实验简介
本文主要介绍双主模型的nginx proxy高可用集群的搭建方式。
实验环境:
- 使用nfs/ftp服务器,nfs提供页面数据共享,ftp提供程序下载
- 使用单独的mariadb服务器提供关系型数据库
- 使用两台httpd服务器提供页面服务,包括静态的html和动态的php(phpmyadmin、wordpress、phpinfo)
- 使用两台nginx作为两台httpd的负载均衡器
- 对两台nginx配置keepalived保证集群的高可用
拓扑图
配置
nfs/ftp 192.168.45.201
#修改主机名
hostnamectl set-hostname nfs.easy.com
#同步时间
yum install -y ntp
ntpdate
#搭建nfs
yum install -y nfs-utils
mkdir /data/html -pv
vim /etc/exports
/data/html 192.168.45.0/24(rw)
systemctl start nfs
showmount -e
#搭建ftp
yum install -y vsftpd
yum install -y lrzsz
cd /var/ftp/pub
rz
上传phpMyAdmin-4.0.10.20-all-languages.zip
上传wordpress-4.7.4-zh_CN.tar.gz
mariadb 192.168.45.202
#修改主机名
hostnamectl set-hostname mydb.easy.com
#同步时间
yum install -y ntp
ntpdate
#搭建mariadb
yum install -y mariadb-server
vim /etc/my.cnf.d/server.cnf
[mysqld]
skip_name_resolve=1
log-bin=mysql-bin
innodb_file_per_table = 1
systemctl start mariadb.service
#简单配置mariadb
mysql_secure_installation
mysql -uroot -peasy
GRANT ALL ON *.* TO 'root'@'192.168.45.%' IDENTIFIED BY 'easy';
CREATE DATABASE wordpress;
SELECT * FROM mysql.user \G ;
SHOW DATABASES;
web1 192.168.45.11
#修改主机名
hostnamectl set-hostname web1.easy.com
#同步时间
yum install -y ntp
ntpdate
yum install -y httpd php php-mysql php-mcrypt php-mbstring
#挂载nfs
yum install -y nfs-utils
mkdir /data/html -pv
mount 192.168.45.201:/data/html /var/www/html
#创建phpMyAdmin wordpress
yum install -y wget
wget ftp://192.168.45.201/pub/phpMyAdmin-4.0.10.20-all-languages.zip
wget ftp://192.168.45.201/pub/wordpress-4.7.4-zh_CN.tar.gz
tar xf wordpress-4.7.4-zh_CN.tar.gz
yum install -y unzip
unzip phpMyAdmin-4.0.10.20-all-languages.zip
mv /root/wordpress /var/www/html/wordpress-4.7.4
mv /root/phpMyAdmin-4.0.10.20-all-languages /var/www/html
cd /var/www/html
ln -sv phpMyAdmin-4.0.10.20-all-languages pma
ln -sv wordpress-4.7.4 wp
ls /var/www/html
#创建主页
vim /var/www/html/index.php
<h1>This is index pages</h1>
<?php
phpinfo();
?>
#创建负载均衡测试页
mkdir /var/www/lbtest
echo "web server1">> /var/www/lbtest/test.html
cat /var/www/lbtest/test.html
#配置httpd虚拟主机
vim /etc/httpd/conf.d/vhost.conf
listen 8080
<VirtualHost 192.168.45.11:80>
DocumentRoot /var/www/html
Servername www.easy.com
<Directory '/var/www/html'>
Options FollowsymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.45.11:8080>
DocumentRoot /var/www/lbtest
<Directory '/var/www/lbtest'>
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
systemctl start httpd
#配置php-mysql
vim /etc/php.ini
mysqli.default_host = 192.168.45.202
mysqli.default_user = root
mysqli.default_pw = easy
systemctl restart httpd
#配置phpMyAdmin
cd /var/www/html/pma
cp config.sample.inc.php config.inc.php
vim config.inc.php
$cfg['blowfish_secret'] = 'a8baskdljalskd7c6d';
$cfg['Servers'][$i]['host'] = '192.168.45.202';
#配置wordpress
cd /var/www/html/wp
cp wp-config-sample.php wp-config.php
vim wp-config.php
define('DB_NAME', 'wordpress');
define('DB_USER', 'root');
define('DB_PASSWORD', 'easy');
define('DB_HOST', '192.168.45.202');
web2 192.168.45.12
#修改主机名
hostnamectl set-hostname web2.easy.com
#同步时间
yum install -y ntp
ntpdate
yum install -y httpd php php-mysql php-mcrypt php-mbstring
#挂载nfs
yum install -y nfs-utils
mkdir /data/html -pv
mount 192.168.45.201:/data/html /var/www/html
#创建负载均衡测试页
mkdir /var/www/lbtest
echo "web server2">> /var/www/lbtest/test.html
cat /var/www/lbtest/test.html
#配置httpd虚拟主机
vim /etc/httpd/conf.d/vhost.conf
listen 8080
<VirtualHost 192.168.45.12:80>
DocumentRoot /var/www/html
Servername www.easy.com
<Directory '/var/www/html'>
Options FollowsymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.45.12:8080>
DocumentRoot /var/www/lbtest
<Directory '/var/www/lbtest'>
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
systemctl start httpd
#配置php-mysql
vim /etc/php.ini
mysqli.default_host = 192.168.45.202
mysqli.default_user = root
mysqli.default_pw = easy
systemctl restart httpd
nginx1 192.168.45.201
#修改主机名
hostnamectl set-hostname nginx1.easy.com
#同步时间
yum install -y ntp
ntpdate
yum install -y psmisc #killall指令安装
