Nginx implements high availability cluster construction (Keepalived+Haproxy+Nginx)

Nginx implements high availability cluster construction (Keepalived+Haproxy+Nginx)

1. Components and implemented functions

Keepalived: realizes high availability of Haproxy service and adopts dual-active model configuration;

Haproxy: implements load balancing and read-write separation for Nginx;

Nginx: realizes high-speed processing of HTTP requests;

2. Architecture design diagram

3. Keepalived deployment

Keepalived needs to be installed on both nodes. The command is as follows:

$ yum -y install keepalived

Modify the keepalived.conf file configuration on the 172.16.25.109 node. The command is as follows

$ vim /etc/keepalived/keepalived.conf

The modified content is as follows:

! Configuration File for keepalived
global_defs {
   notification_email {
         root@localhost
   }
   notification_email_from [email protected]
   smtp_connect_timeout 3
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
   interval 1
   weight 2
}
vrrp_script chk_haproxy {
    script "killall -0 haproxy"
    interval 1
    weight 2
}
vrrp_instance VI_1 {
    interface eth0
    state MASTER
    priority 100
    virtual_router_id 125
    garp_master_delay 1
    authentication
        auth_type PASS
        auth_pass 1e3459f77aba4ded
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
        172.16.25.10/16 dev eth0 label eth0:0
    }
    track_script {
        chk_haproxy
    }
    notify_master "/etc/keepalived/notify.sh master 172.16.25.10"
    notify_backup "/etc/keepalived/notify.sh backup 172.16.25.10"
    notify_fault "/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
    interface eth0
    state BACKUP
    priority 99
    virtual_router_id 126
    garp_master_delay 1
    authentication
        auth_type PASS
        auth_pass 7615c4b7f518cede
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
        172.16.25.11/16 dev eth0 label eth0:1
    }
    track_script {
        chk_haproxy
chk_maintaince_down
    }
    notify_master "/etc/keepalived/notify.sh master 172.16.25.11"
    notify_backup "/etc/keepalived/notify.sh backup 172.16.25.11"
    notify_fault "/etc/keepalived/notify.sh fault 172.16.25.11"
}

Similarly, modify the keepalived.conf configuration on the 172.16.25.110 node to the following content:

! Configuration File for keepalived
global_defs {
   notification_email {
         root@localhost
   }
   notification_email_from [email protected]
   smtp_connect_timeout 3
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
   interval 1
   weight 2
}
vrrp_script chk_haproxy {
    script "killall -0 haproxy"
    interval 1
    weight 2
}
vrrp_instance VI_1 {
    interface eth0
    state BACKUP
    priority 99
    virtual_router_id 125
    garp_master_delay 1
    authentication
        auth_type PASS
        auth_pass 1e3459f77aba4ded
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
        172.16.25.10/16 dev eth0 label eth0:0
    }
    track_script {
        chk_haproxy
chk_maintaince_down
    }
    notify_master "/etc/keepalived/notify.sh master 172.16.25.10"
    notify_backup "/etc/keepalived/notify.sh backup 172.16.25.10"
    notify_fault "/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
    interface eth0
    state MASTER
    priority 100
    virtual_router_id 126
    garp_master_delay 1
    authentication
        auth_type PASS
        auth_pass 7615c4b7f518cede
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
        172.16.25.11/16 dev eth0 label eth0:1
    }
    track_script {
        chk_haproxy
    }
    notify_master "/etc/keepalived/notify.sh master 172.16.25.11"
    notify_backup "/etc/keepalived/notify.sh backup 172.16.25.11"
    notify_fault "/etc/keepalived/notify.sh fault 172.16.25.11"
}
# vi /etc/keepalived/notify.sh
#!/bin/bash
# Author: Jason.Yu <[email protected]>
# description: An example of notify script
#
contact='root@localhost'
notify() {
    mailsubject="`hostname` to be $1:$2 floating"
    mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
    echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
    master)
        notify master $2
        /etc/rc.d/init.d/haproxy restart
        exit 0
    ;;
    backup)
        notify backup $2 # When the node switches to the backup state, there is no need to deliberately stop the haproxy service to prevent chk_maintaince and chk_haproxy from operating the haproxy service multiple times;
        exit 0
    ;;
    fault)
        notify fault $2 # Same as above exit 0
    ;;
    *)
        echo 'Usage: `basename $0` {master|backup|fault}'
        exit 1
    ;;
esac

