正文

如何搭建keepalived+nginx+httpd+dns高可用双主反向代理服务器

sixvps
sixvps V管理员 /0 评论 /5883 阅读
0903

如何搭建keepalived+nginx+httpd+dns高可用双主反向代理服务器

如何搭建keepalived+nginx+httpd+dns高可用双主反向代理服务器,相信很多没有经验的人对此束手无策,为此本文总结了问题出现的原因和解决方法,通过这篇文章希望你能解决这个问题。1.rs服务器安装httpd,ip为:192.168.122.5,192.168.122.62.rs配置好web页面并启动服务3.node1两块网卡,一块是外网172.16.0.3,一个内网192.168.122.34.node2两块网卡,一块是外网172.16.0.4,一个内网192.168.122.45.node1配置时间服务器,其余三台来同步时间6.nod1配置好nginx反向代理后端两台rs,并测试7.nod2配置好nginx反向代理后端两台rs,并测试 yun -y in开发云主机域名stall nginxhttp {upstream webservers { server 192.168.122.5:80; server 192.168.122.6:80; } server { location / { proxy_pass http://webservers; }} 8.两节点安装keepalived9.node1配置高可用vi /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { root@localdomain ##本地通知 } smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id node1 vrrp_mcast_group4 224.1.1.33 ##多播地址}#集群1vrrp_instance VI_1 { state MASTER ##主节点标志 interface ens33 virtual_router_id 51 #集群1ID priority 100 #点点优先级,越高就是主 advert_int 1 authentication { auth_type PASS auth_pass %^*AJOoj78j. } virtual_ipaddress { 172.16.0.90/16 dev ens33 label ens33:0 ##集群VIP }}#集群2vrrp_instance VI_2 { state BACKUP interface ens33 virtual_router_id 44 #集群ID,唯一值,不能跟其他集群ID相同 priority 96 advert_int 1 authentication { auth_type PASS auth_pass J%(#Qjb78. } virtual_ipaddress { 172.16.0.91/16 dev ens33 label ens33:1 }}10.node2配置高可用[root@node2 keepalived]# vi keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { root@localdomain } smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id node1 vrrp_mcast_group4 224.1.1.33}vrrp_instance VI_1 { state BACKUP ##集群1的备节点 interface ens33 virtual_router_id 51 priority 96 advert_int 1 authentication { auth_type PASS auth_pass %^*AJOoj78j. } virtual_ipaddress { 172.16.0.90/16 dev ens33 label ens33:0 }}vrrp_instance VI_2 { state MASTER ##集群2的主节点,这样就够成了双主模式 interface ens33 virtual_router_id 44 priority 100 advert_int 1 authentication { auth_type PASS auth_pass J%(#Qjb78. } virtual_ipaddress { 172.16.0.91/16 dev ens33 label ens33:1 }} 到此服务已可以正常使用,测试 curl http://172.16.0.91 curl http://172.16.0.90 均可正常访问到后端两主机 当一台主机出故障时自动降开发云主机域名为备节点,另一台会自动接管,服务不会宕机. 停止节点1的服务,查看节点的2rip systemctl stop keepalived.service ifconfig journalctl -f -u keepalived.service 查看日志11.建立nginx检测脚本,当一台ngix服务没启的时候同样降为备节点,另一台会自动接管,服务不会宕机.vi /etc/keepalived/chk_nginx.sh #!/bin/bash # killall -0 nginx || weight -10 增加可执行权限 chmod u+x chk_nginx.sh 12.配置调用126发邮件设置 1.获取126SSL发送证书 mkdir -p /root/.certs/ cd /root/.certs/ echo -n | openssl s_client -connect smtp.126.com:465 | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > ~/.certs/qq.crt certutil -A -n “GeoTrust Global CA” -t “C,,” -d ~/.certs -i ~/.certs/qq.crt certutil -L -d /root/.certs/ certutil -A -n “GeoTrust SSL CA – G3” -t “Pu,Pu,Pu” -d ./ -i qq.crt 2.配置postfix vi /etc/postfix/main.cf inet_interfaces = all inet_protocols = all systemctl enable postfix systemctl restart postfix 3.配置调用126发邮件 vi /etc/mail.rcset from=xxxxxxxx@126.com –邮箱用户名set smtp=smtps://smtp.126.com:465set smtp-auth-user=xxxxxxxx@126.com –邮箱用户名set smtp-auth-password=ajbjs465785 –注意这是授权码set smtp-auth=loginset ssl-verify=ignoreset nss-config-dir=/root/.certs13.通知脚本:当成主/备节点时都启动nginx,两个节点都一样cd /etc/keepalived/vi notify.sh#!