Linux Web集群架构详细(亲测可用!!!)

注意：WEB服务器和数据库需要分离，同时WEB服务器也需要编译安装MySQL。

做集群架构的重要思想就是找到主干，从主干区域向外延展。

WEB服务器： apache nginx 本地做三个产品 dedecms workprocess discuz 将用户存放图片，附件的目录挂载到nfs服务器的共享目录上

NFS服务器本地做三个共享目录，实现将用户上传的图片及附件分别存放到对应的目录上，

使用sersync与备份服务器实现实时同步，批量分发密钥及脚本，hosts文件(实际生产环境下，在同一局域网下，hosts文件通常保持一致)，

MySQL服务器：用于用户存放数据的服务器，

Backup服务器：用于备份的服务器，防止其他服务器宕机、感染病毒、等等数据丢失。同时要将每天备份的内容通过邮件发送给管理员，确保数据备份成功。

我的主干思想就是先配置LAMP和LNMP服务器，之后向外延展配置nfs服务器及MySQL服务器，然后将所有需要备份的数据打包好，配置backu备份服务器，最后做nginx负载均衡服务器，如果有精力又有能力的情况下，继续延伸一个nginx的高可用(提示ngixn高可用服务使用的是VRRP技术)

1.LAMP(192.168.190.20)

(1)tar xvf /apache-2.2.27
 
cd apache-2.2.27
 
编译安装
 
./configure \
 
--prefix=/application/appache2.2.27 \   安装目录
 
--enable-deflate \   压缩安装
 
--enable-expires \    过期  缓存时间
 
--enable-headers \   
 
--enable-modules=most \    模块激活
 
--enable-so \     
 
--with-mpm=worker \   apache的两种模式:worker,prefork
 
--enable-rewrite && make &&make install
 
(注意编译环境下换行后边不能存在空格，上述编译添加了注释，如果粘贴请自行删除，手打忽略)
 
ln -s /application/apache-2.2.27 /application/apache
 
echo “<html>
 
<head><title> a ,s blog. </title><head>
 
<body>
 
        Hi,i'm a ,My blog address is
 
<a href="" targe=_parent > </a>
 
</ body>
 
</html>” > /application/apache/htdos/index.html
 
/application/apache/bin/apachectl graceful

浏览器输入192.168.190.20 会出现

Hi,i'm a ,My blog address is 等字样说明apache服务安装成功

(2)安装数据库msyql

解压编译安装，编译过程略长，安装结束后进行检查做软链接

创建MySQL虚拟用户和用户组

groupadd mysql
 
  cat /etc/group
 
  useradd -g mysql -M -s /sbin/nologin mysql
 
id mysql
 
编译安装MySQL
 
./configure \
 
--prefix=/application/mysql5.1.72 \
 
--with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock \
 
--localstatedir=/application/mysql5.1.72/data \
 
--enable-assembler \
 
--enable-thread-safe-client \
 
--with-mysqld-user=mysql \
 
--with-big-tables \
 
--without-debug \
 
--with-pthread \
 
--enable-assembler \
 
--with-extra-charsets=complex \
 
--with-readline \
 
--with-ssl \
 
--with-embedded-server \
 
--enable-local-infile \
 
--with-plugins=partition,innobase \
 
--with-mysqld-ldflags=-all-static \
 
--with-client-ldflags=-all-static
 
#--with-plugin-PLUGIN \
 
make && make install

echo $? 检查编译是否成功

ln -s /application/mysql5.1.72/ /application/mysql 创建软链接

复制配置mysql的配置文件

cd  mysql-5.1.72/support-files/
 
ls
 
cp -p my-small.cnf /etc/my.cnf
 
chown -R mysql.mysql /application/mysql    授权MySQL用户管理权限
 
初始化mysql
 
/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql           ##两个OK即为初始化成功
 
/application/mysql/bin/mysqld_safe &    启动mysql
 
netstat -lntup|grep mysqld       ##查看MySQL服务是否启动成功
 
mysqladmin -u root password '123456'        ##设置MySQL用户密码

(3)安装完apache和mysql之后再安装PHP(注意php配合apache是以模块的方式存在)

yum install -y openssl-devel
 
tar -xvf  php-5.3.27.tar.gz
 
cd php-5.3.27.tar.gz
 
./configure \
 
--prefix=/application/php5.3.27 \     //注意php的安装目录
 
--with-apxs2=/application/apache/bin/apxs \        //注意apache的安装目录
 
--with-mysql=/application/mysql \
 
--with-xmlrpc \
 
--with-openssl \
 
--with-zlib \
 
--with-freetype-dir \
 
--with-gd \
 
--with-jpeg-dir \
 
--with-png-dir \
 
--with-iconv=/usr/local/libiconv \
 
--enable-short-tags \
 
--enable-sockets \
 
--enable-zend-multibyte \
 
--enable-soap \
 
--enable-mbstring \
 
--enable-static \
 
--enable-gd-native-ttf \
 
--with-curl \
 
--with-xsl \
 
--enable-ftp \
 
--with-libxml-dir && make && make install

ln -s /application/php5.3.27/ /application/php  ##做软链接去版本号
 
cp /application/apache/conf/httpd.conf /application/apache/conf/httpd.conf.bak.1
 
vim /application/apache/conf/httpd.conf       #修改主配置文件
 
cd /application/apache/conf
 
diff  httpd.conf httpd.conf.bak.1
 
67,68c67,68
 
< User www
 
< Group www
 
---
 
> User daemon
 
> Group daemon
 
149c149
 
<     DirectoryIndex  index.php index.html
 
---
 
>     DirectoryIndex  index.html
 
292,294c292
 
<     AddType application/x-httpd-php .php .phtml
 
<     AddType application/x-httpd-php-source .phps
 
---
 
> 
 
401c401
 
< Include conf/extra/httpd-vhosts.conf
 
---
 
># Include conf/extra/httpd-vhosts.conf:
 
423 <Directory "/data0/www">
 
424     Options -Indexes FollowSymLinks
 
425     AllowOverride None
 
426     Order allow,deny
 
427     Allow from all
 
428 </Directory>

创建对应的apache的虚拟用户www

useradd www -s /sbin/nologin -M

id www

cd /application/apache/conf/extra

vim httpd-vhosts.conf

NameVirtualHost *:80
 
#
 
# VirtualHost example:
 
# Almost any Apache directive may go into a VirtualHost container.
 
# The first VirtualHost section is used for all requests that do not
 
# match a ServerName or ServerAlias in any <VirtualHost> block.
 
#
 
<VirtualHost *:80>
 
    ServerAdmin 1227566276@qq.com
 
    DocumentRoot "/data0/www/cms"
 
    ServerName cms.etiantian.org
 
    ServerAlias etiantian.org
 
    ErrorLog "logs/dummy-host.example.com-error_log"
 
    CustomLog "|/usr/local/sbin/cronolog /app/logs/access_cms_%Y%m%d.log" combined
 
</VirtualHost>
 
<VirtualHost *:800>
 
    ServerAdmin 1227566276@qq.com
 
    DocumentRoot "/data0/www/bbs"
 
    ServerName bbs.etiantian.org
 
    ErrorLog "logs/dummy-host.example.com-error_log"
 
    CustomLog "|/usr/local/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined
 
</VirtualHost>
 
<VirtualHost *:8000>
 
    ServerAdmin 1227566276@qq.com
 
    DocumentRoot "/data0/www/blog"
 
    ServerName blog.etiantian.org
 
    ErrorLog "logs/dummy-host.example.com-error_log"
 