#配置nginx负载均衡
yum install -y nginx
vim /etc/nginx/nginx.conf
http {
upstream backend {
server 192.168.45.11:80;
server 192.168.45.12:80;
}
upstream lbtest {
server 192.168.45.11:8080;
server 192.168.45.12:8080;
}
server{
location / {
proxy_pass http://backend;
}
location ~* 'test.html$' {
proxy_pass http://lbtest;
}
}
}
systemctl start nginx
#配置keepalived
yum install -y keepalived
mv /etc/keepalived/keepalived.conf{,.bak}
vim /etc/keepalived/keepalived.conf
!Configuration File for keepalived
global_defs {
notification_email {
root@localhost;
}
notification_email_from keepadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
route_id nginx1
vrrp_mcast_group4 224.51.151.251
}
vrrp_instance VI_1{
state MASTER
priority 100
interface ens37
advert_int 1
authentication {
auth_type PASS
auth_pass SWF5FW2DF
}
virtual_ipaddress {
172.16.51.1/16 dev ens37 label ens37:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_bachup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2{
state BACKUP
interface ens37
virtual_router_id 52
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass 7D2SS5DF
}
virtual_ipaddress {
172.16.51.2/16 dev ens37 label ens37:1
}
track_script {
chk_down
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_bachup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
#配置通知脚本
vim /etc/keepalived/notify.sh
#!/bin/bash
#
contact='root@localhost'
notify(){
local mailsubject="$(hostname) to be $1 ,vip floating"
local mailbody="$(date +'%F $T'):vrrp transition,$(hostname) changed to be $1"
echo "$mailbody" |mail -s "$mailsubject" $contact
}
case $1 in
master)
systemctl start nginx.service
notify master
;;
backup)
systemctl start nginx.service
notify backup
;;
fault)
systemctl stop nginx.service
notify fault
;;
*)
echo "ERROR"
exit 1
;;
esac
nginx2 192.168.45.202
#修改主机名
hostnamectl set-hostname nginx2.easy.com
#同步时间
yum install -y ntp
ntpdate
yum install -y psmisc #killall指令安装
#配置nginx负载均衡
yum install -y nginx
mv /etc/nginx/nginx.conf{,.bak}
接受nginx1传送配置后
systemctl start nginx
#配置keepalived
yum install -y keepalived
mv /etc/keepalived/keepalived.conf{,.bak}
vim /etc/keepalived/keepalived.conf
!Configuration File for keepalived
global_defs {
notification_email {
root@localhost;
}
notification_email_from keepadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
route_id nginx2
vrrp_mcast_group4 224.51.151.251
}
vrrp_script chk_down{
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0 "
interval 1
weight -5
fall 1
rise 1
}
vrrp_script chk_nginx{
script "killall -0 nginx && exit 0 || exit 1"
interval 1
weight -5
fall 2
rise 2
}
vrrp_instance VI_1{
state BACKUP
interface ens37
virtual_router_id 51
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass SWF5FW2DF
}
virtual_ipaddress {
172.16.51.1/16 dev ens37 label ens37:0
}
track_script {
chk_down
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_bachup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2{
state MASTER
interface ens37
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 7D2SS5DF
}
virtual_ipaddress {
172.16.51.2/16 dev ens37 label ens37:1
}
track_script {
chk_down
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_bachup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
#配置通知脚本
vim /etc/keepalived/notify.sh
#!/bin/bash
#
contact='root@localhost'
notify(){
local mailsubject="$(hostname) to be $1 ,vip floating"
local mailbody="$(date +'%F $T'):vrrp transition,$(hostname) changed to be $1"
echo "$mailbody" |mail -s "$mailsubject" $contact
}
case $1 in
master)
systemctl start nginx.service
notify master
;;
backup)
systemctl start nginx.service
notify backup
;;
fault)
systemctl stop nginx.service
notify fault
;;
*)
echo "ERROR"
exit 1
;;
esac
实验总结
BUG
- 该环境配置完成后出现BUG,chk_nginx脚本并不会真正的检测nginx,来对keepalived权重进行调整
待完善
- 该实验环境只是实现基本功能,部分配置存在安全隐患
- 该环境单点状况过多,需要提升页面资源的nfs服务器和关系型数据库mariadb服务器的高可用性
- httpd服务器没有实现动静分离
- httpd服务器负载均衡不能保持会话,需要增加session服务器
- 增加cache服务器可以大幅度提高浏览速度
原创文章,作者:easyTang,如若转载,请注明出处:http://www.178linux.com/78553
