keepalive +nginx （主從）

jianxiaofeng發表於2018-03-08

環境：cenos7 keepalive1.3.8 nginx1.12.2

vip 172.18.203.101 master機器 nginx1:外網172.18.203.172 內網 172.18.1.172 slave機器 nginx2：外網172.18.203.173 內網 172.18.1.173

keepalive master 配置檔案

[root@keepalive ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived     #全域性定義
  
global_defs {
notification_email {
xiaofeng@sunspeedy.com
}
  
notification_email_from xiaofeng@sunspeedy.com
smtp_server  smtp.exmail.qq.com
smtp_connect_timeout 30
router_id master-node
}
  
vrrp_script chk_http_port {
    script "/opt/chk_nginx.sh"
    interval 2
    weight -5
    fall 2
    rise 1
}
  
vrrp_instance VI_1 {
    state MASTER
    interface ens192
    mcast_src_ip 172.18.203.172

unicast_peer {
172.18.203.173 ##（對端IP地址）此地址一定不能忘記,vrrp need use
}



    virtual_router_id 51
    priority 101
    advert_int 1
    authentication {
        auth_type PASS           #設定vrrp驗證型別，主要有PASS和AH兩種
        auth_pass 1111
    }
    virtual_ipaddress {          #VRRP HA 虛擬地址 如果有多個VIP，繼續換行填寫
        172.18.203.101
    }

    notify_master "/etc/keepalived/notify.sh master"  
    notify_backup "/etc/keepalived/notify.sh backup"  
    notify_fault "/etc/keepalived/notify.sh fault"

track_script {  
   chk_http_port
}
}

nginx配置

[root@keepalive ~]# cat /usr/local/nginx/conf/nginx.conf
user  nginx;
worker_processes  2;
 
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
 
#pid        logs/nginx.pid;
 
 
events {
    worker_connections  65535;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
    charset utf-8;
       
    ######
    ## set access log format
    ######
    log_format  main  `$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" `
                      `$status $body_bytes_sent "$http_referer" `
                      `"$http_user_agent" "$http_cookie" $host $request_time`;
 
    #######
    ## http setting
    #######
    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    on;
    keepalive_timeout  65;
    proxy_cache_path /var/www/cache levels=1:2 keys_zone=mycache:20m max_size=2048m inactive=60m;
    proxy_temp_path /var/www/cache/tmp;
 
    fastcgi_connect_timeout 3000;
    fastcgi_send_timeout 3000;
    fastcgi_read_timeout 3000;
    fastcgi_buffer_size 256k;
    fastcgi_buffers 8 256k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    fastcgi_intercept_errors on;
 
    #
    client_header_timeout 600s;
    client_body_timeout 600s;
   # client_max_body_size 50m;
    client_max_body_size 100m;               #允許客戶端請求的最大單個檔案位元組數
    client_body_buffer_size 256k;            #緩衝區代理緩衝請求的最大位元組數，可以理解為先儲存到本地再傳給使用者
 
    gzip  on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 9;
    gzip_types       text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
    gzip_vary on;
 
    ## includes vhosts
    include vhosts/*.conf;
}

[root@keepalive ~]# cat /usr/local/nginx/conf/vhosts/ntt52101.conf
upstream LB-WWW {
      ip_hash;
      server 172.18.1.155:52101 max_fails=3 fail_timeout=30s;     #max_fails = 3 為允許失敗的次數，預設值為1
      server 172.18.1.156:52101 max_fails=3 fail_timeout=30s;     #fail_timeout = 30s 當max_fails次失敗後，暫停將請求分發到該後端伺服器的時間
    }
    
server {
      listen      52101;
######如果後端有多組web，需要將其域名解析到vip
      server_name 172.18.203.101;    
      access_log  /usr/local/nginx/logs/nttinterface_access.log main;
      error_log  /usr/local/nginx/logs/nttinterface_error.log;
    
