• Linux Web集群架构详细(亲测可用!!!)


    注意:WEB服务器和数据库需要分离,同时WEB服务器也需要编译安装MySQL。

    做集群架构的重要思想就是找到主干,从主干区域向外延展。

    WEB服务器: apache nginx  本地做三个产品 dedecms workprocess discuz 将用户存放图片,附件的目录挂载到nfs服务器的共享目录上

    NFS服务器 本地做三个共享目录,实现将用户上传的图片及附件分别存放到对应的目录上,

    使用sersync与备份服务器实现实时同步,批量分发密钥及脚本,hosts文件(实际生产环境下,在同一局域网下,hosts文件通常保持一致),

    MySQL服务器:用于用户存放数据的服务器,

    Backup服务器:用于备份的服务器,防止其他服务器宕机、感染病毒、等等数据丢失。同时要将每天备份的内容通过邮件发送给管理员,确保数据备份成功。

    我的主干思想就是先配置LAMP和LNMP服务器,之后向外延展配置nfs服务器及MySQL服务器,然后将所有需要备份的数据打包好,配置backu备份服务器,最后做nginx负载均衡服务器,如果有精力又有能力的情况下,继续延伸一个nginx的高可用(提示ngixn高可用服务使用的是VRRP技术)

    1.LAMP(192.168.190.20)

    (1)tar xvf /apache-2.2.27
    
    cd apache-2.2.27
    
    编译安装
    
    ./configure 
    
    --prefix=/application/appache2.2.27    安装目录
    
    --enable-deflate    压缩安装
    
    --enable-expires     过期  缓存时间
    
    --enable-headers    
    
    --enable-modules=most     模块激活
    
    --enable-so      
    
    --with-mpm=worker    apache的两种模式:worker,prefork
    
    --enable-rewrite && make &&make install
    
    (注意编译环境下换行后边不能存在空格,上述编译添加了注释,如果粘贴请自行删除,手打忽略)
    
     
    
    ln -s /application/apache-2.2.27 /application/apache
    
    echo “<html>
    
    <head><title> a ,s blog. </title><head>
    
    <body>
    
            Hi,i'm a ,My blog address is
    
    <a href="" targe=_parent > </a>
    
    </ body>
    
    </html>” > /application/apache/htdos/index.html
    
    /application/apache/bin/apachectl graceful

    浏览器输入192.168.190.20 会出现

    Hi,i'm a ,My blog address is 等字样说明apache服务安装成功

    (2)安装数据库msyql

    解压编译安装    ,编译过程略长,安装结束后进行检查做软链接

    创建MySQL虚拟用户和用户组

    groupadd mysql
    
      cat /etc/group
    
      useradd -g mysql -M -s /sbin/nologin mysql
    
    id mysql
    
    编译安装MySQL
    
    ./configure 
    
    --prefix=/application/mysql5.1.72 
    
    --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock 
    
    --localstatedir=/application/mysql5.1.72/data 
    
    --enable-assembler 
    
    --enable-thread-safe-client 
    
    --with-mysqld-user=mysql 
    
    --with-big-tables 
    
    --without-debug 
    
    --with-pthread 
    
    --enable-assembler 
    
    --with-extra-charsets=complex 
    
    --with-readline 
    
    --with-ssl 
    
    --with-embedded-server 
    
    --enable-local-infile 
    
    --with-plugins=partition,innobase 
    
    --with-mysqld-ldflags=-all-static 
    
    --with-client-ldflags=-all-static
    
    #--with-plugin-PLUGIN 
    
    make && make install

    echo $?  检查编译是否成功

    ln -s /application/mysql5.1.72/ /application/mysql    创建软链接

    复制配置mysql的配置文件

    cd  mysql-5.1.72/support-files/
    
    ls
    
    cp -p my-small.cnf /etc/my.cnf
    
    chown -R mysql.mysql /application/mysql    授权MySQL用户管理权限
    
    初始化mysql
    
    /application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql           ##两个OK即为初始化成功
    
