**【教程主题】:****2.Nginx+keepalive**
**1 ****规划和准备**
|
两台相同配置的web
| MASTER
| --- ||
|
用途
|
IP
|
| --- | --- |
|
MASTER
|
192.168.1.100
|
|
BACKUP
|
192.1681.101
|
#### **2 ****安装**
两台接入服务器分别安装NginX和keepalived:
准备依赖包:
yum -y install gcc pcre-devel zlib-devel openssl-devel
yum -y install popt-devel
#### 下载
wget http://nginx.org/download/nginx-1.2.4.tar.gz
wget [http://www.keepalived.org/software/keepalived-1.2.7.tar.gz](http://www.keepalived.org/software/keepalived-1.2.7.tar.gz)
#### 安装NginX
####
#### 安装keepalive
tar zxvf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure
make
make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
加入启动服务
echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.local
echo "/etc/init.d/keepalived start" >> /etc/rc.local
**3****配置**
**3.1 ****配置NginX**
两台接入服务器的NginX的配置完全一样,主要是配置/usr/local/nginx/conf/nginx.conf的http。其中多域名指向是通过虚拟主机(配置http下面的server)实现;同一域名的不同虚拟目录通过每个server下面的不同location实现;到后端的服务器在http下面配置upstream,然后在server或location中通过proxypass引用。要实现前面规划的接入方式,http的配置如下:
http {
include mime.types;
default\_type application/octet-stream;
sendfile on;
upstream dev.hysec.com {
server 50.1.1.21:80;
}
upstream opslinux.com {
ip\_hash;
server 192.168.1.102:80
server 192.168.1.103:80
server 192.168.1.104:80
}
server {
listen 80;
server\_name opslinux.com;
location / {
proxy\_pass http://opslinux.com;
}
}
验证方法:
首先用IP访问前表中各个应用服务器的url
再用域名和路径访问前表中各个应用系统的域名/虚拟路径
**3.2 ****配置keepalived**
按照上面的安装方法,keepalived的配置文件在/etc/keepalived/keepalived.conf。主、从服务器的配置相关联但有所不同。如下:
Master:
! Configuration File for keepalived
global\_defs {
router\_id NGINX\_DEVEL
}
vrrp\_instance VI\_1 {
state MASTER
interface eth0
virtual\_router\_id 51
priority 101
advert\_int 1
authentication {
auth\_type PASS
auth\_pass 1111
}
virtual\_ipaddress {
192.168.1.100
}
}
Backup:
! Configuration File for keepalived
global\_defs {
router\_id NGINX\_DEVEL
}
vrrp\_instance VI\_1 {
state BACKUP
interface eth0
virtual\_router\_id 51
priority 99
advert\_int 1
authentication {
auth\_type PASS
auth\_pass 1111
}
virtual\_ipaddress {
192.168.1.100
}
}
验证:
先后在主、从服务器上启动keepalived: /etc/init.d/keepalived start
在主服务器上查看是否已经绑定了虚拟IP: ip addr
停止主服务器上的keepalived: /etc/init.d/keepalived stop 然后在从服务器上查看是否已经绑定了虚拟IP:
启动主服务器上的keepalived,看看主服务器能否重新接管虚拟IP
**3.3 ****让keepalived****监控NginX****的状态**
经过前面的配置,如果主服务器的keepalived停止服务,从服务器会自动接管VIP对外服务;一旦主服务器的keepalived恢复,会重新接管VIP。 但这并不是我们需要的,我们需要的是当NginX停止服务的时候能够自动切换。
keepalived支持配置监控脚本,我们可以通过脚本监控NginX的状态,如果状态不正常则进行一系列的操作,最终仍不能恢复NginX则杀掉keepalived,使得从服务器能够接管服务。
**如何监控NginX****的状态**
最简单的做法是监控NginX进程,更靠谱的做法是检查NginX端口,最靠谱的做法是检查多个url能否获取到页面。
**如何尝试恢复服务**
如果发现NginX不正常,重启之。等待3秒再次校验,仍然失败则不再尝试。
根据上述策略很容易写出监控脚本。这里使用nmap检查nginx端口来判断nginx的状态,记得要首先安装nmap。监控脚本如下:
```
yum -y install nmap
```
#!/bin/bash
\# check nginx server status
NGINX=/usr/local/nginx/sbin/nginx
PORT=8080
nmap localhost -p $PORT | grep "$PORT/tcp open"
#echo $?
