lvs+keepalived集群

  • lvs+keepalived集群已关闭评论
  • 32 次浏览
  • A+
所属分类:linux技术
摘要

 [root@master ~]# yum -y install keepalived [root@master ~]# cat /etc/keepalived/keepalived.conf


使用lvs+keepalived架构架构实现后端web服务器(该web服务器要求搭建wordpress博客站)的负载均衡

最终客户端访问域名     我的名字.wordpress.cn 能够访问搭建的博客站 ,达到负载均衡的目的

IP 主机名 角色
192.168.26.101 rs1 后端真实服务器/nginx
192.168.26.102 rs2 后端真实服务器/nginx
192.168.26.103 master keepalived服务器master 
192.168.26.104 backup keepalived服务器backup
192.168.26.105 nfs Nfs服务器
192.168.26.201 web 数据库服务器
192.168.26.12 cesi 客户端

 

一.基础环境搭建

1.1master配置

1.1.1安装配置keepalived

[root@master ~]# yum -y install keepalived

[root@master ~]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs {     router_id master }  vrrp_instance VI_1 {  state MASTER  interface ens33  virtual_router_id 51  priority 150  advert_int 1  authentication {      auth_type PASS      auth_pass 1111  }   virtual_ipaddress {      192.168.26.222/24 dev ens33 label ens33:1  } }  virtual_server 192.168.26.222 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  # persistence_timeout 50  protocol TCP   real_server 192.168.26.101 80 {     weight 1     HTTP_GET {    url {   path /   status_code 200   }     }   connect_timeout 3   nb_get_retry 3   delay_before_retry 3  }   real_server 192.168.26.102 80 {       weight 1       HTTP_GET {        url {         path /         status_code 200         }       }        connect_timeout 3        nb_get_retry 3               delay_before_retry 3  } } 

 1.1.2查看下ipvsadm -ln是否帮你自动添加了lvs集群规则

[root@master ~]# systemctl restart keepalived.service    #生效    [root@master ~]# yum -y install ipvsadm                   
[root@master ~]# ipvsadm -ln #查看当前ipvs模块中记录的连接
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.26.222:80 wrr
  -> 192.168.26.101:80            Route   1      0          0         
  -> 192.168.26.102:80            Route   1      0          0         

 

1.2Backup配置

[root@backup ~]#  yum -y install keepalived
[root@backup ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
    router_id backup
}

vrrp_instance VI_1 {
 state BACKUP
 interface ens33
 virtual_router_id 51
 priority 100
 advert_int 1
 authentication {
     auth_type PASS
     auth_pass 1111
 }
 virtual_ipaddress {
     192.168.26.222/24 dev ens33 label ens33:1
 }
}

virtual_server 192.168.26.222 80 {
 delay_loop 6
 lb_algo wrr
 lb_kind DR
 # persistence_timeout 50
 protocol TCP

 real_server 192.168.26.101 80 {
    weight 1
    HTTP_GET {
   url {
  path /
  status_code 200
  }
   }
  connect_timeout 3
  nb_get_retry 3
  delay_before_retry 3
 }

 real_server 192.168.26.102 80 {
      weight 1
      HTTP_GET {
       url {
        path /
        status_code 200
        }
      }
       connect_timeout 3
       nb_get_retry 3
              delay_before_retry 3
 }

[root@backup ~]# systemctl restart keepalived.service

[root@master ~]# systemctl restart keepalived.service

[root@master ~]# yum -y install ipvsadm

[root@backup ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.26.222:80 wrr
  -> 192.168.26.101:80            Route   1      0          0         
  -> 192.168.26.102:80            Route   1      0          0   



 

1.3Rs1 安装nginx 添加虚拟IP arp抑制

#关闭防火墙和slinux
[root@rs1 ~]# systemctl stop firewalld.service
[root@rs1 ~]# setenforce 0
[root@rs1 ~]# yum -y install nginx


[root@rs1 ~]# echo "rs1" > /usr/share/nginx/html/index.html [root@rs1 ~]# systemctl enable --now nginx Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service. [root@rs1 ~]# curl 127.0.0.1 rs1 [root@rs1 ~]# ip addr add 192.168.26.222/32 dev ens33 label ens33:1 [root@rs1 ~]# vim /etc/sysctl.conf #在末尾插入 [root@rs1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2

