LVS高可用集群搭建

最近公司重整架构,前端使用LVS做负债均衡,虽然之前也研究过集群,看过很多LVS原理和架构,但毕竟没有真正操作过,以下案例是在虚拟机中完成实验,记录一下,方便以后在服务器中实施搭建。


 架构图如下:


前提介绍:本案例采用Centos7+Keepalived1.3.5+Tomcat9+Mysql5.6+Redis3.2.8+Rabbitmq3.6.10

集群实现的功能有:

1):实现单点访问,利用keepalived的vip实现对不同的后端服务器进行访问;

2):健康检查,利用keepalived的多种检查机制TCP、URL、HTTP_GET等;

3):利用nginx实现负债均衡和静动分离;

4):tomcat链接mysql做集群的web服务器,结合nginx静动分离,实现高可用集群;

5):rabbitmq实现消息队列;

6):redis实现数据库缓存服务器;

7):mysql数据存储。(这里没做集群,业务不大)

:集群搭建

前端LVS采用俩主互为备模式,Nginx做后端web服务器负债均衡,Mysql做数据存储使用主从模式切换。

服务器环境如下

nginx+LVS_master 192.168.23.14

nginx+LVS_backup 192.168.23.15

VIP 192.168.23.20

Tomcat1 192.168.23.16

2 192.168.23.17

3 192.168.23.18

rabbitmq 192.168.23.19

redis   192.168.23.21

Mysql   192.168.23.22

安装说明:前端俩台keepalived+nginx做前段服务器每个服务器各俩块网卡,有路由器的情况下,只需要路由器提供的外网ip即可,使用路由器映射功能,这样集群就变为全部是后端服务器,提高服务器的安全性。

1:安装前调试以及优化

  • 安装centos7选择默认最小化
  • 停止firewalld运行

systemctl stop firewalld.service

systemctl disable firewalld.service

  • 内核优化vi/etc/sysctl.conf
    ##关闭ipv6    net.ipv6.conf.all.disable_ipv6 = 1    net.ipv6.conf.default.disable_ipv6 = 1    ##路由转发    net.ipv4.ip_forward = 1    net.ipv4.conf.all.send_redirects = 0    net.ipv4.conf.default.send_redirects = 0
  • 防火墙安装iptables

yum -y installiptables-services iptables

  • 修改selinux

vi/etc/selinux/config 修改selinux为disabled

  • 重启reboot

2:安装master和backup

  • 安装前准备

yum -y installopenssl openssl-devel popt popt-devel gcc* wget vim ipvsadm pcre pcre-devel

  • 是否运行ipvsadm

查看内核模块是否存在lsmod|grep ip_vs

  • 建立data目录

makdir /data

  • 下载wgethttp://www.keepalived.org/software/keepalived-1.3.5.tar.gz

tar zxfkeepalived-1.3.5.tar.gz -C /data

./configure--prefix=/usr/local/keepalived-1.3.5 && make && make install

  • 复制keepalived文件和脚本

cp/usr/local/keepalived-1.3.5/sbin/keepalived /usr/sbin/

cp/usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

cp/usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

cp/data/keepalived-1.3.5/./keepalived/etc/init.d/keepalived /etc/init.d/

chmod 755/etc/init.d/keepalived

mkdir/etc/keepalived/

  • 设置外网的VIP

ifconfig ens33:0 ip 192.168.23.20 netmask 255.255.255.0 up

  • 重启网卡

systemctl restart network.service

  • 设置开启启动

chkconfig --add keepalived

chkconfig --level 345 keepalived on

  • 设置/etc/keepalived/文件

! Configuration File for keepalived

global_defs {

router_id LVS1

}

vrrp_scriptchk_http_port {    #编写nginx脚本在etc/keepalived/目录,下面会给出脚本

script "/etc/keepalived/nginx.sh"    #监控服务脚步
    interval 2                    #检测时间间隔
    weight 2
}

