项目:构建高可用、负载均衡的高效Web服务器

hotslow2024-09-15 9:14

一、项目需求

实现高可用,防止单点故障,实现负载均衡

负载均衡:将流量分摊给一个或多个后端服务器,提高公司业务的可用性、方便业务后期的水平动态扩展。

二、项目描述

本项目旨在构建一个集高可用性、负载均衡、高效Web服务及缓存技术于一体的综合解决方案, 以显著提升Web应用的可靠性、性能和响应速度。通过精细规划和实施,我们成功搭建了一个能够应对高并 发访问、确保业务连续性的Web应用架构。

三、设备要求

准备四台主机

1.准备两台主机实现keepalived+haproxy

第一台主机:

第二台主机:

2.准备两台主机作为后端服务器(realserver)

第一台主机:

第二台主机:

四、搭建

4.1 基础设置

注:四台主机都需同样的操作,也可以准备好一台主机,再克隆,修改IP,hostname即可

1.配置网络

ka1:

bash 复制代码 
[root@localhost ~]# nmcli connection modify ens160 ipv4.addresses 172.25.254.30/24
[root@localhost ~]# nmcli connection modify ens160 ipv4.gateway 172.25.254.2
[root@localhost ~]# nmcli connection modify ens160 ipv4.dns 114.114.114.114
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual 
[root@localhost ~]# nmcli connection modify ens160 connection.autoconnect yes
[root@localhost ~]# nmcli connection up ens160 
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12)

ka2:

bash 复制代码 
[root@localhost ~]# vim /etc/NetworkManager/system-connections/ens160.nmconnection 
connection]
id=ens160
type=ethernet
interface-name=ens160

[ethernet]

[ipv4]
address1=172.25.254.40/24,172.25.254.2
dns=114.114.114.114;
method=manual

[ipv6]
addr-gen-mode=eui64
method=auto

[root@localhost ~]# nmcli connection reload 
[root@localhost ~]# nmcli connection up ens160

注意:分别使用两种方式更改IP

realserver1:172.25.254.101

realserver2:172.25.254.102

使用上面的方式修改IP

2.配置软件仓库

bash 复制代码 
[root@localhost ~]# mkdir /rhel9
[root@localhost ~]# echo /dev/sr0 /rhel9 >> /etc/rc.d/rc.local 
[root@localhost ~]# chmod +x /etc/rc.d/rc.local 
[root@localhost ~]# mount /dev/sr0 /rhel9
mount: /rhel9: WARNING: source write-protected, mounted read-only.

3.设置主机名和本地解析

bash 复制代码 
[root@ka1 ~]# hostnamectl set-hostname ka1.lm.org
[root@ka2 ~]# hostnamectl set-hostname ka2.lm.org

4.2 搭建高可用负载均衡集群

1.安装keepalived,haproxy

ka1,ka2主机都需此操作

bash 复制代码 
[root@ka1 ~]# hostnamectl set-hostname ka1
[root@ka1 ~]# dnf install -y keepalived
[root@ka1 ~]# dnf install -y haproxy
# 开机自启
[root@ka1 ~]# systemctl enable --now haproxy
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service.
[root@ka1 ~]# systemctl enable --now keepalived
Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/system/keepalived.service.

2.修改keepalived和haproxy配置文件

ka1

bash 复制代码 
[root@ka1 ~]# vim /etc/keepalived/keepalived.conf 
global_defs {
   notification_email {
        3041609716@qq.com
   }
   notification_email_from keepalived@lm.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.lm.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
vrrp_script check_haproxy {
    script "/etc/keepalived/scripts/haproxy.sh"
    interval 1
    weight -30
    fall 2
    rise 2
    timeout 2
}
vrrp_instance web1 {
    state MASTER
    interface ens160
    virtual_router_id 100
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100 dev ens160 label ens160:1
    }
    track_script {
        check_haproxy
    }
}
vrrp_instance web2 {
    state SLAVE
    interface ens160
    virtual_router_id 200
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.200 dev ens160 label ens160:2
    }

