Nginx+Keepalived+Tomcat高可用负载均衡,Zookeeper集群配置,Mysql(MariaDB)搭建,Redis安装,FTP配置

JDK 安装步骤
下载 http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html

rpm -ivh jdk-8u171-linux-x64.rpm 

cd ~
vim .bash_profile
输入命令添加环境变量:
export JAVA_HOME=/usr/java/jdk1.8.0_171-amd64
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
PATH=$JAVA_HOME/bin:$PATH:$HOME/bin
export PATH

[root@localhost ~]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)

[root@localhost ~]# javac -version
javac 1.8.0_171
-------------------
Tomcat安装
[root@localhost soft]# wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-8/v8.5.31/bin/apache-tomcat-8.5.31.tar.gz
[root@localhost soft]# tar -zxvf apache-tomcat-8.5.31.tar.gz 
[root@localhost data]# mv apache-tomcat-8.5.31 tomcat-8801
tomcat-8801
端口 8801 8105 8543  8201
端口 8802 8106 8544  8202
端口 8803 8107 8545  8203  server
端口 8804 8108 8546  8204  job
端口 8088 8104 8542  8200  Dubbo
<Connector port="8801" protocol="HTTP/1.1" connectionTimeout="20000" 
redirectPort="8543" URIEncoding="UTF-8"  />

[root@localhost bin]# vim catalina.sh
修改/apache-tomcat-8.5.16/bin/catalina.sh  
在catalina.sh中的 “#!/bin/sh” 下面添加如下代码:
if [[ "$JAVA_OPTS" != *-Djava.security.egd=* ]]; then
    JAVA_OPTS="$JAVA_OPTS -Djava.security.egd=file:/dev/./urandom"
fi

在
# Get standard environment variables
PRGDIR=`dirname "$PRG"`
下添加下面代码
#设置记录CATALINA_PID。
#该设置会在启动时候bin下新建一个CATALINA_PID文件
#关闭时候从CATALINA_PID文件找到pid,kill。。。同时删除CATALINA_PID文件
if [ -z "$CATALINA_PID" ]; then
      CATALINA_PID=$PRGDIR/CATALINA_PID
fi

vim tomcat的shutdown.sh文件,在最后一行加上-force; 
例:exec "$PRGDIR"/"$EXECUTABLE" stop -force "$@"
--------------------------
防火墙开放端口
开放端口
/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 6379 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8801 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8802 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8803 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8804 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8088 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 2181 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 2182 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 2183 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 9952 -j ACCEPT

/sbin/iptables -I INPUT -p tcp --dport 2181 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 2182 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 2183 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 9952 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 6379 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8801 -j ACCEPT

保存之前输入已开放端口号语句的命令
/etc/rc.d/init.d/iptables save
查看打开端口命令
/etc/init.d/iptables status
---------------------------
Nginx安装
安装编译工具及库文件
yum -y install make zlib zlib-devel gcc-c++ libtool  openssl openssl-devel

[root@localhost soft]# wget http://downloads.sourceforge.net/project/pcre/pcre/8.35/pcre-8.35.tar.gz
[root@localhost soft]# tar -zxvf pcre-8.35.tar.gz
[root@localhost data]# cd pcre-8.35
[root@localhost pcre-8.35]# ./configure
[root@localhost pcre-8.35]#  make && make install
[root@localhost pcre-8.35]# pcre-config --version
8.35
[root@localhost soft]# wget http://nginx.org/download/nginx-1.14.0.tar.gz
[root@localhost soft]# tar -zxvf nginx-1.14.0.tar.gz
[root@localhost soft]# cd nginx-1.14.0
[root@localhost soft]# ./configure --prefix=/data/nginx-1.14.0 --with-http_stub_status_module --with-http_ssl_module --with-pcre=/data/pcre-8.35
[root@localhost nginx-1.14.0]# make 
[root@localhost nginx-1.14.0]# make install
[root@localhost sbin]# cd /data/nginx-1.14.0/sbin
[root@localhost sbin]# ./nginx -V
nginx version: nginx/1.14.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) 
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/data/nginx-1.14.0 --with-http_stub_status_module --with-http_ssl_module --with-pcre=/data/pcre-8.35
#指定配置文件启动
[root@localhost conf]# /data/nginx-1.14.0/sbin/nginx -c /data/nginx-1.14.0/conf/nginx.conf
[root@localhost sbin]# ./nginx -s reload            # 重新载入配置文件
[root@localhost sbin]# ./nginx -s reopen            # 重启 Nginx
[root@localhost sbin]# ./sbin/nginx -s stop              # 停止 Nginx