/bin/bash#contact=’xxxxxxx@qq.com’ –接收邮件的邮箱notify() { local mailsubject=”$(hostname) to be $1,vip floating” local mailbody=”$(date +’%F %T’):vrrp transition,$(hostname) changed to be $1 ” echo “$mailbody” | mail -s “$mailsubject” $contact }case $1 inmaster) systemctl start nginx ##当成为主节点时启动nginx notify master;;backup) systemctl start nginx ##因为双主模式,所以当成为备节点时不能停止nginx,一定要启动nginx,作为另一个主节点 notify backup;;fault) notify fault;;*) echo “error” exit 1 ;;esac增加执行权限chmod u+x notify.sh测试成为备节点时通知邮件能不能正常发送./notify.sh backup14.在配置文件中全局配置下,集群配置上调用nginx检测脚本,并持续追踪.(见最终配置文件) vrrp_script chk_nginx { script “/etc/keepalived/chk_nginx.sh” fall 3 rise 3 } 15.在集群内跟踪检测结果.(见最终配置文件)track_script { chk_down chk_nginx }16.在两个集群内部调用通知脚本. (见最终配置文件) notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault” 16.查看日志 journalctl -f -u keepalived 17.测试停止node1,nginx,查看是否降为备节点,查看日志,查看是否邮件通知,查看ip,客户端两个VIP能否正常访问. 18.最终配置文件##节点1[root@node1 keepalived]# cat keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { root@localdomain } smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id node1 vrrp_mcast_group4 224.1.1.33}vrrp_script chk_nginx { script “/etc/keepalived/chk_nginx.sh” fall 3 rise 3 }vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass %^*AJOoj78j. } virtual_ipaddress { 172.16.0.90/16 dev ens33 label ens33:0 } track_script { chk_nginx } notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault”}vrrp_instance VI_2 { state BACKUP interface ens33 virtual_router_id 44 priority 96 advert_int 1 authentication { auth_type PASS auth_pass J%(#Qjb78. } virtual_ipaddress { 172.16.0.91/16 dev ens33 label ens33:1 } track_script { chk_nginx } notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault”}##节点2cat keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { root@localdomain } smtp_server 127.0.0.1活动:慈云数据爆款香港服务器,CTG+CN2高速带宽、快速稳定、平均延迟10+ms 速度快,免备案,每月仅需19元!! 点击查看 smtp_connect_timeout 30 router_id node1 vrrp_mcast_group4 224.1.1.33}vrrp_instance VI_1 { state BACKUP interface ens33 v开发云主机域名irtual_router_id 51 priority 96 advert_int 1 authentication { auth_type PASS auth_pass %^*AJOoj78j. } virtual_ipaddress { 172.16.0.90/16 dev ens33 label ens33:0 } track_script { chk_nginx } notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault”}vrrp_instance VI_2 { state MASTER interface ens33 virtual_router_id 44 priority 100 advert_int 1 authentication { auth_type PASS auth_pass J%(#Qjb78. } virtual_ipaddress { 172.16.0.91/16 dev ens33 label ens33:1 } track_script { chk_nginx } notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault”} 19.dns 服务器.ip:172.16.0.7.将两个VIP 172.16.0.90/91 解析成www.bjs.io,并顺序解析yum -y install bind##正向区域数据vi /etc/named.confzone “bjs.io” IN {type master;file “bjs.io.zone”;};##反向区域数据zone “0.16.172.in-addr.arpa” IN {type master;file “0.16.172.in-addr.arpa”;};##正向区域数据文件vi /var/named/bjs.io.zone$TTL 1D@ IN SOA ns1.bjs.io root.localdomain 2019011601 1H 10M 3D 1D IN NS ns1ns1 IN A 172.16.0.7www IN A 172.16.0.90www IN A 172.16.0.91##反向区域数据文件vi /var/named/0.16.172.in-addr.arpa$TTL 1D@ IN SOA ns1.bjs.io root.localdomain 2019011601 1H 10M 3D 1D IN NS ns1.bjs.io.7 IN PTR ns1.bjs.io.90 IN PTR www.bjs.io.91 IN PTR www.bjs.io.看完上述内容,你们掌握如何搭建keepalived+nginx+httpd+dns高可用双主反向代理服务器的方法了吗?如果还想学到更多技能或想了解更多相关内容,欢迎关注开发云行业资讯频道,感谢各位的阅读!

本文从转载,原作者保留一切权利,若侵权请联系删除。

《如何搭建keepalived+nginx+httpd+dns高可用双主反向代理服务器》来自互联网同行内容,若有侵权,请联系我们删除!


相关阅读:

1、昌邑云服务器存储(昌邑服务器 存储云化)

2、远程连接服务器(远程连接服务器操作简易教程)

3、远程连接服务器:简单易用(易用的远程服务器连接)

4、远程连接服务器:简单快捷!(远程连接服务器:省时实用!)

5、远程访问服务器,简单启用(远程访问服务器简易操作)

-- 展开阅读全文 --