Execute the keepalived startup command on both nodes. The command is as follows:

  $ service keepalived start

4. Haproxy deployment

HAProxy needs to be installed on both nodes. The command is as follows:

 $ yum -y install haproxy

Modify the haproxy.cfg file configuration on the 172.16.25.109 and 172.16.25.110 nodes (the configuration files on the two nodes are consistent). The command is as follows:

 $ vim /etc/haproxy/haproxy.cfg

The content of the configuration file is as follows:

global
    log 127.0.0.1 local2
    chroot /var/lib/haproxy
    pidfile /var/run/haproxy.pid
    maxconn 4000
    user haproxy
    group haproxy
    daemon # Run as a background program;
defaults
    mode http # Select HTTP mode to perform layer 7 filtering;
    log global
    option httplog # can get richer log output;
    option dontlognull
    option http-server-close # The server can close the HTTP connection function;
    option forwardfor except 127.0.0.0/8 # Pass the client's IP address to the server and write it into the "X-Forward_for" header;
    option redispatch
    retries 3
    timeout http-request 10s
    timeout queue 1m
    timeout connect 10s
    timeout client 1m
    timeout server 1m
    timeout http-keep-alive 10s
    timeout check 10s
    maxconn 30000
listen stats
    mode http
    bind 0.0.0.0:1080 # The statistics page is bound to port 1080;
    stats enable # Enable the statistics page function;
    stats hide-version #Hide Haproxy version number;
    stats uri /haproxyadmin?stats #Customize the access uri of the statistics page;
    stats realm Haproxy\ Statistics #Prompt information for password verification on the statistics page;
    stats auth admin:admin # Enable login authentication for the statistics page;
    stats admin if TRUE # If the logged-in user passes the verification, the management function is granted;
frontend http-in
    bind *:80
    mode http
    log global
    option httpclose
    option logasap
    option dontlognull
    capture request header Host len ​​20
    capture request header Referer len 60
    acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets
    acl url_static path_end -i .jpg .jpeg .gif .png .css .js .html
    use_backend static_servers if url_static # Requests that meet ACL rules are transferred to the backend static server default_backend dynamic_servers # Requests are transferred to the backend dynamic server by default backend static_servers
    Balance Round Robin
    server imgsrv1 192.168.0.25:80 check maxconn 6000 # Static server, multiple servers can be configured, and weight can be set;
backend dynamic_servers
    balance source # For dynamic requests, the source scheduling algorithm can be used to achieve session persistence to a certain extent; but it is best to use cookie binding to achieve session persistence server websrv1 192.168.0.35:80 check maxconn 1000 # Dynamic servers can be configured with multiple servers and weights can be set;

The two nodes start the service with the following commands:

$ service haproxy start

5. Nginx deployment

yum -y groupinstall "Development tools"
yum -y groupinstall “Server Platform Development”
yum install gcc openssl-devel pcre-devel zlib-devel
groupadd -r nginx
useradd -r -g nginx -s /sbin/nologin -M nginx
tar xf nginx-1.4.7.tar.gz
cd nginx-1.4.7
mkdir -pv /var/tmp/nginx
./configure \
  --prefix=/usr \
  --sbin-path=/usr/sbin/nginx \
  --conf-path=/etc/nginx/nginx.conf \
  --error-log-path=/var/log/nginx/error.log \
  --http-log-path=/var/log/nginx/access.log \
  --pid-path=/var/run/nginx/nginx.pid \
  --lock-path=/var/lock/nginx.lock \
  --user=nginx \
  --group=nginx \
  --with-http_ssl_module \
  --with-http_flv_module \
  --with-http_stub_status_module \
  --with-http_gzip_static_module \
  --http-client-body-temp-path=/var/tmp/nginx/client/ \
  --http-proxy-temp-path=/var/tmp/nginx/proxy/ \
  --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
  --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
  --http-scgi-temp-path=/var/tmp/nginx/scgi \
  --with-pcre
make && make install

