nginx+keeplived+tomcat
1,宣告操做系統版本,nginx,java,tomcat,keeplived版本 php
| 操做系統html |
用途java |
VIPnode |
IP地址linux |
軟件版本nginx |
| CentOS 7.3 miniweb |
NTP服務器apache |
無bootstrap |
192.168.197.31centos |
官方yum源版本 |
| CentOS 7.3 mini |
Nginx主 |
192.168.197.30 |
192.168.197.32 |
nginx-1.14.2.tar.gz |
|
|
|
|
|
keepalived-1.3.5.tar.gz |
| CentOS 7.3 mini |
Nginx備 |
|
192.168.197.33 |
nginx-1.14.2.tar.gz |
|
|
|
|
|
keepalived-1.3.5.tar.gz |
| CentOS 7.3 mini |
Tomcat1 |
無 |
192.168.197.34 |
jdk-8u102-linux-x64.rpm |
|
|
|
|
|
apache-tomcat-8.5.32.tar.gz |
| CentOS 7.3 mini |
Tomcat2 |
|
192.168.197.35 |
jdk-8u102-linux-x64.rpm |
|
|
|
|
|
apache-tomcat-8.5.32.tar.gz |
2,配置服務器IP,肯定主nginx服務器的vip
[root@localhost ~]# more /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=d7cca43a-afd4-4bb3-aabb-90a2318fe28e
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.197.31
PREFIX=24
GATEWAY=192.168.197.2
DNS1=114.114.114.114
根據實際狀況配置ip地址,須要須要vip的再配置文件中加入如下信息
IPADDR1=192.168.197.30
重啓網絡服務
[root@localhost ~]# service network restart
測試外網鏈接性
[root@localhost ~]# ping www.baidu.com
PING www.a.shifen.com (111.13.100.92) 56(84) bytes of data.
64 bytes from 111.13.100.92 (111.13.100.92): icmp_seq=2 ttl=128 time=29.4 ms
64 bytes from 111.13.100.92 (111.13.100.92): icmp_seq=3 ttl=128 time=25.7 ms
64 bytes from 111.13.100.92 (111.13.100.92): icmp_seq=4 ttl=128 time=26.0 ms
永久全部服務器的關閉防火牆和selinux
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# vi /etc/selinux/config
SELINUX=disabled
3,配置chrony時間服務器和客戶端
Centos7已經預裝chrony軟件,若是未安裝可以使用yum install –y chrony 來安裝
檢查是否安裝可以使用如下命令
rpm –ap |grep chron
或
yum list installed |grep chron
chrony服務端配置
[root@localhost ~]# vi /etc/chrony.conf
allow 192.168.0.0/16
其餘配置保持不變,添加以上行表示容許192.168.0.0/16網絡的使用此chronyd服務
重啓chronyd服務,並添加到開機啓動
[root@localhost ~]# systemctl enable chronyd.service
[root@localhost ~]# systemctl restart chronyd.service
chrony全部客戶端配置
[root@localhost ~]# vi /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 192.168.197.31 iburst
註釋掉此部分全部的server項,添加server 192.168.197.31 iburst項目,192.168.197.31爲chrony服務器的IP地址
檢查chrony同步的狀態
[root@localhost ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.197.31 3 6 17 43 -11us[ -63us] +/- 113ms
4,安裝nginx,測試nginx
使用xftp客戶端將nginx和keeplived包上傳到兩臺服務器的/software目錄下,解壓縮軟件包
[root@localhost software]# tar -zxvf nginx-1.14.2.tar.gz
在線安裝依賴包
yum -y install gcc gcc-++ autoconf automake pcre-devel openssl openssl-devel
進入解壓後的目錄,編譯安裝
[root@localhost software]# cd nginx-1.14.2
[root@localhost nginx-1.14.2]# ./configure --prefix=/usr/local/nginx
[root@localhost nginx-1.14.2]# make & make install
啓動nginx服務
[root@localhost nginx-1.14.2]# /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
查看nginx的監聽端口
[root@localhost nginx-1.14.2]# netstat -nutpl |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5008/nginx: master
若是沒有netstat命令,須要安裝net-tools,在線安裝net-tools的命令爲
[root@localhost nginx-1.14.2]# yum install -y net-tools
得知ngxin監聽的端口是80,使用瀏覽器訪問兩臺的80端口上的內容
5,安裝兩臺tomcat服務器的java,tomcat軟件,並測試tomcat是否正常運行
首先上傳jdk包和tomcat包至/software目錄
在安裝前可先檢查系統是否已安裝jdk,使用如下命令檢查
[root@localhost ~]# rpm -qa |grep jdk
或者
[root@localhost ~]# yum list installed |grep jdk
若是有則經過
[root@localhost ~]# rpm –e –nodeps 包名
或
[root@localhost ~]# yum –y remove 包名
來刪除
安裝jdk的rpm包
[root@localhost software]# rpm -ivh jdk-8u102-linux-x64.rpm
移動安裝後的目錄
[root@localhost software]# mv /usr/java/jdk1.8.0_102 /usr/local/jdk1.8
編輯環境變量加入如下代碼
[root@localhost software]# vi /etc/profile
JAVA_HOME=/usr/local/jdk1.8
PATH=$JAVA_HOME/bin:$PATH
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME
export PATH
export CLASSPATH
使配置文件當即生效
[root@localhost software]# source /etc/profile
執行java –version 看是否輸出版本信息,如輸出版本信息則證實安裝成功
[root@localhost software]# java -version
java version "1.8.0_102"
Java(TM) SE Runtime Environment (build 1.8.0_102-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.102-b14, mixed mode)
安裝tomcat,解壓縮tomcat包
[root@localhost software]# tar -zxvf apache-tomcat-8.5.32.tar.gz
移動並改名tomcat
[root@localhost software]# mv apache-tomcat-8.5.32 /usr/local/tomcat8
啓動tomcat
[root@localhost software]# cd /usr/local/tomcat8/bin/
[root@localhost bin]# ./startup.sh
Using CATALINA_BASE: /usr/local/tomcat8
Using CATALINA_HOME: /usr/local/tomcat8
Using CATALINA_TMPDIR: /usr/local/tomcat8/temp
Using JRE_HOME: /usr/local/jdk1.8
Using CLASSPATH: /usr/local/tomcat8/bin/bootstrap.jar:/usr/local/tomcat8/bin/tomcat-juli.jar
Tomcat started.
默認狀況下tomcat監聽端口爲8080,如今可以使用瀏覽器訪問兩臺tomcat上的8080端口,若是沒法訪問請使用netstat檢查8080端口的監聽狀況,檢查selinux的開關和防火牆的開關。
6,在兩臺nginx上安裝keeplived以及依賴包
解壓keeplived包
[root@localhost software]# tar -zxvf keepalived-1.3.5.tar.gz
在線安裝依賴包
[root@localhost software]# yum install -y gcc openssl-devel popt-devel libnl libnl-devel libnfnetlink-devel
編譯安裝
[root@localhost software]# cd keepalived-1.3.5
[root@localhost keepalived-1.3.5]# ./configure --prefix=/usr/local/keepalived
[root@localhost keepalived-1.3.5]# make & make install
建立鏈接
[root@localhost keepalived-1.3.5]# cp /software/keepalived-1.3.5/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
添加權限
[root@localhost keepalived-1.3.5]# chmod +x /etc/init.d/keepalived
編輯配置文件
[root@localhost keepalived-1.3.5]# vi /etc/init.d/keepalived
尋找大約15行左右的. /etc/sysconfig/keepalived, 修改成:
. /usr/local/keepalived/etc/sysconfig/keepalived, 即指向正確的配置文件位置。
配置環境變量
[root@localhost keepalived-1.3.5]# vi /etc/profile
KEEPALIVED_HOME=/usr/local/keepalived
PATH=$KEEPALIVED_HOME/sbin:$PATH
export PATH
使環境變量生效
[root@localhost keepalived-1.3.5]# source /etc/profile
創建可執行文件連接:
[root@localhost keepalived-1.3.5]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
修改/usr/local/keepalived/etc/sysconfig/keepalived文件,設置正確的服務啓動參數
KEEPALIVED_OPTIONS="-D -f /usr/local/keepalived/etc/keepalived/keepalived.conf"
[root@localhost sbin]# vi /usr/local/keepalived/etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -f /usr/local/keepalived/etc/keepalived/keepalived.conf"
