Shulou(Shulou.com)06/03 Report--

The following brings you some questions and answers about load balancing based on keepalived + nginx under Linux Centos7, hoping to give you some help in practical application. Load balancing involves more things, there are not many theories, and there are many books on the Internet. Today, we will use the accumulated experience in the industry to do an answer.

First of all, you need to shut down the firewall and selinux of the CVM.

1. Prepare four nginx CVMs, two as proxies and two as backend real CVMs.

2. Configure two real CVMs

Number one:

[root@vm-4 ~] # systemctl start nginx [root@vm-4 ~] # systemctl enable nginx [root@vm-4 conf.d] # echo "server111" > / usr/share/nginx/html/index.html Test: [root@vm-4 conf.d] # curl localhost server111

Station 2:

[root@vm-5 ~] # systemctl start nginx [root@vm-5 ~] # systemctl enable nginx [root@vm-5 conf.d] # echo "server222" > / usr/share/nginx/html/index.html Test: [root@vm-5 conf.d] # curl localhost server222

3. Configure two nginx proxy CVMs

[root@vm-2 ~] # systemctl start nginx [root@vm-2 ~] # systemctl enable nginx [root@vm-2 ~] # cd / etc/nginx/conf.d/ [root@vm-2 conf.d] # cp default.conf proxy.conf [root@vm-2 conf.d] # mv default.conf default.conf.bak [root@vm-2 conf.d] # vi upstream.conf upstream nginx_pool {server 10.30.161.241 80 weight=1 max_fails=2 fail_timeout=2 Server 10.30.161.242 weight=1 max_fails=2 fail_timeout=2;} [root@vm-2 conf.d] # vi proxy.conf location / {proxy_pass http://nginx_pool; proxy_redirect default; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for }

Copy the configuration file of nginx to another proxy cloud server:

[root@vm-2 conf.d] # scp proxy.conf upstream.conf 10.30.161.214:/etc/nginx/conf.d/ restart nginx: systemctl restart nginx respectively

4. Install software on the two proxy CVM respectively

Master: [root@vm-2 conf.d] # yum install-y keepalived [root@vm-2 conf.d] # cp / etc/keepalived/keepalived.conf / etc/keepalived/keepalived.conf.bak [root@vm-2 conf.d] # vim / etc/keepalived/keepalived.conf

Configure keepalived to delete all the contents and add the following:

! Configuration File for keepalivedglobal_defs {router_id director1 # Secondary to director2} vrrp_instance VI_1 {state MASTER # definition main or standby interface ens33 # VIP binding interface virtual_router_id 80 # Scheduler for the entire cluster consistent priority 100 # back to 50 advert_int 1 authentication {auth_type PASS Auth_pass 1111} virtual_ipaddress {10.30.161.200 VIP}} backup: [root@yum_nginx ~] # cp / etc/keepalived/keepalived.conf [root@yum_nginx ~] # vi / etc/keepalived/keepalived.conf configuration keepalived Delete all the contents and add the following:! Configuration File for keepalivedglobal_defs {router_id directory2} vrrp_instance VI_1 {state BACKUP interface ens33 nopreempt virtual_router_id 80 priority 50 advert_int 1 authentication {auth_type PASS auth_pass 1111} virtual_ipaddress { 10.30.161.200/24}}

5. Two proxy servers start keepalived respectively

[root@yum_nginx ~] # systemctl enable keepalived.service [root@yum_nginx ~] # systemctl start keepalived.service

6. Whether the test is successful or not

On master, ip a can show that VIP is 10.30.161.200 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:29:a6:12 brd ff:ff:ff:ff:ff:ffinet 24 2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:29:a6:12 brd ff:ff:ff:ff:ff:ffinet 10.30.161.51 scope global dynamic ens33 valid_lft 168379sec preferred_lft 168379secinet 24 scope global secondary ens33 valid_lft forever preferred_lft foreverinet6 fe80::8cfe:8d87:6478 10.30.161.255 scope global dynamic ens33 valid_lft 168379sec preferred_lft 168379secinet 10.30.161.255 : baee/64 scope link valid_lft forever preferred_lft foreverinet6 fe80::d9c7:8228:5b45:afed/64 scope link tentative dadfailed valid_lft forever preferred_lft forever

Use curl to access VIP and poll normally

[root@vm-5 conf.d] # curl 10.30.161.200 server111 [root @ vm-5 conf.d] # curl 10.30.161.200 server222 [root @ vm-5 conf.d] # curl 10.30.161.200 server111 [root @ vm-5 conf.d] # curl 10.30.161.200server222 test when a master failure [root@vm-2 conf.d] # systemctl stop keepalived ip a finds that VIP is offset to the backup proxy server

So far:

Can solve heartbeat failure keepalived

But it can not solve the Nginx service failure.

Extension for scheduler Nginx health check (optional) both sets

Train of thought:

Let Keepalived execute an external script at regular intervals. The function of the script is to turn off the local Keepalived when Nginx fails.

(1) script

[root@nginx-proxy-master ~] # vim / etc/keepalived/check_nginx_status.sh

#! / bin/bash

# + check whether the nginx process exists

Counter=$ (ps-C nginx-- no-heading | wc-l) # this line has a service name

If ["${counter}" = "0"]; then

# try to start nginx once, stop for 5 seconds and detect again

Systemctl start nginx # start the service

Sleep 5

Counter=$ (ps-C nginx-- no-heading | wc-l) # this line has a service name

If ["${counter}" = "0"]; then

# if the startup is not successful, kill the keepalive and trigger the master / slave switch.

Service keepalived stop

Fi

Fi

[root@nginx-proxy-master ~] # chmod adepx / etc/keepalived/check_nginx_status.sh

(2)。 Keepalived uses script

! Configuration File for keepalivedglobal_defs {router_id director1} vrrp_script check_nginx {# Health Inspection Module calls script "/ etc/keepalived/check_nginx_status.sh" # to specify how often the script interval 5 # checks Seconds} vrrp_instance VI_1 {state MASTER interface ens33 virtual_router_id 80 priority 100 advert_int 1 authentication {auth_type PASS auth_pass 1111} virtual_ipaddress {192.168.246.16 on24} track_script {reference script Check_nginx}}

Note: nginx must be started before keepalived

After reading the answers to some of the above questions about keepalived + nginx load balancing based on Linux Centos7, if you have anything else you need to know, you can find what you are interested in in the industry information or find our professional and technical engineers. Technical engineers have more than ten years of experience in the industry.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.