1.4RS2同上

[root@rs2 ~]# systemctl stop firewalld.service  [root@rs2 ~]# setenforce 0 [root@rs2 ~]# yum -y install nginx

[root@rs2 ~]# echo "rs2" > /usr/share/nginx/html/index.html
[root@rs2 ~]# systemctl enable --now nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@rs2 ~]#  ip addr add 192.168.26.222/32 dev lo label lo:1
[root@rs2 ~]# curl 127.0.0.1
rs2
[root@rs2 ~]# vim /etc/sysctl.conf
[root@rs2 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2


 

 1.5测试

lvs+keepalived集群

二.实现后端服务器上运行wordpress博客站点

2.1Rs1  rs2继续配置 都配置PHP环境(编译安装

[root@rs1 ~]# yum -y remove php-fpm php-mysqlnd php-json  #(删除自带yum安装的)
Loaded plugins: fastestmirror
No Match for argument: php-fpm
No Match for argument: php-mysqlnd
No Match for argument: php-json
No Packages marked for removal
[root@rs1 ~]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
[root@rs1 ~]# cd /usr/local/src
[root@rs1 src]# wget https://www.php.net/distributions/php-7.4.11.tar.xz --2023-03-23 15:56:56-- https://www.php.net/distributions/php-7.4.11.tar.xz Resolving www.php.net (www.php.net)... 185.85.0.29, 2a02:cb40:200::1ad Connecting to www.php.net (www.php.net)|185.85.0.29|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 10302076 (9.8M) [application/octet-stream] Saving to: ‘php-7.4.11.tar.xz’ 100%[============================================================================================>] 10,302,076 2.26MB/s in 4.6s 2023-03-23 15:57:02 (2.16 MB/s) - ‘php-7.4.11.tar.xz’ saved [10302076/10302076] [root@rs1 src]# tar xf php-7.4.11.tar.xz [root@rs1 src]# cd php-7.4.11/

#编译安装
[root@rs1 php-7.4.11]# ./configure --prefix=/usr/local/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
+--------------------------------------------------------------------+
| License:                                                           |
| This software is subject to the PHP License, available in this     |
| distribution in the file LICENSE. By continuing this installation  |
| process, you are bound by the terms of this license agreement.     |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point.                            |
+--------------------------------------------------------------------+

Thank you for using PHP.
[root@rs1 php-7.4.11]# make -j 8 && make install
[root@rs1 php-7.4.11]# cp /usr/local/src/php-7.4.11/php.ini-production /etc/php.ini
[root@rs1 php-7.4.11]# cd /usr/local/php74/etc/
[root@rs1 etc]# cp php-fpm.conf.default php-fpm.conf
[root@rs1 etc]# pwd
/usr/local/php74/etc
[root@rs1 etc]# cd php-fpm.d/
[root@rs1 php-fpm.d]# cp www.conf.default www.conf
[root@rs1 php-fpm.d]# vim www.conf

user = nginx

group = nginx

打开

listen.allowed_clients = 127.0.0.1

pm.status_path = /status

lvs+keepalived集群

lvs+keepalived集群

lvs+keepalived集群

[root@rs1 php-fpm.d]#  /usr/local/php74/sbin/php-fpm -t
[23-Mar-2023 16:07:09] NOTICE: configuration file /usr/local/php74/etc/php-fpm.conf test is successful

[root@rs1 php-fpm.d]#  /usr/local/php74/sbin/php-fpm
[root@rs1 php-fpm.d]#  ss -ntl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      128                             127.0.0.1:9000                                                *:*                  
LISTEN     0      128                                     *:80                                                  *:*                  
LISTEN     0      128                                     *:22                                                  *:*                  
LISTEN     0      100                             127.0.0.1:25                                                  *:*                  
LISTEN     0      128                                  [::]:80                                               [::]:*                  
LISTEN     0      128                                  [::]:22                                               [::]:*                  
LISTEN     0      100                                 [::1]:25                                               [::]:*                  
[root@rs1 php-fpm.d]# vim /etc/nginx/nginx.conf
域名登录

lvs+keepalived集群

 

         index        index.php;

