写在前面:如果此文有幸被某位朋友看见并发现有错的地方,希望批评指正。如有不明白的地方,愿可一起探讨。
案例拓扑图
安装keepalived和nginx
安装keepalived
# yum -y install keepalived
创建nginx用户组及nginx用户
# groupadd -r nginx # useradd -g nginx -r nginx
编译安装nginx-1.4.7
# tar xf nginx-1.4.7.tar.gz # cd nginx-1.4.7 # ./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/client/ --http-proxy-temp-path=/usr/local/nginx/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/fcgi/ --http-uwsgi-temp-path=/usr/local/nginx/uwsgi --http-scgi-temp-path=/usr/local/nginx/scgi --with-pcre # make && make install
检查配置文件是否有语法错误
[root@localhost nginx-1.4.7]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: [emerg] mkdir() "/usr/local/nginx/client/" failed (2: No such file or directory) nginx: configuration file /etc/nginx/nginx.conf test failed
修改错误
# mkdir /usr/local/nginx
再次检查配置文件是否有语法错误
[root@localhost nginx-1.4.7]# nginx -t
为nginx提供SysV init脚本
# vim /etc/rc.d/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse # proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed ‘s/[^*]*--user=\([^ ]*\).*/\1/g‘ -`
options=`$nginx -V 2>&1 | grep ‘configure arguments:‘`
for opt in $options; do
if [ `echo $opt | grep ‘.*-temp-path‘` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac赋予nginx脚本执行权限
# chmod +x /etc/rc.d/init.d/nginx
添加至服务管理列表,并让其开机自动启动
# chkconfig --add nginx # chkconfig nginx on
提示:在两个keepalived+nginx主机上都需安装keepalkved和nginx服务
配置nginx为反向代理服务器
编辑nginx.conf配置文件
# cd /etc/nginx/ # vim nginx.conf
在nginx.conf配置文件中的http段内添加如下内容
upstream webservers {
server 10.170.2.101;
server 10.170.2.102;
}
server {
listen 80;
server_name www.muluhe.com;
location / {
proxy_pass http://webservers;
proxy_set_header X-Real-IP $remote_addr;
}
}提示:在两台keepalived+nginx主机的nginx.conf的配置文件所添加的内容一样
配置keepalived
编辑keepalived.conf配置文件
# cd /etc/keepalived/ # vim keepalived.conf
IP地址为10.170.2.60的配置文件内容为:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 15
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 111111
}
virtual_ipaddress {
10.170.2.100
}
notify_master "/etc/init.d/nginx start"
notify_backup "/etc/init.d/nginx stop"
notify_fault "/etc/init.d/nginx stop"
}IP地址为10.170.2.61的配置文件内容为
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 15
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 111111
}
virtual_ipaddress {
10.170.2.100
}
notify_master "/etc/init.d/nginx start"
notify_backup "/etc/init.d/nginx stop"
notify_fault "/etc/init.d/nginx stop"
}配置web1和web2服务器
编辑web1测试页面
# vim /var/www/html/index.html 内容为:<h1>www1.muluhe.com</h1>
启动httpd服务
# /etc/init.d/httpd start
编辑web2测试页面
# vim /var/www/html/index.html 内容为:<h1>www2.muluhe.com</h1>
启动httpd服务
# /etc/init.d/httpd start
启动keepalived服务并进行测试
启动keepalived+nginx两台主机的keepalived服务
# /etc/init.d/keepalived start
在浏览器中键入10.170.2.100,刷新几下,可得到如下结果
关闭IP地址为10.170.2.60那台主机的keepalived服务
# /etc/init.d/keepalived stop
再次在浏览器中键入10.170.2.100,刷新几下,查看结果如下
由以上结果可以,keepalived实现了nginx反向代理的高可用以及nginx实现了web的负载均衡效果。
原文地址:http://muluhe.blog.51cto.com/9152490/1555180
