Nginx反向代理
安装keepalived和nginx
安装keepalived
1
|
# yum -y install keepalived |
创建nginx用户组及nginx用户
1
2
|
# groupadd -r nginx # useradd -g nginx -r nginx |
编译安装nginx-1.4.7
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# tar xf nginx-1.4.7.tar.gz # cd nginx-1.4.7 # ./configure \ --prefix= /usr \ --sbin-path= /usr/sbin/nginx \ --conf-path= /etc/nginx/nginx .conf \ --error-log-path= /var/log/nginx/error .log \ --http-log-path= /var/log/nginx/access .log \ --pid-path= /var/run/nginx/nginx .pid \ --lock-path= /var/lock/nginx .lock \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_flv_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --http-client-body-temp-path= /usr/local/nginx/client/ \ --http-proxy-temp-path= /usr/local/nginx/proxy/ \ --http-fastcgi-temp-path= /usr/local/nginx/fcgi/ \ --http-uwsgi-temp-path= /usr/local/nginx/uwsgi \ --http-scgi-temp-path= /usr/local/nginx/scgi \ --with-pcre # make && make install |
检查配置文件是否有语法错误
1
2
3
4
|
[root@localhost nginx-1.4.7] # nginx -t nginx: the configuration file /etc/nginx/nginx .conf syntax is ok nginx: [emerg] mkdir () "/usr/local/nginx/client/" failed (2: No such file or directory) nginx: configuration file /etc/nginx/nginx .conf test failed |
修改错误
1
|
# mkdir /usr/local/nginx |
再次检查配置文件是否有语法错误
1
|
[root@localhost nginx-1.4.7] # nginx -t |
为nginx提供SysV init脚本
1
|
# vim /etc/rc.d/init.d/nginx |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
#!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc .d /init .d /functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx= "/usr/sbin/nginx" prog=$( basename $nginx) NGINX_CONF_FILE= "/etc/nginx/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile= /var/lock/subsys/nginx make_dirs() { # make required directories user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -` options=`$nginx -V 2>&1 | grep 'configure arguments:' ` for opt in $options; do if [ ` echo $opt | grep '.*-temp-path' ` ]; then value=` echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $ "Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval - eq 0 ] && touch $lockfile return $retval } stop() { echo -n $ "Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval - eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $ "Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status > /dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $ "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac |
赋予nginx脚本执行权限
1
|
# chmod +x /etc/rc.d/init.d/nginx |
添加至服务管理列表,并让其开机自动启动
1
2
|
# chkconfig --add nginx # chkconfig nginx on |
提示:在两个keepalived+nginx主机上都需安装keepalkved和nginx服务
配置nginx为反向代理服务器
编辑nginx.conf配置文件
1
2
|
# cd /etc/nginx/ # vim nginx.conf |
在nginx.conf配置文件中的http段内添加如下内容
1
2
3
4
5
6
7
8
9
10
11
12
|
upstream webservers { server 10.170.2.101; server 10.170.2.102; } server { listen 80; server_name www.muluhe.com; location / { proxy_pass http: //webservers ; proxy_set_header X-Real-IP $remote_addr; } } |
提示:在两台keepalived+nginx主机的nginx.conf的配置文件所添加的内容一样
配置keepalived
编辑keepalived.conf配置文件
1
2
|
# cd /etc/keepalived/ # vim keepalived.conf |
IP地址为10.170.2.60的配置文件内容为:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 15 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 111111 } virtual_ipaddress { 10.170.2.100 } notify_master "/etc/init.d/nginx start" notify_backup "/etc/init.d/nginx stop" notify_fault "/etc/init.d/nginx stop" } |
IP地址为10.170.2.61的配置文件内容为
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 15 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 111111 } virtual_ipaddress { 10.170.2.100 } notify_master "/etc/init.d/nginx start" notify_backup "/etc/init.d/nginx stop" notify_fault "/etc/init.d/nginx stop" } |
配置web1和web2服务器
编辑web1测试页面
1
2
|
# vim /var/www/html/index.html 内容为:<h1>www1.muluhe.com< /h1 > |
启动httpd服务
1
|
# /etc/init.d/httpd start |
编辑web2测试页面
1
2
|
# vim /var/www/html/index.html 内容为:<h1>www2.muluhe.com< /h1 > |
启动httpd服务
1
|
# /etc/init.d/httpd start |
启动keepalived服务并进行测试
启动keepalived+nginx两台主机的keepalived服务
1
|
# /etc/init.d/keepalived start |
在浏览器中键入10.170.2.100,刷新几下,可得到如下结果
拼搏在路上