本着快速安装和环境的统一,以及方便升级维护的原则,本文与其它网上的参考资料用编译安装的方法不一样,使用yum安装Nginx和Keepalived。带有自动安装shell脚本,进行环境部署非常简单高效,十分钟不到可以完成Nginx+Keepalived企业级web主主负载均衡架构的搭建。
#!/bin/bash # ------------------------------------------------------------------------------- # Filename: nginx_keepalived.sh # Revision: 1.0 # Date: 2012-12-29 # Author: 三木 # Email: linmaogan#gmail.com # Website: www.3mu.me # Description: CentOS6.3+Nginx+Keepalived主主负载均衡架构安装脚本 # Notes: 需要切换到root运行,版本针对64位系统,操作系统为CentOS6.3 # ------------------------------------------------------------------------------- # Copyright: 2012 (c) 三木 # License: GPL # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty # of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # you should have received a copy of the GNU General Public License # along with this program (or with Nagios); # # Credits go to Ethan Galstad for coding Nagios # If any changes are made to this script, please mail me a copy of the changes # ------------------------------------------------------------------------------- #Version 1.0 #2012-12-29 三木 初始版本建立 #Version 1.1 # ------------------------------------------------------------------------------- #变量定义############################################################################# IS_VPS=1 # 是否是虚拟主机,最简化安装的系统也采用这种配置 NGINX_MASTER=1 # 值为1或2,表示采用主Nginx之一或二的keepalivd.conf配置内容 NGINX_WORKER_PROCESSES=8 # nginx 工作进程数量 UPSTREAM='server 192.168.1.6:80 weight=1 max_fails=2 fail_timeout=30s; server 192.168.1.26:80 weight=1 max_fails=2 fail_timeout=30s; server 192.168.1.130:80 weight=1 max_fails=2 fail_timeout=30s;' # nginx 负载均衡服务器池 KEEPALIVED_EMAIL=linmaogan@gmail.com # keepalived 通知邮件地址 KEEPALIVED_PASS=cd5u5s6s3fe7ptxV # VRRP口令 KEEPALIVED_VIP1=192.168.1.120 # VRRP HA虚拟地址1 KEEPALIVED_VIP2=192.168.1.121 # VRRP HA虚拟地址2 DONE="\e[0;32m\033[1mdone\e[m" #解锁系统文件######################################################################### chattr -i /etc/passwd chattr -i /etc/group chattr -i /etc/shadow chattr -i /etc/gshadow chattr -i /etc/services #如果已安装Apache和PHP,则卸载######################################################## yum -y remove httpd* php* mysql #更新软件库########################################################################### yum -y update #安装Nginx源########################################################################## if [ ! -e /etc/yum.repos.d/nginx.repo ] then rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm echo -e "Install nginx source ${DONE}." fi #安装epel源,用于安装Keepalived ###################################################### if [ ! -e /etc/yum.repos.d/epel.repo ] then rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 1>/dev/null rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 echo -e "Install EPEL source ${DONE}." fi #安装Nginx############################################################################ yum -y install nginx #加入启动项########################################################################### chkconfig --levels 235 nginx on #start Nginx########################################################################## /etc/init.d/nginx start #安装Keepalived ###################################################################### yum -y install keepalived #加入启动项########################################################################### chkconfig --levels 235 keepalived on #start Keepalived##################################################################### /etc/init.d/keepalived start ##################################################################################### ##################################################################################### #目录设置############################################################################ #创建网站相关目录#################################################################### if [ ! -e /www ] then if [ $IS_VPS ];then mkdir /home/data ln -s /home/data /data else mkdir /data fi mkdir /www mkdir /data/wwwroot ln -s /data/wwwroot /www/ mkdir -p /data/wwwroot/{web,log,git} mkdir /data/conf mkdir /data/conf/{sites-available,sites-enabled,shell} mkdir /backup ln -s /backup /data/ fi #配置文件目录设置###################################################################### #移动nginx配置文件 if [ -s /data/conf/sites-available/default.conf ]; then echo "default.conf already move" else cp -p /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak mv /etc/nginx/conf.d/default.conf /data/conf/sites-available/ ln -s /data/conf/sites-available/default.conf /data/conf/sites-enabled/ echo "default.conf move success" fi if [ -s /data/conf/nginx.conf ]; then echo "nginx.conf already move" else cp -p /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak mv /etc/nginx/nginx.conf /data/conf/ ln -s /data/conf/nginx.conf /etc/nginx/ echo "nginx.conf move success" fi #移动 Keepalived 配置文件 if [ -s /data/conf/keepalived.conf ]; then echo "keepalived.conf already move" else cp -p /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak mv /etc/keepalived/keepalived.conf /data/conf/ ln -s /data/conf/keepalived.conf /etc/keepalived/ echo "keepalived.conf move success" fi #添加www组和www用户#################################################################### groupadd