利用Nginx反向代理 Tomcat 多节点

实验说明:通过两台nginx反代理和 keepalived实现双机热备并成功访问后端商城项目数据。

实验所需

 两台nginx keepalived   漂移地址 192.168.30.100

 Nginx     192.168.30.34    

        192.168.30.36

 Tomcat    192.168.30.31

        192.168.30.32

 Mysql     192.168.30.35

 事先已经安装完成nginx和mysql


实验达成结果 通过nginx漂移地址访问tomcat搭建的商城项目并登陆,主服务器模拟宕机,实现备份机上线


商城文件 点击链接 提取码: 97f7 里面有商城构架和一个数据库表


以下是各服务详细配置

    mysql     

[root@localhost ~]# mysql -u root -p    #登陆mysql

mysql> create database slsaledb;       #创建名为slsaledb 的数据库 

mysql> GRANT all ON slsaledb.* TO 'testuser'@'%' IDENTIFIED BY 'admin123';    #授权testuser 使用密码admin123

mysql> flush privileges;     #刷新

上传商城数据库文件

[root@localhost ~]# mysql -u root -p <slsaledb-2014-4-10.sql  #上传数据表

        Enter password:                                 #输入数据管理员库密码

接下来配置tomcat

    Tomcat所需文件

    利用Nginx反向代理Tomcat 多节点_keepalived


[root@lin3031 ~]# tar xf apache-tomcat-8.5.23.tar.gz   #解压tomcat

[root@lin3031 ~]# tar xf jdk-8u144-linux-x64.tar.gz    #解压java

[root@lin3031 ~]# cp -a jdk1.8.0_144/ /usr/local/java    #复制Java解压文件至/usr/local/java

[root@lin3031 ~]# vi /etc/profile        #增加环境变量

在最后插入下四行

export JAVA_HOME=/usr/local/java

export JRE_HOME=/usr/local/java/jre

export PATH=$PATH:/usr/local/java/bin

export CLASSPATH=./:/usr/local/java/lib:/usr/local/java/jre/lib

刷新环境变量

[root@lin3031 ~]# source /etc/profile

查看是否生效

[root@lin3031 ~]# java -version

java version "1.8.0_144"

Java(TM) SE Runtime Environment (build 1.8.0_144-b01)

Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)

[root@lin3031 ~]# cp -a apache-tomcat-8.5.23 /usr/local/tomcat8  #将解压后的tomcat复制到/usr/local/tomcat8


[root@lin3031 ~]# ln -s /usr/local/tomcat8/bin/startup.sh /usr/bin/tomcatup    #优化路径

[root@lin3031 ~]# ln -s /usr/local/tomcat8/bin/shutdown.sh /usr/bin/tomcatdown  #优化路径


[root@lin3031 ~]# tomcatup            #启动tomcat

[root@lin3031 ~]# netstat -anpt | grep 8080    #过滤8080端口

tcp6       0      0 :::8080                 :::*                    LISTEN      1325/java


另一台tomcat安装操作相同


    商城文件 点击链接 提取码: 97f7 里面有商城构架和一个数据库表

需要复制商城文件到tomcat

[root@lin3031 ~]# tar xf SLSaleSystem.tar.gz

[root@lin3031 ~]# cp -a SLSaleSystem /usr/local/tomcat8/webapps/

Tomcat主conf文件中添加 <Context path="" docBase="SLSaleSystem" reloadable="true" debug="0"></Context>

[root@lin3031 ~]# vim /usr/local/tomcat8/conf/server.xml

   利用Nginx反向代理Tomcat 多节点_集群_02


将tomcat连接后方数据库

[root@lin3031 ~]# vim /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/jdbc.properties

修改数据库地址和授权的账号密码

    利用Nginx反向代理Tomcat 多节点_tomcat_03


第二台tomcat操作如上相同


下面来测试

启动tomcat

[root@lin3031 ~]# tomcatdown

访问 192.168.30.31:8080 账号 admin 密码 123456

利用Nginx反向代理Tomcat 多节点_集群_04


可以看到已经跳出了登陆选项


当然,用户是不可以知晓后方服务器的,需要提供一个前端来访问,下面的操作是配置两个nginx

Nginx配置

第一台  192.168.30.36

[root@lin3036 ~]# vim /usr/local/nginx/conf/nginx.conf

user  nginx nginx;

worker_processes  1;

 

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

        use epoll;

    worker_connections  10240;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    #gzip  on;   

    upstream center_pool {               #默认轮询

                ip_hash;                #保持连接

        server 192.168.30.31:8080;      #两台tomcat服务器

        server 192.168.30.32:8080;

        }

    server {

        listen       80;

        server_name  lvs01 192.168.30.36;

        location / {

        proxy_pass http://center_pool;    #代理tomcat

        }

        }

        }

使用nginx –t 检查语法

[root@lin3036 ~]# nginx -t

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok

nginx: [warn] 10240 worker_connections exceed open file resource limit: 1024

nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

 