if \[ $? -ne 0 \];then
$NGINX -s stop
$NGINX
sleep 3
nmap localhost -p $PORT | grep "$PORT/tcp open"
\[ $? -ne 0 \] && /etc/init.d/keepalived stop
fi
不要忘了设置脚本的执行权限,否则不起作用。
假设上述脚本放在/opt/chk\_nginx.sh,则keepalived.conf中增加如下配置:
主keepalived
vrrp\_script chk\_http\_port {
script "/opt/chk\_nginx.sh"
interval 1
weight -2
}
track\_script {
chk\_http\_port
}
例子:
! Configuration File for keepalived
global\_defs {
router\_id NGINX\_UPSTEAM
}
vrrp\_script chk\_http\_port {
script "/opt/chk\_nginx.sh"
interval 1
weight -2
}
vrrp\_instance VI\_1 {
state MASTER
interface eth0
virtual\_router\_id 51
priority 100
advert\_int 1
authentication {
auth\_type PASS
auth\_pass 1111
}
virtual\_ipaddress {
192.168.1.100
}
track\_script {
chk\_http\_port
}
}
更进一步,为了避免启动keepalived之前没有启动nginx , 可以在/etc/init.d/keepalived的start中首先启动nginx:
start() {
/usr/local/nginx/sbin/nginx
sleep 3
echo -n $"Starting $prog: "
daemon keepalived ${KEEPALIVED\_OPTIONS}
RETVAL=$?
echo
\[ $RETVAL -eq 0 \] && touch /var/lock/subsys/$prog
}
``
#!/bin/bash
NGINX=/usr/local/nginx/sbin/nginx
PORT=80
nmap localhost -p $PORT | grep "$PORT/tcp open"
if [ $? -ne 0 ]; then
$NGINX -s stop
$NGINX
sleep 3
nmap localhost -p $PORT | grep "$PORT/tcp open"
[ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
`
```
```
global_defs {
router_id NGINX_DEVEL
}
vrrp_script check_nginx_sh {
script "/etc/keepalived/check_nginx.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.227.100
}
track_script {
check_nginx_sh
}
}
```
- 面试
- php
- laravel
- 安装
- 创建数据
- 创建控制器
- 错误
- 权限认证
- 图形验证码
- 管理员
- 无限分类
- 视频播放
- 推流
- pc页面
- thinkphp5
- 表单提交安全验证
- crontab
- 获取下级所有数据
- 过滤敏感词
- 二维码
- 邀请码
- jwt token
- 笛卡尔
- 高并发解决优化
- 设置多语言
- 计算经纬度两点距离
- 分片上传
- centos swoole
- 查看swoole版本
- centos 安装 redis
- 把整数随机分成n份或者红包
- 生成随机字符串
- 获取上级
- 宝塔搭建nginx推拉流
- 生成二维码海报
- 二维数组去重
- 经纬度 ---边距 和判断是不是范围内
- workerman
- 扩展
- redis
- mysql
- mysql 主从复制
- 定位问题语句
- 列的选择规则
- Enum介绍
- 索引介绍
- 延迟关联
- in 查询陷阱
- limit 优化
- 事务
- 读写分离
- mysql 权限错误
- mysql计算距离
- mysql数据导出导入
- 索引失效
- mysql 语句技巧
- linux
- 配置nginx 高可用
- Nginx内核参数优化
- 配置优化
- nginx-keepalived实现高可用负载
- lvs+keepalived
- centos5关闭防火墙
- nginx操作
- linux操作
- mysql 安装
- php
- 安装phpadmin
- php7安装mongodb
- 查看php位置
- 查找开启的进程端口
- 守护进程
- centos安装php7.2
- centos 错误解决
- 安装php7错误
- mysql 错误
- 支付宝支付
- html
- js 倒计时
- go vscode 配置
- go util
- 获取两个数之间随机数
- java
- lambda
- 随机抽取
- lombok
- springboot
- 常见注解
- 接受参数常用注解
- 文件上传
- 上传错误日志拦截
- 拦截器
- 定时任务
- mybatis
- 关联查询
- 全局配置
- 缓存
- git
- 微信相关
- 体现到零钱
- 服务商转账
- 公众号小程序相关
- 小程序二维码
- svn
- layui