vrrp_instance VI_1 {

state MASTER    #master服务器名称

interface ens33

virtual_router_id 51

priority 100    #优先级越大越高

advert_int 1

authentication {

auth_type PASS

auth_pass lmnginx    #与backup的认证密码

}

virtual_ipaddress {

192.168.23.20

}

}

virtual_server 192.168.23.20 80 {

delay_loop 1

lb_algo rr

lb_kind DR

protocol TCP

real_server 192.168.23.14 80 {

weight 1

TCP_CHECK {

connect_timeout 3

retry 2

delay_before_retry 3

connect_port 80

}

}

real_server 192.168.23.15 80 {

weight 1

TCP_CHECK {

connect_timeout 3

retry 3

delay_before_retry 3

connect_port 80

}

}

}

keepalived配置文件backup设置

注:backup和master配置一致,这里不在重复介绍,主要介绍配置文件的差异

router_id LVS2

state BACKUP

interface ens37 (改为vip所在的网卡设置名)

priority 99

  • nginx监控脚本

#!/bin/sh

nginx=`ps -C nginx --no-header |wc -l`

if   [ $nginx -eq 0 ];then

killall keepalived

/usr/local/keepalived/sbin/keepalived -D

else

exit 0

fi

  • keepalived监控脚本。

#!/bin/bash

master=`ps -C keepalived --no-header |wc -l`

ip=`ifconfig ens33 |grep "inet" |awk -F " " ‘{print $2}‘`

error=/etc/keepalived/error.txt

cb=`df -hT |grep "root" |awk -F " " ‘{print $6}‘`

free=`free -m |grep Mem |awk -F " " ‘{print $3}‘`

cpu=`uptime |awk -F "," ‘{print $3,$4,$5}‘`

date=`date +%F-%r`

while true

do

if [ $master -eq 0 ]; then

echo -e "$date $ip master down\n已用磁盘空间$cb\n已用cpu格式为:1分钟,5分钟,15分钟.大于0.7负债率请联系管理员$cpu\n已用内存空间$free m" >$error

echo "####################################keepalived报错信息如下            #######################################" >>$error

/etc/init.d/keepalived status >>$error

cat $error |/bin/mail -s master [email protected] >/dev/null 2>&1

else

echo "$ip $date Check keepalived correctly" >$error

fi

sleep 10

done

  • 加入计划任务,每分钟执行一次脚本

  • 附:mail设置

安装mail

yum -y install mailx

设置mail文件

vim /etc/mail.rc

set from=***@163.com(你的邮箱名,建议和账号一致) smtp=smtp.163.com (邮箱的stmp服务器)

set smtp-auth-user=***@163.com(你的邮箱账号) smtp-auth-password=password(你的邮箱密码,这个密码是stmp认证用户的密码,不懂可以百度) smtp-auth=login (确定登陆)

3:nginx编译安装

  • 安装依赖包
yum install -y vim wget lsof gcc gcc-c++ bzip2 net-tools bind-utilszlib-devel openssl-devel libxml2-devel libxslt-devel perl-devel perl-ExtUtils-Embedwget
  • 创建nginx用户

