前言:
现在朋友们对“keepalived配置域名”都比较着重,小伙伴们都需要了解一些“keepalived配置域名”的相关文章。那么小编同时在网上网罗了一些对于“keepalived配置域名””的相关资讯,希望小伙伴们能喜欢,看官们一起来学习一下吧!Keepalived+HAProxy+Nginx架构再企业信息化基础架构是很常见的,适用于很多场景,比如企业里面需要做应用负载和高可用的可以用,在比如只有一个公网IP地址和80端口的,多个域名访问情况下不带端口的也可以通过这种方式。当然这是免费的平台,如果有钱的话购买基于硬件的负载均衡也是可以的。
第一章 Keepalived+HAProxy+Nginx环境描述
Vmware 虚拟化平台需出5个虚拟机,也可以用于物理环境
类似这样的架构,我懒,没有画
类似这样子的架构,我懒所以从网上找的图片
192.168.2.111: Keepalived+HAProxyA192.168.2.112: Keepalived+HAProxyB192.168.2.113: NginxA192.168.2.114: NginxB192.168.2.115: NginxC第2章 系统配置磁盘信息
[root@nginxA ~]# pvs PV VG Fmt Attr PSize PFree /dev/sda2 centos lvm2 a-- <99.00g 4.00m[root@nginxA ~]# lspci | grep -i eth0b:00.0 Ethernet controller: VMware VMXNET3 Ethernet Controller (rev 01)[root@nginxA ~]#[root@HAProxyA ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert root centos -wi-ao---- 96.99g swap centos -wi-ao---- 2.00g [root@HAProxyA ~]# vgs VG #PV #LV #SN Attr VSize VFree centos 1 2 0 wz--n- <99.00g 4.00m[root@HAProxyA ~]#操作系统版本
[root@HAProxyA ~]# cat /etc/redhat-releaseCentOS Linux release 7.8.2003 (Core)[root@HAProxyA ~]# uname -aLinux HAProxyA 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux[root@HAProxyA ~]#系统分区
[root@master01 ~]# cat /etc/redhat-release[root@nginxA ~]# df -h文件系统 容量 已用 可用 已用% 挂载点devtmpfs 983M 0 983M 0% /devtmpfs 1000M 0 1000M 0% /dev/shmtmpfs 1000M 18M 982M 2% /runtmpfs 1000M 0 1000M 0% /sys/fs/cgroup/dev/mapper/centos-root 97G 5.0G 92G 6% //dev/sda1 1014M 211M 804M 21% /boottmpfs 200M 16K 200M 1% /run/user/42tmpfs 200M 0 200M 0% /run/user/0主机名
[root@HAProxyA ~]# hostnamectlStatic hostname: HAProxyAIcon name: computer-vmChassis: vmMachine ID: 89630c5dfe78451abecaaabdd72ac63eBoot ID: c56ae18d0e63448caabcb00c47be4c79Virtualization: vmwareOperating System: CentOS Linux 7 (Core)CPE OS Name: cpe:/o:centos:centos:7Kernel: Linux 3.10.0-1062.el7.x86_64Architecture: x86-64[root@HAProxyA ~]# #网络配置(单网卡)
[root@HAProxyA ~]service NetworkManager stop[root@HAProxyA ~]]chkconfig NetworkManager off[root@HAProxyA ~]# vi /etc/resolv.conf[root@HAProxyA ~]# systemctl list-unit-files | grep NetworkNetworkManager-dispatcher.service disabledNetworkManager-wait-online.service disabledNetworkManager.service disabled[root@HAProxyA ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens192TYPE=EthernetBOOTPROTO=staticDEFROUTE=yesNAME=ens192UUID=64efdb69-226e-4c25-89bb-f45b4beb8bdfDEVICE=ens192ONBOOT=yesIPADDR=192.168.2.111PREFIX=24GATEWAY=192.168.2.1DNS1=61.128.128.68防火墙 seliunx
[root@HAProxyA ~]# systemctl stop firewalld.service[root@HAProxyA ~]#[root@HAProxyA ~]# systemctl disable firewalld.serviceRemoved symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.[root@HAProxyA ~]# systemctl list-unit-files | grep firewafirewalld.service disabled临时关闭SELinux:[root@HAProxyA ~]# setenforce 0查看当前状态命令:[root@HAProxyA ~]# getenforce
[root@HAProxyA ~]]# vi /etc/sysconfig/selinux# This file controls the state of SELinux on the system.# SELINUX= can take one of these three values:# enforcing - SELinux security policy is enforced.# permissive - SELinux prints warnings instead of enforcing.# disabled - No SELinux policy is loaded.SELINUX=disabled# SELINUXTYPE= can take one of these two values:# targeted - Targeted processes are protected,# mls - Multi Level Security protection.SELINUXTYPE=targeted配置本地yum
