nginx+keepalived双主高可用集群

原创

年華似水 2018-06-13 19:25:59 博主文章分类：web服务 ©著作权

©著作权归作者所有：来自51CTO博客作者年華似水的原创作品，请联系作者获取转载授权，否则将追究法律责任

#安装ntpdate工具 yum install ntpdate -y #使用ntpdate校时（后面的是ntp服务器） ntpdate pool.ntp.org 定时任务 crontab -e */5 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1 每五分钟同步一次时间

分别在下面两天上面部署nginx和keepalived 192.168.254.128 192.168.254.129

关闭防火墙（如果因为其他原因不关闭，也请不要禁止80端口）：systemctl stop firewalld.service 禁止防火墙自动启动：systemctl disable firewalld.service 查看系统版本 cat /etc/redhat-release CentOS Linux release 7.5.1804 (Core) 查看内核 uname -r 3.10.0-862.3.2.el7.x86_64 跟新系统及系统包更新yum：yum update -y

安装基础包 yum install -y gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel

安装nginx (下载路径自己选择) 下载nginx1.14.0稳定版本 wget http://nginx.org/download/nginx-1.14.0.tar.gz 解压：tar -zxvf nginx-1.14.0.tar.gz 进入解压好后的源码目录：cd nginx-1.14.0 使用默认配置：./configure 编译并安装nginx：make && make install 启动nginx：/usr/local/nginx/sbin/nginx 快速停止nginx：/usr/local/nginx/sbin/nginx -s stop 优雅停止nginx（会将正在处理中的请求处理完毕）：/usr/local/nginx/sbin/nginx -s quit 检测配置是否错误：/usr/local/nginx/sbin/nginx -t 重新加载配置：/usr/local/nginx/sbin/nginx -s reload

1、编写Nginx启动脚本，并加入系统服务 vim /etc/init.d/nginx 并在其中写入如下内容： #!/bin/bash #chkconfig: - 30 21 #description: http service. #Source Function Library . /etc/init.d/functions #Nginx Settings NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload(){ echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart(){ stop start } configtest(){ $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload| restart|configtest}" RETVAL=1 esac exit $RETVAL 并更改文件的执行权限：chmod 755 /etc/init.d/nginx 加入系统服务启动列表：chkconfig --add nginx 并使开机启动：chkconfig nginx on 开启服务： service nginx start

nginx 负载均衡简单配置 ##这里说一下代理的服务不能是自己本地的服务 upstream web_server { server 192.168.254.132; server 192.168.254.133; }

server { listen 80 default_server; #listen [::]:80 default_server ipv6only=on; server_name localhost; index index.html index.htm index.php; root /home/wwwroot/default;

    #error_page   404   /404.html;

    # Deny access to PHP files in specific directory
    #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

    include enable-php.conf;

    location / {
    proxy_pass http://web_server;
    }

安装keepalived yum -y install keepalived

192.168.254.128上面keepalived配置 vi /etc/keepalived/keepalived.conf ! Configuration file for keepalived global_defs { notification_email { admin@wf.com } notification_email_from admin@wf.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } #监控nginx vrrp_script chk_nginx { script "/etc/keepalived/monitor_nginx.sh" interval 2 weight 2 } vrrp_instance VI_1 { state MASTER #主从设置 MASTER interface ens32 #网卡名 virtual_router_id 100 mcast_src_ip 192.168.254.128 #本机ip priority 100 #从机小于主机 advert_int 1 authentication { auth_type PASS auth_pass chtopnet } virtual_ipaddress { 192.168.254.88 #VIP 的IP } track_script { chk_nginx #检测脚本 } }

vrrp_instance VI_2 { state BACKUP #主从设置 MASTER interface ens32 #网卡名 virtual_router_id 90 mcast_src_ip 192.168.254.128 #本机ip priority 90 #从机小于主机 advert_int 1 authentication { auth_type PASS auth_pass chtopnet } virtual_ipaddress { 192.168.254.89 #VIP 的IP } track_script { chk_nginx #检测脚本 } }

192.168.254.129上面keepalived配置 ! Configuration file for keepalived global_defs { notification_email { admin@wf.com } notification_email_from admin@wf.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } #监控NGINX vrrp_script chk_nginx { script "/etc/keepalived/monitor_nginx.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP #主从设置 MASTER interface ens32 #网卡名 virtual_router_id 100 mcast_src_ip 192.168.254.129 #本机ip priority 99 #从机小于主机 advert_int 1 authentication { auth_type PASS auth_pass chtopnet } virtual_ipaddress { 192.168.254.88 #VIP 的IP } track_script { chk_nginx #检测脚本 } }

vrrp_instance VI_2 { state MASTER #主从设置 MASTER interface ens32 #网卡名 virtual_router_id 90 mcast_src_ip 192.168.254.129 #本机ip priority 91 #从机小于主机 advert_int 1 authentication { auth_type PASS auth_pass chtopnet } virtual_ipaddress { 192.168.254.89 #VIP 的IP } track_script { chk_nginx #检测脚本 } }

监测脚本如下（相同一个脚本） vi /etc/keepalived/monitor_nginx.sh #!/bin/bash a=ps -C nginx --no-header | wc -l if [ $a -eq 0 ];then /usr/local/nginx/sbin/nginx if [ ps -C nginx --no-header| wc -l -eq 0 ];then systemctl stop keepalived fi fi

在两台nginx分别执行脚本，绑定虚拟IP，抑制ARP广播 vi ip-config #!/bin/bash #description: Config realserver VIP=192.168.254.88 #绑定你要设置的VIP /etc/rc.d/init.d/functions case "$1" in start) /sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP /sbin/route add -host $VIP dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1 echo "RealServer Start OK" ;; stop) /sbin/ifconfig lo:0 down /sbin/route del $VIP >/dev/null 2>&1 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped" ;; *) echo "Usage: $0 {start|stop}" exit 1 esac exit 0

执行绑定脚本(脚本随便放哪里都可以) ./ip-config start 之后就是测试环境了！