Shulou(Shulou.com)06/02 Report--

Background introduction

We all know that the resources that a server can provide are limited. If we want to break this limitation, there are only two ways. One is to purchase hardware to improve server performance, but the performance-to-price ratio is too high. The second method is to use cluster software to let two servers handle different requests for a service, sharing the load of a single server, so as to improve performance. The famous open source software to achieve this is Nginx or Lvs. Here we use LVS, but lvs needs a scheduling server, so the scheduling server is a single point of failure of training. Once the scheduling server fails, the whole cluster will collapse, so we need two scheduling nodes. Once one scheduling node is damaged, the other scheduling node starts to work. Here we use Keepalived open source software to achieve the high availability of the scheduler.

Introduction of logical diagram

1. When users access Nginx, they first access Master1 through VIP, and Master specifies which real-server to provide the service.

two。 In Master, Nginx1 is selected to provide the service through the algorithm specified by lvs-Dr, then the data is sent to Nginx1 through VIP.

After 3.Nginx processes the request, it sends the processed request directly to User through its own VIP.

Note:

If Master fails, then Baskup will work instead of Master

If Nginx1 fails, then Nginx2 will bring Nginx1 to work.

If the Nginx1 does not fail, then the LVS service usage algorithm averages the requests to Nginx1 and Nginx2

If two Nginx fail at the same time, Master will provide Sorry Server service.

Physical Topology Diagram and Environment introduction

Servers: use virtual machines to virtualize 4 sets of servers

Operating system: CentOS7.3

HA software / LVs software: keepalived

Web software: Nginx

IP and hostname configuration

VIP:172.18.17.30

Master:

Hostname: shiyan7.one

IP address: 172.18.17.31

Backup

Hostname: shiyan7.fore

IP address: 172.18.17.34

Nginx1

Hostname: shiyan7.two

IP address: 172.18.17.34

Nginx2

Hostname: shiyan7.thy

IP address: 172.18.17.34

4 servers initialize configuration

Synchronous time service

# Master configuration NTP Server [root@shiyan7 ~] # vim / etc/ntp.conf restrict 172.18.17.0 mask 255.255.0.0 nomodify notrap server 127.127.1.0 fudge 127.1.1.0 stratum 8 [root@shiyan7 ~] # ntpdate 172.18.17.31

Close Selinux

[root@shiyan7 ~] # vim / etc/selinux/config SELINUX=disabled

Turn off the firewall

[root@shiyan7 ~] # systemctl stop firewalld [root@shiyan7 ~] # systemctl disable firewalld [root@shiyan7 ~] # iptables-F

Hostname resolution configuration

[root@shiyan7] # cat / etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.18.17.34 shiyan.fore 172.18.17.31 shiyan.one 172.18.17.32 shiyan7.two 172.18.17.33 shiyan7.thy

Master/Backup initialization configuration

Install KeepAlived and Nginx software

[root@shiyan7 ~] # yum install keepalived nginx ipvsadm

Nginx1/2 initialization configuration

Install Nginx softwar

[root@shiyan7 ~] # yum install nginx # configure a script to configure VIP and change kernel parameters. [root@shiyan7 ~] # touch roush.sh [root@shiyan7 ~] # chmod + x roush.sh [root@shiyan7 ~] # vim roush.sh #! / bin/bash # vip= "172.18.17.30" netmask= "255.255.255.255" Iface= "lo:0" case $1 in start) echo 1 > / proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > / proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > / proc/sys/net/ipv4 / conf/all/arp_announce echo 2 > / proc/sys/net/ipv4/conf/lo/arp_announce ifconfig $iface $vip netmask $netmask broadcast $vip up route add-host $vip dev $iface Stop) ifconfig $iface down echo 0 > / proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > / proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > / proc/sys/net/ipv4/conf/all/arp_announce Echo 0 > / proc/sys/net/ipv4/conf/lo/arp_announce ; esac

Ngxin1 configuration

[root@shiyan7 ~] # / roush.sh start [root@shiyan7 ~] # mkdir / app/nginx/html [root@shiyan7 ~] # echo "RS1:172.18.17.32" > / app/nginx/html/index.html [root@shiyan7 ~] # cp / etc/nginx/nginx/conf { .bak} # backup the original file [root@shiyan7 ~] # vim / etc/nginx/nginx/conf server {listen 80 default_server Listen [:]: 80 default_server; server_name _; root / app/nginx/html;# modifies the path here in root, the other does not need # Load configuration files for the default server block. Include / etc/nginx/default.d/*.conf; location / {} error_page 404 / 404.html; location = / 40x.html {} error_page 500502 503504 / 50x.html } [root@shiyan7 ~] # systemctl start nginx # Test Nginx Service [root@yum ~] # curl http://172.18.17.33 RS1:172.18.17.33

Ngxin2 configuration

[root@shiyan7 ~] # / roush.sh start [root@shiyan7 ~] # mkdir / app/nginx/html [root@shiyan7 ~] # echo "RS1:172.18.17.33" > / app/nginx/html/index.html [root@shiyan7 ~] # cp / etc/nginx/nginx/conf { .bak} # backup the original file [root@shiyan7 ~] # vim / etc/nginx/nginx/conf server {listen 80 default_server Listen [:]: 80 default_server; server_name _; root / app/nginx/html;# modifies the path here in root, the other does not need # Load configuration files for the default server block. Include / etc/nginx/default.d/*.conf; location / {} error_page 404 / 404.html; location = / 40x.html {} error_page 500502 503504 / 50x.html } [root@shiyan7 ~] # systemctl start nginx # Test Nginx Service [root@yum ~] # curl http://172.18.17.34 RS1:172.18.17.34

