centos6.5_x64

nginx_server/tomcat_server1            192.168.10.17

nginx_slave/tomcat_server2              192.168.10.15     

redis_server/redis_server_sentinel     192.168.10.17:6379   192.168.10.17:6800                         

redis_slave/redis_slave_sentinel        192.168.10.15:6379    192.168.10.15:6800

redisclient-win32.x86.1.5.exe             redis_windows管理工具


实验软件

jdk-8u172-linux-x64.tar.gz

apache-tomcat-7.0.81.tar.gz 

nginx-1.10.2.tar.gz

redis-4.0.8.tar.gz

commons-pool2-2.2.jar

 jedis-2.5.2.jar

 tomcat-redis-session-8.5.5.0.jar


软件安装

sed -i.bak 's/https/http/g' /etc/yum.repos.d/epel.repo 

yum -y install gcc automake autoconf libtool 

yum install -y lrzsz lsof  gcc gccc-c++ make  GeoIP GeoIP-devel   openssl openssl-devel  pcre  pcre-devel 


cp -pv /etc/sysctl.conf /etc/sysctl.conf.bak

cat >> /etc/sysctl.conf << EOF

> net.ipv4.tcp_syncookies = 1

> net.ipv4.tcp_tw_reuse = 1

> net.ipv4.tcp_tw_recycle = 1

> net.ipv4.tcp_fin_timeout = 10

> net.ipv4.ip_forward= 1

> EOF  &&   sysctl -p



cp -pv /etc/security/limits.conf /etc/security/limits.conf.bak

cat >> /etc/security/limits.conf << EOF

> *   soft   nofile  10240

> *   hard   nofile 10240

> *   soft   nproc  10240

> *   hard   nproc  10240

> EOF  &&   sysctl -p


cp -pv /etc/profile /etc/profile.bak

echo ulimit -n 10240 >> /etc/profile &&  source /etc/profile  &&   ulimit  -n

10240     修改系统默认线程数


tar zxvf /root/jdk-8u172-linux-x64.tar.gz  && tar zxvf /root/apache-tomcat-7.0.81.tar.gz 

mv   /root/jdk1.7.0_80 /usr/local/java  &&   mv /root/apache-tomcat-7.0.81 /usr/local/tomcat

cp -pv /etc/profile /etc/profile.bak

cat >>  /etc/profile  <<  EOF

> export JAVA_HOME=/usr/local/java

> export PATH=$PATH:$JAVA_HOME/bin

> CATALINA_HOME=/usr/local/tomcat

> export JAVA_HOME CATALINA_HOME

EOF &&  source  /etc/profile  && java -version

java version "1.8.0_172"


cp -pv /usr/local/tomcat/conf/server.xml  /usr/local/tomcat/conf/server.xml.bak 

<Connector port="8080" protocol="HTTP/1.1"

            connectionTimeout="20000"  

    redirectPort="8443" acceptCount="500" maxThreads="400" />   防止tomcat端口假死

/usr/local/tomcat/bin/configtest.sh &&  /usr/local/tomcat/bin/startup.sh 

scp -p /etc/profile root@192.168.10.15:/etc/

scp -pr /usr/local/tomcat  root@192.168.10.15:/usr/local/  

scp -pr /usr/local/java root@192.168.10.15:/usr/local/       tomcat1 操作


touch /etc/init.d/tomcat &&  chmod +x /etc/init.d/tomcat   创建tomcat启动脚本

cat /etc/init.d/tomcat 

#!/bin/bash 

# tomcat startup script for the Tomcat server 

# chkconfig: 345 80 20 

# description: start the tomcat deamon 

# Source function library 

. /etc/rc.d/init.d/functions 

prog=tomcat 

JAVA_HOME=/usr/local/java

export JAVA_HOME 

CATALANA_HOME=/usr/local/tomcat

export CATALINA_HOME 

case "$1" in 

start) 

  echo "Starting Tomcat..." 