      location / {
         proxy_pass http://LB-WWW;
         proxy_redirect off ;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header REMOTE-HOST $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_connect_timeout 300;             #跟後端伺服器連線超時時間，發起握手等候響應時間
         proxy_send_timeout 300;                #後端伺服器回傳時間，就是在規定時間內後端伺服器必須傳完所有資料
         proxy_read_timeout 600;                #連線成功後等待後端伺服器的響應時間，已經進入後端的排隊之中等候處理
         proxy_buffer_size 256k;                #代理請求緩衝區,會儲存使用者的頭資訊以供nginx進行處理
         proxy_buffers 4 256k;                  #同上，告訴nginx儲存單個用幾個buffer最大用多少空間
         proxy_busy_buffers_size 256k;          #如果系統很忙時候可以申請最大的proxy_buffers
         proxy_temp_file_write_size 256k;       #proxy快取臨時檔案的大小
         proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
         proxy_max_temp_file_size 128m;
         proxy_cache mycache;                                
         proxy_cache_valid 200 302 60m;                      
         proxy_cache_valid 404 1m;
       }    
}

slave端

[root@keepalive src]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived    
  
global_defs {
notification_email {                
xiaofeng@sunspeedy.com
}
  
notification_email_from xiaofeng@sunspeedy.com  
smtp_server smtp.exmail.qq.com                    
smtp_connect_timeout 30                 
router_id slave-node                    
}
  
vrrp_script chk_http_port {         
    script "/opt/chk_nginx.sh"   
    interval 2                      
    weight -5                       
    fall 2                   
    rise 1                  
}
  
vrrp_instance VI_1 {            
    state BACKUP           
    interface ens192            
    mcast_src_ip 172.18.203.173

unicast_peer {
172.18.203.172 ##（對端IP地址）此地址一定不能忘記,vrrp need use
}


    virtual_router_id 51        
    priority 99               
    advert_int 1               
    authentication {            
        auth_type PASS         
        auth_pass 1111          
    }
    virtual_ipaddress {        
        172.18.203.101
    }

    notify_master "/etc/keepalived/notify.sh master"  
    notify_backup "/etc/keepalived/notify.sh backup"  
    notify_fault "/etc/keepalived/notify.sh fault"

track_script {                     
   chk_http_port                 
}
 
}

ngixn檢查

[root@keepalive src]# cat /opt/
chk_nginx.sh  frp/          
[root@keepalive src]# cat /opt/chk_nginx.sh 
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
    /usr/local/nginx/sbin/nginx
    sleep 2
    counter=$(ps -C nginx --no-heading|wc -l)
    if [ "${counter}" = "0" ]; then
        /etc/init.d/keepalived stop
    fi
fi

傳送郵件

[root@keepalive src]# cat /etc/keepalived/notify.sh 

#!/bin/bash
# Author: MageEdu <linuxedu@foxmail.com>
# description: An example of notify script
# 

vip=172.18.203.101
contact=`xiaofeng@sunspeedy.com`

notify() {
    mailsubject="`hostname` to be $1: $vip floating"
    mailbody="`date `+%F %H:%M:%S``: vrrp transition, `hostname` changed to be $1"
    echo $mailbody | mail -s "$mailsubject" $contact
}

防火牆配置

 1008  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 1009   iptables -A INPUT -p icmp -j ACCEPT
 1010  iptables -A INPUT -i lo -j ACCEPT
 1011   iptables -A INPUT -s 172.18.203.0/24 -d 224.0.0.18 -j ACCEPT
 1012  iptables -A INPUT -s 172.18.1.0/24 -d 224.0.0.18 -j ACCEPT
 1013  iptables -A INPUT -s 172.18.203.0/24 -p vrrp -j ACCEPT
 1014  iptables -A INPUT -s 172.18.1.0/24 -p vrrp -j ACCEPT
 1015  iptables -A INPUT -p tcp  -m multiport --dport 80,22,52101,8123 -j ACCEPT
 1016  iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
 1017  iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 1018  iptables-save
 1019  history

