10-254-8-120

[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/
keepalived.conf  scripts/         
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_120
}
vrrp_script chk_http_port {
    script "/etc/keepalived/scripts/chk_nginx.sh"
    interval 2
    weight 2
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0 
    virtual_router_id 51
    priority 101
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_http_port
    }
    virtual_ipaddress {
    101.251.213.166
    101.251.213.167
    101.251.213.168
    101.251.213.171
    101.251.213.172
    101.251.213.173
    101.251.213.174
    101.251.213.175
    101.251.213.176
    101.251.213.180
    }
}
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/keepalived/scripts/chk_nginx.sh 
#!/bin/bash

NGINX=/usr/sbin/nginx
PORT=80

nmap localhost -p $PORT | grep "$PORT/tcp open"

if [ $? -ne 0 ];then
    $NGINX -s stop
    $NGINX
    sleep 3
    nmap localhost -p $PORT | grep "$PORT/tcp open"
    [ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx
nginx/     nginx.tgz  
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/
conf.d/         conf.tar.gz     fastcgi_params  koi-utf         koi-win         mime.types      nginx.conf      nginx.conf.bak  scgi_params     uwsgi_params    win-utf
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/nginx.conf
user  root;
worker_processes  24;
worker_rlimit_nofile 100000;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  65535;
    multi_accept on;
    use epoll;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    charset       utf-8;
    server_names_hash_bucket_size 128;
    client_header_buffer_size     32k;
    large_client_header_buffers   4  32k;
    client_max_body_size          300m;
    server_tokens          off;
    sendfile                      on;
    tcp_nopush                    on;
    keepalive_timeout             60;

    open_file_cache max=102400 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 1;

    tcp_nodelay                   on;
    client_body_buffer_size       512k;
    proxy_connect_timeout         5;
    proxy_read_timeout            60;
    proxy_send_timeout            5;
    proxy_buffer_size             16k;
    proxy_buffers                 4 64k;
    proxy_busy_buffers_size       128k;
    proxy_temp_file_write_size    128k;
    gzip                          on;
    gzip_min_length               1k;
    gzip_buffers                  4 16k;
    gzip_http_version             1.1;
    gzip_comp_level               6;
    gzip_types                    text/plain application/x-javascript text/css application/xml;
    gzip_vary                     on;

#    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
#                      '$status $body_bytes_sent "$http_referer" '
#                      '"$http_user_agent" "$http_x_forwarded_for"';

log_format  main '$host|$server_addr|$remote_addr|$request_time|-|$remote_user|$msec|[$time_local]|$request_method|$request_uri'
               '|$status|$body_bytes_sent|$http_referer'
               '|"$http_user_agent"|$http_x_forwarded_for|$cookie_cb_csd|$cookie_cb_cba_device_id|$cookie_cb_user|$cookie_cb_province_id|$cookie_cb_address_city|$cookie_cb_site_id|$request_body|$upstream_addr|-|-|-|';




    access_log  /var/log/nginx/access.log  main;

    geo $whiteiplist {
        default 1 ;
        127.0.0.1 0;
        include /etc/nginx/conf.d/whiteip.txt;
    }
    map $whiteiplist $limit {
        1 $binary_remote_addr;
        0 "";
     }

    limit_req_zone $limit zone=qps1:100m rate=80r/s;
    limit_req zone=qps1 burst=5 ;



    upstream www.chunbo.com {
    server 10.254.64.10:80 weight=10;
    server 10.254.64.11:80 weight=10;
    server 10.254.64.54:80 weight=10;
    server 10.254.64.55:80 weight=10;
    server 10.254.64.56:80 weight=10;
    server 10.254.64.57:80 weight=10;
    server 10.254.64.58:80 weight=10;
    server 10.254.64.59:80 weight=10;
    server 10.254.64.78:80 weight=10;
    server 10.254.64.79:80 weight=10;
    server 10.254.64.156:80 weight=10;
    server 10.254.64.157:80 weight=10;
    server 10.254.64.158:80 weight=10;
    server 10.254.64.159:80 weight=10;
    server 10.254.64.160:80 weight=10;
        #server 10.254.64.172:80 weight=10;
        #server 10.254.64.173:80 weight=10;
        #server 10.254.64.174:80 weight=10;
        #server 10.254.64.175:80 weight=10;
        #server 10.254.64.176:80 weight=10; 
        server 10.254.70.3:20005 weight=5;
        server 10.254.70.4:20005 weight=5;
        server 10.254.70.11:20005 weight=5;
        server 10.254.70.12:20005 weight=5;
    }

