1、Nginx+Keepalived实现站点高可用

httpd服务器安装配置：

yum install httpd

vim /etc/httpd/conf.d/vhost.conf

ServerName 192.168.0.241

DocumentRoot "/data/web/vhost1"

Options FollowSymLinks

AllowOverride None

Require all granted

ServerName 192.168.0.242

DocumentRoot "/data/web/vhost2"

Options FollowSymLinks

AllowOverride None

Require all granted

mkdir -p /data/web/vhost{1,2}

vim /data/web/vhost1/index.html

vhost1 192.168.0.241

vim /data/web/vhost2/index.html

vhost2 192.168.0.242

systemctl start httpd

主nginx+keepalived：

yum install nginx keepalived

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

script_user root

enable_script_security

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id n1

vrrp_mcast_group4 224.1.101.33

}

vrrp_script chk_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

weight -10 ## 一旦脚本失败降权，小于备用节点

interval 1 ## 1秒钟检测一次

fall 1 ## 失败1次

rise 1 ## 检测1次

}

vrrp_script chk_ngx {

script "killall -0 nginx && exit 0 || exit 1"

weight -10

interval 2

fall 3

rise 3

}

vrrp_instance VI_1 {

state MASTER

interface ens33

virtual_router_id 51

priority 100 ##数值大为master

advert_int 1

authentication {

auth_type PASS

auth_pass ZRhbGtAZ

}

virtual_ipaddress {

192.168.0.210/24 dev ens33 label ens33:0

}

   track_script {

chk_down

chk_ngx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

vim /etc/keepalived/notify.sh

#!/bin/bash

contact='root@localhost'

notify() {

local mailsubject="$(hostname) to be $1, vip floating"

local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"

echo "$mailbody" | mail -s "$mailsubject" $contact

}

case $1 in

master)

systemctl start nginx

notify master

;;

backup)

systemctl start nginx

notify backup

;;

fault)

systemctl stop nginx

notify fault

;;

*)

echo "Usage: $(basename $0) {master|backup|fault}"

exit 1

;;

esac

chmod +x /etc/keepalived/notify.sh

vim /etc/nginx/nginx.conf

http {

upstream websrvs {

server 192.168.0.241:80;

server 192.168.0.242:80;

}

server {

location / {

proxy_pass http://websrvs;

}

}

}

备nginx+keepalived：

yum install nginx keepalived

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

script_user root

enable_script_security

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id n2

vrrp_mcast_group4 224.1.101.33

}

vrrp_script chk_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

weight -10

interval 1

fall 1

rise 1

}

vrrp_script chk_ngx {

script "killall -0 nginx && exit 0 || exit 1"

weight -10

interval 2

fall 3

rise 3

}

vrrp_instance VI_1 {

state BACKUP

interface ens33

virtual_router_id 51

priority 95

advert_int 1

authentication {

auth_type PASS

auth_pass ZRhbGtAZ

}

virtual_ipaddress {

192.168.0.210/24 dev ens33 label ens33:0

}

track_script {

chk_down

chk_ngx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

vim /etc/keepalived/notify.sh

#!/bin/bash

contact='root@localhost'

notify() {

local mailsubject="$(hostname) to be $1, vip floating"

local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"

echo "$mailbody" | mail -s "$mailsubject" $contact

}

case $1 in

master)

systemctl start nginx

notify master

;;

backup)

systemctl start nginx

notify backup

;;

fault)

systemctl stop nginx

notify fault

;;

*)

echo "Usage: $(basename $0) {master|backup|fault}"

exit 1

;;

esac

chmod +x /etc/keepalived/notify.sh

vim /etc/nginx/nginx.conf

http {

upstream websrvs {

server 192.168.0.241:80;

server 192.168.0.242:80;

}

server {

location / {

proxy_pass http://websrvs;

}

}

}

测试：

在备用节点上：

systemctl start keepalived

ps aux | grep nginx

在主节点上：

systemctl start keepalived

ps aux | grep nginx

ifconfig ##查看IP是否切换过来

yum install httpd

killall nginx && systemctl start httpd

用客户机测试：

curl 192.168.0.210

2、实现keepalived主主模型

只需要在上提中添加keepalived配置文件即可

主节点：

vim /etc/keepalived/keepalived.conf

vrrp_instance VI_2 {

state BACKUP

interface ens33

virtual_router_id 61

priority 95

advert_int 1

authentication {

auth_type PASS

auth_pass zrhbGtzz

}

virtual_ipaddress {

192.168.0.209/24 dev ens33 label ens33:1

}

track_script {

chk_don

chk_ngx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

}

备用节点：

vim /etc/keepalived/keepalived.conf

vrrp_instance VI_2 {

state MASTER

interface ens33

virtual_router_id 61

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass zrhbGtzz

}

virtual_ipaddress {

192.168.0.209/24 dev ens33 label ens33:1

}

track_script {

chk_don

chk_ngx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

}

测试：

在主节点上：

systemctl start keepalived

ifconfig

在备用节点上：

systemctl start keepalived

ifconfig

用客户机测试：

curl 192.168.0.210

curl 192.168.0.209

3、采用varnish为ngin实现缓存加速

后端web server：

yum install httpd

vim /var/www/html/index.html

http server

systemctl start httpd

nginx 代理：

yum install nginx

vim /etc/nginx/nginx.conf

server {

listen 80 ;

server_name 192.168.0.244;

root /usr/share/nginx/html;

location / {

proxy_pass http://192.168.0.123:80;