  $CATALANA_HOME/bin/startup.sh 

  ;; 

stop) 

  echo "Stopping Tomcat..." 

  $CATALANA_HOME/bin/shutdown.sh 

  ;; 

restart) 

  echo "Stopping Tomcat..." 

  $CATALANA_HOME/bin/shutdown.sh 

  sleep 2 

  echo 

  echo "Starting Tomcat..." 

  $CATALANA_HOME/bin/startup.sh 

  ;; 

*) 

  echo "Usage: $prog {start|stop|restart}" 

  ;; 

esac 

exit 0

chkconfig --level 35 tomcat on


tar zxvf /root/nginx-1.10.2.tar.gz

cd /root/nginx-1.10.2

./configure \

--prefix=/usr/local/nginx \

--sbin-path=/usr/local/nginx/sbin/nginx \

--conf-path=/usr/local/nginx/conf/nginx.conf \

--with-http_stub_status_module \

--with-http_ssl_module \

--with-http_realip_module \

--without-http_geo_module  \ 

--with-http_geoip_module=dynamic  \  

--without-http_map_module   \

--without-http_memcached_module   \

--without-http_limit_conn_module   \

--without-http_limit_req_module \

--without-http_rewrite_module \

--without-http_fastcgi_module \

--with-pcre \

--lock-path=/var/run/nginx.lock \

--pid-path=/var/run/nginx.pid  \

make -j4 && make install

mkdir -pv /usr/local/nginx/cache


cp -pv /usr/local/nginx/conf/nginx.conf  /usr/local/nginx/conf/nginx.conf.bak

cat /usr/local/nginx/conf/nginx.conf

#user  nobody;

worker_processes  4;


#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {

    use epoll;

    worker_connections  3000;

}


http {

    include       mime.types;

    default_type  application/octet-stream;

    #access_log  logs/access.log  main;


    sendfile        on;

    tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;

   server_tokens off;   隐藏nginx版本号


proxy_cache_path  /usr/local/nginx/cache  levels=1:2 max_size=10g keys_zone=default_cache:10m inactive=60 use_temp_path=off;


    upstream tomcat {

       server 192.168.10.18:8080  max_fails=3  fail_timeout=30s;  

       server 192.168.10.15:8080  max_fails=3  fail_timeout=30s;   检测超时 

  }


    server {

        listen       80;

        server_name  localhost;

       client_max_body_size 10M;  修改上传限制

        index index.html index.htm;

        root html;


    location /status{

        stub_status on;

        access_log on;

        error_log on;

        allow 192.168.10.0/24;    允许白名单ip

        deny  all;                        除了白名单ip 其他全部禁止

   }


   location / {

        root               html;

        index              index.html index.htm;

        proxy_pass         http://tomcat;

        proxy_set_header   Host        $host;

        proxy_set_header   X-Real-IP        $remote_addr;

        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

        allow 192.168.10.0/24;

        deny  all;

    }   


  location /cache {

          proxy_pass http://tomcat;

          proxy_cache default_cache;

          proxy_cache_key $uri;

          proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

          proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;

          proxy_cache_valid 200 304 12h;

          proxy_cache_valid any 10m;

          proxy_ignore_headers Cache-Control Expires Set-Cookie;

          proxy_no_cache $http_pragma    $http_authorization;

          proxy_cache_revalidate on;

          proxy_cache_lock on;

          proxy_cache_min_uses 1;

          add_header Nginx-Cache "$upstream_cache_status";

          allow 192.168.10.0/24;

          deny  all;

        }

    }

}


touch /usr/local/nginx/conf/limit.conf  && cat /usr/local/nginx/conf/limit.conf    配置nginx限速

server {

    listen  80;    

    server_name 192.168.10.18;

   client_max_body_size 10M;  修改上传限制

    limit_zone  one $binary_remote_addr 10M;


    location / {

    root html;   

    index index.html index.jsp index.php;    

    limit_conn one 10;

    limit_rate_after 100M; 

    limit_rate 10k;       

    allow 192.168.10.0/24;

    deny on;

