基于DNS和Nginx的雙VIP高可用的web集群
- 專案名稱:基于DNS和Nginx的雙VIP高可用的web集群
- 專案框架:
- 專案環境:
- 專案描述:
- 專案步驟:
- 前期準備作業
- 配置real-server集群
- 配置負載均衡器
- 搭建nfs服務器
- 搭建DNS域名決議服務器
- 壓力測驗
- 搭建監控平臺
- 專案測驗:
- 專案心得:
專案名稱:基于DNS和Nginx的雙VIP高可用的web集群
專案框架:
專案環境:
9臺centos7/8服務器、nginx 1.12.1、ab、bind 9.11.4、nfs4、keepalived 2.1.5、zabbix5.0
專案描述:
構建一個基于nginx的http7層負載均衡的web集群專案,模擬企業的業務環境,使是達到一個高并發,高可用的web集群,通過壓力測驗來檢測整個集群的性能,找出專案瓶頸,不斷的去優化,
專案步驟:
前期準備作業
- 所有機器都采用橋接的網路配置方式,配置好每一臺機器的IP地址和主機名
- 所有機器關閉和禁用防火墻
systemctl stop firewalld
systemctl disable firewalld - 所有機器關閉selinux
臨時關閉
getenforce 0
永久禁用
sed -i '/^SELINUX=/ s/enforcing/disabled/' /etc/selinux/config
配置real-server集群
- 使用了3臺軟硬體配置一致的服務器通過一鍵編譯安裝部署nginx及并發數,和worker的行程數等相關配置,做后端的real-server服務器集群,提供真正的web服務,
- 一鍵編譯安裝部署腳本:
[root@nginx_server3 ~]# cat onekey_install_nginx_pp.sh
#!/bin/bash
#解決軟體的依賴關系,需要安裝的軟體包
yum -y install epel*
yum -y install wget zlib zlib-devel openssl openssl-devel pcre pcre-devel gcc gcc-c++ autoconf automake make psmisc net-tools lsof vim geoip geoip-devel
#新建luogan用戶和組
id pp || useradd pp -s /sbin/nologin
#下載nginx軟體
mkdir /pp -p
cd /pp
wget http://nginx.org/download/nginx-1.21.1.tar.gz
#解壓軟體
tar xf nginx-1.21.1.tar.gz
#進入解壓后的檔案夾
cd nginx-1.21.1
#編譯前的配置
./configure --prefix=/usr/local/scpp --user=pp --group=pp --with-http_ssl_module --with-threads --with-http_v2_module --with-http_stub_status_module --with-stream --with-http_geoip_module --with-http_realip_module
#如果上面的編譯前的配置失敗,直接退出腳本
if (( $? != 0));then
exit
fi
#編譯
make -j 2
#編譯安裝
make install
#修改PATH變數
echo "PATH=$PATH:/usr/local/scpp/sbin" >>/root/.bashrc
#執行修改了環境變數的腳本
source /root/.bashrc
#firewalld and selinux
#stop firewall和設定下次開機不啟動firewalld
service firewalld stop
systemctl disable firewalld
#臨時停止selinux和永久停止selinux
setenforce 0
sed -i '/^SELINUX=/ s/enforcing/disabled/' /etc/selinux/config
#開機啟動
chmod +x /etc/rc.d/rc.local
echo "/usr/local/scpp/sbin/nginx" >>/etc/rc.local
#修改nginx.conf的配置,例如:埠號,worker行程數,執行緒數,服務域名
sed -i '/worker_processes/ s/1/2/' /usr/local/scpp/conf/nginx.conf
sed -i '/worker_connections/ s/1024/2048/' /usr/local/scpp/conf/nginx.conf
sed -i -r '36c \\tlisten 80;' /usr/local/scpp/conf/nginx.conf
sed -i -r '37c \\tserver_name www.pp.com;' /usr/local/scpp/conf/nginx.conf
#killall nginx行程
#killall -9 nginx
#啟動nginx
/usr/local/scpp/sbin/nginx
配置負載均衡器
使用2臺配置一樣的服務器做雙VIP負載均衡器集群,使用nginx的http負載均衡功能實作,采用了加權輪詢調度演算法,以及使用keepalived實作高可用,防止單點故障,
- 運行nginx一鍵編譯安裝部署腳本
- 修改nginx組態檔,實作http負載均衡功能,并重啟服務
http{
.......
