Linux服务器部署(keepalived+nginx)

最新推荐文章于 2024-03-07 18:53:10 发布
最新推荐文章于 2024-03-07 18:53:10 发布
阅读量302 收藏
点赞数
分类专栏: 安装
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/dreamer_8399/article/details/80392313
版权

1.1. 增加网关,可访问外网,下载资源

route add default gw 网关(*.*.*.255)

1.2. 下载上传下载工具

yum -y install lrzsz

1.3. 安装编译工具及库文件

1.3.1. 使用:

① yum -y install gcc automake autoconf libtool make

② yum install gcc gcc-c++

zlib 

③ cd /usr/local/src 

④ wget http://zlib.net/zlib-1.2.11.tar.gz

⑤ tar zlib-1.2.11.tar.gz

⑥ tar xvf zlib-1.2.11.tar.gz

⑦ cd zlib-1.2.11

⑧ ./configure

⑨ make

⑩ make install

Openssl

⑪ cd /usr/local/src

⑫ wget https://www.openssl.org/source/openssl-1.0.1t.tar.gz

⑬ tar xvf openssl-1.0.1t.tar.gz

1.3.2. 未使用:

yum -y install make zlib zlib-devel gcc-c++ libtool  openssl openssl-devel

1.4. 安装 PCRE

① cd /usr/local/src

② wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.39.tar.gz

③ tar xvf pcre-8.39.tar.gz

④ cd pcre-8.39

⑤ ./configure

⑥ make

⑦ make install

1.5. 安装Nginx

① cd /usr/local/src

② wget http://nginx.org/download/nginx-1.1.10.tar.gz

③ tar xvf nginx-1.1.10.tar.gz

④ cd nginx-1.1.10

⑤ ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/src/pcre-8.39

⑥ make

⑦ make install

⑧ cd ..

⑨ ls

⑩ cd nginx/conf

⑪ ls

⑫ nginx

⑬ /usr/local/nginx/sbin/nginx

1.6. 安装Keepalived

① cd /usr/local/src

② wget http://www.keepalived.org/software/keepalived-1.2.24.tar.gz

③ tar xvf keepalived-1.2.24.tar.gz

④ cd keepalived-1.2.24

⑤ cd ..

⑥ mkdir keepalived

⑦ cd src/keepalived-1.2.24

⑧ ls

⑨ ./configure --prefix=/usr/local/keepalived

⑩ make && make install

1.7.   Keepalived设置为server并开机启动

① cd /etc

② ls

③ mkdir keepalived

④ cp /usr/local/keepalived/etc/keepalived.conf /etc/keepalived/keepalived.conf

⑤ cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf

⑥ cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/keepalived

⑦ cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived

⑧ cp /usr/local/keepalived/sbin/keepalived /usr/sbin

⑨ chkconfig keepalived on

⑩ chmod a+x /etc/init.d/keepalived

⑪ service keepalived start

1.8. Keepalived 配置

① cd /etc/keepalived/

② ls

③ vi keepalived.conf

主:

/bin/bash: Configuration: command not found

bal_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

   vrrp_skip_check_adv_addr

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

 

vrrp_instance VI_1 {

    state MASTER//设置为主

    interface eth0

    virtual_router_id 51

    priority 101//设置权重

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        *.*.*.83//虚拟IP

    }

}

备:

! Configuration File for keepalived

 

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

   vrrp_skip_check_adv_addr

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

 

vrrp_instance VI_1 {

    state BACKUP//设置为备

    interface eth0

    virtual_router_id 51

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        *.*.*.83//虚拟IP

    }

}

1.9. Nginx设置为server并开机启动

① vim /etc/init.d/nginx

nginx设置为"/usr/local/nginx/sbin/nginx"

NGINX_CONF_FILE设置为"/usr/local/nginx/conf/nginx.conf"

② chkconfig nginx on

③ chmod a+x /etc/init.d/nginx

④ chkconfig --add /etc/init.d/nginx

⑤ service nginx stop

⑥ service nginx start

⑦ chkconfig nginx on

1.10. Nginx配置

user  nobody;

worker_processes  1;

 

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

 

#pid        logs/nginx.pid;

 

 

events {

    worker_connections  1024;

}

 

 

http {

    include       mime.types;

    default_type  application/octet-stream;

 

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

    #                  '$status $body_bytes_sent "$http_referer" '

    #                  '"$http_user_agent" "$http_x_forwarded_for"';

 

    #access_log  logs/access.log  main;

 

    sendfile        on;

    #tcp_nopush     on;

 

    #keepalive_timeout  0;

    keepalive_timeout  65;

 

    #gzip  on;

        upstream app{

                ip_hash;

              server 127.0.0.1:8080;

              server *.*.*.16:8080;

