搭建nginx服务器,部署nginx+keepalived负载均衡,数据可以实现共享
主机分配:
192.168.1.160(nfs主服务器) 192.168.1.170 rsync+inotify
192.168.1.2 192.168.1.3 部署nginx+keepalived vip 192.168.1.100
192.168.1.4 192.168.1.5 部署nginx web页面
官网下载nginx包,进行rpm编译
部署一台可以链接外网的跳板机,来部署内部环境(安装ansible和ftp的yum源共享)
[root@ecs-jumper ~]# yum -y install ansible vsftpd
[root@ecs-jumper ~]# vim /etc/hosts
192.168.1.170 ecs-web1
192.168.1.2 ecs-web2
192.168.1.3 ecs-web3
192.168.1.4 ecs-web4
192.168.1.5 ecs-web5
192.168.1.160 ecs-web0
下载rpm-build,创建rpmbuild
[C:\~]$ ssh 139.9.58.182 //xshell链接公网IP
[root@ecs-jumper ~]# ls
http.yml nginx-1.14.2.tar.gz
[root@ecs-jumper ~]# yum -y install rpm-build
[root@ecs-jumper ~]# rpmbuild -ba nginx.spec //报错,会直接生成rpmbuild
error: failed to stat /root/nginx.spec: No such file or directory
[root@ecs-jumper ~]# ls
http.yml nginx-1.14.2.tar.gz rpmbuild
[root@ecs-jumper ~]# cp nginx-1.14.2.tar.gz /root/rpmbuild/SOURCES/ //将包移动这个目录中
创建修改nginx.spec文件
[root@ecs-jumper ~]# vim /root/rpmbuild/SPECS/nginx.spec //没用的删除,否则会报错
Name:nginx
Name:nginx
Name:nginx
Version:1.14.2
Release:5
Summary:nginx is a web server
...
License:GPL
URL:www.test.com
Source0:nginx-1.14.2.tar.gz
...
%description
nginx [engine x] is an HTTP and reverse proxy server
%post
useradd nginx
%build
./configure
...
%files
%doc
/usr/local/nginx
使用配置文件创建rpm包
[root@ecs-jumper ~]# yum -y install gcc pcre-devel openssl-devel
[root@ecs-jumper ~]# rpmbuild -ba /root/rpmbuild/SPECS/nginx.spec
...
+ cd /root/rpmbuild/BUILD
+ cd nginx-1.14.2
+ /usr/bin/rm -rf /root/rpmbuild/BUILDROOT/nginx-1.14.2-5.x86_64
+ exit 0
[root@ecs-jumper ~]# ls /root/rpmbuild/RPMS/x86_64/nginx-1.14.2-5.x86_64.rpm
/root/rpmbuild/RPMS/x86_64/nginx-1.14.2-5.x86_64.rpm
[root@ecs-jumper ~]# rpm -qpi /root/rpmbuild/RPMS/x86_64/nginx-1.14.2-5.x86_64.rpm
Name : nginx
Version : 1.14.2
Release : 5
Architecture: x86_64
Install Date: (not installed)
Group : Unspecified
Size : 752055
License : GPL
Signature : (none)
Source RPM : nginx-1.14.2-5.src.rpm
Build Date : Mon 28 Jan 2019 11:01:11 AM CST
Build Host : ecs-jumper
Relocations : (not relocatable)
URL : www.test.com
Summary : nginx is a web server
Description :
nginx [engine x] is an HTTP and reverse proxy server
yum源共享nginxRPM包,在2,3,4,5主机安装nginx
[root@ecs-jumper ~]# cp /root/rpmbuild/RPMS/x86_64/nginx-1.14.2-5.x86_64.rpm /var/ftp/default/
[root@ecs-jumper default]# ls
nginx-1.14.2-5.x86_64.rpm repodata
[root@ecs-jumper default]# createrepo --update .
[root@ecs-jumper ~]# ansible nginx -m shell -a 'yum -y install nginx'
...
Installed:
nginx.x86_64 0:1.14.2-5
Complete!
[root@ecs-jumper ~]# ansible nginx -m shell -a '/usr/local/nginx/sbin/nginx'
[root@ecs-jumper ~]# curl -I 192.168.1.4
HTTP/1.1 200 OK
Server: nginx/1.14.2
...
[root@ecs-web5 ~]# echo 192.168.1.5 > /usr/local/nginx/html/index.html
[root@ecs-web5 ~]# curl 192.168.1.5
192.168.1.5
[root@ecs-web4 ~]# echo 192.168.1.4 > /usr/local/nginx/html/index.html
[root@ecs-web4 ~]# curl 192.168.1.4
192.168.1.4
在192.168.1.2和192.168.1.3实现nginx调度
[root@ecs-web2 ~]# vim /usr/local/nginx/conf/nginx.conf //3上同操作
...
http {
...
upstream webserver {
server 192.168.1.4 weight=1 max_fails=1 fail_timeout=20;
server 192.168.1.5 weight=2 max_fails=2 fail_timeout=20;
}
...
