1、Nginx安装
Nginx安装
cat > /etc/yum.repo.d/nginx.repo <<EOF
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=http://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
yum install nginx -y
systemctl enable nginx
systemctl start nginx
Nginx配置文件
server {
listen 80;
server_name test.boydzero.com;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name test.boydzero.com;
# ssl证书地址
ssl_certificate /usr/local/etc/ssl/jp_boydzero_com.crt; # pem文件的路径
ssl_certificate_key /usr/local/etc/ssl/jp_boydzero_com.key; # key文件的路径
#access_log /var/log/nginx/host.access.log main;
# ssl验证相关配置
ssl_session_timeout 5m; #缓存有效期
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256::!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
2、Keepalived安装
keepalived安装
yum install -y keepalived
systemctl enable keepalived
systemctl start keepalived
配置文件
! Configuration File for keepalived
global_defs {
router_id ng-master # 可设置成当前主机名
}
vrrp_script check_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER # 备机改成BACKUP
interface ens18
virtual_router_id 51
priority 100 # 备机改成90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx
}
virtual_ipaddress {
172.16.10.200
}
}
systemctl stop firewalld
systemctl disable firewalld
check_nginx脚本
#!/bin/sh
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ]
then
systemctl start nginx
sleep 1
A2=`ps -C nginx --no-header |wc -l`
if [ $A2 -eq 0 ]
then
systemctl stop keepalived
fi
fi
评论区