第一章 原理
原理:
VIP 是外网访问的IP地址,通过keepalived设置,以及VRRP将VIP绑定到主机和备机上,通过权重实现控制。当主机挂掉后,keepalived释放对主机的控制,备机接管VIP。
Nginx+keepalived单主环境下,其中一台slave机器处于备份状态,有些浪费,其实可以利用DNS轮询来实现双机负载均衡。
第二章 安装前准备
1.环境配置
1.Ip配置
操作系统:CentOS 6.5
Nginx+keepalived 1服务器 IP:192.168.1.244
Nginx+keepalived 2服务器 IP:192.168.1.245
访问VIP1: 192.168.1.248
访问VIP2: 192.168.1.249
2.需要软件包
zlib-static-1.2.3-29.el6.x86_64.rpm
keepalived-1.2.12.tar.gz
ngx_cache_purge-2.3.tar.gz
nginx-1.9.7.tar.gz
Nginx nginx启动脚本
check_http.sh keepalived监控nginx进程的脚本,并自杀
2.安装前准备
1..关闭防火墙
[root@localhost ~]# service iptables stop
[root@localhost ~]#chkconfig iptables off
改完后确认
[root@localhost ~]# service iptables status
Iptables: 未运行防火墙
2..关闭selinux
修改/etc/selinux/config 文件,将SElINUX=enforcing改为SElINUX=disabled或SElINUX=permissive
# vi /etc/selinux/config
……
SElINUX=disabled
……
3.重启
[root@localhost ~]# reboot
4.配置本地yum
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# mkdir repo.bak
[root@localhost yum.repos.d]# cp CentOS-* repo.bak/
[root@localhost yum.repos.d]# rm -rf CentOS-*
[root@localhost yum.repos.d]# vi aa.repo
[aa]
name=aa
baseurl=file:///mnt
gpgcheck=1
[root@localhost ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-*
5.挂载
[root@localhost ~]# mount /dev/dvd /mnt
第三章 安装
1.安装rpm包
[root@localhost ~]# rpm -ivh zlib-static-1.2.3-29.el6.x86_64.rpm
2.yum安装包
[root@localhost ~]# yum -y install openssl openssl-devel pcre pcre-devel gcc gcc-c++ make wget zlib-static zlib zlib-devel
3.安装keepalived
tar xf keepalived-1.2.12.tar.gz
cd keepalived-1.2.12
./configure --prefix=/usr/local/keepalived
make
make install
4.拷贝文件
cp /usr/local/keepalived/sbin/keepalived /usr/sbin
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
设置开机启动
chkconfig keepalived on
5.配置keepalived
1.配置244
[root@localhost ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200