    /application/mysql/bin/mysqld_safe &    启动mysql
    
    netstat -lntup|grep mysqld       ##查看MySQL服务是否启动成功
    
    mysqladmin -u root password '123456'        ##设置MySQL用户密码

    (3)安装完apache和mysql之后再安装PHP(注意php配合apache是以模块的方式存在)

    yum install -y openssl-devel
    
    tar -xvf  php-5.3.27.tar.gz
    
    cd php-5.3.27.tar.gz
    
    ./configure 
    
    --prefix=/application/php5.3.27      //注意php的安装目录
    
    --with-apxs2=/application/apache/bin/apxs         //注意apache的安装目录
    
    --with-mysql=/application/mysql 
    
    --with-xmlrpc 
    
    --with-openssl 
    
    --with-zlib 
    
    --with-freetype-dir 
    
    --with-gd 
    
    --with-jpeg-dir 
    
    --with-png-dir 
    
    --with-iconv=/usr/local/libiconv 
    
    --enable-short-tags 
    
    --enable-sockets 
    
    --enable-zend-multibyte 
    
    --enable-soap 
    
    --enable-mbstring 
    
    --enable-static 
    
    --enable-gd-native-ttf 
    
    --with-curl 
    
    --with-xsl 
    
    --enable-ftp 
    
    --with-libxml-dir && make && make install
    ln -s /application/php5.3.27/ /application/php  ##做软链接去版本号
    
    cp /application/apache/conf/httpd.conf /application/apache/conf/httpd.conf.bak.1
    
    vim /application/apache/conf/httpd.conf       #修改主配置文件
    
    cd /application/apache/conf
    
    diff  httpd.conf httpd.conf.bak.1
    
    67,68c67,68
    
    < User www
    
    < Group www
    
    ---
    
    > User daemon
    
    > Group daemon
    
    149c149
    
    <     DirectoryIndex  index.php index.html
    
    ---
    
    >     DirectoryIndex  index.html
    
    292,294c292
    
    <     AddType application/x-httpd-php .php .phtml
    
    <     AddType application/x-httpd-php-source .phps
    
    ---
    
    > 
    
    401c401
    
    < Include conf/extra/httpd-vhosts.conf
    
    ---
    
    ># Include conf/extra/httpd-vhosts.conf:
    
    423 <Directory "/data0/www">
    
    424     Options -Indexes FollowSymLinks
    
    425     AllowOverride None
    
    426     Order allow,deny
    
    427     Allow from all
    
    428 </Directory>

    创建对应的apache的虚拟用户www

    useradd www -s /sbin/nologin -M

    id www     

    cd /application/apache/conf/extra

    vim httpd-vhosts.conf

    NameVirtualHost *:80
    
    #
    
    # VirtualHost example:
    
    # Almost any Apache directive may go into a VirtualHost container.
    
    # The first VirtualHost section is used for all requests that do not
    
    # match a ServerName or ServerAlias in any <VirtualHost> block.
    
    #
    
    <VirtualHost *:80>
    
        ServerAdmin 1227566276@qq.com
    
        DocumentRoot "/data0/www/cms"
    
        ServerName cms.etiantian.org
    
        ServerAlias etiantian.org
    
        ErrorLog "logs/dummy-host.example.com-error_log"
    
        CustomLog "|/usr/local/sbin/cronolog /app/logs/access_cms_%Y%m%d.log" combined
    
    </VirtualHost>
    
    <VirtualHost *:800>
    
        ServerAdmin 1227566276@qq.com
    
        DocumentRoot "/data0/www/bbs"
    
        ServerName bbs.etiantian.org
    
        ErrorLog "logs/dummy-host.example.com-error_log"
    
        CustomLog "|/usr/local/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined
    
    </VirtualHost>
    
    <VirtualHost *:8000>
    
        ServerAdmin 1227566276@qq.com
    
        DocumentRoot "/data0/www/blog"
    
        ServerName blog.etiantian.org
    
        ErrorLog "logs/dummy-host.example.com-error_log"
    
        CustomLog "|/usr/local/sbin/cronolog /app/logs/access_blog_%Y%m%d.log" combined
    
    </VirtualHost>

    如果有错误则查看错误日志

    cd /application/appache/logs/

    建立站点目录

    mkdir /data0/{www,blog,bbs}

    for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done

    /application/apache/bin/apachectl -t        #检查配置文件的语法

    /application/apache/bin/apachectl graceful     #平滑重启apache

    本地做hosts解析  访问三个网站  ,查看基于域名的虚拟主机是否配置成功

    Dedecms,Discuz,workprocess三个产品解压之后自行安装(安装完MySQL数据库再进行安装)

    2.LNMP(192.168.190.10)

    (1)安装nginx服务

    编译nginx前  需安装

    1.pcre pcre-devel

    yum install -y pcre pcre-devel

    2.openssl

    yum install openssl openssl-devel -y

    编译安装nginx

    ./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
    
    make && make install
    
    ln -s /application/nginx1.6.2/ /application/nginx

    启动nginx

    /application/nginx/sbin/nginx

    lsof -I :80      #查看nginx服务是否启动成功

    (2)安装MySQL数据库

    编译安装MySQL

    ./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler 
    --enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline
    --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static make && make install

      

    echo $?

