在lnmp架构中，通常一台装有nginx服务器做反向代理服务器，又做内网的路由。在这台服务器上绑有一个公网ip和一个内网ip.我们把域名解析

到这个公网ip上，让nginx代理到后端的web服务器上，这样我们就可以访问到我们的站点，与此同时必须让内网访问外网。这台反向代理服务器

又需要做内网的路由。这台服务器，在整个应用架构中相当重要。下面我来阐述一下nginx+keepalived双机实现nginx反向代理服务的高可用。

也就是说在当一台nginx挂掉之后不影响应用也不影响内网访问外网。

部署 1、在2.117和2.118上安装keepalived

下面开始安装keepalived

wget

tar zxvf keepalived-1.2.2.tar.gz

cd keepalived-1.2.2

./configure  && make && make install

mkdir /etc/keepalived      

cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/  

cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/

cp /usr/local/sbin/keepalived /usr/sbin/

2、keepalived配置 192.168.2.117

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {    notification_email {   jinyan2049@163.com         }    notification_email_fromkeepalived@chtopnet.com    smtp_server 127.0.0.1    smtp_connect_timeout 30    router_id LVS_DEVEL } vrrp_instance VI_1 {     state MASTER     interface eth0     virtual_router_id 51     mcast_src_ip 192.168.2.117     priority 100     advert_int 1     authentication {         auth_type PASS         auth_pass chtopnet     }     virtual_ipaddress {         192.168.2.180     }

启动脚本写入到/etc/rc.local里

echo "/etc/init.d/keepalived start" >> /etc/rc.d/rc.local

keepalived配置 192.168.2.118

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs {    notification_email {   jinyan2049@163.com         }    notification_email_fromkeepalived@chtopnet.com    smtp_server 127.0.0.1    smtp_connect_timeout 30    router_id LVS_DEVEL } vrrp_instance VI_1 {     state MASTER     interface eth0     virtual_router_id 51     backup_src_ip 192.168.2.118     priority 80     advert_int 1     authentication {         auth_type PASS         auth_pass chtopnet     }     virtual_ipaddress {         192.168.2.180     }

启动脚本写入到/etc/rc.local里

echo "/etc/init.d/keepalived start" >> /etc/rc.d/rc.local

3、安装编译nginx

groupadd www

useradd -g www www

wget  make install

ln -sf /usr/local/nginx/sbin/nginx /usr/sbin

查看安装是否成功

nginx -t

分别在两台服务器编写配置文件

vi /usr/local/nginx/conf/nginx.conf

user    www www;

worker_processes    8; error_log    logs/error.log    notice; pid /usr/local/nginx/logs/nginx.pid; events {         worker_connections    51200; } http {         include             mime.types;         default_type    application/octet-stream;         sendfile                on;         tcp_nopush         on;         keepalive_timeout    65;         gzip    on;         server {                 listen             80;                 server_name    localhost;                 index     index.html index.htm;                 root        /var/www/html;                 error_page     500 502 503 504    /50x.html;                 location = /50x.html {                         root     html;                 }          } }

 

分别在两台机器创建测试文件

echo "192.168.2.117" > /var/www/html/index.html

echo "192.168.2.118" > /var/www/html/index.html

添加nginx服务控制脚本vi /etc/init.d/nginx

#!/bin/sh

# chkconfig:- 99 20 # de  script  ion:Nginx Service Control  script # case "$1" in   start)      /usr/local/nginx/sbin/nginx      ;;   stop)      /usr/bin/killall -s QUIT nginx      ;;   restart)      $0 stop      $0 start      ;;   reload)      /usr/bin/killall -s HUP nginx      ;;   *)           echo "Usage:$0"           exit 1 esac exit 0

 

给/etc/init.d/nginx添加执行权限

chmod a+x /etc/init.d/nginx

启动nginx

/etc/init.d/nginx start

4、分别在192.168.2.117和192.168.2.118编写检测nginx服务是否正常。脚本如下：

vi /root/nginxpid.sh #!/bin/bash while  : do nginxpid=`ps -C nginx --no-header | wc -l` if [ $nginxpid -eq 0 ];then   /etc/init.d/nginx start   sleep 5    if [ $nginxpid -eq 0 ];then    /etc/init.d/keepalived stop    fi fi sleep 5 done  

5、让这个脚本永远在后台运行

nohup sh /root/nginxpid.sh &

 

6、测试过程如下：

我们要分别在二台主Nginx上用killall杀掉Nginx进程，然后在客户端分别访问192.168.2.117和192.168.2.118这二个IP（模拟DNS轮询）看能否

正常访问Web服务器。