首页 > 系统相关 >负载均衡 nginx+ keepalived +vip

负载均衡 nginx+ keepalived +vip

时间:2023-09-28 12:38:02浏览次数:65  
标签:-- keepalived cat priority nginx vip without


负载均衡 nginx+ keepalived +vip_运维

一、负载均衡 nginx+ keepalived +vip

1、在所有节点,安装nginx

cd /data/work
wget http://nginx.org/download/nginx-1.18.0.tar.gz
#编译
yum install gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y 
tar -xzvf nginx-1.18.0.tar.gz
cd nginx-1.18.0
./configure --with-stream --without-http --prefix=/usr/local/nginx --without-http_uwsgi_module 
make && make install


#################################################################
--without-http_scgi_module --without-http_fastcgi_module
--with-stream:开启 4 层透明转发(TCP Proxy)功能;
--without-xxx:关闭所有其他功能,这样生成的动态链接二进制程序依赖最小;
#################################################################

2、在所有节点,配置nginx

#配置
cat > /usr/local/nginx/conf/nginx.conf<<EOF
worker_processes 1;
events {
    worker_connections  1024;
}
stream {
    upstream rgw {
        hash $remote_addr consistent;
        server 192.168.1.70:81        max_fails=3 fail_timeout=30s;
        server 192.168.1.71:81        max_fails=3 fail_timeout=30s;
        server 192.168.1.72:81        max_fails=3 fail_timeout=30s;
    }

    upstream nfs {
        hash $remote_addr consistent;
        server 192.168.1.70:8080        max_fails=3 fail_timeout=30s;
        server 192.168.1.71:8080        max_fails=3 fail_timeout=30s;
        server 192.168.1.72:8080        max_fails=3 fail_timeout=30s;
    }

    server {
        listen *:80;
        proxy_connect_timeout 1s;
        proxy_pass rgw;
    }
    server {
        listen *:88;
        proxy_connect_timeout 1s;
        proxy_pass nfs;
    }
}
EOF

3、在所有节点,配置Nginx启动文件

cat > /etc/systemd/system/nginx.service <<EOF
[Unit]
Description=kube-apiserver nginx proxy
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=forking
ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
Restart=always
RestartSec=5
StartLimitInterval=0
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF




systemctl daemon-reload && systemctl enable nginx


systemctl restart nginx && systemctl status nginx |grep 'Active:'

4、 70和71安装keepalived

#安装keepalived
yum install -y keepalived



#创建健康检查脚本并分发
cat > /etc/keepalived/nginx_check.sh <<\EOF
#!/bin/bash

A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
    /usr/sbin/nginx
    sleep 2
    if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
        killall keepalived
    fi
fi

EOF


#授权
chmod +xxx /etc/keepalived/nginx_check.sh
#查看
ll /etc/keepalived/nginx_check.sh

01配置

cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalived
global_defs {
    router_id nginx_server_1
}
vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2
    weight 20
    !weight为正数
    !如果脚本执行结果为0,,Master:weight+priority>Backup:weight+priority(不切换)
    !如果脚本执行结果不为0,Master:priority<Backup:priority+weight(切换)
    !weight为负数
    !如果脚本执行结果为0,,Master:priority>Backup:priority(不切换)
    !如果脚本执行结果不为0,Master:priority+weight<Backup:priority(切换)
    !一般来说,weight的绝对值要大于Master和Backup的priority之差
}
vrrp_instance VI_1 {
    state MASTER
    interface ens192 							#注意这里的网卡名称修改成你机器真实的内网网卡名称,可用命令ip addr查看
    virtual_router_id 51
    unicast_src_ip 192.168.1.70 	#本机IP
    unicast_peer {								#虚拟ip地址,可以有多个地址,每个地址占一行,不需要子网掩码
        192.168.1.71
    }
    priority 100
    nopreempt
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111 !认密码 两台nginx密码要一致
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {						#VIP地址192.168.1.226
        192.168.1.226
    }
}
EOF



# 重启服务
systemctl restart keepalived.service
 
 
# 查看运行状态
systemctl status keepalived.service
 
# 添加开机自启动(haproxy默认安装好就添加了自启动)
systemctl enable keepalived.service

# 查看是否添加成功
systemctl is-enabled keepalived.service 
#enabled就代表添加成功了
 
# 同时我可查看下VIP是否已经生成
ip a|grep 226

02配置

cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalived
global_defs {
    router_id nginx_server_1
}
vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2
    weight 20
    !weight为正数
    !如果脚本执行结果为0,,Master:weight+priority>Backup:weight+priority(不切换)
    !如果脚本执行结果不为0,Master:priority<Backup:priority+weight(切换)
    !weight为负数
    !如果脚本执行结果为0,,Master:priority>Backup:priority(不切换)
    !如果脚本执行结果不为0,Master:priority+weight<Backup:priority(切换)
    !一般来说,weight的绝对值要大于Master和Backup的priority之差
}
vrrp_instance VI_1 {
    state MASTER
    interface ens192 							#注意这里的网卡名称修改成你机器真实的内网网卡名称,可用命令ip addr查看
    virtual_router_id 51
    unicast_src_ip 192.168.1.71 	#本机IP
    unicast_peer {								#虚拟ip地址,可以有多个地址,每个地址占一行,不需要子网掩码
        192.168.1.70
    }
    priority 100
    nopreempt
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111 !认密码 两台nginx密码要一致
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {						#VIP地址192.168.1.226
        192.168.1.226
    }
}
EOF