    数据库初始化:

    chown -R mysql.mysql /application/mysql    授权MySQL用户管理权限

    初始化mysql

    /application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql

    //初始化显示两个OK 即为初始化成功

    (3)安装PHP(PHP配合nginx是以守护进程的方式存在工作的)

    (安装php之前需要安装所需的包 yum install zlib libxml libjpeg freetype libpng gd  curl libiconv  zlib-devel libxml2-devel libjpeg-devel freetype-devel libpng-devel gd-devel curl-devel -y)

    tar zxf libiconv-1.14.tar.gz
    
    cd libiconv-1.14
    
    ./configure --prefix=/usr/local/libiconv      //然后进行编译安装
    
    make && make install

    安装相关依赖

    Libmcrypt  、 mhash   、mcrypt

    安装php(编译之前首先安装libxslt* ,否则会报错)  解压

    ./configure --prefix=/application/php5.3.27 --with-mysql=/application/mysql --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib 
    --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl
    --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-sockets --with-xmlrpc
    --enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=nginx --with-fpm-group=nginx --enable-ftp && make && make install

      

    上传修改好的启动文件php-frm.conf(软件包组里面有修改完整的) à上传到/application/php/etc

    创建日志文件

    mkdir /app/logs    //不创建的话检查语法的时候会报错

    /application/php/sbin/php-fpm -t   //检查语法

    /application/php/sbin/php-fpm    //启动php

    在rc.local里设置开机自启动

    Mysql php nginx

    ##优化配置文件

    cat /application/nginx/conf/
    
    cat nginx.conf
    
    worker_processes  1;
    
    events {
    
        worker_connections  1024;
    
    }
    
    http {
    
        include       mime.types;
    
        default_type  application/octet-stream;
    
        sendfile        on;
    
        keepalive_timeout  65;
    
            include extra/cms.conf;
    
            include extra/bbs.conf;
    
            include extra/blog.conf;
    
    }
    
    mdkir extra
    
    touch {bbs,blog,cms}.conf
    
    cat cms.conf
    
    server {
    
            listen       80;
    
            server_name  cms.etiantian.org;
    
                root   /data0/www/cms;
    
                index index.php index.html index.htm;
    
            location ~ .(php|php5)?$ {
    
            fastcgi_pass 127.0.0.1:9000;
    
            fastcgi_index index.php;
    
            include fastcgi.conf;
    
            }
    
    }
    
    cat bbs.conf
    
    server {
    
            listen       800;
    
            server_name  bbs.etiantian.org;
    
                root   /data0/www/bbs;
    
                index index.php index.html index.htm;
    
            location ~ .(php|php5)?$ {
    
            fastcgi_pass 127.0.0.1:9000;
    
            fastcgi_index index.php;
    
            include fastcgi.conf;
    
            }
    
    }
    
    cat blog,conf
    
    server {
    
            listen       8000;
    
            server_name  blog.etiantian.org;
    
                        root   /data0/www/blog;
    
                index  index.php index.html index.htm;
    
      location ~ .(php|php5)?$ {
    
            fastcgi_pass 127.0.0.1:9000;
    
            fastcgi_index index.php;
    
            include fastcgi.conf;      
    
     }
    
    }
    
    mkdir /data0/{www,blog,bbs}
    
    for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done

    Discuz,dedecms,workprocess三个产品自行安装放入站点目录 bbs,www,blog

    3.NFS服务器(192.168.190.30)

    (1)安装nfs和rpcbind(nfs服务是靠rpcbind转发端口的)

    yum install nfs-utils rpcbind -y

    echo “/etc/init.d/nfs restart” >/etc/rc.local     //设置nfs开机自启动使用chkconfig同样

    vim /etc/exports

    #shared storage for LAMP,LNMP
    
    /data0 192.168.190.10(rw,async) 192.168.190.20(rw.async)