    track_script {
        check_haproxy
    }
}

[root@ka1 ~]# vim /etc/haproxy/haproxy.cfg 
listen webcluster1
    bind 172.25.254.100:80
    server web1 172.25.254.101:80 check
    server web2 172.25.254.102:80 check
listen webcluster2
    bind 172.25.254.200:80
    server web1 172.25.254.101:80 check
    server web2 172.25.254.102:80 check

ka2

bash 复制代码 
# 40
[root@ka2 ~]# vim /etc/keepalived/keepalived.conf 
global_defs {
   notification_email {
        3041609716@qq.com
   }
   notification_email_from keepalived@lm.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.lm.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
vrrp_script check_haproxy {
    script "/etc/keepalived/scripts/haproxy.sh"
    interval 1
    weight -30
    fall 2
    rise 2
    timeout 2
}
vrrp_instance web1 {
    state SLAVE
    interface ens160
    virtual_router_id 100
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev ens160 label ens160:1
    }
    track_script {
        check_haproxy
    }
}
vrrp_instance web2 {
    state MASTER
    interface ens160
    virtual_router_id 200
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.200 dev ens160 label ens160:2
    }
    track_script {
        check_haproxy
    }
}
[root@ka1 ~]# vim /etc/haproxy/haproxy.cfg 
listen webcluster1
    bind 172.25.254.100:80
    server web1 172.25.254.101:80 check
    server web2 172.25.254.102:80 check
listen webcluster2
    bind 172.25.254.200:80
    server web1 172.25.254.101:80 check
    server web2 172.25.254.102:80 check

3.修改内核参数

bash 复制代码 
[root@ka1 ~]# vim /etc/sysctl.conf 
net.ipv4.ip_nonlocal_bind = 1
[root@ka1 ~]# sysctl -p
[root@ka2 ~]# vim /etc/sysctl.conf 
net.ipv4.ip_nonlocal_bind = 1
[root@ka2 ~]# sysctl -p
bash 复制代码 
[root@localhost ~]# hostnamectl set-hostname realserver1
[root@realserver1 ~]# dnf install -y nginx
[root@realserver1 ~]# systemctl enable --now nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
[root@realserver1 ~]# echo 172.25.254.101 > /usr/share/nginx/html/index.html
[root@realserver1 ~]# curl 172.25.254.101
172.25.254.101

4.3 后端服务器设置

realserver1,realserver2都是几乎相同的操作

bash 复制代码 
[root@localhost ~]# hostnamectl set-hostname realserver1
[root@realserver1 ~]# dnf install -y nginx
[root@realserver1 ~]# echo 172.25.254.101 > /usr/share/nginx/html/index.html
[root@realserver1 ~]# curl 172.25.254.101
172.25.254.101


[root@localhost ~]# hostnamectl set-hostname realserver2
[root@realserver2 ~]# dnf install -y nginx
[root@realserver2 ~]# echo 172.25.254.102 > /usr/share/nginx/html/index.html
[root@realserver2 ~]# curl 172.25.254.102
172.25.254.102

4.4 测试

bash 复制代码 
[root@ka1 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.30  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::20c:29ff:fef1:9875  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:f1:98:75  txqueuelen 1000  (Ethernet)
        RX packets 3109  bytes 211759 (206.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3775  bytes 227206 (221.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens160:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:f1:98:75  txqueuelen 1000  (Ethernet)
[root@ka1 ~]# curl 172.25.254.100
172.25.254.102
[root@ka1 ~]# curl 172.25.254.100
172.25.254.101
[root@ka1 ~]# curl 172.25.254.100
172.25.254.102
[root@ka1 ~]# curl 172.25.254.200
172.25.254.101
[root@ka1 ~]# curl 172.25.254.200
172.25.254.102
[root@ka1 ~]# curl 172.25.254.200
172.25.254.101
[root@ka1 ~]# curl 172.25.254.200
172.25.254.102
bash 复制代码 
[root@ka2 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.40  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::20c:29ff:fed5:289d  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:d5:28:9d  txqueuelen 1000  (Ethernet)
        RX packets 306952  bytes 22903523 (21.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 560789  bytes 37705879 (35.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens160:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.200  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:d5:28:9d  txqueuelen 1000  (Ethernet)
[root@ka2 ~]# curl 172.25.254.100
172.25.254.101
[root@ka2 ~]# curl 172.25.254.100
172.25.254.102
[root@ka2 ~]# curl 172.25.254.100
172.25.254.101
[root@ka2 ~]# curl 172.25.254.100
172.25.254.102
[root@ka2 ~]# curl 172.25.254.100
172.25.254.101
[root@ka2 ~]# curl 172.25.254.100
172.25.254.102
[root@ka2 ~]# curl 172.25.254.100
172.25.254.101
[root@ka2 ~]# curl 172.25.254.200
172.25.254.101
[root@ka2 ~]# curl 172.25.254.200
172.25.254.102
[root@ka2 ~]# curl 172.25.254.200
172.25.254.101
[root@ka2 ~]# curl 172.25.254.200
172.25.254.102