Configuration on Master

# configure Nginx1-Sorry Server [root@shiyan7 ~] # mkdir / app/nginx/html [root@shiyan7 ~] # echo "Sorry server-1" > / app/nginx/html/index.html [root@shiyan7 ~] # cp / etc/nginx/nginx/conf {, .bak} # backup the original file [root@shiyan7 ~] # vim / etc/nginx/nginx/conf server {listen 80 default_server Listen [:]: 80 default_server; server_name _; root / app/nginx/html;# modifies the path here in root, the other does not need # Load configuration files for the default server block. Include / etc/nginx/default.d/*.conf; location / {} error_page 404 / 404.html; location = / 40x.html {} error_page 500502 503504 / 50x.html } [root@shiyan7 ~] # systemctl start nginx # Test Nginx1-Sorry Server [root@yum ~] # curl http://172.18.17.31 Sorry server-1 # configure Keepalived Service [root@shiyan7 ~] # cp / etc/keepalived/keepalived.conf { .bak} [root@shiyan7 ~] # vim / etc/keepalived/keepalived.conf vrrp_instance Ha_1 {state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication {auth_type PASS auth_pass 1111} virtual_ Ipaddress {172.18.17.30/16 dev ens33}} virtual_server 172.18.17.30 80 {delay_loop 6 lb_algo lc lb_kind DR persistence_timeout 50 protocol TCP sorry_server 172.18.17.31 80 Real_server 172.18.17.32 80 {weight 1 HTTP_GET {url {path / status_code 200} connect_timeout 3 nb_get_retry 3 Delay_before_retry 3}} real_server 172.18.17.33 80 {weight 1 HTTP_GET {url {path / status_code 200} Connect_timeout 3 nb_get_retry 3 delay_before_retry 3} [root@shiyan7 ~] # systemctl start keepalived # check whether the configuration is successful [root@shiyan7 ~] # ip al 2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ Ether 00:0c:29:1b:f5:ae brd ff:ff:ff:ff:ff:ff inet 172.18.17.31 ether 00:0c:29:1b:f5:ae brd ff:ff:ff:ff:ff:ff inet 16 brd 172.18.255.255 scope global ens33 valid_lft forever preferred_lft forever inet 172.18.17.30 root@shiyan7 16 scope global secondary ens33 valid_lft forever preferred_lft forever [root@shiyan7 ~] # ipvsadm-ln IP Virtual Server version 1.2.1 ( Size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.17.30 lc persistent 80 lc persistent 50-> 172.18.17.32 lc persistent 80 Route 100-> 172.18.17.33 RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 80 Route 100 0

Configuration on Backup

# configure Nginx1-Sorry Server [root@shiyan7 ~] # mkdir / app/nginx/html [root@shiyan7 ~] # echo "Sorry server-2" > / app/nginx/html/index.html [root@shiyan7 ~] # cp / etc/nginx/nginx/conf {, .bak} # backup the original file [root@shiyan7 ~] # vim / etc/nginx/nginx/conf server {listen 80 default_server Listen [:]: 80 default_server; server_name _; root / app/nginx/html;# modifies the path here in root, the other does not need # Load configuration files for the default server block. Include / etc/nginx/default.d/*.conf; location / {} error_page 404 / 404.html; location = / 40x.html {} error_page 500502 503504 / 50x.html } [root@shiyan7 ~] # systemctl start nginx # Test Nginx1-Sorry Server [root@yum ~] # curl http://172.18.17.34 Sorry server-2 # configure Keepalived Service [root@shiyan7 ~] # cp / etc/keepalived/keepalived.conf { .bak} [root@shiyan7 ~] # vim / etc/keepalived/keepalived.conf vrrp_instance Ha_1 {state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication {auth_type PASS auth_pass 1111} virtual_ Ipaddress {172.18.17.30/16 dev ens33}} virtual_server 172.18.17.30 80 {delay_loop 6 lb_algo lc lb_kind DR persistence_timeout 50 protocol TCP sorry_server 172.18.17.32 80 Real_server 172.18.17.32 80 {weight 1 HTTP_GET {url {path / status_code 200} connect_timeout 3 nb_get_retry 3 Delay_before_retry 3}} real_server 172.18.17.33 80 {weight 1 HTTP_GET {url {path / status_code 200} Connect_timeout 3 nb_get_retry 3 delay_before_retry 3} [root@shiyan7 ~] # systemctl start keepalived [root@shiyan7 ~] # ip al 2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00: 0c:29:1b:f5:ae brd ff:ff:ff:ff:ff:ff inet 172.18.17.34 0c:29:1b:f5:ae brd ff:ff:ff:ff:ff:ff inet 16 brd 172.18.255.255 scope global ens33 valid_lft forever preferred_lft forever # this is a Baskup service, so there will be no VIP address [root@shiyan7 ~] # ipvsadm-ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.17.30 lc persistent 80 lc persistent 50-> 172.18.17.32 lc persistent 80 Route 100-> 172.18.17.33 lc persistent 80 Route 100

Test service

# normal test [root@yum] # curl http://172.18.17.30 RS1:172.18.17.32 [root@yum] # curl http://172.18.17.30 RS1:172.18.17.34 # turn off Nginx1 test [root@yum] # curl http://172.18.17.30 RS1:172.18.17.33 # close all Nginx service tests [root@yum ~] # curl http://172.18.17.30Sorry server-1# closes Master testing [root@yum ~] # curl http://172.18.17.30Sorry server-2

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.