搭建Nginx 负载均衡


一、安装如下环境
yum -y install make gcc gcc-c++ gcc-g77 flex bison file libtool libtool-libs autoconf kernel-devel libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glib2 glib2-devel bzip2 bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel gettext gettext-devel ncurses-devel gmp-devel pspell-devel unzip libcap lsof
编译pcre的包
tar zxf pcre-8.31.tar.gz
cd pcre-8.31
./configure
make && make install
useradd -s /sbin/nologno -g nginx -M nginx
tar zxf nginx-1.10.2.tar.gz
cd nginx-1.10.2
./configure –prefix=/usr/local/nginx –sbin-path=/usr/local/nginx/bin/nginx –conf-path=/usr/local/nginx/conf/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx/nginx.pid  –lock-path=/var/lock/nginx.lock –user=nginx –group=nginx –with-http_ssl_module –with-http_flv_module –with-http_stub_status_module –with-http_gzip_static_module –http-client-body-temp-path=/var/tmp/nginx/client/ –http-proxy-temp-path=/var/tmp/nginx/proxy/ –http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ –http-uwsgi-temp-path=/var/tmp/nginx/uwsgi –http-scgi-temp-path=/var/tmp/nginx/scgi –with-pcre
make
make install
/usr/local/nginx/bin/nginx –t
./nginx: error while loading shared libraries: libpcre.so.1: cannot open shared object file: No such file or directory 解决prce的问题 #find / -name libpcre.so*
/usr/local/lib/libpcre.so.1.0.1
/usr/local/lib/libpcre.so
/usr/local/lib/libpcre.so.1
/lib64/libpcre.so.0.0.1
/lib64/libpcre.so.0
出现了这么多结果。我们安装的PCRE库的位置在/usr/local/pcre中,我们就用这个位置
vim /etc/ld.so.conf
在尾行加入/usr/local/bin
root@mail2 bin]# ldconfig
#/usr/local/nginx/bin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
 
 
这就正常了
启动nginx
/usr/local/nginx/bin/nginx
vim /usr/local/nginx/conf/nginx.conf
在最后面的大括号前面添加一行
include  /usr/local/nginx/conf.d/*.conf;
建立这个目录
mkdir /usr/local/nginx/conf.d
vim /usr/local/nginx/conf.d/lkq.conf
upstream backend
{
server 192.168.236.150:80  weight=1;
server 192.168.236.151:80  weight=2;
#ip_hash;
}
server
{
listen      80;
server_name  www.lkq.com;
location ~ ^/*
{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_pass http://backend;
}
}


haproxy+nginx实现高可用负载均衡

Keepalived 的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除, 

当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的 web服务器。

HAProxy 提供高可用性、负载均衡以及基于 TCP 和 HTTP 应用的代理,支持虚拟主机,它是免费、快速并且可靠的一种解决方案。

HAProxy 特别适用于那些负载特大的 web 站点, 这些站点通常又需要会话保持或七层处理。HAProxy 运行在当前的硬件上,完全可以支持数以万计的并发连接。

并且它的运行模式使得它可以很简单安全的整 合进您当前的架构中, 同时可以保护你的 web 服务器不被暴露到网络上。

系统环境: CenOS 6.5x86_64 Desktop install 将selinux and iptables 设置为disabled


为基本的架构图:

15bd129d2a31d1e6e2543d68723e0282.png

IP地址分配。

主要用途

IP

Haproxy+keepalived_master

192.168.236.143

Haproxy+keepalived_backup

192.168.236.192

Webser1

192.168.236.150

Webser2

192.168.236.151



一:安装过程,在两台HA机器上分别keepalived:

#ln -s /usr/src/kernels/2.6.18-128.el5-i686/ /usr/src/linux http://www.keepalived.org/software/ keepalived 的下载地址。版本的话自己可以选择一下版本。楼主选择的版本是1.2.23的版本 [root@mail2 keepalived-1.2.23]# ./configure –sysconf=/etc [root@mail2 keepalived-1.2.23]# make && make install [root@mail2 keepalived-1.2.23]# ln –s /usr/local/sbin/keepalived /sbin [root@mail2keepalived-1.2.23]#cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@mail4keepalived-1.2.23]# ln -s /etc/init.d/keepalived /etc/rc.d/rc3.d/S99keepalived [root@mail4keepalived-1.2.23]# ln -s /etc/init.d/keepalived /etc/rc.d/rc5.d/S99keepalived

二、修改配置文件

Director server 1 的配置文件

[root@Lserver-1 keepalived]# cat keepalived.conf

Master :

! Configuration File for keepalived vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh"   ######设置了一个keepalived一个脚本 interval 2 weight 2 global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER           ###keepalived 的主 interface eth0 virtual_router_id 51  priority 150       #####keepalived 一个ID 号 备的ID一定要小于主的ID advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_http_port } virtual_ipaddress { 192.168.236.230       ######一个VIP地址 } } }

