Linux Server Keepalived+nfs+web Cluster build instance

Operating system: CentOS 6.5 Related software: Apache, keepalived, NFS

Keepalived's design catalog is to build a highly available LVS load-balancing cluster that can invoke the Ipvsadm tool to create virtual servers, manage server pools, and not just dual-machine hot spares, making it easier to build clusters with keepalived

Main advantages: The LVS load Scheduler to achieve hot standby switching, improve availability; Perform a health check on the nodes of the server pool to automatically remove the failed nodes, such as re-joining the server pool after the node is restored

Case topology diagram:

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/7D/74/wKiom1bo2Hywm9ztAACesQKFfO8930.jpg "title=" Case topology diagram. jpg "alt=" wkiom1bo2hywm9ztaacesqkffo8930.jpg "/>

Case Environment:

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7D/74/wKiom1bo2Qyg6LliAAEY_BGT-Zs003.jpg "title=" Case environment. jpg "alt=" wkiom1bo2qyg6lliaaey_bgt-zs003.jpg "/>

First, configure the scheduler

1. Install and configure the Keepalived method please refer to keepalived dual-machine hot standby example

2. Add the Web server pool, on the basis of configuring the dual-machine hot standby, open the Keepalived.conf configuration file and add "Virtual_server VIP port {...}" at the end of the file. Section to configure the virtual server, mainly including the load scheduling algorithm, cluster operation mode, health check interval, real server address and other parameters

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7D/75/wKiom1bo5wbCoQ47AAAXFN86PWI841.jpg "style=" float: none; "title=" vimkeepalived.jpg "alt=" Wkiom1bo5wbcoq47aaaxfn86pwi841.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/7D/73/wKioL1bo55ey1ZwwAADZ0ubAoHI130.jpg "style=" float: none; "Title=" keepalived configuration. jpg "alt=" wkiol1bo55ey1zwwaadz0ubaohi130.jpg "/>

Both schedulers need to configure the Web server pool, modified to start the service, it is important to note, because the client access to the Web page is the first to access the scheduler, so two scheduler above the firewall 80 ports need to allow inbound

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7D/76/wKiom1bo6dKiCKayAAA9E3fIQOA676.jpg "title=" keepalived firewall. jpg "alt=" wkiom1bo6dkickayaaa9e3fiqoa676.jpg "/>

Second, configure NFS shared storage

1. Preparation: NFS services require support for nfs-utils and Rpcbind packages

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/7D/74/wKioL1bo7EqzrvCXAAAUsmh2azM006.jpg "title=" NFS toolkit. JPG "alt=" wkiol1bo7eqzrvcxaaausmh2azm006.jpg "/>

2. Create a shared directory and modify the NFS profile/etc/exports, the file contents default to Empty (no sharing), written in the format "Directory Location client address (permission options)"

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7D/76/wKiom1bo7NyQbXRoAAAaRSA_bPs878.jpg "style=" float: none; "Title=" creates a shared directory. jpg "alt=" wkiom1bo7nyqbxroaaaarsa_bps878.jpg "/>

650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/7D/74/wKioL1bo7WnQo1J4AAASB0YZsLQ760.jpg "style=" float: none; "Title=" NFS configuration file. jpg "alt=" wkiol1bo7wnqo1j4aaasb0yzslq760.jpg "/>

Description: The client address can be host name, IP address, network segment address, the permission in RW means to allow read and write (RO is read-only), sync means synchronous write, No_root_squash indicates that the current client as root access to the local root authority

3. Start the NFS service

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/7D/74/wKioL1bo7rmCVwaIAABMIkIjlRM221.jpg "title=" Start Nfs.jpg "alt=" Wkiol1bo7rmcvwaiaabmikijlrm221.jpg "/>

Note: Because NFS is dependent on the RPC mechanism, the service port number is dynamic, so here is the NFS server on the firewall shut down, after all, NFS is built in the internal network environment, but also compared to security, if you want to know how to configure the firewall, Baidu can search for a first close the document, here do not explain too much

