Keepalived+LVS+nginx高可用架构

注明：所有软件已经下载好，防火墙和SELinux已经全部关闭

一.搭建NFS

1.服务端

1.创建文件

$root@nfs \~$ # mkdir -p /nfs/data

2、修改权限

$root@nfs \~$ # chmod o+rw /nfs/data

3、写配置文件

$root@nfs \~$ # cat /etc/exports

/nfs/data 192.168.111.118(rw)

/nfs/data 192.168.111.119(rw)

4、重启服务

$root@nfs \~$ # systemctl restart nfs-server

5、暴露文件

$root@nfs data$ # showmount -e 192.168.111.120

Export list for 192.168.111.120:

/nfs/data (everyone)

2、客户端

RS1

1.创建挂载目录

$root@rs1 \~$ # mkdivar/www/haha

2、将创建的目录挂载到服务端的共享目录

$root@rs1 \~$ # mount -t nfs 192.168.111.120:/nfs/data /var/www

3、查看是否挂载成功

$root@rs1 \~$ # df /var/www

Filesystem 1K-blocks Used Available Use% Mounted on

192.168.111.120:/nfs/data 47202304 2063616 45138688 5% /varvar/www
RS2

1.创建挂载目录

$root@rs2 \~$ # mkdir -p /var/www/xixi

2、将创建的目录挂载到服务端的共享目录

$root@rs2 \~$ # mount -t nfs 192.168.111.120:/nfs/data /var/www

3、查看是否挂载成功

$root@rs2 nfs$ # df /var/www

Filesystem 1K-blocks Used Available Use% Mounted on

192.168.111.120:/nfs/data 47202304 2063616 45138688 5% /var/www

二、搭建nginx服务

RS1

1.写nginx的配置文件

$root@rs1 \~$ # cat /etc/nginx/conf.d/haha.conf

server {

server_name 192.168.111.118;

root /var/www/haha;

access_log /var/log/nginx/hehe_access.log;

error_log /var/log/nginx/hehe_error.log;

}

2.在NFS里面写入nginx的页面

$root@nfs \~$ # echo "welcome rs1" > /nfs/data/haha/index.html

3.重启服务

$root@rs1 \~$ # systemctl restart nginx

4.测试服务

$root@rs1 \~$ # curl 192.168.111.118

welcome rs1

RS2

1.写nginx的配置文件

$root@rs2 \~$ # cat /etc/nginx/conf.d/xixi.conf

server {

server_name 192.168.111.119;

root /var/www/xixi;

access_log /var/log/nginx/xixi_access.log;

error_log /var/log/nginx/xixi_error.log;

}

2.在NFS里面写入nginx的页面

$root@nfs \~$ # echo "welcome rs2" > /nfs/data/xixi/index.html

3.重启服务

$root@rs2 \~$ # systemctl restart nginx

4.测试服务

$root@rs2 \~$ # curl 192.168.111.119

welcome rs2

三、搭建keepalived+lvs服务

master

1.修改keepalived的配置文件

$root@lvs-master \~$ # ipvsadm-save -n > /etc/sysconfig/ipvsadm

$root@lvs-master \~$ # cat /etc/keepalived/keepalived.conf

global_defs {

router_id lvs_master

}

vrrp_instance VI_1 {

state MASTER

interface ens160

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.111.100

}

}

#配置lvs,需要指定VIP地址

virtual_server 192.168.111.100 80 {

delay_loop 6 #健康检查时间间隔，时间为秒

lb_algo wrr #负载均衡的算法，rr表示轮询，wrr表示带权轮询

lb_kind DR #负载均衡的模式，此处为DR 支持的模式有DR|NAT|TUN

persistence_timeout 50 #持久化时间，默认为秒。

protocol TCP #负载均衡协议

real_server 192.168.111.118 80 {

weight 3 #权重

TCP_CHECK { #检查

connect_timeout 3 #连接时间，单位为秒

retry 3 #重试次数

delay_before_retry 3 #重试间隔时间

}

}

real_server 192.168.111.119 80 {

weight 1

TCP_CHECK {

url {

connect_timeout 3

retry 3

delay_before_retry 3

}

}

}
backup

1.修改配置文件

$root@lvs-backup \~$ # ipvsadm-save -n > /etc/sysconfig/ipvsadm

$root@lvs-backup \~$ # cat /etc/keepalived/keepalived.conf

global_defs {

router_id lvs_backup

}

vrrp_instance VI_1 {

state BACKUP

interface ens160

virtual_router_id 51

priority 90

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.111.100

}

}

virtual_server 192.168.111.100 80 {

delay_loop 6

lb_algo wrr

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 192.168.111.118 80 {

weight 3

TCP_CHECK {

url {

connect_timeout 3

retry 3

delay_before_retry 3

}

}

real_server 192.168.111.119 80 {

weight 1

TCP_CHECK {

url {

connect_timeout 3

retry 3

delay_before_retry 3

}

}

}

2.启动两台服务器

$root@lvs-master \~$ # systemctl restart keepalived.service ipvsadm.service

$root@lvs-backup \~$ # systemctl restart keepalived.service ipvsadm.service

3.查看配置规则

$root@lvs-master \~$ # ipvsadm

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP lvs-master:http wrr persistent 50

-> 192.168.111.118:http Route 3 0 0

-> 192.168.111.119:http Route 1 0 1

$root@lvs-backup \~$ # ipvsadm -ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.111.100:80 wrr persistent 50

-> 192.168.111.118:80 Route 3 0 0

-> 192.168.111.119:80 Route 1 0 0

四、修改RS服务

1、为两台 RS 服务器配置 VIP

$root@rs1 \~$ # ifconfig lo:1 192.168.111.100 netmask 255.255.255.255 broadcast 192.168.111.100 up

$root@rs2 \~$ # ifconfig lo:1 192.168.111.100 netmask 255.255.255.255 broadcast 192.168.111.100 up

2、配置核心参数。

$root@rs1 \~$ # sysctl -p

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.ip_forward = 0

$root@rs2 \~$ # sysctl -p

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.ip_forward = 0

3、配置路由

$root@rs1 \~$ # route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 192.168.111.2 0.0.0.0 UG 100 0 0 ens160

192.168.111.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160

192.168.111.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo

$root@rs2 \~$ # route add -host 192.168.111.100 dev lo:1

$root@rs2 \~$ #

$root@rs2 \~$ #

$root@rs2 \~$ # route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 192.168.111.2 0.0.0.0 UG 100 0 0 ens160

192.168.111.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160

192.168.111.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo

Keepalived+LVS+nginx高可用架构

一.搭建NFS

1.服务端

2、客户端

二、搭建nginx服务

三、搭建keepalived+lvs服务

四、修改RS服务

五、测试