防火牆配置

  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 1084  iptables -A INPUT -p icmp -j ACCEPT
 1085  iptables -A INPUT -i lo -j ACCEPT
 1086  iptables -A INPUT -d 172.18.203.101 -j ACCEPT
 1087  iptables -A INPUT -s 172.18.203.0/24 -d 224.0.0.18 -j ACCEPT
 1088  iptables -A INPUT -s 172.18.1.0/24 -d 224.0.0.18 -j ACCEPT
 1089  iptables -A INPUT -s 172.18.203.0/24 -p vrrp -j ACCEPT
 1090  iptables -A INPUT -s 172.18.1.0/24 -p vrrp -j ACCEPT
 1091  iptables -A INPUT -p tcp  -m multiport --dport 80,22,52101,8123 -j ACCEPT
 1092  iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
 1093  iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 1094  iptables -L -n
 1095  iptables-save

MYSQL5.6主從+keepalive高可用自動切換
2019-11-13
MySql
nginx keepalived 主從切換
2016-05-31
Nginx
【nginx】用Redware、Nginx、Keepalive實現的負載均衡
2017-12-12
Nginx負載
nginx優化——包括https、keepalive等
2017-05-10
Nginx優化HTTP
nginx主主叢集
2016-04-07
Nginx
Nginx+keepalived 雙機熱備（主從模式）
2016-12-06
Nginx模式
POSTGRESQL10.3原始碼安裝主從搭建 pgpoolii + keepalive 高可用(未成功，實驗中)
2018-06-01
SQL原始碼
MySQL主從同步（一主一從、一主多從、主從從）等結構的概述與配置
2018-11-13
MySql主從同步
MySQL 主從配置-之-一主一從
2024-04-08
MySql
Nginx虛擬主機配置
2019-12-20
Nginx
Nginx主程式使用介紹
2017-01-13
Nginx
KeepAlive詳解
2017-04-20
mysql主從複製(一):一主多從
2018-03-25
MySql
MySQL主從
2007-10-08
MySql
Mysql實現主從複製（一主雙從）
2018-07-17
MySql
MYSQL資料庫主從同步(一主一從)
2013-03-21
MySql資料庫主從同步
Nginx虛擬主機VirtualHost配置
2016-03-28
Nginx
nginx虛擬主機實戰
2024-03-17
Nginx
nginx-upstream-keepalive;accept_mutex-proxy_http_version-1.1-proxy_set_header-connection
2014-12-24
NginxMutexHTTPHeader
【mysql】mysql的資料庫主從(一主一從)
2020-07-11
MySql資料庫
MySQL-主從複製之同步主從資料
2018-10-14
MySql
mysql主從中，從和主資料相差較多
2015-08-28
MySql
MySQL主從複製與主主複製
2017-03-01
MySql
Keepalived+nginx+redis主從+tomcat一機多例項實現會話共享
2015-10-22
NginxRedisTomcat會話
RocketMQ主從同步
2019-03-27
MQ主從同步
Redis主從配置
2019-04-12
Redis
Redis主從同步
2022-04-23
Redis主從同步
Mongodb主從配置
2021-09-09
MongoDB
mysql主從配置
2020-12-13
MySql
Redis主從搭建
2023-01-28
Redis
mysql 主從配置
2016-08-30
MySql
Redis 主從配置
2014-10-04
Redis
mysql配置主從
2015-06-16
MySql
mysql主從搭建
2024-07-12
MySql
主從複製
2024-06-30
mysql主從同步
2024-06-30
MySql主從同步
MySQL叢集之主從複製主主複製一主多從多主一叢實現方式
2020-07-29
MySql
007.Nginx虛擬主機
2020-07-11
Nginx

keepalive +nginx （主從）

相關文章