    CustomLog "|/usr/local/sbin/cronolog /app/logs/access_blog_%Y%m%d.log" combined
 
</VirtualHost>

如果有错误则查看错误日志

cd /application/appache/logs/

建立站点目录

mkdir /data0/{www,blog,bbs}

for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done

/application/apache/bin/apachectl -t #检查配置文件的语法

/application/apache/bin/apachectl graceful #平滑重启apache

本地做hosts解析访问三个网站，查看基于域名的虚拟主机是否配置成功

Dedecms,Discuz,workprocess三个产品解压之后自行安装(安装完MySQL数据库再进行安装)

2.LNMP(192.168.190.10)

(1)安装nginx服务

编译nginx前需安装

1.pcre pcre-devel

yum install -y pcre pcre-devel

2.openssl

yum install openssl openssl-devel -y

编译安装nginx

./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
 
make && make install
 
ln -s /application/nginx1.6.2/ /application/nginx

启动nginx

/application/nginx/sbin/nginx

lsof -I :80 #查看nginx服务是否启动成功

(2)安装MySQL数据库

编译安装MySQL

./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler <br>--enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline <br>--with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static
 
make && make install

echo $?

数据库初始化:

chown -R mysql.mysql /application/mysql 授权MySQL用户管理权限

初始化mysql

/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql

//初始化显示两个OK 即为初始化成功

(3)安装PHP(PHP配合nginx是以守护进程的方式存在工作的)

(安装php之前需要安装所需的包 yum install zlib libxml libjpeg freetype libpng gd curl libiconv zlib-devel libxml2-devel libjpeg-devel freetype-devel libpng-devel gd-devel curl-devel -y)

tar zxf libiconv-1.14.tar.gz
 
cd libiconv-1.14
 
./configure --prefix=/usr/local/libiconv      //然后进行编译安装
 
make && make install

安装相关依赖

Libmcrypt 、 mhash 、mcrypt

安装php（编译之前首先安装libxslt* ,否则会报错）解压

./configure --prefix=/application/php5.3.27 --with-mysql=/application/mysql --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=nginx --with-fpm-group=nginx --enable-ftp

&& make && make install

上传修改好的启动文件php-frm.conf(软件包组里面有修改完整的) à上传到/application/php/etc

创建日志文件

mkdir /app/logs //不创建的话检查语法的时候会报错

/application/php/sbin/php-fpm -t //检查语法

/application/php/sbin/php-fpm //启动php

在rc.local里设置开机自启动

Mysql php nginx

##优化配置文件

100

101

102

103

104

105

106

107

108

109

cat /application/nginx/conf/
 
cat nginx.conf
 
worker_processes  1;
 
events {
 
    worker_connections  1024;
 
}
 
http {
 
    include       mime.types;
 
    default_type  application/octet-stream;
 
    sendfile        on;
 
    keepalive_timeout  65;
 
        include extra/cms.conf;
 
        include extra/bbs.conf;
 
        include extra/blog.conf;
 
}
 
mdkir extra
 
touch {bbs,blog,cms}.conf
 
cat cms.conf
 
server {
 
        listen       80;
 
        server_name  cms.etiantian.org;
 
            root   /data0/www/cms;
 
            index index.php index.html index.htm;
 
        location ~ \.(php|php5)?$ {
 
        fastcgi_pass 127.0.0.1:9000;
 
        fastcgi_index index.php;
 
        include fastcgi.conf;
 
        }
 
}
 
cat bbs.conf
 
server {
 
        listen       800;
 
        server_name  bbs.etiantian.org;
 
            root   /data0/www/bbs;
 
            index index.php index.html index.htm;
 
        location ~ \.(php|php5)?$ {
 
        fastcgi_pass 127.0.0.1:9000;
 
        fastcgi_index index.php;
 
        include fastcgi.conf;
 
        }
 
}
 
cat blog,conf
 
server {
 
        listen       8000;
 
        server_name  blog.etiantian.org;
 
                    root   /data0/www/blog;
 
            index  index.php index.html index.htm;
 
  location ~ \.(php|php5)?$ {
 
        fastcgi_pass 127.0.0.1:9000;
 
        fastcgi_index index.php;
 
        include fastcgi.conf;      
 