    (2)批量分发

    ssh-copy-id -i   是可以实现小环境下的密钥分发但是如果上百台服务器,就需要开发脚本进行自动化分发密钥(附件里有开发好的脚本,仅供参考)

    密钥分发完毕,分发本地的hosts文件(实际生产环境下统一内网下,hosts本地解析一致是很有必要的)

    vim /etc/rsync.password

    123456

    chmod 600 /etc/rsync.password

    (3)sersync实现与备份备份服务器的实时同步

    安装sersync

    cd /tools

    uzip sersync2.5.4_64bit_binary_stable_final.tar

    mv sersync2 /usr/local/sersync

    cd /usr/local/sersync/conf

    echo ‘export PATH=$PATH:/usr/local/sersync/bin’ >>/etc/profile

    vim /usr/local/sersync/conf/www_confxml.xml (需要哪个目录rsync服务器同步就写哪个目录,这里以博客workprocess为例name代表rsync服务端的模块名称 ip就是目标IP地址)

    24 <localpath watch="/data0/www/blog/wp-content/uploads">
    
     25         <remote ip="192.168.190.50" name="nfs"/>
    
     26 </localpath>

    echo ‘sersync -r -d -o /usr/local/sersync/conf/www_confxml.xml’ >> /etc/rc.local

    至此sersync与备份服务器实时同步也完成了。

    4.安装MySQL服务器(192.168.190.40),创建你所做的产品的数据库,创建每个产品所使用的数据库用户,及授权用户。

    创建MySQL虚拟用户 useradd -g mysql -M -s /sbin/nologin mysql

    (1)编译安装MySQL数据库

    tar xvf mysql5.1.72.tar.gz

    cd mysql5.1.72

    ./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler
    --enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline
    --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static
    ln -s /application/mysql5.1.72/ /application/mysql

    /application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql   ##初始化数据库

    cd /tools/msyql5.1.71

    cp support-files/mysql.server /etc/init.d/mysqld

    /etc/init.d/mysqld start

    netstat -lntup |grep mysql        #查看MySQL3306端口是否开启

    mysqladmin -u root password '123456'      ## 设置数据库用户名和密码

    (2)进入数据库创建用户并进行授权,创建用户所用的数据库cms bbs blog

    mysql -uroot -p123456

    mysql> create database bbs;
    
    mysql> create database cms;
    
    mysql> create database blog;
    
    mysql> show databases;       ##查看数据库
    
    mysql> grant select,insert,update,delete,alter,create on cms.* to  cms@"192.168.190.%" identified by '123456';
    
    mysql> grant select,insert,update,delete,alter,create on bbs.* to  bbs@'192.168.190.%' identified by '123456';
    
    mysql> grant select,insert,update,delete,alter,create on blog.* to  blog@'192.168.190.%' identified by '123456';
    
    mysql> select user,host from mysql.user;       ##查看用户是否创建成功

    (3)MySQL数据库数据备份,利用周期性计划任务定时推送(简单的备份使用mysqldump,高层的备份服务使用replication或者drbd)

    [root@mysql scripts]# cat mysqldunmp.sh

    !#bin/bash
    
    cd /backup
    
    echo "You are in backup dir"
    
    File = /backup/
    
    mysqldump -uroot -p123456 --quick --databases bbs blog cms --flush-logs --single-transaction > /backup/mysql$(date +%F).bak
    
    rsync -az /backup/mysql* rsync_backup@192.168.190.50::mysql --password-file=/etc/rsync.password
    
    echo "Your database backup successfully completed"

    vim /etc/rsync.password

    123456

    chmod 600 /etc/rsync.password

    crontab -e

    #send mysqlbak
    
    00 00 * * * /bin/sh -x /server/script/mysqldump.sh

    5.backup服务器(192.168.190.40 rsync ,每天检查推送过来的备份内容,定时发送邮件告知系统管理员备份是否成功)

    useradd -s /sbin/nologin rsync            创建rsync 用户

    yum install -y rsync

    echo "/usr/bin/rsync --daemon" >> /etc/rc.local

     