    }

}


ln -s /user/local/nginx/sbin/nginx   /usr/bin 

nginx  -c /usr/local/nginx/conf/nginx.conf    生成全新pid

nginx  –t   &&    nginx -s reload    平滑重启 从新加载配置

nginx -s stop && nginx  停止服务从新开启

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok

nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful 


touch /etc/init.d/nginx  && chmod +x /etc/init.d/nginx   nginx启动脚本

cat /etc/init.d/nginx 

#!/bin/bash

# chkconfig: 2345 20  80

# description: aassddf


case $1 in 

'stop'|'STOP')

    /usr/local/nginx/sbin/nginx -s stop

    ;;

'start'|'START')

    /usr/local/nginx/sbin/nginx

    ;; 

'restart'|'RESTART')

    /usr/local/nginx/sbin/nginx -s stop

    /usr/local/nginx/sbin/nginx 

    ;;

'reload'|'RELOAD')

    /usr/local/nginx/nginx -s reload

    ;;

    *)


echo 'Usage:service nginx stop|restart|start|reload'

esac


/etc/init.d/nginx  start/restart/stop 

chkconfig --level 35 nginx on && nginx -v

nginx version: nginx/1.10.2


scp -p /etc/init.d/tomcat  root@192.168.10.15:/etc/init.d/

scp -p /usr/bin/nginx  root@192.168.10.15:/usr/bin/

scp -p /etc/init.d/nginx  root@192.168.10.15:/etc/init.d/

scp -pr /usr/local/nginx/ root@192.168.10.15:/usr/local/nginx    

scp -pr /usr/local/java/ root@192.168.10.15:/usr/local/java   nginx1操作


nginx负载均衡算法

round robin 轮询方式  

请求分配到后台服务器,默认负载均衡    

适用于后台机器性能一致的情况  宕机自动服务列表中剔除


weight  权重模式

权重来分发请求到不同的机器,指定轮询几率

weight和访问比率成正比,用于后端服务器性能不均的情况

weight数值越高 请求分发越高   默认参数为1


ip_hash

根据请求者ip的hash值将请求发送到后台服务器中,保证来自同一ip的请求被打到固定的机器

可以解决session问题  

缺点:请求默认到一台机器 造成负载过大 除非机器宕机 请求分发下一台主机  

解决办法: 使用nfs redis实现session共享


url_hash

根据请求的url的hash值将请求分到不同的机器,当后台服务器为缓存的时候效率高


redis的 rdb 和 aof 持久化的区别

aof,rdb是两种 redis持久化的机制。用于crash后,redis的恢复

rdb    fork一个进程,遍历hash table,利用copy on write,把整个db dump保存下来。

save, shutdown, slave 命令会触发这个操作  save, shutdown, slave 之前crash了,中间的操作没办法恢复

aof     操作指令,持续的写到一个类似日志文件里

crash之后,只有crash之前没有来得及做日志的操作没办法恢复


tar zxvf /root/redis-4.0.8.tar.gz 

cd /root/redis-4.0.8

make -j4  && make install  PREFIX=/usr/local/redis

cp -pv /root/redis-4.0.8/{redis.conf , sentinel.conf} /usr/local/redis/


mkdir -pv /var/log/redis && touch /var/log/redis/redis-6379.log 

mkdir -pv /usr/local/redis/data  &&   touch  /var/log/redis/sentinel.log

echo 511 > /proc/sys/net/core/somaxconn

sed -i 's/vm.swappiness = 0/vm.swappiness = 1/g' /etc/sysctl.conf 


cat /usr/local/redis/redis.conf         redis_server配置 此行为需要修改内容

port  6379

daemonize  yes   

bind  127.0.0.1 192.168.10.17

timeout  10  超时时间 可选配置

requirepass 123456    群集使用单点可忽律

appendonly yes

appendfsync everysec

appendfilename appendonly.aof

auto-aof-rewrite-percentage 100

auto-aof-rewrite-min-size 64mb

maxclients 128

dir /usr/local/redis/data

pidfile   /var/run/redis-6379.pid

logfile   /var/log/redis/redis-6379.log

ln -s /usr/local/redis/bin/* /bin/

redis-server /usr/local/redis/redis.conf           redis_server启动服务


scp -pr  /bin/redis-* root@192.168.10.15:/bin/

scp -pr  /usr/local/redis root@192.168.10.15:/usr/local/                

scp -pr  /var/log/redis/sentinel.log  root@192.168.10.15:/var/log/redis/

scp -pr  /var/log/redis/redis-6379.log  root@192.168.10.15:/var/log/redis/      redis_server操作


echo 511 > /proc/sys/net/core/somaxconn   redis_slave操作

sed -i 's/vm.swappiness = 0/vm.swappiness = 1/g' /etc/sysctl.conf 

cat  /usr/local/redis/redis.conf             

port  6379

daemonize  yes   

bind  127.0.0.1 192.168.10.15

timeout  10  超时时间 可选配置

requirepass 123456    

appendonly yes

appendfsync everysec

appendfilename appendonly.aof

auto-aof-rewrite-percentage 100

auto-aof-rewrite-min-size 64mb

maxclients 128

dir /usr/local/redis/data

pidfile   /var/run/redis-6379.pid

logfile   /var/log/redis/redis-6379.log

slaveof  192.168.10.17 6379

redis-server /usr/local/redis/redis.conf      


cp -pv  /usr/local/redis/sentinel.conf  /usr/local/redis/sentinel.conf.bak     redis_server哨兵模式

cat /usr/local/redis/sentinel.conf   

port  6800

daemonize yes

protected-mode no

sentinel monitor mymaster 192.168.10.17 6379 1

sentinel auth-pass mymaster 123456

sentinel down-after-milliseconds mymaster 5000

sentinel failover-timeout mymaster 15000

logfile  /var/log/redis/sentinel.log

pidfile  /var/run/sentinel.pid

redis-sentinel /usr/local/redis/sentinel.conf &    redis_server启动哨兵模式

echo redis-sentinel /usr/local/redis/sentinel.conf   >> /etc/rc.d/rc.local

scp -pr /usr/local/redis/sentinel.conf root@192.168.10.15:/usr/local/redis/   redis_server哨兵操作


cp -pv  /usr/local/redis/sentinel.conf  /usr/local/redis/sentinel.conf.bak   redis_slave哨兵模式

touch  /var/log/redis/sentinel.log

cat /usr/local/redis/sentinel.conf

port  6800

daemonize yes

protected-mode no

sentinel monitor mymaster 192.168.10.17 6379 2

sentinel auth-pass mymaster 123456

sentinel down-after-milliseconds mymaster 5000

sentinel failover-timeout mymaster 15000

logfile  /var/log/redis/sentinel.log

pidfile  /var/run/sentinel.pid

redis-sentinel /usr/local/redis/sentinel.conf        启动redis_slave哨兵模式


redis-cli 

127.0.0.1:6379> auth 123456

OK

127.0.0.1:6379> set name xyy

OK

127.0.0.1:6379> get name

"xyy"

127.0.0.1:6379> info replication

# Replication

role:master

connected_slaves:0

master_replid:7d78e78a3c2e82d9e2fbfa057b21174a955e80c8

master_replid2:0000000000000000000000000000000000000000

master_repl_offset:0

second_repl_offset:-1

repl_backlog_active:0

repl_backlog_size:1048576

repl_backlog_first_byte_offset:0

repl_backlog_histlen:0

127.0.0.1:6379>                    redis_sever操作


redis-cli -h 192.168.10.17     redis_slave操作

192.168.10.17:6379> auth 123456

OK

192.168.10.17:6379> get name

"xyy"