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://webserver;
}
配置keepalived高可用
vip为192.168.1.100
[root@ecs-jumper ~]# ansible keep --list
hosts (2):
ecs-web2
ecs-web3
[root@ecs-jumper ~]# ansible keep -m shell -a 'yum -y install keepalived'
配置keepalived vip为192.168.1.100
[root@ecs-web2 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ecs-web2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
[root@ecs-web3 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ecs-web3
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
启动keepalived
[root@ecs-jumper ~]# ansible keep -m shell -a 'systemctl start keepalived'
[root@ecs-jumper ~]# ansible keep -m shell -a 'ip addr show'
ecs-web3 | CHANGED | rc=0 >>
...
inet 192.168.1.3/24 brd 192.168.1.255 scope global noprefixroute dynamic eth0
valid_lft 63939sec preferred_lft 63939sec
inet6 fe80::f816:3eff:fef3:2582/64 scope link
valid_lft forever preferred_lft forever
...
ecs-web2 | CHANGED | rc=0 >>
...
inet 192.168.1.2/24 brd 192.168.1.255 scope global noprefixroute dynamic eth0
valid_lft 63940sec preferred_lft 63940sec
inet 192.168.1.100/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe08:e3c7/64 scope link
valid_lft forever preferred_lft forever
[root@ecs-jumper ~]# ansible keep -m shell -a 'iptables -F'
华为云上要申请此vip地址并绑定公网ip和nginx调度服务器(注意安全组规则,允许外网访问)
外网访问公网IP,可以跳转到我们设置的网页
部署nfs共享
在192.168.1.160和192.168.1.4以及192.168.1.5安装nfs和rpcbind
[root@ecs-jumper ~]# ansible nfs -m shell -a 'yum -y install rpcbind nfs-utils'
在主服务器192.168.1.160操作
[root@ecs-web0 ~]# systemctl start rpcbind
[root@ecs-web0 ~]# systemctl start nfs
[root@ecs-web0 ~]# systemctl status nfs
[root@ecs-web0 ~]# systemctl status rpcbind
[root@ecs-web0 ~]# mkdir /webdata //创建共享目录
[root@ecs-web0 ~]# vim /etc/exports
/webdata 192.168.1.4(rw,sync,root_squash)
/webdata 192.168.1.5(rw,sync,root_squash)
[root@ecs-web0 ~]# exportfs -arv //重启服务
exporting 192.168.1.4:/webdata
exporting 192.168.1.5:/webdata
[root@ecs-web0 ~]# showmount -e 192.168.1.160
Export list for 192.168.1.160:
/webdata 192.168.1.5,192.168.1.4
[root@ecs-web0 webdata]# echo web test > /webdata/index.html //在目录下创建网页文件
在4和5上挂载(以4为例)
[root@ecs-jumper ~]# ssh 192.168.1.4
[root@ecs-web4 ~]# showmount -e 192.168.1.160
Export list for 192.168.1.160:
/webdata 192.168.1.5,192.168.1.4
[root@ecs-web4 ~]# vim /etc/fstab
...
192.168.1.160:/webdata /usr/local/nginx/html nfs _netdev 0 0
[root@ecs-web4 ~]# mount -a
[root@ecs-web4 ~]# df -Th
...
192.168.1.160:/webdata nfs4 40G 1.9G 36G 5% /usr/local/nginx/html
[root@ecs-web4 ~]# cat /usr/local/nginx/html/index.html
web test
部署rsync+inotify实现文件实时同步
在160和170上安装 rsync
[root@ecs-web0 webdata]# yum -y install rsync
在170上创建目录
[root@ecs-web1 ~]# mkdir /webdata
在160上编译安装inotify http://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz
[root@ecs-web0 ~]# tar -zxf inotify-tools-3.14.tar.gz
[root@ecs-web0 ~]# cd inotify-tools-3.14
[root@ecs-web0 inotify-tools-3.14]# ./configure --prefix=/usr/local/inotify
[root@ecs-web0 inotify-tools-3.14]# make & make install
[root@ecs-web0 ~]# /usr/local/inotify/bin/inotifywait --help
inotifywait 3.14
...
拷贝私钥到1.160(因为所有云服务器都是用密钥对创建的,所以需要要远程其他服务器上免密登陆,直接拷贝私钥到本机就可以)
[root@ecs-jumper ~]# scp /root/.ssh/id_rsa [email protected]:/root/.ssh/
编写同步脚步/root/rsync.sh
[root@ecs-web0 ~]# vim /root/rsync.sh
#!/bin/bash
FROM_DIR="/webdata/"
RSYNC_CMD="rsync -az --delete $FROM_DIR [email protected]:/webdata"
while inotifywait -rqq -e modify,move,create,delete,attrib $FROM_DIR
do
$RSYNC_CMD
done &
[root@ecs-web0 ~]# chmod +x /root/rsync.sh
改动一下网页文件
[root@ecs-web0 ~]# ./rsync.sh
[root@ecs-web0 ~]# pgrep -l inotify
6104 inotifywait
[root@ecs-web0 ~]# echo hello rsync > /webdata/index.html
[root@ecs-web0 ~]# ssh 192.168.1.170
[root@ecs-web1 ~]# cat /webdata/index.html
hello rsync
如需停止监控
[root@ecs-web0 ~]# pkill -9 inotify