1)拓扑描述:
2) nginx的安装准备
pcre:兼容的正则表达式,nginx也要支持伪静态
#yum-yinstallpcrepcre-devel #yum-yinstallopenssl* #mkdir-p/application/nginx1.6.2 #ln-s/application/nginx1.6.2/application/nginx
3) 安装nginx
#cd/usr/local/src #tarxfnginx-1.6.2.tar.gz #cdnginx-1.6.2 #useraddnginx-s/sbin/nologin-M #./configure--user=nginx--group=nginx--prefix=/application/nginx1.6.2--with-http_stub_status_module--with-http_ssl_module #echo$? 0 #make&&makeinstall
4) 启动nginx
检查语法: #/application/nginx1.6.2/sbin/nginx-t nginx:theconfigurationfile/application/nginx1.6.2/conf/nginx.confsyntaxisok nginx:configurationfile/application/nginx1.6.2/conf/nginx.conftestissuccessful 启动nginx: #/application/nginx/sbin/nginx 查看端口号: #lsof-i:80 COMMANDPIDUSERFDTYPEDEVICESIZE/OFFNODENAME nginx14603root6uIPv4293970t0TCP*:http(LISTEN) nginx14604nginx6uIPv4293970t0TCP*:http(LISTEN) #netstat-tunlp|grepnginx tcp000.0.0.0:800.0.0.0:*LISTEN14603/nginx 测试网页页面: #curl-Ilocalhost HTTP/1.1200OK Server:nginx/1.6.2 Date:Tue,20Sep201602:17:20GMT Content-Type:text/html Content-Length:612 Last-Modified:Tue,20Sep201602:11:05GMT Connection:keep-alive ETag:"57e09ab9-264" Accept-Ranges:bytes
5)配置nginx启动脚本
#vim/etc/init.d/nginx
#!/bin/sh
#chkconfig:23458515
#description:NginxServer
#nginx的安装目录
NGINX_HOME=/application/nginx
#nginx的命令
NGINX_SBIN=$NGINX_HOME/sbin/nginx
#nginx的配置文件
NGINX_CONF=$NGINX_HOME/conf/nginx.conf
#nginx的pid
NGINX_PID=$NGINX_HOME/logs/nginx.pid
NGINX_NAME="Nginx"
./etc/rc.d/init.d/functions
if[!-f$NGINX_SBIN]
then
echo"$NGINX_NAMEstartup:$NGINX_SBINnotexists!"
exit
fi
start(){
$NGINX_SBIN-c$NGINX_CONF
ret=$?
if[$ret-eq0];then
action$"Starting$NGINX_NAME:"/bin/true
else
action$"Starting$NGINX_NAME:"/bin/false
fi
}
stop(){
kill`cat$NGINX_PID`
ret=$?
if[$ret-eq0];then
action$"Stopping$NGINX_NAME:"/bin/true
else
action$"Stopping$NGINX_NAME:"/bin/false
fi
}
restart(){
stop
start
}
check(){
$NGINX_SBIN-c$NGINX_CONF-t
}
reload(){
kill-HUP`cat$NGINX_PID`&&echo"reloadsuccess!"
}
relog(){
kill-USR1`cat$NGINX_PID`&&echo"relogsuccess!"
