今天是2017年的第一天,昨天也就是2016年的最后一天,我尝试部署了Centos7+Nginx+Keepalived实现WEB服务的高可用负载均衡服务,终于在2017年的第一天前完成了,所以在此分享给有需要的朋友;说到负载均衡,其实在linux下有很多服务可以实现,比如nginx、haproxy、lvs等服务,当前我们在前面的文章有介绍过了,但是对于高可用服务,我们在linux下最常见也是应用最多的是Keepalived,对于这些综合服务对于一个管理员来说是必须要会的,所以今天我们主要介绍的是Centos7+Nginx+Keepalived实现WEB(Apache)服务的高可用负载均衡。具体见下:
环境介绍:
Hostname:A-S
IP:192.168.5.21
Role:Apache Web Service
Hostname:B-S
IP:192.168.5.22
Role:Apache Web Service
Hostname:BB-S
IP:192.168.5.53
Role:Nginx+Keepalived
Hostname:BB-S
IP:192.168.5.54
Role:Nginx+Keepalived
Virtual IP:192.168.5.88
我们需要首先安装两台Apache Web服务
因为我们准备使用yum安装服务,所以需要定义阿里云仓库
|
1
2
3
4
5
|
cd
/etc/yum
.repo
vim epel.repo
添加以下内容
[epel] name=aliyun epel baseurl=http:
//mirrors
.aliyun.com
/epel/7Server/x86_64/
gpgcheck=0
|
首先在192.168.5.21上安装apache
|
1
|
yum isntall -y httpd
|
然后定义显示页面
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
vim
/var/www/html/index
.html
<
/html
>
<!DOCTYPE html>
<html>
<
head
>
<title>Welcome to Apache<
/title
>
<style>
body {
35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
<
/style
>
<style
type
=
"text/css"
>
h1{color:red}
h2{color:blue}
h3{color:green}
h4{color:yellow}
}
<
/style
>
<
/head
><body bgcolor=
'#46A3FF'
>
<h1>Welcome to A-S Apache<
/h1
>
<h2>HostName:A-S<
/h2
>
<h3>IP:192.168.5.21<
/h3
>
<h4>Service:Apache<
/h4
>
<input
type
=button value=
"Refresh"
onclick=
"window.location.href('http://192.168.5.21')"
>
<
/body
>
<
/html
>
|
|
1
|
Systemctl start httpd
|
然后添加默认的防火墙端口8o
|
1
|
Firewall-cmd --zone=public --add-port=
'80/tcp'
--permanent
|
|
1
2
3
|
或者vim
/etc/firewalld/zone/public
.xml
添加一下格式
<port portocal=
'tcp'
port=
'80'
>
|
我们测试访问
我们按照同上的方法在第二台服务器上进行配置,安装跳过
第二台主机的配置:192.168.5.22 主机名 B-S
安装好httpd后,我们将a-s上的index拷贝到b-s服务器上
|
1
|
scp
index.html root@192.168.5.22:
/var/www/html/
|
然后修改index.html文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
<
/html
>
<!DOCTYPE html>
<html>
<
head
>
<title>Welcome to Apache<
/title
>
<style>
body {
35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
<
/style
>
<style
type
=
"text/css"
>
h1{color:red}
h2{color:blue}
h3{color:green}
h4{color:yellow}
}
<
/style
>
<
/head
><body bgcolor=
'#CA8EFF'
>
<h1>Welcome to B-S Apache<
/h1
>
<h2>HostName:B-S<
/h2
>
<h3>IP:192.168.5.22<
/h3
>
<h4>Service:Apache<
/h4
>
<input
type
=button value=
"Refresh"
onclick=
"window.location.href('http://192.168.5.22')"
>
<
/body
>
<
/html
>
|
测试访问
接下来我们开始准备在两台前端服务器192.168.5.53、192.168.5.54上安装nginx和keepalived;我们将keepalived和nginx安装在同一台机器上
我们首先在主备服务器上安装nginx
我们首先要定于安装源, 才可以使用yum安装,我们在主备服务器上都配置
|
1
2
3
4
5
|
cd
/etc/yum
.repo
vim epel.repo
添加以下内容
[epel] name=aliyun epel baseurl=http:
//mirrors
.aliyun.com
/epel/7Server/x86_64/
gpgcheck=0
|
定义好后,我们将定义的安装源给另外一台备服务器也拷贝一份
|
1
|
scp
/etc/yum
.repo
/epel
.repo root@192.168.5.54
/etc/yum
.repo/
|
指定源后,我们就可以开始安装nginx了,首先在主服务器上
|
1
|
yum
install
-y nginx
|
安装后,我们首先查看默认的nginx配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
vim
/etc/nginx/nginx
.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log
/var/log/nginx/error
.log;
pid
/run/nginx
.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include
/usr/share/nginx/modules/
*.conf;
events {
worker_connections 1024;
}
http {
log_format main
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
;
access_log
/var/log/nginx/access
.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include
/etc/nginx/mime
.types;
default_type application
/octet-stream
;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include
/etc/nginx/conf
.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root
/usr/share/nginx/html
;
# Load configuration files for the default server block.
include
/etc/nginx/default
.d/*.conf;
location / {
}
error_page 404
/404
.html;
location =
/40x
.html {
}
error_page 500 502 503 504
/50x
.html;
location =
/50x
.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
|
默认配置我们备份一份
|
1
|
cp
/etc/nginx/nginx
.conf
/etc/nginx/nginx
.conf.bak
|
接下来我们要配置nginx实现后端服务器的web的负载均衡;
在此我们使用的是nginx负载均衡的默认方式-轮询
我们需要在http区域里面添加负载配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
upstream real_server_pool {
#ip_hash;
server 192.168.5.21:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.5.22:80 weight=1 max_fails=2 fail_timeout=30s;
}
# 添加一组真实的服务器地址池
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用
server {
listen 192.168.5.53:80;
# 监听ip改为本地ip
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
#root html;
#index index.html index.htm;
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_pass http:
//real_server_pool
;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
|
添加后的
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log
/var/log/nginx/error
.log;
pid
/run/nginx
.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include
/usr/share/nginx/modules/
*.conf;
events {
worker_connections 1024;
}
http {
log_format main
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
;
access_log
/var/log/nginx/access
.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include
/etc/nginx/mime
.types;
default_type application
/octet-stream
;
upstream real_server_pool {
#ip_hash;
server 192.168.5.21:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.5.22:80 weight=1 max_fails=2 fail_timeout=30s;
}
# 添加一组真实的服务器地址池
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include
/etc/nginx/conf
.d/*.conf;
server {
# listen 80 default_server;
# listen [::]:80 default_server;
|