### 一定要配置好yum
# 1.6.1安装nginx所需的pcre库
yum install pcre pcre-devel -y
rpm -qa pcre pcre-devel
# 1.6.2安装openssl openssl-devel以及zlib程序
yum -y install zlib zlib-devel
yum -y install openssl openssl-devel
# 1.6.3 创建nginx账号
useradd -s /sbin/nologin -M nginx
# 安装
tar -zxvf nginx-1.6.2.tar.gz
cd nginx-1.6.2
./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.2 --with-http_stub_status_module --with-http_ssl_module && make && make install
echo $?
# 1.6.5指定软连接
ln -s /application/nginx-1.6.2/ /application/nginx
# 检查nginx的配置文件的语法
/application/nginx/sbin/nginx -t
# 1.将nginx的路径加入系统默认的搜索路径并写入登录脚本
echo 'PATH=$PATH:/application/nginx/sbin' >>/etc/profile
# 重新加载系统脚本
. /etc/profile
# 1.7 测试访问nginx的网站
# 1方法1
# curl -I 127.0.0.1
# 方法2
# wget 127.0.0.1
二、nginx负载均衡配合keepalived服务案例实战
0. 拓扑
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-TC6CfZUx-1586523244533)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410180900979.png)]
角色 | ip地址 | 软件安装 |
---|---|---|
lb01 | 192.168.1.11 | keepalived、nginx |
lb02 | 192.168.1.12 | keepalived、nginx |
web01 | 192.168.1.13 | apache |
web02 | 192.168.1.14 | apache |
cat /application/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream www_server_pools {
server 192.168.1.13:80 weight=1;
server 192.168.1.14:80 weight=1;
}
server {
listen 192.168.1.113:80;
server_name www.hdxy.com;
location / {
proxy_pass http://www_server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
1.12 nginx配置
cat /application/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream www_server_pools {
server 192.168.1.13:80 weight=1;
server 192.168.1.14:80 weight=1;
}
server {
listen 192.168.1.113:80;
server_name www.hdxy.com;
location / {
proxy_pass http://www_server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
2. 在192.168.1.11 和192.168.1.12 上配置keepalived服务
( 首先用 yum -y install keepalived
安装keepalived)
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL01
}
vrrp_instance VI_1 {
state MASTER
interface eth0 # 注意本机网卡
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡
}
}
1.12 keepalived配置
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0 # 注意本机网卡
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.113 dev eth0 label eth0:1 # 注意本机网卡
}
}
3. 启动nginx和keepalived服务
/application/nginx/sbin/nginx
/etc/init.d/keepalived start
4. 解决服务监听网卡上不存在ip地址问题
echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf
sysctl -p
5. yum安装1.13 和 1.14的apache
yum -y install httpd
6. 配置首页
echo "wo shi 192.168.1.13 " >/var/www/html/index.html
echo "wo shi 192.168.1.14 " >/var/www/html/index.html
7. 启动httpd服务
/etc/init.d/httpd start
8. 在windows上测试
# 先关闭防火墙 和 setenforce
service iptables stop
setenforce 0
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-85qQqhvc-1586523244535)(C:\Users\root\AppData\Roaming\Typora\typora-user-images\image-20200410203441155.png)]
9. 将主用lb的服务关闭/etc/init.d/keepalived stop # 停掉 keepalived
ip addr|grep 192.168.1.113 # 查看ip信息
#inet 192.168.1.113/32 scope global eth0:1
发现备用lb可以正常接管
10. 实验到此结束 ! 问题: 正常情况下,keepalived软件仅仅在对方机器宕机或keepalived停掉的时候才会接管业务,但在实际中,有一种情况是,nginx反向代理停掉,而keepalived服务还在工作的情况,这个问题会导致用户访问的vip无法找到对应的服务,如何解决这个问题呢?
可以写守护程序 当nginx业务有问题的时候,就停掉本地的keepalived服务,实现备用lb的自动接管
#!/bin/bash
# file name check_nginx.sh
while true
do
if [ `netstat -lntup|grep nginx|wc -l` -ne 1 ] ;then
/etc/init.d/keepalived stop
fi
sleep 2
done
在后台运行脚本
sh check_nginx.sh &
模拟nginx业务挂掉
/application/nginx/sbin/nginx -s stop
ip addr|grep 192.168.1.113
#inet 192.168.1.113/32 scope global eth0:1
发现ip地址漂移到备用lb了
ived stop
fi
sleep 2
done
- 在后台运行脚本
```shell
sh check_nginx.sh &
模拟nginx业务挂掉
/application/nginx/sbin/nginx -s stop
ip addr|grep 192.168.1.113
#inet 192.168.1.113/32 scope global eth0:1
发现ip地址漂移到备用lb了