从零开始搭建双主模型的nginx proxy高可用集群

easyTang Linux干货

实验简介

本文主要介绍双主模型的nginx proxy高可用集群的搭建方式。
实验环境:

  • 使用nfs/ftp服务器,nfs提供页面数据共享,ftp提供程序下载
  • 使用单独的mariadb服务器提供关系型数据库
  • 使用两台httpd服务器提供页面服务,包括静态的html和动态的php(phpmyadmin、wordpress、phpinfo)
  • 使用两台nginx作为两台httpd的负载均衡器
  • 对两台nginx配置keepalived保证集群的高可用

拓扑图

从零开始搭建双主模型的nginx proxy高可用集群

配置

nfs/ftp 192.168.45.201

#修改主机名
hostnamectl set-hostname nfs.easy.com

#同步时间
yum install -y ntp
ntpdate

#搭建nfs
yum install -y nfs-utils
mkdir /data/html -pv
vim /etc/exports
    /data/html 192.168.45.0/24(rw)
systemctl start nfs
showmount -e

#搭建ftp
yum install -y vsftpd
yum install -y lrzsz
cd /var/ftp/pub
rz
上传phpMyAdmin-4.0.10.20-all-languages.zip
上传wordpress-4.7.4-zh_CN.tar.gz

mariadb 192.168.45.202

#修改主机名
hostnamectl set-hostname mydb.easy.com

#同步时间    
yum install -y ntp
ntpdate

#搭建mariadb
yum install -y mariadb-server
vim /etc/my.cnf.d/server.cnf
    [mysqld] 
    skip_name_resolve=1
    log-bin=mysql-bin
    innodb_file_per_table = 1
systemctl start mariadb.service

#简单配置mariadb
mysql_secure_installation
mysql -uroot -peasy
    GRANT ALL ON *.* TO 'root'@'192.168.45.%' IDENTIFIED BY 'easy'; 
    CREATE DATABASE wordpress;

    SELECT * FROM mysql.user \G ;
    SHOW DATABASES;

web1 192.168.45.11

#修改主机名
hostnamectl set-hostname web1.easy.com

#同步时间
yum install -y ntp
ntpdate
yum install -y httpd php php-mysql php-mcrypt php-mbstring

#挂载nfs
yum install -y nfs-utils
mkdir /data/html -pv
mount 192.168.45.201:/data/html /var/www/html

#创建phpMyAdmin wordpress
yum install -y wget
wget ftp://192.168.45.201/pub/phpMyAdmin-4.0.10.20-all-languages.zip
wget ftp://192.168.45.201/pub/wordpress-4.7.4-zh_CN.tar.gz 
tar xf wordpress-4.7.4-zh_CN.tar.gz
yum install -y unzip  
unzip phpMyAdmin-4.0.10.20-all-languages.zip 
mv /root/wordpress /var/www/html/wordpress-4.7.4  
mv /root/phpMyAdmin-4.0.10.20-all-languages /var/www/html
cd /var/www/html
ln -sv phpMyAdmin-4.0.10.20-all-languages pma
ln -sv wordpress-4.7.4 wp
ls /var/www/html

#创建主页
vim /var/www/html/index.php
    <h1>This is index pages</h1>
    <?php
        phpinfo();
    ?>

#创建负载均衡测试页
mkdir /var/www/lbtest
echo "web server1">> /var/www/lbtest/test.html
cat /var/www/lbtest/test.html

#配置httpd虚拟主机
vim /etc/httpd/conf.d/vhost.conf
    listen 8080
    <VirtualHost 192.168.45.11:80>
        DocumentRoot /var/www/html
        Servername www.easy.com
        <Directory '/var/www/html'>
            Options FollowsymLinks
            AllowOverride None
            Require all granted
        </Directory>
    </VirtualHost>        
    <VirtualHost 192.168.45.11:8080>
       DocumentRoot /var/www/lbtest
            <Directory '/var/www/lbtest'>
            Options None
            AllowOverride None
            Require all granted
            </Directory>
    </VirtualHost>
systemctl start httpd