修改keepalived.service
[root@localhost sbin]# vi /lib/systemd/system/keepalived.service
PIDFile=/var/run/keepalived.pid
從新載入 systemd,掃描新的或有變更的單元
[root@localhost sbin]# systemctl daemon-reload
重啓keepalived服務
[root@localhost sbin]# service keepalived restart
設置開機啓動
[root@localhost sbin]# chkconfig keepalived on
7,配置nginx和keepalived實現nginx間的故障轉移和tomcat間的負載均衡
兩臺nginx的配置
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream web123{
server 192.168.197.34:8080 weight=1;
server 192.168.197.35:8080 weight=1;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://web123;
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
Keepalived的配置
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nginx_b
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx {
script "/usr/local/keepalived/etc/keepalived/check_nginx.sh"
interval 1
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
mcast_src_ip 192.168.197.33
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.197.30
}
}
Keepalived中檢測腳本的配置
#!/bin/bash
#代碼必定注意空格,邏輯就是:若是nginx進程不存在則啓動nginx,若是nginx沒法啓動則kill掉keepalived全部進程
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/etc/init.d/nginx start
sleep 3
if [ `ps -C nginx --no-header |wc -l`-eq 0 ];then
killall keepalived
fi
fi
8,相關服務的啓動與開機自啓
Nginx啓動
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
設置Nginx開機啓動
在/lib/systemd/system/目錄建立nginx.service啓動文件並編輯配置如下內容
[root@localhost nginx-1.14.2]# cd /lib/systemd/system
[root@localhost system]# touch nginx.service
[root@localhost system]# vi nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
設置開機啓動
[root@localhost system]# systemctl enable nginx.service
而後經過systemctl status nginx.service命令查詢啓動狀態,經過restart,start,stop命令來重啓,啓動,中止服務
Tomcat的啓動
切換到tomcat主目錄下的bin目錄
啓動tomcat服務
方式一:直接啓動 ./startup.sh
方式二:做爲服務啓動 nohup ./startup.sh &
方式三:控制檯動態輸出方式啓動 ./catalina.sh run 動態地顯示tomcat後臺的控制檯輸出信息,Ctrl+C後退出並關閉服務
解釋:
經過方式1、方式三啓動的tomcat有個弊端,當客戶端鏈接斷開的時候,tomcat服務也會當即中止,經過方式二能夠做爲linux服務一直運行
經過方式1、方式二方式啓動的tomcat,其日誌會寫到相應的日誌文件中,而不能動態地查看tomcat控制檯的輸出信息與錯誤狀況,經過方式三能夠以控制檯模式啓動tomcat服務,
直接看到程序運行時後臺的控制檯輸出信息,沒必要每次都要很麻煩的打開catalina.out日誌文件進行查看,這樣便於跟蹤查閱後臺輸出信息。tomcat控制檯信息包括log4j和System.out.println()等輸出的信息。
關閉tomcat服務
./shutdown.sh
Tomcat的開機自啓配置
獲取java home目錄,並編輯catalina.sh配置文件在OS specific support前面添加下內容:
[root@localhost bin]# echo $JAVA_HOME
/usr/local/jdk1.8
[root@localhost bin]# vi /usr/local/tomcat8/bin/catalina.sh
JAVA_HOME=/usr/local/jdk1.8
JRE_HOME=$JAVA_HOME/jre
建立tomcat8.service啓動文件,並編輯加入如下內容:
[root@localhost bin]# cd /lib/systemd/system
[root@localhost system]# touch tomcat8.service
[root@localhost system]# vi tomcat8.service
[Unit]
Description=Tomcat
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=oneshot
ExecStart=/usr/local/tomcat8/bin/startup.sh
ExecStop=/usr/local/tomcat8/bin/shutdown.sh
ExecReload=/bin/kill -s HUP $MAINPID
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
配置開機自啓
[root@localhost system]# systemctl enable tomcat8.service
-
每一个你不满意的现在,都有一个你没有努力的曾经。