设备:
主:192.168.200.122
从:192.168.200.124
安装:两台都分别安装nginx以及keepalived
两台机步骤一致一主一从
安装nginx的依赖包
[root@localhost ~]#yum install gcc gcc-c++ make pcre-devel zlib-devel -y
[root@localhost ~]#useradd -M -s /sbin/nologin nginx
[root@localhost ~]#tail -l /etc/passwd;tail -l /etc/group
[root@localhost ~]#rz #导入nginx源码包
[root@localhost ~]# ls
anaconda-ks.cfg nginx-1.15.9.tar.gz original-ks.cfg 模板 图片 下载 桌面
initial-setup-ks.cfg 公共 视频 文档 音乐
[root@localhost ~]# tar xf nginx-1.15.9.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/nginx-1.15.9
[root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && make && make install
[root@localhost ~]# ls /usr/local/sbin
做软连接方便查找nginx位置
[root@localhost ~]# ln -s /usr/local/bin/nginx /usr/local/sbin
[root@localhost ~]# ll /usr/local/sbin
lrwxrwxrwx. 1 root root 27 10月 21 10:50 /usr/local/sbin/nginx -> /usr/local/nginx/sbin/nginx
[root@localhost ~]# cd /usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
user nginx nginx;
worker_processes 2;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
charset utf-8;
access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@localhost conf]#cd ../
[root@localhost nginx]#cd html
<p><em>Thank you for using nginx 192.168.200.122</em></p> #从写192.168.200.124
[root@localhost conf]#nginx -t
[root@localhost conf]#nginx
[root@localhost conf]#killall -HUP nginx
安装keepalived
[root@localhost ~]#yum install keepalived -y
编写nginx脚本用以承载keepalived的依赖
[root@localhost ~]# vim nginx.sh
#!/bin/bash
counter=$(ps -C nginx --no-heading | wc -l)
if [ '${counter}' = '0' ];then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading | wc -l)
if [ '${counter}' = '0' ];then
systemctl stop keepalived
fi
fi
[root@localhost ~]#cd /etc/keepalived
[root@localhost ~]#cp keepalived.conf keepalived.conf.bak
[root@localhost ~]#vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
route_id 192.168.200.122 #主写122、从写124
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_http_port {
script '/root/nginx.sh' #启用nginx.sh脚本
insterval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER #主写MASTER、从写SLAVE
interface ens33
virtual_router_id 51
priority 100 #主写100、从写99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx
}
virtual_ipaddress {
192.168.200.254
}
}
[root@localhost ~]#service keepalived start
关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# iptables -F
[root@localhost ~]# setenforce 0
[root@localhost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:f8:6e:73 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.200.254/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef8:6e73/64 scope link
valid_lft forever preferred_lft forever
测试1:
条件一:当两台机的nginx、keepalived都开启时
主:192.168.200.122
[root@locahost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.200.254/32 scope global ens33
valid_lft forever preferred_lft forever
从:192.168.200.124
[root@locathost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:f8:6e:73 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef8:6e73/64 scope link
valid_lft forever preferred_lft forever
测试2:
条件1:当关闭主的keepalived以及nginx服务时,IP192.168.200.254会不会漂移到从机上
先关闭keepalived再关闭nginx服务
[root@localhost ~]# service keepalived stop
[root@localhost ~]# nginx -s quit
主:192.168.200.122
[root@locahost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
从:192.168.200.124
[root@locathost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.200.124/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.200.254/32 scope global ens33
valid_lft forever preferred_lft forever