 }
 
}
 
mkdir /data0/{www,blog,bbs}
 
for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done

Discuz,dedecms,workprocess三个产品自行安装放入站点目录 bbs,www,blog

3.NFS服务器(192.168.190.30)

(1)安装nfs和rpcbind(nfs服务是靠rpcbind转发端口的)

yum install nfs-utils rpcbind -y

echo “/etc/init.d/nfs restart” >/etc/rc.local //设置nfs开机自启动使用chkconfig同样

vim /etc/exports

#shared storage for LAMP,LNMP
 
/data0 192.168.190.10(rw,async) 192.168.190.20(rw.async)

(2)批量分发

ssh-copy-id -i 是可以实现小环境下的密钥分发但是如果上百台服务器，就需要开发脚本进行自动化分发密钥(附件里有开发好的脚本，仅供参考)

密钥分发完毕，分发本地的hosts文件(实际生产环境下统一内网下，hosts本地解析一致是很有必要的)

vim /etc/rsync.password

123456

chmod 600 /etc/rsync.password

(3)sersync实现与备份备份服务器的实时同步

安装sersync

cd /tools

uzip sersync2.5.4_64bit_binary_stable_final.tar

mv sersync2 /usr/local/sersync

cd /usr/local/sersync/conf

echo ‘export PATH=$PATH:/usr/local/sersync/bin’ >>/etc/profile

vim /usr/local/sersync/conf/www_confxml.xml (需要哪个目录rsync服务器同步就写哪个目录,这里以博客workprocess为例name代表rsync服务端的模块名称 ip就是目标IP地址)

24 <localpath watch="/data0/www/blog/wp-content/uploads">
 
 25         <remote ip="192.168.190.50" name="nfs"/>
 
 26 </localpath>

echo ‘sersync -r -d -o /usr/local/sersync/conf/www_confxml.xml’ >> /etc/rc.local

至此sersync与备份服务器实时同步也完成了。

4.安装MySQL服务器(192.168.190.40)，创建你所做的产品的数据库，创建每个产品所使用的数据库用户，及授权用户。

创建MySQL虚拟用户 useradd -g mysql -M -s /sbin/nologin mysql

(1)编译安装MySQL数据库

tar xvf mysql5.1.72.tar.gz

cd mysql5.1.72

./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler  --enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static

 ln -s /application/mysql5.1.72/ /application/mysql

/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql ##初始化数据库

cd /tools/msyql5.1.71

\cp support-files/mysql.server /etc/init.d/mysqld

/etc/init.d/mysqld start

netstat -lntup |grep mysql #查看MySQL3306端口是否开启

mysqladmin -u root password '123456' ## 设置数据库用户名和密码

(2)进入数据库创建用户并进行授权，创建用户所用的数据库cms bbs blog

mysql -uroot -p123456

mysql> create database bbs;
 
mysql> create database cms;
 
mysql> create database blog;
 
mysql> show databases;       ##查看数据库
 
mysql> grant select,insert,update,delete,alter,create on cms.* to  cms@"192.168.190.%" identified by '123456';
 
mysql> grant select,insert,update,delete,alter,create on bbs.* to  bbs@'192.168.190.%' identified by '123456';
 
mysql> grant select,insert,update,delete,alter,create on blog.* to  blog@'192.168.190.%' identified by '123456';
 
mysql> select user,host from mysql.user;       ##查看用户是否创建成功

(3)MySQL数据库数据备份，利用周期性计划任务定时推送(简单的备份使用mysqldump，高层的备份服务使用replication或者drbd)

[root@mysql scripts]# cat mysqldunmp.sh

!#bin/bash
 
cd /backup
 
echo "You are in backup dir"
 
