实战 Centos6.5下 Nginx-1.6.0 +keepalived-1.2.12 +tomcat-7.0.54 实现高可用+负载均衡
Nginx+keepalived+tomcat环境介绍系统:centos6.5_64_mini
nginx版本:Nginx-1.6.0
keepalived版本:keepalived-1.2.12
tomcat版本:tomcat-7.0.54
实验节点如下:
主节点:192.168.100.41
备用节点:192.168.100.42
漂移IP:192.168.100.40
1.安装所需的库(主备节点都需要安装)
#yum -y install gcc gcc-c++ openssl openssl-devel popt-develwget
2.建立相关目录以及用户组(主备节点都需要建立)
#cd /yunwei8
#mkdir soft
#mkdir apps
#mkdir server
#mkdir /etc/keepalived
#cd /yunwei8/soft
#/usr/sbin/groupadd www
#/usr/sbin/useradd -s /sbin/nologin -M -g www www
#mkdir -p /yunwei8/web/www
#chmod 777 /yunwei8/web/www
#chown -R www:www /yunwei8/web/www
#chmod g+s /yunwei8/web/www
#mkdir -p /yunwei8/web/logs
#chmod +w /yunwei8/web/logs
#chown -R www:www /yunwei8/web/logs
3.将所有软件下载到/yunwei8/soft目录下(主备节点都需要下载)
#wget http://down.yunwei8.com/soft/linux/keepalived-1.2.12.tar.gz
#wget http://down.yunwei8.com/soft/linux/jdk-7u60-linux-x64.tar.gz
#wget http://down.yunwei8.com/soft/linux/nginx-1.6.0.tar.gz
# wget http://down.yunwei8.com/soft/linux/apache-tomcat-7.0.54.tar.gz
# wget http://down.yunwei8.com/soft/linux/pcre-8.35.tar.gz
4.nginx安装(主备节点都需要安装)
4.1安装Nginx所需的pcre库
解压并安装
#cd /yunwei8/soft
#tar zxvf pcre-8.35.tar.gz
#cd pcre-8.35/
#./configure
#make && make install
4.2安装niginx
解压并安装
#cd /yunwei8/soft
#tar zxvf nginx-1.6.0.tar.gz
#cd nginx-1.6.0
#./configure --user=www --group=www --prefix=/yunwei8/server/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-pcre=../pcre-8.35 --with-pcre-jit
#make && make install
4.3修改主节点nginx.conf配置文件
#rm -rf /yunwei8/server/nginx/conf/nginx.conf
#vi /yunwei8/server/nginx/conf/nginx.conf
复制以下内容
userwww www;
worker_processes8;
error_log/yunwei8/web/logs/nginx_error.logcrit;
pid logs/nginx.pid;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_body_buffer_size 128k;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
gzip on;
gzip_min_length 1k;
gzip_http_version 1.1;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml
gzip_vary on;
upstream tomcat_server
{
ip_hash;
server 192.168.100.41:8080 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.100.42:8080 weight=1 max_fails=2 fail_timeout=30s;
}
server
{
listen 80;
server_name 192.168.100.41;
location / {
proxy_redirect off;
proxy_set_headerHost $host;
proxy_set_headerX-Real-IP$remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tomcat_server;
}
}
log_formataccess'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log/yunwei8/web/logs/access.logaccess;
}
4.4测试(主节点)
#/yunwei8/server/nginx/sbin/nginx -t
如果显示下面信息,即表示配置没问题
nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/nginx/conf/nginx.conf test is successful
4.5修改备节点nginx.conf配置文件
#rm -rf /yunwei8/server/nginx/conf/nginx.conf
#vi /yunwei8/server/nginx/conf/nginx.conf
复制以下内容
userwww www;
worker_processes8;
error_log/yunwei8/web/logs/nginx_error.logcrit;
pid logs/nginx.pid;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_body_buffer_size 128k;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
gzip on;
gzip_min_length 1k;
gzip_http_version 1.1;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml
gzip_vary on;
upstream tomcat_server
{
ip_hash;
server 192.168.100.41:8080 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.100.42:8080 weight=1 max_fails=2 fail_timeout=30s;
}
server
{
listen 80;
server_name 192.168.100.42;
location / {
proxy_redirect off;
proxy_set_headerHost $host;
proxy_set_headerX-Real-IP$remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tomcat_server;
}
}
log_formataccess'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log/yunwei8/web/logs/access.logaccess;
}
4.6测试(备节点)
#/yunwei8/server/nginx/sbin/nginx -t
如果显示下面信息,即表示配置没问题
nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/nginx/conf/nginx.conf test is successful
4.7编写nginx 启动服务(主备节点)
#vi /etc/init.d/nginx
##输入以下代码并保存
