Nginx implements high availability cluster construction (Keepalived+Haproxy+Nginx)
1. Components and implemented functionsKeepalived: realizes high availability of Haproxy service and adopts dual-active model configuration; Haproxy: implements load balancing and read-write separation for Nginx; Nginx: realizes high-speed processing of HTTP requests; 2. Architecture design diagram
3. Keepalived deploymentKeepalived needs to be installed on both nodes. The command is as follows: $ yum -y install keepalived Modify the keepalived.conf file configuration on the 172.16.25.109 node. The command is as follows $ vim /etc/keepalived/keepalived.conf The modified content is as follows:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from [email protected]
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
priority 100
virtual_router_id 125
garp_master_delay 1
authentication
auth_type PASS
auth_pass 1e3459f77aba4ded
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.10/16 dev eth0 label eth0:0
}
track_script {
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master 172.16.25.10"
notify_backup "/etc/keepalived/notify.sh backup 172.16.25.10"
notify_fault "/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
interface eth0
state BACKUP
priority 99
virtual_router_id 126
garp_master_delay 1
authentication
auth_type PASS
auth_pass 7615c4b7f518cede
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.11/16 dev eth0 label eth0:1
}
track_script {
chk_haproxy
chk_maintaince_down
}
notify_master "/etc/keepalived/notify.sh master 172.16.25.11"
notify_backup "/etc/keepalived/notify.sh backup 172.16.25.11"
notify_fault "/etc/keepalived/notify.sh fault 172.16.25.11"
}Similarly, modify the keepalived.conf configuration on the 172.16.25.110 node to the following content:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from [email protected]
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state BACKUP
priority 99
virtual_router_id 125
garp_master_delay 1
authentication
auth_type PASS
auth_pass 1e3459f77aba4ded
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.10/16 dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_maintaince_down
}
notify_master "/etc/keepalived/notify.sh master 172.16.25.10"
notify_backup "/etc/keepalived/notify.sh backup 172.16.25.10"
notify_fault "/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
interface eth0
state MASTER
priority 100
virtual_router_id 126
garp_master_delay 1
authentication
auth_type PASS
auth_pass 7615c4b7f518cede
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.11/16 dev eth0 label eth0:1
}
track_script {
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master 172.16.25.11"
notify_backup "/etc/keepalived/notify.sh backup 172.16.25.11"
notify_fault "/etc/keepalived/notify.sh fault 172.16.25.11"
}
# vi /etc/keepalived/notify.sh
#!/bin/bash
# Author: Jason.Yu <[email protected]>
# description: An example of notify script
#
contact='root@localhost'
notify() {
mailsubject="`hostname` to be $1:$2 floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master $2
/etc/rc.d/init.d/haproxy restart
exit 0
;;
backup)
notify backup $2 # When the node switches to the backup state, there is no need to deliberately stop the haproxy service to prevent chk_maintaince and chk_haproxy from operating the haproxy service multiple times;
exit 0
;;
fault)
notify fault $2 # Same as above exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esacExecute the keepalived startup command on both nodes. The command is as follows: $ service keepalived start
4. Haproxy deploymentHAProxy needs to be installed on both nodes. The command is as follows: $ yum -y install haproxy Modify the haproxy.cfg file configuration on the 172.16.25.109 and 172.16.25.110 nodes (the configuration files on the two nodes are consistent). The command is as follows: $ vim /etc/haproxy/haproxy.cfg The content of the configuration file is as follows:
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon # Run as a background program;
defaults
mode http # Select HTTP mode to perform layer 7 filtering;
log global
option httplog # can get richer log output;
option dontlognull
option http-server-close # The server can close the HTTP connection function;
option forwardfor except 127.0.0.0/8 # Pass the client's IP address to the server and write it into the "X-Forward_for" header;
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 30000
listen stats
mode http
bind 0.0.0.0:1080 # The statistics page is bound to port 1080;
stats enable # Enable the statistics page function;
stats hide-version #Hide Haproxy version number;
stats uri /haproxyadmin?stats #Customize the access uri of the statistics page;
stats realm Haproxy\ Statistics #Prompt information for password verification on the statistics page;
stats auth admin:admin # Enable login authentication for the statistics page;
stats admin if TRUE # If the logged-in user passes the verification, the management function is granted;
frontend http-in
bind *:80
mode http
log global
option httpclose
option logasap
option dontlognull
capture request header Host len 20
capture request header Referer len 60
acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets
acl url_static path_end -i .jpg .jpeg .gif .png .css .js .html