groupadd nginx

useradd -s /sbin/nologin -g nginx -M nginx

  • 安装Pcre
  • 下载 wget http://www.pcre.org/pcre-8.41.tar.gz

cd /data

tar zxf pcre.tar.gz

./configure --prefix=/usr/local/pcre &&make && make install

  • 安装openssl
  • 下载 wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz

cd /data

tar zxf openssl.tar.gz

./config --prefix=/usr/local/openssl &&make && make install

  • 安装zlib
  • 下载  wget www.zlib.net/zlib-1.2.11.tar.gz

cd /data

tar zxf zlib.tar.gz

./configure --prefix=/usr/local/zlib &&make && make install

  • 创建目录

mkdir -p/var/tmp/nginx/{client,proxy,fastcgi,uwsgi,scgi}

mkdir /var/run/nginx

mkdir /var/log/nginx

mkdir /etc/nginx

  • 安装nginx
  • 下载 wget  http://nginx.org/download/nginx-1.13.3.tar.gz

./configure --prefix=/usr/local/nginx--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf--error-log-path=/var/log/nginx/error.log--http-log-path=/var/log/nginx/access.log --lock-path=/var/lock/nginx.lock--user=nginx --group=nginx --with-http_ssl_module --with-http_dav_module--with-http_flv_module --with-http_realip_module --with-http_addition_module--with-http_xslt_module --with-http_stub_status_module --with-http_sub_module--with-http_random_index_module --with-http_degradation_module--with-http_secure_link_module --with-http_gzip_static_module--with-http_perl_module --with-http_v2_module --with-threads --with-stream--with-stream_ssl_module --with-pcre=/data/pcre-8.41--with-zlib=/data/zlib-1.2.11 --with-openssl=/data/openssl-1.1.0f--with-file-aio --with-mail --with-mail_ssl_module--http-client-body-temp-path=/var/tmp/nginx/client_body--http-proxy-temp-path=/var/tmp/nginx/proxy--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi--http-scgi-temp-path=/var/tmp/nginx/scgi --with-ld-opt="-Wl,-E"

make && make install

  • 配置nginx
  • 实现静动分离和负债均衡

user  nginx;

worker_processes  auto;

events {

worker_connections  65535;

use epoll;

multi_accept on;

}

http {

include       mime.types;

include     conf.d/*;

default_type  application/octet-stream;

log_format  main  ‘$remote_addr - $remote_user [$time_local] "$request" ‘

‘$status $body_bytes_sent "$http_referer" ‘

‘"$http_user_agent" "$http_x_forwarded_for"‘;

sendfile        on;

tcp_nopush     on;

tcp_nodelay on;

charset UTF-8;

keepalive_timeout  65;

gzip  on;

gzip_proxied any;

gzip_min_length 1000;

gzip_comp_level 4;

gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

upstream www.limeng.com {

server 192.168.23.16;

server 192.168.23.17;

server 192.168.23.18;

}

server {

listen       80;

server_name  www.limeng.com;

location / {

index  index;

}

location ~ .*\.(js|css|ico|png|jpg|eot|svg|ttf|woff) {

index  index.html index.htm;

proxy_pass http://www.limeng.com;

proxy_cache cache_one;

proxy_cache_valid 200 302 304 5d;

proxy_cache_valid any 5d;
            proxy_cache_key ‘$host:$server_port$request_uri‘

add_header X-Cache ‘$upstream_cache_status from $host‘

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

expires 7d;

}

location ~ .*$ {

index  index.jsp;

proxy_pass http://www.limeng.com;

}

}

error_page   500 502 503 504  /50x.html;

location = /50x.html {

root   html;

}

}

}


注:俩台nginx配置一样

  • nginx启动(脚本自行谷歌)

chmod 755 /etc/init.d/nginx

启动nginx

/etc/init.d/nginx start

Nginx安装完成!

4:后端web服务器Tomcat安装

  • jdk安装

安装前准备:

yum -y install gcc*wget vim

检查命令

java -version

java -version 有就卸载rpm -e --nodeps jdk

解压安装

wget http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz?AuthParam=1502180263_4da80e17ef2af74cdbd6c02a779d1db6

tar -zxvf jdk-8u144-linux-x64.tar.gz

移动目录

mv ./jdk1.8.0_121/usr/local/java/

最后再删除安装文件:

rm -rf jdk-8u144-linux-x64.gz

配置环境变量

vi /etc/profile加入以下变量

exportJAVA_HOME=/usr/local/java/

exportCLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

exportPATH=$PATH:$JAVA_HOME/bin

加载变量

source /etc/profile

  • tomcat安装

解压

wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-9/v9.0.0.M22/bin/apache-tomcat-9.0.0.M18.tar.gz

tar -zxvf apache-tomcat-9.0.0.M18.tar.gz

解压完整后删除安装包

rm -rf apache-tomcat-9.0.0.M18.tar.gz

移动目录

mkdir /usr/local/tomcat/

mv ./apache-tomcat-9.0.0.M18//usr/local/tomcat/

首先我们来配置一下tomcat的环境变量和内存设置,进入tomcat的bin目录后通过vim命令打开catalina.sh文件,并在其中加入如下配置:


JAVA_OPTS="-Dfile.encoding=UTF-8 -server -Xms1024m -Xmx1024m -Xmn512m

-XX:SurvivorRatio=10

-XX:MaxTenuringThreshold=15

-XX:NewRatio=2

-XX:+DisableExplicitGC"

export TOMCAT_HOME=/tmp/tomcat/apache-tomcat-9.0.0.M18

export CATALINA_HOME=/tmp/tomcat/apache-tomcat-9.0.0.M18

export JRE_HOME=/tmp/java/jdk1.8.0_121

export JAVA_HOME=/tmp/java/jdk1.8.0_121

server.xml配置优化

maxThreads="1000"

minSpareThreads="100"

maxSpareThreads="1000"

acceptCount="1000"

URIEncoding="utf-8"

server="Neo App Srv 1.0"

connectionTimeout="20000"

redirectPort="8443" />


启动

./startup.sh

5:mysql安装配置

  • 安装前准备

yum -y install makegcc cmake bison-devel ncurses-devel libaio libaio-devel per-Data-Dumpernet-tools gcc* wget vim autoconf

查看是否有mysql的rpm包

rpm -qa |grep mysql

rpm -e --nodeps mysql

查看是否有mariadb-libs的rpm包

rpm -qa |grep mariadb-libs

yum -y install mariadb-libs

  • 解压文件
  • wget https://www.mysql.com/downloads/mysql-5.6.23.tar.gz

tar -zxf /data/mysql-5.6.23.tar.gz

编译安装

cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql-DMYSQL_DATADIR=/usr/local/mysql/data -DSYSCONFDIR=/etc-DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1-DWITH_MEMORY_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock-DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1-DWITH_PARTITION_STORAGE_ENGINE=1 -DEXTRA_CHARSETS=all -DDEFAULT_CHARSET=utf8-DDEFAULT_COLLATION=utf8_general_ci

make &&make install

  • 建立用户和组

groupadd mysql

useradd mysql -s/sbin/nologin -g mysql

给权限

chown -Rmysql:mysql /usr/local/mysql/

mysql下的初始化

/usr/local/mysql/scripts/mysql_install_db--user=mysql --basedir=/usr/local/mysql/

拷贝配置文件my.cnf

cd support-files/

cp my-default.cnf /etc/my.cnf

  • 配置mysql

[client]

port=3306

socket=/var/lib/mysql/mysql.sock

[mysql]

no-auto-rehash

[mysqld]

user=mysql

port=3306

basedir=/usr/local/mysql

datadir=/var/lib/mysql

open_files_limit=10240

back_log=600

max_connections = 3000

#max_connect_errors = 6000

external-locking = FALSE

max_allowed_packet = 32M

thread_cache_size = 300

query_cache_size = 64M

query_cache_limit = 4M

key_buffer_size = 2048M

read_rnd_buffer_size = 16M

bulk_insert_buffer_size = 64M

myisam_sort_buffer_size = 128M

innodb_lock_wait_timeout = 120

skip-name-resolve

# Disabling symbolic-links is recommended to prevent assorted security risks

symbolic-links=0

# Settings user and group are ignored when systemd is used.

# If you need to run mysqld under a different user or group,

# customize your systemd unit file for mariadb according to the

# instructions in http://fedoraproject.org/wiki/Systemd

[mysqld_safe]