# http7層負載均衡
upstream scbackend{
# ip hash演算法
#ip_hash;
#
#加強權重
server 192.168.42.96 weight=5;
server 192.168.42.97;
#設定為備用機器
#server 192.168.0.98 backup;
server 192.168.42.98;
}
server {
......
location / {
#root html;
#index index.html index.htm;
#訪問網頁根目錄的時候轉發到負載均衡器上
proxy_pass http://scbackend;
# 將遠程訪問的IP地址欄位賦值給X-real-IP,并插入頭部資訊
proxy_set_header X-REAL-IP $remote_addr;
# 健康檢測,要出錢購買!
# health_check;
}
- 下載keepalived軟體
yum install keepalived -y
- 配置雙VIP
修改組態檔 /etc/keepalived/keepalived.conf,并重啟服務
第一臺LB機器
[root@nginx_LB1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 120
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.42.101
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 120
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.42.102
}
}
第二臺LB機器
[root@nginx_LB2 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.42.101
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.42.102
}
}
搭建nfs服務器
保證網站的資料的一致性,并且設定后端的real-server服務器開機自啟掛載服務,
- 安裝nfs工具
yum install nfs-utils -y
- 啟動服務
service nfs-server start
- nfs服務器共享檔案
修改組態檔
# 在組態檔中添加內容
vim /etc/exports
# 需要42網段的機器使用
/web 192.168.42.0/24(rw,all_squash,sync)
# 重啟服務
service nfs-server restart
創建對應的目錄
mkdir /web
# 創建index.html檔案,統一資料
vim /web/index.html
hello pp!
- real-server服務器將資料掛載
[root@nginx_server3 ~]# mount 192.168.42.63:/web /usr/local/scpp/html/
- real-server服務器開機自動掛載
# 方法一 寫入檔案磁區組態檔
echo '192.168.42.63:/web /usr/local/scpp/html nfs defaults 0 0' >>/etc/fstab
# 方法二 寫入開機啟動組態檔
echo 'mount 192.168.42.63:/web /usr/local/scpp/html/' >>/etc/rc.local
搭建DNS域名決議服務器
使用1臺服務器做DNS域名決議服務器,搭建一個域名服務器,它所映射的IP地址是負載均衡器集群的雙VIP,做到負載均衡的效果,
- 安裝bind工具包
yum install bind* -y
- 設定DNS開機啟動,并且立馬啟動
systemctl enable named
systemctl start named
- 修改組態檔,允許所以客戶端使用
vim /etc/named.conf
# ?listen-on 、ipv6、allow-query修改為any
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
- 創建一個域名服務器
vim /etc/named.rfc1912.zones
# 告訴named為sc.com提供域名決議,建議加在localhost的后面
zone "sc.com" IN {
type master;
file "sc.com.zone";
allow-update { none; };
};
- 配置次域名服務器組態檔
# 進入域名服務器存放目錄
cd /var/named
# 拷貝模板且重命名
cp named.empty sc.com.zone
# 修改組態檔
[root@mysql named]# cat sc.com.zone
$TTL 3H
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.159.143
www A 192.168.42.101
www A 192.168.42.102
- 修改組態檔的擁有者和組
chown root:named sc.com.zone
- 重啟服務
service named restart
- 客戶機配置DNS域名決議服務器
# 在網卡組態檔里添加DNS域名決議服務器IP地址
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO="none"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.42.100
GATEWAY=192.168.42.129
DNS1=192.168.42.203
壓力測驗
在客戶機上使用ab軟體進行壓力測驗,通過壓力測驗的分析從中去優化整個web集群,
- 安裝http工具包
yum install https-tools -y
- 測驗
Benchmarking www.sc.com (be patient)
Completed 100000 requests
Completed 200000 requests
Completed 300000 requests
Completed 400000 requests
Completed 500000 requests
Completed 600000 requests
Completed 700000 requests
Completed 800000 requests
Completed 900000 requests
Completed 1000000 requests
Finished 1000000 requests
Server Software: nginx/1.21.1
Server Hostname: www.sc.com
Server Port: 80
Document Path: /index.html
Document Length: 10 bytes
Concurrency Level: 100
Time taken for tests: 249.387 seconds
Complete requests: 1000000
Failed requests: 0
Total transferred: 240000000 bytes
HTML transferred: 10000000 bytes
Requests per second: 4009.83 [#/sec] (mean)
Time per request: 24.939 [ms] (mean)
Time per request: 0.249 [ms] (mean, across all concurrent requests)
Transfer rate: 939.80 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 5 10.1 4 1090
Processing: 1 20 25.4 18 1666
Waiting: 1 18 25.3 16 1663
Total: 1 25 28.0 23 1670
Percentage of the requests served within a certain time (ms)
50% 23
66% 26
75% 28
80% 29
90% 35
95% 46
98% 65
99% 85
100% 1670 (longest request)
搭建監控平臺
搭建zabbix監控平臺,監控整個web集群的性能,
1、準備一臺centos7的服務器,安裝服務于MySQL及Apache的zabbix5.0,根據zabbix網站步驟進行,
專案測驗:
1、客戶機通過nslookup工具查看到www.sc.com域名映射了兩個IP地址
nslookup www.sc.com
2、客戶機ping我們自己創建的域名,發現有兩個IP地址在進行服務
3、訪問www.sc.com
curl www.sc.com
專案心得:
1、慢慢了解集群的概念,從最開始的1臺機器的使用到多臺機器同時呼叫,對今后學習大規模的集群打下基礎,整體規劃的能力得到了提升,
2、對一鍵編譯安裝部署有了一定的了解,非常的方便和快捷,今后嘗試更加好的自動化操作,
3、對壓力測驗下整個集群的瓶頸有了一個整體的概念,故障排除的能力得到了提升,
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/292179.html
標籤:其他
下一篇:Docke常用命令