模拟故障:

关闭ka1的keepalived

[root@ka1 ~]# systemctl stop keepalived
[root@ka1 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.30  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::20c:29ff:fef1:9875  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:f1:98:75  txqueuelen 1000  (Ethernet)
        RX packets 927274  bytes 72325472 (68.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1854187  bytes 129793327 (123.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



[root@ka2 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.40  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::20c:29ff:fed5:289d  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:d5:28:9d  txqueuelen 1000  (Ethernet)
        RX packets 683628  bytes 53310970 (50.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1365919  bytes 95613730 (91.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens160:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:d5:28:9d  txqueuelen 1000  (Ethernet)

ens160:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.200  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:d5:28:9d  txqueuelen 1000  (Ethernet)


# 即使发生故障,依然可以成功访问
[root@ka1 ~]# curl 172.25.254.100
172.25.254.102
[root@ka1 ~]# curl 172.25.254.100
172.25.254.101
[root@ka1 ~]# curl 172.25.254.100
172.25.254.102
[root@ka1 ~]# curl 172.25.254.100
172.25.254.101
[root@ka1 ~]# curl 172.25.254.200
172.25.254.102
[root@ka1 ~]# curl 172.25.254.200
172.25.254.101
[root@ka1 ~]# curl 172.25.254.200
172.25.254.102
[root@ka1 ~]# curl 172.25.254.200
172.25.254.101
相关推荐
chenbin52010 分钟前
Jenkins 自动构建Job
运维·jenkins
java 凯12 分钟前
Jenkins插件管理切换国内源地址
运维·jenkins
AI服务老曹15 分钟前
运用先进的智能算法和优化模型,进行科学合理调度的智慧园区开源了
运维·人工智能·安全·开源·音视频
sszdzq2 小时前
Docker
运维·docker·容器
book01212 小时前
MySql数据库运维学习笔记
运维·数据库·mysql
bugtraq20213 小时前
XiaoMi Mi5(gemini) 刷入Ubuntu Touch 16.04——安卓手机刷入Linux
linux·运维·ubuntu
xmweisi3 小时前
【华为】报文统计的技术NetStream
运维·服务器·网络·华为认证
VVVVWeiYee3 小时前
BGP配置华为——路径优选验证
运维·网络·华为·信息与通信
陆鳐LuLu3 小时前
日志管理利器:基于 ELK 的日志收集、存储与可视化实战
运维·elk·jenkins
DC_BLOG3 小时前
Linux-GlusterFS进阶分布式卷
linux·运维·服务器·分布式
热门推荐
01DeepSeek各版本说明与优缺点分析02如何在WPS和Word/Excel中直接使用DeepSeek功能03DeepSeek本地部署详细指南04太炸裂了!清华大学deepseek从入门到精通使用手册又出第三版了,《普通人如何抓住DeepSeek红利》(无套路,直接下载)05本地部署DeepSeek教程(Mac版本)06DeepSeek r1本地安装全指南07本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程08DeepSeek R1本地化部署 Ollama + Chatbox 打造最强 AI 工具09在Windows下安装Ollama并体验DeepSeek r1大模型10DeepSeek RAGFlow构建本地知识库系统