拓扑图:
实验步骤:
一 Nginx静态:
搭建并配置nginx节点,准备网页,启动服务,测试节点(两台nginx配置相同,在此列出一台的配置);
1)使用源码包安装nginx软件包
[root@static1 ~]# yum -y install gcc pcre-devel openssl-devel //安装依赖包
[root@static1 ~]# useradd -s /sbin/nologin nginx
[root@static1 ~]# tar -xf nginx-1.12.2.tar.gz
[root@static1~]# cd nginx-1.12.2
[root@static1 nginx-1.12.2]# ./configure
> --prefix=/usr/local/nginx //指定安装路径
> --user=nginx //指定用户
> --group=nginx //指定组
> --with-http_ssl_module //开启SSL加密功能
[root@static1 nginx-1.12.2]# make && make install //编译并安装
root@static1 ~]# netstat -anptu | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 10441/nginx //端口是否启动
2)设置防火墙与SELinux(非必须的操作,如果有则关闭):
[root@static1~]# firewall-cmd --set-default-zone=trusted
[root@static1~]# setenforce 0
3)测试首页文件:
Nginx Web服务默认首页文档存储目录为/usr/local/nginx/html/,在此目录下默认有一个名为index.html的文件,使用客户端访问测试页面:
[root@client ~]# curl http://192.168.4.52
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx!</h1></center>
</body>
</html>
二 Nginx Tomcat动态:
搭建并配置nginx&tomcat节点,准备网页,启动服务,测试节点(两台tomcat配置相同,在此列出一台的配置):
1)使用RPM安装JDK环境:
[root@app1 ~]# yum -y install java-1.8.0-openjdk //安装JDK
[root@app1 ~]# yum -y install java-1.8.0-openjdk-headless //安装JDK
[root@app1 ~]# java -version //查看JAVA版本
2)安装Tomcat(apache-tomcat-8.0.30.tar.gz软件包):
[root@app1 ~]# tar -xf apache-tomcat-8.0.30.tar.gz
[root@app1 ~]# mv apache-tomcat-8.0.30 /usr/local/tomcat
[root@app1 ~]# ls /usr/local/tomcat
bin lib logs RELEASE-NOTES temp work
conf LICENSE NOTICE RUNNING.txt webapps
3)nginx80端口调度本机8080端口:
[root@app1 ~]# vim /usr/local/nginx/conf/nginx.conf
location / {
proxy_pass http://127.0.0.1:8080;
index index.jsp index.htm;
}
...
...
location ~ .php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi.conf;
}
4)启动服务:
[root@app1 ~]# /usr/local/nginx/sbin/nginx
[root@app1 ~]# /usr/local/tomcat/bin/startup.sh
[root@app1 ~]# firewall-cmd --set-default-zone=trusted
[root@app1 ~]# setenforce 0
5)服务器验证端口信息:
[root@web-0003 ~]# netstat -ntulp |grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 15220/nginx: master
[root@app1 ~]# netstat -nutlp |grep java //查看java监听的端口
tcp 0 0 :::8080 :::* LISTEN 2778/java
tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 2778/java
三 构建memcached服务:
1)使用yum安装软件包memcached:
[ root@session1 ~]# yum -y install memcached
[root@session1 ~]# rpm -qa memcached
memcached-1.4.15-10.el7_3.1.x86_64
2)启动服务并查看网络连接状态验证是否开启成功:
[root@session1 ~]# systemctl start memcached
[root@session1 ~]# systemctl status memcached
[root@session1 ~]# netstat -anptu | grep memcached
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN 2839/memcached
tcp 0 0 :::11211 :::* LISTEN 2839/memcached
udp 0 0 0.0.0.0:11211 0.0.0.0:* 2839/memcached
udp 0 0 :::11211 :::* 2839/memcached
[root@session1 ~]# setenforce 0
[root@session1 ~]# firewall-cmd --set-default-zone=trusted
**三** **Nginx&Tomcat实现memcache的session共享:**
1)拷贝需要用的jar包到/usr/local/tomcat/lib/目录下
asm-5.2.ja
kryo-4.0.0.ja
kryo-serializers-0.38.ja
memcached-session-manager-1.9.7.ja
memcached-session-manager-tc8-1.9.7.ja
minlog-1.3.0.ja
msm-kryo-serializer-1.9.7.ja
objenesis-2.4.ja
reflectasm-1.11.3.ja
spymemcached-2.11.2.jar //百度上可以找到
2) 修改配置文件:
[root@app1 ~]#vim /usr/local/tomcat/conf/context.xml
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="n1:192.168.4.56:11211,n2:192.168.4.57:11211" //指定memecache服务器ip
lockingMode="auto"
sticky="false"
sessionBackupAsync="false" //非黏性session管理的配置
sessionBackupTimeout= "1000"
copyCollectionsForSerialization="true"
requestUriIgnorePattern=".*.(ico|png|gif|jpg|css|js)$"
transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory"
/>
]# /usr/local/tomcat/bin/shutdown.sh
]# /usr/local/tomcat/bin/startup.sh //重启服务
四 安装Haproxy程序软件(两台Haproxy配置相同,在此列出一台的配置):
1) 修改配置文件:
[root@proxy1 ~]# echo 'net.ipv4.ip_forward = 1' >> sysctl.conf //开启路由转发
[root@proxy1 ~]# sysctl -p
[root@proxy1 ~]# yum -y install haproxy
[root@proxy1 ~]# vim /etc/haproxy/haproxy.cfg
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:80
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static1 192.168.4.51:80 check
server static2 192.168.4.52:80 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 192.168.4.53:80 check
server app2 192.168.4.54:80 check
2) 启动Haproxy服务:
[root@proxy1 ~]# systemctl restart haproxy.service
[root@proxy1 ~]# netstat -utpln |grep haproxy
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1264/haproxy
udp 0 0 0.0.0.0:52177 0.0.0.0:* 1264/haproxy
3) 安装keepalived程序软件:
[root@proxy1 ~]# yum install -y keepalived
[root@proxy1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
Qianxiaming@163.com //设置报警收件人邮箱
}
notification_email_from nginx@localhost //设置发件人
smtp_server 127.0.0.1 //定义邮件服务器
smtp_connect_timeout 30
router_id mysql50
vrrp_instance VI_1 { //设置路由ID号(需要修改)
state MASTER //主服务器为MASTER(备服务器需要修改为BACKUP)
interface eth0 //定义网络接口
virtual_router_id 50 //主备服务器VRID号必须一致
priority 200 //服务器优先级,优先级高优先获取VIP(实验需要修改)
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 //主备服务器密码必须一致
}
virtual_ipaddress {
192.168.4.80 //谁是主服务器谁获得该VIP(实验需要修改)
}
}
4)启动服务:
[root@proxy1 ~]# systemctl start keepalived
[root@proxy1 ~]# systemctl start keepalived
5)配置防火墙和SELinux:
启动keepalived会自动添加一个drop的防火墙规则,需要清空!
[root@proxy1 ~]# iptables -F
[root@proxy1 ~]# setenforce 0
五 客户端测试:
[root@client ~]# firefox 192.168.4.50/test.jpg
[root@client ~]# firefox 192.168.4.50/test.php
[root@client ~]# firefox 192.168.4.50/test.jsp
proxy1宕机之后测试是否可实现高可用
