使用nginx和keepalived实现服务器的负载均衡和高可用
实验目的:
1,使用nginx的upstream实现服务器的负载均衡
2,使用keepalived实现服务器的高可用
3,另外也包括mysql的安装和NFS的部署
备注:本实验仅测试负载均衡和高可用的可用性,暂不过多介绍数据库和web服务器搭建(仅搭建nignx服务用于测试)
规划:
| 主机名 | IP地址 | 角色 |
|---|---|---|
| master | 192.168.100.130 | Nginx,Keepalived |
| backup | 192.168.100.131 | Nginx,Keepalived,MySQL,NFS |
| web1 | 192.168.100.132 | Nginx+PHP-FPM |
| web2 | 192.168.100.135 | Nginx+PHP-FPM |
| – | 192.168.100.88 | VIP |
准备工作(每台机器都需要操作):
0.1 修改主机名
hostnamectl set-hostname xxx //xxx为你的主机名,例如master
0.2 关闭和禁用防火墙
systemctl stop firewalld
systemctl disable firewalld
0.3 禁用selinux
vi /etc/selinux/config
更改内容为:SELINUX=disabled
操作流程:搭建数据库服务器->部署NFS->web服务器->负载均衡->高可用
具体操作:
1,在backup上安装mysql数据库
1.1 mysql下载地址:https://dev.mysql.com/downloads/repo/yum/
1.2 安装mysql
rpm -ivh https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm
yum repolist all|grep mysql
使用yum-config-manager启用mysql5.7 禁用mysql8.0
yum-config-manager --enable mysql57-community
yum-config-manager --disable mysql80-community
如果提示yum-config-manager命令未安装,则先进行安装
yum -y install yum-utils
yum install mysql-community-server
安装完毕启动mysql并查看状态
systemctl start mysqld
systemctl status mysqld
1.3 查看mysql的临时密码
grep 'temporary password' /var/log/mysqld.log
得到密码 QD>BqongM7Fe
1.4 使用临时密码登录数据库并修改密码
mysql -uroot -p
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass8!';
1.5 退出mysql,用新密码登陆确认
1.6 更新mysql配置文件,在symbolic-links=0下面增加以下内容:
user = mysql
port = 3306
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
bind-address = 0.0.0.0
pid-file = /var/run/mysqld/mysqld.pid
character-set-server = utf8
collation-server = utf8_general_ci
log-error = /var/log/mysqld.log
max_connections = 10240
open_files_limit = 65535
innodb_buffer_pool_size = 3G
innodb_flush_log_at_trx_commit = 2
innodb_log_file_size = 256M
innodb_flush_method = O_DIRECT
interactive_timeout = 1800
wait_timeout = 1800
slave-parallel-type = LOGICAL_CLOCK
slave-parallel-workers = 8
master-info-repository = TABLE
relay-log-info-repository = TABLE
1.7 重启mysql
systemctl restart mysqld
systemctl status mysqld
状态正常,mysql安装配置完成。
2,部署NFS
2.1 在backup上安装NFS
yum install nfs-utils -y
systemctl start nfs
systemctl status nfs
2.2 配置NFS
vi /etc/exports
/data/nfs 192.168.100.0/24(rw,no_root_squash) //添加内容
systemctl restart nfs
2.3 在master节点重复2.1和2.2步骤来部署NFS
2.4 测试,在master节点mount
mount -t nfs 192.168.100.131:/data/nfs/wordpress /mnt/
在master的mnt目录创建一个文件
到backup上的指定目录里可以看到,nfs完成
3,web服务器搭建,即在web1 搭建nginx和php
3.1 下载nginx安装包
wget http://nginx.org/download/nginx-1.15.3.tar.gz
3.2 安装依赖
yum install gcc pcre-devel openssl-devel -y
3.3 添加用户
useradd -M -s /sbin/nologin nginx
3.4 解压并编译
tar zxvf nginx-1.15.3.tar.gz
cd nginx-1.15.3
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream=dynamic
3.5 安装
make && make install
3.6 在web1上部署和配置PHP
下载安装包
wget http://docs.php.net/distributions/php-5.6.38.tar.gz
安装依赖
yum install gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel -y
解压并编译
tar zxvf php-5.6.38.tar.gz
cd php-5.6.38
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysql --with-mysqli --with-openssl --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir --with-iconv --enable-fpm --enable-zip --enable-mbstring
安装
make -j 8 && make install
配置
cp php.ini-production /usr/local/php/etc/php.ini
cd /usr/local/php/etc/
vi php.ini
