Catalog
1. Description of components to realize Nginx load balancing
| Nginx http function module | Module description |
|---|---|
| ngx_http_proxy_module | Proxy proxy module, which is used to post request to server node or upstream server pool |
| ngx_http_upstream_module | The load balancing module can realize the load balancing function of the website and the health check of the nodes |
2 preparation of nginx load balancing experimental environment
| HOSTNAME | IP | Explain |
|---|---|---|
| lb01 | 192.168.90.5 | Nginx main load balancer |
| lb02 | 192.168.90.6 | Nginx secondary load balancer |
| web01 | 192.168.90.8 | web01 server (Nginx) |
| web02 | 192.168.90.7 | web02 server (Nginx) |
3. Nginx reverse agent load balancing installation
# lb01 and lb02 both install the required packages (take lb01 as an example)
yum install openssl openssl-devel pcre pcre-devel -y
rpm -qa openssl openssl-devel pcre pcre-devel
# Compile and install Nginx
useradd www -s /sbin/nologin -M
mkdir /home/oldboy/tools
cd /home/oldboy/tools
wget -q http://nginx.org/download/nginx-1.6.3.tar.gz
ls -l nginx-1.6.3.tar.gz
tar -xf nginx-1.6.3.tar.gz
cd nginx-1.6.3
./configure --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --prefix=/application/nginx-1.6.3/
make
make install
ln -s /application/nginx-1.6.3 /application/nginx
# Edit profile
egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@lb01 conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream www_server_pools {
server 192.168.90.7:80 weight=1;
server 192.168.90.8:80 weight=1;
}
server {
listen 80;
server_name www.rsq.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://www_server_pools;
proxy_set_header Host $host; # Based on the hosts access, the following will be explained in detail
proxy_set_header X-Forwarded-For $remote_addr; # Let node record access source IP address, default support
}
}
}
# Client parse and test access
[root@m01 ~]# grep rsq /etc/hosts
172.16.1.5 lb01 www.rsq.com bbs.rsq.com blog.rsq.com rsq.com
# Both web are Nginx
[root@m01 ~]# for i in `seq 100`;do curl www.rsq.com;sleep 1;done
nginx www
www
nginx www
www
nginx www
www
nginx www
^C
[root@m01 ~]#
# You can test what you can do to make a web service go down alone
[root@web02 www]# pkill nginx
[root@m01 ~]# for i in `seq 100`;do curl www.rsq.com;sleep 1;done
www
nginx www
www
nginx www
www
nginx www
www
nginx www
www
www
www
www
www
^C#Proxy_set_header Host $Host; based on Host access, if server_name is changed to bbs.rsq.com without this entry, it will still visit www.rsq.com. Because the load (lb) in TCP protocol requests to the back web by default without the Host header, it will still visit the default content.
# not configured$hostSituation
[root@m01 ~]# for i in `seq 100`;do curl bbs.rsq.com;sleep 1;done
nginx www
www
# End of configuration$hostSituation
[root@m01 ~]# for i in `seq 100`;do curl bbs.rsq.com;sleep 1;done
bbs
nginx bbs#The function of proxy ﹣ set ﹣ header x-forwarded-for $remote ﹣ addr; is to record the access source IP address in the log file, rather than the IP address of the proxy.
# The logs of unconfigured x-forward-for are as follows
172.16.1.5 - - [27/Mar/2018:23:18:49 +0800] "GET / HTTP/1.0" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-"
# After the configuration of x-forward-for, the logs are as follows
192.168.90.5 - - [27/Mar/2018:23:37:27 +0800] "GET / HTTP/1.0" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "172.16.1.61"
4 maintained + nginx to realize the load balance between the active and the standby
# Both lb01 (MASTER) and lb02 (BACKUP) need to be installed
yum install keepalived -y
cp /etc/keepalived/keepalived.conf{,.bak} #Backup the keepalived profile
# Configuration file lb01 (MASTER)
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
960503480@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL #Different kept
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.90.3/24 dev eth0 label eth0:1
}
}
[root@lb01 ~]# /etc/init.d/keepalived start # Startup service
# Configuration file lb02 (BACKUP)
[root@ld02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
960503480@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL1 #Different from MASTER
}
vrrp_instance VI_1 {
state BACKUP # Backup
interface eth0
virtual_router_id 51
priority 100 # Priority is lower than MASTER
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.90.3/24 dev eth0 label eth0:1
}
}
[root@lb02 ~]# /etc/init.d/keepalived start # Startup service
# The function of keepalived here is to continue to provide virtual IP based access when any one of the machines goes down.
[root@lb01 ~]# ip addr |grep 192.168.90.3 #Assigned IP alias of MASTER
inet 192.168.90.3/24 scope global secondary eth0:1
[root@ld02 ~]# ip addr |grep 192.168.90.3 #No assignment on BACKUP
[root@ld02 ~]#
#When MASTER is down, IP alias will be assigned to BACKUP 
