nginx実装要求の負荷等化+keepalived実装nginxの高可用性shellスクリプト使用チュートリアル


nginx実装要求の負荷等化+keepalived実装nginxの高可用性shellスクリプト使用チュートリアル
前言
  • クラスタの使用は、Webサイトが高同時性、大量のデータ問題を解決するための一般的な手段です.1台のサーバの処理能力、ストレージ容量が不足している場合、より強力なサーバを交換しようとしないでください.大規模なWebサイトにとって、どんなに強力なサーバでも、Webサイトの持続的な成長のビジネスニーズを満たすことはできません.この場合、既存のサーバへのアクセスとストレージの圧力を1台のサーバで分担することがより適切です.ロード・バランシング・スケジューリング・サーバにより、ブラウザからのアクセス要求をアプリケーション・サーバ・クラスタのいずれかのサーバに配布し、より多くのユーザーがいれば、クラスタにより多くのアプリケーション・サーバを追加し、アプリケーション・サーバの負荷圧力がWebサイト全体のボトルネックにならないようにします.

  • 一、準備
    1、環境準備
    master:192.168.25.71
    backup:192.168.25.72
    Eurakeサービス1:192.168.25.51:1111
    Eurakeサービス2:192.168.25.52:1111
    仮想ip(VIP):192.168.25.47、対外的にサービスを提供するipは、フローティングipとも呼ばれる
    2、4個のCentOS 7を取り付ける
    サーバ以上のipアドレスの構成
    //   network  ,           ,   ifcfg-  
    vi /etc/sysconfig/network-scripts/ifcfg-xxxxx
    
    //       
    BOOTPROTO=static
    IPADDR=xxxxxxx //  master IPADDR="192.168.25.71"
    GATEWAY=xxxxxx //          GATEWAY="192.168.25.2"
    NETMASK="255.255.255.0"
    DNS1="114.114.114.114"
    ZONE=public
    ONBOOT=yes
    
        
        
    systemctl restart network
    

    2、Linuxは二つのeurakeサービスを開始する
  • ブラウザアクセス成功
  • 二、keepalived_master.sh+keepalived_backup.shスクリプトによる負荷等化高可用性クラスタの実現
    1、keepalived_master.sh
    #!/bin/bash
    
    #linux     nginx+keepalived master         
    
    echo "    vim"
    rpm -qa|grep vim
    yum -y install vim*
    echo "vim    "
    
    echo "  telnet xinetd       "
    rpm -qa telnet-server
    rpm -qa xinetd
    yum list |grep telnet
    yum install telnet-server.x86_64
    yum install telnet.x86_64
    yum list |grep xinetd
    yum install xinetd.x86_64
    systemctl enable xinetd.service
    systemctl enable telnet.socket
    echo "telnet xinetd           "
    
    echo "  telnet xinetd service"
    systemctl start telnet.socket
    systemctl start xinetd
    echo "  telnet xinetd service  "
    
    echo "       "
    firewall-cmd --zone=public --add-port=23/tcp --permanent
    firewall-cmd --reload
    echo "         "
    
    echo "  net   "
    x=`rpm -qa | grep net-tools`
    if [ `rpm -qa | grep net-tools |wc -l` -ne 0 ];then
    echo "net-tools   "
    else
    yum install -y net-tools
    fi
    echo "  net     "
    
    echo "  wget"
    x=`rpm -qa | grep wget`
    if [ `rpm -qa | grep wget |wc -l` -ne 0 ];then
    echo "wget   "
    else
    yum -y install wget
    fi
    x=`rpm -qa | grep setup`
    if [ `rpm -qa | grep setup |wc -l` -ne 0 ];then
    echo "setup   "
    else
    yum -y install setup
    fi
    x=`rpm -qa | grep perl`
    if [ `rpm -qa | grep perl |wc -l` -ne 0 ];then
    echo "perl   "
    else
    yum -y install perl
    fi
    echo "  wget  "
    
    echo "  ntp    "
    rpm -qa|grep ntp
    yum install -y ntp
    echo "  ntp      "
    echo "     ntp    "
    systemctl start ntpd.service
    systemctl enable ntpd.service
    echo "     ntp      "
    
    #nginx    
    
    echo "Nginx  "
    echo "/usr/local/software   "
    mkdir /usr/local/software
    echo "    :cd /usr/local/software"
    cd /usr/local/software
    echo "Nginx  "
    wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
    echo "    "
    rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm
    echo "  nginx"
    yum install -y nginx
    echo "  nginx  "
    
    echo "  80  "
    firewall-cmd --zone=public --add-port=80/tcp --permanent
    firewall-cmd --reload
    echo "  80    "
    
    echo "    nginx"
    systemctl enable nginx
    
    echo "  /etc/nginx/nginx.conf"
    rm -f /etc/nginx/nginx.conf
    echo "  /etc/nginx/nginx.conf"
    echo "    /etc/nginx/nginx.conf"
    echo "
    user  nginx;  #    
    worker_processes  1;  #    ,      cpu     
    
