标签:keepalived 高可用 nginx
说明:准备两台虚拟机:202.207.178.6和202.207.178.7
前提:
由于是高可用服务,首先配置高可用服务实现的一些基本条件
1)节点名称必须跟uname -n命令的执行结果一致
node1:
# hostname node1
# vim /etc/sysconfig/network
HOSTNAME=node1
node2:
# hostname node2
# vim /etc/sysconfig/network
HOSTNAME=node2
2)节点之间必须通过ssh互信通信
[root@node1 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ‘‘
[root@node1 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@202.207.178.7
[root@node2 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ‘‘
[root@node2 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@202.207.178.6
3)集群各节点之间时间必须同步
使用ntp服务器同步时间
ntpdate ip(配置了ntp服务的主机地址)
4)配置本地解析:
[root@node1 ~]# vim /etc/hosts
202.207.178.6 node1
202.207.178.7 node2
[root@node1 ~]# scp /etc/hosts node2:/etc/
一、安装配置Nginx
node1:
1、首先添加用户nginx,实现以之运行nginx服务进程
# groupadd -r -g 108 nginx
# useradd -r -g 108 -u 108 nginx
2、将下载好的软件包解压并安装(我这里是nginx-1.4.7.tar.gz)
# tar xf nginx-1.4.7.tar.gz
# cd nginx-1.4.7
接着开始编译和安装:
# ./configure \
--prefix=/usr \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--http-scgi-temp-path=/var/tmp/nginx/scgi \
--with-pcre \
--with-file-aio
# make && make install
报错时可能要求安装如下包,按需安装即可!
# yum -y install pcre-devel
# yum -y install gcc
# yum -y install openssl-devel
3、为nginx提供SysV init脚本:
新建文件/etc/rc.d/init.d/nginx,内容如下:
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed ‘s/[^*]*--user=\([^ ]*\).*/\1/g‘ -`
options=`$nginx -V 2>&1 | grep ‘configure arguments:‘`
for opt in $options; do
if [ `echo $opt | grep ‘.*-temp-path‘` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
4、而后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
5、添加至服务管理列表,并让其开机自动启动:
# chkconfig --add nginx
# chkconfig nginx on
6、提供访问测试页面
# vim /usr/html/index.html
改为如下内容:
<h1>node1 202.207.178.6</h1>
7、而后就可以启动服务并测试了:
# service nginx start
node2:
配置与node1基本相同,为了显示效果,只要把访问页面改为如下内容即可:
<h1>node2 202.207.178.7</h1>
二、安装配置keepalived
node1:
1、安装keepalived
# tar xf keepalived-1.2.1.tar.gz
# cd keepalived-1.2.1
# ./configure --with-kernel-dir=/usr/src/kernels/2.6.32-642.11.1.el6.i686/
# make && make install
注意:
可能需要安装此包:
# yum install popt-devel
发现/usr/src/kernels/为空,需要安装内核源码
# yum install kernel-devel
2、配置keepalived
1)设置一个变量
# DIR=/usr/local/
2)执行如下语句,将keepalived的配置文件放置在/etc下相关目录中
# cp $DIR/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
# cp $DIR/etc/sysconfig/keepalived /etc/sysconfig/ && mkdir -p /etc/keepalived
# cp $DIR/sbin/keepalived /usr/sbin/
3)为keepalived提供配置文件
# cd /etc/keepalived/
# vim keepalived.conf(添加以下内容)
global_defs {
notification_email {
2663154088@qq.com
}
notification_email_from 2663154088@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
# VIP1
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 151
#定义优先级
priority 100
advert_int 5
#非抢占,定义此选项,可以使主节点从宕机恢复到正常 后,不会抢占从节点上的资源,增加服务在线时间!
nopreempt
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
202.207.178.4
}
}
virtual_server 202.207.178.4 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 60
protocol TCP
real_server 202.207.178.6 80 {
weight 100
notify_down /data/sh/nginx.sh
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
4)启动服务
# /etc/init.d/keepalived restart
# ps -ef | grep keepalived
此时发现服务已经启动!
# tail -fn 100 /var/log/messages
此时发现一直滚屏,是缺少一个模块,下面加载此模块
# modprobe ip_vs
# /etc/init.d/keepalived restart
# tail -fn 100 /var/log/messages
此时一切正常
node2:
配置同主节点,只是在配置文件中修改以下几项即可:
priority 90
real_server 202.207.178.7 80
三、配置相关操作,并测试
1、在主从节点上分别添加如下文件并授予执行权限,实现在主nginx宕机时停止keepalived,实
现主从角色实现切换
# vim /data/sh/nginx.sh
/etc/init.d/keepalived stop
# chmod +x /data/sh/nginx.sh
2、在主节点停止nginx服务,进行访问测试
此时访问http://202.207.178.4/ 可以访问到从节点上的nginx服务!
欢迎批评指正!
本文出自 “10917734” 博客,请务必保留此出处http://10927734.blog.51cto.com/10917734/1878011
标签:keepalived 高可用 nginx
原文地址:http://10927734.blog.51cto.com/10917734/1878011