#配置php-mysql
vim /etc/php.ini
    mysqli.default_host = 192.168.45.202
    mysqli.default_user = root
    mysqli.default_pw = easy
systemctl restart httpd

#配置phpMyAdmin
cd /var/www/html/pma
cp config.sample.inc.php config.inc.php 
vim config.inc.php 
    $cfg['blowfish_secret'] = 'a8baskdljalskd7c6d';
    $cfg['Servers'][$i]['host'] = '192.168.45.202';

#配置wordpress
cd /var/www/html/wp
cp wp-config-sample.php wp-config.php
vim wp-config.php
    define('DB_NAME', 'wordpress');
    define('DB_USER', 'root');
    define('DB_PASSWORD', 'easy');
    define('DB_HOST', '192.168.45.202');

web2 192.168.45.12

#修改主机名
hostnamectl set-hostname web2.easy.com

#同步时间
yum install -y ntp
ntpdate
yum install -y httpd php php-mysql php-mcrypt php-mbstring

#挂载nfs
yum install -y nfs-utils
mkdir /data/html -pv
mount 192.168.45.201:/data/html /var/www/html

#创建负载均衡测试页
mkdir /var/www/lbtest
echo "web server2">> /var/www/lbtest/test.html
cat /var/www/lbtest/test.html

#配置httpd虚拟主机
vim /etc/httpd/conf.d/vhost.conf
    listen 8080
    <VirtualHost 192.168.45.12:80>
        DocumentRoot /var/www/html
        Servername www.easy.com
        <Directory '/var/www/html'>
            Options FollowsymLinks
            AllowOverride None
            Require all granted
        </Directory>
    </VirtualHost>        
    <VirtualHost 192.168.45.12:8080>
       DocumentRoot /var/www/lbtest
            <Directory '/var/www/lbtest'>
            Options None
            AllowOverride None
            Require all granted
            </Directory>
    </VirtualHost>
systemctl start httpd

#配置php-mysql
vim /etc/php.ini
    mysqli.default_host = 192.168.45.202
    mysqli.default_user = root
    mysqli.default_pw = easy
systemctl restart httpd

nginx1 192.168.45.201

#修改主机名    
hostnamectl set-hostname nginx1.easy.com

#同步时间
yum install -y ntp
ntpdate
yum install -y psmisc #killall指令安装

#配置nginx负载均衡
yum install -y nginx
vim /etc/nginx/nginx.conf
http {
    upstream backend {
        server 192.168.45.11:80;
        server 192.168.45.12:80;
    }
    upstream lbtest {
        server 192.168.45.11:8080;
        server 192.168.45.12:8080;
    }
    server{
        location / {
            proxy_pass http://backend;
        }
        location ~* 'test.html$' {
            proxy_pass http://lbtest;
        }
    }
}    
systemctl start nginx

#配置keepalived
yum install -y keepalived
mv /etc/keepalived/keepalived.conf{,.bak}
vim /etc/keepalived/keepalived.conf
    !Configuration File for keepalived
    global_defs {
        notification_email {
            root@localhost;
            }
        notification_email_from keepadmin@localhost
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        route_id nginx1
        vrrp_mcast_group4 224.51.151.251
    }        
    vrrp_instance VI_1{
        state MASTER
        priority 100
        interface ens37
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass SWF5FW2DF
        }
        virtual_ipaddress {
            172.16.51.1/16 dev ens37 label ens37:0
        }
        notify_master "/etc/keepalived/notify.sh master"
        notify_bachup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }
    vrrp_instance VI_2{
        state BACKUP
        interface ens37
        virtual_router_id 52
        priority 96
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 7D2SS5DF
        }
        virtual_ipaddress {
            172.16.51.2/16 dev ens37 label ens37:1
        }
        track_script {
            chk_down
            chk_nginx
        }
        notify_master "/etc/keepalived/notify.sh master"
        notify_bachup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }

#配置通知脚本
vim /etc/keepalived/notify.sh
    #!/bin/bash
    #
    contact='root@localhost'
    notify(){
            local mailsubject="$(hostname) to be $1 ,vip floating"
            local mailbody="$(date +'%F $T'):vrrp transition,$(hostname) changed to be $1"
            echo "$mailbody" |mail -s "$mailsubject" $contact
    }
    case $1 in
    master)
            systemctl start nginx.service
            notify master
            ;;
    backup)
            systemctl start nginx.service
            notify backup
            ;;
    fault)
            systemctl stop nginx.service
            notify fault
            ;;
    *)
            echo "ERROR"
            exit 1
            ;;
    esac

nginx2 192.168.45.202

#修改主机名
hostnamectl set-hostname nginx2.easy.com

#同步时间
yum install -y ntp
ntpdate
yum install -y psmisc #killall指令安装

#配置nginx负载均衡
yum install -y nginx
mv /etc/nginx/nginx.conf{,.bak}
接受nginx1传送配置后
systemctl start nginx

#配置keepalived
yum install -y keepalived
mv /etc/keepalived/keepalived.conf{,.bak}
vim /etc/keepalived/keepalived.conf
    !Configuration File for keepalived        
    global_defs {
        notification_email {
            root@localhost;
            }
        notification_email_from keepadmin@localhost
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        route_id nginx2
        vrrp_mcast_group4 224.51.151.251
    }        
    vrrp_script chk_down{
        script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0 "
        interval 1
        weight -5
        fall 1
        rise 1
    }        
    vrrp_script chk_nginx{
        script "killall -0 nginx && exit 0 || exit 1"
        interval 1
        weight -5
        fall 2
        rise 2
    }
    vrrp_instance VI_1{
        state BACKUP
        interface ens37
        virtual_router_id 51
        priority 96
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass SWF5FW2DF
        }
        virtual_ipaddress {
            172.16.51.1/16 dev ens37 label ens37:0
        }
        track_script {
            chk_down
            chk_nginx
        }
        notify_master "/etc/keepalived/notify.sh master"
        notify_bachup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }
    vrrp_instance VI_2{
        state MASTER
        interface ens37
        virtual_router_id 52
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 7D2SS5DF
        }
        virtual_ipaddress {
            172.16.51.2/16 dev ens37 label ens37:1
        }
        track_script {
            chk_down
            chk_nginx
        }
        notify_master "/etc/keepalived/notify.sh master"
        notify_bachup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }

#配置通知脚本
vim /etc/keepalived/notify.sh
    #!/bin/bash
    #
    contact='root@localhost'
    notify(){
            local mailsubject="$(hostname) to be $1 ,vip floating"
            local mailbody="$(date +'%F $T'):vrrp transition,$(hostname) changed to be $1"
            echo "$mailbody" |mail -s "$mailsubject" $contact
    }
    case $1 in
    master)
            systemctl start nginx.service
            notify master
            ;;
    backup)
            systemctl start nginx.service
            notify backup
            ;;
    fault)
            systemctl stop nginx.service
            notify fault
            ;;
    *)
            echo "ERROR"
            exit 1
            ;;
    esac

实验总结

BUG

  • 该环境配置完成后出现BUG,chk_nginx脚本并不会真正的检测nginx,来对keepalived权重进行调整

待完善

  • 该实验环境只是实现基本功能,部分配置存在安全隐患
  • 该环境单点状况过多,需要提升页面资源的nfs服务器和关系型数据库mariadb服务器的高可用性
  • httpd服务器没有实现动静分离
  • httpd服务器负载均衡不能保持会话,需要增加session服务器
  • 增加cache服务器可以大幅度提高浏览速度 



                                                        
原创文章,作者:easyTang,如若转载,请注明出处:http://www.178linux.com/78553
                        


                        