    vim /etc/rsyncd.conf

    ##rsyncd.conf start##
    
    uid = rsync
    
    gid = rsync
    
    use chroot = no
    
    max connections = 200
    
    timeout = 300
    
    pid file = /var/run/rsyncd.pid
    
    lock file = /var/run/rsync.lock
    
    log file = /var/log/rsyncd.log
    
    ignore errors
    
    read only = false
    
    list = false
    
    hosts allow = 10.0.0.0/24
    
    hosts deny = 0.0.0.0/32
    
    auth users = rsync_backup
    
    secrets file = /etc/rsync.password
    
    [zhang]
    
    path = /zhang/
    
    [cms]
    
    path =/data0/www/cms/
    
    [bbs]
    
    path =/data0/www/bbs/
    
    [blog]
    
    path =/data0/www/blog/
    
    [backup]
    
    path =/backup/
    
    [nfs]
    
    path =/backup/nfs/
    
    [mysql]
    
    path =/mysql/

    所有的推送文件夹必须存在 ,否则rsync启动会报错

    chown -R rsync.rsync   /zhang/

    chown -R rsync.rsync  /data0/www/cms/

    chown -R rsync.rsync  /data0/www/bbs/

    chown -R rsync.rsync  /data0/www/blog/

    chown -R rsync.rsync  /backup/

    chown -R rsync.rsync  /backup/nfs/

    chown -R rsync.rsync  /mysql/

    vim /etc/rsync.password

    rsync_backup:123456

    chmod 600 /etc/rsync.password

    echo “/usr/bin/rsync --daemon” >> /etc/rc.local

    vim /server/script/check.sh

    ls /mysql >> /root/check.txt

    ls -l /backup/192.168.190.30/|awk '{print $9}' >> /root/check.txt

    egrep -v "^$| " /root/check.txt > /root/checkadd.txt

    最后推送checkadd.txt文本文档给系统管理员  管理员就可以看到都备份了什么文件

    mail -s "Hello from linuxde.net by file" 1227566276@qq.com < checkadd.txt

    6.主nginx负载均衡服务器(192.168.190.23)

    (1)安装配置nginx负载均衡器

    编译nginx前  需安装

    1.pcre pcre-devel

    yum install -y pcre pcre-devel

    2.openssl

    yum install openssl openssl-devel -y

    ##创建nginx的虚拟用户

    usedadd nginx -s /sbin/nologin -M

    编译安装nginx

    ./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
    
    make && make install
    
    ln -s /application/nginx1.6.2/ /application/nginx

    ##启动nginx

    /application/nginx/sbin/nginx

    vim /application/nginx/conf/nginx.conf

    worker_processes  1;
    
    events {
    
        worker_connections  1024;
    
    }
    
    http {
    
        include       mime.types;
    
        default_type  application/octet-stream;
    
        sendfile        on;
    
        keepalive_timeout  65;
    
     
    
    upstream backend {
    
            ip_hash;
    
            server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
    
    }
    
    upstream backendyy {
    
            server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
    
    }
    
    upstream backendblog {
    
            ip_hash;
    
            server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
    
    }
    
     
    
       server {
    
            listen       80;
    
            server_name  cms.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backend;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
    }
    
           server {
    
            listen       80;
    
            server_name  bbs.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backendyy;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
        }
    
     
    
       server {
    
            listen       80;
    
            server_name  blog.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backendblog;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
        }
    
    }

    平滑重启nginx :/application/nginx/bin/nginx -s reload

    (2)安装配置keepalived

    yum install -y keepalived

    netstat -lntup |grep keepalived

    vim /etc/keepalived/keepalived.conf

    global_defs {
    
     
    
       notification_email {
    
     
    
         acassen@firewall.loc
    
     
    
         failover@firewall.loc
    
     
    
         sysadmin@firewall.loc
    
     
    
       }
    
     
    
       notification_email_from Alexandre.Cassen@firewall.loc
    
     
    
       smtp_server 192.168.200.1
    
     
    
       smtp_connect_timeout 30
    
     
    
       router_id lb01
    
    }
    
    vrrp_instance VI_1 {
    
     
    
        state MASTER
    
     
    
        interface eth1
    
     
    
        virtual_router_id 55
    
     
    
        priority 150
    
     
    
        advert_int 1
    
     
    
        authentication {
    
     
    
            auth_type PASS
    
     
    
            auth_pass 123456
    
     
    
        }
    
     
    
        virtual_ipaddress {
    
            192.168.190.23/24 dev eth1 label eth1:1
    
        }
    
    }

    /etc/init.d/keepalived restart     ifconfig会发现生成了一个你想要的虚拟IP地址

    7.高可用的备份nginx负载均衡服务器(192.168.190.23)

