|
|
Nginx+keepalived+tomcat环境介绍
系统:centos6.5_64_mini
nginx版本:Nginx-1.6.0
keepalived版本:keepalived-1.2.12
tomcat版本:tomcat-7.0.54
实验节点如下:
主节点:192.168.100.41
备用节点:192.168.100.42
漂移IP:192.168.100.40
1.安装所需的库(主备节点都需要安装)
# yum -y install gcc gcc-c++ openssl openssl-devel popt-devel wget
2.建立相关目录以及用户组(主备节点都需要建立)
# cd /yunwei8
# mkdir soft
# mkdir apps
# mkdir server
# mkdir /etc/keepalived
# cd /yunwei8/soft
# /usr/sbin/groupadd www
# /usr/sbin/useradd -s /sbin/nologin -M -g www www
# mkdir -p /yunwei8/web/www
# chmod 777 /yunwei8/web/www
# chown -R www:www /yunwei8/web/www
# chmod g+s /yunwei8/web/www
# mkdir -p /yunwei8/web/logs
# chmod +w /yunwei8/web/logs
# chown -R www:www /yunwei8/web/logs
3.将所有软件下载到/yunwei8/soft目录下(主备节点都需要下载)
# wget http://down.yunwei8.com/soft/linux/keepalived-1.2.12.tar.gz
#wget http://down.yunwei8.com/soft/linux/jdk-7u60-linux-x64.tar.gz
#wget http://down.yunwei8.com/soft/linux/nginx-1.6.0.tar.gz
# wget http://down.yunwei8.com/soft/linux/apache-tomcat-7.0.54.tar.gz
# wget http://down.yunwei8.com/soft/linux/pcre-8.35.tar.gz
4.nginx安装(主备节点都需要安装)
4.1安装Nginx所需的pcre库
解压并安装
# cd /yunwei8/soft
# tar zxvf pcre-8.35.tar.gz
# cd pcre-8.35/
# ./configure
# make && make install
4.2安装niginx
解压并安装
# cd /yunwei8/soft
# tar zxvf nginx-1.6.0.tar.gz
# cd nginx-1.6.0
# ./configure --user=www --group=www --prefix=/yunwei8/server/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-pcre=../pcre-8.35 --with-pcre-jit
# make && make install
4.3修改主节点nginx.conf配置文件
# rm -rf /yunwei8/server/nginx/conf/nginx.conf
# vi /yunwei8/server/nginx/conf/nginx.conf
复制以下内容
user www www;
worker_processes 8;
error_log /yunwei8/web/logs/nginx_error.log crit;
pid logs/nginx.pid;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_body_buffer_size 128k;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
gzip on;
gzip_min_length 1k;
gzip_http_version 1.1;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml
gzip_vary on;
upstream tomcat_server
{
ip_hash;
server 192.168.100.41:8080 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.100.42:8080 weight=1 max_fails=2 fail_timeout=30s;
}
server
{
listen 80;
server_name 192.168.100.41;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tomcat_server;
}
}
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /yunwei8/web/logs/access.log access;
}
4.4测试(主节点)
# /yunwei8/server/nginx/sbin/nginx -t
如果显示下面信息,即表示配置没问题
nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/nginx/conf/nginx.conf test is successful
4.5修改备节点nginx.conf配置文件
# rm -rf /yunwei8/server/nginx/conf/nginx.conf
# vi /yunwei8/server/nginx/conf/nginx.conf
复制以下内容
user www www;
worker_processes 8;
error_log /yunwei8/web/logs/nginx_error.log crit;
pid logs/nginx.pid;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_body_buffer_size 128k;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
gzip on;
gzip_min_length 1k;
gzip_http_version 1.1;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml
gzip_vary on;
upstream tomcat_server
{
ip_hash;
server 192.168.100.41:8080 weight=1 max_fails=2 fail_timeout=30s;
server 192.168.100.42:8080 weight=1 max_fails=2 fail_timeout=30s;
}
server
{
listen 80;
server_name 192.168.100.42;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tomcat_server;
}
}
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /yunwei8/web/logs/access.log access;
}
4.6测试(备节点)
# /yunwei8/server/nginx/sbin/nginx -t
如果显示下面信息,即表示配置没问题
nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /opt/nginx/conf/nginx.conf test is successful
4.7编写nginx 启动服务(主备节点)
# vi /etc/init.d/nginx
##输入以下代码并保存
#!/bin/sh## nginx - this script starts and stops the nginx daemin## chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \# proxy and IMAP/POP3 proxy server# processname: nginx# config: /yunwei8/server/nginx/conf/nginx.conf# pidfile: /yunwei8/server/nginx/logs/nginx.pid # Source function library.. /etc/rc.d/init.d/functions # Source networking configuration.. /etc/sysconfig/network # Check that networking is up.[ "$NETWORKING" = "no" ] && exit 0 nginx="/yunwei8/server/nginx/sbin/nginx"prog=$(basename $nginx) NGINX_CONF_FILE="/yunwei8/server/nginx/conf/nginx.conf" lockfile=/var/lock/subsys/nginx start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval} stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval} restart() { configtest || return $? stop start} reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo} configtest() { $nginx -t -c $NGINX_CONF_FILE} rh_status() { status $prog} rh_status_q() { rh_status >/dev/null 2>&1} case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; status) rh_status ;; *) echo $"Usage: $0 {start|stop|status|restart|reload|configtest}" exit 2esac 4.8设置权限并添加到启动服务列表中(主备节点)