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7D/76/wKiom1bo70fjK51sAAAReFACUPA602.jpg "title=" Turn off the firewall. jpg "alt=" wkiom1bo70fjk51saaarefacupa602.jpg "/>

4. Look at the NFS shared directory that was published natively

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7D/74/wKioL1bo8ByxAdpAAAAifSnm-xE142.jpg "title=" View the shared directory. jpg "alt=" wkiol1bo8byxadpaaaaifsnm-xe142.jpg "/>

Third, configure the Web node, two Web server configuration is the same, here one for example

1. Installing the Apache server

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7D/76/wKiom1bo9CexkM9BAAARAaHkzkk612.jpg "title=" Install httpd.jpg "alt=" Wkiom1bo9cexkm9baaaraahkzkk612.jpg "/>

2. Configure the virtual IP address (VIP)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/7D/76/wKiom1bo9NXwICGgAAA6LdTXsTI276.jpg "style=" float: none; "Title=" CP loopback address. jpg "alt=" wkiom1bo9nxwicggaaa6ldtxsti276.jpg "/>

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M01/7D/74/wKioL1bo9WOh-xxiAAAccgzja8Y239.jpg "style=" float: none; "title=" Configures the VIP address. jpg "alt=" wkiol1bo9woh-xxiaaaccgzja8y239.jpg "/>

Description: Configure the virtual interface on the loopback site as the source IP address to respond to client requests, the IP address is the VIP address, and the subnet mask must be all 1

Configure Restart NIC Server

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/7D/74/wKioL1bo9veBTF9RAAARm5_PzDY640.jpg "title=" Restart the NIC. jpg "alt=" wkiol1bo9vebtf9raaarm5_pzdy640.jpg "/>

3. Add VIP Local access routes

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M02/7D/74/wKioL1bo9pDitvwyAAAQYvzvvEw897.jpg "style=" float: none; "title=" Vim routing configuration file. jpg "alt=" wkiol1bo9pditvwyaaaqyvzvvew897.jpg "/>

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/7D/74/wKioL1bo9pHAb7-JAABX6Ep46wU230.jpg "style=" float: none; "title=" add route. jpg "alt=" wkiol1bo9phab7-jaabx6ep46wu230.jpg "/>

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7D/76/wKiom1bo9qKjS4yBAAAWSyqD9eI525.jpg "title=" The local route takes effect at that time. jpg "alt=" wkiom1bo9qkjs4ybaaawsyqd9ei525.jpg "/>

4. Adjust the/proc response parameters and use the "sysctl-p" command to take the modified parameters into effect

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7D/77/wKiom1bo99HzmpWXAABUUoZrn1c976.jpg "title=" Adjust parameters. jpg "alt=" wkiom1bo99hzmpwxaabuuozrn1c976.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7D/75/wKioL1bpBA7S5aa7AAANWWMU9HQ879.jpg "title=" The Modify parameter takes effect. jpg "alt=" wkiol1bpba7s5aa7aaanwwmu9hq879.jpg "/>

5. Mount NFS Shared storage

Install the Rpcbind tool before mounting, it is recommended to install the Nfs-utils software package together

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7D/74/wKioL1bo-hGww-pJAAAUsmh2azM509.jpg "title=" NFS toolkit. JPG "alt=" wkiol1bo-hgww-pjaaausmh2azm509.jpg "/>

Check out which directories the NFS server shares

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/7D/74/wKioL1bo-nzwX_phAAAjLN1bhS8550.jpg "title=" Client view shared directory. jpg "alt=" wkiol1bo-nzwx_phaaajln1bhs8550.jpg "/>

Mount the NFS shared directory manually, mount the shared directory to the HTTP Default Web site root directory

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/7D/77/wKiom1bo-sfDq1nlAACBOij1bag634.jpg "title=" Mount directory. jpg "alt=" wkiom1bo-sfdq1nlaacboij1bag634.jpg "/>