    (1)安装配置nginx负载均衡器

    编译nginx前  需安装

    1.pcre pcre-devel

    yum install -y pcre pcre-devel

    2.openssl

    yum install openssl openssl-devel -y

    编译安装nginx

    ./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
    
    make && make install
    
    ln -s /application/nginx1.6.2/ /application/nginx

    ##创建nginx的虚拟用户

    usedadd nginx -s /sbin/nologin -M

    ##启动nginx

    /application/nginx/sbin/nginx

    vim /application/nginx/conf/nginx.conf

    worker_processes  1;
    
    events {
    
        worker_connections  1024;
    
    }
    
    http {
    
        include       mime.types;
    
        default_type  application/octet-stream;
    
        sendfile        on;
    
        keepalive_timeout  65;
    
     
    
    upstream backend {
    
            ip_hash;
    
            server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
    
    }
    
    upstream backendyy {
    
            server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
    
    }
    
    upstream backendblog {
    
            ip_hash;
    
            server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
    
            server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
    
    }
    
     
    
       server {
    
            listen       80;
    
            server_name  cms.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backend;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
    }
    
           server {
    
            listen       80;
    
            server_name  bbs.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backendyy;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
        }
    
     
    
       server {
    
            listen       80;
    
            server_name  blog.etiantian.org;
    
            index  index.html index.htm;
    
            location / {
    
            proxy_pass http://backendblog;
    
            }
    
            error_page   500 502 503 504  /50x.html;
    
            location = /50x.html {
    
                root   html;
    
            }
    
        }
    
    }

    平滑重启nginx :/application/nginx/bin/nginx -s reload

    (2)安装keepalived

    yum install -y keepalived

    vim /etc/keepalived/keepalived.conf

    global_defs {
    
     
    
       notification_email {
    
     
    
         acassen@firewall.loc
    
     
    
         failover@firewall.loc
    
     
    
         sysadmin@firewall.loc
    
     
    
       }
    
     
    
       notification_email_from Alexandre.Cassen@firewall.loc
    
     
    
       smtp_server 192.168.200.1
    
     
    
       smtp_connect_timeout 30
    
     
    
       router_id lb02
    
     
    
    }
    
     
    
     
    
     
    
    vrrp_instance VI_1 {
    
     
    
        state BACKUP
    
     
    
        interface eth2
    
     
    
        virtual_router_id 55
    
     
    
        priority 100       ##优先级  数值越高越优先
    
     
    
        advert_int 1
    
     
    
        authentication {
    
     
    
            auth_type PASS
    
     
    
            auth_pass 123456
    
     
    
        }
    
     
    
        virtual_ipaddress {
    
     
    
            192.168.190.23 dev eth2 label eth2:1
    
        }
    
    }

    /etc/init.d/keepalived restart    启动keepalived 把主nginx负载均衡服务器宕掉 ,会发现备keepalived节点服务器会生成一个虚拟IP

    本地做192.168.190.23的host解析

    Keepalived高可用故障切换转移原理

        Keepalived高可用服务对之间的故障切换转移,是通过VRRP来实现的。在keepalived服务工作时,主Master节点会不断地向备节点发送(多播的方式)心跳消息,用来告诉备Backup节点自己还活着。当主节点发生故障时,就无法发送心跳的消息了,备节点也因此无法继续检测到来自主节点的心跳了。于是就会调用自身的接管程序,接管主节点的IP资源和服务。当主节点恢复时,备节点又会释放主节点故障时自身接管的IP资源和服务,恢复到原来的备用角色

  • 相关阅读:
    设计模式学习笔记--迭代器模式
    设计模式学习笔记--组合模式
    设计模式学习笔记--备忘录模式
    Asp.Net Core IdentityServer4 中的基本概念
    Asp.Net Core 中间件应用实践中你不知道的那些事
    Asp.Net Core Filter 深入浅出的那些事-AOP
    ASP.NET CORE 内置的IOC解读及使用
    ASP.NET CORE 管道模型及中间件使用解读
    ASP.NET CORE 启动过程及源码解读
    Linux +Docker +Nginx 部署代理转发初探
  • 原文地址:https://www.cnblogs.com/zjaiccn/p/11414229.html
Copyright © 2020-2023  润新知