    #       PID  
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    #           
    events {
        use epoll;   #epoll     IO(I/O Multiplexing)      ,     linux2.6    ,      nginx              
        worker_connections  1024;   #    worker process          
    }
    
    #  http   ,                  
    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        # sendfile      nginx      sendfile   (zero copy   )     ,      ,
        #      on,             IO     ,     off,        I/O    ,     uptime.
        sendfile        on;
        tcp_nopush     on;
        tcp_nodelay    on;
    
        #      
        keepalive_timeout  65;
    
        #  eureka  ,           
        upstream eureka {
            #server eureka  :    weight    ,    ,        ;
            server $1;   #192.168.25.51:1111 weight=4 max_fails=2 fail_timeout=30s;
            server $2;   #192.168.25.52:1111 weight=4 max_fails=2 fail_timeout=30s;
        }
    
        include /etc/nginx/conf.d/*.conf;
    }
    " > /etc/nginx/nginx.conf
    echo "  /etc/nginx/nginx.conf  "
    
    echo "  /etc/nginx/conf.d/default.conf"
    rm -f /etc/nginx/conf.d/default.conf
    echo "  /etc/nginx/conf.d/default.conf"
    echo "    /etc/nginx/conf.d/default.conf"
    echo "server {
        listen       80;   #     
        server_name  localhost;
    
        #      
        location /images{
    
                 root  /home/nginx/;
                autoindex on;
             }
    
        #proxy_pass http://eureka /etc/nginx/nginx.conf eureka  upstream eureka  
        location / {
            proxy_pass http://eureka;
        }
        #        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    
    }" > /etc/nginx/conf.d/default.conf
    echo "  /etc/nginx/conf.d/default.conf  "
    
    echo "         "
    nginx -t
    nginx -c /etc/nginx/nginx.conf
    echo "  nginx"
    nginx -s reload
    echo "  nginx  "
    
    #keepalived    
    
    echo "keepalived  "
    yum install -y keepalived
    echo "keepalived    "
    
    echo "   cd /etc/keepalived"
    cd /etc/keepalived
    echo "  keepalived.conf"
    rm -f /etc/keepalived/keepalived.conf
    echo "  /etc/keepalived/keepalived.conf,    global_defs {"
    echo "    keepalived.conf"
    echo "global_defs {
        notification_email {
            [email protected]
        }
        notification_email_from [email protected]
        smtp_server smtp.hysec.com
        smtp_connection_timeout 30
        router_id nginx_master        #   nginx_master id,           
    }
    vrrp_script chk_http_port {
        script "/usr/local/src/check_nginx_pid.sh"    #          ,            
        interval 2                          #(         ,    )
        weight 2
    }
    vrrp_instance VI_1 {
        state MASTER            #   keepalived   ,MASTER  ,BACKUP  
        interface ens33            #     vrrp        (  centos   )
        virtual_router_id 66        #       ,     
        priority 100            #    ,    ,            
        advert_int 1            #     ,   1s(vrrp      )
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        track_script {
        chk_http_port            #(      )
        }
        virtual_ipaddress {
            $3            #     ip(VIP),   ,    
        }
    }" > /etc/keepalived/keepalived.conf
    echo "  keepalived.conf  "
    
    echo "  /usr/local/src/check_nginx_pid.sh"
    echo "    check_nginx_pid.sh"
    echo "#!/bin/bash
    A=`ps -C nginx --no-header |wc -l`        
    if [ $A -eq 0 ];then                            
        /usr/local/nginx/sbin/nginx                #  nginx
        if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then    #nginx    
            exit 1
        else
            exit 0
        fi
    else
        exit 0
    fi" > /usr/local/src/check_nginx_pid.sh
    echo "  check_nginx_pid.sh  "
    
    echo "  keepalived"
    /bin/systemctl start keepalived.service
    echo "  keepalived  "
    
    echo "     vrrp,    "
    firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
    firewall-cmd --reload
    echo "       "
    

