(241231)
实践目标
将公司原来的多数单点服务器变成了集群,提升了网站的稳定性与高并发的应用场景。
目标:
- 将现有的单点 Web 服务器架构调整为高可用的集群架构,解决单点故障问题。
- 使用 LVS+Keepalived 或 Nginx+Keepalived 实现负载均衡和高可用性。
- 实现动静分离,提升网站性能。
- 确保 Session 一致性,支持无状态拆分。
| 主机名 | IP 地址 | 角色 |
|---|---|---|
| lb-main | 192.168.100.10 | 主负载均衡器(LVS/Nginx) |
| lb-node1 | 192.168.100.11 | Web 服务器 1 |
| lb-node2 | 192.168.100.12 | Web 服务器 2 |
| lb-node3 | 192.168.100.13 | Web 服务器 3 |
环境准备
sudo apt-get update
sudo apt-get install -y wget curl build-essential libssl-dev libpcre3 libpcre3-dev zlib1g-dev
安装Redis
(lb-main)
wget https://download.redis.io/redis-stable.tar.gz
tar -zxvf redis-stable.tar.gz
cd redis-stable
编译和安装 Redis
# 安装依赖
sudo apt-get install -y build-essential tcl
# 编译 Redis
make
# 测试编译结果
make test
# 安装 Redis
sudo make install
编译安装 LVS + Keepalived
(lb-main 和 lb-node1)
sudo apt-get install -y build-essential libssl-dev libnl-3-dev libnl-genl-3-dev
编译安装 LVS
wget https://www.kernel.org/pub/linux/utils/kernel/ipvsadm/ipvsadm-1.31.tar.gz
tar -zxvf ipvsadm-1.31.tar.gz
cd ipvsadm-1.31
make
sudo make install
编译安装 Keepalived
wget https://www.keepalived.org/software/keepalived-2.3.2.tar.gz
tar -zxvf keepalived-2.3.2.tar.gz
cd keepalived-2.3.2
./configure --prefix=/usr/local/keepalived
make
sudo make install
编译安装 Nginx
下载 Nginx 源码
wget https://nginx.org/download/nginx-1.26.2.tar.gz
tar -zxvf nginx-1.26.2.tar.gz
cd nginx-1.26.2
编译和安装 Nginx
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module
make
sudo make install
配置redis
创建 redis 配置文件:
sudo mkdir /etc/redis
sudo cp redis.conf /etc/redis/redis.conf
编辑 /etc/redis/redis.conf,确保以下配置:
bind 0.0.0.0 # 允许所有 IP 访问
requirepass password # 设置 Redis 密码
/etc/systemd/system/redis.service
[Unit]
Description=Redis In-Memory Data Store
After=network.target
[Service]
ExecStart=/usr/local/bin/redis-server /etc/redis/redis.conf
ExecStop=/usr/local/bin/redis-cli shutdown
Restart=always
User=redis
Group=redis
[Install]
WantedBy=multi-user.target
sudo adduser --system --group --no-create-home redis
sudo chown redis:redis /etc/redis/redis.conf
sudo systemctl daemon-reload
sudo systemctl start redis
sudo systemctl enable redis
配置Session一致性
(lb-node1、lb-node2、lb-node3并且安装了redis-tools)
session.save_handler = redis
session.save_path = "tcp://192.168.100.10:6379?auth=yourpassword"
LVS+Keepalived方案
配置 LVS
(lb-main)
# 启用 IP 转发
echo "1" | sudo tee /proc/sys/net/ipv4/ip_forward
# 配置虚拟 IP
sudo ip addr add 192.168.100.100/24 dev eth0
# 配置 LVS
sudo ipvsadm -A -t 192.168.100.100:80 -s rr
sudo ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.11:80 -g
sudo ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.12:80 -g
sudo ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.13:80 -g
配置 Keepalived
(lb-main、lb-node1)
sudo mkdir /etc/keepalived
sudo vim /etc/keepalived/keepalived.conf
/etc/keepalived/keepalived.conf
global_defs {
router_id LVS_MAIN
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.100.11 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.12 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.13 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
# 启动keepalived
sudo /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf
Nginx+Keepalived方案
(lb-main、lb-node1、lb-node2 和 lb-node3都要安装Nginx)
配置nginx.conf
http {
upstream backend {
server 192.168.100.11;
server 192.168.100.12;
server 192.168.100.13;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static/ {
root /var/www/html;
expires 30d;
}
}
}
sudo /usr/local/nginx/sbin/nginx
配置 Keepalived
(lb-main、lb-node1)
/etc/keepalived/keepalived.conf(lb-main)
global_defs {
router_id NGINX_MAIN
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
protocol TCP
real_server 192.168.100.11 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.12 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.13 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
/etc/keepalived/keepalived.conf(lb-node1)
global_defs {
router_id NGINX_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.100.100
}
}
sudo /usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf