Nginx 高可用+负载均衡部署文档V1.0.2
![Nginx 高可用+负载均衡部署文档V1.0.2](https://img.360docs.net/img57/1a66lfhwhifpckelfhzzbscq0znskg77-71.webp)
![Nginx 高可用+负载均衡部署文档V1.0.2](https://img.360docs.net/img57/1a66lfhwhifpckelfhzzbscq0znskg77-12.webp)
Nginx高可用+负载均衡部署指南
1软件版本说明
2基础软件安装
2.1Nginx安装
版本jdk-7u67-linux-x64.rpm,安装步骤略
安装后检验Nginx版本是否正确。
[root@localhost ~]# /usr/local/nginx/sbin/nginx –v
nginx version: nginx/1.6.0
2.2Keepalived安装
2.2.1openssl安装
openssl必须安装,否则安装keepalived时无法编译,keepalived依赖openssl
openssl安装
tar zxvf openssl-1.0.1g.tar.gz
./config--prefix=/usr/local/openssl
./config-t
make depend
make
make test
make install
ln-s /usr/local/openssl/usr/local/ssl
openssl配置
vi/etc/ld.so.conf
#在/etc/ld.so.conf文件的最后面,添加如下内容:
/usr/local/openssl/lib
vi/etc/profile
export OPENSSL=/usr/local/openssl/bin
export PATH=$PATH:$OPENSSL
source/etc/profile
yum install openssl-devel -y #如无法yum下载安装,请修改yum配置文件
测试:
ldd /usr/local/openssl/bin/openssl
linux-vdso.so.1 => (0x00007fff996b9000)
libdl.so.2 => /lib64/libdl.so.2 (0x00000030efc00000)
libc.so.6 => /lib64/libc.so.6 (0x00000030f0000000)
/lib64/ld-linux-x86-64.so.2 (0x00000030ef800000) which openssl
/usr/bin/openssl
openssl version
OpenSSL 1.0.0-fips 29 Mar 2010
2.2.2keepalived安装
本文在172.17.30.64、172.17.30.83两台机器进行keepalived安装
安装
tar zxvf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13
./configure--prefix=/usr/local/keepalived
make
make install
cp/usr/local/keepalived/sbin/keepalived/usr/sbin/
cp/usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/
cp/usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/
mkdir/etc/keepalived
cp/usr/local/keepalived/etc/keepalived/keepalived.conf
/etc/keepalived
2.2.3keepalived配置
建检查Nginx是否存活的脚本
#新建Nginx检查
vim /usr/local/nginx
/check.sh
内容如下:
#!/bin/bash
#This script is used by keepalived for checking nginx running status CHECK_TIME=2
check()
{
curl -m 2 http://127.0.0.1/status >/dev/null 2>&1
return $?
}
while [ $CHECK_TIME -ne 0 ]
do
let "CHECK_TIME -= 1"
check
NGINX_OK=$?
if [ $NGINX_OK -eq 0 ];then
exit 0
fi
if [ $NGINX_OK -ne 1 ] && [ $CHECK_TIME -eq 0 ]
then
exit 1
fi
done
keepalived.conf:
vim /usr/local/keepalived/etc/keepalived/keepalived.conf
Master:
Master
! Configuration File for keepalived
vrrp_script check_run {
script “/usr/local/nginx/check.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER #172.17.210.83上改为
Master
interface eth0 #对外提供服务的网络接口
virtual_router_id 51 #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组
priority 150 #数值愈大,优先级越高
advert_int 1 #同步通知间隔
authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题auth_type PASS
auth_pass 1111
}
track_script {
check_run #调用脚本check.sh检查haproxy是否存活
}
virtual_ipaddress { #vip地址
172.17.210.103 dev eth0 scope globa
}
}
slave:
slave
! Configuration File for keepalived
vrrp_script chech_run {
script “/usr/local/nginx/check.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP #
interface eth0 #对外提供服务的网络接口
virtual_router_id 51 #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组
priority 120 #数值愈大,优先级越高, advert_int 1 #同步通知间隔
authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题auth_type PASS
auth_pass 1111
}
track_script {
check_run #调用脚本check.sh检查haproxy是否存活
}
virtual_ipaddress { #vip地址
172.17.210.103 dev eth1 scope globa
}
}
3Nginx配置文件
3.1新建upstreams.conf
1、upstream uc_cluster {
2、 ip_hash;
3、 server app01:7060;#主机名+端口
4、 server app01:7061;
5、}
6、 upstream pos_cluster {
7、 ip_hash;
8、 server app01:7060;#主机名+端口
9、 server app01:7061;
10、}
11、upstream mps_cluster {
12、 ip_hash;
13、 server app01:7060;
14、server app01:7061;
15、server app02:7060;
16、}
upstream gms_cluster {
17、ip_hash;
18、server app01:7060;
19、server app01:7061;
20、server app02:7060;
21、}
.
.
.
3.2新建server.conf
server {
listen 80;
server_name https://www.360docs.net/doc/548534857.html,;
default_type 'text/html';
charset utf-8;
#charset koi8-r;
#access_log logs/host.access.log main;
location ~ .*.*$ {
#index /portal;
proxy_pass http://uc_cluster;
rewrite "^/+$" /portal break;
}
location ^~ /pos/ {
proxy_pass http://pos_cluster;
}
location ^~ /mps/ {
proxy_pass http://mps_cluster;
}
location ^~ /gms/ {
proxy_pass http://gms_cluster;
}
location ^~ /fas/ {
proxy_pass http://fas_cluster;
}
location ^~ /mdm/ {
proxy_pass http://mdm_cluster;
}
location ^~ /pms/ {
proxy_pass http://pms_cluster;
proxy_connect_timeout 600s;
proxy_send_timeout 300s;
}
location ^~ /crm/ {
proxy_pass http://crm_cluster;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
3.3新建proxy.conf文件
#!nginx (-)
# proxy.conf
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #???ip
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #??úμ??ip client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
3.4修改Nginx文件
#user nobody;
worker_processes 4;
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 1024;
}
http {
include upstreams.conf;
include mime.types;
default_type application/octet-stream;
include proxy.conf;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml application/xml+rss image/svg+xml application/x-font-ttf application/vnd.ms-fontobject;
gzip_disable "MSIE [1-6]\.";
include servers.conf;
}