另一台nginx 192.168.30.34

[root@lin3034 ~]# vi /usr/local/nginx/conf/nginx.conf

user  nginx nginx;

worker_processes  1;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

        use epoll;

    worker_connections  10240;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    #gzip  on;   

upstream center_pool {               #默认轮询

                ip_hash;                #保持连接

        server 192.168.30.31:8080;      #两台tomcat服务器

        server 192.168.30.32:8080;

        }

    server {

        listen       80;

        server_name  lvs02 192.168.30.34;

        location / {

        proxy_pass http://center_pool;    #代理tomcat

        }

        }

        }

使用nginx –t   检查语法

[root@lin3034 ~]# nginx -t

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok

nginx: [warn] 10240 worker_connections exceed open file resource limit: 1024

nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful


检查后没有问题就重启nginx

systemctl restart nginx


验证

利用Nginx反向代理Tomcat 多节点_tomcat_05 利用Nginx反向代理Tomcat 多节点_tomcat_06


使用keepalived来保持两台nginx实现热备份 并用192.168.30.100访问商城

下面进行安装

yum -y install  popt-devel \

kernel-devel \

openssl-devel

 

tar xvf keepalived-1.4.2.tar.gz

 

cd keepalived-1.4.2

[root@lin3034 keepalived-1.4.2]#  ./configure --prefix=/

[root@lin3034 keepalived-1.4.2]# make && make install 

[root@lin3034 keepalived-1.4.2]# cp keepalived/etc/init.d/keepalived /etc/init.d/

[root@lin3034 keepalived-1.4.2]# systemctl enable keepalived

两台安装方式相同

下面进行配置文件修改

第一台

[root@lin3036 keepalived-1.4.2]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

        route_id NGINX-01    #服务器名称

   }

vrrp_script nginx {

        script "/opt/nginx.sh"    #keepalived 状态检查配置文件路径

        interval 2

        weight -10

}

vrrp_instance VI_1 {

    state MASTER       #作为主服务器

    interface ens33

    virtual_router_id 51

    priority 150        #优先级设为150

    advert_int 1

    authentication {

        auth_type PASS    #认证方式

        auth_pass 1111    #认证密码

    }

    track_script {

        nginx

        }

    virtual_ipaddress {

       192.168.30.100    #两台nginx共同虚拟的IP地址(漂移地址)

    }

}

    该脚本方便同时将nginx和keepalived服务器同时启动

[root@lin3036 keepalived-1.4.2]# vi /opt/nginx.sh

#!/bin/bash

#Filename:nginx.sh

A=$(ps -ef | grep keepalived | grep -v grep | wc -l)

if [ $A -gt 0 ]; then

        /etc/init.d/nginx start

else

        /etc/init.d/nginx stop

fi

[root@lin3036 keepalived-1.4.2]#  chmod +x /opt/nginx.sh

[root@lin3036 keepalived-1.4.2]# systemctl start keepalived

[root@lin3036 keepalived-1.4.2]# ip addr

利用Nginx反向代理Tomcat 多节点_mysql_07

由于第二台没有配置,所以默认192.168.30.100 在主服务器上

第二台

[root@lin3034 keepalived-1.4.2]# vi /etc/keepalived/keepalived.conf

global_defs {

        route_id NGINX-02

   }

vrrp_script nginx {

        script "/opt/nginx.sh"

        interval 2

        weight -10

}

vrrp_instance VI_1 {

    state BACKUP    #作为从服务器

    interface ens33

    virtual_router_id 51

    priority 100    #和主相差50

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    track_script {

        nginx

        }

    virtual_ipaddress {

        192.168.30.100

    }

    根据漂移地址是否存在而启动nginx服务。

[root@lin3034 keepalived-1.4.2]#  vi /opt/nginx.sh

#!/bin/bash

#Filename:nginx.sh

A=$(ip addr | grep 192.168.80.100/32 | grep -v grep | wc -l)

if [ $A -gt 0 ]; then

        /etc/init.d/nginx start

else

        /etc/init.d/nginx stop

fi


chmod +x /opt/nginx.sh

systemctl start keepalived


模拟主服务器故障

[root@lin3036 keepalived-1.4.2]# systemctl stop keepalived

[root@lin3036 keepalived-1.4.2]# systemctl stop nginx

[root@lin3036 keepalived-1.4.2]# ip addr

192.168.30.100 已经不在主服务器上了

利用Nginx反向代理Tomcat 多节点_keepalived_08

而是到了从服务器

[root@lin3034 keepalived-1.4.2]# ip addr

利用Nginx反向代理Tomcat 多节点_nginx_09

访问192.168.30.100  账号 admin 密码 123456

利用Nginx反向代理Tomcat 多节点_tomcat_10