nginx
wget http://nginx.org/download/nginx-1.18.0.tar.gz
tar zxvf nginx-1.18.0.tar.gzyum install -y gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel libnl3-develcd nginx-1.18.0
mkdir -p /usr/local/nginx
#需要使用https,在编译时启用--with-http_ssl_module
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-stream
make && make installln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
#验证
nginx -V
配置文件1
vi /usr/local/nginx/conf/nginx.conf#工作进程数量,一般设置为CPU核数的整数倍
worker_processes 4;
#一个worker进程所能打开文件的最大数量
worker_rlimit_nofile 40000;events {
#设置每一个worker进程可以并发处理的最大连接数,该值不能超过worker_rlimit_nofileworker_connections 8192;
}stream {upstream rancher_servers_http {least_conn;server ip1:80 max_fails=3 fail_timeout=5s;server ip2:80 max_fails=3 fail_timeout=5s;server ip3:80 max_fails=3 fail_timeout=5s;}server {listen 80;proxy_pass rancher_servers_http;}upstream rancher_servers_https {least_conn;server ip1:443 max_fails=3 fail_timeout=5s;server ip2:443 max_fails=3 fail_timeout=5s;server ip3:443 max_fails=3 fail_timeout=5s;}server {listen 443;proxy_pass rancher_servers_https;}
}
keepalived
双节点
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
yum install -y heartbeatsystemctl enable keepalived
主节点
cat /etc/keepalived/keepalived.conf#Master
! Configuration File for keepalived
global_defs {notification_email {root@localhost}notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id DRBD_HA_MASTER
}vrrp_script chk_nfs {script "/etc/keepalived/check_nginx.sh"interval 5}vrrp_instance VI_1 {state MASTERinterface enp0s3virtual_router_id 101priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_nfs}notify_master /etc/keepalived/notify_master.shnotify_stop /etc/keepalived/notify_stop.shvirtual_ipaddress {192.168.101.200/24}
}#检测:
chmod 744 /etc/keepalived/*.shcat /etc/keepalived/check_nginx.sh#!/bin/bash
# /usr/bin/systemctl status nfs &>/dev/null
a= `ps -C nginx --no-heading | wc -l`if [ $a -eq "0" ];thennginx -c /usr/local/nginx/conf/nginx.confsleep 3b= `ps -C nginx --no-heading | wc -l`if [ $b -eq "0" ];thensystemctl stop keepalivedfi
fi# if [ $? -ne 0 ];then
# /usr/bin/systemctl restart nfs
# sleep 3
# /usr/bin/systemctl status nfs &>/dev/null
# if [ $? -ne 0 ];then
# umount /dev/drbd0
# drbdadm secondary r0
# systemctl stop keepalived
# fi
# ficat /etc/keepalived/notify_master.sh
#!/bin/sh
nginx -c /usr/local/nginx/conf/nginx.confcat /etc/keepalived/notify_stop.sh
#!/bin/sh
systemctl stop keepalived
备节点
cat /etc/keepalived/keepalived.conf#slave
! Configuration File for keepalived
global_defs {notification_email {root@localhost}notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id DRBD_HA_BACKUP
}vrrp_instance VI_1 {state BACKUPinterface enp0s3virtual_router_id 101priority 90advert_int 1authentication {auth_type PASSauth_pass 1111}notify_master /etc/keepalived/notify_master.shnotify_backup /etc/keepalived/notify_backup.shvirtual_ipaddress {192.168.101.200/24}
}#检测:
chmod 744 /etc/keepalived/*.shcat /etc/keepalived/check_nginx.sh
#!/bin/bash
a= `ps -C nginx --no-heading | wc -l`if [ $a -eq "0" ];thennginx -c /usr/local/nginx/conf/nginx.confsleep 3b= `ps -C nginx --no-heading | wc -l`if [ $b -eq "0" ];thensystemctl stop keepalivedfi
ficat /etc/keepalived/notify_master.sh
#!/bin/sh
nginx -c /usr/local/nginx/conf/nginx.confcat /etc/keepalived/notify_backup.sh
#!/bin/sh
systemctl stop keepalived