date.timezone = Asia/Shanghai //修改内容
配置php-fpm
cp php-fpm.conf.default php-fpm.conf
vi php-fpm.conf
将原有的user、group=nobody 改为nginx
cd /root/php-5.6.38
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
vi /usr/lib/systemd/system/php-fpm.service
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target
[Service]
Type=simple
PIDFile=/usr/local/php/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl start php-fpm
systemctl enable php-fpm
配置Nginx与PHP-FPM
vi /usr/local/nginx/conf/nginx.conf
user nginx;
worker_processes 4;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
include vhost/*.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
cd /usr/local/nginx/conf
mkdir vhost
vi wordpress.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html/wordpress;
index index.php index.html index.htm;
}
location ~ \.php$ {
root html/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
启动nginx
/usr/local/nginx/sbin/nginx
3.7 同样在web2上部署nginx
4,负载均衡器
4.1 在master上部署nginx (过程略,具体参照上述步骤)
4.2 配置负载均衡
vi /usr/local/nginx/conf/nginx.conf
user nginx; //之前创建账号
worker_processes 4; //是虚拟机配置的2倍
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream wordpress { //使用upstream做LB
ip_hash;
server 192.168.100.132:80;
server 192.168.100.135:80;
}
server {
listen 80;
server_name wordpress.ctnrs.com;
location / {
proxy_pass http://wordpress;
}
access_log logs/wordpress.access.log main;
}
upstream solo {
ip_hash;
server 192.168.100.132:8080;
server 192.168.100.135:8080;
}
server {
listen 80;
server_name solo.ctnrs.com;
location / {
proxy_pass http://solo;
}
access_log logs/solo.access.log main;
}
}
启动nginx
/usr/local/nginx/sbin/nginx
5,配置高可用
5.1 master节点安装keepalived
yum install keepalived -y
5.2 配置keepalived
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
[email protected]
[email protected]
[email protected]
}
# 邮件发送地址
notification_email_from [email protected]
# 本地邮件服务器发邮件
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/usr/local/nginx/sbin/check_nginx.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
nopreempt
virtual_router_id 51 # VRRP路由ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置90
advert_int 1 # 指定VRRP心跳包通告间隔时间,默认1秒
# VRRP验证块
authentication {
auth_type PASS
auth_pass 1111
}
# VIP定义块
virtual_ipaddress {
192.168.100.88/24
}
track_script {
check_nginx
}
}
启动keepalived
systemctl start keepalived
Nginx状态检查脚本:
vi /usr/local/nginx/sbin/check_nginx.sh
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ]; then
exit 1
#systemctl stop keepalived
fi
赋予脚本执行权限
chmod +x /usr/local/nginx/sbin/check_nginx.sh
执行脚本
bash /usr/local/nginx/sbin/check_nginx.sh
5.3 同样在backup上安装和配置keepalived,具体配置内容如下:
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
[email protected]
[email protected]
[email protected]
}
# 邮件发送地址
notification_email_from [email protected]
# 本地邮件服务器发邮件
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/usr/local/nginx/sbin/check_nginx.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51 # VRRP路由ID实例,每个实例是唯一的
priority 90 # 优先级,备服务器设置90
advert_int 1 # 指定VRRP心跳包通告间隔时间,默认1秒
# VRRP验证块
authentication {
auth_type PASS
auth_pass 1111
}
# VIP定义块
virtual_ipaddress {
192.168.100.88/24
}
track_script {
check_nginx
}
}
启动keepalived
systemctl start keepalived
执行脚本与master节点一致,至此负载均衡和高可用部署完成。
可以通过以下方式进行测试:
1、停止Nginx服务查看VIP是否偏移成功
2、访问VIP网站测试是否正常均衡到Web服务器