File = /backup/
 
mysqldump -uroot -p123456 --quick --databases bbs blog cms --flush-logs --single-transaction > /backup/mysql$(date +%F).bak
 
rsync -az /backup/mysql* rsync_backup@192.168.190.50::mysql --password-file=/etc/rsync.password
 
echo "Your database backup successfully completed"

vim /etc/rsync.password

123456

chmod 600 /etc/rsync.password

crontab -e

#send mysqlbak
 
00 00 * * * /bin/sh -x /server/script/mysqldump.sh

5.backup服务器(192.168.190.40 rsync ，每天检查推送过来的备份内容，定时发送邮件告知系统管理员备份是否成功)

useradd -s /sbin/nologin rsync 创建rsync 用户

yum install -y rsync

echo "/usr/bin/rsync --daemon" >> /etc/rc.local

vim /etc/rsyncd.conf

##rsyncd.conf start##
 
uid = rsync
 
gid = rsync
 
use chroot = no
 
max connections = 200
 
timeout = 300
 
pid file = /var/run/rsyncd.pid
 
lock file = /var/run/rsync.lock
 
log file = /var/log/rsyncd.log
 
ignore errors
 
read only = false
 
list = false
 
hosts allow = 10.0.0.0/24
 
hosts deny = 0.0.0.0/32
 
auth users = rsync_backup
 
secrets file = /etc/rsync.password
 
[zhang]
 
path = /zhang/
 
[cms]
 
path =/data0/www/cms/
 
[bbs]
 
path =/data0/www/bbs/
 
[blog]
 
path =/data0/www/blog/
 
[backup]
 
path =/backup/
 
[nfs]
 
path =/backup/nfs/
 
[mysql]
 
path =/mysql/

所有的推送文件夹必须存在，否则rsync启动会报错

chown -R rsync.rsync /zhang/

chown -R rsync.rsync /data0/www/cms/

chown -R rsync.rsync /data0/www/bbs/

chown -R rsync.rsync /data0/www/blog/

chown -R rsync.rsync /backup/

chown -R rsync.rsync /backup/nfs/

chown -R rsync.rsync /mysql/

vim /etc/rsync.password

rsync_backup:123456

chmod 600 /etc/rsync.password

echo “/usr/bin/rsync --daemon” >> /etc/rc.local

vim /server/script/check.sh

ls /mysql >> /root/check.txt

ls -l /backup/192.168.190.30/|awk '{print $9}' >> /root/check.txt

egrep -v "^$| " /root/check.txt > /root/checkadd.txt

最后推送checkadd.txt文本文档给系统管理员管理员就可以看到都备份了什么文件

mail -s "Hello from linuxde.net by file" 1227566276@qq.com < checkadd.txt

6.主nginx负载均衡服务器(192.168.190.23)

(1)安装配置nginx负载均衡器

编译nginx前需安装

1.pcre pcre-devel

yum install -y pcre pcre-devel

2.openssl

yum install openssl openssl-devel -y

##创建nginx的虚拟用户

usedadd nginx -s /sbin/nologin -M

编译安装nginx

./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
 
make && make install
 
ln -s /application/nginx1.6.2/ /application/nginx

##启动nginx

/application/nginx/sbin/nginx

vim /application/nginx/conf/nginx.conf

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

worker_processes  1;
 
events {
 
    worker_connections  1024;
 
}
 
http {
 
    include       mime.types;
 
    default_type  application/octet-stream;
 
    sendfile        on;
 
    keepalive_timeout  65;
 
upstream backend {
 
        ip_hash;
 
        server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
 
}
 
upstream backendyy {
 
        server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
 
}
 
upstream backendblog {
 
        ip_hash;
 
        server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
 
}
 
   server {
 
        listen       80;
 
        server_name  cms.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backend;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
}
 
       server {
 
        listen       80;
 
        server_name  bbs.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backendyy;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
    }
 
   server {
 
        listen       80;
 
        server_name  blog.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backendblog;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
    }
 
