nginx负载均衡高可用配置
服务器A:172.16.100.2
服务器B:172.16.100.3
首先先在两台服务器上分别安装好nginx和keepalived后,再进行下面的操作
配置keepalived高可用(不抢占)
服务器A:172.16.100.2
服务器B:172.16.100.3
VIP:172.16.100.14
首先在服务器A和服务器B上各安装好keepalived,安装好后,再继续下面的操作。
在服务器A上执行
1.编写脚本监控nginx状态
echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh
2.配置全局定义块
global_defs {
router_id nginxserver01
}
3.keepalived只能做到对网络故障和keepalived本身的监控,配置脚本监控mysql服务状态
weight对priority的影响详情请参考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checkmysql
{
script "/etc/keepalived/checknginx.sh"
interval 3
weight -20
}
4.配置VRRP实例定义块
vrrp_instance instance1 {
state MASTER
virtual_router_id 1
interface eth0
mcast_src_ip 172.16.100.2
priority 100
advert_int 3
nopreempt
authentication {
auth_type PASS
auth_pass kee1234
}
virtual_ipaddress {
172.16.100.14
}
track_script {
checknginx
}
}
在服务器B上执行
1.编写脚本监控nginx状态
echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh
2.配置全局定义块
global_defs {
router_id nginxserver02
}
3.keepalived只能做到对网络故障和keepalived本身的监控,配置脚本监控mysql服务状态
weight对priority的影响详情请参考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checknginx
{
script "/etc/keepalived/checknginx.sh"
interval 3
weight -20
}
4.配置VRRP实例定义块
vrrp_instance instance1 {
state BACKUP
virtual_router_id 1
interface eth0
mcast_src_ip 172.16.100.3
priority 90
advert_int 3
nopreempt
authentication {
auth_type PASS
auth_pass kee1234
}
virtual_ipaddress {
172.16.100.14
}
track_script {
checknginx
}
}
nginx配置http代理(开启会话保持、安全配置)
cat << EOF > /usr/local/myapps/nginx/http8888.conf
upstream http8888{
sticky;
server 172.16.100.2:8080;
}
server{
listen 8888;
charset utf-8;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 180;
proxy_buffering off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
proxy_pass http://http8888;
}
access_log logs/http8888.access.log access;
}
会话保持
1.源地址哈希算法
指令:ip hash;
不足:
当后端服务器宕机后,session会丢失;
来自同一局域网的客户端会被转发到同一个后端服务器,可能导致负载失衡;
不适用于CDN网络,不适用于前段还有代理的情况。
2.cookie会话保持
优点:
可以实现同一局域网的客户端的负载均衡
指令:sticky ;
sticky的一些参数,比如sticky的缓存时间,作用于之类的。这里详细可以查询sticky解压包里的readme
要启用cookie会话保持需要添加sticky模块。
(添加新模块的步骤:停止nginx,备份nginx,带上之前的编译参数和新的模块参数重新编译,将编译生成的含有新模块的nginx二进制文件覆盖sbin目录中的nginx,重启nginx即可)
wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz
tar -zxf master.tar.gz
mv nginx-goodies-nginx-sticky-module-ng-08a395c66e42 nginx-sticky-module
ps -ef | grep nginx | grep -v grep | awk '{print $2}' |xargs kill -9
cp -ar /usr/local/myapps/nginx /usr/local/myapps/nginx_bak`date "+%Y%m%d"`
cd /root/nginx-1.15.9
nginx -V
./configure --prefix=/usr/local/myapps/nginx --sbin-path=/usr/sbin/nginx --pid-path=/usr/local/myapps/nginx/logs/nginx.pid --error-log-path=/usr/local/myapps/nginx/logs/error.log --http-log-path=/usr/local/myapps/nginx/logs/access.log --with-pcre=/usr/local/myapps/pcre-8.43 --with-zlib=/usr/local/myapps/zlib-1.2.11 --with-http_stub_status_module --with-stream --add-module=/root/nginx-sticky-module
/usr/bin/cp /root/nginx-1.15.9/objs/nginx /usr/sbin/
nginx -c /usr/local/myapps/nginx/conf/nginx.conf