BACKUP:

! Configuration File for keepalived vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh"      #####一个keepalived的脚本同主一样 interval 2 weight 2 global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP       ####为keepalived 的backup 备节点 interface eth0 virtual_router_id 51  priority 120       ####### keepalived 的一个ID号,一定要小于主节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_http_port } virtual_ipaddress { 192.168.236.230        ##同主 } } }

三、Master 主机上:

####这里是一个控制haproxy的一个启动脚本 #vi /etc/keepalived/check_haproxy.sh      #!/bin/bash A=`ps -C haproxy --no-header | wc -l` if [ $A -eq 0 ];then /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg echo "haproxy start" sleep 3 if [ `ps -C haproxy --no-header | wc -l`-eq 0 ];then /etc/init.d/keepalived stop echo "keepalived stop" fi fi

Backup 备机上:

#!/bin/bash A=`ip a | grep 192.168.236.230 | wc -l` B=`ps -ef | grep haproxy | grep -v grep| awk '{print $2}'` if [ $A -gt 0 ];then /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg else kill -9 $B fi

#两台机器分别执行:chmod 755 /etc/keepalived/check_haproxy.sh

四、haproxy的安装(主备都一样):

yum -y install pcre pcre-devel wget https://fossies.org/linux/misc/haproxy-1.7.5.tar.gz tar xf haproxy-1.7.5.tar.gz cd haproxy-1.7.5 make TARGET=linux26 ARCH=x86_64 PREFIX=/usr/local/haproxy USE_PCRE=1 make install PREFIX=/usr/local/haproxy #cd/usr/local/haproxy/ #mkdir conf #mkdir logs



#vi haproxy.cfg

global         log 127.0.0.1   local0         log 127.0.0.1   local1 notice         #log loghost    local0 info         maxconn 4096 #       chroot /usr/share/haproxy         chroot  /usr/local/haproxy         uid 99         gid 99         daemon         #debug         #quiet defaults         log     global         mode    http         option  httplog         option  dontlognull         retries 3         #redispatch         maxconn 2000 option redispatch stats  uri    /haproxy stats auth  admin:admin frontend www bind *:80 acl web hdr(host) -i www.lkq.com         ####这里是通过域名访问的。如果域名为这个则通过。 use_backend webserver if web backend webserver             #webserver作用域     mode http     balance   roundrobin     option  httpchk /index.html     server s1 192.168.236.151:80 weight 3 check      ###这两条记录为后端的两台WEB服务器 server s2 192.168.236.150:80 weight 3 check

五、:先主后从,两台机器上都分别启动:

/etc/init.d/keepalivedstart (如果之前没有启动haproxy,这条命令会自动把haproxy启动)

[root@Rserver-1 conf]# ps -ef |grep haproxy nobody    14766      1  0 19:13 ?        00:00:01 /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg root      16034   8237  0 19:56 pts/2    00:00:00 grep haproxy  [root@Rserver-1 conf]# ps -ef |grep keepalived root      16016      1  0 19:56 ?        00:00:00 keepalived -D root      16018  16016  0 19:56 ?        00:00:00 keepalived -D root      16019  16016  0 19:56 ?        00:00:00 keepalived -D root      16102   8237  0 19:56 pts/2    00:00:00 grep keepalived [root@Rserver-1 conf]#

六、再两台HA上分别执行ip addr list |grep 192.168.23
master:

[root@Rserver-1 conf]# ip addr list |grep 192.168.236     inet 192.168.236.143/24 brd 192.168.236.255 scope global eth0     inet 192.168.236.230/32 scope global eth0 [root@Rserver-1 conf]#

Backup:

[root@Lserver-1 keepalived]# ip addr list |grep 192.168.236     inet 192.168.236.192/24 brd 192.168.236.255 scope global eth0 [root@Lserver-1 keepalived]#

七、停掉主上的haproxy,3秒后keepalived会自动将其再次启动

[root@Rserver-1 conf]# killall haproxy [root@Rserver-1 conf]# ps -ef |grep haproxy nobody    14766      1  0 19:13 ?        00:00:02 /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg root      16826   8237  0 20:01 pts/2    00:00:00 grep haproxy

八、停掉主的keepalived,备机马上接管服务

Master:

[root@Rserver-1 conf]# /etc/init.d/keepalived stop [root@Rserver-1 conf]# ip addr list|grep  192.168.236     inet 192.168.236.143/24 brd 192.168.236.255 scope global eth0 [root@Rserver-1 conf]#

Backup:

[root@Lserver-1 keepalived]# ip addr list|grep  192.168.236     inet 192.168.236.192/24 brd 192.168.236.255 scope global eth0     inet 192.168.236.230/32 scope global eth0 [root@Lserver-1 keepalived]#