Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

系统运维 2023-07-10 捡田螺的小男孩 手机阅读

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

wget <a href="https://nginx.org/download/nginx-1.21.6.tar.gz">https://nginx.org/download/nginx-1.21.6.tar.gz</a>

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

yum install --downloadonly --downloaddir=/soft/nginx/ gcc-c++  
yum install --downloadonly --downloaddir=/soft/nginx/ pcre pcre-devel4  
yum install --downloadonly --downloaddir=/soft/nginx/ zlib zlib-devel  
yum install --downloadonly --downloaddir=/soft/nginx/ openssl openssl-devel

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

/usr/local/nginx/sbin/nginx -c conf/nginx.conf  
ps -ef| grep nginx

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

firewall-cmd --zone=public --add-port=80/tcp --permanent  
firewall-cmd --reload  
firewall-cmd --zone=public --list-ports

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

./configure 
--prefix=/usr/local/nginx 
--pid-path=/var/run/nginx/nginx.pid 
--lock-path=/var/lock/nginx.lock 
--error-log-path=/var/log/nginx/error.log 
--http-log-path=/var/log/nginx/access.log 
--with-http_gzip_static_module 
--http-client-body-temp-path=/var/temp/nginx/client 
--http-proxy-temp-path=/var/temp/nginx/proxy 
--http-fastcgi-temp-path=/var/temp/nginx/fastcgi 
--http-uwsgi-temp-path=/var/temp/nginx/uwsgi 
--http-scgi-temp-path=/var/temp/nginx/scgi  
--with-http_ssl_module

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

server {
    listen       443;
    server_name  www.test.com;
    # 开启ssl
    ssl     on;
    # 配置ssl证书
    ssl_certificate      1_www.test.com_bundle.crt;
    # 配置证书秘钥
    ssl_certificate_key  2_www.test.com.key;
    # ssl会话cache
    ssl_session_cache    shared:SSL:1m;
    # ssl会话超时时间
    ssl_session_timeout  5m;
    # 配置加密套件,写法遵循 openssl 标准
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    
    location / {
        proxy_pass http://tomcats/;
        index  index.html index.htm;
    }
}

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

反向代理缓存

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

prefix:keepalived安装的位置sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错


sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错

配置中可能会出现警告信息,如下:

*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.


# 安装libnl/libnl-3依赖
yum -y install libnl libnl-devel

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

在/etc/keepalived/下创建脚本check_nginx_alive_or_not

#!/bin/bash 


A=`ps -C nginx --no-header |wc -l` 
# 判断nginx是否宕机,如果宕机了,尝试重启 
if [ $A -eq 0 ];then 
    /usr/local/nginx/sbin/nginx 
    # 等待一小会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机 
    sleep 3 
        if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then 
            killall keepalived 
        fi 
fi

赋予运行权限

chmod +x /etc/keepalived/check_nginx_alive_or_not.sh

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

keepalived 主机配置

vim keepalived.conf 编辑keepalived配置文件

global_defs { 
    # 路由id:当前安装keepalived的节点主机标识符,保证全局唯一 
    router_id keep_171 
} 


vrrp_instance VI_1 { 
    # 表示状态是MASTER主机还是备用机BACKUP 
    state MASTER 
    # 该实例绑定的网卡 
    interface ens33 
    # 保证主备节点一致即可 
    virtual_router_id 51 
    # 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选 
    priority 100 
    # 主备之间同步检查时间间隔,单位秒 
    advert_int 2 
    # 认证权限密码,防止非法节点进入 
    authentication { 
        auth_type PASS 
        auth_pass 1111 
    } 
    # 虚拟出来的ip,可以有多个(vip) 
    virtual_ipaddress { 
        192.168.1.161 
    }
}

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

双机主备就是配置两台nginx,互相为主备,当主机宕机了,自动启用备机。

修改备机配置

global_defs { 
    router_id keep_172 
} 
vrrp_instance VI_1 { 
    # 备用机设置为BACKUP 
    state BACKUP 
    interface ens33 
    virtual_router_id 51 
    # 权重低于MASTER 
    priority 80 
    advert_int 2 
    authentication { 
        auth_type PASS auth_pass 1111 
    }
    virtual_ipaddress {
        # 注意:主备两台的vip都是一样的,绑定到同一个vip 
        192.168.110.110 
    } 
}

Nginx一撸到底:安装到负载均衡、双机主备、集群高可用!

global_defs {
    router_id keep_171 
} 
vrrp_instance VI_1 { 
    state MASTER i
    nterface ens33 
    virtual_router_id 51 
    priority 100 
    advert_int 1 
    authentication { 
        auth_type PASS 
        auth_pass 1111 
    } 
    virtual_ipaddress { 
        192.168.110.110 
    } 
} 


vrrp_instance VI_2  {
    state BACKUP 
    interface ens33 
    virtual_router_id 52 
    priority 80 
    advert_int 1 
    authentication { 
        auth_type PASS 
        auth_pass 1111 
    } 
    virtual_ipaddress { 
        192.168.110.111 
    }
}

第二台主机配置如下

global_defs {
    router_id keep_172 
} 
vrrp_instance VI_1 { 
    state BACKUP 
    interface ens33 
    virtual_router_id 51 
    priority 80 
    advert_int 1 
    authentication { 
        auth_type PASS 
        auth_pass 1111 
    } 
    virtual_ipaddress { 
        192.168.110.110
    }
} 


vrrp_instance VI_2 {
    state MASTER 
    interface ens33 
    virtual_router_id 52 
    priority 100 
    advert_int 1 
    authentication { 
        auth_type PASS 
        auth_pass 1111 
    } 
    virtual_ipaddress { 
        192.168.110.111 
    }
}

重启两台Keepalived

systemctl restart keepalived