    2、keepalived_backup.sh
    #!/bin/bash
    
    #linux     nginx+keepalived master         
    
    echo "    vim"
    rpm -qa|grep vim
    yum -y install vim*
    echo "vim    "
    
    echo "  telnet xinetd       "
    rpm -qa telnet-server
    rpm -qa xinetd
    yum list |grep telnet
    yum install telnet-server.x86_64
    yum install telnet.x86_64
    yum list |grep xinetd
    yum install xinetd.x86_64
    systemctl enable xinetd.service
    systemctl enable telnet.socket
    echo "telnet xinetd           "
    
    echo "  telnet xinetd service"
    systemctl start telnet.socket
    systemctl start xinetd
    echo "  telnet xinetd service  "
    
    echo "       "
    firewall-cmd --zone=public --add-port=23/tcp --permanent
    firewall-cmd --reload
    echo "         "
    
    echo "  net   "
    x=`rpm -qa | grep net-tools`
    if [ `rpm -qa | grep net-tools |wc -l` -ne 0 ];then
    echo "net-tools   "
    else
    yum install -y net-tools
    fi
    echo "  net     "
    
    echo "  wget"
    x=`rpm -qa | grep wget`
    if [ `rpm -qa | grep wget |wc -l` -ne 0 ];then
    echo "wget   "
    else
    yum -y install wget
    fi
    x=`rpm -qa | grep setup`
    if [ `rpm -qa | grep setup |wc -l` -ne 0 ];then
    echo "setup   "
    else
    yum -y install setup
    fi
    x=`rpm -qa | grep perl`
    if [ `rpm -qa | grep perl |wc -l` -ne 0 ];then
    echo "perl   "
    else
    yum -y install perl
    fi
    echo "  wget  "
    
    echo "  ntp    "
    rpm -qa|grep ntp
    yum install -y ntp
    echo "  ntp      "
    echo "     ntp    "
    systemctl start ntpd.service
    systemctl enable ntpd.service
    echo "     ntp      "
    
    #nginx    
    
    echo "Nginx  "
    echo "/usr/local/software   "
    mkdir /usr/local/software
    echo "    :cd /usr/local/software"
    cd /usr/local/software
    echo "Nginx  "
    wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
    echo "    "
    rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm
    echo "  nginx"
    yum install -y nginx
    echo "  nginx  "
    
    echo "  80  "
    firewall-cmd --zone=public --add-port=80/tcp --permanent
    firewall-cmd --reload
    echo "  80    "
    
    echo "    nginx"
    systemctl enable nginx
    
    echo "  /etc/nginx/nginx.conf"
    rm -f /etc/nginx/nginx.conf
    echo "  /etc/nginx/nginx.conf"
    echo "    /etc/nginx/nginx.conf"
    echo "
    user  nginx;  #    
    worker_processes  1;  #    ,      cpu     
    
    #       PID  
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    #           
    events {
        use epoll;   #epoll     IO(I/O Multiplexing)      ,     linux2.6    ,      nginx              
        worker_connections  1024;   #    worker process          
    }
    
    #  http   ,                  
    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        # sendfile      nginx      sendfile   (zero copy   )     ,      ,
        #      on,             IO     ,     off,        I/O    ,     uptime.
        sendfile        on;
        tcp_nopush     on;
        tcp_nodelay    on;
    
        #      
        keepalive_timeout  65;
    
        #  eureka  ,           
        upstream eureka {
            #server eureka  :    weight    ,    ,        ;
            server $1;   #192.168.25.51:1111 weight=4 max_fails=2 fail_timeout=30s;
            server $2;   #192.168.25.52:1111 weight=4 max_fails=2 fail_timeout=30s;
        }
    
        include /etc/nginx/conf.d/*.conf;
    }
    " > /etc/nginx/nginx.conf
    echo "  /etc/nginx/nginx.conf  "
    
    echo "  /etc/nginx/conf.d/default.conf"
    rm -f /etc/nginx/conf.d/default.conf
    echo "  /etc/nginx/conf.d/default.conf"
    echo "    /etc/nginx/conf.d/default.conf"
    echo "server {
        listen       80;   #     
        server_name  localhost;
    
        #      
        location /images{
    
                 root  /home/nginx/;
                autoindex on;
             }
    
        #proxy_pass http://eureka /etc/nginx/nginx.conf eureka  upstream eureka  
        location / {
            proxy_pass http://eureka;
        }
        #        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    
    }" > /etc/nginx/conf.d/default.conf
    echo "  /etc/nginx/conf.d/default.conf  "
    
    echo "         "
    nginx -t
    nginx -c /etc/nginx/nginx.conf
    echo "  nginx"
    nginx -s reload
    echo "  nginx  "
    
