备份路由协议) 私有协议,Cisco公司
高可用软件:
keepalived: 使用vrrp实现多台主机高可用群集
高可用角色:master 主服务器
backup 备服务器
---------------------------------------------------------------------------------------------------------------------------------
lb1 192.168.1.1 centos 7.9
lb2 192.168.1.2 centos 7.9
web1 192.168.1.3 centos 7.9
web2 192.168.1.4 centos 7.9
---------------------------------------------------------------------------------------------------------------------------------
将所有服务器关闭防火墙和selinux
systemctl stop firewalld
setenforce 0
---------------------------------------------------------------------------------------------------------------------------------
yum -y install epel-release
yum -y install nginx
echo "web1" > /usr/share/nginx/html/index.html (web2就改成web2,别的操作和web1相同)
systemctl start nginx
systemctl enable nginx
---------------------------------------------------------------------------------------------------------------------------------
yum -y install epel-release
yum -y install nginx
systemctl start nginx
systemctl enable nginx
---------------------------------------------------------------------------------------------------------------------------------
vim /etc/nginx/nginx_params
添加:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
保存退出
---------------------------------------------------------------------------------------------------------------------------------
vim /etc/nginx/conf.d/lb1.conf
修改为:
upstream web_cluster {
server 192.168.1.3:80;
server 192.168.1.4:80;
}
server {
listen 80;
server_name blog.benet.com;
location / {
proxy_pass http://web_cluster;
include nginx_params;
}
}
保存退出
重启nginx:systemctl restart nginx
客户端访问验证,浏览器如果判断不出来,就看web节点上的日志
---------------------------------------------------------------------------------------------------------------------------------
此时,负载均衡服务已实现,但是要做高可用的话,还需要再加一台负载均衡服务器,并且和第一台负载均衡服务器的配置一样。请往下看
---------------------------------------------------------------------------------------------------------------------------------
yum -y install epel-release
yum -y install nginx
systemctl start nginx
systemctl enable nginx
---------------------------------------------------------------------------------------------------------------------------------
scp -r /etc/nginx/nginx_params [email protected]:/etc/nginx/
scp -r /etc/nginx/conf.d/lb1.conf [email protected]:/etc/nginx/conf.d/
---------------------------------------------------------------------------------------------------------------------------------
systemctl restart nginx
---------------------------------------------------------------------------------------------------------------------------------
yum -y install keepalived
---------------------------------------------------------------------------------------------------------------------------------
vim /etc/keepalived/keepalived.conf
修改为:
global_defs {
router_id lb1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.254
}
}
保存退出
启动服务:systemctl restart keepalived
vim /etc/keepalived/keepalived.conf
修改为:
global_defs {
router_id lb2 #路由id号,和主服务器必须不同
}
vrrp_instance VI_1 {
state BACKUP #状态:BACKUP备 MASTER主
interface ens33 #指定网卡名字
virtual_router_id 51
priority 99 #优先级:备比主要小
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.254 #虚拟路由ip,公共ip
}
}
保存退出
启动服务:systemctl restart keepalived
---------------------------------------------------------------------------------------------------------------------------------
ip a show dev ens33
---------------------------------------------------------------------------------------------------------------------------------
vim /etc/hosts
修改为:
192.168.1.254 blog.benet.com
保存退出
---------------------------------------------------------------------------------------------------------------------------------
到这里呢,我们这个负载均衡以及高可用都完成了,但是这个高可用呢,会存在一些问题,比如脑裂现象.
---------------------------------------------------------------------------------------------------------------------------------
高可用节点之间互相失去联系,自认为自己是主服务器,就会出现多主现象,即裂脑现象
裂脑出现的原因:
心跳线松动或网卡故障
服务器硬件故障,崩溃
节点服务器开启防火墙,却没有做vrrp例外
nginx服务死掉,不会出现裂脑现象,但整个集群都无法正常运作
---------------------------------------------------------------------------------------------------------------------------------
vim split_brain.sh
#!/bin/sh
while true
do
ping -c 2 -W 3 192.168.1.1 &> /dev/null
if [ $? -eq 0 -a `ip add|grep 192.168.1.254|wc -l` -eq 1 ]
then
echo "split brain....."
else
echo "HA is ok"
fi
sleep 5
done
保存退出
chmod +x split_brain.sh
source split_brain.sh
开启防火墙验证:systemctl start firewalld
解决因为防火墙出现的裂脑现象:
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
---------------------------------------------------------------------------------------------------------------------------------
编辑nginx监控脚本
vim /sh/check_nginx_proxy.sh
#!/bin/bash
killall -0 nginx
if [ $? -ne 0 ];then
systemctl stop keepalived
fi
添加脚本追踪模块到keepalived配置文件
vim /etc/keepalived/keepalived.conf
global_defs {
router_id lb1
}
vrrp_script check_nginx_proxy {
script “/sh/check_nginx_proxy.sh”
interval 2
weight 5
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.254
}
track_script {
check_nginx_proxy
}
}
保存退出
重启服务:systemctl restart keepalived
---------------------------------------------------------------------------------------------------------------------------------
lb:192.168.1.10
web1: 192.168.1.20
mysql: 192.168.1.30
vim /etc/nginx/nginx.conf
插入数据到http字段上方:
stream {
upstream sshweb1 {
server 192.168.1.20:22;
}
upstream mysql {
server 192.168.1.30:3306;
}
server {
listen 5555;
proxy_pass sshweb1;
proxy_connect_timeout 30;
proxy_timeout 60;
}
server {
listen 7777;
proxy_pass mysql;
proxy_connect_timeout 30;
proxy_timeout 60;
}
}
保存退出
重启服务:systemctl restart nginx
xshell: ssh [email protected] 5555
linux: ssh [email protected] -p 5555
安装navicat,建立连接192.168.8.129,端口7777