    upstream api.chunbo.com {
    server 10.254.64.52:80;
    server 10.254.64.53:80;
        server 10.254.64.60:80;
        server 10.254.64.61:80;
        server 10.254.64.62:80;
        server 10.254.64.63:80;
        server 10.254.64.64:80;
        server 10.254.64.65:80;
        server 10.254.64.66:80;
        server 10.254.64.67:80;
        server 10.254.64.80:80;
        server 10.254.64.81:80;
        server 10.254.64.82:80;
        server 10.254.64.83:80;
        server 10.254.64.166:80;
        server 10.254.64.167:80;
        server 10.254.64.168:80;
        server 10.254.64.169:80;
        server 10.254.64.170:80;
        server 10.254.64.171:80;
    }

    upstream smsapi.chunbo.com {
    #server 10.254.8.194:443;
    #server 10.254.8.195:443;
    #server 10.254.8.184:443;
    #server 10.254.8.185:443;
    server 10.254.64.52:443;
    server 10.254.64.53:443;
        server 10.254.64.60:443;
        server 10.254.64.61:443;
        server 10.254.64.62:443;
        server 10.254.64.63:443;
        server 10.254.64.64:443;
        server 10.254.64.65:443;
        server 10.254.64.66:443;
        server 10.254.64.67:443;
    server 10.254.64.80:443;
    server 10.254.64.81:443;
    server 10.254.64.82:443;
    server 10.254.64.83:443;
    }

    upstream i0.chunboimg.com {
    server 10.254.9.173:80;
    server 10.254.9.174:80;
    }

    upstream i2.chunboimg.com {
    server 10.254.9.173:81;
    server 10.254.9.174:81;
    }

    upstream static.chunboimg.com {
    #server 10.254.8.117:82;
    #server 10.254.8.108:82;
        server 10.254.8.185:82;
        server 10.254.8.186:82 backup;
    }

    upstream tms.chunbo.com {
    server 10.254.8.162:80;
    server 10.254.8.163:80;
    }

    #upstream vc.chunbo.com {
    #server 10.254.8.105:443;
    #server 10.254.8.115:443;
    # server 10.254.64.50:443;
    # server 10.254.64.51:443; 
    #}

    upstream vc_http.chunbo.com {
    server 10.254.64.50:8162;
    server 10.254.64.51:8162; 
    }

    upstream pay.chunbo.com {
    #server 10.254.8.105:8102;
    #server 10.254.8.115:8102;
    server 10.254.64.50:8102;
    server 10.254.64.51:8102;
    }

    upstream dmscore.chunbo.com {
        server 10.254.64.148:80;
        server 10.254.64.149:80;
    }

    upstream dmsorder.chunbo.com {
        server 10.254.64.149:8080;
        server 10.254.64.148:8080;
    }

    upstream dmsorder-ws.chunbo.com {
        server 10.254.64.150:80;
        server 10.254.64.151:8080;
    }

    upstream dms.chunbo.com {
        server 10.254.64.146:8080;
        server 10.254.64.147:8080;
    }

    upstream dmsapi.chunbo.com {
        server 10.254.64.146:80;
        server 10.254.64.147:80;
    }
    upstream thirdapi.chunbo.com {
        server 10.254.64.190:82;
        server 10.254.64.191:82;
    }
    upstream help.chunbo.com {
        server 10.254.64.157:1337;
        server 10.254.64.158:1337;
        server 10.254.64.159:1337;
        server 10.254.64.160:1337;
    }

