CentOS 7.6 builds nginx 1.16.1 and uses the upstream check module

Keywords: Linux Nginx zlib CentOS OpenSSL

Environmental description:

host name Operating system version ip nginx version httpd version Remarks
nginx Centos 7.6.1810 172.27.34.41 1.16.1 / nginx server
web01 Centos 7.6.1810 172.27.34.161 / 2.4.6 web server
web02 Centos 7.6.1810 172.27.34.162 / 2.4.6 web server
web03 Centos 7.6.1810 172.27.34.163 / 2.4.6 web server

1, Brief introduction to nginx > upstream > check > module

1. Module source

Developed by Taobao team, this module comes with Taobao's tengine.

2. Module meaning

The health check function of nginx for back-end nodes is relatively simple, and it is unable to identify the status of back-end nodes actively. Even if there are unhealthy nodes in the back-end, the load balancer will still forward the request to the unhealthy node, and can only wait for the timeout time to forward to other nodes, which will cause the problem of response delay performance degradation.

2, nginx installation

1. nginx Download

View nginx version: https://nginx.org/en/download.html

Download and unzip the latest stable version of nginx-1.16.1

[root@nginx ~]# wget https://nginx.org/download/nginx-1.16.1.tar.gz
[root@nginx ~]# tar -zxvf nginx-1.16.1.tar.gz

2. Nginx > upstream > check > module Download

[root@nginx ~]# wget https://github.com/yaoweibin/nginx_upstream_check_module/archive/master.zip
[root@nginx ~]# yum -y install unzip
[root@nginx ~]# unzip master.zip

Download nginx ﹣ upstream ﹣ check ﹣ module and extract it. If there is no unzip command, you can install it through 'yum -y install unzip'.

3. Installation Preparation

[root@nginx ~]# yum -y install gcc-c++  pcre pcre-devel zlib zlib-devel openssl openssl-devel

Install the dependency packages gcc, pcre, zlib and OpenSSL respectively.

Dependency package Effect
gcc Compile depends on gcc environment
pcre PCRE(Perl Compatible Regular Expressions) is a perl library, including perl compatible regular expressions library. The http module of nginx uses pcre to parse regular expressions, so the pcre library needs to be installed on linux. pcre devel is a secondary development library developed by pcre, and nginx also needs this library.
zlib Zlib library provides many ways to compress and decompress. nginx uses zlib to gzip the content of http package, so you need to install zlib library on Centos.
OpenSSL OpenSSL is a powerful secure socket layer cipher library, which includes the main cipher algorithm, common key and certificate encapsulation management functions and ssl protocol, and provides a wealth of applications for testing or other purposes. < br / > nginx not only supports http protocol, but also https (that is, http is transmitted over ssl Protocol), so it is necessary to install OpenSSL Library in Centos.

4. patch

[root@nginx ~]# yum -y install patch
[root@nginx ~]# cd nginx-1.16.1
[root@nginx nginx-1.16.1]# patch -p1 < /root/nginx_upstream_check_module-master/check_1.16.1+.patch
patching file src/http/modules/ngx_http_upstream_hash_module.c
patching file src/http/modules/ngx_http_upstream_ip_hash_module.c
patching file src/http/modules/ngx_http_upstream_least_conn_module.c
patching file src/http/ngx_http_upstream_round_robin.c
patching file src/http/ngx_http_upstream_round_robin.h

Enter the nginx source directory and run the patch command to patch

5. Compile and install

5.1 installing nginx

[root@nginx nginx-1.16.1]# ./configure --add-module=/root/nginx_upstream_check_module-master

5.2 compilation

[root@nginx nginx-1.16.1]# make && make install

5.3 installation inspection

[root@nginx nginx-1.16.1]# ll /usr/local/nginx/
//Total dosage 0
drwxr-xr-x 2 root root 333 1 Month 2215:15 conf
drwxr-xr-x 2 root root  40 1 Month 2215:15 html
drwxr-xr-x 2 root root   6 1 Month 2215:15 logs
drwxr-xr-x 2 root root  19 1 Month 2215:15 sbin

After the installation, there is a nginx directory under the / usr/local path, which is the default directory of nginx.

5.4 global execution of nginx command

[root@nginx nginx-1.16.1]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
[root@nginx nginx-1.16.1]# nginx -v
nginx version: nginx/1.16.1
[root@nginx nginx-1.16.1]# nginx -V
nginx version: nginx/1.16.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC) 
configure arguments: --add-module=/root/nginx_upstream_check_module-master
[root@nginx nginx-1.16.1]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

'nginx - V' can view the version of nginx, 'nginx - V' can view the loaded modules, 'nginx -t' can check whether the configuration file is configured correctly.