        }

         upstream wechat{

                ip_hash;

              server 127.0.0.1:18080;

              server  *.*.*.16:18080;

        }

upstream web{

                ip_hash;

              server 127.0.0.1:28080;

              server  *.*.*.16:28080;

        }

server {

        listen   9090 ;

        server_name   app 二级域名;

       location /

                {

                        proxy_pass http://app;

                }

 

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

 

  }

server {

        listen       19090;

        server_name   wechat 二级域名;

        location /

                {

                        proxy_pass http://wechat;

                }

 

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

 

}

server {

        listen       29090;

        server_name   web 域名;

        location /

                {

                        proxy_pass http://web;

                }

 

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

 

}

#配置SSL证书

server {

        listen       443;

ssl on;

        server_name  app 二级域名  *.*.*.83;

        ssl_certificate      server.crt;

        ssl_certificate_key   server.key;

        ssl_session_timeout  5m;

        ssl_protocols TLSv1;

        ssl_prefer_server_ciphers   on;

        ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";

        location / {

#传送代理请求头

          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                  proxy_set_header Host $http_host;

                  proxy_set_header X-Real-IP $remote_addr;

                   proxy_connect_timeout 240;

                   proxy_send_timeout 240;

                   proxy_read_timeout 240;

            proxy_pass http://app;

        }

    }

server {

        listen       443;

        ssl on;

        server_name  web 域名;

        ssl_certificate      server.crt;

        ssl_certificate_key   server.key;

        ssl_session_timeout  5m;

        ssl_protocols TLSv1;

        ssl_prefer_server_ciphers   on;

        ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";

        location / {

 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                  proxy_set_header Host $http_host;

                  proxy_set_header X-Real-IP $remote_addr;

                   proxy_connect_timeout 240;

                   proxy_send_timeout 240;

                   proxy_read_timeout 240;

            proxy_pass http://web;

        }

}

#http请求转为https

server {

                listen 80;

                server_name 域名;

                return 301 https://www.ifsage.com$request_uri; #?<D6><C6><CC><F8>?443<B6>?<DA>

        }

server {

        listen       80;

ssl on;        

server_name  二级域名;

        ssl_certificate      server.crt;

        ssl_certificate_key   server.key;

        ssl_session_timeout  5m;

        ssl_protocols TLSv1;

        ssl_prefer_server_ciphers   on;

        ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";

        location / {

#传送代理请求头

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                  proxy_set_header Host $http_host;

                  proxy_set_header X-Real-IP $remote_addr;

                   proxy_connect_timeout 240;

                   proxy_send_timeout 240;

                   proxy_read_timeout 240;

 

            proxy_pass http://wechat;

        }

    }

 

}

 

 

