群集架構篇——nginx反向代理+keepalived雙機熱備+tomcat伺服器池+後端資料庫
群集架構篇——nginx反向代理+keepalived雙機熱備+tomcat伺服器池+後端資料庫
實驗所需
兩臺nginx都佈置了keepalived 漂移地址 192.168.30.100
Nginx 192.168.30.34
192.168.30.36
Tomcat 192.168.30.31
192.168.30.32
Mysql 192.168.30.35
事先已經安裝完成nginx和mysql
實驗達成結果 通過nginx漂移地址訪問tomcat搭建的商城專案並登陸,主伺服器模擬宕機,實現備份機上線
以下是詳細配置
mysql
[[email protected] ~]# mysql -u root -p #登陸mysql
mysql> create database slsaledb; #建立名為slsaledb 的資料庫
mysql> GRANT all ON slsaledb.* TO 'testuser'@'%' IDENTIFIED BY 'admin123'; #授權testuser 使用密碼admin123
mysql> flush privileges; #重新整理
上傳商城資料庫檔案
[[email protected] ~]# mysql -u root -p <slsaledb-2014-4-10.sql #上傳資料表
Enter password: #輸入資料管理員庫密碼
接下來配置tomcat
Tomcat所需檔案
[[email protected] ~]# tar xf apache-tomcat-8.5.23.tar.gz #解壓tomcat
[[email protected] ~]# tar xf jdk-8u144-linux-x64.tar.gz #解壓java
[[email protected] ~]# cp -a jdk1.8.0_144/ /usr/local/java #複製Java解壓檔案至/usr/local/java
[[email protected] ~]# vi /etc/profile #增加環境變數
在最後插入下四行
export JAVA_HOME=/usr/local/java
export JRE_HOME=/usr/local/java/jre
export PATH=$PATH:/usr/local/java/bin
export CLASSPATH=./:/usr/local/java/lib:/usr/local/java/jre/lib
重新整理環境變數
[[email protected] ~]# source /etc/profile
檢視是否生效
[[email protected] ~]# java -version
java version "1.8.0_144"
Java(TM) SE Runtime Environment (build 1.8.0_144-b01)
Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)
[[email protected] ~]# cp -a apache-tomcat-8.5.23 /usr/local/tomcat8 #將解壓後的tomcat複製到/usr/local/tomcat8
[[email protected] ~]# ln -s /usr/local/tomcat8/bin/startup.sh /usr/bin/tomcatup #優化路徑
[[email protected] ~]# ln -s /usr/local/tomcat8/bin/shutdown.sh /usr/bin/tomcatdown #優化路徑
[[email protected] ~]# tomcatup #啟動tomcat
[[email protected] ~]# netstat -anpt | grep 8080 #過濾8080埠
tcp6 0 0 :::8080 :::* LISTEN 1325/java
另一臺tomcat安裝操作相同
下面複製商城檔案到tomcat
[[email protected] ~]# tar xf SLSaleSystem.tar.gz
[[email protected] ~]# cp -a SLSaleSystem /usr/local/tomcat8/webapps/
Tomcat主conf檔案中新增 <Context path="" docBase="SLSaleSystem" reloadable="true" debug="0"></Context>
[[email protected] ~]# vim /usr/local/tomcat8/conf/server.xml
將tomcat連線後方資料庫
[[email protected] ~]# vim /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/jdbc.properties
修改資料庫地址和授權的賬號密碼
第二臺tomcat操作如上相同
下面來測試
啟動tomcat
[[email protected] ~]# tomcatdown
訪問 192.168.30.31:8080 賬號 admin 密碼 123456
可以看到已經跳出了登陸選項
當然,使用者是不可以知曉後方伺服器的,需要提供一個前端來訪問,下面的操作是配置兩個nginx
Nginx配置
第一臺 192.168.30.36
[[email protected] ~]# vim /usr/local/nginx/conf/nginx.conf
user nginx nginx;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
#pid logs/nginx.pid;
events {
use epoll;
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream center_pool { #預設輪詢
ip_hash; #保持連線
server 192.168.30.31:8080; #兩臺tomcat伺服器
server 192.168.30.32:8080;
}
server {
listen 80;
server_name lvs01 192.168.30.36;
location / {
proxy_pass http://center_pool; #代理tomcat
}
}
}
使用nginx –t 檢查語法
[[email protected] ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: [warn] 10240 worker_connections exceed open file resource limit: 1024
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
另一臺nginx 192.168.30.34
[[email protected] ~]# vi /usr/local/nginx/conf/nginx.conf
user nginx nginx;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
#pid logs/nginx.pid;
events {
use epoll;
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream center_pool { #預設輪詢
ip_hash; #保持連線
server 192.168.30.31:8080; #兩臺tomcat伺服器
server 192.168.30.32:8080;
}
server {
listen 80;
server_name lvs02 192.168.30.34;
location / {
proxy_pass http://center_pool; #代理tomcat
}
}
}
使用nginx –t 檢查語法
[[email protected] ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: [warn] 10240 worker_connections exceed open file resource limit: 1024
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
檢查後沒有問題就重啟nginx
systemctl restart nginx
驗證
使用keepalived來保持兩臺nginx實現熱備份 並用192.168.30.100訪問商城
下面進行安裝
yum -y install popt-devel \
kernel-devel \
openssl-devel
tar xvf keepalived-1.4.2.tar.gz
cd keepalived-1.4.2
[[email protected] keepalived-1.4.2]# ./configure --prefix=/
[[email protected] keepalived-1.4.2]# make && make install
[[email protected] keepalived-1.4.2]# cp keepalived/etc/init.d/keepalived /etc/init.d/
[[email protected] keepalived-1.4.2]# systemctl enable keepalived
兩臺安裝方式相同
下面進行配置檔案修改
第一臺
[[email protected] keepalived-1.4.2]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
route_id NGINX-01
}
vrrp_script nginx {
script "/opt/nginx.sh"
interval 2
weight -10
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
nginx
}
virtual_ipaddress {
192.168.30.100
}
}
判斷keepalived程序是否存在,在就啟動nginx不在就關閉
[[email protected] keepalived-1.4.2]# vi /opt/nginx.sh
#!/bin/bash
#Filename:nginx.sh
A=$(ps -ef | grep keepalived | grep -v grep | wc -l)
if [ $A -gt 0 ]; then
/etc/init.d/nginx start
else
/etc/init.d/nginx stop
fi
[[email protected] keepalived-1.4.2]# chmod +x /opt/nginx.sh
[[email protected] keepalived-1.4.2]# systemctl start keepalived
[[email protected]n3036 keepalived-1.4.2]# ip addr
由於第二臺沒有配置,所以192.168.30.100 在主伺服器上
第二臺
[[email protected] keepalived-1.4.2]# vi /etc/keepalived/keepalived.conf
global_defs {
route_id NGINX-02
}
vrrp_script nginx {
script "/opt/nginx.sh"
interval 2
weight -10
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
nginx
}
virtual_ipaddress {
192.168.30.100
}
判斷keepalived程序是否存在,在就啟動nginx不在就關閉
[[email protected] keepalived-1.4.2]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
route_id NGINX-02
}
vrrp_script nginx {
script "/opt/nginx.sh"
interval 2
weight -10
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
nginx
}
virtual_ipaddress {
192.168.30.100
}
}
[[email protected] keepalived-1.4.2]# vi /opt/nginx.sh
#!/bin/bash
#Filename:nginx.sh
A=$(ip addr | grep 192.168.80.100/32 | grep -v grep | wc -l)
if [ $A -gt 0 ]; then
/etc/init.d/nginx start
else
/etc/init.d/nginx stop
fi
chmod +x /opt/nginx.sh
systemctl start keepalived
模擬主伺服器故障
[[email protected] keepalived-1.4.2]# systemctl stop keepalived
[[email protected] keepalived-1.4.2]# systemctl stop nginx
[[email protected] keepalived-1.4.2]# ip addr
192.168.30.100 已經不在主伺服器上了
而是到了從伺服器
[[email protected] keepalived-1.4.2]# ip addr
訪問192.168.30.100 賬號 admin 密碼 123456