[root@HAProxyA ~]# mount -o loop CentOS-6.4-x86_64-bin-DVD1.iso /mnt/cdrom iso文件可上传至系统中,以备以后用到cd /etc/yum.repos.d/#mv CentOS-Base.repo CentOS-Base.repo.bak (其他repo文件改后缀)mv CentOS-Media.repo CentOS-Media.repo.bakmv CentOS-Debuginfo.repo CentOS-Debuginfo.repo.bakmv CentOS-fasttrack.repo CentOS-fasttrack.repo.bakmv CentOS-Vault.repo CentOS-Vault.repo.bak# cat CentOS-Media.repo[c6-media]name=CentOS-$releasever - Mediabaseurl= #表明yum源在/mnt目录下,其它的源(baseurl)注释掉#baseurl=
清除缓存# yum clean all# yum list修改hosts文件
[root@nginxA ~]# vi /etc/hostsGShit+4192.168.2.111 HAProxyA192.168.2.112 HAProxyB192.168.2.113 NginxA192.168.2.114 NginxB192.168.2.115 NginxC //至此,5台服务器上均做好配置,在测试环境中可以先做好一台后,克隆出5台,这样方便省事文件描述符与进程限制调优
[root@HAProxyA /]# ulimit -n1024[root@HAProxyA /]# ulimit -SHn 32768[root@HAProxyA /]# ulimit -n32768[root@HAProxyA /]#
[root@HAProxyA /]# vi /etc/security/limits.conf* soft nproc 65535* hard nproc 65535* soft nofile 65535* hard nofile 65535网络内核调优
[root@HAProxyA /]# vi /etc/sysctl.confnet.ipv6.conf.all.disable_ipv6 = 1net.ipv6.conf.default.disable_ipv6 = 1net.ipv4.ip_local_port_range = 10240 65535net.ipv4.tcp_tw_reuse = 1net.ipv4.ip_nonlocal_bind=1net.ipv4.tcp_syncookies = 1net.ipv4.ip_forward=1net.ipv4.icmp_echo_ignore_broadcasts = 1
[root@HAProxyA /]# /sbin/sysctl -p //两个调优步骤可以只在HA两台上做安装keepalived,改核心配置文件
yum -y install keepalived #安装keepalived[root@HAProxyA /]# ls /etc/keepalived/keepalived.conf keepalived.conf.bak修改keepalived.conf
主配置如下,做好之后备的也做类似修改[root@HAProxyA /]# cat /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {notification_email {sysadmin@cqzkkg.com}notification_email_from keepalived@cqzkkg.comsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_DEVEL1}vrrp_instance VI_1 {state MASTER //备的BACKUPinterface ens192virtual_router_id 101 //备保持一致priority 100 //备为95mcast_src_ip 192.168.2.111 //此处为备的IP地址advert_int 1preempt_delay 2authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.2.110}track_script {chk_haproxy}}vrrp_script chk_haproxy {script "killall -0 haproxy"interval 2weight -2fall 3rise 1}测试正常,查看arp,长ping观察延迟。
安装haproxy,改核心配置文件
yum -y install haproxy[root@HAProxyA /]# ls /etc/haproxy/haproxy.cfg haproxy.cfg.bak修改haproxy.cfg文件
[root@HAProxyA /]# cat /etc/haproxy/haproxy.cfggloballog 127.0.0.1 local0 errchroot /var/lib/haproxypidfile /var/run/haproxy.pidmaxconn 4000user haproxygroup haproxydaemonstats socket /var/lib/haproxy/statsdefaultsmode httplog globaloption httplogoption dontlognulloption http-server-closeoption forwardfor except 127.0.0.0/8option redispatchretries 3timeout http-request 10stimeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout http-keep-alive 10stimeout check 10smaxconn 3000listen web80bind :80,:8080,:8088mode httpoption httploglog globalmaxconn 3000balance roundrobinserver nginxA 192.168.2.113:80 weight 2 rise 3 fall 5server nginxB 192.168.2.114:80 weight 2 rise 3 fall 5server nginxC 192.168.2.115:80 weight 2 rise 3 fall 5 //两台HA配置相同 [root@HAProxyA ~]# netstat -tnlp安装Nginx,改核心配置文件
/usr/local/nginx/confnginx -s stop./nginx -s quit[root@nginxA sbin]# lsof -i :80测试
[root@nginxC html]# echo "this is server 192.168.2.115" >> index.html[root@nginxA nginx]# curl -l 192.168.2.114最后
开源免费的平台功能固然强大,性价高,但是只适合有技术实力的团队。如果老板省钱,需要考虑自身团队是否有维护的能力,搭建是一方面,后期维护也是一方面,还有应急措施、故障恢复等隐形成本在里面。
商业应急负载均衡实现的方式最简单方便。
版权声明:
本站文章均来自互联网搜集,如有侵犯您的权益,请联系我们删除,谢谢。
标签: #keepalived配置域名