dreamer_8399
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Linux下配置 Keepalived(心跳检测部署)_keepalived interval 2
2401_83739472的博客
04-26 835
另一方面,如果脚本检测到故障产生,并停止掉了keepalived服务,那么当故障恢复后,keepalived是无法自动恢复的。这时就需要设置仲裁,即每个节点必须判断自身的状态(应用服务状态及自身网络状态),要实现这两点可使用自定义shell脚本实现,通过周期性地检查自身应用服务状态,并不断ping网关(或其它可靠的参考IP)均可。上述主从配置方式存在脑裂的可能,即两个节点实际都处于正常工作状态,但是无法接收到彼此的组播通知,这时两个节点均强行绑定虚拟IP,导致不可预料的后果。
Linux 搭建nginx+nginx rtmp 方式推流服务器
yayayu_的博客
12-01 2030
Linux 搭建nginx+nginx rtmp 方式推流服务器 一、准备工作 虚拟机系统:CentOS 7 【本人所用是腾讯服务器】 所需软件包:nginx-1.18.0.tar.gz 、nginx-rtmp-module 远程连接工具:xshell 、xftp 推流工具:OBS 拉流工具:VLC 二、开始搭建 我采用的是将nginx的安装包下载到本地后,通过xftp工具放置到Linux下的安装目录,也可通过yum的方式 1、官网下载nginx安装包:nginx-1.18.0.tar.gz [http
Linux系统部署从无到有---keepalived的安装以及部署
m0_70913815的博客
04-06 2198
使用监控服务器中的数据库或者redis,是否挂掉,如果挂掉了虚拟IP漂移另一个服务器上面,该文章是监控MySQL是否挂掉
Linux安装Keepalived
summer_fish的专栏
11-09 1602
【代码】Linux安装Keepalived
Linux系统——Keepalive群集部署及认识
最新发布
一坨小橙子的博客
03-07 1727
Keepalive的认识、Keepalive工具的介绍、VRRP原理、安装KeepalivedKeepalived配置详解、搭建Keepalive实验(主从切换、抢占、非抢占、延迟抢占、单播组播、通知脚本、日志功能)脑裂的认识、如何解决脑裂(使用VRRP Script模块)
keepalived配置VIP(虚拟IP)
热门推荐
IChen.的博客
08-28 1万+
首先为了测试机器,准备两台服务器: host1 172.28.23.73 host2 172.28.23.96 虚拟ip 172.28.23.100 第一步:在线安装keepalived中间件 sudo yum install -y keepalived 有时候需要先卸载再安装 sudo yum -y remove keepalived 第二步:配置 keepalived (1)host1 上 keepalived 配置 $ vim /etc/keepalived/keepalived.conf
Linux虚拟机 配置keepalived+nginx 实现双机热备(离线安装+简单配置+测试)新增 (LVS 负载均衡 ipvsadm+keepalived)
my_batis的博客
03-11 8595
准备两台linux服务器 例:主:192.168.1.17 备:192.168.1.18 虚拟ip:192.168.1.101 安装配置 nginx 的略过不提,有需要请查阅 nginx 相关文档 1.准备 keepalived的安装环境 安装keepalived 1.1、安装popt 上传keepalived-1.1.20.tar.gz、daemon-0.6.4.tar.gz和 popt_1.18.orig.tar.gz 解压压缩文件 # tar -zxvf popt_1.18.orig.tar.g
nginx linux 部署
lanse_huanxiang的专栏
01-20 292
1. 安装 1.1 源码安装 [root@localhost opt]# mkdir nginx [root@localhost opt]# cd nginx/ [root@localhost nginx]# wget http://nginx.org/download/nginx-1.18.0.tar.gz [root@localhost nginx]# tar xvf nginx-1.18.0.tar.gz [root@localhost nginx]# cd nginx-1.18.0/ [r..
线上一键部署keepalived+nginx
06-29
首先,Keepalived是一个基于VRRP(虚拟路由冗余协议)的网络服务,用于实现Linux服务器间的高可用性。它监控系统服务状态,并在主服务器出现故障时自动将流量切换到备用服务器,避免单点故障。在描述中提到选择的...
keepalived +nginx 终于搞定了
04-30
首先,我们需要在两台服务器上分别安装`keepalived`和`nginx`。然后,在`keepalived`的配置文件中定义虚拟IP和健康检查规则。例如,可以设置定期向`nginx`的某个端口发送请求,如果连续几次没有响应,则认为`nginx`...
linux基于keepalived的mysql双机热备实现方案(详细过程完整版)
03-27
linux下基于keepalived的mysql双机热备实现方案,本文档用于实现mysql数据库双机热备灾备方案,在系统部署过程中还需仔细认真,有时候一个小小的配置错误就可能导致部署失败,本人在此套技术验证过程中也踩了不少坑,故此将此套技术方案整理出来供大家参考。
keepalived+nginx+fastdfs集群安装手册
08-27
keepalived+nginx+fastdfs集群安装手册》是一份详尽的IT技术文档,旨在指导用户构建基于这三个组件的高可用集群环境。这个集群方案主要用于实现网站服务的负载均衡和文件存储,确保服务的稳定性和数据的安全性。...
Haproxy+Keepalived+Nginx+Lamp+Nfs实现高可用集群练习1
08-08
本文将详细介绍如何使用 Haproxy、KeepalivedNginx、LAMP 和 NFS 实现高可用集群。该集群由两台 Nginx 节点、两台 LAMP 节点、一个后端存储节点和两个调度器节点组成。通过配置 Haproxy 和 Keepalived 实现高可用...
如何在Linux系统中安装Keepalived
weixin_43924444的博客
08-24 640
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。Keepalived配置文件为:/etc/keepalived/keepalived.conf,
Linux系统中Keepalived部署方案
demo_55的博客
05-10 448
Keepalived安装部署
使用nginx+keepalived实现https负载均衡以及高可用
dupeng41255的专栏
09-23 4832
使用nginx+keepalived实现https负载均衡以及高可用
Nginx+keepalived
weixin_46886475的博客
11-25 3535
配置Nginx HA模式,防止访问高并发导致Nginx宕机造成服务停止;
Linux下搭建LVS+keepalived+nginx
weixin_44758063的博客
11-26 1422
CentOS7.6 搭建LVS+keepalived一、LVS 简介二、服务器IP规划及需要安装的软件三、服务器基础配置四:安装软件1、PACS-web1,PACS-web2 安装 nginx2、LVS_master,LVS_backup安装keepalived3、配置抑制lo回环响应,PACS-web1,PACS-web2上执行五、keepalived节点配置六、记录keepalived日志七、验证LVS是否部署否成功 ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值