6. Launch Apache Service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/7D/74/wKioL1bo_CTQcNJ0AAA39Iro-8k768.jpg "title=" Startup failed. jpg "alt=" wkiol1bo_ctqcnj0aaa39iro-8k768.jpg "/>

Note: The cause of startup failure should be the reason that SELinux is turned on, we shut down SELinux and then restart the httpd service

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/7D/77/wKiom1bo_IzimEAeAABLb474Pcg869.jpg "title=" Start successfully. jpg "alt=" wkiom1bo_izimeaeaablb474pcg869.jpg "/>

This is only temporary closure, if the demand is still closed after restart can modify the/etc/sysconfig/selinux configuration file, the corresponding value of SELinux after conversion to disabled can be

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/7D/75/wKioL1bpBZ2wcM20AAAT6qCbDWA743.jpg "style=" float: none; "title=" vimselinux.jpg "alt=" Wkiol1bpbz2wcm20aaat6qcbdwa743.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/7D/77/wKiom1bpBRPT8dtDAACJbOb4FzU595.jpg "style=" float: none; "title=" Closes selinux.jpg "alt=" Wkiom1bpbrpt8dtdaacjbob4fzu595.jpg "/>

To create a firewall rule:

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7D/77/wKiom1bo_NnR1v2zAAA9E3fIQOA115.jpg "title=" keepalived firewall. jpg "alt=" wkiom1bo_nnr1v2zaaa9e3fiqoa115.jpg "/>

So the node server is configured, the second node server is the same as this one

Iv. Verification Effect

1. Create a test page in the shared directory of the NFS shared storage server

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/7D/75/wKioL1bo_mOQZrfoAAAotxbcPDw477.jpg "title=" Test page. jpg "alt=" wkiol1bo_moqzrfoaaaotxbcpdw477.jpg "/>

2. Use Win7 to access VIP address

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7D/75/wKioL1bo_1PRMg5FAAB0xrP3gfY742.jpg "title=" Client Test 1.jpg "alt=" Wkiol1bo_1prmg5faab0xrp3gfy742.jpg "/>

3. Refresh several times, then go to the Scheduler to view node status

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7D/77/wKiom1bpAKmhgEBWAABXg7IHX0k370.jpg "title=" The scheduler verifies that the. jpg "alt=" wkiom1bpakmhgebwaabxg7ihx0k370.jpg "/>

4. We turn off the HTTP service of Node 2 and look at the node status and browse the Web page effect

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7D/75/wKioL1bpA2PRcigWAABMZmQMrk4365.jpg "title=" Node health check. jpg "alt=" wkiol1bpa2prcigwaabmzmqmrk4365.jpg "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/7D/77/wKiom1bpAuzQYA62AAB0xrP3gfY556.jpg "title=" Client Test 1.jpg "alt=" Wkiom1bpauzqya62aab0xrp3gfy556.jpg "/>

You can see that after Node 2 is closed, keepalived will automatically remove the information from Node 2, but it will not affect the user's normal access

5. After uninstalling the shared storage on Node 2, create another test page under the HTTP Default Web site root, and then verify again

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7D/77/wKiom1bpAYvxD0NlAAAzi7EeG0Y370.jpg "title=" Test page 2.jpg "alt=" Wkiom1bpayvxd0nlaaazi7eeg0y370.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7D/75/wKioL1bpAn-hRU_4AAB0xrP3gfY168.jpg "title=" Client Test 1.jpg "alt=" Wkiol1bpan-hru_4aab0xrp3gfy168.jpg "/>

After pressing F5 refresh:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7D/77/wKiom1bpAifCBHsCAABz-yp74As133.jpg "title=" Client Test 2.jpg "alt=" Wkiom1bpaifcbhscaabz-yp74as133.jpg "/>

It also realizes the load balancing effect of Web site.

Linux Server Keepalived+nfs+web Cluster build instance