touch /etc/init.d/redis && chmod +x /etc/init.d/redis    创建redis启动脚本

cat /etc/init.d/redis 

#!/bin/sh

# chkconfig:   2345 90 10

# Simple Redis init.d script conceived to work on Linux systems


REDISPORT=6379

EXEC=/usr/local/redis/bin/redis-server 

CLIEXEC=/usr/local/redis/bin/redis-cli

PIDFILE=/var/run/redis_${REDISPORT}.pid

CONF="/usr/local/redis/redis.conf"


case "$1" in

    start)

        if [ -f $PIDFILE ]

        then

                echo "$PIDFILE exists, process is already running or crashed"

        else

                echo "Starting Redis server..."

                $EXEC $CONF

        fi

        ;;

    stop)

        if [ ! -f $PIDFILE ]

        then

                echo "$PIDFILE does not exist, process is not running"

        else

                PID=$(cat $PIDFILE)

                echo "Stopping ..."

                $CLIEXEC -p $REDISPORT shutdown

                while [ -x /proc/${PID} ]

                do

                    echo "Waiting for Redis to shutdown ..."

                    sleep 1

                done

                echo "Redis stopped"

        fi

        ;;

    *)

        echo "Please use start or stop as first argument"

        ;;

esac

/etc/init.d/redis start

chkconfig --add redis


配置redis tomcat实现session共享

cp -pv  /root/commons-pool2-2.2.jar  jedis-2.5.2.jar  tomcat-redis-session-8.5.5.0.jar  /usr/local/tomcat/lib/

cp -pv /usr/local/tomcat/conf/context.xml  /usr/local/tomcat/conf/context.xml.bak

cat   /usr/local/tomcat/conf/context.xml 

 <Manager className="com.orangefunction.tomcat.redissessions.RedisSessionMan

                  host="192.168.10.17"

                  port="6379"

                  database="0"

                  maxInactiveInterval="60" />   配置文件最后一行添加配置


/usr/local/tomcat/bin/shutdown.sh  &&   /usr/local/tomcat/bin/startup.sh      重启tomcat服务生效配置


scp -pr  /usr/local/tomcat/lib/commons-pool2-2.2.jar root@192.168.10.15:/usr/local/tomcat/lib/    

scp -pr  /usr/local/tomcat/lib/jedis-2.5.2.jar root@192.168.10.15:/usr/local/tomcat/lib/

scp -pr /usr/local/tomcat/lib/tomcat-redis-session-8.5.5.0.jar root@192.168.10.15:/usr/local/tomcat/lib/

scp -pr /usr/local/tomcat/conf/context.xml root@192.168.10.15:/usr/local/tomcat/conf/   tomat1操作


sed -i "s/192.168.10.17/192.168.10.15/g" /usr/local/tomcat/conf/context.xml    tomcat2操作

/usr/local/tomcat/bin/shutdown.sh  && /usr/local/tomcat/bin/startup.sh


lsof  -i:80

COMMAND  PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

nginx   6778   root    7u  IPv4  61198      0t0  TCP *:http (LISTEN)

nginx   6779 nobody    7u  IPv4  61198      0t0  TCP *:http (LISTEN)

lsof  -i:8080

COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

java    3961 root   46u  IPv6  32775      0t0  TCP *:webcache (LISTEN)

lsof  -i:6379

COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

redis-ser 2655 root    6u  IPv4  29724      0t0  TCP localhost:6379 (LISTEN)

lsof  -i:6800

COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

redis-sen 10369 root    6u  IPv6  75808      0t0  TCP *:6800 (LISTEN)

redis-sen 10369 root    7u  IPv4  75809      0t0  TCP *:6800 (LISTEN)


curl  http://localhost/index.html

welcome to nginx server


http://serverip/status 

nginx tomcat redis seeion共享_nginx


http://serverip:8080

nginx tomcat redis seeion共享_tomcat_02