use_backend static_servers if url_static # Requests that meet ACL rules are transferred to the backend static server default_backend dynamic_servers # Requests are transferred to the backend dynamic server by default backend static_servers
Balance Round Robin
server imgsrv1 192.168.0.25:80 check maxconn 6000 # Static server, multiple servers can be configured, and weight can be set;
backend dynamic_servers
balance source # For dynamic requests, the source scheduling algorithm can be used to achieve session persistence to a certain extent; but it is best to use cookie binding to achieve session persistence server websrv1 192.168.0.35:80 check maxconn 1000 # Dynamic servers can be configured with multiple servers and weights can be set;The two nodes start the service with the following commands: $ service haproxy start 5. Nginx deploymentyum -y groupinstall "Development tools" yum -y groupinstall “Server Platform Development” yum install gcc openssl-devel pcre-devel zlib-devel groupadd -r nginx useradd -r -g nginx -s /sbin/nologin -M nginx tar xf nginx-1.4.7.tar.gz cd nginx-1.4.7 mkdir -pv /var/tmp/nginx ./configure \ --prefix=/usr \ --sbin-path=/usr/sbin/nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx/nginx.pid \ --lock-path=/var/lock/nginx.lock \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_flv_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --http-client-body-temp-path=/var/tmp/nginx/client/ \ --http-proxy-temp-path=/var/tmp/nginx/proxy/ \ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \ --http-scgi-temp-path=/var/tmp/nginx/scgi \ --with-pcre make && make install Configure service scripts
vi /etc/init.d/nginx # Configure service script#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: -85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# Proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload
rh_status_q || exit 7
$1
;;
force-reload
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
chmod +x /etc/init.d/nginx # Restore the execution permission of the service script vi /etc/nginx/nginx.conf # Edit the main configuration file worker_processes 2;
error_log /var/log/nginx/nginx.error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name xxrenzhe.lnmmp.com;
access_log /var/log/nginx/nginx.access.log main;
location / {
root /www/lnmmp.com;
index index.php index.html index.htm;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /www/lnmmp.com;
}
location ~ \.php$ {
root /www/lnmmp.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
vi /etc/nginx/fastcgi_params # Edit fastcgi parameter file fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;Start the service service nginx configtest #Verify that the configuration file is correct before starting the service service nginx start ps -ef |grep nginx # Check the nginx process, especially whether the worker process is consistent with the worker_processes value ss -antupl |grep 80 # Check whether the service port is started 6. Access VerificationHaproxy statistics page test
Dynamic and static separation test
High availability testing
This concludes the introduction to Nginx high availability cluster construction (Keepalived+Haproxy+Nginx). This is the end of this article about Nginx high-availability cluster construction (Keepalived+Haproxy+Nginx). For more relevant Nginx high-availability cluster content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future! You may also be interested in:
|
<<: About the solution record of the page unresponsiveness when using window.print() in React
>>: Design Story: The Security Guard Who Can't Remember License Plates
Recommend
How to manage multiple projects on CentOS SVN server
One demand Generally speaking, a company has mult...
How to implement the builder pattern in Javascript
Overview The builder pattern is a relatively simp...
Vue.js implements tab switching and color change operation explanation
When implementing this function, the method I bor...
favico.ico---Website ico icon setting steps
1. Download the successfully generated icon file, ...
JS realizes the calculation of the total price of goods in the shopping cart
JS calculates the total price of goods in the sho...
MySQL cross-database transaction XA operation example
This article uses an example to describe the MySQ...
Detailed tutorial on installing PHP and Nginx on Centos7
As the application of centos on the server side b...
An example of elegantly writing status labels in Vue background
Table of contents Preface optimization Extract va...
A brief discussion on CSS3 animation jamming solutions
Why is it stuck? There is a premise that must be ...
js learning notes: class, super and extends keywords
Table of contents Preface 1. Create objects befor...
HTML cellpadding and cellspacing attributes explained in pictures
Cell -- the content of the table Cell margin (tabl...
Installation tutorial of the latest stable version of MySQL 5.7.17 under Linux
Install the latest stable version of MySQL on Lin...
Four ways to combine CSS and HTML
(1) Each HTML tag has an attribute style, which c...
Analysis and solution of the reasons why crontab scheduled tasks are not executed
Preface The following are the ways to implement L...
Detailed tutorial on how to install MySQL 5.7.18 in Linux (CentOS 7) using YUM
The project needs to use MySQL. Since I had alway...