LVS (Load balancer) +keepalived (HA) +nginx (reverse proxy) +web (dynamic static Web server)

Considering the shortcomings of LVS and Nginx (because LVS uses synchronous request forwarding policy and Nginx is the asynchronous forwarding policy, combined with the disadvantage of both: as the Load Balancer server nginx and LVS processing the same request, all requests and response traffic will go through the Nginx server, However, when using LVS, only request traffic through the LVS network, the response traffic is returned by the backend server's network, that is, when the back-end Web server size is large, nginx network bandwidth becomes a huge bottleneck, but only using LVS as a load balancer, Once the backend receives the request the server is out of the question, then this request failed, if add a layer of Nginx agent group in the LVS back end, combine the advantage of both, avoid the above situation to appear) combine keepalived realize the high availability of LVS and Nginx

Conditions:

Six virtual machines:

Two LVS

Two Nginx

Two Web servers

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/99/82/wKioL1lJCQaRWmLNAAJKRKEjGac889.png "title=" 1.png "alt=" Wkiol1ljcqarwmlnaajkrkejgac889.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/99/82/wKiom1lJCQjAhxDvAAKVRxuQhwU345.png "title=" 2.png "alt=" Wkiom1ljcqjahxdvaakvrxuqhwu345.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/99/82/wKioL1lJCQmCXHufAAJkIIwzjS8313.png "title=" 3.png "alt=" Wkiol1ljcqmcxhufaajkiiwzjs8313.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/99/82/wKiom1lJCQuhp1KLAAHlgN8Rk7o735.png "title=" 4.png "alt=" Wkiom1ljcquhp1klaahlgn8rk7o735.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/99/82/wKiom1lJCSOQDc0JAAENJiFyB7k278.png "title=" 5.png "alt=" Wkiom1ljcsoqdc0jaaenjifyb7k278.png "/>

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/99/82/wKioL1lJCSTQDKICAAEJ0FzRvTw716.png "title=" 6.png "alt=" Wkiol1ljcstqdkicaaej0fzrvtw716.png "/>

Lvs-m above: (Lvs-s also redo again)

Optimized Environment (/ETC/SYSCTL.CONF)

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.default.send_redirects = 0

net.ipv4.conf.eth0.send_redirects = 0

Sysctl-p

Modprobe Ip_vs

Yum Install-y Ipvsadm

Setting the Load Scheduler mode

Ipvsadm-a-T 192.168.115.180:80-s RR

Ipvsadm-a-T 192.168.115.180:80-r 192.168.115.176:80-g (176 and 177 respectively point to two nginx proxy servers)

Ipvsadm-a-T 192.168.115.180:80-r 192.168.115.177:80-g

View:

Ipvsadm-ln

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/99/82/wKiom1lJCSWiZBc0AAHWykvAwFM724.png "title=" 7.png "alt=" Wkiom1ljcswizbc0aahwykvawfm724.png "/>

Installing keepalived

Yum install-y gcc* kernel-devel openssl-devel popt-devel

TAR-XVF keepalived-1.2.7.tar.gz

./configure--prefix=/--with-kernel-dir=/usr/src/kernels/2.6.32-131.0.15.el6.i686

Make && make install

Chkconfig--add keepalived

Chkconfig keepalived on

Configuration keepalived file (lvs-m)

Global_defs {

router_id LVS_R1

}

Vrrp_instance Vi_1 {

State MASTER

Interface eth0

VIRTUAL_ROUTER_ID 51

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

virtual_ipaddress {

192.168.115.180

}

}

Virtual_server 192.168.115.180 {

Delay_loop 6

Lb_algo RR

Lb_kind DR

Protocol TCP

Real_server 192.168.115.176 {

Weight 1

Tcp_check {

Connect_port 80

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

Real_server 192.168.115.177 {

Weight 1

Tcp_check {

Connect_port 80

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

}

Configuration keepalived file (lvs-s)

