Foreword:
Install nginx on a pure virtual machine, install lvs, and build a high-availability cluster with one master and one backup, which is a high-availability solution for enterprise-level online project clusters.
Directory:
Preface
》》1 linux install nginx
》》》1.1 Linux installation nginx reference video
》》2 LVS Function
》》3 Keepalived function
》》》3.1 working principle of keepalived
》》4 Architecture Schematic
》》5 environment to build keepalived
》》》5.1 keepalived is installed as a Linux system service
》》》5.2 LVS Management Tool-ipvsadm
》》6 nginx + keepalived to achieve high availability
》》7 Cluster Construction Configuration
》》》7.1 Configure the main server
》》》7.2 Configuring the slave server
》》》7.3 keepalived installation reference video
Summary
1 linux install nginx
Summary 1. Install gcc gcc-c ++ (if the new environment, please install it first)$ yum install -y gcc gcc-c ++ 2. Install wget$ yum -y install wget 3. Install PCRE library $ cd /usr/local/$ wget http://jaist.dl.sourceforge.net/project/pcre/pcre/8.33/pcre-8.33.tar.gz$ tar -zxvf pcre-8.33.tar.gz$ cd pcre -8.33$ ./configure$ make & amp; & amp; make install If an error is reported: Execute wget command prompt in linux -bash: wget: command not found Solution Solution yum -y install wget 4. Install the SSL library $ cd /usr/local/$ wget http://www.openssl.org/source/openssl-1.0.1j.tar.gz$ tar -zxvf openssl-1.0.1j.tar.gz$ cd openssl-1.0.1j$ . /config $ make & amp; & amp; make install 5. Install zlib stock $ cd /usr/local/$ wget http://zlib.net/zlib-1.2.11.tar.gz $ tar -zxvf zlib-1.2 .11.tar.gz$ cd zlib-1.2.11$ ./configure$ make & amp; & amp; make install 6. Install nginx$ cd /usr/local/$ wget http://nginx.org/download/ nginx-1.8.0.tar.gz$ tar -zxvf nginx-1.8.0.tar.gz$ cd nginx-1.8.0$ ./configure$ make & amp; & amp; make install 7. Start nginx/usr/ local/nginx/sbin/nginx netstat -tunlp | grep nginx
1.1 Linux installation nginx reference video:
linux install nginx
2 LVS role
LVS is an open source software that can implement Layer 4 load balancing at the transport layer. LVS is the abbreviation of Linux Virtual Server, which means Linux virtual server. Currently there are three IP load balancing technologies (VS/NAT, VS/TUN and VS/DR); eight scheduling algorithms (rr, wrr, lc, wlc, lblc, lblcr, dh, sh).
3 Keepalived function
LVS can achieve load balancing, but it cannot perform health checks. For example, if an rs fails, LVS will still forward the request to the failed rs server, which will lead to the invalidation of the request. The keepalive software can perform health checks, and at the same time realize the high availability of LVS, and solve the problem of LVS single point of failure. In fact, keepalive was born for LVS.
3.1 working principle of keepalived
keepalived is a software similar to Layer2,4,7 switching mechanism. It is a service software to ensure the high availability of the cluster in Linux cluster management, and its function is to prevent single point of failure.
How keepalived works:
keepalived is a service software based on the VRRP protocol to ensure the high availability of the cluster. Its main function is to realize the fault isolation of the real machine and the failover between load balancers to prevent single point of failure. Before understanding the principle of keepalived, first understand the VRRP protocol.
VRRP Protocol: Virtual Route
Redundancy Protocol virtual routing redundancy protocol. It is a fault-tolerant protocol that ensures that when the next-hop route of the host fails, another router will replace the failed router to work, thereby maintaining the continuity and reliability of network communication. Before introducing VRRP, let’s introduce some related terms about VRRP:
Virtual router: consists of a Master router and multiple Backup routers. The host uses the virtual router as the default gateway.
VRID: The ID of the virtual router. A group of routers with the same VRID constitutes a virtual router.
Master router: The router in the virtual router responsible for packet forwarding.
Backup router: A router that can replace the Master router when the Master router fails.
