安装Nginx

1.安装编译Nginx所需的依赖包和工具

#yum install -y gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel wget net-tools vim

2.下载Nginx

# cd /usr/local/src/
# wget http://nginx.org/download/nginx-1.13.0.tar.gz

3.编译安装Nginx

# cd /usr/local/src/
# tar -zxvf nginx-1.13.0.tar.gz
# cd nginx-1.13.0
# ./configure --prefix=/usr/local/nginx
# make && make install

4.配置Nginx

# vi /usr/local/nginx/conf/nginx.conf
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include mime.types;
    default_type application/octet-stream;
    #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
    # '$status $body_bytes_sent "$http_referer" '
    # '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log logs/access.log main;
    sendfile on;
    #tcp_nopush on;
    #keepalive_timeout 0;
    keepalive_timeout 65;
    #gzip on;
    server {
        listen 88;
        server_name localhost;
        #charset koi8-r;
        #access_log logs/host.access.log main;
        location / {
            root html;
            index index.html index.htm;
        }
        #error_page 404 /404.html;
        # redirect server error pages to the static page /50x.html
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
    }
}

5.修改Nginx欢迎页面的内容（便于后面的测试时区分两个节点的Nginx）

# vi /usr/local/nginx/html/index.html
192.168.200.20 中的标题加 1
<h1>Welcome to nginx! 1</h1>
192.168.200.30 中的标题加 2
<h1>Welcome to nginx! 2</h1>

6.启动Nginx

# /usr/local/nginx/sbin/nginx

重启Nginx

# /usr/local/nginx/sbin/nginx -s reload

7.访问两个节点的Nginx

安装Keepalived

1.下载keepalived包

因为Centos默认的yum源里就有keepalived包，所以直接使用yum安装

# yum install -y keepalived

2.编辑master（192.168.200.20）的keepalived配置文件

# vim /etc/keepalived/keepalived.conf    
global_defs {
   notification_email {
        131917381@qq.com
   }
   notification_email_from root@aaaaa.com
   smtp_server 127.0.0.1  #表示发送email时使用的smtp服务器地址，这里可以用本地的sendmail来实现
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_nginx {
    script "/usr/local/sbin/check_ng.sh"#检查服务是否正常，通过写脚本实现，脚本检查服务健康状态
    interval 3    #检查时间间断是3秒
    }
vrrp_instance VI_1 {
    state MASTER    #定义master相关
    interface ens33    #通过vrrp协议去通信、去发广播。此为网卡名
    virtual_router_id 51    #定义路由器ID ，配置的时候和从机器一致    
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 5201314>g
    }
    virtual_ipaddress {        #设置虚拟IP地址 (VIP),又叫做漂移IP地址
        192.168.200.100
    }
    track_script {        #加载脚本
        chk_nginx
    }
}

3.自定义脚本实现监控Nginx服务

# vim /usr/local/sbin/check_ng.sh
#!/bin/bash                                     
  #时间变量，用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量  
  n=`ps -C nginx --no-heading|wc -l`
#如果进程为0，则启动nginx，并且再次检测nginx进程数量    
  if [ $n -eq "0" ]; then      
         /etc/init.d/nginx start
          n2=`ps -C nginx --no-heading|wc -l`   
#如果还为0，说明nginx无法启动，此时需要关闭keepalived
          if [ $n2 -eq "0"  ]; then
                  echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
                  systemctl stop keepalived
          fi
 fi

编辑完成后给予该脚本x权限，否则无法被keepalived调用

# chmod a+x /usr/local/sbin/check_ng.sh

4.启动主节点的keepalived和Nginx

# systemctl start keepalived
# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:f8:e3:b9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.20/24 brd 192.168.200.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.200.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::a709:f89:6e2d:666a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::f47a:43ff:375e:c80/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever

5.编辑backup（192.168.200.30）的keepalived文件

# vim /etc/keepalived/keepalived.conf    
global_defs {
   notification_email {
        131917381@qq.com
   }
   notification_email_from root@aaaaa.com
   smtp_server 127.0.0.1  
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_nginx {
    script "/usr/local/sbin/check_ng.sh"
    interval 3    
    }
vrrp_instance VI_1 {
    state MASTER   
    interface ens33    
    virtual_router_id 51        
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 5201314>g
    }
    virtual_ipaddress {       
        192.168.200.100
    }
    track_script {       
        chk_nginx
    }
}

6.编辑监控脚本并给予权限

# vim /usr/local/sbin/check_ng.sh   
d=`date --date today +%Y%m%d_%H:%M:%S`
n=`ps -C nginx --no-heading|wc -l`
if [ $n -eq "0" ]; then
        systemctl start nginx
        n2=`ps -C nginx --no-heading|wc -l`
        if [ $n2 -eq "0"  ]; then
                echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
                systemctl stop keepalived
        fi
fi
# chmod a+x /usr/local/sbin/check_ng.sh

7.启动从节点的keepalive和Nginx

# systemctl start keepalived
# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:f8:e3:b9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.30/24 brd 192.168.200.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.200.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::a709:f89:6e2d:666a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::f47a:43ff:375e:c80/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever

8.模拟主节点宕机查看VIP是否在backup上

# iptables -I OUTPUT -p vrrp -j DROP
[root@backup ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:1a:0f:c6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.162/24 brd 192.168.200.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.200.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::f47a:43ff:375e:c80/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever