10-254-8-120
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/
keepalived.conf scripts/
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_120
}
vrrp_script chk_http_port {
script "/etc/keepalived/scripts/chk_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
101.251.213.166
101.251.213.167
101.251.213.168
101.251.213.171
101.251.213.172
101.251.213.173
101.251.213.174
101.251.213.175
101.251.213.176
101.251.213.180
}
}
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/scripts/chk_nginx.sh
#!/bin/bash
NGINX=/usr/sbin/nginx
PORT=80
nmap localhost -p $PORT | grep "$PORT/tcp open"
if [ $? -ne 0 ];then
$NGINX -s stop
$NGINX
sleep 3
nmap localhost -p $PORT | grep "$PORT/tcp open"
[ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx
nginx/ nginx.tgz
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/
conf.d/ conf.tar.gz fastcgi_params koi-utf koi-win mime.types nginx.conf nginx.conf.bak scgi_params uwsgi_params win-utf
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/nginx.conf
user root;
worker_processes 24;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 65535;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
server_tokens off;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
open_file_cache max=102400 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 1;
tcp_nodelay on;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_read_timeout 60;
proxy_send_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 6;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
log_format main '$host|$server_addr|$remote_addr|$request_time|-|$remote_user|$msec|[$time_local]|$request_method|$request_uri'
'|$status|$body_bytes_sent|$http_referer'
'|"$http_user_agent"|$http_x_forwarded_for|$cookie_cb_csd|$cookie_cb_cba_device_id|$cookie_cb_user|$cookie_cb_province_id|$cookie_cb_address_city|$cookie_cb_site_id|$request_body|$upstream_addr|-|-|-|';
access_log /var/log/nginx/access.log main;
geo $whiteiplist {
default 1 ;
127.0.0.1 0;
include /etc/nginx/conf.d/whiteip.txt;
}
map $whiteiplist $limit {
1 $binary_remote_addr;
0 "";
}
limit_req_zone $limit zone=qps1:100m rate=80r/s;
limit_req zone=qps1 burst=5 ;
upstream www.chunbo.com {
server 10.254.64.10:80 weight=10;
server 10.254.64.11:80 weight=10;
server 10.254.64.54:80 weight=10;
server 10.254.64.55:80 weight=10;
server 10.254.64.56:80 weight=10;
server 10.254.64.57:80 weight=10;
server 10.254.64.58:80 weight=10;
server 10.254.64.59:80 weight=10;
server 10.254.64.78:80 weight=10;
server 10.254.64.79:80 weight=10;
server 10.254.64.156:80 weight=10;
server 10.254.64.157:80 weight=10;
server 10.254.64.158:80 weight=10;
server 10.254.64.159:80 weight=10;
server 10.254.64.160:80 weight=10;
#server 10.254.64.172:80 weight=10;
#server 10.254.64.173:80 weight=10;
#server 10.254.64.174:80 weight=10;
#server 10.254.64.175:80 weight=10;
#server 10.254.64.176:80 weight=10;
server 10.254.70.3:20005 weight=5;
server 10.254.70.4:20005 weight=5;
server 10.254.70.11:20005 weight=5;
server 10.254.70.12:20005 weight=5;
}
upstream api.chunbo.com {
server 10.254.64.52:80;
server 10.254.64.53:80;
server 10.254.64.60:80;
server 10.254.64.61:80;
server 10.254.64.62:80;
server 10.254.64.63:80;
server 10.254.64.64:80;
server 10.254.64.65:80;
server 10.254.64.66:80;
server 10.254.64.67:80;
server 10.254.64.80:80;
server 10.254.64.81:80;
server 10.254.64.82:80;
server 10.254.64.83:80;
server 10.254.64.166:80;
server 10.254.64.167:80;
server 10.254.64.168:80;
server 10.254.64.169:80;
server 10.254.64.170:80;
server 10.254.64.171:80;
}
upstream smsapi.chunbo.com {
#server 10.254.8.194:443;
#server 10.254.8.195:443;
#server 10.254.8.184:443;
#server 10.254.8.185:443;
server 10.254.64.52:443;
server 10.254.64.53:443;
server 10.254.64.60:443;
server 10.254.64.61:443;
server 10.254.64.62:443;
server 10.254.64.63:443;
server 10.254.64.64:443;
server 10.254.64.65:443;
server 10.254.64.66:443;
server 10.254.64.67:443;
server 10.254.64.80:443;
server 10.254.64.81:443;
server 10.254.64.82:443;
server 10.254.64.83:443;
}
upstream i0.chunboimg.com {
server 10.254.9.173:80;
server 10.254.9.174:80;
}
upstream i2.chunboimg.com {
server 10.254.9.173:81;
server 10.254.9.174:81;
}
upstream static.chunboimg.com {
#server 10.254.8.117:82;
#server 10.254.8.108:82;
server 10.254.8.185:82;
server 10.254.8.186:82 backup;
}
upstream tms.chunbo.com {
server 10.254.8.162:80;
server 10.254.8.163:80;
}
#upstream vc.chunbo.com {
#server 10.254.8.105:443;
#server 10.254.8.115:443;
# server 10.254.64.50:443;
# server 10.254.64.51:443;
#}
upstream vc_http.chunbo.com {
server 10.254.64.50:8162;
server 10.254.64.51:8162;
}
upstream pay.chunbo.com {
#server 10.254.8.105:8102;
#server 10.254.8.115:8102;
server 10.254.64.50:8102;
server 10.254.64.51:8102;
}
upstream dmscore.chunbo.com {
server 10.254.64.148:80;
server 10.254.64.149:80;
}
upstream dmsorder.chunbo.com {
server 10.254.64.149:8080;
server 10.254.64.148:8080;
}
upstream dmsorder-ws.chunbo.com {
server 10.254.64.150:80;
server 10.254.64.151:8080;
}
upstream dms.chunbo.com {
server 10.254.64.146:8080;
server 10.254.64.147:8080;
}
upstream dmsapi.chunbo.com {
server 10.254.64.146:80;
server 10.254.64.147:80;
}
upstream thirdapi.chunbo.com {
server 10.254.64.190:82;
server 10.254.64.191:82;
}
upstream help.chunbo.com {
server 10.254.64.157:1337;
server 10.254.64.158:1337;
server 10.254.64.159:1337;
server 10.254.64.160:1337;
}
upstream tms-rpc.chunbo.com {
server 10.254.64.220:8081;
server 10.254.64.223:8081;
}
upstream tuan.chunbo.com {
server 10.254.64.157:81;
server 10.254.64.158:81;
server 10.254.64.159:81;
server 10.254.64.160:81;
}
upstream dms-rpt.prod.chunbo.com {
server 10.254.64.197:8080;
server 10.254.64.198:8080;
}
include /etc/nginx/conf.d/*.conf;
}
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf
server {
listen 80;
server_name web.chunbo.com www.chunbo.com chunbo.com;
if ($host = chunbo.com) {
rewrite ^/(.*)$ http://www.chunbo.com/$1 permanent;
}
location / {
proxy_pass http://www.chunbo.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Queue-Start "t=${msec}000";
}
location /ngx_status {
rewrite ^(.*)$ http://www.chunbo.com break;
}
}
[root@lvs-ctc-bj-10-254-8-120 ~]#
10.254.8.121 配置
[root@prod13082930-steppingStones ~]# ssh 10.254.8.121
Last login: Mon Jul 24 13:28:20 2017 from 10.254.8.149
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/
conf.d/ fastcgi_params koi-utf koi-win mime.types nginx.conf scgi_params uwsgi_params win-utf
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/
keepalived.conf scripts/
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_121
}
vrrp_script chk_http_port {