    upstream tms-rpc.chunbo.com {
        server 10.254.64.220:8081;
        server 10.254.64.223:8081;
    }

    upstream tuan.chunbo.com {
        server 10.254.64.157:81;
        server 10.254.64.158:81;
        server 10.254.64.159:81;
        server 10.254.64.160:81;
    }
    upstream dms-rpt.prod.chunbo.com {
        server 10.254.64.197:8080;
        server 10.254.64.198:8080;
    }
    include /etc/nginx/conf.d/*.conf;
}
[root@lvs-ctc-bj-10-254-8-120 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf 
server {
    listen       80;
    server_name  web.chunbo.com www.chunbo.com chunbo.com;

    if ($host = chunbo.com) {
     rewrite ^/(.*)$  http://www.chunbo.com/$1 permanent;
     }

    location / {
    proxy_pass         http://www.chunbo.com;
    proxy_set_header        Host $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Queue-Start "t=${msec}000";    
    }
    location /ngx_status {
    rewrite ^(.*)$  http://www.chunbo.com break;
    }
}

[root@lvs-ctc-bj-10-254-8-120 ~]# 

10.254.8.121 配置

[root@prod13082930-steppingStones ~]# ssh 10.254.8.121
Last login: Mon Jul 24 13:28:20 2017 from 10.254.8.149
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/
conf.d/         fastcgi_params  koi-utf         koi-win         mime.types      nginx.conf      scgi_params     uwsgi_params    win-utf         
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/
keepalived.conf  scripts/         
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_121
}

vrrp_script chk_http_port {
    script "/etc/keepalived/scripts/chk_nginx.sh"
    interval 2
    weight 2
}

vrrp_instance VI_1 {
    state BACKUP 
    interface eth0 
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_http_port
    }
    virtual_ipaddress {
    101.251.213.166
    101.251.213.167
    101.251.213.168
    101.251.213.171
    101.251.213.172
    101.251.213.173
    101.251.213.174
    101.251.213.175
    101.251.213.176
    101.251.213.180
    }
}
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/keepalived/scripts/chk_nginx.sh 
#!/bin/bash

NGINX=/usr/sbin/nginx
PORT=80

nmap localhost -p $PORT | grep "$PORT/tcp open"

if [ $? -ne 0 ];then
    $NGINX -s stop
    $NGINX
    sleep 3
    nmap localhost -p $PORT | grep "$PORT/tcp open"
    [ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/nginx.conf 
user  root;
worker_processes  24;
worker_rlimit_nofile 100000;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  65535;
    multi_accept on;
    use epoll;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    charset       utf-8;
    server_names_hash_bucket_size 128;
    client_header_buffer_size     32k;
    large_client_header_buffers   4  32k;
    client_max_body_size          300m;
    server_tokens          off;
    sendfile                      on;
    tcp_nopush                    on;
    keepalive_timeout             60;

    open_file_cache max=102400 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 1;

    tcp_nodelay                   on;
    client_body_buffer_size       512k;
    proxy_connect_timeout         5;
    proxy_read_timeout            60;
    proxy_send_timeout            5;
    proxy_buffer_size             16k;
    proxy_buffers                 4 64k;
    proxy_busy_buffers_size       128k;
    proxy_temp_file_write_size    128k;
    gzip                          on;
    gzip_min_length               1k;
    gzip_buffers                  4 16k;
    gzip_http_version             1.1;
    gzip_comp_level               6;
    gzip_types                    text/plain application/x-javascript text/css application/xml;
    gzip_vary                     on;

#    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
#                      '$status $body_bytes_sent "$http_referer" '
#                      '"$http_user_agent" "$http_x_forwarded_for"';
log_format  main '$host|$server_addr|$remote_addr|$request_time|-|$remote_user|$msec|[$time_local]|$request_method|$request_uri'
               '|$status|$body_bytes_sent|$http_referer'
               '|"$http_user_agent"|$http_x_forwarded_for|$cookie_cb_csd|$cookie_cb_cba_device_id|$cookie_cb_user|$cookie_cb_province_id|$cookie_cb_address_city|$cookie_cb_site_id|$request_body|$upstream_addr|-|-|-|';



    access_log  /var/log/nginx/access.log  main;


    geo $whiteiplist { 
        default 1 ; 
        127.0.0.1 0; 
        include /etc/nginx/conf.d/whiteip.txt; 
    } 
    map $whiteiplist $limit { 
        1 $binary_remote_addr; 
        0 ""; 
     } 

    limit_req_zone $limit zone=qps1:100m rate=80r/s; 
    limit_req zone=qps1 burst=5 ;

    upstream www.chunbo.com {
       server 10.254.64.10:80 weight=10;
    server 10.254.64.11:80 weight=10;
    server 10.254.64.54:80 weight=10;
    server 10.254.64.55:80 weight=10;
    server 10.254.64.56:80 weight=10;
    server 10.254.64.57:80 weight=10;
    server 10.254.64.58:80 weight=10;
    server 10.254.64.59:80 weight=10;
    server 10.254.64.78:80 weight=10;
    server 10.254.64.79:80 weight=10;
    server 10.254.64.156:80 weight=10;
    server 10.254.64.157:80 weight=10;
    server 10.254.64.158:80 weight=10;
    server 10.254.64.159:80 weight=10;
    server 10.254.64.160:80 weight=10;
        #server 10.254.64.172:80 weight=10;
        #server 10.254.64.173:80 weight=10;
        #server 10.254.64.174:80 weight=10;
        #server 10.254.64.175:80 weight=10;
        #server 10.254.64.176:80 weight=10; 
        server 10.254.70.3:20005 weight=5;
        server 10.254.70.4:20005 weight=5;
        server 10.254.70.11:20005 weight=5;
        server 10.254.70.12:20005 weight=5;
    }

    upstream api.chunbo.com {
    server 10.254.64.52:80;
    server 10.254.64.53:80;
        server 10.254.64.60:80;
        server 10.254.64.61:80;
        server 10.254.64.62:80;
        server 10.254.64.63:80;
        server 10.254.64.64:80;
        server 10.254.64.65:80;
        server 10.254.64.66:80;
        server 10.254.64.67:80;
        server 10.254.64.80:80;
        server 10.254.64.81:80;
        server 10.254.64.82:80;
        server 10.254.64.83:80;
        server 10.254.64.166:80;
        server 10.254.64.167:80;
        server 10.254.64.168:80;
        server 10.254.64.169:80;
        server 10.254.64.170:80;
        server 10.254.64.171:80;
    }

    upstream smsapi.chunbo.com {
    #server 10.254.8.194:443;
    #server 10.254.8.195:443;
    #server 10.254.8.184:443;
    #server 10.254.8.185:443;
    server 10.254.64.52:443;
    server 10.254.64.53:443;
        server 10.254.64.60:443;
        server 10.254.64.61:443;
        server 10.254.64.62:443;
        server 10.254.64.63:443;
        server 10.254.64.64:443;
        server 10.254.64.65:443;
        server 10.254.64.66:443;
        server 10.254.64.67:443;
    server 10.254.64.80:443;
    server 10.254.64.81:443;
    server 10.254.64.82:443;
    server 10.254.64.83:443;
    }

    upstream i0.chunboimg.com {
    server 10.254.9.173:80;
    server 10.254.9.174:80;
    }

    upstream i2.chunboimg.com {
    server 10.254.9.173:81;
    server 10.254.9.174:81;
    }

    upstream static.chunboimg.com {
    #server 10.254.8.117:82;
    #server 10.254.8.108:82;
        server 10.254.8.185:82;
        server 10.254.8.186:82 backup;
    }

    upstream tms.chunbo.com {
    server 10.254.8.162:80;
    server 10.254.8.163:80;
    }

