nginx负载均衡高可用部署和代理配置

时间:2024-08-21 12:37:02

nginx负载均衡高可用配置

服务器A:172.16.100.2
服务器B:172.16.100.3

首先先在两台服务器上分别安装好nginx和keepalived后,再进行下面的操作

配置keepalived高可用(不抢占)
服务器A:172.16.100.2
服务器B:172.16.100.3
VIP:172.16.100.14

首先在服务器A和服务器B上各安装好keepalived,安装好后,再继续下面的操作。

在服务器A上执行

1.编写脚本监控nginx状态

echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh

2.配置全局定义块

global_defs {
      router_id nginxserver01
}

3.keepalived只能做到对网络故障和keepalived本身的监控,配置脚本监控mysql服务状态

weight对priority的影响详情请参考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checkmysql
{
      script "/etc/keepalived/checknginx.sh"
      interval 3
      weight -20
}

4.配置VRRP实例定义块

vrrp_instance instance1 {
      state MASTER
      virtual_router_id 1
      interface eth0
      mcast_src_ip 172.16.100.2
      priority 100
      advert_int 3
      nopreempt
      authentication {
          auth_type PASS
          auth_pass kee1234
      }
      virtual_ipaddress {
      172.16.100.14
      }
      track_script {
      checknginx
      }
}

在服务器B上执行

1.编写脚本监控nginx状态

echo '#!/bin/bash
count = `ps aux | grep -v grep | grep nginx | wc -l`
if [ $count > 0 ];then
exit 0
else
exit 1
fi' > /etc/keepalived/checknginx.sh

2.配置全局定义块

global_defs {
      router_id nginxserver02
}

3.keepalived只能做到对网络故障和keepalived本身的监控,配置脚本监控mysql服务状态

weight对priority的影响详情请参考https://www.cnblogs.com/arjenlee/p/9258188.html
vrrp_script checknginx
{
      script "/etc/keepalived/checknginx.sh"
      interval 3
      weight -20
}

4.配置VRRP实例定义块

vrrp_instance instance1 {
      state BACKUP
      virtual_router_id 1
      interface eth0
      mcast_src_ip 172.16.100.3
      priority 90
      advert_int 3
      nopreempt
      authentication {
          auth_type PASS
          auth_pass kee1234
      }
      virtual_ipaddress {
      172.16.100.14
      }
      track_script {
      checknginx
      }
}

nginx配置http代理(开启会话保持、安全配置)

cat << EOF > /usr/local/myapps/nginx/http8888.conf
upstream http8888{
     sticky;
     server 172.16.100.2:8080;
}
server{
     listen 8888;
     charset utf-8;
     proxy_connect_timeout 180;
     proxy_send_timeout 180;
     proxy_read_timeout 180;   
     proxy_buffering off;
     proxy_set_header Host $host:$server_port;
     proxy_set_header X-Real-IP  $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     location / {
         proxy_pass  http://http8888;
     }
     access_log  logs/http8888.access.log access;
}

会话保持

1.源地址哈希算法

指令:ip hash;
不足:
当后端服务器宕机后,session会丢失;
来自同一局域网的客户端会被转发到同一个后端服务器,可能导致负载失衡;
不适用于CDN网络,不适用于前段还有代理的情况。

2.cookie会话保持

优点:
可以实现同一局域网的客户端的负载均衡
指令:sticky ;
sticky的一些参数,比如sticky的缓存时间,作用于之类的。这里详细可以查询sticky解压包里的readme
要启用cookie会话保持需要添加sticky模块。
(添加新模块的步骤:停止nginx,备份nginx,带上之前的编译参数和新的模块参数重新编译,将编译生成的含有新模块的nginx二进制文件覆盖sbin目录中的nginx,重启nginx即可)
wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz
tar -zxf master.tar.gz
mv nginx-goodies-nginx-sticky-module-ng-08a395c66e42  nginx-sticky-module
ps -ef | grep nginx | grep -v grep | awk '{print $2}' |xargs kill -9
cp -ar /usr/local/myapps/nginx   /usr/local/myapps/nginx_bak`date "+%Y%m%d"`
cd /root/nginx-1.15.9
nginx -V
./configure --prefix=/usr/local/myapps/nginx --sbin-path=/usr/sbin/nginx --pid-path=/usr/local/myapps/nginx/logs/nginx.pid --error-log-path=/usr/local/myapps/nginx/logs/error.log --http-log-path=/usr/local/myapps/nginx/logs/access.log --with-pcre=/usr/local/myapps/pcre-8.43 --with-zlib=/usr/local/myapps/zlib-1.2.11 --with-http_stub_status_module --with-stream --add-module=/root/nginx-sticky-module
/usr/bin/cp /root/nginx-1.15.9/objs/nginx /usr/sbin/
nginx -c /usr/local/myapps/nginx/conf/nginx.conf