#!/bin/sh## nginx - this script starts and stops the nginx daemin## chkconfig: - 85 15 # description:Nginx is an HTTP(S) server, HTTP(S) reverse \# proxy and IMAP/POP3 proxy server# processname: nginx# config: /yunwei8/server/nginx/conf/nginx.conf# pidfile: /yunwei8/server/nginx/logs/nginx.pid # Source function library.. /etc/rc.d/init.d/functions # Source networking configuration.. /etc/sysconfig/network # Check that networking is up.[ "$NETWORKING" = "no" ] && exit 0 nginx="/yunwei8/server/nginx/sbin/nginx"prog=$(basename $nginx) NGINX_CONF_FILE="/yunwei8/server/nginx/conf/nginx.conf" lockfile=/var/lock/subsys/nginx start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval} stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval} restart() { configtest || return $? stop start} reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo} configtest() {$nginx -t -c $NGINX_CONF_FILE} rh_status() { status $prog} rh_status_q() { rh_status >/dev/null 2>&1} case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; status) rh_status ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|configtest}" exit 2esac 4.8设置权限并添加到启动服务列表中(主备节点)
#chmod 755 /etc/init.d/nginx
#chkconfig --add nginx
#chkconfig --level 345 nginx on
4.9启动nginx(主备节点)
#service nginx start
5.JDK安装(主备节点)
5.1解压缩包
#cd /yunwei8/soft
#tar zxvf jdk-7u60-linux-x64.tar.gz
#mv jdk1.7.0_60/ /yunwei8/server/
5.2让我们装的JDK成为默认的JDK(主备节点)
#update-alternatives --install /usr/bin/java java /yunwei8/server/jdk1.7.0_60/bin/java 300
#update-alternatives --install /usr/bin/javac javac /yunwei8/server/jdk1.7.0_60/bin/javac 300
5.3设置环境变量(主备节点)
#cd /yunwei8/soft
#vi /etc/profile
##在最后加入如下参数
Java_HOME=/yunwei8/server/jdk1.7.0_60
PATH=$Java_HOME/bin:$PATH
CLASSPATH=.:$Java_HOME/lib/tools.jar:$Java_HOME/lib/dt.jar
export Java_HOME PATH> 5.4激活刚才的配置(主备节点)
#source /etc/profile
5.5查看Java版本,看是否配置合适(主备节点)
#java -version
6.tomcat安装(主备节点)
6.1解压并安装apache-tomcat-7.0.54
#cd /yunwei8/soft
#tar zxvf apache-tomcat-7.0.54.tar.gz
#mv apache-tomcat-7.0.54 /yunwei8/apps/tomcat7
6.2设置tomcat权限(主备节点)
#cd /yunwei8/apps/tomcat7/bin/
#chmod 777 *.sh
6.3启动tomcat(主备节点)
#/yunwei8/apps/tomcat7/bin/startup.sh
7.keepalived安装(主备节点)
7.1安装keepalived-1.2.12
#cd /yunwei8/soft
#tar zxvf keepalived-1.2.12.tar.gz
#cd keepalived-1.2.12
#./configure --prefix=/yunwei8/server/keepalived
#make && make install
7.2复制相关目录(主备节点)
#复制keepalived启动文件到默认路径,也可以通过设置环境变量的path实现
#cp /yunwei8/server/keepalived/sbin/keepalived /usr/sbin/
#复制keepalived服务脚本到默认的地址,也通过修改init.d/keepalived文件中的相应配置实
#cp /yunwei8/server/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
#复制服务启动脚本到,以便可以通过service控制keepalived服务
#cp /yunwei8/server/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
7.3设置权限并添加到启动服务列表中(主备节点)
#chmod 755 /etc/init.d/keepalived
#chkconfig --add keepalived
#chkconfig --level 345 keepalived on
7.4创建nginx监控脚本(主备节点)
#vi /yunwei8/server/nginx/conf/check_nginx.sh
复制以下脚本
#!/bin/bash A=`ps -C nginx –no-header |wc -l` if [ $A -eq 0 ];then /yunwei8/server/nginx/sbin/nginxsleep 3if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi 7.5给nginx监控脚本赋予权限(主备节点)
#chmod 755 /yunwei8/server/nginx/conf/check_nginx.sh
7.6编写配置文件,主节点(192.168.100.41)创建keepalived配置文件
#vi /etc/keepalived/keepalived.conf
复制以下配置文件
!Configuration File for keepalived
global_defs {
notification_email {
77121151@qq.com
}
notification_email_from 41@yunwei8.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX1_DEVEL
}
vrrp_script chk_nginx {
script "/yunwei8/server/nginx/conf/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
nopreempt
interface eth0
virtual_router_id 41
mcast_src_ip 192.168.100.41
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass fds#FSAF897
}
virtual_ipaddress {
192.168.100.40
}
track_script {
chk_nginx
}
}
备用节点(192.168.100.42)创建keepalived配置文件
#vi /etc/keepalived/keepalived.conf
##复制以下配置文件
! Configuration File for keepalived
global_defs {
notification_email {
77121151@qq.com
}
notification_email_from 42@yunwei8.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX2_DEVEL
}
vrrp_script chk_nginx {
script "/yunwei8/server/nginx/conf/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 41
mcast_src_ip 192.168.100.42
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass fds#FSAF897
}
virtual_ipaddress {
192.168.100.40
}
track_script {
chk_nginx
}
}
7.7保存配置文件后,启动keepalived服务(主备节点)
#service keepalived start
8.防火墙设置
端口开放
#iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
#iptables -I INPUT -p tcp --dport 80 -j ACCEPT
#iptables -I INPUT 3 -p vrrp -j ACCEPT
#/etc/rc.d/init.d/iptables save
9.测试,这里简单做下,大家可以自己多测试
9.1主节点测试,查看是否有漂移IP,如果有192.168.1.40则表示主节点漂移IP绑定成功
#ip a
9.2备节点测试,查看是否有漂移IP,如果在主节点没有故障的前提下没有绑定192.168.1.40则表示成功
#ip a
9.3关闭主节点访问http://192.168.1.40测试,如果能成功访问说明漂移IP已经绑定到备节点上
页:
[1]