一、架构(主从模式)
二、nginx安装
(1)修改yum源,源地址:http://nginx.org/en/linux_packages.html#RHEL-CentOS
(a)安装yum-utils
yum install yum-utils
(b)查询并修改源地址
vi /etc/yum.repos.d/nginx.repo
内容如下:
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
(c)切换为主线分支
yum-config-manager --enable nginx-mainline
(2)安装
yum install nginx
三、nginx配置
主备服务器配置一样,基本配置如下:
worker_processes 1;
events {
worker_connections 1024;
}
http {
upstream test-server {
server 192.168.232.200:8080;
server 192.168.232.204:8080;
}
server {
listen 8080;
server_name localhost;
location / {
proxy_pass http://test-server;
proxy_redirect default;
}
}
}
说明:upstream的默认分配方式为轮询,还可以通过设备状态分配:
down 表示单前的server暂时不参与负载.
weight 默认为1.weight越大,负载的权重就越大。
max_fails :允许请求失败的次数默认为1.当超过最大次数时,返回proxy_next_upstream 模块定义的错误.
fail_timeout : max_fails次失败后,暂停的时间。
backup: 其它所有的非backup机器down或者忙的时候,请求backup机器。所以这台机器压力会最轻。
四、nginx常用操作命令
#启动
systemctl start nginx
#停止
systemctl stop nginx
#重启
systemctl restart nginx
#重载文件
systemctl reload nginx
#查看状态
systemctl status nginx
#检查配置文件语法
nginx -t
五、keepalived安装
yum install keepalived -y
六、keepalived配置
(1)主节点
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
123@qq.com
}
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL_01
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.203/24
}
}
(2)备节点
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
123@qq.com
}
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL_02 #不能与主节点一样
}
vrrp_instance VI_1 {
state BACKUP #备节点为BACKUP
interface ens33
virtual_router_id 51 #与主接点一致
priority 99 #比主节点小
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.232.203/24 #与主节点一致
}
}
七、keepalived常用操作命令
#启动keepalived
systemctl start keepalived
#停止keepalived
systemctl stop keepalived
#查看IP
ip addr
八、注意事项
(1)时间同步
(a)安装ntpdate工具
yum -y install ntp ntpdate
(b)设置系统时间与网络时间同步
可以选择time.nist.gov、time.nuri.net、0.asia.pool.ntp.org、1.asia.pool.ntp.org、2.asia.pool.ntp.org、3.asia.pool.ntp.org中任意一个。
ntpdate 0.asia.pool.ntp.org
(c)将系统时间写入硬件时间
hwclock --systohc
(d)核对时间
date
(2)关闭selinux
#设置为宽容模式,临时
setenforce 0
#设置为宽容模式,永久
sed -i 's/=enforcing/=disabled/g' /etc/sysconfig/selinux
(3)防火墙开放VRRP
#添加规则
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --protocol vrrp -j ACCEPT
#重启防火墙
firewall-cmd --reload