keepalived实现高可用nginx反向代理
Posted 罐头1992
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了keepalived实现高可用nginx反向代理相关的知识,希望对你有一定的参考价值。
一、环境配置:
IP:192.168.1.30 VIP:192.168.1.34 keepalive+nginx
IP:192.168.1.31 VIP:192.168.1.34 keepalive+nginx
IP:192.168.1.35 web1
IP:192.168.1.36 web2
二、两台负载均衡的机器都安装 keepalived+nginx
1、安装keepalived
# yum -y install keepalived
2、创建nginx用户组和nginx用户
# groupadd -r nginx
# useradd -g nginx -r nginx
3、编译安装nginx-1.4.7
# tar xf nginx-1.4.7.tar.gz # cd nginx-1.4.7 # ./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/client/ --http-proxy-temp-path=/usr/local/nginx/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/fcgi/ --http-uwsgi-temp-path=/usr/local/nginx/uwsgi --http-scgi-temp-path=/usr/local/nginx/scgi --with-pcre
出现./configure: error: C compiler cc is not found 解决办法:yum -y install gcc gcc-c++ autoconf automake make 出现./configure: error: the HTTP rewrite module requires the PCRE library. 解决办法: yum -y install pcre-devel 出现./configure: error: SSL modules require the OpenSSL library. 解决办法:yum -y install openssl openssl-devel
# make && make install
4、检查配置文件是否有语法错误
# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: [emerg] mkdir() "/usr/local/nginx/client/" failed (2: No such file or directory) nginx: configuration file /etc/nginx/nginx.conf test failed
5、修改错误,再次检测
# mkdir /usr/local/nginx # nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
6、为nginx提供SysV init脚本
# vim /etc/rc.d/init.d/nginx #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \\ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/etc/nginx/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`nginx -V 2>&1 | grep "configure arguments:" | sed \'s/[^*]*--user=\\([^ ]*\\).*/\\1/g\' -` options=`$nginx -V 2>&1 | grep \'configure arguments:\'` for opt in $options; do if [ `echo $opt | grep \'.*-temp-path\'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac
8、赋予nginx脚本执行权限,添加至服务管理列表,并让其开机自动启动
# chmod +x /etc/rc.d/init.d/nginx # chkconfig --add nginx # chkconfig nginx on
三、配置nginx为反向代理服务器
1、编辑nginx.conf配置文件
# cd /etc/nginx/ # vim nginx.conf #在nginx.conf配置文件中的http段内添加如下的内容 upstream webservers { server 192.168.1.35; server 192.168.1.36; } server { listen 80; server_name www.hhh.com; location / { proxy_pass http://webservers; proxy_set_header X-Real-IP $remote_addr; } }
注:两台负载的主机的nginx.conf添加的内容是一样的
四、配置keepalived
1、编辑keepalived.conf配置文件
# cd /etc/keepalived/
# vim keepalived.conf
#IP地址为192.168.1.30的配置文件内容为:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.34
}
}
notify_master "/etc/init.d/nginx start"
notify_backup "/etc/init.d/nginx stop"
notify_fault "/etc/init.d/nginx stop"
}
#IP地址为192.168.1.31的配置文件内容为: ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.34 } } notify_master "/etc/init.d/nginx start" notify_backup "/etc/init.d/nginx stop" notify_fault "/etc/init.d/nginx stop" }
2、配置web1和web2服务器
#yum install httpd -y
3、编辑web1测试页面,启动httpd服务
# vim /var/www/html/index.html 内容为:<h1>www1.hhh.com</h1>
# /etc/init.d/httpd start
4、编辑web2测试页面,启动httpd服务
# vim /var/www/html/index.html 内容为:<h1>www2.hhh.com</h1> # /etc/init.d/httpd start
五、启动keepalived服务并进行测试
1、启动两台主机的keepalived服务
# /etc/init.d/keepalived start
2、在浏览器中输入192.168.1.34刷新可以得到以下的结果
3、关闭192.168.1.30的keepalived服务
# /etc/init.d/keepalived stop
4、再次在浏览器输入192.168.1.34
5、由以上结果可以,keepalived实现了nginx反向代理的高可用和nginx实现了web的负载均衡效果
以上是关于keepalived实现高可用nginx反向代理的主要内容,如果未能解决你的问题,请参考以下文章
Keepalived实现单主模式的Nginx反向代理的高可用
使用ansible结合keepalived高可用,nginx反向代理部署小型企业环境
nginx反向代理tomacat+keepalived实现动静分离负载均衡高可用