Nginx 反向代理+高可用

反向代理主机IP：10.0.0.20
WEB01主机IP : 10.0.0.22  
WEB02主机IP : 10.0.0.23

反向代理主机配置：10.0.0.20

[root@node1 html]# vim /etc/nginx/conf.d/web.conf 

server {
        listen       80;
        server_name  www.wanglan.com;
        location / {
            proxy_pass http://10.0.0.30;  #keepalived虚拟IP
            proxy_set_header HOST $HOST;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Request-Url $request_uri;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
  }

web01主机配置 Keepalived.conf

[root@node1 ~]# vim /etc/keepalived/keepalived.conf 

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id WEB  #集群名称，相同集群名称必须相同
}

vrrp_instance VI_1 {
    state MASTER  #主从设置，这里设置为主
    interface eth0
    virtual_router_id 51
    priority 150  #定义访问优先级，数值越大优先级越高
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.30   #置虚拟IP，这就是反向代理服务器所代理的IP
    }
}

web0主机配置keepalived.conf 文件

[root@node4 ~]# vim /etc/keepalived/keepalived.conf 

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id WEB   #集群名称，必须和web01设置相同
}

vrrp_instance VI_1 {
    state BACKUP   #主从设置，这里设置为从
    interface eth0
    virtual_router_id 51
    priority 100   #定义访问优先级，从要比主的数值小
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.30  #设置虚拟IP，必须相同
    }
}

重启服务查看web01的网卡上是否有 10.0.0.30 IP

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:e6:36:7b brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.22/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.0.0.30/32 scope global eth0

而此时web02的网卡上是没有10.0.0.30 IP

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:15:ba:84 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.23/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever

可以关闭web01的keepalived 服务，查看IP是否转移到了web02上

web01上已经没有了10.0.0.30

[root@node1 ~]# systemctl stop  keepalived

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:e6:36:7b brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.22/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever

查看web02

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:15:ba:84 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.23/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.0.0.30/32 scope global eth0
       valid_lft forever preferred_lft forever

此时10.0.0.30 已经转移到了 web02上