log-error=/var/log/mysql_error.log

pid-file=/var/run/mysql/mysql.pid

#

# include all files from the config directory

#

!includedir /etc/my.cnf.d

  • 添加变量

echo "exportPATH=$PATH:/usr/local/mysql/bin" >> /etc/profile

source /etc/profile

添加开机启动

cp/usr/local/mysql/./support-files/mysql.server /etc/rc.d/init.d/mysqld

chmod +x/etc/init.d/mysqld

chkconfig --addmysqld

chkconfig mysqld on

启动mysql

systemctl startmysqld.service

查看端口

netstat -anpt |grepmysql

编辑etc下的my.cnf文件

设置mysql密码

mysqladmin -uroot password

7:redis安装

  • 解压安装
  • wget https://redis.io/download/redis-3.2.8.tar.gz

tar -zxf /data/redis-3.2.8.tar.gz

make

make install/usr/local/redis

  • 执行完,进入目录/usr/local/redis

建立文件夹并拷贝

mkdir /etc/redis

cp -rf/usr/local/redis/redis.conf /etc/redis/6379.conf

  • 编辑配置文件vim/etc/redis/6379.conf

daemonize yes

bind 192.168.23.21 127.0.0.1 (链接ip和本地)

logfile "/var/logs/redis.log"(自定义)

databases 16 (默认数据库数量)

dbfilename dump.rdb (默认存储名)

dir/tmp/redis/data/redisdata (默认数据存放目录)

requirepassyour password (自己设置redis的密码)

  • 启动redis

redis_server /usr/local/redis/redis.conf

8:rabbitmq安装

  • 安装前准备

yum -y install makegcc gcc-c++ kernel-devel m4 ncurses-devel openssl-devel

  • 解压 zlang

tar -zxf /data/otp_src_19.3.tar.gz

cd otp_src_19.3

编译安装

./configure--prefix=/usr/local/erlang --with-ssl -enable-threads -enable-smmp-support-enable-kernel-poll --enable-hipe --without-javac && make &&make install

  • 解压rtabbitmq
  • 下载 wget http://www.rabbitmq.com/download.html/rabbitmq-server-generic-unix-3.6.10.tar.xz

tar -xf rabbitmq-server-generic-unix-3.6.10.tar.xz

移动位置

mv rabbitmq_server-3.6.10/ /usr/local/rabbitmq-3.6.10/

cd rabbitmq-3.6.10/sbin

启动rabbitmq

./rabbitmq-plugins enabler abbitmq_management

./rabbitmq-server -detached(后台启动)

停止

./rabbitmqctl stop

查看程序和端口运行状态

ps aux |grep rabbitmq

netstat -anpt |grep 15672

添加账户并设置为管理员

./rabbitmqctl add_user admin password

./rabbitmq set_tagsadmin administrator

删除默认用户guest

./rabbitmqctl delete_user guest

查看设置用户是否存在

./rabbitmqctl list_users

二:测试集群

  • 在界面打开浏览器测试,访问192.168.23.20,如下:

    期间不断的刷新,会出现不同的后端web页面。

  • 关闭master测试,访问正常,backup接替工作

systemctl stop keepalived

  • 邮件报警

时间: 2024-08-08 13:58:11

LVS高可用集群搭建的相关文章

LVS+Keepalived+Nginx+Tomcat高可用集群搭建(转)

LVS+Keepalived+Nginx+Tomcat高可用集群搭建 最近公司重整架构,十几台服务器而且还要尽可能节约成本.我就谷歌了一下在几种集群之前进行比较最终采用了Keepalived+Nginx做负债均衡高可用.虽然之前也研究过集群,看过很多集群方面的原理和架构,但毕竟没有真正操作过以下案例是在虚拟机中完成实验其实对于高可用搭建来说只用给出Keepalived和Nginx的配置即可后面的一些安装搭建完全是本人项目需要可以不用理睬仅供参考. 本文只是实验搭建记录方便以后在服务器中实施搭建.

linux 下heartbeat简单高可用集群搭建

Heartbeat 项目是 Linux-HA 工程的一个组成部分,它实现了一个高可用集群系统.通过Heartbeat我们可以实现双机热备,以实现服务的持续性. linux下基于heartbeat的简单web服务的高可用集群搭建 首先规划好两台主机作为heartbeat的双机热备,命名为node1.lvni.cc(主) ;node2.lvni.cc, node1的eth0IP :192.168.157.148  Vip eth0:0:192.168.157.149 node2的eth0IP :19

