nginx+keepalived實(shí)現(xiàn)主備模式高可用

一、拓?fù)?br/>
二、keepalived配置
2.1 主配置
! Configuration File for keepalived

global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_V1
}

vrrp_script chk_nginx {
script "/usr/local/keepalived/check_nginx.sh"
interval 2
weight 2
}

vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wenlf@780419
}
track_script {
chk_nginx
}
virtual_ipaddress {
172.16.10.65 dev ens33
}
notify_master "/usr/local/keepalived/clean_arp.sh 172.16.10.65"
}
2.2 備配置
! Configuration File for keepalived

global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_V1
}

vrrp_script chk_nginx {
script "/usr/local/keepalived/check_nginx.sh"
interval 2
weight 2
}

vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass wenlf@780419
}
track_script {
chk_nginx
}
virtual_ipaddress {
172.16.10.65 dev ens33
}
notify_master "/usr/local/keepalived/clean_arp.sh 172.16.10.65"
2.3 監(jiān)控腳本

----------------------------------------clean_arp.sh------------------------------------
#!/bin/sh
VIP=$1
GATEWAY=172.16.10.254
/sbin/arping -I ens33 -c 5 -s $VIP $GATEWAY &>/dev/null

-----------------------------------------check_nginx.sh--------------------------------
#!/bin/sh
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/nginx start
fi
sleep 2
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/keepalived stop
fi
三、nginx配置
3.1 nginx.conf
user www www;
worker_processes 1;

#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;

pid logs/nginx.pid;

worker_rlimit_nofile 65535;

events {
worker_connections 1024;
use epoll;

}

http {

include LoadBalance/*.conf;
include mime.types;
default_type application/octet-stream;
#默認(rèn)編碼
#charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 64k;
client_max_body_size 8m;
sendfile on;
autoindex on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 120;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;

#gzip模塊設(shè)置
gzip on; 
gzip_min_length 1k;    
gzip_buffers 4 16k;   
gzip_http_version 1.0;    
gzip_comp_level 2;    
gzip_types text/plain application/x-javascript text/css application/xml;    
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#include LoadBalance/*.conf;
include vhost/*.conf;

}
3.2 虛擬機(jī)
server
{
listen 80;
server_name 172.16.10.65;
#index index.html index.htm index.php;
location / {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_pass http://LoadBalance;
#proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /NginxStatus {
stub_status on;
access_log on;
auth_basic "NginxStatus";
#auth_basic_user_file pwd;
}
}
3.3 負(fù)載均衡配置
upstream LoadBalance{
server 192.168.10.70:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.10.71:80 weight=1 max_fails=2 fail_timeout=30s;
ip_hash;

}
四、驗(yàn)證