Nginx+Keepalived 实现反代 负载均衡 高可用(HA)配置
Nginx+Keepalived实现反代负载均衡高可用(HA)配置Nginx+Keepalived实现反代负载均衡高可用配置
http://s3.运维网.com/wyfs02/M02/8B/DD/wKiom1hbLEOjAJVsAAC5O__M5-w782.png-wh_500x0-wm_3-wmp_4-s_4050696312.png
OS
IP
子网掩码
路由网关
Centos6.6
nginx
Keepalived
Eth0:192.168.26.210
255.255.252.0
192.168.25.3
VIP:192.168.27.210
Centos6.6
Nginx
Keepalived
Eth0:192.168.26.211
255.255.252.0
192.168.25.3
VIP:192.168.27.210
Centos6.6(WEB)
(nginx/apache)
Eth0:192.168.26.212
255.255.252.0
192.168.25.3
Centos6.6(WEB)
(nginx/apache)
Eth0:192.168.26.218
255.255.252.0
192.168.25.3
后端:192.168.26.212和192.168.26.218服务器配置安装这里略过。
192.168.26.210和192.168.26.211安装Keepalived 和Nginx:
Yum install nginx
http://s1.运维网.com/wyfs02/M02/8B/D9/wKioL1hbLF-zTafmAAAJQZpPNI8722.png-wh_500x0-wm_3-wmp_4-s_1926987431.png
编辑配置文件:vim /usr/local/nginx/conf/nginx.conf
#usernobody;
worker_processes1;
#error_loglogs/error.log;
#error_loglogs/error.lognotice;
#error_loglogs/error.loginfo;
#pid logs/nginx.pid;
events {
worker_connections1024;
}
http {
include mime.types;
default_typeapplication/octet-stream;
#log_formatmain'$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_loglogs/access.logmain;
sendfile on;
#tcp_nopush on;
#keepalive_timeout0;
keepalive_timeout65;
upstream nginx.jerry.com {
# ip_hash;
server 192.168.26.212:80;
server 192.168.26.218:80;
}
#gzipon;
server {
listen 80;
server_namenginx.jerry.com;
#charset koi8-r;
#access_loglogs/host.access.logmain;
location / {
root html;
indexindex.html index.htm;
proxy_pass http://nginx.jerry.com;
}
#error_page404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504/50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_indexindex.php;
# fastcgi_paramSCRIPT_FILENAME/scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# denyall;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_namesomenamealiasanother.alias;
# location / {
# root html;
# indexindex.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_namelocalhost;
# ssl_certificate cert.pem;
# ssl_certificate_keycert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout5m;
# ssl_ciphersHIGH:!aNULL:!MD5;
# ssl_prefer_server_cipherson;
# location / {
# root html;
# indexindex.html index.htm;
# }
#}
}
注意:192.168.26.211安装nginx配置完全相同这里略过。
192.168.26.210安装keepalived。
yum install -y keepalived
http://s5.运维网.com/wyfs02/M01/8B/D9/wKioL1hbLMyjU1CZAAAJpOpeFTk204.png-wh_500x0-wm_3-wmp_4-s_2335150750.png
安装成功后编辑配置文件:vim /etc/keepalived/keepalived.conf
http://s5.运维网.com/wyfs02/M02/8B/DD/wKiom1hbLNXAqPnQAAAeIjhhAfs066.png-wh_500x0-wm_3-wmp_4-s_3792636010.png
Keepalived配置文件:keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
jwenshan@hysec.com
jwenshan@gmail.com
}
notification_email_from jwenshan@163.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx
}
vrrp_script Monitor_Nginx {
script "/etc/keepalived/chk_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
Monitor_Nginx
}
virtual_ipaddress {
192.168.27.210
}
}
Nginx状态检测脚本:vim /etc/keepalived/chk_nginx.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
echo 'nginx server is died'
/etc/init.d/keepalived stop
fi
192.168.26.211keepalived配置文件基本相同:
! Configuration File for keepalived
global_defs {
notification_email {
jwenshan@hysec.com
jwenshan@gmail.com
}
notification_email_from jwenshan@163.com
smtp_server smtp.hysec.com
smtp_connect_timeout 30
router_id nginx
}
vrrp_script Monitor_Nginx {
script "/etc/keepalived/chk_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
Monitor_Nginx
}
virtual_ipaddress {
192.168.27.210
}
}
Nginx状态检测脚本:vim /etc/keepalived/chk_nginx.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
echo 'nginx server is died'
/etc/init.d/keepalived stop
fi
安装完成后启动NGINX和keepalived服务。
通过vip:192.168.27.210访问网站:
http://192.168.27.210
http://s2.运维网.com/wyfs02/M02/8B/D9/wKioL1hbLO3jJ5K3AACEzj4hvtg583.png-wh_500x0-wm_3-wmp_4-s_3241173391.png
http://s4.运维网.com/wyfs02/M00/8B/DD/wKiom1hbLQfDuHW4AACF0uk1rpw668.png-wh_500x0-wm_3-wmp_4-s_152037095.png
访问成功实现了RR负载均衡。
测试通过域名访问网站:http://nginx.jerry.com
http://s1.运维网.com/wyfs02/M00/8B/D9/wKioL1hbLS2Q-jNwAACebisR8-w919.png-wh_500x0-wm_3-wmp_4-s_2017002378.png
http://s1.运维网.com/wyfs02/M00/8B/D9/wKioL1hbLTexep0wAAChlBLlGU4347.png-wh_500x0-wm_3-wmp_4-s_3971376625.png
同样实现了RR负载均衡。
再把192.168.26.210上的NGINX关闭,测试能否实现vip转移(ha)
http://s4.运维网.com/wyfs02/M01/8B/D9/wKioL1hbLVqSUkSsAAFGt3hRsI8436.png-wh_500x0-wm_3-wmp_4-s_3011092638.png
http://s2.运维网.com/wyfs02/M02/8B/D9/wKioL1hbLWyRuT2VAABcQzfQLlA112.png-wh_500x0-wm_3-wmp_4-s_3689679726.png
http://s1.运维网.com/wyfs02/M00/8B/DD/wKiom1hbLYTQFFf5AAJPd5KQeJ8359.png-wh_500x0-wm_3-wmp_4-s_3681215135.png
仍然可以访问:
http://s3.运维网.com/wyfs02/M01/8B/D9/wKioL1hbLZyTsFfJAADfK8shVUI840.png-wh_500x0-wm_3-wmp_4-s_3720604428.png
http://s4.运维网.com/wyfs02/M00/8B/D9/wKioL1hbLaXg5hVcAACWNB-eZy8033.png-wh_500x0-wm_3-wmp_4-s_1268952330.png
测试成功
基于ip_hash访问效果(配置前端NGINX参数)http://s3.运维网.com/wyfs02/M02/8B/DD/wKiom1hbLbKR1l89AAGM9zTrZQ8346.png-wh_500x0-wm_3-wmp_4-s_2277524633.png
页:
[1]