script "/etc/keepalived/scripts/chk_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
101.251.213.166
101.251.213.167
101.251.213.168
101.251.213.171
101.251.213.172
101.251.213.173
101.251.213.174
101.251.213.175
101.251.213.176
101.251.213.180
}
}
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/scripts/chk_nginx.sh
#!/bin/bash
NGINX=/usr/sbin/nginx
PORT=80
nmap localhost -p $PORT | grep "$PORT/tcp open"
if [ $? -ne 0 ];then
$NGINX -s stop
$NGINX
sleep 3
nmap localhost -p $PORT | grep "$PORT/tcp open"
[ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/nginx.conf
user root;
worker_processes 24;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 65535;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
server_tokens off;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
open_file_cache max=102400 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 1;
tcp_nodelay on;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_read_timeout 60;
proxy_send_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 6;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
log_format main '$host|$server_addr|$remote_addr|$request_time|-|$remote_user|$msec|[$time_local]|$request_method|$request_uri'
'|$status|$body_bytes_sent|$http_referer'
'|"$http_user_agent"|$http_x_forwarded_for|$cookie_cb_csd|$cookie_cb_cba_device_id|$cookie_cb_user|$cookie_cb_province_id|$cookie_cb_address_city|$cookie_cb_site_id|$request_body|$upstream_addr|-|-|-|';
access_log /var/log/nginx/access.log main;
geo $whiteiplist {
default 1 ;
127.0.0.1 0;
include /etc/nginx/conf.d/whiteip.txt;
}
map $whiteiplist $limit {
1 $binary_remote_addr;
0 "";
}
limit_req_zone $limit zone=qps1:100m rate=80r/s;
limit_req zone=qps1 burst=5 ;
upstream www.chunbo.com {
server 10.254.64.10:80 weight=10;
server 10.254.64.11:80 weight=10;
server 10.254.64.54:80 weight=10;
server 10.254.64.55:80 weight=10;
server 10.254.64.56:80 weight=10;
server 10.254.64.57:80 weight=10;
server 10.254.64.58:80 weight=10;
server 10.254.64.59:80 weight=10;
server 10.254.64.78:80 weight=10;
server 10.254.64.79:80 weight=10;
server 10.254.64.156:80 weight=10;
server 10.254.64.157:80 weight=10;
server 10.254.64.158:80 weight=10;
server 10.254.64.159:80 weight=10;
server 10.254.64.160:80 weight=10;
#server 10.254.64.172:80 weight=10;
#server 10.254.64.173:80 weight=10;
#server 10.254.64.174:80 weight=10;
#server 10.254.64.175:80 weight=10;
#server 10.254.64.176:80 weight=10;
server 10.254.70.3:20005 weight=5;
server 10.254.70.4:20005 weight=5;
server 10.254.70.11:20005 weight=5;
server 10.254.70.12:20005 weight=5;
}
upstream api.chunbo.com {
server 10.254.64.52:80;
server 10.254.64.53:80;
server 10.254.64.60:80;
server 10.254.64.61:80;
server 10.254.64.62:80;
server 10.254.64.63:80;
server 10.254.64.64:80;
server 10.254.64.65:80;
server 10.254.64.66:80;
server 10.254.64.67:80;
server 10.254.64.80:80;
server 10.254.64.81:80;
server 10.254.64.82:80;
server 10.254.64.83:80;
server 10.254.64.166:80;
server 10.254.64.167:80;
server 10.254.64.168:80;
server 10.254.64.169:80;
server 10.254.64.170:80;
server 10.254.64.171:80;
}
upstream smsapi.chunbo.com {
#server 10.254.8.194:443;
#server 10.254.8.195:443;
#server 10.254.8.184:443;
#server 10.254.8.185:443;
server 10.254.64.52:443;
server 10.254.64.53:443;
server 10.254.64.60:443;
