Nginx反向代理+keepalived
环境两台LB(nginx)、两台web(nginx/apache都行)
安装httpd
web01
[root@web01 /]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ] [root@web01 /]# yum -y install httpd
[root@web01 /]# vim /etc/httpd/conf/httpd.conf
Servername 127.0.0.1
[root@web01 /]# echo "web01_192.168.119.130" > /var/www/html/index.html
[root@web01 /]# /etc/init.d/httpd start
Starting httpd: [ OK ]
[root@web01 /]# curl 192.168.119.130
web01_192.168.119.
web02
[root@web02 /]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@web02 /]# yum -y install httpd
[root@web02 /]# vim /etc/httpd/conf/httpd.conf
ServerName 127.0.0.1
[root@web02 /]# echo "web02_192.168.119.131" > /var/www/html/index.html
[root@web02 /]# /etc/init.d/httpd start
Starting httpd: [ OK ]
[root@web02 /]# curl 192.168.119.131
web02_192.168.119.
两台LB
lb01和lb02配置相同
环境准备
[root@lb01 /]# yum -y install pcre pcre-devel openssl openssl-devel gcc gcc-c++
下载软件
[root@lb01 /]# wget http://nginx.org/download/nginx-1.6.3.tar.gz
解压、配置、编译、安装
[root@lb01 conf]# useradd nginx -s /sbin/nologin -M
[root@lb01 /]# tar zxvf nginx-1.6..tar.gz
[root@lb01 /]# cd nginx-1.6.3 [root@lb01 nginx-1.6.3]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_modul
[root@lb01 nginx-1.6.]# make && make install
[root@lb01 nginx-1.6.]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
[root@lb01 nginx-1.6.3]# cd /usr/local/nginx/conf/
[root@lb01 conf]# ll nginx.conf nginx.conf.default
-rw-r--r--. 1 root root 2656 Sep 26 06:33 nginx.conf
-rw-r--r--. 1 root root 2656 Sep 26 06:33 nginx.conf.default
[root@lb01 conf]# egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@lb01 conf]# vim nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pools {
server 192.168.119.130:80 weight=5;
server 192.168.119.131:80 weight=5; }
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
proxy_pass http://web_pools;
include proxy.conf;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
} [root@lb01 conf]# cat proxy.conf
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4K;
proxy_buffers 3 32K;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
启动nginx
[root@lb01 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lb01 conf]# nginx
[root@lb01 conf]# netstat -anpt | grep nginx
tcp 0.0.0.0: 0.0.0.0:* LISTEN /nginx
[root@lb01 conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
:: localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.119.128 www.test.com
测试
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
[root@lb01 conf]# curl www.test.com
web01_192.168.119.
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
[root@lb01 conf]# curl www.test.com
web01_192.168.119.
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
lb02配置与lb01相同步骤略、直接测试
[root@lb02 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lb02 conf]# nginx [root@lb02 conf]# echo "192.168.119.129 www.test.com" >> /etc/hosts
[root@lb02 conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
:: localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.119.129 www.test.com [root@lb02 conf]# curl www.test.com
web01_192.168.119.
[root@lb02 conf]# curl www.test.com
web02_192.168.119.
[root@lb02 conf]# curl www.test.com
web01_192.168.119.
[root@lb02 conf]# curl www.test.com
web02_192.168.119.
[root@lb02 conf]# curl www.test.com
web01_192.168.119.
两台LB安装都已完成
在两台LB上安装keepalived
环境配置
LB01和LB02配置相同
[root@lb01 /]# yum -y install kernel-devel
做个软连接 用tab键补全2.6.32-642.6.2.el6.x86_64
[root@lb01 /]# ln -s /usr/src/kernels/2.6.-642.4..el6.x86_64/ /usr/src/linux
[root@lb01 /]# ll /usr/src/
total
drwxr-xr-x. root root Sep debug
drwxr-xr-x. root root Sep : kernels
lrwxrwxrwx. root root Sep : linux -> /usr/src/kernels/2.6.-642.4..el6.x86_64/
下载软件
[root@lb01 /]# wget http://www.keepalived.org/software/keepalived-1.2.16.tar.gz
---- ::-- http://www.keepalived.org/software/keepalived-1.2.16.tar.gz
Resolving www.keepalived.org... 37.59.63.157, :41d0::7a9d::
Connecting to www.keepalived.org|37.59.63.157|:... connected.
HTTP request sent, awaiting response... OK
Length: (339K) [application/x-gzip]
Saving to: “keepalived-1.2..tar.gz” %[=================================================>] , .96K/s in 2m 30s -- :: (2.27 KB/s) - “keepalived-1.2..tar.gz” saved [/] [root@lb01 /]# ll keepalived-1.2..tar.gz
-rw-r--r--. root root Mar keepalived-1.2..tar.gz
解压、配置、编译、安装
[root@lb01 /]# tar zxvf keepalived-1.2..tar.gz
[root@lb01 /]# cd keepalived-1.2.
[root@lb01 keepalived-1.2.]# ./configure
Keepalived configuration
------------------------
Keepalived version : 1.2.
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lssl -lcrypto -lcrypt
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
IPVS use libnl : No
fwmark socket support : Yes
Use VRRP Framework : Yes
Use VRRP VMAC : Yes
SNMP support : No
SHA1 support : No
Use Debug flags : No [root@lb01 keepalived-1.2.]# make && make install
配置规范启动
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ #生成启动脚本
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ #配置启动脚本的参数
[root@lb01 keepalived-1.2.]# mkdir /etc/keepalived #创建默认的keepalived配置文件路径
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ #把keepalived.conf模板拷贝到/etckeepalived下
[root@lb01 keepalived-1.2.]# cp /usr/local/sbin/keepalived /usr/sbin/
[root@lb01 keepalived-1.2.]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lb01 keepalived-1.2.]# ps -ef | grep keep
root : ? :: keepalived -D
root : ? :: keepalived -D
root : ? :: keepalived -D
root : pts/ :: grep keep
[root@lb01 keepalived-1.2.]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
修改配置文件
先备份一个配置文件
lb01配置文件
[root@lb01 keepalived-1.2.]# cd /etc/keepalived/
[root@lb01 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@lb01 keepalived]# vim keepalived.conf
! Configuration File for keepalived global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout
router_id LVS_01
} vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.119.150/
}
}
lb02配置文件
[root@lb02 keepalived-1.2.]# cd /etc/keepalived/
[root@lb02 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@lb02 keepalived]# vim keepalived.conf
! Configuration File for keepalived global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout
router_id LVS_02
} vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.119.150/
}
}
启动keepalived
[root@lb01 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lb02 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
在master(lb01)查看虚拟IP(192.168.119.150)
提示:使用ifconfig是查不到的;使用 ip add查询
[root@lb01 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
[root@lb01 keepalived]#
在backup(lb02)查看(没有虚拟IP)
[root@lb02 keepalived]# ip add | grep 192.168.119.150
把master的keepalived服务down、虚拟IP就会自动切换到backup
[root@lb01 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@lb01 keepalived]# ip add | grep 192.168.119.150
[root@lb01 keepalived]#
backup查询
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
[root@lb02 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
当master的keepalived服务启动时、虚拟IP会自动从backup切回到master
测试web是否正常
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
Nginx反向代理+keepalived的更多相关文章
- Nginx反向代理,负载均衡,redis session共享,keepalived高可用
相关知识自行搜索,直接上干货... 使用的资源: nginx主服务器一台,nginx备服务器一台,使用keepalived进行宕机切换. tomcat服务器两台,由nginx进行反向代理和负载均衡,此 ...
- nginx反向代理docker registry报”blob upload unknown"解决办法
问题症状:keepalived+nginx反向代理后端docker registry群集时,使用docker客户机向registry push镜像时出现 "blob upload unkno ...
- Linux系统——Nginx反向代理与负载均衡
集群集群是指一组(若干个)相互独立的计算机,利用高速通信网路组成的一个较大的计算机服务系统,每个集群节点(即集群中的每台计算机)都是运用各自服务的独立服务器.这些服务器之间可以彼此通信,协同向用户提供 ...
- LVS和nginx反向代理网站架构
LVS和nginx反向代理网站架构 nginx反向代理和lvs的dr都存在单点,要keepalived做高可用,但是成本高了 f
- Linux实战教学笔记30:Nginx反向代理与负载均衡应用实践
1.1 集群简介 简单地说,集群就是指一组(若干个)相互独立的计算机,利用高速通信网络组成的一个较大的计算机服务系统,每个集群节点(即集群中的每台计算机)都是运行各自服务的独立服务器.这些服务器之间可 ...
- nginx 反向代理实现负载均衡*理论
Nginx负载均衡集群介绍 负载均衡集群提供了一种廉价,有效,透明的方法,来扩展网络设备和服务器的负载,带宽和吞吐量,同时加强了网络数据处理能力,提高了网络的灵活性和可用性. 搭建负载均衡服务的需求: ...
- Nginx反向代理与负载均衡应用实践(一)
Nginx反向代理与负载均衡应用实践(一) 链接:https://pan.baidu.com/s/1xB20bnuanh0Avs4kwRpSXQ 提取码:migq 复制这段内容后打开百度网盘手机App ...
- 使用python自动生成docker nginx反向代理配置
由于在测试环境上用docker部署了多个应用,而且他们的端口有的相同,有的又不相同,数量也比较多,在使用jenkins发版本的时候,不好配置,于是想要写一个脚本,能在docker 容器创建.停止的时候 ...
- Nginx反向代理部署指南
一.反向代理 我们都知道,80端口是web服务的默认端口,其他主机访问web服务器也是默认和80端口进行web交互,而一台服务器也只有一个80端口,这是约定俗成的标准. 我们来看下面两个场景: 1.服 ...
随机推荐
- Linux档案与目录管理
Linux档案与目录管理1. 目录与路径1.1 相对路径与绝对路径1.2 目录的相关操作: cd, pwd, mkdir, rmdir cd [相对路径或绝对路径]cd ~ [用户]: 切换家目录cd ...
- 玩转Unity资源,对象和序列化(上)
这是一系列文章中的第二章,覆盖了Unity5的Assets,Resources和资源管理 本文将从Unity编辑器和运行时两个角度出发,主要探讨以下两方面内容:Unity序列化系统内部细节以及Unit ...
- vuejs的动态过滤
想要通过vuejs动态过滤(这里动态指得是过滤的条件是动态变化的), 一直没找到好办法, 最蠢的办法当然是两个两个数组,一个作为原始副本数组 一个作为视图数组,这样当过滤条件变化的时候 动态拷贝原始数 ...
- 分布式光伏系列:分布式光伏电站 运行与维护方案一览(zz)
原文:http://www.toutiao.com/a6353487210709516546/ 中小型光伏电站的特点是占地面积小.安装位置灵活且日常维护量少.由于光伏电站不同的运行环境,为了能够使光伏 ...
- js 判断各种数据类型
了解js的都知道, 有个typeof 用来判断各种数据类型,有两种写法:typeof xxx ,typeof(xxx) 如下实例: typeof 2 输出 number ...
- Java调用Linux命令
// int tp = 1 返回执行结果 非1 返回命令执行后的输出 public static String runCommand(String cmd, int tp) { StringBuff ...
- jQuery之XML的加载和解析
1.XML(eXtensible Markup Language)即可扩展标记语言,与HTML一样,都是SGML标准通用语言.语法如下: 任何起始标签都必须有一个结束标签. 可以采用另一种简化语法,即 ...
- 剑指offer 面试题65 滑动窗口的最大值
import java.awt.print.Printable; import java.beans.VetoableChangeListenerProxy; import java.lang.ref ...
- 文件操作之FileOpenPicker、FileSavePicker和FolderPicker
Win10的开发经常需要进行文件的操作,因此文件的选择对话框FileOpenPicker.文件保存对话框FileSavePicker以及文件夹选择对话框FolderPicker十分重要.这三者的操作也 ...
- 私有项目免费使用Git
GitHub,私有项目是要收费了,如果想建立私有项目可以选择GitLab. GitLab注册地址:https://gitlab.com/users/sign_in 本机需要安装git,图形化的工具使用 ...