通过Nginx+Keepalived实现高可用方案

#安装nginx

yum -ygroupinstall

'development tools'

useradd

-r www

yum -y

install

pcre pcre-devel openssl openssl-devel

cd

/usr/local/src

wget http:

//nginx

.org

/download/nginx-1

.2.2.

tar

.gz

tar

zxf nginx-1.2.2

cd

nginx-1.2.2

.

/configure

--user=www --group=www --prefix=

/usr/local/nginx

\

--with-http_stub_status_module --with-http_ssl_module

make

&&

make

install

#安装keepalived

cd

..

yum -y

install

popt popt-devel

wget http:

//www

.keepalived.org

/software/keepalived-1

.2.2.

tar

.gz

tar

zxf keepalived-1.2.2.

tar

.gz

cd

keepalived-1.2.2

.

/configure

--prefix=

/usr/local/keepalived

make

&&

make

install

cd

/usr/local/keepalived

cp

sbin

/keepalived

/usr/sbin/

cp

etc

/sysconfig/keepalived

/etc/sysconfig/

cp

etc

/rc

.d

/init

.d

/keepalived

/etc/init

.d/

mkdir

/etc/keepalived

userwww www;

worker_processes4;

error_loglogs/error.log crit;

#error_loglogs/error.lognotice;

#error_loglogs/error.loginfo;

pidlogs/nginx.pid;

worker_rlimit_nofile 1024;

events {

use epoll;

worker_connections1024;

}

http {

includemime.types;

default_typeapplication/octet-stream;

log_formatmain'$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_loglogs/access.logmain;

server_names_hash_bucket_size 128;

client_header_buffer_size 32k;

large_client_header_buffers 4 32k;

client_max_body_size 8m;

sendfileon;

tcp_nopush on;

tcp_nodelay on;

keepalive_timeout120;

fastcgi_connect_timeout 300;

fastcgi_send_timeout 300;

fastcgi_read_timeout 300;

fastcgi_buffer_size 64k;

fastcgi_buffers 4 64k;

fastcgi_busy_buffers_size 128k;

fastcgi_temp_file_write_size 128k;

gzip on;

gzip_min_length1k;

gzip_buffers 4 16k;

gzip_http_version 1.0;

gzip_comp_level 2;

gzip_typestext/plain application/x-javascript text/css application/xml;

gzip_vary on;

server {

listen80;

#server_namelocalhost;

location / {

roothtml;

indexindex.html index.htm;

}

}

}

! Configuration File for keepalived

global_defs {

notification_email {

wushangqian@dou55.com

}

notification_email_from keepalived@dou55.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 51

mcast_src_ip 192.168.1.34 #本机IP

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.1.200 #VIP，对外提供服务的虚拟IP

}

}

scp

/usr/local/src/

*.

tar

.gz root@192.168.1.27:

/usr/local/src/

scp

/usr/local/nginx/conf/nginx

.conf root@192.168.1.27:

/usr/local/nginx/conf/

scp

/etc/keepalived/keepalived

.conf root@192.168.1.27:

/etc/keepalived/

#!/bin/bash

PATH=

/sbin

:

/bin

:

/usr/sbin

:

/usr/bin

;

export

PATH

# 1. 清除规则

iptables -F

iptables -X

iptables -Z

# 2. 设定政策

iptables -P INPUT DROP

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT

# 3~5. 制订各项规则

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth0 -s 192.168.1.0

/24

-j ACCEPT

# 6. 写入防火墙规则配置文件

/etc/init

.d

/iptables

save

<

html

>

<

head

>

<

title

>Welcome to nginx!</

title

>

</

head

>

<

body

bgcolor

=

"white"

text

=

"red"

>

<

center

><

h1

>Welcome to nginx 192.168.1.34!</

h1

></

center

>

</

body

>

</

html

>

/usr/local/nginx/sbin/nginx

/etc/init

.d

/keepalived

start