首页 > 代码库 > 实战安装 nginx+keepalvied 实现负载均衡和高可用
实战安装 nginx+keepalvied 实现负载均衡和高可用
1. 两台机器都需要安装nginx和keepalivd
环境配置
[root@nginxproxy1 ~]# cat /etc/redhat-release
CentOS release 6.8 (Final)
[root@nginxproxy1 ~]# uname -r
2.6.32-642.6.1.el6.x86_64
软件
nginx-1.6.2.tar.gz keepalived-1.1.19.tar.gz
信息列表
服务器名称 | IP |
nginxproxy1 做主(master) | 10.89.3.102 |
nginxproxy2 做备(backup) | 10.89.3.103 |
lamp 做web1(real_server1) | 10.89.3.101 |
lnmp 做web2(real_server2) | 10.89.3.100 |
NfsServer 验证服务器 | 10.89.3.99 |
#vip 设置在keepalived的配置文件里 10.89.3.168
1.1安装nginx
安装pcre
yum install pcre pcre-devel -y
#安装openssl
yum install openssl openssl-devel -y
#新建nginx用户
useradd nginx -s /sbin/nologin -M
#安装
tar -zxvf nginx-1.6.2.tar.gz
cd nginx-1.6.2
./configure \
--user=nginx \
--group=nginx \
--prefix=/application/nginx1.6.2 \
--with-http_stub_status_module \
--with-http_ssl_module
make && make install
#创建软连接
cd ../
ln -s /application/nginx1.6.2/ /application/nginx
#检查语法
/application/nginx/sbin/nginx -t
nginx: the configuration file /application/nginx1.6.2/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx1.6.2/conf/nginx.conf test is successful
# 启动nginx
[root@nginxproxy1 tools]# /application/nginx/sbin/nginx
#查看端口,看是否启动了
[root@nginxproxy1 tools]# netstat -lntup |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 8718/nginx
[root@nginxproxy1 tools]# lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 8718 root 6u IPv4 18680 0t0 TCP *:http (LISTEN)
nginx 8719 nginx 6u IPv4 18680 0t0 TCP *:http (LISTEN)
1.2 安装keepalived
cd /home/alvin/tools/
ln -s /usr/src/kernels/2.6.32-642.6.1.el6.x86_64 /usr/src/linux
yum install openssl openssl-devel -y
#上传keepalived-1.1.19.tar.gz
tar xf keepalived-1.1.19.tar.gz
cd keepalived-1.1.19
./configure
-----------------------
有3个Yes就表示configure OK
config.status: creating keepalived/check/Makefile
config.status: creating keepalived/libipvs-2.6/Makefile
Keepalived configuration
------------------------
Keepalived version : 1.1.19
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No
[root@nginxproxy1 keepalived-1.1.19]#
-----------------------
make
make install
#配置规范启动
/bin/cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
/bin/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived -p
/bin/cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
/bin/cp /usr/local/sbin/keepalived /usr/sbin/
/etc/init.d/keepalived start
ps -ef|grep keep
root 3483 1365 0 14:56 pts/0 00:00:00 grep keep
--------------------------------
#有3个keepalived -D表示成功
[root@nginxproxy1 keepalived-1.1.19]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@nginxproxy1 keepalived-1.1.19]# ps -ef|grep keep
root 6342 1 0 17:42 ? 00:00:00 keepalived -D
root 6344 6342 0 17:42 ? 00:00:00 keepalived -D
root 6345 6342 0 17:42 ? 00:00:00 keepalived -D
root 6347 3490 0 17:42 pts/0 00:00:00 grep keep
--------------------------------------------------------------
如果报:configure:error:Popt librarics is required 则:
yum install popt* -y
-------------------------------------------
#打开内核转发
vi /etc/sysctl.conf
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
sysctl -p
---------------------------------
1.3 nginxproxy1 keepalived 配置文件设置
cd /etc/keepalived/
cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
114653379@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 10.0.0.1
smtp_connect_timeout 30
router_id keepalvied_1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.89.3.168/24