# chmod 755 /etc/init.d/nginx
# chkconfig --add nginx
# chkconfig --level 345 nginx on
4.9启动nginx(主备节点)
# service nginx start
5.JDK安装(主备节点)
5.1解压缩包
# cd /yunwei8/soft
# tar zxvf jdk-7u60-linux-x64.tar.gz
# mv jdk1.7.0_60/ /yunwei8/server/
5.2让我们装的JDK成为默认的JDK(主备节点)
# update-alternatives --install /usr/bin/java java /yunwei8/server/jdk1.7.0_60/bin/java 300
# update-alternatives --install /usr/bin/javac javac /yunwei8/server/jdk1.7.0_60/bin/javac 300
5.3设置环境变量(主备节点)
# cd /yunwei8/soft
# vi /etc/profile
##在最后加入如下参数
Java_HOME=/yunwei8/server/jdk1.7.0_60
PATH=$Java_HOME/bin:$PATH
CLASSPATH=.:$Java_HOME/lib/tools.jar:$Java_HOME/lib/dt.jar
export Java_HOME PATH> 5.4激活刚才的配置(主备节点)
# source /etc/profile
5.5查看Java版本,看是否配置合适(主备节点)
# java -version
6.tomcat安装(主备节点)
6.1解压并安装apache-tomcat-7.0.54
# cd /yunwei8/soft
# tar zxvf apache-tomcat-7.0.54.tar.gz
# mv apache-tomcat-7.0.54 /yunwei8/apps/tomcat7
6.2设置tomcat权限(主备节点)
# cd /yunwei8/apps/tomcat7/bin/
# chmod 777 *.sh
6.3启动tomcat(主备节点)
# /yunwei8/apps/tomcat7/bin/startup.sh
7.keepalived安装(主备节点)
7.1安装keepalived-1.2.12
# cd /yunwei8/soft
# tar zxvf keepalived-1.2.12.tar.gz
# cd keepalived-1.2.12
# ./configure --prefix=/yunwei8/server/keepalived
# make && make install
7.2复制相关目录(主备节点)
#复制keepalived启动文件到默认路径,也可以通过设置环境变量的path实现
# cp /yunwei8/server/keepalived/sbin/keepalived /usr/sbin/
#复制keepalived服务脚本到默认的地址,也通过修改init.d/keepalived文件中的相应配置实
# cp /yunwei8/server/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
#复制服务启动脚本到,以便可以通过service控制keepalived服务
# cp /yunwei8/server/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
7.3设置权限并添加到启动服务列表中(主备节点)
# chmod 755 /etc/init.d/keepalived
# chkconfig --add keepalived
# chkconfig --level 345 keepalived on
7.4创建nginx监控脚本(主备节点)
# vi /yunwei8/server/nginx/conf/check_nginx.sh
复制以下脚本
#!/bin/bash A=`ps -C nginx –no-header |wc -l` if [ $A -eq 0 ];then /yunwei8/server/nginx/sbin/nginxsleep 3if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi 7.5给nginx监控脚本赋予权限(主备节点)
# chmod 755 /yunwei8/server/nginx/conf/check_nginx.sh
7.6编写配置文件,主节点(192.168.100.41)创建keepalived配置文件
# vi /etc/keepalived/keepalived.conf
复制以下配置文件
!Configuration File for keepalived
global_defs {
notification_email {
77121151@qq.com
}
notification_email_from 41@yunwei8.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX1_DEVEL
}
vrrp_script chk_nginx {
script "/yunwei8/server/nginx/conf/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
nopreempt
interface eth0
virtual_router_id 41
mcast_src_ip 192.168.100.41
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass fds#FSAF897
}
virtual_ipaddress {
192.168.100.40
}
track_script {
chk_nginx
}
}
备用节点(192.168.100.42)创建keepalived配置文件
# vi /etc/keepalived/keepalived.conf
##复制以下配置文件
! Configuration File for keepalived
global_defs {
notification_email {
77121151@qq.com
}
notification_email_from 42@yunwei8.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX2_DEVEL
}
vrrp_script chk_nginx {
script "/yunwei8/server/nginx/conf/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 41
mcast_src_ip 192.168.100.42
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass fds#FSAF897
}
virtual_ipaddress {
192.168.100.40
}
track_script {
chk_nginx
}
}
7.7保存配置文件后,启动keepalived服务(主备节点)
# service keepalived start
8.防火墙设置
端口开放
# iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
# iptables -I INPUT 3 -p vrrp -j ACCEPT
# /etc/rc.d/init.d/iptables save
9.测试,这里简单做下,大家可以自己多测试
9.1主节点测试,查看是否有漂移IP,如果有192.168.1.40则表示主节点漂移IP绑定成功
# ip a
9.2备节点测试,查看是否有漂移IP,如果在主节点没有故障的前提下没有绑定192.168.1.40则表示成功
# ip a
9.3关闭主节点访问http://192.168.1.40测试,如果能成功访问说明漂移IP已经绑定到备节点上
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2019-1-1 07:43:59
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