Virtual IP Address: The IP address of the virtual router. A virtual router can have one or more IP addresses.
IP address owner: A router whose interface IP address is the same as the virtual IP address is called the IP address owner.
Virtual MAC address: A virtual router has a virtual MAC address. The format of the virtual MAC address is 00-00-5E-00-01-{VRID}. Normally, the virtual router responds to the ARP request with a virtual MAC address. Only when the virtual router is specially configured, it responds to the real MAC address of the interface.
Priority: VRRP uses priority to determine the status of each router in a virtual router.
Non-preemptive mode: If the backup router works in non-preemptive mode, as long as the master router does not fail, the backup router will not become the master router even if it is configured with a higher priority afterwards.
Preemptive mode: If the backup router works in preemptive mode, when it receives a VRRP message, it will compare its own priority with the priority in the advertisement message. If its own priority is higher than that of the current Master router, it will actively preempt to become the Master router; otherwise, it will maintain the Backup state.
VRRP divides a group of routers in the LAN together to form a VRRP backup group, which is functionally equivalent to the function of a router and is identified by a virtual router number (VRID). The virtual router has its own virtual IP address and virtual MAC address, and its external manifestation is exactly the same as the actual physical route. The host in the LAN sets the IP address of the virtual router as the default gateway, and communicates with the external network through the virtual router.
Virtual routers work on top of actual physical routers. It consists of multiple actual routers, including a Master router and multiple Backup routers. When the Master router works normally, the hosts in the LAN communicate with the outside world through the Master. When the Master router fails, a device in the Backup router will become the new Master router and take over the work of forwarding packets. (high availability of routers)
Working engineering of VRRP:
(1) The routers in the virtual router elect the Master according to the priority. The Master router notifies the device or host connected to it of its virtual MAC address by sending a free ARP message, thus undertaking the message forwarding task;
(2) The Master router periodically sends VRRP packets to announce its configuration information (priority, etc.) and working status;
(3) If the Master router fails, the Backup router in the virtual router will re-elect a new Master according to the priority;
(4) When the state of the virtual router is switched, the Master router is switched from one device to another, and the new Master router simply sends an ARP message carrying the MAC address and virtual IP address information of the virtual router, so that Updates ARP-related information in hosts or devices connected to it. The hosts in the network cannot perceive that the Master router has been switched to another device.
(5) When the priority of the Backup router is higher than that of the Master router, the working mode of the Backup router (preemption mode and non-preemption mode) determines whether to re-elect the Master router.
The value range of VRRP priority is 0 to 255 (a larger value indicates a higher priority)
4 Architecture Schematic:
The customer service end accesses, resolves to IP and port through dns, accesses through browser, requests to lvs, and lvs routes to the specified nginx cluster server through the virtual vip address through the algorithm, and defaults to the host if the priority is not changed. If the host hangs up , the default route is to the standby server. Of course, the cluster can also have multiple masters and multiple backups.
A web cluster is built under nginx, so that it will not hang up 7*24, so that not only the customer experience is good, but also it is more convenient for the development and deployment version.
5 environment to build keepalived
1. Download keepalivedwget http://www.keepalived.org/software/keepalived-1.2.18.tar.gz2. Unzip and install: tar -zxvf keepalived-1.2.18.tar.gz -C /usr/local /3. Download the plugin opensslyum install -y openssl openssl-devel (a software package needs to be installed) 4. Start compiling keepalivedcd keepalived-1.2.18/ & amp; & amp; ./configure --prefix=/usr/local/keepalived5 .make make & amp; & amp; make install
Error: keepalived execution ./configure –prefix=/usr/local/keepalived error: configure: error: Popt libraries is required
Reasons for this error:
The development package of popt is not installed
Solution:
yum install popt-devel
Install the popt development package. Just re-run ./configure.
