拓扑图
IP地址表
nginx与tomcat整合的好处:
动静分离,加快用户访问网站的速度。
tomcat处理JSP的速度尚可,但对于静态文件的处理能力远远低于nginx 。
整个负载均衡层和web层的工作流程为LVS/DR+Keepalived→nginx负载均衡层→tomcat集群,可以保证整个网站不会因为某一台LVS或nginx机器挂掉而影响网站的运营。
下面是具体的步骤。
做运维的都有系统洁癖,都是最小化安装,所以先装一些基础的编译库,命令如下:
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel cURL cURL-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel lsof
1)分别在192.168.2.6和192.168.2.7上安装nginx和tomcat7,然后整合它们。
装JDK:
百度盘下载 http://pan.baidu.com/s/1pJkngO7
下载后放到/usr/local/src/目录
cd /usr/local/src tar zxvf jdk-8u31-linux-i586.tar.gz mv jdk-8u31 /usr/local/jdk
配置系统的java环境,修改/etc/profile文件来实现,追加如下内容:
JAVA_HOME="/usr/local/jdk" CLASSPATH="/usr/local/jdk/lib:/usr/local/jdk/jre/lib" PATH=".:$PATH:/usr/local/jdk/bin" CATALINA_HOME="/usr/local/tomcat" export JAVA_HOME CATALINA_HOME
执行下面的命令让环境立即生效
source /etc/profile
然后下载并安装tomcat,如下
wget http://mirror.bjtu.edu.cn/apache/tomcat/tomcat-7/v7.0.63/bin/apache-tomcat-7.0.63.tar.gz tar zxvf apache-tomcat-7.0.63.tar.gz mv apache-tomcat-7.0.63 /usr/local/tomcat/
修改tomcat的根路径位置,我的网站的路径是/data/www,这个虚拟主机要在/usr/local/tomcat/conf/server.xml里指定。
找到下一行插入新的内容如下:
<host name="hqidi.com" appBase="/data/www"
unpackWARs="false" autoDeploy="true" xmlValidation="false"
xmlNamespaceAware="false">
<context path="" docBase="./" debug="0" reloadable="true" crossContext="true"/>
</host>
启动tomcat,
/usr/local/tomcat/bin/startup.sh
检测是否启动成功,lsof -i :8080,正常结果如下
lsof -i :8080 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 1282 root 47u IPv6 21438 0t0 TCP *:webcache (LISTEN)
最后安装pcre8.1.0及nginx。静态html页面、图片、CSS等由nginx来处理,jsp、do内容由后端的tomcat来处理,nginx.conf的内容如下:
user www www;
worker_processes 1;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can
worker_rlimit_nofile 65535;
#工作模式及连接数上限
events
{
use epoll;
worker_connections 65535;
}
#设定http服务器,利用它的反向代理功能提供负栽均衡支持
http
{
#设定mime类型
include mime.types;
default_type application/octet-stream;
# fcharset gb2312;
#设定请求缓冲
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_send_timeout 60;
proxy_read_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
# fastcgi.connect_timeout 300;
# fastcgi_send_timeout 300;
# fastcgi_read_timeout 300;
# fastcgi_buffer_size 64k;
# fastcgi_buffers 4 64k;
# fastcgi _busy_buffers_size 128k;
# fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
###禁止通过IP访问站点
server {
server_name _;
return 404;
}
server {
listen 80;
server_name hqidi.com;
index index.html index.htm index.jsp index.do;#设定访问的默认首页地址
root /data/www;
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/permanent;
}
#所有jsp的页面均交由Tomcat处理
location ~ \.(jsp|jspx|do)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8080; #转向Tomcat处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过Tomcat
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
##定义访问日志的写入格式
log_format wwwlog '$remote_addr - $remote_user [ $time_local] request'
'$status $body_bytes_sent "$http_referer"'
'"$http_user_agent" $http_x_forwarded_for';
access_log logs/www_nginx.log wwwlog; #设定访问日志的存放路径
}
}
配置完成后,我们用下面的命令启动nginx
/usr/local/nginx/sbin/nginx
然后在/data/www下面写一个jsp测试页面,来验证刚刚的配置是否成功。/data/www/1.jsp的内容如下:
<html><body><center> 666 Now time is: <%=new java.util.Date()%> </center></body></html>
然后我们在192.168.2.2上用下面的命令来验证结果
curl -x192.168.2.6:80 hqidi.com/1.jsp
如果输出如下,则表示nginx+tomcat设置成功。
666 Now time is: Wed Aug 26 17:33:35 CST 2015
2)主LVS上的配置文件,备LVS只需要改MASTER为BACKUP,优先级低于100即可。
! Configuration File for keepalived
global_defs {
notification_email {
hqd7792@163.com
}
notification_email_from sns-lvs@gmail.com
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51 //标识ID,请务必保证内网唯一性,和备机必须一致!
priority 100 //权重需比备机高
advert_int 1 //主备检测间隔
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.8
}
}
virtual_server 192.168.2.8 80 {
delay_loop 6 //每隔6秒检测Realserver健康状况
lb_algo wrr //wlc算法,其他算法请参考ipvsadm十大算法
lb_kind DR // 采用DR模式,即直接路由,其他还有TUN和NAT两种模式。
persistence_timeout 60
protocol TCP
real_server 192.168.2.6 80 {
weight 3 //权重
TCP_CHECK { //通过TCP检测来检查Realserver健康状态
connect_timeout 10 //超时10秒,则失败
nb_get_retry 3 //失败重试次数
delay_before_retry 3 //重试间隔时间
connect_port 80
}
}
real_server 192.168.2.7 80 {
weigth 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
3)由于用到了LVS+keepalived,所有的机器上都关闭selinux和iptables,尤其是iptables,一定记得关,否则会影响LVS转发效果。在两台realserver上执行如下realserver.sh脚本,绑定网站的VIP地址192.168.2.8,并设定防ARP抵制功能。
#!/bin/bash
SNS_VIP=192.168.2.8
. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p > /dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
4)Realserver脚本启动之后不需要操作,然后依次启动LVS主机上的keepalived服务即可
/etc/init.d/keepalived start
原创文章,转载请注明: 转载自笛声
本文链接地址: LVS+Keepalived构建高可用JSP集群
暂无评论