写在前面:如果此文有幸被某位朋友看见并发现有错的地方,希望批评指正。如有不明白的地方,愿可一起探讨。
案例拓扑图
安装keepalived和nginx
安装keepalived
#yum-yinstallkeepalived
创建nginx用户组及nginx用户
#groupadd-rnginx#useradd-gnginx-rnginx
编译安装nginx-1.4.7
#tarxfnginx-1.4.7.tar.gz#cdnginx-1.4.7#./configure\--prefix=/usr\--sbin-path=/usr/sbin/nginx\--conf-path=/etc/nginx/nginx.conf\--error-log-path=/var/log/nginx/error.log\--http-log-path=/var/log/nginx/access.log\--pid-path=/var/run/nginx/nginx.pid\--lock-path=/var/lock/nginx.lock\--user=nginx\--group=nginx\--with-http_ssl_module\--with-http_flv_module\--with-http_stub_status_module\--with-http_gzip_static_module\--http-client-body-temp-path=/usr/local/nginx/client/\--http-proxy-temp-path=/usr/local/nginx/proxy/\--http-fastcgi-temp-path=/usr/local/nginx/fcgi/\--http-uwsgi-temp-path=/usr/local/nginx/uwsgi\--http-scgi-temp-path=/usr/local/nginx/scgi\--with-pcre#make&&makeinstall
检查配置文件是否有语法错误
[root@localhostnginx-1.4.7]#nginx-tnginx:theconfigurationfile/etc/nginx/nginx.confsyntaxisoknginx:[emerg]mkdir()"/usr/local/nginx/client/"failed(2:Nosuchfileordirectory)nginx:configurationfile/etc/nginx/nginx.conftestfailed
修改错误
#mkdir/usr/local/nginx
再次检查配置文件是否有语法错误
[root@localhostnginx-1.4.7]#nginx-t
为nginx提供SysV init脚本
#vim/etc/rc.d/init.d/nginx
#!/bin/sh##nginx-thisscriptstartsandstopsthenginxdaemon##chkconfig:-8515#description:NginxisanHTTP(S)server,HTTP(S)reverse\#proxyandIMAP/POP3proxyserver#processname:nginx#config:/etc/nginx/nginx.conf#config:/etc/sysconfig/nginx#pidfile:/var/run/nginx.pid#Sourcefunctionlibrary../etc/rc.d/init.d/functions#Sourcenetworkingconfiguration../etc/sysconfig/network#Checkthatnetworkingisup.["$NETWORKING"="no"]&&exit0nginx="/usr/sbin/nginx"prog=$(basename$nginx)NGINX_CONF_FILE="/etc/nginx/nginx.conf"[-f/etc/sysconfig/nginx]&&./etc/sysconfig/nginxlockfile=/var/lock/subsys/nginxmake_dirs(){#makerequireddirectoriesuser=`nginx-V2>&1|grep"configurearguments:"|sed's/[^*]*--user=\([^]*\).*/\1/g'-`options=`$nginx-V2>&1|grep'configurearguments:'`foroptin$options;doif[`echo$opt|grep'.*-temp-path'`];thenvalue=`echo$opt|cut-d"="-f2`if[!-d"$value"];then#echo"creating"$valuemkdir-p$value&&chown-R$user$valuefifidone}start(){[-x$nginx]||exit5[-f$NGINX_CONF_FILE]||exit6make_dirsecho-n$"Starting$prog:"daemon$nginx-c$NGINX_CONF_FILEretval=$?echo[$retval-eq0]&&touch$lockfilereturn$retval}stop(){echo-n$"Stopping$prog:"killproc$prog-QUITretval=$?echo[$retval-eq0]&&rm-f$lockfilereturn$retval}restart(){configtest||return$?stopsleep1start}reload(){configtest||return$?echo-n$"Reloading$prog:"killproc$nginx-HUPRETVAL=$?echo}force_reload(){restart}configtest(){$nginx-t-c$NGINX_CONF_FILE}rh_status(){status$prog}rh_status_q(){rh_status>/dev/null2>&1}case"$1"instart)rh_status_q&&exit0$1;;stop)rh_status_q||exit0$1;;restart|configtest)$1;;reload)rh_status_q||exit7$1;;force-reload)force_reload;;status)rh_status;;condrestart|try-restart)rh_status_q||exit0;;*)echo$"Usage:$0{start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"exit2esac
赋予nginx脚本执行权限
#chmod+x/etc/rc.d/init.d/nginx
添加至服务管理列表,并让其开机自动启动
#chkconfig--addnginx#chkconfignginxon
提示:在两个keepalived+nginx主机上都需安装keepalkved和nginx服务
配置nginx为反向代理服务器
编辑nginx.conf配置文件
#cd/etc/nginx/#vimnginx.conf
在nginx.conf配置文件中的http段内添加如下内容
upstreamwebservers{server10.170.2.101;server10.170.2.102;}server{listen80;;location/{proxy_passhttp://webservers;proxy_set_headerX-Real-IP$remote_addr;}}
提示:在两台keepalived+nginx主机的nginx.conf的配置文件所添加的内容一样
配置keepalived
编辑keepalived.conf配置文件
#cd/etc/keepalived/#vimkeepalived.conf
IP地址为10.170.2.60的配置文件内容为:
!ConfigurationFileforkeepalivedglobal_defs{notification_email{acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_fromAlexandre.Cassen@firewall.locsmtp_server192.168.200.1smtp_connect_timeout30router_idLVS_DEVEL}vrrp_instanceVI_1{stateMASTERinterfaceeth0virtual_router_id15priority100advert_int1authentication{auth_typePASSauth_pass111111}virtual_ipaddress{10.170.2.100}notify_master"/etc/init.d/nginxstart"notify_backup"/etc/init.d/nginxstop"notify_fault"/etc/init.d/nginxstop"}
IP地址为10.170.2.61的配置文件内容为
!ConfigurationFileforkeepalivedglobal_defs{notification_email{acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_fromAlexandre.Cassen@firewall.locsmtp_server192.168.200.1smtp_connect_timeout30router_idLVS_DEVEL}vrrp_instanceVI_1{stateBACKUPinterfaceeth0virtual_router_id15priority99advert_int1authentication{auth_typePASSauth_pass111111}virtual_ipaddress{10.170.2.100}notify_master"/etc/init.d/nginxstart"notify_backup"/etc/init.d/nginxstop"notify_fault"/etc/init.d/nginxstop"}
配置web1和web2服务器
编辑web1测试页面
#vim/var/www/html/index.html内容为:<h1></h1>
启动httpd服务
#/etc/init.d/httpdstart
编辑web2测试页面
#vim/var/www/html/index.html内容为:<h1></h1>
启动httpd服务
#/etc/init.d/httpdstart
启动keepalived服务并进行测试
启动keepalived+nginx两台主机的keepalived服务
#/etc/init.d/keepalivedstart
在浏览器中键入10.170.2.100,刷新几下,可得到如下结果
关闭IP地址为10.170.2.60那台主机的keepalived服务
#/etc/init.d/keepalivedstop
再次在浏览器中键入10.170.2.100,刷新几下,查看结果如下
由以上结果可以,keepalived实现了nginx反向代理的高可用以及nginx实现了web的负载均衡效果。
