Nginx反向代理+keepalived
环境两台LB(nginx)、两台web(nginx/apache都行)
安装httpd
web01
[root@web01 /]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ] [root@web01 /]# yum -y install httpd
[root@web01 /]# vim /etc/httpd/conf/httpd.conf
Servername 127.0.0.1
[root@web01 /]# echo "web01_192.168.119.130" > /var/www/html/index.html
[root@web01 /]# /etc/init.d/httpd start
Starting httpd: [ OK ]
[root@web01 /]# curl 192.168.119.130
web01_192.168.119.
web02
[root@web02 /]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@web02 /]# yum -y install httpd
[root@web02 /]# vim /etc/httpd/conf/httpd.conf
ServerName 127.0.0.1
[root@web02 /]# echo "web02_192.168.119.131" > /var/www/html/index.html
[root@web02 /]# /etc/init.d/httpd start
Starting httpd: [ OK ]
[root@web02 /]# curl 192.168.119.131
web02_192.168.119.
两台LB
lb01和lb02配置相同
环境准备
[root@lb01 /]# yum -y install pcre pcre-devel openssl openssl-devel gcc gcc-c++
下载软件
[root@lb01 /]# wget http://nginx.org/download/nginx-1.6.3.tar.gz
解压、配置、编译、安装
[root@lb01 conf]# useradd nginx -s /sbin/nologin -M
[root@lb01 /]# tar zxvf nginx-1.6..tar.gz
[root@lb01 /]# cd nginx-1.6.3 [root@lb01 nginx-1.6.3]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_modul
[root@lb01 nginx-1.6.]# make && make install
[root@lb01 nginx-1.6.]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
[root@lb01 nginx-1.6.3]# cd /usr/local/nginx/conf/
[root@lb01 conf]# ll nginx.conf nginx.conf.default
-rw-r--r--. 1 root root 2656 Sep 26 06:33 nginx.conf
-rw-r--r--. 1 root root 2656 Sep 26 06:33 nginx.conf.default
[root@lb01 conf]# egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@lb01 conf]# vim nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pools {
server 192.168.119.130:80 weight=5;
server 192.168.119.131:80 weight=5; }
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
proxy_pass http://web_pools;
include proxy.conf;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
} [root@lb01 conf]# cat proxy.conf
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4K;
proxy_buffers 3 32K;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
启动nginx
[root@lb01 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lb01 conf]# nginx
[root@lb01 conf]# netstat -anpt | grep nginx
tcp 0.0.0.0: 0.0.0.0:* LISTEN /nginx
[root@lb01 conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
:: localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.119.128 www.test.com
测试
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
[root@lb01 conf]# curl www.test.com
web01_192.168.119.
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
[root@lb01 conf]# curl www.test.com
web01_192.168.119.
[root@lb01 conf]# curl www.test.com
web02_192.168.119.
lb02配置与lb01相同步骤略、直接测试
[root@lb02 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lb02 conf]# nginx [root@lb02 conf]# echo "192.168.119.129 www.test.com" >> /etc/hosts
[root@lb02 conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
:: localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.119.129 www.test.com [root@lb02 conf]# curl www.test.com
web01_192.168.119.
[root@lb02 conf]# curl www.test.com
web02_192.168.119.
[root@lb02 conf]# curl www.test.com
web01_192.168.119.
[root@lb02 conf]# curl www.test.com
web02_192.168.119.
[root@lb02 conf]# curl www.test.com
web01_192.168.119.
两台LB安装都已完成
在两台LB上安装keepalived
环境配置
LB01和LB02配置相同
[root@lb01 /]# yum -y install kernel-devel
做个软连接 用tab键补全2.6.32-642.6.2.el6.x86_64
[root@lb01 /]# ln -s /usr/src/kernels/2.6.-642.4..el6.x86_64/ /usr/src/linux
[root@lb01 /]# ll /usr/src/
total
drwxr-xr-x. root root Sep debug
drwxr-xr-x. root root Sep : kernels
lrwxrwxrwx. root root Sep : linux -> /usr/src/kernels/2.6.-642.4..el6.x86_64/
下载软件
[root@lb01 /]# wget http://www.keepalived.org/software/keepalived-1.2.16.tar.gz
---- ::-- http://www.keepalived.org/software/keepalived-1.2.16.tar.gz
Resolving www.keepalived.org... 37.59.63.157, :41d0::7a9d::
Connecting to www.keepalived.org|37.59.63.157|:... connected.
HTTP request sent, awaiting response... OK
Length: (339K) [application/x-gzip]
Saving to: “keepalived-1.2..tar.gz” %[=================================================>] , .96K/s in 2m 30s -- :: (2.27 KB/s) - “keepalived-1.2..tar.gz” saved [/] [root@lb01 /]# ll keepalived-1.2..tar.gz
-rw-r--r--. root root Mar keepalived-1.2..tar.gz
解压、配置、编译、安装
[root@lb01 /]# tar zxvf keepalived-1.2..tar.gz
[root@lb01 /]# cd keepalived-1.2.
[root@lb01 keepalived-1.2.]# ./configure
Keepalived configuration
------------------------
Keepalived version : 1.2.
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lssl -lcrypto -lcrypt
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
IPVS use libnl : No
fwmark socket support : Yes
Use VRRP Framework : Yes
Use VRRP VMAC : Yes
SNMP support : No
SHA1 support : No
Use Debug flags : No [root@lb01 keepalived-1.2.]# make && make install
配置规范启动
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ #生成启动脚本
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ #配置启动脚本的参数
[root@lb01 keepalived-1.2.]# mkdir /etc/keepalived #创建默认的keepalived配置文件路径
[root@lb01 keepalived-1.2.]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ #把keepalived.conf模板拷贝到/etckeepalived下
[root@lb01 keepalived-1.2.]# cp /usr/local/sbin/keepalived /usr/sbin/
[root@lb01 keepalived-1.2.]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lb01 keepalived-1.2.]# ps -ef | grep keep
root : ? :: keepalived -D
root : ? :: keepalived -D
root : ? :: keepalived -D
root : pts/ :: grep keep
[root@lb01 keepalived-1.2.]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
修改配置文件
先备份一个配置文件
lb01配置文件
[root@lb01 keepalived-1.2.]# cd /etc/keepalived/
[root@lb01 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@lb01 keepalived]# vim keepalived.conf
! Configuration File for keepalived global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout
router_id LVS_01
} vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.119.150/
}
}
lb02配置文件
[root@lb02 keepalived-1.2.]# cd /etc/keepalived/
[root@lb02 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@lb02 keepalived]# vim keepalived.conf
! Configuration File for keepalived global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout
router_id LVS_02
} vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id
priority
advert_int
authentication {
auth_type PASS
auth_pass
}
virtual_ipaddress {
192.168.119.150/
}
}
启动keepalived
[root@lb01 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lb02 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
在master(lb01)查看虚拟IP(192.168.119.150)
提示:使用ifconfig是查不到的;使用 ip add查询
[root@lb01 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
[root@lb01 keepalived]#
在backup(lb02)查看(没有虚拟IP)
[root@lb02 keepalived]# ip add | grep 192.168.119.150
把master的keepalived服务down、虚拟IP就会自动切换到backup
[root@lb01 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@lb01 keepalived]# ip add | grep 192.168.119.150
[root@lb01 keepalived]#
backup查询
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
[root@lb02 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
[root@lb02 keepalived]# ip add | grep 192.168.119.150
inet 192.168.119.150/ scope global secondary eth0
当master的keepalived服务启动时、虚拟IP会自动从backup切回到master
测试web是否正常
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web02_192.168.119.
[root@lb01 keepalived]# curl 192.168.119.150
web01_192.168.119.
Nginx反向代理+keepalived的更多相关文章
- Nginx反向代理,负载均衡,redis session共享,keepalived高可用
相关知识自行搜索,直接上干货... 使用的资源: nginx主服务器一台,nginx备服务器一台,使用keepalived进行宕机切换. tomcat服务器两台,由nginx进行反向代理和负载均衡,此 ...
- nginx反向代理docker registry报”blob upload unknown"解决办法
问题症状:keepalived+nginx反向代理后端docker registry群集时,使用docker客户机向registry push镜像时出现 "blob upload unkno ...
- Linux系统——Nginx反向代理与负载均衡
集群集群是指一组(若干个)相互独立的计算机,利用高速通信网路组成的一个较大的计算机服务系统,每个集群节点(即集群中的每台计算机)都是运用各自服务的独立服务器.这些服务器之间可以彼此通信,协同向用户提供 ...
- LVS和nginx反向代理网站架构
LVS和nginx反向代理网站架构 nginx反向代理和lvs的dr都存在单点,要keepalived做高可用,但是成本高了 f
- Linux实战教学笔记30:Nginx反向代理与负载均衡应用实践
1.1 集群简介 简单地说,集群就是指一组(若干个)相互独立的计算机,利用高速通信网络组成的一个较大的计算机服务系统,每个集群节点(即集群中的每台计算机)都是运行各自服务的独立服务器.这些服务器之间可 ...
- nginx 反向代理实现负载均衡*理论
Nginx负载均衡集群介绍 负载均衡集群提供了一种廉价,有效,透明的方法,来扩展网络设备和服务器的负载,带宽和吞吐量,同时加强了网络数据处理能力,提高了网络的灵活性和可用性. 搭建负载均衡服务的需求: ...
- Nginx反向代理与负载均衡应用实践(一)
Nginx反向代理与负载均衡应用实践(一) 链接:https://pan.baidu.com/s/1xB20bnuanh0Avs4kwRpSXQ 提取码:migq 复制这段内容后打开百度网盘手机App ...
- 使用python自动生成docker nginx反向代理配置
由于在测试环境上用docker部署了多个应用,而且他们的端口有的相同,有的又不相同,数量也比较多,在使用jenkins发版本的时候,不好配置,于是想要写一个脚本,能在docker 容器创建.停止的时候 ...
- Nginx反向代理部署指南
一.反向代理 我们都知道,80端口是web服务的默认端口,其他主机访问web服务器也是默认和80端口进行web交互,而一台服务器也只有一个80端口,这是约定俗成的标准. 我们来看下面两个场景: 1.服 ...
随机推荐
- Struts2 入门
一.Struts2入门案例 ①引入jar包 ②在src下创建struts.xml配置文件 <?xml version="1.0" encoding="UTF-8&q ...
- 嵌入式Linux驱动学习之路(十七)驱动程序分层分离概念-平台设备驱动
平台设备驱动: 包含BUS(总线).DEVICE.DRIVER. DEVICE:硬件相关的代码 DRIVER:比较稳定的代码 BUS有一个driver链表和device链表. ①把device放入bu ...
- 10款.net 图形插件
在如今这个读图时代,图形图表的可视化数据表现形式已成为一种趋势.因为图表能直观的展示信息.对比和趋势等,所以许多项目开发中都需要用到图表控件,而很多图表控件都是在.NET平台下开发的,今天就为大家推荐 ...
- C#.NET 大型企业信息化系统集成快速开发平台 4.1 版本 - 面向数据库SQL语句的应用开发二
很多传统企业.包括系统集成类的IT企业,若不是从事专业软件开发领域的,能做出一套适合本公司企业信息化的灵活的信息系统还是很有难度的,还有一些已经多年不写程序的资深开发人员,初学者,都难把一个整套系统实 ...
- ES5基础之正则表达式02:范围类、预定义类和边界字符
1.范围类 //元字符 /* * 正则表达式由两种基本字符类型组成 * 1.原义文本字符:例如123abc * 2.元字符:元字符是在正则表达式中有特殊含义的非字母字符 */ //常见特殊符号:. * ...
- 阅读ArrayBlockingQueue源码了解如何利用锁实现BlockingQueue
BlockingQueue是多线程里面一个非常重要的数据结构.在面试的时候,也常会被问到怎么实现BlockingQueue.本篇根据Java7里ArrayBlockingQueue的源码,简单介绍一下 ...
- CCPC2016沈阳站
A.模拟 B.模拟 C(hdu5950):(矩阵快速幂) 题意:求f(n)=2f(n-2)+f(n-1)+n^4 分析:矩阵快速幂,(f(n),f(n-1),n^4,n^3,n^2,n,1) 注意:矩 ...
- 用php去除bom头
最近在用dede开发一个网站的时候,发现网站在本地没什么问题,但是上传到服务器上面去之后,在首页会默认的生成一串的字符串,如下图所示: 百度了之后,发现好多的解决方法都是说的把文件存储为utf-8无 ...
- Matplotlib 学习笔记
注:该文是上了开智学堂数据科学基础班的课后做的笔记,主讲人是肖凯老师. 数据绘图 数据可视化的原则 为什么要做数据可视化? 为什么要做数据可视化?因为可视化后获取信息的效率高.为什么可视化后获取信息的 ...
- BZOJ 3926: [Zjoi2015]诸神眷顾的幻想乡
3926: [Zjoi2015]诸神眷顾的幻想乡 Time Limit: 10 Sec Memory Limit: 512 MBSubmit: 1017 Solved: 599[Submit][S ...