Configure service scripts

vi /etc/init.d/nginx # Configure service script#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: -85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# Proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
   # make required directories
   user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}
start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}
stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}
restart() {
    configtest || return $?
    stop
    sleep 1
    start
}
reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}
force_reload() {
    restart
}
configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
    status $prog
}
rh_status_q() {
    rh_status >/dev/null 2>&1
}
case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload
        rh_status_q || exit 7
        $1
        ;;
    force-reload
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac
chmod +x /etc/init.d/nginx # Restore the execution permission of the service script vi /etc/nginx/nginx.conf # Edit the main configuration file worker_processes 2;
error_log /var/log/nginx/nginx.error.log;
pid /var/run/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include mime.types;
    default_type application/octet-stream;
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    sendfile on;
    keepalive_timeout 65;
    server {
        listen 80;
        server_name xxrenzhe.lnmmp.com;
        access_log /var/log/nginx/nginx.access.log main;
        location / {
            root /www/lnmmp.com;
            index index.php index.html index.htm;
        }
        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root /www/lnmmp.com;
        }
        location ~ \.php$ {
            root /www/lnmmp.com;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
    }
}
vi /etc/nginx/fastcgi_params # Edit fastcgi parameter file fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

Start the service

service nginx configtest #Verify that the configuration file is correct before starting the service service nginx start
ps -ef |grep nginx # Check the nginx process, especially whether the worker process is consistent with the worker_processes value ss -antupl |grep 80 # Check whether the service port is started

6. Access Verification

Haproxy statistics page test

Dynamic and static separation test

High availability testing

This concludes the introduction to Nginx high availability cluster construction (Keepalived+Haproxy+Nginx).

This is the end of this article about Nginx high-availability cluster construction (Keepalived+Haproxy+Nginx). For more relevant Nginx high-availability cluster content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!

You may also be interested in:
  • Example of how to implement master-slave hot standby using Docker+keepalived+nginx
  • Nginx+Keepalived realizes hot standby of dual machines
  • Configuration method of keepalived dual-machine hot standby nginx
  • Keepalived implements Nginx load balancing and high availability sample code
  • How to implement dual-machine master and backup with Nginx+Keepalived
  • Detailed explanation of nginx+keepalived high availability master-slave configuration
  • About using Keepalived to achieve automatic restart of Nginx and dual-active hot standby high availability

<<:  About the solution record of the page unresponsiveness when using window.print() in React

>>:  Design Story: The Security Guard Who Can't Remember License Plates

Recommend

TypeScript Enumeration Type

Table of contents 1. Overview 2. Digital Enumerat...

How to check whether a port is occupied in LINUX

I have never been able to figure out whether the ...

Several commonly used single-page application website sharing

CSS3Please Take a look at this website yourself, ...

How does the composite index of MySQL take effect?

Table of contents background Understanding compos...

Detailed explanation of how to prevent content from being selected, copied, or right-clicked in HTML pages

Sometimes, we don't want the content presente...

Example analysis of the page splitting principle of MySQL clustered index

This article uses an example to illustrate the pa...

Solution for installing opencv 3.2.0 in Ubuntu 18.04

Download opencv.zip Install the dependencies ahea...

The complete usage of setup, ref, and reactive in Vue3 combination API

1. Getting started with setUp Briefly introduce t...

Example of implementing circular progress bar in Vue

Data display has always been a demand that all wa...

Vue.js implements simple folding panel

This article example shares the specific code of ...

Solution to the problem that MySQL in Windows system cannot input and display Chinese

Step 1: Use Notepad to open the "my.ini"...

Detailed explanation of Vue's simple store

The simplest application of store in Vue is globa...

Use nginx.vim tool for syntax highlighting and formatting configuration nginx.conf file

I use tengine, the installation directory is /usr...

Three ways to implement text color gradient in CSS

In the process of web front-end development, UI d...

Implementation of multiple instances of tomcat on a single machine

1. Introduction First of all, we need to answer a...