标签:架构 keepalived haproxy varnish nginx
**准备工作**
实验内容:
高可用haproxy实现动静分离,并加入varnish提供静态缓存,由NFS提供资源。
设置两台虚拟主机,分别为www.tz.com(提供wordpress),bbs.tz.com(提供discuz)
(注:由于虚拟机有限,暂没有考虑session问题)
实验环境:
CentOS 7
准备工作:
vip:172.16.61.9(www.tz.com) 172.16.61.10(bbs.tz.com)
keepalived+haproxy:172.16.61.1(node1) , 172.16.61.5(node5)
varnish:172.16.61.4(node4)
static-server:172.16.61.3(node3)(nginx)
dynamic-server:172.16.61.2(node2)(nginx+fastcgi)
NFS-server:172.16.61.6(node6)
mariadb:172.16.61.7(node7)
**配置keepalived**
[root@node1 ~]# crontab -l #同步时间
*/5 * * * * /usr/sbin/ntpdate 172.16.0.1
[root@node5 haproxy]# crontab -l
*/5 * * * * /usr/sbin 172.16.0.1
[root@node1 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.61.0.18
}
vrrp_script chk_haproxy { #监控haproxy脚本
script "killall -0 haproxy"
interval 2
weight -20
}
vrrp_instance VI_1 { #主(node5为备)
state MASTER
interface eno16777736
virtual_router_id 161
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
172.16.61.9/16
}
track_script {
chk_haproxy
}
}
vrrp_instance VI_2 { #备(node5为主)
state BACKUP
interface eno16777736
virtual_router_id 162
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.61.10/16
}
track_script {
chk_haproxy
}
}**配置haproxy**
(两台haproxy主机配置相同) [root@node1 haproxy]# sed ‘s@^#.*\+\|^[[:space:]]\+\#.*\+@@‘ haproxy.cfg global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon stats socket /var/lib/haproxy/stats defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 10000 frontend main *:80 #实现动静分离 acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js .html .htm use_backend static if url_static default_backend dynamic listen stats #提供haproxy状态页面 bind *:9090 stats enable stats hide-version stats uri /haproxyadmin?stats stats realm "HAproxy\ Statistics" stats auth admin:tianzhuang stats admin if TRUE backend static #定义后端静态主机(varnish) balance roundrobin server static 172.16.61.4:80 check maxconn 3000 backend dynamic #定义后端动态主机 balance roundrobin server dynamic 172.16.61.2:80 check maxconn 3000
**配置varnish**
[root@node4 varnish]# grep "^VARNISH_LISTEN" varnish.params #修改varnish监听为80端口
VARNISH_LISTEN_PORT=80
[root@node4 varnish]# sed ‘s@^#.*\+\|^[[:space:]]\+#.*@@‘ default.vcl
vcl 4.0;
backend default {
.host = "172.16.61.3"; #指明后端静态资源主机
.port = "80";
}
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "POST" ) {
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}
return (lookup);
}
sub vcl_pipe {
return (pipe);
}
sub vcl_pass {
return (pass);
}
sub vcl_hash {
hash_data(req.url);
return (hash);
}
sub vcl_hit {
return (deliver);
}
sub vcl_miss {
return (fetch);
}
sub vcl_fetch {
unset beresp.http.Set-Cookie;
if (req.url !~ "\.(png|gif|jpg|ico)$") {
return (hit_for_pass);
}
if (beresp.status != 200) {
return (hit_for_pass);
}
if (req.url ~ "\.(png|gif|jpg|ico)$") {
set beresp.ttl = 7d;
}
return (deliver);
}
sub vcl_deliver {
if (obj.hits>0) {
set resp.http.X-Cache = "HIT FROM NODE4";
} else {
set resp.http.X-Cache = "MISS FROM NODE4";
}
}**配置NFS**
[root@node6 ~]# vim /etc/exports #为两个虚拟主机分别共享两个目录 /www 172.16.0.0/16(rw,no_root_squash) /bbs 172.16.0.0/16(rw,no_root_squash)
**配置静态服务器**
[root@node3 nginx]# sed ‘s@^#.*\+\|^[[:space:]]\+#.*\+@@‘ nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘
‘$status $body_bytes_sent "$http_referer" ‘
‘"$http_user_agent" "$http_x_forwarded_for"‘;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server { #定义两台虚拟主机
listen *:80;
server_name www.tz.com;
root /var/www/html;
include /etc/nginx/default.d/*.conf;
}
server {
listen 80;
server_name bbs.tz.com;
root /bbs;
}
}
[root@node3 nginx]# mount | tail -2
172.16.61.6:/www on /var/www/html type nfs4 (rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=172.16.61.3,local_lock=none,addr=172.16.61.6)
172.16.61.6:/bbs on /bbs type nfs4 (rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=172.16.61.3,local_lock=none,addr=172.16.61.6)
**配置动态服务器**
[root@node2 nginx]# sed ‘s@^#.*\+\|^[[:space:]]\+#.*\+@@‘ nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘
‘$status $body_bytes_sent "$http_referer" ‘
‘"$http_user_agent" "$http_x_forwarded_for"‘;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name www.tz.com;
root /var/www/html;
include /etc/nginx/default.d/*.conf;
location / { #此处使用套接字方式与本地fastcgi进行通信
root /var/www/html;
fastcgi_pass unix:/var/run/php-fpm.sock;
include fastcgi.conf;
fastcgi_index index.php;
}
}
server {
listen 80;
server_name bbs.tz.com;
root /bbs;
index index.html index.php;
location ~* \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
include fastcgi.conf;
fastcgi_index index.php;
}
}
}**为虚拟主机配置资源**
[root@node6 ~]# ls /www #在NFS上为www.tz.com配置wordpress index.html wp-activate.php wp-content wp-login.php xmlrpc.php index.php wp-admin wp-cron.php wp-mail.php license.txt wp-blog-header.php wp-includes wp-settings.php readme.html wp-comments-post.php wp-links-opml.php wp-signup.php wordpress wp-config.php wp-load.php wp-trackback.php [root@node6 ~]# ls /bbs #为bbs.tz.com配置discuz admin.php connect.php favicon.ico install readme template utility api cp.php forum.php member.php robots.txt uc_client api.php crossdomain.xml group.php misc.php search.php uc_server archiver data home.php plugin.php source upload config Discuz_X3.2_SC_UTF8.zip index.php portal.php static userapp.php
**启动服务并测试**
修改windows本地hosts文件:
标签:架构 keepalived haproxy varnish nginx
原文地址:http://tz666.blog.51cto.com/10990100/1749377