    #keepalived    
    
    echo "keepalived  "
    yum install -y keepalived
    echo "keepalived    "
    
    echo "   cd /etc/keepalived"
    cd /etc/keepalived
    echo "  keepalived.conf"
    rm -f /etc/keepalived/keepalived.conf
    echo "  /etc/keepalived/keepalived.conf,    global_defs {"
    echo "    keepalived.conf"
    echo "global_defs {
        notification_email {
            [email protected]
        }
        notification_email_from [email protected]
        smtp_server smtp.hysec.com
        smtp_connection_timeout 30
        router_id nginx_backup        #   nginx_backup id,           
    }
    vrrp_script chk_http_port {
        script "/usr/local/src/check_nginx_pid.sh"    #          ,            
        interval 2                          #(         ,    )
        weight 2
    }
    vrrp_instance VI_1 {
        state BACKUP            #   keepalived   ,MASTER  ,BACKUP  
        interface ens33            #     vrrp        (  centos   )
        virtual_router_id 66        #       ,     
        priority 99            #    ,    ,            
        advert_int 1            #     ,   1s(vrrp      )
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        track_script {
        chk_http_port            #(      )
        }
        virtual_ipaddress {
            $3            #     ip(VIP),   ,    
        }
    }" > /etc/keepalived/keepalived.conf
    echo "  keepalived.conf  "
    
    echo "  /usr/local/src/check_nginx_pid.sh"
    echo "    check_nginx_pid.sh"
    echo "#!/bin/bash
    A=`ps -C nginx --no-header |wc -l`        
    if [ $A -eq 0 ];then                            
        /usr/local/nginx/sbin/nginx                #  nginx
        if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then    #nginx    
            exit 1
        else
            exit 0
        fi
    else
        exit 0
    fi" > /usr/local/src/check_nginx_pid.sh
    echo "  check_nginx_pid.sh  "
    
    echo "  keepalived"
    /bin/systemctl start keepalived.service
    echo "  keepalived  "
    
    echo "     vrrp,    "
    firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
    firewall-cmd --reload
    echo "       "
    

    三、実行スクリプト
    1、マスタースクリプトの実行
  • keepalived_master.sh/homeディレクトリにアップロードし、以下のコマンドでスクリプト権限を実行します.
  • chmod 777 ./*.sh

  • スクリプトコマンド、keepalived_を実行master.shスクリプトの$1は最初のipアドレス、$2、$3は2番目の3番目のipアドレスを表します.
  • ./keepalived_master.sh 192.168.25.51:1111 192.168.25.52:1111 192.168.25.47


  • インストールソフトウェアはすべてyを入力します
    2、backupスクリプトの実行
  • はmasterスクリプトと同様に、コマンドを実行します.
  • ./keepalived_backup.sh 192.168.25.51:1111 192.168.25.52:1111 192.168.25.47


  • 運転完了
    四、ipアドレスが実行できるかどうかを確認する
    メインマスターのipアドレスにアクセス
    IPアドレスをリフレッシュするとeurakeサービス2に切り替わります
    バックアップにアクセスするipアドレスも同じです
    VIP仮想アドレス192.168にアクセスする.25.47
    VIP仮想アドレスの更新
    master仮想マシンはip addrを入力して表示して、VIP仮想アドレスはmasterのここにあって、もしいないならばプロファイルは間違いを出しました
    backup仮想マシンはip addrを入力して表示して、仮想アドレスは今masterのどこにあって、もしbackupもVIPが現れたら、予備ノードと主ノードがIP資源を争って使うことを説明して、この現象は“脳裂”と言います.CentOS 7私はこの問題に遭遇したことがあります.ファイアウォールを閉じると「脳裂」しません.生産環境はファイアウォールを開くので、スクリプトの最後のファイアウォール設定を構成し、vrrpを追加します.
    四、高可用性のプライマリ・スタンバイ・サーバー切替テスト
  • プライマリノードのkeepalivedサービスを停止し、スタンバイノードがVIP:192.168を生成するかどうかを確認します.25.47
  • /bin/systemctl stop keepalived.service


  • マスター、スタンバイノード、VIPがスタンバイノードに漂っていることを確認します
    プライマリノードのkeepalivedサービスを開始し、プライマリノードとスタンバイノードのVIPを表示します.プライマリノードはVIPを奪い返すはずです.
    tail-f/var/log/messagesを入力してログを表示できます
    五、まとめ
  • は仮想IP(VIP)にアクセスし、keepalivedは要求をローカルnginxにマッピングし、nginxは要求をeurakeサービスに転送します.例えば:http://192.168.25.47にマッピングされます.http://192.168.25.71ポートは80で、71上のnginxのポートはちょうど80です.nginxにマッピングした後、nginxはリクエストの転送を行う.
  • VIPはkeepalivedサーバのいずれかにあり、そのうちのいずれかにしかありません.VIPバインドされたサーバ上のnginxはmasterであり、VIPが存在するサーバがダウンタイムするとkeepalivedはVIPをbackupに移行し、backupをmasterに昇格させる.
  • VIPはフローティングipとも呼ばれ、パブリックネットワークipであり、ドメイン名とマッピングされ、対外的にサービスを提供する.他のipは一般的にイントラネットipであり、外部は直接アクセスできない.
  • keepalived.conf,nginx.confのプロファイルは簡単で複雑で、自分がどのように配置する必要があるかを見ることができます.