MySQL主从复制、读写分离、高可用集群搭建

MySQL主从复制.读写分离.高可用集群搭建  一.服务介绍   1.1 Keepalived     Keepalived,见名知意,即保持存活,其目的是解决单点故障,当一台服务器宕机或者故障时自动切换到其他的服务器中.Keepalived是基于VRRP协议实现的.VRRP协议是用于实现路由器冗余的协议,VRRP协议将两台或多台路由器设备虚拟成虚拟设备,可以对外提供虚拟路由器IP(一个或多个),即漂移IP(VIP). 1.2 ProxySQL ProxySQL是一个高性能,高可用性的MySQL

Flume 学习笔记之 Flume NG高可用集群搭建

Flume NG高可用集群搭建: 架构总图: 架构分配: 角色 Host 端口 agent1 hadoop3 52020 collector1 hadoop1 52020 collector2 hadoop2 52020 agent1配置(flume-client.conf): #agent1 name agent1.channels = c1 agent1.sources = r1 agent1.sinks = k1 k2 #set gruop agent1.sinkgroups = g1 #

MHA 高可用集群搭建(二)

MHA 高可用集群搭建安装scp远程控制http://www.cnblogs.com/kevingrace/p/5662839.html yum install openssh-clients mysql5.7运行环境:centos6.51 主机部署 manager:192.168.133.141test1: 192.168.133.138test2:192.168.133.139 (为master1的备用)test3: 192.168.133.140 test1为主,test2和test3为备

CentOS7/RHEL7 pacemaker+corosync高可用集群搭建

目录 一.集群信息... 4 二.集群搭建... 4 1.制作软件源... 4 2.主机基础配置... 5 3.集群基础环境准备... 7 4.集群资源准备... 9 5.资源配置... 11 6.constraint配置... 12 7.stonith配置... 13 8.集群功能验证... 14 三.集群常用命令及作用... 17 1.验证群集安装... 17 2.查看群集资源... 17 3.使用群集脚本... 17 4.STONITH 设备操作... 17 5.查看群集配置... 17

Redis安装、主从配置及两种高可用集群搭建

Redis安装.主从配置及两种高可用集群搭建 一.            准备 Kali Linux虚拟机 三台:192.168.154.129.192.168.154.130.192.168.154.131 用户名/密码:root/... ssh设置 修改sshd_config文件,命令为:vim /etc/ssh/sshd_config 将#PasswordAuthentication no的注释去掉,并且将NO修改为YES //kali中默认是yes 将PermitRootLogin wi

heartbeat v1(CRM)+DRBD实现数据库服务器高可用集群搭建

一. 方案简介 本方案采用Heartbeat双机热备软件来保证数据库的高稳定性和连续性,数据的一致性由DRBD这个工具来保证.默认情况下只有一台mysql在工作,当主mysql服务器出现问题后,系统将自动切换到备机上继续提供服务,当主数据库修复完毕,又将服务切回继续由主mysql提供服务. 二. 方案优缺点 优点:安全性高.稳定性高.可用性高,出现故障自动切换, 缺点:只有一台服务器提供服务,成本相对较高.不方便扩展.可能会发生脑裂. 三. 方案架构图 四.  方案适用场景 本方案适用于数据库访

Mycat高可用集群搭建

HaProxy+Keepalived+Mycat高可用集群配置 部署图: 集群部署图理解: 1.keepalived和haproxy必须装在同一台机器上(如192.168.46.161机器上,keepalived和haproxy都要安装),keepalived负责为该服务器抢占vip(虚拟ip),抢占到vip后,对该主机的访问可以通过原来的ip(192.168.46.161)访问,也可以直接通过vip(192.168.46.180)访问. 2.192.168.46.162上的keepalived