    #upstream vc.chunbo.com {
    #server 10.254.8.105:443;
    #server 10.254.8.115:443;
    # server 10.254.64.50:443;
    # server 10.254.64.51:443; 
    #}

    upstream vc_http.chunbo.com {
    server 10.254.64.50:8162;
    server 10.254.64.51:8162; 
    }

    upstream pay.chunbo.com {
    #server 10.254.8.105:8102;
    #server 10.254.8.115:8102;
    server 10.254.64.50:8102;
    server 10.254.64.51:8102;
    }

    upstream dmscore.chunbo.com {
        server 10.254.64.148:80;
        server 10.254.64.149:80;
    }

    upstream dmsorder.chunbo.com {
        server 10.254.64.149:8080;
        server 10.254.64.148:8080;
    }

    upstream dmsorder-ws.chunbo.com {
        server 10.254.64.150:80;
        server 10.254.64.151:8080;
    }

    upstream dms.chunbo.com {
        server 10.254.64.146:8080;
        server 10.254.64.147:8080;
    }

    upstream dmsapi.chunbo.com {
        server 10.254.64.146:80;
        server 10.254.64.147:80;
    }
    upstream thirdapi.chunbo.com {
        server 10.254.64.190:82;
        server 10.254.64.191:82;
    }
    upstream help.chunbo.com {
        server 10.254.64.157:1337;
        server 10.254.64.158:1337;
        server 10.254.64.159:1337;
        server 10.254.64.160:1337;
    }

   upstream tms-rpc.chunbo.com {
        server 10.254.64.220:8081;
        server 10.254.64.223:8081;
    }

   upstream tuan.chunbo.com {
        server 10.254.64.157:81;
        server 10.254.64.158:81;
        server 10.254.64.159:81;
        server 10.254.64.160:81;
    }
    upstream dms-rpt.prod.chunbo.com {
        server 10.254.64.197:8080;
        server 10.254.64.198:8080;
    }

    include /etc/nginx/conf.d/*.conf;
}
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/
api.chunbo.com.conf           dmscore.chunbo.com.conf       help.chunbo.com.conf          smsapi.chunbo.com.conf        tms-rpc.chunbo.com.conf       www.chunbo.com.conf
apissl.chunbo.com.conf        dmsorder.chunbo.com.conf      i0.chunboimg.com.conf         ssl/                          tuan.chunbo.com.conf          
default.conf                  dmsorder-ws.chunbo.com.conf   i2.chunboimg.com.conf         static.chunboimg.com.conf     vc.chunbo.com.conf.bak        
dmsapi.chunbo.com.conf        dms-rpt.prod.chunbo.com.conf  nginx_logrote.sh              thirdapi.chunbo.com.conf      vc_http.chunbo.com.conf       
dms.chunbo.com.conf           example_ssl.conf              pay.chunbo.com.conf           tms.chunbo.com.conf           whiteip.txt                   
[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf 
server {
    listen       80;
    server_name  web.chunbo.com www.chunbo.com chunbo.com;

    if ($host = chunbo.com) {
     rewrite ^/(.*)$  http://www.chunbo.com/$1 permanent;
     }

    location / {
    proxy_pass http://www.chunbo.com;
    proxy_set_header        Host $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Queue-Start "t=${msec}000";
    }
}

[root@lvs-ctc-bj-10-254-8-121 ~]#

[root@lvs-ctc-bj-10-254-8-121 ~]# cat /etc/nginx/conf.d/www.chunbo.com.conf
server {
listen 80;
server_name web.chunbo.com www.chunbo.com chunbo.com;

if ($host = chunbo.com) {
 rewrite ^/(.*)$  http://www.chunbo.com/$1 permanent;
 }

location / {
proxy_pass http://www.chunbo.com;
proxy_set_header        Host $host;
proxy_set_header        X-Real-IP $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header        X-Queue-Start "t=${msec}000";
}

}

文档更新时间: 2019-07-13 11:58   作者:月影鹏鹏