Nginx 负载均衡及请求转发
文档:https://www.cnblogs.com/wzjhoutai/p/6932007.html
[root@localhost sbin]# vim /data/nginx-1.14.0/conf/nginx.conf
http下添加(upstream后的名字不要有-_的符号)
upstream linuxIdc{
    server 192.168.37.131:8801;
    server 192.168.37.131:8802;
}
server 下添加
server {
    listen       80;
    server_name  192.168.37.131;

    location / {
        root   html;
        index  index.html index.htm;
    }

    location /qdp-cr-web/ {
        proxy_pass   http://linuxIdc/;
    }
}
[root@localhost sbin]# ./nginx -s stop
[root@localhost sbin]# /data/nginx-1.14.0/sbin/nginx -c /data/nginx-1.14.0/conf/nginx.conf
----------------------
Keeplived 安装
wget http://www.keepalived.org/software/keepalived-2.0.0.tar.gz
[root@localhost soft]# tar -zxvf keepalived-2.0.0.tar.gz
[root@localhost soft]# cd keepalived-2.0.0
[root@localhost keepalived-2.0.0]# ./configure --prefix=/data/keepalived-2.0.0
[root@localhost keepalived-2.0.0]# make && make install
[root@localhost keepalived]# cd /data/keepalived-2.0.0/etc/keepalived
[root@localhost keepalived]# cp keepalived.conf keepalived.conf_bak
主192.168.37.131
备192.168.37.132
VIP192.168.37.222
[root@localhost keepalived]# vim /etc/hosts
192.168.37.131 node1
[root@localhost keepalived]# vim keepalived.conf
-- master
! Configuration File for keepalived

global_defs {
   router_id node1
}
vrrp_script chk_nginx { 
    script "/lhdata/application/keepalived-2.0.0/etc/keepalived/chk_nginx.sh"
    interval 2
    weight -5
    fall 2
    rise 1
}
vrrp_instance VI_1 {
    state MASTER
    interface eth4
    mcast_src_ip 192.168.15.121
    virtual_router_id 253
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass cr_ha_keeplived
    }
    track_script {  
        chk_nginx  
    }  
    virtual_ipaddress {
        192.168.15.253
    }
}

-- salve
! Configuration File for keepalived

global_defs {
   router_id node2
}
vrrp_script chk_nginx { 
    script "/lhdata/application/keepalived-2.0.0/etc/keepalived/chk_nginx.sh"
    interval 2
    weight -5
    fall 2
    rise 1
}
vrrp_instance VI_1 {
    state BACKUP  
    interface eth4
    mcast_src_ip 192.168.15.122
    virtual_router_id 253
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass cr_ha_keeplived
    }
    track_script {  
        chk_nginx  
    }  
    virtual_ipaddress {
        192.168.15.253
    }
}


-----
[root@localhost keepalived]# vim chk_nginx.sh
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
    /data/nginx-1.14.0/sbin/nginx
    sleep 2
    counter=$(ps -C nginx --no-heading|wc -l)
    if [ "${counter}" = "0" ]; then
        killall keepalived
    fi
fi
[root@localhost keepalived]# chmod 755  chk_nginx.sh
[root@localhost sbin]# cd /data/keepalived-2.0.0/sbin
[root@ora sbin]# /data/keepalived-2.0.0/sbin/keepalived -f /data/keepalived-2.0.0/etc/keepalived/keepalived.conf

VRRP协议也需要设置防火墙!

