Nginx+keepalived配置文件+脚本文件

负载均衡

nginx服务器：103，104；

目的服务器是101与102。

103的配置

user  nobody;
worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  8192;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    access_log on;
    sendfile        on;
    #tcp_nopush     on;
    
 # 注意，这里的server名字即portal.com不能带下划线，有下划线则不能访问
 upstream   portal.com
	{
	   ip_hash; //
	   server 192.168.108.101:8001;
	   server 192.168.108.102:8001;
	}
  upstream   idm.com
	{
	   ip_hash;#每个请求按访问ip的hash结果分配，这样每个访客固定访问一个应用服务器，可以解决session共享的问题。
	   server 192.168.108.101:8002;
	   server 192.168.108.102:8002;
	}
   upstream   idm-ws.com
	{
	   server 192.168.108.101:8002;
	   server 192.168.108.102:8002;
	}
    #keepalive_timeout  0;
    keepalive_timeout  65;
    tcp_nodelay     on;

    #gzip  on;

    server {
        listen   8001;
        server_name 192.168.108.103;

        #charset koi8-r;
	proxy_next_upstream off;

        #access_log  logs/host.access.log

        location /portal {  
            proxy_pass http://portal.com;
	     
    	     #后端的Web服务器可以通过X-Forwarded-For获取用户真实IP
    	    proxy_set_header Host $host:$server_port;
    	     proxy_set_header X-Real-IP $remote_addr;
   	     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    #proxy_set_header Host $host:$server_port;
    	    #proxy_set_header X-Real-IP $remote_addr;
    	    #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
	    client_max_body_size 300m;
        } 
         location / {  
           proxy_pass http://portal.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        } 
       
        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    
    server {
        listen       8088;
        server_name  idm;
        location /idm {
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }
        location /cas {  
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }
 	location /idm-core/cxf/ {  
            proxy_pass http://idm-ws.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }  
       location / {  
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        } 
    }
   
    server{
    	listen 8099;
    	location /ngnix_status {
        	stub_status;
    	}
    }



}

104的配置

主：192.168.108.103

备：192.168.108.104

虚拟IP：192.168.108.105

#user  nobody;
worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  8192;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
   access_log off;
    sendfile        on;
    #tcp_nopush     on;
 upstream   portal.com
	{
	   ip_hash;
	   server 192.168.108.101:8001;
	   server 192.168.108.102:8001;
	}
  upstream   idm.com
	{
	   ip_hash;
	   server 192.168.108.101:8002;
	   server 192.168.108.102:8002;
	}
   upstream   idm-ws.com
	{
	   server 192.168.108.101:8002;
	   server 192.168.108.102:8002;
	}
    #keepalive_timeout  0;
    keepalive_timeout  65;
    tcp_nodelay     on;

    #gzip  on;

    server {
        listen   8001;
        server_name 192.168.108.104;

        #charset koi8-r;
	#proxy_next_upstream off;

        #access_log  logs/host.access.log

        location /portal {  
            proxy_pass http://portal.com;
	     proxy_set_header Host $host:$server_port;
    	     proxy_set_header X-Real-IP $remote_addr;
   	     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    #proxy_set_header Host $host:$server_port;
    	    #proxy_set_header X-Real-IP $remote_addr;
    	    #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
	    client_max_body_size 300m;
        } 
         location / {  
           proxy_pass http://portal.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        } 
       
        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    
    server {
        listen       8088;
        server_name  idm;
        location /idm {
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }
        location /cas {  
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }
 	location /idm-core/cxf/ {  
            proxy_pass http://idm-ws.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        }  
       location / {  
            proxy_pass http://idm.com;
    	    proxy_set_header Host $host:$server_port;
    	    proxy_set_header X-Real-IP $remote_addr;
    	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	    proxy_connect_timeout 10;
    	    proxy_read_timeout 300;
    	    proxy_send_timeout 300;
        } 
    }
   
    server{
    	listen 8099;
    	location /ngnix_status {
        	stub_status;
    	}
    }

主备切换（keepalived）

103的配置

! Configuration File for keepalived

global_defs {
   #notification_email {
    # acassen@firewall.loc
     #failover@firewall.loc
     #sysadmin@firewall.loc
   #}
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id LVS_DEVEL
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}
vrrp_script chk_nginx {
	script "/usr/local/etc/keepalived/nginx_check.sh" 
	interval 2   ## 检测时间间隔
	weight -20    ## 如果条件成立，权重-20
}

vrrp_instance VI_1 {
    state MASTER  # 主节点为 MASTER， 对应的备份节点为 BACKUP
    interface ens32
    virtual_router_id 51  #虚拟路由的 ID 号， 两个节点设置必须一样， 可选 IP 最后一段使用, 相同的 VRID 为一个组，他将决定多播的 MAC 地址
    priority 100
	mcast_src_ip 192.168.108.103  
	unicast_peer {192.168.108.104}  ##（对端IP地址）此地址一定不能忘记,vrrp need use
    nopreempt    ## 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.108.105  ##xuniip
    }
    track_script {
		chk_nginx  ## 执行 Nginx 监控的服务
	}
}

104的配置

! Configuration File for keepalived

global_defs {
  # notification_email_from Alexandre.Cassen@firewall.loc
  #smtp_server 192.168.200.1
  #smtp_connect_timeout 30
   router_id backup
  #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}
vrrp_script chk_nginx {
	script "/usr/local/etc/keepalived/nginx_check.sh" 
	weight -20 
}

vrrp_instance VI_1 {
    state BACKUP  
    interface ens32
    virtual_router_id 51  
    priority 90
    mcast_src_ip 192.168.108.104 
    unicast_peer {192.168.108.103}
    #nopreempt 
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.108.105
    }
    track_script {
		chk_nginx  
	}
}

chk_ngin脚本

#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/opt/yonyou/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
	killall keepalived
fi
fi

其他脚本

文件同步：

#/!bin/bash

ip2="192.168.108.103"

src2="/opt/yonyou/upload/"

dst2="/opt/yonyou/upload/"

/usr/local/bin/inotifywait -mrq -e create,delete,modify,move $src2 | while read line; do

/usr/local/bin/unison -batch $src2 ssh://$ip2/$dst2

echo -n "$line " >> /opt/yonyou/log/inotify.log

echo `date | cut -d " " -f1-4` >> /opt/yonyou/log/inotify.log

done

端口检测：

#!/bin/bash
A=`netstat -lntp |grep ":8801 "|wc -l`
if [ $A -eq 0 ];then
cd /xx/bin 
./rhapsody.sh start
sleep 30
if [ $A -eq 0 -eq 0 ];then
	killall keepalived
fi
fi
#检查端口存活，如果端口不正常，切换备用服务器

posted @ 2020-12-06 15:06 废熊阅读(266) 评论(0) 收藏举报

刷新页面返回顶部

废熊

Nginx+keepalived配置文件+脚本文件

负载均衡

主备切换（keepalived）

其他脚本

公告