1)拓扑描述:
2) nginx的安装准备
pcre:兼容的正则表达式,nginx也要支持伪静态
#yum-yinstallpcrepcre-devel #yum-yinstallopenssl* #mkdir-p/application/nginx1.6.2 #ln-s/application/nginx1.6.2/application/nginx
3) 安装nginx
#cd/usr/local/src #tarxfnginx-1.6.2.tar.gz #cdnginx-1.6.2 #useraddnginx-s/sbin/nologin-M #./configure--user=nginx--group=nginx--prefix=/application/nginx1.6.2--with-http_stub_status_module--with-http_ssl_module #echo$? 0 #make&&makeinstall
4) 启动nginx
检查语法: #/application/nginx1.6.2/sbin/nginx-t nginx:theconfigurationfile/application/nginx1.6.2/conf/nginx.confsyntaxisok nginx:configurationfile/application/nginx1.6.2/conf/nginx.conftestissuccessful 启动nginx: #/application/nginx/sbin/nginx 查看端口号: #lsof-i:80 COMMANDPIDUSERFDTYPEDEVICESIZE/OFFNODENAME nginx14603root6uIPv4293970t0TCP*:http(LISTEN) nginx14604nginx6uIPv4293970t0TCP*:http(LISTEN) #netstat-tunlp|grepnginx tcp000.0.0.0:800.0.0.0:*LISTEN14603/nginx 测试网页页面: #curl-Ilocalhost HTTP/1.1200OK Server:nginx/1.6.2 Date:Tue,20Sep201602:17:20GMT Content-Type:text/html Content-Length:612 Last-Modified:Tue,20Sep201602:11:05GMT Connection:keep-alive ETag:"57e09ab9-264" Accept-Ranges:bytes
5)配置nginx启动脚本
#vim/etc/init.d/nginx #!/bin/sh #chkconfig:23458515 #description:NginxServer #nginx的安装目录 NGINX_HOME=/application/nginx #nginx的命令 NGINX_SBIN=$NGINX_HOME/sbin/nginx #nginx的配置文件 NGINX_CONF=$NGINX_HOME/conf/nginx.conf #nginx的pid NGINX_PID=$NGINX_HOME/logs/nginx.pid NGINX_NAME="Nginx" ./etc/rc.d/init.d/functions if[!-f$NGINX_SBIN] then echo"$NGINX_NAMEstartup:$NGINX_SBINnotexists!" exit fi start(){ $NGINX_SBIN-c$NGINX_CONF ret=$? if[$ret-eq0];then action$"Starting$NGINX_NAME:"/bin/true else action$"Starting$NGINX_NAME:"/bin/false fi } stop(){ kill`cat$NGINX_PID` ret=$? if[$ret-eq0];then action$"Stopping$NGINX_NAME:"/bin/true else action$"Stopping$NGINX_NAME:"/bin/false fi } restart(){ stop start } check(){ $NGINX_SBIN-c$NGINX_CONF-t } reload(){ kill-HUP`cat$NGINX_PID`&&echo"reloadsuccess!" } relog(){ kill-USR1`cat$NGINX_PID`&&echo"relogsuccess!" } case"$1"in start) start ;; stop) stop ;; restart) restart ;; check|chk) check ;; status) status-p$NGINX_PID ;; reload) reload ;; relog) relog ;; *) echo$"Usage:$0{start|stop|restart|reload|status|check|relog}" exit1 esac #chmod+x/etc/init.d/nginx #/etc/init.d/nginxstart #chkconfig--addnginx #chkconfignginxon
6) 配置nginx的upstream功能(两台负载均衡器上做相同的配置)
#egrep-v'#'/application/nginx/conf/nginx.conf|grep-v'^$' worker_processes1; events{ worker_connections1024; } http{ includemime.types; default_typeapplication/octet-stream; includeextra/upstream01.conf; sendfileon; keepalive_timeout65; server{ listen80; server_namelocalhost; location/{ roothtml; indexindex.htmlindex.htm; } error_page500502503504/50x.html; location=/50x.html{ roothtml; } } } 说明:注意includeextra/upstream01.conf这个文件,是引用此文件(两台负载均衡器上做系统的nginx配置) #mkdir-p/application/nginx/conf/extra/ #vim/application/nginx/conf/extra/upstream01.conf upstreamnginx.wanwan.com{ server10.10.10.128:80weight=5; server10.10.10.132:80weight=5; } server{ listen80; server_namenginx.wanwan.com; location/{ proxy_passhttp://nginx.wanwan.com; } } #/etc/init.d/nginxrestart StoppingNginx:[确定] StartingNginx:[确定]
7)keepalived的安装
