keepalived+nginx+tomcat高可用
2016-06-24 13:05
288 查看
keepalived是什么
keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。
keepalived工作原理
keepalived是以VRRP协议为实现基础的,VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。
keepalived主要有三个模块,分别是core、check和vrrp。core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查,包括常见的各种检查方式。vrrp模块是来实现VRRP协议的。
部署示意图
按照部署示意图准备四台Server:
192.168.2.128(keepalived + nginx proxy) Master
192.168.2.130(keepalived + nginx proxy) Backup
192.168.2.131(RS1 Tomcat1)
192.168.2.132(RS2 Tomcat2)
虚拟IP (VIP):192.168.2.150
首先关闭Linux的防火墙和seLinux
如果忘记关闭的话,在不是keepalived的时候会出现裂脑问题
此处先关闭,后期生产环境再解决这个问题
setenforce 0
/etc/init.d/iptables stop
chkconfig iptables off #永久关闭防火墙
安装Linux软件
在Linux上推荐使用yum来安装软件,这样可以帮我们解决软件直接的依赖关系,将Linux上的yum源修改到国内这样可以提高yum下载速度
一、修改yum源信息
1. cd /etc/yum.repos.d
2. mv CentOS-Base.repo CentOS-Base.repo.backup
3. wget http://mirrors.163.com/.help/CentOS6-Base-163.repo 4. mv CentOS6-Base-163.repo CentOS-Base.repo
二、在192.168.2.128 安装keepalived
1.下载keepalived wget http://www.keepalived.org/software/keepalived-1.2.18.tar.gz
2.解压keepalived tar xf keepalived-1.2.18.tar.gz -C /usr/local/
3.安装依赖 yum -y install gcc gcc+ gcc-c++ popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
4.安装内核开发包 yum -y install kernel kernel-devel
4.1创建内核的软连接 ln -sv /usr/src/kernels/2.6.32-642.1.1.el6.x86_64/ /usr/src/linux
5.编译keepalived
5.1 cd/usr/local/keepalived-1.2.18/
5.2 ./configure
5.3 make && make install
5.4 拷贝相应文件
/bin/cp /usr/local/sbin/keepalived /usr/sbin/
/bin/cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
/bin/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
/bin/cp -r /usr/local/etc/keepalived/ /etc/
5.5 添加开机自启动
chkconfig --add /etc/init.d/keepalived
chkconfig --level 35 keepalived on
chkconfig --list keepalived
5.6 手动启动keepalived /etc/init.d/keepalived restart
三、修改92.168.2.128 keepalived的配置文件
1、首先备份配置文件 cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
2、vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.150/24
}
}
四、在192.168.2.130 安装keepalived步骤如第三步
五、修改92.168.2.130 keepalived的配置文件
1、首先备份配置文件 cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
2、vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
4000
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.150/24
}
}
六、验证Keepalived配置是否成功
1.查看192.168.2.128上 VIP是否绑定到eth0网卡上 ip a/ip addr
2.查看192.168.2.130上 VIP是否绑定到eth0网卡上
没有看到绑定就对了,因为两台Server只有一台才会显示有VIP,如果两台都看到VIP的话,你得查看一下Server上的防火墙是否关闭
3.手动关闭192.168.2.128上的keepalived /etc/init.d/keepalived stop再去查看这台Server的eth0网卡上是否还存在VIP
清楚的看到已近没有之前的VIP了,再去查看192.168.2.130上的eth0是否绑定了VIP,是否动态完成VIP漂移
成功完成VIP动态漂移
也可以查看日志信息 tail -f /var/log/messages
七、在192.168.2.131、192.168.2.132安装JDK
1.上传JDK到服务器
2.通过RPM安装JDKrpm -ivh jdk-7u65-linux-x64.rpm
3.配置环境变量
3.1 vim /etc/profile
3.2
export JAVA_HOME=/usr/java/latest
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
3.3 source /etc/profile
八、安装RS1/RS2中的tomcat服务器
1. 下载tomcat服务器 wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz
2. 解压tomcat服务器
2.1 gzip -d apache-tomcat-7.0.70.tar.gz
2.2 tar xf apache-tomcat-7.0.70.tar
3.修改tomcat的测试页面
4.开放8080端口
4.1 vim /etc/sysconfig/iptables
4.2 -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
4.3 /etc/init.d/iptables restart
九、安装nginx代理服务器
1. 下载nginx
wget http://nginx.org/download/nginx-1.8.1.tar.gz
2. 解压nginx tar xf nginx-1.8.1.tar.gz -C /usr/local/
3. 创建软连接 ln -sv /usr/local/nginx-1.8.1/ /usr/local/nginx
4. 安装依赖软件 yum -y install make gcc gcc-c++ ncurses-devel zlib zlib-devel openssl openssl-devel pcre-devel
5. 编译nginx
./configure \
--prefix=/usr/local/nginx \
--conf-path=/usr/local/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--http-scgi-temp-path=/var/tmp/nginx/scgi \
--with-pcre
6.make && make install
7.创建开机自启动
7.1 创建nginx的启动文件 vim /etc/init.d/nginx
7.2 编写启动脚本
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/var/run/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid
}
# reload nginx service functions.
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
7.3 给启动脚本添加可执行权限 chmod 777 /etc/init.d/nginx
7.4 将启动脚本添加到系统服务中 chkconfig --add /etc/init.d/nginx
7.5 设置开机级别启动 chkconfig --level 35 nginx on
7.6 检查是否启动 chkconfig --list nginx
十、配置nginx代理服务器
十一、如果需要在keepalived服务器上开启防火墙必须在/etc/sysconfig/iptables添加vrrp协议通知规则-A INPUT -i eth0 -p vrrp -j ACCEPT
keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。
keepalived工作原理
keepalived是以VRRP协议为实现基础的,VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。
keepalived主要有三个模块,分别是core、check和vrrp。core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查,包括常见的各种检查方式。vrrp模块是来实现VRRP协议的。
部署示意图
按照部署示意图准备四台Server:
192.168.2.128(keepalived + nginx proxy) Master
192.168.2.130(keepalived + nginx proxy) Backup
192.168.2.131(RS1 Tomcat1)
192.168.2.132(RS2 Tomcat2)
虚拟IP (VIP):192.168.2.150
首先关闭Linux的防火墙和seLinux
如果忘记关闭的话,在不是keepalived的时候会出现裂脑问题
此处先关闭,后期生产环境再解决这个问题
setenforce 0
/etc/init.d/iptables stop
chkconfig iptables off #永久关闭防火墙
安装Linux软件
在Linux上推荐使用yum来安装软件,这样可以帮我们解决软件直接的依赖关系,将Linux上的yum源修改到国内这样可以提高yum下载速度
一、修改yum源信息
1. cd /etc/yum.repos.d
2. mv CentOS-Base.repo CentOS-Base.repo.backup
3. wget http://mirrors.163.com/.help/CentOS6-Base-163.repo 4. mv CentOS6-Base-163.repo CentOS-Base.repo
二、在192.168.2.128 安装keepalived
1.下载keepalived wget http://www.keepalived.org/software/keepalived-1.2.18.tar.gz
2.解压keepalived tar xf keepalived-1.2.18.tar.gz -C /usr/local/
3.安装依赖 yum -y install gcc gcc+ gcc-c++ popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
4.安装内核开发包 yum -y install kernel kernel-devel
4.1创建内核的软连接 ln -sv /usr/src/kernels/2.6.32-642.1.1.el6.x86_64/ /usr/src/linux
5.编译keepalived
5.1 cd/usr/local/keepalived-1.2.18/
5.2 ./configure
5.3 make && make install
5.4 拷贝相应文件
/bin/cp /usr/local/sbin/keepalived /usr/sbin/
/bin/cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
/bin/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
/bin/cp -r /usr/local/etc/keepalived/ /etc/
5.5 添加开机自启动
chkconfig --add /etc/init.d/keepalived
chkconfig --level 35 keepalived on
chkconfig --list keepalived
5.6 手动启动keepalived /etc/init.d/keepalived restart
三、修改92.168.2.128 keepalived的配置文件
1、首先备份配置文件 cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
2、vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.150/24
}
}
四、在192.168.2.130 安装keepalived步骤如第三步
五、修改92.168.2.130 keepalived的配置文件
1、首先备份配置文件 cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
2、vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
4000
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.150/24
}
}
六、验证Keepalived配置是否成功
