一、拓扑
二、keepalived配置
2.1 主配置
! Configuration File for keepalived
global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_V1
}
vrrp_script chk_nginx {
script "/usr/local/keepalived/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wenlf@780419
}
track_script {
chk_nginx
}
virtual_ipaddress {
172.16.10.65 dev ens33
}
notify_master "/usr/local/keepalived/clean_arp.sh 172.16.10.65"
}
2.2 备配置
! Configuration File for keepalived
global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_V1
}
vrrp_script chk_nginx {
script "/usr/local/keepalived/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass wenlf@780419
}
track_script {
chk_nginx
}
virtual_ipaddress {
172.16.10.65 dev ens33
}
notify_master "/usr/local/keepalived/clean_arp.sh 172.16.10.65"
2.3 监控脚本
----------------------------------------clean_arp.sh------------------------------------
#!/bin/sh
VIP=$1
GATEWAY=172.16.10.254
/sbin/arping -I ens33 -c 5 -s $VIP $GATEWAY &>/dev/null
-----------------------------------------check_nginx.sh--------------------------------
#!/bin/sh
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/nginx start
fi
sleep 2
if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then
/etc/rc.d/init.d/keepalived stop
fi
三、nginx配置
3.1 nginx.conf
user www www;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
worker_connections 1024;
use epoll;
}
http {
include LoadBalance/*.conf;
include mime.types;
default_type application/octet-stream;
#默认编码
#charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 64k;
client_max_body_size 8m;
sendfile on;
autoindex on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 120;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#gzip模块设置
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#include LoadBalance/*.conf;
include vhost/*.conf;
}
3.2 虚拟机
server
{
listen 80;
server_name 172.16.10.65;
#index index.html index.htm index.php;
location / {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_pass http://LoadBalance;
#proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /NginxStatus {
stub_status on;
access_log on;
auth_basic "NginxStatus";
#auth_basic_user_file pwd;
}
}
3.3 负载均衡配置
upstream LoadBalance{
server 192.168.10.70:80 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.10.71:80 weight=1 max_fails=2 fail_timeout=30s;
ip_hash;
}
四、验证
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。