测试环境如下:
系统:Ceentos 6.4 64位
nginx服务器 no1:172.16.4.7 vip:172.16.4.55
nginx服务器 no2:172.16.4.11 vip:172.16.4.56
No1、no2双机互信
#vim /etc/hosts
172.16.4.7 no1.test.com no1
172.16.4.11 no2.test.com no2
No1:
#ssh-keygen -t rsa -P ‘’
#ssh-copy-id -i .ssh/id_rsa.pub [email protected]
No2:
#ssh-keygen -t rsa -P ‘’
#ssh-copy-id -i .ssh/id_rsa.pub [email protected]
还要确保两个节点时间同步
一、Nginx+keepalived 安装
nginx-1.4.2.tar.gz
#yum -y install keepalived
1、安装编译所依赖的包pcre-devel openssl-devel
# yum -y install pcre-devel openssl-devel
2、解压并添加用户nginx,以nginx的身份运行服务
#tar xf nginx-1.4.2.tar.gz -C /usr/local/
#cd /usr/local/nginx-1.4.2
# groupadd -r nginx
# useradd -r -g nginx nginx
3、编译和安装
# ./configure \
--prefix=/usr \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--http-scgi-temp-path=/var/tmp/nginx/scgi \
--with-pcre
编译过程中如果提示我们还需要依赖某个包时,我们要安装对应的devel包
# make && make install
4、为nginx提供SysV init脚本
脚本存放位置/etc/rc.d/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
而后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
添加至服务管理列表,并让其开机自动启动:
# chkconfig --add nginx
# chkconfig nginx on
而后就可以启动服务并测试了:
# service nginx start
二、no1 配置
# mkdir -p /web/htdocs
# echo "172.16.4.7" > /web/htdocs/index.html
#vim /etc/nginx/nginx.conf
server {
listen 80;
server_name localhost;
location / {
root /web/htdocs;
index index.html index.htm;
}
配置完成后重新加载服务
#service nginx reload
测试使用curl命令请求或在浏览器访问
# curl 172.16.4.7
172.16.4.7
三、no1的Keepalived配置
# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "killall -0 nginx"
interval 2
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.4.55
}
track_script {
chk_nginx
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 56
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.4.56
}
track_script {
chk_nginx
}
}
四、no2的nginx配置以及keepalived配置
可以将no1的配置发送到no2上
#cd /etc/keepalived
#scp keepalived.conf no2:/etc/keepalived/
然后在其keepalived配置中修改下面选项:
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 55
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.4.55
}
track_script {
chk_nginx
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 56
priority100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.4.56
}
track_script {
chk_nginx
}
}
五、测试
分别在2台nginx上重启启动nginx和keepalived服务,然后停掉其中一台的服务,查看资源能否转移到另一台nginx上,
查看方式:
#ip addr show
#ip a
查看no1:
查看no2:
将no1节点服务停掉,然后查看资源转移情况
再将no1的服务开启查看资源转移
#tail /var/log/messages
#tail -f /var/log/messages #实时查看,不会退出日志
或者在浏览器访问我们定义的vip查看,这里我们就不演示了