iptables -I INPUT -i eth0 -d 224.0.0.0/8 -p vrrp -j ACCEPT
iptables -I OUTPUT -o eth0 -d 224.0.0.0/8 -p vrrp -j ACCEPT
service iptables save
service iptables restart
---------------------------
Redis 安装
[root@ora soft]# tar -zxvf redis-4.0.6.tar.gz
[root@ora redis-4.0.6]# make
[root@ora redis-4.0.6]# cp redis.conf redis.conf_bak
[root@ora redis-4.0.6]# vim redis.conf
# bind 127.0.0.1
protected-mode no
#启动
[root@ora src]# ./redis-server /longfor_data/application/redis-4.0.6/redis.conf &
------------------
mysql数据库安装
[root@ora /]# yum install -y ncurses-devel libaio bison gcc-c++ openssl-devel
[root@ora /]# wget http://ftp.ubuntu-tw.org/mirror/mariadb//mariadb-10.2.15/bintar-linux-x86_64/mariadb-10.2.15-linux-x86_64.tar.gz
[root@ora soft]# tar -zxvf mariadb-10.2.15-linux-x86_64.tar.gz
[root@ora soft]# groupadd mysql
[root@ora soft]# useradd -g mysql mysql
[root@ora application]# mv mariadb-10.2.15 mysql
[root@ora mysql]# chown mysql:mysql -Rf /longfor_data/application/mysql/
[root@ora mysql]# chmod +x -Rf /longfor_data/application/mysql/
[root@ora mysql]# cp support-files/my-medium.cnf /etc/my.cnf
[root@ora mysql]# scripts/mysql_install_db --user=mysql
[root@ora mysql]# cp support-files/mysql.server /etc/init.d/mysql
[root@ora etc]# vim my.cnf
[mysqld]下
basedir=/longfor_data/application/mysql
1)修改字符集为UTF8
#vi /etc/my.cnf
在[client]下面添加 default-character-set = utf8
在[mysqld]下面添加 character_set_server = utf8
修改完重启:#service  mysql  restart 
2)增加错误日志
#vi /etc/my.cnf
在[mysqld]下面添加:
log-error = /usr/local/mysql/log/error.log
general-log-file = /usr/local/mysql/log/mysql.log
修改完重启:#service  mysql  restart 
3) 设置为不区分大小写,linux下默认会区分大小写。
#vi /etc/my.cnf
在[mysqld]下面添加:
lower_case_table_name=1
修改完重启:#service  mysql  restart 

[root@ora mysql]# chkconfig  mysql on
[root@ora mysql]# service  mysql  start
[root@ora ~]# cd 
[root@ora ~]# vim .bash_profile 
export PATH=/longfor_data/application/mysql/bin:$PATH
[root@ora ~]# source .bash_profile 
[root@ora ~]# mysqladmin -u root password 'pass!@#cr'
[root@ora ~]# mysql -uroot -p
Enter password:
MariaDB [(none)]> show databases
MariaDB [(none)]> use mysql
Database changed
MariaDB [mysql]> select host,user,password from user;
MariaDB [mysql]> delete from user where user='';
MariaDB [mysql]> flush privileges;
MariaDB [mysql]> CREATE DATABASE IF NOT EXISTS qdp_adverts DEFAULT CHARSET utf8mb4 COLLATE utf8mb4_general_ci;
MariaDB [mysql]> CREATE USER 'wysob'@'%' IDENTIFIED BY 'crPass!@#0614';
MariaDB [mysql]> update user set password=PASSWORD('pass!@#cr') where user='root';
MariaDB [mysql]> flush privileges;
MariaDB [mysql]> grant all on qdp_adverts.* to 'wysob'@'%' identified by 'crPass!@#0614';
MariaDB [mysql]> flush privileges;
# 取消授权
REVOKE all ON qdp_adverts.* FROM 'wysob'@'%';
----------------------
Zookeeper安装
wget https://mirrors.tuna.tsinghua.edu.cn/apache/zookeeper/zookeeper-3.4.10/zookeeper-3.4.10.tar.gz
tar -zxvf zookeeper-3.4.10.tar.gz
cd zookeeper-3.4.10/
cp zoo_sample.cfg zoo1.cfg
cp zoo1.cfg zoo2.cfg
cp zoo1.cfg zoo3.cfg
#zoo1.cfg 
clientPort=2181
dataDir=/lhdata/tmp/zookeeper/1
dataLogDir=/lhdata/tmp/zookeeper/1
server.1=192.168.37.131:2888:3888
server.2=192.168.37.131:2889:3889
server.3=192.168.37.131:2890:3890