#cd/usr/local/src #wgethttp://www.keepalived.org/software/keepalived-1.1.19.tar.gz #ln-s/usr/src/kernels/2.6.32-573.el6.x86_64//usr/src/linux #ls-l/usr/src 总用量244 drwxr-xr-x.2rootroot40969月232011debug -rw-r--r--1rootroot2414371月282014keepalived-1.1.19.tar.gz drwxr-xr-x.3rootroot40967月523:49kernels lrwxrwxrwx1rootroot398月3108:49linux->/usr/src/kernels/2.6.32-573.el6.x86_64/ #tarxfkeepalived-1.1.19.tar.gz #cdkeepalived-1.1.19 #./configure #make&&makeinstall #cp/usr/local/etc/rc.d/init.d/keepalived/etc/init.d/ #cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/ #mkdir-p/etc/keepalived #cp/usr/local/etc/keepalived/keepalived.conf/etc/keepalived/ #cp/usr/local/sbin/keepalived/usr/sbin/ #/etc/init.d/keepalivedstart 正在启动keepalived:[确定] #ps-ef|grepkeepalived root187501022:55?00:00:00keepalived-D root1875218750022:55?00:00:00keepalived-D root1875318750022:55?00:00:00keepalived-D root1875518664022:55pts/000:00:00grepkeepalived keepalived-master的配置文件/etc/keepalived/keepalived.conf [root@nginx01extra]#cat/etc/keepalived/keepalived.conf !ConfigurationFileforkeepalived global_defs{ notification_email{ 314324506@qq.com } notification_email_fromAlexandre.Cassen@firewall.loc smtp_serversmtp.qq.com smtp_connect_timeout30 router_idnginx_7 } vrrp_instanceVI_231{ stateMASTER interfaceeth0 virtual_router_id231 priority150 advert_int1 authentication{ auth_typePASS auth_pass1111 } virtual_ipaddress{ 10.10.10.231/24 } } } keepalived-slave的配置文件/etc/keepalived/keepalived.conf [root@nginx02~]#cat/etc/keepalived/keepalived.conf !ConfigurationFileforkeepalived global_defs{ notification_email{ 314324506@qq.com } notification_email_fromAlexandre.Cassen@firewall.loc smtp_serversmtp.qq.com smtp_connect_timeout30 router_idnginx_7 } vrrp_instanceVI_231{ stateBACKUP interfaceeth0 virtual_router_id231 priority100 advert_int1 authentication{ auth_typePASS auth_pass1111 } virtual_ipaddress{ 10.10.10.231/24 } } }
8) 测试keepalived的功能(VIP为10.10.10.231)
[root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,UP,LOWER_UP>mtu65536qdiscnoqueuestateUNKNOWN link/loopback00:00:00:00:00:00brd00:00:00:00:00:00 inet127.0.0.1/8scopehostlo inet6::1/128scopehost valid_lftforeverpreferred_lftforever 2:eth0:<BROADCAST,MULTICAST,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx02~]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 关闭主负载均衡上的keepalived功能 [root@nginx01extra]#/etc/init.d/keepalivedstop 停止keepalived:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx02~]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 由上,我们可以知道vip很快就进行了切换,那么我们恢复主负载均衡器上的keepalived功能: [root@nginx01extra]#/etc/init.d/keepalivedstart 正在启动keepalived:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:71:33:ebbrdff:ff:ff:ff:ff:ff inet10.10.10.135/24brd10.10.10.255scopeglobaleth0 inet6fe80::20c:29ff:fe71:33eb/64scopelink valid_lftforeverpreferred_lftforever 由上,我们发现当主负载均衡器恢复后,vip很快就切换过来了(因为主负载均衡器上的优先级更高)
9)测试nginx的反向代理功能
[root@web01~]#curl10.10.10.128 mysqlsuccessfulbyoldboy! [root@web01~]#curl10.10.10.132 thisisweb02'swebsite
然后我们在客户端打开nginx.wanwan.com
按F5刷新:
[root@nginx01extra]#/etc/init.d/nginxstop StoppingNginx:[确定] [root@nginx01extra]#ipaddlist 1:lo:<LOOPBACK,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000 link/ether00:0c:29:d7:3e:f8brdff:ff:ff:ff:ff:ff inet10.10.10.131/24brd10.10.10.255scopeglobaleth0 inet10.10.10.231/24scopeglobalsecondaryeth0 inet6fe80::20c:29ff:fed7:3ef8/64scopelink valid_lftforeverpreferred_lftforever [root@nginx01extra]#/etc/init.d/keepalivedstop 停止keepalived:
由上可知,后端网页仍旧正常。
10)注意事项
a、注意关闭负载均衡器以及web后端服务器的iptables以及selinux功能
b、两台负载均衡器上关于nginx配置是一致的,keepalived有不同的优先级
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。