     # Load configuration files for the default server block.

        include /etc/nginx/default.d/*.conf;

插入   location ~ .php$ {

   root html;

   fastcgi_pass 127.0.0.1:9000;

   fastcgi_index index.php;

   fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;

   include fastcgi_params;

  }

lvs+keepalived集群

 

[root@rs1 php-fpm.d]# systemctl restart nginx.service

 

2.2部署 WordPress

[root@rs1 ~]# wget https://cn.wordpress.org/wordpress-6.0.1-zh_CN.tar.gz --2023-03-23 16:23:27--  https://cn.wordpress.org/wordpress-6.0.1-zh_CN.tar.gz Resolving cn.wordpress.org (cn.wordpress.org)... 198.143.164.252 Connecting to cn.wordpress.org (cn.wordpress.org)|198.143.164.252|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 21933976 (21M) [application/octet-stream] Saving to: ‘wordpress-6.0.1-zh_CN.tar.gz’  100%[============================================================================================>] 21,933,976  4.26MB/s   in 6.8s     2023-03-23 16:23:35 (3.09 MB/s) - ‘wordpress-6.0.1-zh_CN.tar.gz’ saved [21933976/21933976]  [root@rs1 ~]# tar xf wordpress-6.0.1-zh_CN.tar.gz [root@rs1 ~]# cp -r wordpress/* /usr/share/nginx/html/ [root@rs1 ~]# cd /usr/share/nginx/html/ [root@rs1 html]# cp wp-config-sample.php wp-config.php [root@rs1 html]# vim wp-config.php
lvs+keepalived集群

 

  [root@rs1 html]# chown -R nginx.nginx .  #修改权限所属

 

2.3rocky安装数据库

[root@web ~]# systemctl stop firewalld.service [root@web ~]# setenforce 0 [root@web ~]# curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup [root@web ~]# bash mariadb_repo_setup --mariadb-server-version=10.6 # [info] Checking for script prerequisites. # [info] MariaDB Server version 10.6 is valid # [info] Repository file successfully written to /etc/yum.repos.d/mariadb.repo # [info] Adding trusted package signing keys... /etc/pki/rpm-gpg ~ ~ # [info] Successfully added trusted package signing keys # [info] Cleaning package cache... 25 文件已删除 [root@web ~]# dnf -y install mariadb-server
[root@web ~]#  systemctl enable --now mariadb
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
[root@web ~]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or g.
Your MariaDB connection id is 6
Server version: 10.6.12-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

MariaDB [(none)]>  create database wordpress;
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]> create user wordpress@'192.168.26.%' identified by '123456';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> grant all on wordpress.* to wordpress@'192.168.26.%';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> quit

 百度访问RS1IP 192.168.26.101

 lvs+keepalived集群

lvs+keepalived集群

 

 

 lvs+keepalived集群

2.4RS2配置

[root@rs2 ~]# yum -y remove php-fpm php-mysqlnd php-json
Loaded plugins: fastestmirror
No Match for argument: php-fpm
No Match for argument: php-mysqlnd
No Match for argument: php-json
No Packages marked for removal
[root@rs2 ~]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel

[root@rs2 src]# wget https://www.php.net/distributions/php-7.4.11.tar.xz --2023-03-23 15:56:56-- https://www.php.net/distributions/php-7.4.11.tar.xz Resolving www.php.net (www.php.net)... 185.85.0.29, 2a02:cb40:200::1ad Connecting to www.php.net (www.php.net)|185.85.0.29|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 10302076 (9.8M) [application/octet-stream] Saving to: ‘php-7.4.11.tar.xz’ 100%[============================================================================================>] 10,302,076 2.26MB/s in 4.6s 2023-03-23 15:57:02 (2.16 MB/s) - ‘php-7.4.11.tar.xz’ saved [10302076/10302076] [root@rs2 src]# tar xf php-7.4.11.tar.xz [root@rs2 src]# cd php-7.4.11/