#zoo2.cfg 2182
clientPort=2182
dataDir=/lhdata/tmp/zookeeper/2
dataLogDir=/lhdata/tmp/zookeeper/2
server.1=192.168.37.131:2888:3888
server.2=192.168.37.131:2889:3889
server.3=192.168.37.131:2890:3890

zoo3.cfg 2183
clientPort=2183
dataDir=/lhdata/tmp/zookeeper/3
dataLogDir=/lhdata/tmp/zookeeper/3
server.1=192.168.37.131:2888:3888
server.2=192.168.37.131:2889:3889
server.3=192.168.37.131:2890:3890

[root@localhost zookeeper-3.4.10]# cd /lhdata/application/zookeeper-3.4.10/

echo '1' > /lhdata/tmp/zookeeper/1/myid
echo '2' > /lhdata/tmp/zookeeper/2/myid
echo '3' > /lhdata/tmp/zookeeper/3/myid

[root@localhost zookeeper-3.4.10]# vim start_all_zookeeper.sh 
写入
cd /lhdata/application/zookeeper-3.4.10/
nohup bin/zkServer.sh start ./conf/zoo1.cfg &
nohup bin/zkServer.sh start ./conf/zoo2.cfg &
nohup bin/zkServer.sh start ./conf/zoo3.cfg &

-------------------
安装 dubbo-admin
[root@iZm5eafpnt57xvwsi8ggywZ WEB-INF]# vim dubbo.properties 
dubbo.registry.address=zookeeper://192.168.15.121:2181?backup=192.168.15.122:2182,192.168.15.151:2183
http://192.168.37.131:8088/dubbo-admin-2.5.8/ root root

------------------
[root@localhost qdp-adverts-job-8084]# vim /etc/hosts
192.168.37.131 qaskyline.qdingnet.com
-----------------------
ftp搭建
[root@localhost lhdata]# rpm -qa | grep vsftpd
[root@localhost lhdata]# service vsftpd start
[root@localhost lhdata]# mkdir -p /lhdata/data/ftp
[root@localhost lhdata]# adduser -s /bin/nologin -d /lhdata/data/ftp/qdpftp qdpftp
[root@localhost lhdata]# passwd qdpftp
[root@localhost home]# cd /etc/vsftpd/
[root@localhost vsftpd]# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
local_root=/lhdata/data/ftp
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=NO
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
[root@node3 vsftpd]# vim user_list
添加
qdpftp
[root@node3 pam.d]# vim /etc/pam.d/vsftpd
注释
#auth       required    pam_shells.so
法1:执行命令setsebool -P ftp_home_dir on命令或者执行 setsebool -P ftpd_disable_trans on 命令,
然后执行service vsftpd restart命令重启vsftpd服务
法2:关闭selinux,修改/etc/selinux/config文件或/etc/syscofnig/selinux设置SELINUX= disabled ,然后重启
[root@node3 pam.d]# mkdir /lhdata/data/ftp/qdpftp
[root@node3 pam.d]# chown -R qdpftp:qdpftp /lhdata/data/ftp/qdpftp
[root@node3 pam.d]# chmod -R 777 /lhdata/data/ftp/qdpftp
[root@localhost lhdata]# service vsftpd restart
测试登录FTP
[c:\~]$ ftp 192.168.15.151 或浏览器   ftp://192.168.15.151

 

posted @ 2018-06-28 16:46 Bodi 阅读(...) 评论(...) 编辑 收藏