                        

                            
(0)

                                                    


                        

                            

                                                                    

                                                                                
                                            easyTangeasyTang                                        
                                    

                                                                

                                    

                                                                                 0                                                                            

                                    
                                    

                                        
                                    

                                

                            

                        

                    

                                            

                    

                
                

                     上一篇
                    2017-06-25 23:43
                

            

                            

                
                

                    下一篇 
                    2017-06-26 04:20
                

            

            

                    
                                            

                            
相关推荐
  • 
        
    
                
    
            
                                 Because LVM so cattle(Logical Volume Manager)            
        
    
        
    
            
    LVM: Logical Volume Manager         LVM是逻辑盘卷管理(Logical Volume Manager)的简称,它是Linux环境下对磁盘分区进行管理的一种机制,LVM是建立在硬盘和分区之上的一个逻辑层,来提高磁盘分区管理的灵活性。 …
    
        
    
        
    
                                            Linux干货
                            2016-08-29
            
    
                            
    
        
    
    
    

    • 

  • 
        
    
                
    
            
                                 N21-第二周博客            
        
    
        
    
            
    1、Linux上的文件管理类命令都有哪些,其常用的使用方法及其相关示例演示。 文件管理命令有复制、删除与移动:cp,mv,rm cp(复制档案或目录) [root@study ~]# cp [-adfilprsu] 源(source) 目标(destination) [root@study ~]# cp [options] source1 source2 s…
    
        
    
        
    
                                            Linux干货
                            2016-07-16
            
    
                            
    
        
    
    
    

    • 

  • 
        
    
                
    
            
                                 samba服务部署WordPress            
        
    
        
    
            
    简介 Samba是一个能让Linux系统应用Microsoft网络通讯协议的软件,而SMB是Server Message Block的缩写,即为服务器消息块 ,SMB主要是作为Microsoft的网络通讯协议,后来Samba将SMB通信协议应用到了Linux系统上,就形成了现在的Samba软件。后来微软又把 SMB 改名为 CIFS(Common Inter…
    
        
    
        
    
                                            Linux干货
                            2017-04-28
            
    
                            
    
        
    
    
    

    • 

  • 
        
    
                
    
            
                                 网络相关命令            
        
    
        
    
            
    网络相关命令 常用命令 ifcfg家族:   ifconfig:配置IP,NETMASK   route :路由   netstat : 状态及统计数据查看 iproute2家族     ip  系列 &nbs…
    
        
    
        
    
                                            Linux干货
                            2016-09-07
            
    
                            
    
        
    
    
    

    • 

  • 
        
    
                
    
            
                                 自定义命令别名及引用结果            
        
    
        
    
            
    自定义命令别名及引用结果 alias alias命令用来设置指令的别名。我们可以使用该命令可以将一些较长的命令进行简化。 语法 alias(选项)(参数) 选项 -p:打印已经设置的命令别名。 参数 命令别名设置:定义命令别名,格式为“命令别名=‘实际命令’” 实例 显示已设置的别名 [root@localhost ~]# alias alias cp=’c…
    
        
    
        
    
                                            Linux干货
                            2018-03-11
            
    
                            
    
        
    
    
    

    • 

  • 
        
    
                
    
            
                                 N22-第一周作业            
        
    
        
    
            
    1、描述计算机的组成及功能      计算机系统由硬件系统和软件系统组成。硬件系统(Hardware system)是计算机完成计算工作  的物质基础。软件系统(Software system):是在计算机硬件设备上运行的各种程序,是介于用户  和硬件系统之间的界面。1.1 计算机的硬件系…
    
        
    
        
    
                                            Linux干货
                            2016-08-22
            
    
                            
    
        
    
    
    

    • 

                        

                                    

                    

            
    




            

                                                    

                                                                    

                                    

                                                                    

                            

                    

                                    

                                                    
                                                                电话咨询
                            
                                            

                                    

                                                    
                                                                在线咨询