[root@rs2 php-7.4.11]# ./configure --prefix=/usr/local/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
+--------------------------------------------------------------------+
| License:                                                           |
| This software is subject to the PHP License, available in this     |
| distribution in the file LICENSE. By continuing this installation  |
| process, you are bound by the terms of this license agreement.     |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point.                            |
+--------------------------------------------------------------------+

Thank you for using PHP.
[root@rs1 php-7.4.11]# make -j 8 && make install
[root@rs1 ~]#  scp /usr/local/php74/etc/php-fpm.conf root@192.168.26.102:/usr/local/php74/etc/
root@192.168.26.102's password:
php-fpm.conf                                                                                        100% 5387     3.5MB/s   00:00    
[root@rs1 ~]# scp /usr/local/php74/etc/php-fpm.d/www.conf  root@192.168.26.102:/usr/local/php74/etc/php-fpm.d/
root@192.168.26.102's password:
www.conf                                                                                            100%   19KB  11.1MB/s   00:00  


[root@rs2 php-7.4.11]# ls /usr/local/php74/etc/ php-fpm.conf php-fpm.conf.default php-fpm.d [root@rs2 php-7.4.11]# ls /usr/local/php74/etc/php-fpm.d/ www.conf www.conf.default [root@rs2 php-7.4.11]# vim /etc/nginx/nginx.conf
lvs+keepalived集群

 


     index        index.php;


     # Load configuration files for the default server block.


        include /etc/nginx/default.d/*.conf;


插入   location ~ .php$ {


   root html;


   fastcgi_pass 127.0.0.1:9000;


   fastcgi_index index.php;


   fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;


   include fastcgi_params;


  }

lvs+keepalived集群

 

[root@rs2 php-7.4.11]# systemctl restart nginx.service [root@rs2 php-7.4.11]# 

 

2.5NFS服务器

  [root@nfs ~]# yum -y install nfs-utils


[root@nfs ~]# mkdir /code [root@nfs ~]# vim /etc/exports
/code * (rw)
[root@nfs
~]# chmod 777 /code/ [root@nfs ~]# systemctl start nfs-server.service

  客户端rs1rs2 挂载

yum -y install nfs-utils

systemctl restart nfs-server

yum -y install rpcbind

systemctl enable --now nfs-server rpcbind

showmount -e 192.168.26.105 测试

Export list for 192.168.26.105:

/code *                    #以上rs1,2都执行

[root@rs1 ~]# tar zcf xkf.tar.gz /usr/share/nginx/html/
tar: Removing leading `/' from member names
[root@rs1 ~]# ls
  anaconda-ks.cfg  wordpress  wordpress-6.0.1-zh_CN.tar.gz  xkf.tar.gz
[root@rs1 ~]# scp xkf.tar.gz root@192.168.26.105:/root

[root@nfs ~]# tar xf xkf.tar.gz [root@nfs ~]# cd usr/share/nginx/html/ [root@nfs html]# cd .. [root@nfs nginx]# mv html/* /code [root@nfs nginx]# ls /code/ 404.html  img          nginx-logo.png   wp-admin              wp-config-sample.php  wp-links-opml.php  wp-settings.php 50x.html  index.html   poweredby.png    wp-blog-header.php    wp-content            wp-load.php        wp-signup.php en-US     index.php    readme.html      wp-comments-post.php  wp-cron.php           wp-login.php       wp-trackback.php icons     license.txt  wp-activate.php  wp-config.php         wp-includes           wp-mail.php        xmlrpc.php
[root@rs1 ~]# mount -t nfs 192.168.26.105:/code /usr/share/nginx/html/
[root@rs1 ~]# df -Th
192.168.26.105:/code    nfs4       40G  1.7G   39G   5% /usr/share/nginx/html

[root@rs2 php-7.4.11]# showmount -e 192.168.26.105
Export list for 192.168.26.105:
/code *
[root@rs2 php-7.4.11]# mount -t nfs 192.168.26.105:/code /usr/share/nginx/html/
[root@rs2 php-7.4.11]# df -Th
192.168.26.105:/code    nfs4       40G  1.7G   39G   5% /usr/share/nginx/htm

 lvs+keepalived集群