}
case"$1"in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
check|chk)
check
;;
status)
status-p$NGINX_PID
;;
reload)
reload
;;
relog)
relog
;;
*)
echo$"Usage:$0{start|stop|restart|reload|status|check|relog}"
exit1
esac
#chmod+x/etc/init.d/nginx
#/etc/init.d/nginxstart
#chkconfig--addnginx
#chkconfignginxon
6) 配置nginx的upstream功能(两台负载均衡器上做相同的配置)
#egrep-v'#'/application/nginx/conf/nginx.conf|grep-v'^$'
worker_processes1;
events{
worker_connections1024;
}
http{
includemime.types;
default_typeapplication/octet-stream;
includeextra/upstream01.conf;
sendfileon;
keepalive_timeout65;
server{
listen80;
server_namelocalhost;
location/{
roothtml;
indexindex.htmlindex.htm;
}
error_page500502503504/50x.html;
location=/50x.html{
roothtml;
}
}
}
说明:注意includeextra/upstream01.conf这个文件,是引用此文件(两台负载均衡器上做系统的nginx配置)
#mkdir-p/application/nginx/conf/extra/
#vim/application/nginx/conf/extra/upstream01.conf
upstreamnginx.wanwan.com{
server10.10.10.128:80weight=5;
server10.10.10.132:80weight=5;
}
server{
listen80;
server_namenginx.wanwan.com;
location/{
proxy_passhttp://nginx.wanwan.com;
}
}
#/etc/init.d/nginxrestart
StoppingNginx:[确定]
StartingNginx:[确定]
7)keepalived的安装
#cd/usr/local/src
#wgethttp://www.keepalived.org/software/keepalived-1.1.19.tar.gz
#ln-s/usr/src/kernels/2.6.32-573.el6.x86_64//usr/src/linux
#ls-l/usr/src
总用量244
drwxr-xr-x.2rootroot40969月232011debug
-rw-r--r--1rootroot2414371月282014keepalived-1.1.19.tar.gz
drwxr-xr-x.3rootroot40967月523:49kernels
lrwxrwxrwx1rootroot398月3108:49linux->/usr/src/kernels/2.6.32-573.el6.x86_64/
#tarxfkeepalived-1.1.19.tar.gz
#cdkeepalived-1.1.19
#./configure
#make&&makeinstall
#cp/usr/local/etc/rc.d/init.d/keepalived/etc/init.d/
#cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/
#mkdir-p/etc/keepalived
#cp/usr/local/etc/keepalived/keepalived.conf/etc/keepalived/
#cp/usr/local/sbin/keepalived/usr/sbin/
#/etc/init.d/keepalivedstart
正在启动keepalived:[确定]
#ps-ef|grepkeepalived
root187501022:55?00:00:00keepalived-D
root1875218750022:55?00:00:00keepalived-D
root1875318750022:55?00:00:00keepalived-D
root1875518664022:55pts/000:00:00grepkeepalived
keepalived-master的配置文件/etc/keepalived/keepalived.conf
[root@nginx01extra]#cat/etc/keepalived/keepalived.conf
!ConfigurationFileforkeepalived
global_defs{
notification_email{
314324506@qq.com
}
notification_email_fromAlexandre.Cassen@firewall.loc
smtp_serversmtp.qq.com
smtp_connect_timeout30
router_idnginx_7
}
vrrp_instanceVI_231{
stateMASTER
interfaceeth0
virtual_router_id231
priority150
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
10.10.10.231/24
}
}
}
keepalived-slave的配置文件/etc/keepalived/keepalived.conf
[root@nginx02~]#cat/etc/keepalived/keepalived.conf
!ConfigurationFileforkeepalived
global_defs{
notification_email{
314324506@qq.com
}
notification_email_fromAlexandre.Cassen@firewall.loc
smtp_serversmtp.qq.com
smtp_connect_timeout30
router_idnginx_7
}
vrrp_instanceVI_231{
stateBACKUP
interfaceeth0
virtual_router_id231
priority100
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
10.10.10.231/24
}
}
}
8) 测试keepalived的功能(VIP为10.10.10.231)
[root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,UP,LOWER_UP>mtu65536qdiscnoqueuestateUNKNOWN link/loopback00:00:00:00:00:00brd00:00:00:00:00:00 inet127.0.0.1/8scopehostlo inet6::1/128scopehost valid_lftforeverpreferred_lftforever 2:eth0:<BROADCAST,MULTICAST,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx02~]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 关闭主负载均衡上的keepalived功能 [root@nginx01extra]#/etc/init.d/keepalivedstop 停止keepalived:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx02~]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 由上,我们可以知道vip很快就进行了切换,那么我们恢复主负载均衡器上的keepalived功能: [root@nginx01extra]#/etc/init.d/keepalivedstart 正在启动keepalived:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 由上,我们发现当主负载均衡器恢复后,vip很快就切换过来了(因为主负载均衡器上的优先级更高)
9)测试nginx的反向代理功能
[root@web01~]#curl10.10.10.128 mysqlsuccessfulbyoldboy! [root@web01~]#curl10.10.10.132 thisisweb02'swebsite
然后我们在客户端打开nginx.wanwan.com
按F5刷新:
[root@nginx01extra]#/etc/init.d/nginxstop StoppingNginx:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx01extra]#/etc/init.d/keepalivedstop 停止keepalived:
由上可知,后端网页仍旧正常。
10)注意事项
a、注意关闭负载均衡器以及web后端服务器的iptables以及selinux功能
b、两台负载均衡器上关于nginx配置是一致的,keepalived有不同的优先级
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。