server 10.254.64.61:443;
server 10.254.64.62:443;
server 10.254.64.63:443;
server 10.254.64.64:443;
server 10.254.64.65:443;
server 10.254.64.66:443;
server 10.254.64.67:443;
server 10.254.64.80:443;
server 10.254.64.81:443;
server 10.254.64.82:443;
server 10.254.64.83:443;
}
upstream i0.chunboimg.com {
server 10.254.9.173:80;
server 10.254.9.174:80;
}
upstream i2.chunboimg.com {
server 10.254.9.173:81;
server 10.254.9.174:81;
}
upstream static.chunboimg.com {
#server 10.254.8.117:82;
#server 10.254.8.108:82;
server 10.254.8.185:82;
server 10.254.8.186:82 backup;
}
upstream tms.chunbo.com {
server 10.254.8.162:80;
server 10.254.8.163:80;
}
#upstream vc.chunbo.com {
#server 10.254.8.105:443;
#server 10.254.8.115:443;
# server 10.254.64.50:443;
# server 10.254.64.51:443;
#}
upstream vc_http.chunbo.com {
server 10.254.64.50:8162;
server 10.254.64.51:8162;
}
upstream pay.chunbo.com {
#server 10.254.8.105:8102;
#server 10.254.8.115:8102;
server 10.254.64.50:8102;
server 10.254.64.51:8102;
}
upstream dmscore.chunbo.com {
server 10.254.64.148:80;
server 10.254.64.149:80;
}
upstream dmsorder.chunbo.com {
server 10.254.64.149:8080;
server 10.254.64.148:8080;
}
upstream dmsorder-ws.chunbo.com {
server 10.254.64.150:80;
server 10.254.64.151:8080;
}
upstream dms.chunbo.com {
server 10.254.64.146:8080;
server 10.254.64.147:8080;
}
upstream dmsapi.chunbo.com {
server 10.254.64.146:80;
server 10.254.64.147:80;
}
upstream thirdapi.chunbo.com {
server 10.254.64.190:82;
server 10.254.64.191:82;
}
upstream help.chunbo.com {
server 10.254.64.157:1337;
server 10.254.64.158:1337;
server 10.254.64.159:1337;
server 10.254.64.160:1337;
}
upstream tms-rpc.chunbo.com {
server 10.254.64.220:8081;
server 10.254.64.223:8081;
}
upstream tuan.chunbo.com {
server 10.254.64.157:81;
server 10.254.64.158:81;
server 10.254.64.159:81;
server 10.254.64.160:81;
}
upstream dms-rpt.prod.chunbo.com {
server 10.254.64.197:8080;
server 10.254.64.198:8080;
}
include /etc/nginx/conf.d/*.conf;
}
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/
api.chunbo.com.conf dmscore.chunbo.com.conf help.chunbo.com.conf smsapi.chunbo.com.conf tms-rpc.chunbo.com.conf www.chunbo.com.conf
apissl.chunbo.com.conf dmsorder.chunbo.com.conf i0.chunboimg.com.conf ssl/ tuan.chunbo.com.conf
default.conf dmsorder-ws.chunbo.com.conf i2.chunboimg.com.conf static.chunboimg.com.conf vc.chunbo.com.conf.bak
dmsapi.chunbo.com.conf dms-rpt.prod.chunbo.com.conf nginx_logrote.sh thirdapi.chunbo.com.conf vc_http.chunbo.com.conf
dms.chunbo.com.conf example_ssl.conf pay.chunbo.com.conf tms.chunbo.com.conf whiteip.txt
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf
server {
listen 80;
server_name web.chunbo.com www.chunbo.com chunbo.com;
if ($host = chunbo.com) {
rewrite ^/(.*)$ http://www.chunbo.com/$1 permanent;
}
location / {
proxy_pass http://www.chunbo.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Queue-Start "t=${msec}000";
}
}
[root@lvs-ctc-bj-10-254-8-121 ~]#
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf
server {
listen 80;
server_name web.chunbo.com www.chunbo.com chunbo.com;
if ($host = chunbo.com) {
rewrite ^/(.*)$ http://www.chunbo.com/$1 permanent;
}
location / {
proxy_pass http://www.chunbo.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Queue-Start "t=${msec}000";
}
}
文档更新时间: 2019-07-13 11:58 作者:月影鹏鹏