www useradd -g www www #设置目录权限########################################################################## chown -R www:www /data/wwwroot/web #配置nginx if cat /data/conf/nginx.conf |awk -F: '{print $1}'|grep 'sites-enabled' 2>&1 >/dev/null then echo -e "nginx.conf has been \e[0;32m\033[1madded\e[m." else echo "user www www; worker_processes $NGINX_WORKER_PROCESSES; error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include /etc/nginx/mime.types; default_type application/octet-stream; charset utf-8; log_format main '\$remote_addr - \$remote_user [\$time_local] \"\$request\" ' '\$status \$body_bytes_sent \"\$http_referer\" ' '\"\$http_user_agent\" \"\$http_x_forwarded_for\"'; access_log /var/log/nginx/access.log main; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 300m; client_body_buffer_size 512k; sendfile on; tcp_nopush on; tcp_nodelay on; server_tokens off; keepalive_timeout 60; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; proxy_connect_timeout 5; proxy_read_timeout 60; proxy_send_timeout 5; proxy_buffer_size 16k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; #注:proxy_temp_path和proxy_cache_path指定的路径必须在同一分区 proxy_temp_path /www/wwwroot/web/proxy_temp_dir; #设置Web缓存区名称为cache_one,内存缓存空间大小为200MB,1天没有被访问的内容自动清除,硬盘缓存空间大小为30GB。 proxy_cache_path /www/wwwroot/web/proxy_cache_dir levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g; #第一组php负载均衡服务器 upstream backend_server { $UPSTREAM } #屏蔽未绑定域名访问和禁止通过IP访问 server { listen 80 default; server_name _; return 500; } include /data/conf/sites-enabled/*; }" > /data/conf/nginx.conf fi # 配置 nginx 默认虚拟机配置文件 echo "server { listen 80; server_name localhost; charset utf8; #access_log /var/log/nginx/log/host.access.log main; location / { root /www/wwwroot/web; index index.html index.htm index.php; #增加index.php } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /www/wwwroot/web; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #取消FastCGI server部分location的注释,并要注意fastcgi_param行的参数,改为$document_root$fastcgi_script_name,或者使用绝对路径 location ~ \.php$ { root /www/wwwroot/web; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }" > /data/conf/sites-available/default.conf # 配置 Keepalived 配置文件 if [ $NGINX_MASTER -eq 1 ]; then echo "! Configuration File for keepalived global_defs { notification_email { $KEEPALIVED_EMAIL } notification_email_from keepalived@zhts.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script chk_http_port { script '/data/conf/shell/nginx_pid.sh' interval 2 weight 2 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass $KEEPALIVED_PASS } track_script { chk_http_port # 执行监控的服务 } virtual_ipaddress { $KEEPALIVED_VIP1 } } vrrp_instance VI_2 { state BACKUP interface eth0 virtual_router_id 52 priority 99 advert_int 1 authentication { auth_type PASS auth_pass $KEEPALIVED_PASS } track_script { chk_http_port # 执行监控的服务 } virtual_ipaddress { $KEEPALIVED_VIP2 } }" > /data/conf/keepalived.conf else echo "! Configuration File for keepalived global_defs { notification_email { $KEEPALIVED_EMAIL } notification_email_from keepalived@zhts.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script chk_http_port { script '/data/conf/shell/nginx_pid.sh' interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 99 advert_int 1 authentication { auth_type PASS auth_pass $KEEPALIVED_PASS } track_script { chk_http_port # 执行监控的服务 } virtual_ipaddress { $KEEPALIVED_VIP1 } } vrrp_instance VI_2 { state MASTER interface eth0 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass $KEEPALIVED_PASS } track_script { chk_http_port # 执行监控的服务 } virtual_ipaddress { $KEEPALIVED_VIP2 } }" > /data/conf/keepalived.conf fi # 监控Nginx的进程脚本 echo '#!/bin/bash NGINX_PROCESS=`ps -C nginx --no-header | wc -l` if [ $NGINX_PROCESS -eq 0 ]; then /etc/init.d/nginx start sleep 3 if [ `ps -C nginx --no-header | wc -l` -eq 0 ]; then /etc/init.d/keepalived stop fi fi' > /data/conf/shell/nginx_pid.sh # 添加可执行权限 chmod +x /data/conf/shell/nginx_pid.sh #开启防火墙 /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT /sbin/iptables -I INPUT -p tcp --dport 443 -j ACCEPT /etc/rc.d/init.d/iptables save /etc/init.d/iptables restart #重启所有服务器 /etc/init.d/nginx restart /etc/init.d/keepalived restart #系统文件加锁 chattr +i /etc/passwd chattr +i /etc/shadow chattr +i /etc/gshadow chattr +i /etc/group chattr +i /etc/services
参考资料:
解析 Nginx 负载均衡:http://blog.jobbole.com/24574/
Nginx主主负载均衡架构:http://andrewyu.blog.51cto.com/1604432/655646
揭秘企业级web负载均衡完美架构(图):http://network.51cto.com/art/201007/209823.htm
Nginx负载均衡配置:http://visonguo.blog.51cto.com/510379/1042842
nginx+keepalived主辅切换:http://deidara.blog.51cto.com/400447/302402
nginx负载均衡分配策略分析:http://bbs.ywlm.net/thread-34-1-1.html
使用Nginx的proxy_cache缓存功能取代Squid[原创]:http://blog.s135.com/nginx_cache/1/1/
Nginx负载均衡:http://www.cnblogs.com/xiaogangqq123/archive/2011/03/04/1971002.html
keepalived配置文件详解-nginx+keepalived配置nginx高可用:http://www.linuxmr.com/2012/nginx_keepalived_0628/204.html
nginx+keepalived配置实现nginx单主高可用:http://www.linuxmr.com/2012/nginx_keepalived_0629/205.html
nginx+keepalived配置双主高可用负载均衡:http://www.linuxmr.com/2012/nginx_keepalived_0629/207.html
0 条评论。