【web项目】keepalived高可用+LVS负载均衡+nginx动静分离+nfs共享存储

#每台机子关闭防火墙和selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0

[root@localhost ~]# cd /opt/
[root@localhost opt]# mkdir nfs
[root@localhost opt]# cd nfs/
[root@localhost nfs]# mkdir web1 web2
[root@localhost nfs]# echo "this is web1" > web1/index.html
[root@localhost nfs]# echo "this is web2" > web2/index.html
[root@localhost nfs]# vim /etc/exports
/opt/nfs/web1 192.168.100.0/24(rw,sync,no_root_squash)
/opt/nfs/web2 192.168.100.0/24(rw,sync,no_root_squash)
[root@localhost nfs]# systemctl start rpcbind
[root@localhost nfs]# systemctl start nfs
[root@localhost nfs]# showmount -e
Export list for localhost.localdomain:
/opt/nfs/web2 192.168.100.0/24
/opt/nfs/web1 192.168.100.0/24
[root@localhost nfs]#

192.168.100.10
[root@localhost ~]# hostnamectl set-hostname ha01
[root@localhost ~]# su
[root@ha01 ~]# yum install -y ipvsadm keepalived
[root@ha01 ~]# cd /etc/keepalived/
[root@ha01 keepalived]# vim keepalived.conf 
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_01
}
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123123
    }
    virtual_ipaddress {
        192.168.100.100
    }
}
virtual_server 192.168.100.100 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 0
    protocol TCP
    real_server 192.168.100.30 80 {
        weight 1
        TCP_CHECK {
            connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.100.40 80 {
        weight 1
        TCP_CHECK {
            connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@ha01 keepalived]# systemctl restart keepalived.service
[root@ha01 keepalived]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@ha01 keepalived]# systemctl start ipvsadm
[root@ha01 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@ha01 ~]# sysctl -p

192.168.100.20
[root@localhost ~]# hostnamectl set-hostname ha02
[root@localhost ~]# su
[root@ha02 ~]# yum install -y ipvsadm keepalived
[root@ha02 ~]# cd /etc/keepalived/
[root@ha02 keepalived]# vim keepalived.conf 
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_02
}
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123123
    }
    virtual_ipaddress {
        192.168.100.100
    }
}
virtual_server 192.168.100.100 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 0
    protocol TCP
    real_server 192.168.100.30 80 {
        weight 1
        TCP_CHECK {
            connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.100.40 80 {
        weight 1
        TCP_CHECK {
            connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@ha02 keepalived]# systemctl restart keepalived.service
[root@ha02 keepalived]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@ha02 keepalived]# systemctl start ipvsadm
[root@ha02 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@ha02 ~]# sysctl -p

192.168.100.30
[root@localhost ~]# hostnamectl set-hostname web1
[root@localhost ~]# su
[root@web1 ~]# 
#安装jdk
tar zxvf jdk-8u91-linux-x64.tar.gz -C /usr/local/
#配置环境变量
vim /etc/profile
export JAVA_HOME=/usr/local/jdk1.8.0_91
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:${JRE_HOME}/bin:$PATH
#加载
source /etc/profile
#复制到另一台机子
cd /usr/local
scp -r jdk1.8.0_91/ 192.168.100.40:`pwd`
#第二台也配置环境变量
#解压Tomcat
cd /opt/
tar zxvf apache-tomcat-9.0.16.tar.gz
mkdir /usr/local/tomcat
mv apache-tomcat-9.0.16/ /usr/local/tomcat/
 #tomcat服务器1配置
 cd /usr/local/tomcat/apache-tomcat-9.0.16/webapps/
 mkdir test
 vim /usr/local/tomcat/apache-tomcat-9.0.16/webapps/test/index.jsp
     <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test1 page</title>
</head>
<body>
<% out.println("动态页面 1,this is dynamic web1");%>
</body>
</html>
  #注释原来的
  vim /usr/local/tomcat/apache-tomcat-9.0.16/conf/server.xml
 <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
  <Context docBase="/usr/local/tomcat/apache-tomcat-9.0.16/webapps/test" path="" reloadable="true">
  </Context>
#启动
   /usr/local/tomcat/apache-tomcat-9.0.16/bin/startup.sh
#复制到服务器2
cd /usr/local/
scp -r /usr/local/tomcat/ 192.168.100.40:`pwd`

192.168.100.40
[root@localhost ~]# hostnamectl set-hostname web2
[root@localhost ~]# su
[root@web2 ~]#
#tomcat服务器2配置
 cd /usr/local/tomcat/apache-tomcat-9.0.16/webapps/
 mkdir test
vim /usr/local/tomcat/apache-tomcat-9.0.16/webapps/test/index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test2 page</title>
</head>
<body>
<% out.println("动态页面 2,this is dynamic web2");%>
</body>
</html>
 #启动
   /usr/local/tomcat/apache-tomcat-9.0.16/bin/startup.sh

1、安装依赖包
yum -y install pcre-devel zlib-devel gcc gcc-c++ make
2、创建运行用户
useradd -M -s /sbin/nologin nginx
3、编译安装
cd /opt
tar zxvf nginx-1.12.0.tar.gz -C /opt/
cd nginx-1.12.0/
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
make && make install
4、优化路径
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
5、添加 Nginx 系统服务
vim /lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
chmod 754 /lib/systemd/system/nginx.service
systemctl start nginx.service
systemctl enable nginx.service
#Nginx server 配置
vim /usr/local/nginx/conf/nginx.conf
# server项外面添加
   upstream tomcat_server {
        server 192.168.100.30:8080;
        server 192.168.100.40:8080;
}
#server项内添加
 location ~ .*\.jsp$ {
                proxy_pass http://tomcat_server; 
                proxy_set_header HOST $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
systemctl restart nginx.service
#挂载nfs两台
[root@web1 ~]# mount 192.168.100.50:/opt/nfs/web1 /usr/local/nginx/html
[root@web2 ~]# mount 192.168.100.50:/opt/nfs/web2 /usr/local/nginx/html

[root@web1 conf]# cd /etc/sysconfig/network-scripts/
[root@web1 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@web1 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.100.100
NETMASK=255.255.255.255
ifup lo:0
[root@web1 network-scripts]# ifconfig lo:0
lo:0: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 192.168.100.100  netmask 255.255.255.255
        loop  txqueuelen 1  (Local Loopback)
route add -host 192.168.100.100 dev lo:0
vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore=1   
net.ipv4.conf.lo.arp_announce=2  
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
sysctl -p

systemctl restart keepalived.service
[root@ha01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.100.100:80 rr
  -> 192.168.100.30:80            Route   1      0          0         
  -> 192.168.100.40:80            Route   1      0          0