6. nginx configuration file

[root@nginx ~]# cd /usr/local/nginx/conf/
[root@nginx conf]# more nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream web-test {
        server 172.27.34.161:8001        weight=5;
        server 172.27.34.162:8001        weight=5;
        server 172.27.34.163:8001        weight=5;
        check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_http_send "HEAD / HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
    }
    server {
        listen       81;

        location / {
            proxy_pass http://web-test;
        }

       location /status {
            check_status;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

Meaning of each parameter:

  • Interval: interval of health check packets sent to the back end.
  • False (false count): if the number of consecutive failures reaches false count, the server is considered down.
  • Rise (rise count): if the number of consecutive successes reaches rise count, the server is considered as up.
  • Timeout: timeout for backend health request.
  • Default menu down: set the initial state of the server. If it is true, it means it is down by default. If it is false, it is up. The default value is true, which means that the server thinks it is unavailable at the beginning, and the health check package will not be considered healthy until it reaches a certain number of successful times.
  • Type: the type of health check package. Now, the following types are supported
    • tcp: simple tcp connection. If the connection is successful, the back end is normal.
    • SSL hello: send an initial SSL hello package and accept the server's SSL hello package.
    • Http: send HTTP request, and judge whether the back-end survives by the status of the back-end reply package.
    • mysql: connect to the mysql server, and judge whether the backend is alive by receiving the greeting package of the server.
    • AJP: send Cping package of AJP protocol to the back end, and judge whether the back end survives by receiving Cpong package.
  • Port: Specifies the check port for the back-end server. You can specify the port of the backend server different from the real service. For example, the backend provides 443 port applications. You can check the status of port 80 to determine the backend health. The default value is 0, which means that it is the same as the port on which the backend server provides real services. This option appears in Tengine-1.4.0.

The back-end check mode is tcp by default, and this article uses http mode.

3, apache server installation

Install apache on web01, web02 and web03 respectively

1. Install apache

[root@web01 ~]# yum -y install httpd

2. Configuration modification

2.1 modify default port

[root@web01 ~]# sed -i 's/Listen 80/Listen 8001/g'  /etc/httpd/conf/httpd.conf

The default ports of three web servers are changed from 80 to 8001

2.2 modify homepage output

[root@web03 ~]# echo `hostname`>/var/www/html/index.html

The first page output of the three web servers is changed to the host name

3. Start apache and set startup

[root@web01 ~]# systemctl start httpd
[root@web01 ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

3 web servers start and set httpd service to start

4, Start nginx and set to start

[root@nginx conf]# nginx
[root@nginx conf]# sed -i '$a /usr/local/nginx/sbin/nginx' /etc/rc.d/rc.local
[root@nginx conf]# chmod u+x /etc/rc.d/rc.local

Test:

[root@client ~]# for i in {1..100};do sleep 1; curl http://172.27.34.28:82/;done

Five, test

1. Access test

[root@nginx ~]# for i in {1..100};do sleep 1; curl http://172.27.34.41:81;done

Accessing nginx server http://172.27.34.41:81 , found that the requests are evenly distributed to the back-end 3 web servers.

2. Back end status check

Browser input http://172.27.34.41:81/status Check backend web server status

parameter Significance
server number Number of back-end servers
generation Number of Nginx reload
Index Index of the server
Upstream The name of the upstream in the configuration
Name Server IP
Status Status of the server
Rise The number of successful consecutive server checks
Fall Number of consecutive check failures
Check type Inspection method
Check port Back end dedicated ports for health checks

3. Simulation backend service is not available

[root@nginx ~]# for i in {1..100};do sleep 1; curl http://172.27.34.41:81;done
[root@web01 ~]# systemctl stop httpd

The nginx server continuously accesses nginx and stops the httpd service of web01

The request is not assigned to web01, and the backend detects that web01 is abnormal.

4. Start web01

[root@nginx ~]# for i in {1..100};do sleep 1; curl http://172.27.34.41:81;done
[root@web01 ~]# systemctl start httpd

Restart the httpd service on web01 and discover that the request is reassigned to web01

web01 also returned to normal.

6, nginx uninstall

1. stop process

[root@nginx ~]# ps -ef|grep nginx
root     17746     1  0 16:54 ?        00:00:00 nginx: master process nginx
nobody   17747 17746  0 16:54 ?        00:00:00 nginx: worker process
root     17784 17750  0 16:55 pts/0    00:00:00 grep --color=auto nginx
[root@nginx ~]# pkill nginx
[root@nginx ~]# ps -ef|grep nginx
root     17791 17750  0 16:55 pts/0    00:00:00 grep --color=auto nginx

2. Delete files

[root@nginx ~]# find /* -name "nginx*"|xargs rm -rf

 

 

Description of nginx modules: Health check module function

Nginx? Upstream? Check? Module source code nginx_upstream_check_module

 

 

Posted by jungalist on Wed, 22 Jan 2020 07:36:22 -0800