}

平滑重启nginx ：/application/nginx/bin/nginx -s reload

(2)安装配置keepalived

yum install -y keepalived

netstat -lntup |grep keepalived

vim /etc/keepalived/keepalived.conf

global_defs {
 
   notification_email {
 
     acassen@firewall.loc
 
     failover@firewall.loc
 
     sysadmin@firewall.loc
 
   }
 
   notification_email_from Alexandre.Cassen@firewall.loc
 
   smtp_server 192.168.200.1
 
   smtp_connect_timeout 30
 
   router_id lb01
 
}
 
vrrp_instance VI_1 {
 
    state MASTER
 
    interface eth1
 
    virtual_router_id 55
 
    priority 150
 
    advert_int 1
 
    authentication {
 
        auth_type PASS
 
        auth_pass 123456
 
    }
 
    virtual_ipaddress {
 
        192.168.190.23/24 dev eth1 label eth1:1
 
    }
 
}

/etc/init.d/keepalived restart ifconfig会发现生成了一个你想要的虚拟IP地址

7.高可用的备份nginx负载均衡服务器(192.168.190.23)

(1)安装配置nginx负载均衡器

编译nginx前需安装

1.pcre pcre-devel

yum install -y pcre pcre-devel

2.openssl

yum install openssl openssl-devel -y

编译安装nginx

./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
 
make && make install
 
ln -s /application/nginx1.6.2/ /application/nginx

##创建nginx的虚拟用户

usedadd nginx -s /sbin/nologin -M

##启动nginx

/application/nginx/sbin/nginx

vim /application/nginx/conf/nginx.conf

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

worker_processes  1;
 
events {
 
    worker_connections  1024;
 
}
 
http {
 
    include       mime.types;
 
    default_type  application/octet-stream;
 
    sendfile        on;
 
    keepalive_timeout  65;
 
upstream backend {
 
        ip_hash;
 
        server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
 
}
 
upstream backendyy {
 
        server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
 
}
 
upstream backendblog {
 
        ip_hash;
 
        server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
 
        server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
 
}
 
   server {
 
        listen       80;
 
        server_name  cms.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backend;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
}
 
       server {
 
        listen       80;
 
        server_name  bbs.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backendyy;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
    }
 
   server {
 
        listen       80;
 
        server_name  blog.etiantian.org;
 
        index  index.html index.htm;
 
        location / {
 
        proxy_pass http://backendblog;
 
        }
 
        error_page   500 502 503 504  /50x.html;
 
        location = /50x.html {
 
            root   html;
 
        }
 
    }
 
}

平滑重启nginx ：/application/nginx/bin/nginx -s reload

(2)安装keepalived

yum install -y keepalived

vim /etc/keepalived/keepalived.conf

global_defs {
 
   notification_email {
 
     acassen@firewall.loc
 
     failover@firewall.loc
 
     sysadmin@firewall.loc
 
   }
 
   notification_email_from Alexandre.Cassen@firewall.loc
 
   smtp_server 192.168.200.1
 
   smtp_connect_timeout 30
 
   router_id lb02
 
}
 
vrrp_instance VI_1 {
 
    state BACKUP
 
    interface eth2
 
    virtual_router_id 55
 
    priority 100       ##优先级  数值越高越优先
 
    advert_int 1
 
    authentication {
 
        auth_type PASS
 
        auth_pass 123456
 
    }
 
    virtual_ipaddress {
 
        192.168.190.23 dev eth2 label eth2:1
 
    }
 
}

/etc/init.d/keepalived restart 启动keepalived 把主nginx负载均衡服务器宕掉，会发现备keepalived节点服务器会生成一个虚拟IP

本地做192.168.190.23的host解析

Keepalived高可用故障切换转移原理

Keepalived高可用服务对之间的故障切换转移，是通过VRRP来实现的。在keepalived服务工作时，主Master节点会不断地向备节点发送（多播的方式）心跳消息，用来告诉备Backup节点自己还活着。当主节点发生故障时，就无法发送心跳的消息了，备节点也因此无法继续检测到来自主节点的心跳了。于是就会调用自身的接管程序，接管主节点的IP资源和服务。当主节点恢复时，备节点又会释放主节点故障时自身接管的IP资源和服务，恢复到原来的备用角色