}
}
virtual_server 10.89.3.168 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 300
protocol TCP
#ipvsadm -A -t 10.89.3.168 -s wrr -p 20
real_server 10.89.3.100 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.89.3.101 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#另外一台nginxproxy2,keepalived 配置文件设置
[root@nginxproxy2 ~]# cd /etc/keepalived/
[root@nginxproxy2 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
114653379@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 10.0.0.1
smtp_connect_timeout 30
router_id keepalvied_2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.89.3.168/24
}
}
virtual_server 10.89.3.168 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 300
protocol TCP
#ipvsadm -A -t 10.89.3.168 -s wrr -p 20
real_server 10.89.3.100 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.89.3.101 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
2.测试keepalived vip 是否漂移
#nginxproxy1
[root@nginxproxy1 keepalived]# ip add |grep 10.89.3
inet 10.89.3.102/24 brd 10.89.3.255 scope global eth0
inet 10.89.3.168/24 scope global secondary eth0
#nginxproxy2
[root@nginxproxy2 keepalived]# ip add |grep 10.89.3
inet 10.89.3.103/24 brd 10.89.3.255 scope global eth0
#nginxproxy1 上停止keepalived
[root@nginxproxy1 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@nginxproxy1 keepalived]# ip add |grep 10.89.3
inet 10.89.3.102/24 brd 10.89.3.255 scope global eth0
#查看vip是否漂移了
[root@nginxproxy2 keepalived]# ip add |grep 10.89.3
inet 10.89.3.103/24 brd 10.89.3.255 scope global eth0
inet 10.89.3.168/24 scope global secondary eth0
#结论:keepalived配置采购,可以实现高可用。
3.配置2台 nginxproxy,实现负责均衡。
cd /application/nginx/conf
mkdir extra
[root@nginxproxy1 extra]# vi upstream01.conf
upstream www_real_servers {
server 10.89.3.100:80 weight=5;
server 10.89.3.101:80 weight=5;
}
server {
listen 80;
server_name www.kjcat.org;
location / {
proxy_pass http://www_real_servers;
}
}
#在nginxproxy1配置文件中包含extra
vi nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/upstream01.conf;
}
~
--------------------------------------
[root@nginxproxy2 extra]# vi upstream02.conf
upstream www_real_servers {
server 10.89.3.100:80 weight=5;
server 10.89.3.101:80 weight=5;
}
server {
listen 80;
server_name www.kjcat.org;
location / {
proxy_pass http://www_real_servers;
}
}
#在nginxproxy2配置文件中包含extra
vi nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/upstream02.conf;
}
#两台机器重新启动nginx
/application/nginx/sbin/nginx -s reload
4.验证测试
#在另外一台服务器上配置解析
[root@NfsServer ~]# vi /etc/hosts
#增加
10.89.3.168 www.kjcat.org
[root@NfsServer ~]# curl 10.89.3.168
this is nginx Proxy for LAMP........
[root@NfsServer ~]# curl 10.89.3.168
This is nginx proxy for LNMP.
[root@NfsServer ~]# curl 10.89.3.168
this is nginx Proxy for LAMP........
[root@NfsServer ~]# curl 10.89.3.168
This is nginx proxy for LNMP.
[root@NfsServer ~]# curl www.kjcat.org
this is nginx Proxy for LAMP........
[root@NfsServer ~]# curl www.kjcat.org
This is nginx proxy for LNMP.
[root@NfsServer ~]# curl www.kjcat.org
this is nginx Proxy for LAMP........
[root@NfsServer ~]# curl www.kjcat.org
This is nginx proxy for LNMP.
#在浏览器中输入IP也可以实现(如果有DNS就可以实现域名 www.kjcat.com访问)
http://10.89.3.168
This is nginx proxy for LNMP.
#刷新后
this is nginx Proxy for LAMP........
本文出自 “知识改变命运” 博客,请务必保留此出处http://ahtornado.blog.51cto.com/4826737/1873888
实战安装 nginx+keepalvied 实现负载均衡和高可用