}

}

systemctl start nginx

varnish 缓存：

yum install varnish

vim /etc/varnish/varnish.params ##修改默认文件

VARNISH_LISTEN_PORT=80

VARNISH_STORAGE="file,/data/varnish/cache,256M"

mkdir /data/varnish/cache -p

chown -R varnish.varnish /data/varnish/cache/

systemctl start varnish

vim /etc/varnish/default.vcl

vcl 4.0;

backend default { ##后端主机ip及端口

.host = "192.168.0.244";

.port = "80";

}

sub vcl_recv {

if (req.http.User-Agent ~ "(?i)curl") { ## 禁止使用 curl 来获取信息

return(synth(403));

}

if (req.url ~ "(?i)^/(login|admin)") { ## 对于login 和 admin 不缓存

return(pass);

}

if (req.restarts == 0) { ##添加客户端的ip信息

if (req.http.X-Fowarded-For) {

set req.http.X-Forwarded-For = req.http.X-Forwarded-For + "," + client.ip;

} else {

set req.http.X-Forwarded-For = client.ip;

}

}

}

sub vcl_backend_response {

}

sub vcl_deliver {

if (obj.hits > 0) { ## 增加命中或失败的信息

set resp.http.X-Cache = "HIT via " + server.ip;

} else {

set resp.http.x-Cache = "MISS via " + server.ip;

}

}

varnish_reload_vcl ##重载配置

测试：

4、LNMP结合varnish实现动静分离

后端动态服务器：

yum install -y php-fpm php-mysql php-mbstring php-mcrypt mariadb-server httpd php

unzip /home/admin/下载/phpMyAdmin-4.0.10.20-all-languages.zip

cp -a ./phpMyAdmin-4.0.10.20-all-languages/ /var/www/html/pma/

cp config.sample.inc.php config.inc.php

vim config.inc.php

vim /etc/httpd/conf/httpd.conf

systemctl start httpd

后端静态服务器：

yum install -y php-fpm php-mysql php-mbstring php-mcrypt mariadb-server httpd

unzip /home/admin/下载/phpMyAdmin-4.0.10.20-all-languages.zip

cp -a ./phpMyAdmin-4.0.10.20-all-languages/ /var/www/html/pma/

cp config.sample.inc.php config.inc.php

vim config.inc.php

vim /etc/httpd/conf/httpd.conf ## 修改日志格式

systemctl start httpd

varnish服务器：

yum install varnish

vim /etc/varnish/varnish.params ##修改默认文件

VARNISH_LISTEN_PORT=80

VARNISH_STORAGE="file,/data/varnish/cache,256M"

mkdir /data/varnish/cache -p

chown -R varnish.varnish /data/varnish/cache/

systemctl start varnish

vim /etc/varnish/default.vcl

vcl 4.0;

backend httpsrv {

.host = "192.168.0.244";

.port = "80";

}

backend phpsrv {

.host = "192.168.0.123";

.port = "80";

}

sub vcl_recv {

if (req.url ~ "(?i)\.php") {

set req.backend_hint = phpsrv;

}

if (req.url ~ "(?i)\.(html|css|js|jpg|jpeg|png|gif)") {

set req.backend_hint = httpsrv;

} else {

return(pass);

}

if (req.http.User-Agent ~ "(?i)curl") {

return(synth(403));

}

if (req.url ~ "(?i)^/(login|admin)") {

return(pass);

}

if (req.restarts == 0) {

if (req.http.X-Forwarded-For) {

set req.http.X-Forwarded-For = req.http.X-Forwarded-For + "," + client.ip;

} else {

set req.http.X-Forwarded-For = client.ip;

}

}

}

sub vcl_backend_response {

if (beresp.http.cache-control !~ "s-maxage") {

if (bereq.url ~ "(?i)\.(jpg|jpeg|png|gif|css|js)$") {

unset beresp.http.Set-Cookie;

set beresp.ttl = 3600s;

}

}

}

sub vcl_deliver {

if (obj.hits > 0) {

set resp.http.X-Cache = "HIT via " + server.ip;

} else {

set resp.http.x-Cache = "MISS via " + server.ip;

}

}

varnish_reload_vcl

第十五周

1、Nginx+Keepalived实现站点高可用

vhost1 192.168.0.241

vhost2 192.168.0.242

2、实现keepalived主主模型

3、采用varnish为ngin实现缓存加速

http server

4、LNMP结合varnish实现动静分离

你可能感兴趣的:(第十五周)