一、安裝nginx
我們這邊默認安裝的nginx的是1.12.2的版本,所以我們需要安裝1.16.1版本的nginx的,才好,所以我們這邊先更新yum源,步驟如下:
1、添加yum源:
[root@shtw-nk08 sbin]# cd /etc/yum.repos.d/ [root@shtw-nk08 sbin]# vim nginx.repo [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key
2、yum安裝nginx
[root@shtw-nk08 nginx]#yum install nginx
3、查看nginx的版本
[root@shtw-nk08 yum.repos.d]# nginx -v nginx version: nginx/1.16.1
4、nginx.conf的配置
user nginx;
worker_processes 8;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 40960;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
#限制包上傳大小
client_header_timeout 120s; #調大點
client_body_timeout 120s; #調大點
client_max_body_size 100m; #主要是這個參數,限制了上傳文件大大小
client_body_buffer_size 256k;
#gzip壓縮
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
gzip_vary on;
#proxy_buffering off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
#include /etc/nginx/conf.d/*.conf;
include server/*.conf;
}
5、imgs.conf靜態文檔訪問配置
server {
listen 8083;
location / {
#autoindex on; #autoindex => on 允許訪問,off不允許訪問
autoindex off;
root /data/;
}
location ^/imgs/~*\.(log|txt|png)$ {
add_header Content-Type text/plain;
root /data/;
}
}
6、正常服務conf
server {
listen 80;
listen 443 ssl;
server_name download.twrsp.com;
#charset koi8-r;
#access_log logs/host.access.log main;
#ssl on; #ssl on只允許443端口,注釋之后,80和443端口都允許
ssl_certificate /etc/nginx/ssl_download_certificate/3468751_download.twrsp.com.pem;
ssl_certificate_key /etc/nginx/ssl_download_certificate/3468751_download.twrsp.com.key;
location / {
proxy_read_timeout 1200;
proxy_send_timeout 1200;
proxy_connect_timeout 1200;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://download.twrsp.com/;
}
}
upstream download.twrsp.com {
#SHTW-RspApp01
server 10.55.201.20:8082 weight=50;
}
7、重啟、關閉、測試nginx
[root@shtw-nk08 nginx]# nginx -s reload #重啟nginx [root@shtw-nk08 nginx]# nginx -s stop #停止nginx [root@shtw-nk08 nginx]# nginx -t #測試 nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
8、如果nginx -s reload報錯了,則執行下面腳本:
[root@shtw-nk08 nginx]# nginx -c /etc/nginx/nginx.conf
二、安裝keepalived
1、IP的准備
| 主(nginx) | 10.55.202.213 |
| 從(nginx) | 10.55.202.214 |
| 虛擬ip(主) | 10.55.202.107 |
| 虛擬ip(從) | 10.55.202.108 |
2、安裝keepalived
說明:主備都需要安裝:
[root@shtw-nk08 keepalived]# yum install keepalived
3、配置文件修改
主nginx的keepalived修改:
[root@shtw-nk08 keepalived]# cd /etc/keepalived/
[root@shtw-nk08 keepalived]# mv keepalived.conf keepalived.conf.bak
[root@shtw-nk08 keepalived]# vim keepalived.conf
! Configuration File for keepalived
group {
VI_1
}
vrrp_script chk_http_port {
script "/usr/local/sbin/check_ng.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER #表示主的nginx
interface eth0
virtual_router_id 51
priority 100
advert_int 1
mcast_src_ip 10.55.202.213 #主nginx的ip地址
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
10.55.202.107 #主的虛擬ip
}
}
#單台虛擬ip可以不用
vrrp_instance VI_2 {
state BACKUP #備份的意思
interface eth0
virtual_router_id 61
priority 99
advert_int 1
mcast_src_ip 10.55.202.213 #還是主的ip地址
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
10.55.202.108 #備份的虛擬ip地址
}
}
從的nginx的keepalived的配置:
[root@shtw-nk08 keepalived]# cd /etc/keepalived/
[root@shtw-nk08 keepalived]# mv keepalived.conf keepalived.conf.bak
[root@shtw-nk08 keepalived]# vim keepalived.conf
! Configuration File for keepalived
group {
VI_1
}
vrrp_script chk_http_port {
script "/usr/local/sbin/check_ng.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP #表示從的nginx
interface eth0
virtual_router_id 51
priority 99
advert_int 1
mcast_src_ip 10.55.202.214 #從的ip地址
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
10.55.202.107
}
}
#單台虛擬ip可以不用
vrrp_instance VI_2 {
state MASTER #表示從的
interface eth0
virtual_router_id 61
priority 100
advert_int 1
mcast_src_ip 10.55.202.214 #從的ip地址
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
10.55.202.108 #從的虛擬ip地址
}
}
4、配置keepalived雙活腳本
說明:這個腳本主從兩台機器都需要配置,配置好之后,保存(wq)並退出
[root@shtw-nk05 sbin]# cd /usr/local/sbin
[root@shtw-nk05 sbin]# vim check_ng.sh
#!/bin/bash
#時間變量,用於記錄日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#計算nginx進程數量
n=`ps -C nginx --no-heading|wc -l`
#如果進程為0,則啟動nginx,並且再次檢測nginx進程數量,
#如果還為0,說明nginx無法啟動,此時需要關閉keepalived
if [ $n -eq "0" ]; then
/etc/init.d/nginx start
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
[root@shtw-nk05 sbin]# chmod 755 check_ng.sh #賦權限
5、啟動keepalived
[root@shtw-nk08 keepalived]# systemctl start keepalived #啟動keepalived [root@shtw-nk08 keepalived]# systemctl status keepalived #查看keepalived狀態
如圖:
6、啟動驗證
nginx和keepalived全部啟動之后,在瀏覽器中測試一下:
1、先輸入 10.55.202.213 => 訪問成功
2、輸入 10.55.202.214 => 訪問成功
3、輸入 10.55.202.107 和 10.55.202.108 =>訪問成功
4、關停 10.55.202.213 之后測試 => 訪問失敗 ,輸入10.55.202.107 => 訪問成功