Nginx+Keepalived部署

Nginx编译安装

        Nginx官方网站

        安装以前首先关闭防火墙

1
2
3
setenforce 0
systemctl stop firewalld
systemctl disable firewalld

1.下载nginx

1
2
cd /usr/local/src/
wget http://nginx.org/download/nginx-1.4.4.tar.gz

2.解压nginx

1
tar zxvf nginx-1.4.4.tar.gz

3.安装依赖包

1
yum install -y pcre pcre-devel gcc-c++ zlib zlib-devel openssl openssl-devel

4.配置编译参数

1
2
3
4
5
6
7
8
cd nginx-1.4.4
./configure \
--prefix=/usr/local/nginx \
--with-http_realip_module \
--with-http_sub_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-pcre

5.编译、安装nginx

1
make && make install

6.编写nginx启动脚本,并加入系统服务

1
vim /etc/init.d/nginx

        添加内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() {
        echo -n $"Starting $prog: "
        mkdir -p /dev/shm/nginx_temp
        daemon $NGINX_SBIN -c $NGINX_CONF
        RETVAL=$?
        echo
        return $RETVAL
}
stop() {
        echo -n $"Stopping $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -TERM
        rm -rf /dev/shm/nginx_temp
        RETVAL=$?
        echo
        return $RETVAL
}
reload(){
        echo -n $"Reloading $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -HUP
        RETVAL=$?
        echo
        return $RETVAL
}
restart(){
        stop
        start
}
configtest(){
    $NGINX_SBIN -c $NGINX_CONF -t
    return 0
}
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  reload)
        reload
        ;;
  restart)
        restart
        ;;
  configtest)
        configtest
        ;;
  *)
        echo $"Usage: $0 {start|stop|reload|restart|configtest}"
        RETVAL=1
esac
exit $RETVAL

7.更改nginx配置

        首先把原来的配置文件清空

1
> /usr/local/nginx/conf/nginx.conf

        编辑配置文件

1
vim /usr/local/nginx/conf/nginx.conf

        添加内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
    use epoll;
    worker_connections 6000;
}
http
{
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 3526;
    server_names_hash_max_size 4096;
    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
    '$host "$request_uri" $status'
    '"$http_referer" "$http_user_agent"';
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 30;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 8 4k;
    request_pool_size 4k;
    output_buffers 4 32k;
    postpone_output 1460;
    client_max_body_size 10m;
    client_body_buffer_size 256k;
    client_body_temp_path /usr/local/nginx/client_body_temp;
    proxy_temp_path /usr/local/nginx/proxy_temp;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    fastcgi_intercept_errors on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm application/xml;
server
{
    listen 80;
    server_name localhost;
    index index.html index.htm index.php;
    root /usr/local/nginx/html;
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/tmp/php-fcgi.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
    }
}
}

        保存配置后,先检验配置文件是否有错

1
/usr/local/nginx/sbin/nginx -t

        如果显示内容如下,则配置正确,否则需要根据错误提示修改配置文件

1
2
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

8.启动nginx

1
service nginx start

安装Keepalived

        10.8.8.22和10.8.8.23都安装好nginx。10.8.8.22为Master,10.8.8.23为Backup,Vip为10.8.8.20

        两台服务器同时执行

1
yum install -y keepalived

        编辑nginx_check脚本

1
vim /usr/local/nginx/nginx_chek.sh

        添加内容

1
2
3
4
5
6
7
8
9
10
#!/bin/bash  
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
    /usr/local/nginx/sbin/nginx
    sleep 5
    if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
    then
        killall keepalived
    fi
fi

        更改脚本权限

1
chmod a+x /usr/local/nginx/nginx_chek.sh

        安装killall命令

1
yum install -y killall

        编辑keepalived配置文件

1
vim /etc/keepalived/keepalived.conf

        添加内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
! Configuration File for keepalived
global_defs {
   router_id lvs-devel
}
vrrp_script chk_nginx {
    script "/usr/local/nginx/nginx_check.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
    state MASTER   //备改为BACKUP
    interface eno16777984   //改为备的网卡名
    virtual_router_id 51
    mcast_src_ip 10.8.8.22  //改为备的IP
    priority 100  //备改为90
    nopreempt
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        10.8.8.20
    }
}

        配置完成keepalived后,需要开启端口转发(主备都需要)

1
echo 1 > /proc/sys/net/ipv4/ip_forward

        最后,两台服务器启动keepalived服务(先主后备)

1
/etc/init.d/keepalived start