nginx負載均衡高可用部署和代理配置

nginx負載均衡高可用配置

服務器A：172.16.100.2
服務器B：172.16.100.3

首先先在兩臺服務器上分別安裝好nginx和keepalived後，再進行下面的操作

配置keepalived高可用(不搶佔)
服務器A：172.16.100.2
服務器B：172.16.100.3
VIP：172.16.100.14

首先在服務器A和服務器B上各安裝好keepalived，安裝好後，再繼續下面的操作。

在服務器A上執行

1.編寫腳本監控nginx狀態

echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh

2.配置全局定義塊

global_defs {
      router_id nginxserver01
}

3.keepalived只能做到對網絡故障和keepalived本身的監控,配置腳本監控mysql服務狀態

weight對priority的影響詳情請參考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checkmysql
{
      script "/etc/keepalived/checknginx.sh"
      interval 3
      weight -20
}

4.配置VRRP實例定義塊

vrrp_instance instance1 {
      state MASTER
      virtual_router_id 1
      interface eth0
      mcast_src_ip 172.16.100.2
      priority 100
      advert_int 3
      nopreempt
      authentication {
          auth_type PASS
          auth_pass kee1234
      }
      virtual_ipaddress {
      172.16.100.14
      }
      track_script {
      checknginx
      }
}

在服務器B上執行

1.編寫腳本監控nginx狀態

echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh

2.配置全局定義塊

global_defs {
      router_id nginxserver02
}

3.keepalived只能做到對網絡故障和keepalived本身的監控,配置腳本監控mysql服務狀態

weight對priority的影響詳情請參考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checknginx
{
      script "/etc/keepalived/checknginx.sh"
      interval 3
      weight -20
}

4.配置VRRP實例定義塊

vrrp_instance instance1 {
      state BACKUP
      virtual_router_id 1
      interface eth0
      mcast_src_ip 172.16.100.3
      priority 90
      advert_int 3
      nopreempt
      authentication {
          auth_type PASS
          auth_pass kee1234
      }
      virtual_ipaddress {
      172.16.100.14
      }
      track_script {
      checknginx
      }
}

nginx配置http代理(開啓會話保持、安全配置)

cat << EOF > /usr/local/myapps/nginx/http8888.conf
upstream http8888{
     sticky;
     server 172.16.100.2:8080;
}
server{
     listen 8888;
     charset utf-8;
     proxy_connect_timeout 180;
     proxy_send_timeout 180;
     proxy_read_timeout 180;   
     proxy_buffering off;
     proxy_set_header Host $host:$server_port;
     proxy_set_header X-Real-IP  $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     location / {
         proxy_pass  http://http8888;
     }
     access_log  logs/http8888.access.log access;
}

會話保持

1.源地址哈希算法

指令：ip hash;
不足：
當後端服務器宕機後，session會丟失；
來自同一局域網的客戶端會被轉發到同一個後端服務器，可能導致負載失衡；
不適用於CDN網絡，不適用於前段還有代理的情況。

2.cookie會話保持

優點：
可以實現同一局域網的客戶端的負載均衡
指令：sticky ;
sticky的一些參數，比如sticky的緩存時間，作用於之類的。這裏詳細可以查詢sticky解壓包裏的readme
要啓用cookie會話保持需要添加sticky模塊。
(添加新模塊的步驟：停止nginx，備份nginx，帶上之前的編譯參數和新的模塊參數重新編譯，將編譯生成的含有新模塊的nginx二進制文件覆蓋sbin目錄中的nginx，重啓nginx即可)
wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz
tar -zxf master.tar.gz
mv nginx-goodies-nginx-sticky-module-ng-08a395c66e42  nginx-sticky-module
ps -ef | grep nginx | grep -v grep | awk '{print $2}' |xargs kill -9
cp -ar /usr/local/myapps/nginx   /usr/local/myapps/nginx_bak`date "+%Y%m%d"`
cd /root/nginx-1.15.9
nginx -V
./configure --prefix=/usr/local/myapps/nginx --sbin-path=/usr/sbin/nginx --pid-path=/usr/local/myapps/nginx/logs/nginx.pid --error-log-path=/usr/local/myapps/nginx/logs/error.log --http-log-path=/usr/local/myapps/nginx/logs/access.log --with-pcre=/usr/local/myapps/pcre-8.43 --with-zlib=/usr/local/myapps/zlib-1.2.11 --with-http_stub_status_module --with-stream --add-module=/root/nginx-sticky-module
/usr/bin/cp /root/nginx-1.15.9/objs/nginx /usr/sbin/
nginx -c /usr/local/myapps/nginx/conf/nginx.conf