5.1 keepalived is installed as a Linux system service
Install keepalived as a Linux system service, because the default installation path of keepalived (default path: /usr/local) is not used, after the installation is complete, some modifications need to be done:
First create a folder and copy the keepalived configuration file:
mkdir /etc/keepalivedcp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ and then copy the keepalived script file: cp /usr/local/keepalived/etc/rc.d/init.d /keepalived /etc/init.d/cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ln -s /usr/local/sbin/keepalived /usr/sbin/ln -s /usr/local /keepalived/sbin/keepalived /sbin/ can be set to start at boot: chkconfig keepalived on, we are now installed! keepalived common service keepalived startservice keepalived stop command
keepalived common commands
service keepalived startservice keepalived stop
Starting keepalived (via systemctl): Job for keepalived.service failed. See 'systemctl status keepalived.service' and 'journalctl -xn' for details. Solution[root@edu-proxy-01 sbin]# cd /usr/sbin/ [root@edu-proxy-01 sbin]# rm -f keepalived [root@edu-proxy-01 sbin]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ </pre > <h2>5.2 LVS management tool-ipvsadm</h2> <pre>Install yum install ipvsadm -y to check the statistics Check the currently configured virtual service and the weight of each RS ipvsadm -Ln --stats | --rate lvs timeout configuration view lvs timeout ipvsadm -L --timeout optimize connection timeout ipvsadm --set 1 10 300
6 nginx + keepalived for high availability
Create a trigger script
cd /etc/keepalived/touch nginx_check.sh
Write nginx_check.sh script /etc/keepalived/nginx_check.sh
#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx sleep 2 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fifi
Note that the script must be authorized
chmod 777 nginx_check.sh
7 cluster construction configuration
Modify the main Nginx server keepalived file, vi /etc/keepalived/keepalived.conf
State is MASTER
7.1 Configuring the main server:
! Configuration File for keepalivedvrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" #Run the script, the script content is below, which is to automatically start the service after an nginx crash interval 2 #Detection interval weight - 20 #If the condition is true, the weight-20}# Define the virtual route, VI_1 is the identifier of the virtual route, define the name vrrp_instance VI_1 { state MASTER #To determine the master-slave interface eno16780032 # Bind the network interface of the virtual IP, according to Fill in virtual_router_id for your own machine 51 # The ID number of the virtual router, the two node settings must be the same mcast_src_ip 192.168.85.21 #Fill in the local ip priority 120 # Node priority, mainly higher than slave node priority # nopreempt # High priority setting nopreempt solves the problem of re-preemption after abnormal recovery advert_int 1 # Multicast information sending interval, the settings of the two nodes must be the same, the default is 1s authentication { auth_type PASS auth_pass 1111 } # Add the track_script block to the instance configuration block track_script { chk_nginx #Execute Nginx monitoring Service} virtual_ipaddress { 192.168.85.110 # Virtual ip, that is, the ip that solves how to switch the ip of the hard-coded program, is also scalable and has a wide range of uses. Multiple can be configured. }}
7.2 Configuring the slave server:
Slave server: BACKUP
/etc/keepalived/keepalived.conf! Configuration File for keepalived vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" #Run the script, the content of the script is below, which is to automatically open after an nginx crash Service interval 2 #Detection time interval weight -20 #If the condition is true, then the weight -20}# Define the virtual route, VI_1 is the identifier of the virtual route, define the name by yourself vrrp_instance VI_1 { state BACKUP #To determine the master-slave interface ens192 # Bind the network interface of the virtual IP, fill in virtual_router_id according to your own machine 51 # The ID number of the virtual router, the settings of the two nodes must be the same mcast_src_ip 192.168.85.128 #Fill in the local ip priority 100 # Node priority, mainly higher than slave node priority High nopreempt # Set nopreempt with high priority to solve the problem of re-preemption after abnormal recovery track_script { chk_nginx #Execute the Nginx monitoring service} virtual_ipaddress { 192.168.85.110 # Virtual ip, that is, the ip that solves how to switch the ip of the hard-coded program, is also scalable and has a wide range of uses. Multiple can be configured. }}
7.3 keepalived installation reference video:
Build keepalived in linux environment
Summary:
For different application scopes and application scenarios, different requirements will be different. For enterprises, a suitable high-availability cluster solution is cheap and has high performance, and is the first choice for enterprises. This set of clusters is expensive, for small companies. It also depends on the business scenario. In the next issue, I will share with you how to implement one-click deployment based on jenkins, continuous integration, high-availability environment configuration, automated operation and maintenance, one-stop solution, and the only way for architects.