1.查看192.168.2.128上 VIP是否绑定到eth0网卡上 ip a/ip addr
2.查看192.168.2.130上 VIP是否绑定到eth0网卡上
没有看到绑定就对了,因为两台Server只有一台才会显示有VIP,如果两台都看到VIP的话,你得查看一下Server上的防火墙是否关闭
3.手动关闭192.168.2.128上的keepalived /etc/init.d/keepalived stop再去查看这台Server的eth0网卡上是否还存在VIP
清楚的看到已近没有之前的VIP了,再去查看192.168.2.130上的eth0是否绑定了VIP,是否动态完成VIP漂移
成功完成VIP动态漂移
也可以查看日志信息 tail -f /var/log/messages
七、在192.168.2.131、192.168.2.132安装JDK
1.上传JDK到服务器
2.通过RPM安装JDKrpm -ivh jdk-7u65-linux-x64.rpm
3.配置环境变量
3.1 vim /etc/profile
3.2
export JAVA_HOME=/usr/java/latest
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
3.3 source /etc/profile
八、安装RS1/RS2中的tomcat服务器
1. 下载tomcat服务器 wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz
2. 解压tomcat服务器
2.1 gzip -d apache-tomcat-7.0.70.tar.gz
2.2 tar xf apache-tomcat-7.0.70.tar
3.修改tomcat的测试页面
4.开放8080端口
4.1 vim /etc/sysconfig/iptables
4.2 -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
4.3 /etc/init.d/iptables restart
九、安装nginx代理服务器
1. 下载nginx
wget http://nginx.org/download/nginx-1.8.1.tar.gz
2. 解压nginx tar xf nginx-1.8.1.tar.gz -C /usr/local/
3. 创建软连接 ln -sv /usr/local/nginx-1.8.1/ /usr/local/nginx
4. 安装依赖软件 yum -y install make gcc gcc-c++ ncurses-devel zlib zlib-devel openssl openssl-devel pcre-devel
5. 编译nginx
./configure \
--prefix=/usr/local/nginx \
--conf-path=/usr/local/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--http-scgi-temp-path=/var/tmp/nginx/scgi \
--with-pcre
6.make && make install
7.创建开机自启动
7.1 创建nginx的启动文件 vim /etc/init.d/nginx
7.2 编写启动脚本
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/var/run/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid
}
# reload nginx service functions.
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
7.3 给启动脚本添加可执行权限 chmod 777 /etc/init.d/nginx
7.4 将启动脚本添加到系统服务中 chkconfig --add /etc/init.d/nginx
7.5 设置开机级别启动 chkconfig --level 35 nginx on
7.6 检查是否启动 chkconfig --list nginx
十、配置nginx代理服务器
十一、如果需要在keepalived服务器上开启防火墙必须在/etc/sysconfig/iptables添加vrrp协议通知规则-A INPUT -i eth0 -p vrrp -j ACCEPT
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Windows Server以服务方式部署Tomcat
- Maven之发布工程到远程的Tomcat下
- tomcat源码解析(一)--启动与Server.xml文件的解析
- spring aop+mybatis事务配置 junit起作用,tomcat不起作用
- Linux下简单的tomcat管理脚本
- Linux下简单的tomcat管理脚本
- Apace、Ngnix、Tomcat三者关系
- Niginx+Tomcat
- 基于Awstats的Tomcat8-Java8日志分析
- 安装Tomcat指定JDK(转)
- tomcat-容器和组件
- Tomcat项目部署方式
- Tomcat项目部署方式
- CentOS 7搭建JDK 1.6 + TOMCAT 7 + SPRING 4.3网站心得
- Tomcat容器管理安全的几种验证方式
- Jconsole监控tomcat 的JVM内存(远程、linux、windows)
- J2EE:MyEclipse中不能将WEB项目发布到TOMCAT中解决办法
- Java Web开发(一)——搭建Tomcat服务器环境
- 解决:tomcat部署时deploy location不能显示加载后的路径【转载
- tomcat+eclipse web应用开发环境配置