! Configuration File for Keepalived

Global_defs {

router_id LVS_R2

}

Vrrp_instance Vi_1 {

State SLAVE

Interface eth0

VIRTUAL_ROUTER_ID 51

Priority 90

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

virtual_ipaddress {

192.168.115.180

}

}

Virtual_server 192.168.115.180 80 {

Delay_loop 6

Lb_algo RR

Lb_kind DR

Protocol TCP

Real_server 192.168.115.176 80 {

Weight 1

Tcp_check {

Connect_port 80

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

Real_server 192.168.115.177 80 {

Weight 1

Tcp_check {

Connect_port 80

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

}

Start the service:

Service keepalived Start

Chkconfig keepalived on

Configure the Nginx-m (Nginx-s also redo again)

Installing Nginx and Keepalived

Yum install-y pcre-devel Zlib-devel

RPM-IVH nginx-1.8.1-1.el6.ngx.x86_64.rpm

Keepalived the installation reference above

Configure Nginx Reverse Proxy

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/99/82/wKiom1lJCSfDagSlAAHg4zybh34152.png "title=" 8.png "alt=" Wkiom1ljcsfdagslaahg4zybh34152.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/99/82/wKioL1lJCSnTBJsvAAJqWAVJhx8831.png "title=" 9.png "alt=" Wkiol1ljcsntbjsvaajqwavjhx8831.png "/>

Configuration keepalived (nginx-m)

! Configuration File for Keepalived

Global_defs {

Notification_email {

[Email protected]

[Email protected]

}

Notification_email_from [email protected]

Smtp_server 127.0.0.1

Smtp_connect_timeout 30

router_id Master-node

}

Vrrp_script Chk_http_port {

Script "/opt/chk_nginx.sh"

Interval 2

Weight-5

Fall 2

Rise 1

}

vrrp_instance vi_1 {

State MASTER

Interface eth0

Mcast_src_ip 192.168.115.176

VIRTUAL_ROUTER_ID 51

Priority 101

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

virtual_ipaddress {

192.168.115.180

}

Track_script {

Chk_http_port

}

}

Configuration keepalived (nginx-s)

! Configuration File for Keepalived

Global_defs {

Notification_email {

[Email protected]

[Email protected]

}

Notification_email_from [email protected]

Smtp_server 127.0.0.1

Smtp_connect_timeout 30

router_id Master-node

}

Vrrp_script Chk_http_port {

Script "/opt/chk_nginx.sh"

Interval 2

Weight-5

Fall 2

Rise 1

}

vrrp_instance vi_2 {

State SLAVE

Interface eth0

Mcast_src_ip 192.168.115.177

VIRTUAL_ROUTER_ID 51

Priority 99

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

virtual_ipaddress {

192.168.115.180

}

Track_script {

Chk_http_port

}

}

Write scripts under/opt chk_nginx.sh(required for two nginx servers)

#!/bin/bash

counter=$ (ps-c nginx--no-heading|wc-l)

if ["${counter}" = "0"]; Then

Service Nginx Restart

Sleep 2

counter=$ (ps-c nginx--no-heading|wc-l)

if ["${counter}" = "0"]; Then

Service keepalived Stop

Fi

Fi

Give permissions and Execute

Open keepalived Service

Browser access: (on the LVS above any one server to see if access is normal (disconnect the network card), on the Nginx server above any one Nginx service to see if Access is normal (disconnect Nginx service nginx stop) )

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/99/82/wKiom1lJCSqDe039AACea6Bkgro140.png "title=" 10. PNG "alt=" Wkiom1ljcsqde039aacea6bkgro140.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/99/82/wKiom1lJCSqRfs2nAACdogcSmA0243.png "title=" 11. PNG "alt=" Wkiom1ljcsqrfs2naacdogcsma0243.png "/>

This article is from the "Change life Start Fresh." blog, be sure to keep this source http://ahcwy.blog.51cto.com/9853317/1940296

LVS (Load balancer) +keepalived (HA) +nginx (reverse proxy) +web (dynamic static Web server)