# 重启服务
systemctl restart keepalived.service
 
 
# 查看运行状态
systemctl status keepalived.service
 
# 添加开机自启动(haproxy默认安装好就添加了自启动)
systemctl enable keepalived.service

# 查看是否添加成功
systemctl is-enabled keepalived.service 
#enabled就代表添加成功了
 
# 同时我可查看下VIP是否已经生成
ip a|grep 226


标签:--,keepalived,cat,priority,nginx,vip,without
From: https://blog.51cto.com/dxbp/7637938

相关文章

  • helm安装 ingress-nginx
    目录1.下载ingress-nginx-4.2.5.tgz2.解压,修改文件3.安装ingress4.测试网页5.windows测试helm3安装1.下载ingress-nginx-4.2.5.tgzhelmfetchingress-nginx/ingress-nginx--version4.2.5#或者curl-LOhttps://github.com/kubernetes/ingress-nginx/releases/download/helm-c......
  • 安装nginx,php8,nfs,oralce19c客户端
    目录一.安装nginx二.安装php1.安装php8插件2.安装下载php8三.安装nfs四.安装19C客户端a.安装oracle19c客户端b.php连接oracle19c数据库五.nginx跳转php乱码六.php问题1.session获取不到2.设置php报错级别提示error_reporting一.安装nginx下载nginx地址tar-xfnginx-1.23.1.tar.......
  • filebeat 收集 nginx 日志到 kibana 展示
    首先是nginx.conf的日志格式json格式很多,不一定非要这个log_formatjson'{"access_time":"$time_iso8601","remote_addr":"$remote_addr","remote_user":"$remote_user","request":"$request&qu......
  • thinkPHP框架在nginx环境中提示404错误的几种情况与解决方法
    一、未设置伪静态解决方法:在项目public目录下新建文件,命名为nginx.htaccess,文件内容如下:location/{indexindex.htmlindex.htmindex.php;autoindexoff;if(!-e$request_filename){rewrite^(.*)$/index.php?s=/$1last;break;......
  • nginx配置允许跨域请求
    要在Nginx中设置跨域允许,您可以使用add_header指令来添加CORS(跨源资源共享)响应头。以下是一个示例Nginx配置,演示如何允许跨域请求:server{listen80;server_nameyour_domain.com;location/{#允许所有来源的跨域请求add_header'Access-Con......
  • 2、nginx常用配置----作为web服务端
    目录环境及目的nginx配置文件特点和结构1特性2主配置文件结构常用全局配置1main段2events段web服务相关配置1server_namerootlisten11listen指令常用选项12server_name定义方式2location21alias定义路径别名3index定义主页4error_page定义错误页面5长连接相关指令6限......
  • FastDFS--扩展篇(Php&&Apache2&&Nginx)
         FastDFS不是通用的文件系统,只能通过专用的API来访问,目前提供了CJAVAPHP的API,下面我们来安装php扩展。   让Fastdfs支持php,在FastDFS的源码包解压后里面有个php_client目录,进入此目录,参照README进行安装: phpize./configuremakemakeinstall    ......
  • Nginx神奇的if语法
    我在Nginx里声明了一个变量,中间很多逻辑处理,最后想根据这个变量做http还是https跳转。话不多说,直接上nginx.confset$usessl"0";...if($usessl="1") { proxy_passhttps://$proxyserver; } if($usessl="0") { proxy_passhttp://$proxyserver; }启动......
  • openwrt nginx ssl 增加端口,互联网访问
    虽然已经会配置nginx了但是在openwrt上配置neginx,并允许wan访问,还是需要改一些东西的。尤其是几个运营商封端口。80,8080,10080,443均已沦陷,或即将沦陷。openwrt的nginx-上官飞鸿-博客园(cnblogs.com)所以我将使用10443来配置自己的路由器webwan管理。按上一篇博文的介绍......
  • nginx访问报错“maximum number of descriptors supported by select() is 1024 while
    1、问题背景 项目:一个人力的系统,主要用于考勤打卡环境:windowsservernginx版本:1.22 问题说明:当早上访问人数增加的时候,就会出现nginx的异常nginx的后台报错日志:maximumnumberofdescriptorssupportedbyselect()is1024whileconnectingtoupstream  ......