Nginx+Keepalived+Tomcat实现负载均衡与高可用

一、环境准备：

测试环境关闭防火墙和SELINUX。

Host Name	IP Address
Tomcat Server 1	192.168.55.134
Tomcat Server 2	192.168.55.135
Nginx Server 1（Master）	192.168.55.136
Nginx Server 2（Backup）	192.168.55.143
VIP（虚拟IP）	192.168.55.150

二、服务器架构图

三、实施步骤

1.搭建Nginx服务器

#安装编译所需的包
~]# yum -y install gcc gcc-c++ pcre pcre-devel openssl openssl-devel zlib zlib-devel

#编译安装Nginx
~]# wget -P /tmp http://nginx.org/download/nginx-1.16.1.tar.gz
~]# cd /tmp
~]# tar xf nginx-1.16.1.tar.gz -C /usr/local
~]# cd /usr/local/nginx-1.16.1
~]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module
~]# make && make install

#启动nginx
~]# sbin/nginx      #启动nginx服务

测试Nginxx是否已启动

2.搭建Tomcat服务器

#安装java(自行下载)
~]# cd /tmp && tar xf jdk-8u151-linux-x64.tar.gz -C /usr/local
~]# cd /usr/local
~]# ln -s jdk-8u151-linux-x64 java

~]# vi /etc/profile
	...
	JAVA_HOME=/usr/local/java
	PATH=$JAVA_HOME/bin:$PATH
~]# source /etc/profile
~]# java -version		#检验是否安装java

#安装tomcat
~]# wget -P /tmp https://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-9/v9.0.35/bin/apache-tomcat-9.0.35.tar.gz
~]# cd /tmp && tar xf apache-tomcat-9.0.35.tar.gz -C /usr/local
~]# mv /usr/local/apache-tomcat-9.0.35 /usr/local/tomcat
~]# cd /usr/local/tomcat
~]# bin/startup.sh		#启动tomcat，访问IP是否部署成功

##tomcat开机自启脚本
#开启tomcat.pid
~]# cd /usr/local/tomcat
~]# vi bin/catalina.sh
	...
	CATALINA_PID=$PRGDIR/tomcat.pid 	#在PRFDIR行下新增

~]# vi bin/setclasspath.sh 
	export JAVA_HOME=/usr/local/java 	#首部新增行

~]# cd /usr/lib/systemd/system
~]# vi tomcat.service					#编写tomcat开机自启脚本
	
	[Unit]
	Description=Tomcat
	After=network.target syslog.target

	[Service]
	Type=forking
	PIDFile=/usr/local/tomcat/bin/tomcat.pid
	ExecStart=/usr/local/tomcat/bin/startup.sh
	ExecReload=/bin/kill -s HUP $MAINPID
	ExecStop=/bin/kill -s QUIT $MAINPID
	PrivateTmp=true

	[Install]
	WantedBy=multi-user.target

~]# systemctl enable tomcat				#开机启动tomcat

Tomcat Server 1

#编辑网站内容
~]# rm -f /usr/local/tomcat/webapps/ROOT/index.jsp
~]# vi /usr/local/tomcat/webapps/ROOT/index.jsp
	<html>
	  <head>
	    <title> tomcat_server_1</title>
	  <body>
	    <% out.println("this is 192.168.55.134");%>
	  </body>
	</html>

Tomcat Server 2

#编辑网站内容
~]# rm -f /usr/local/tomcat/webapps/ROOT/index.jsp
~]# vi /usr/local/tomcat/webapps/ROOT/index.jsp
	<html>
	  <head>
	    <title> tomcat_server_2</title>
	  <body>
	    <% out.println("this is 192.168.55.135");%>
	  </body>
	</html>

3.配置Nginx反向代理

Nginx Server 1

#Nginx服务器配置反向代理
~]# cd /usr/local/nginx/conf
~]# vi nginx.conf
    upstream TMserver1 {						#负载均衡（虚拟主机名）
       server 192.168.55.134:8080 weight=1;		#server加IP或域名，默认端口80
       server 192.168.55.135:8080 weight=1;		#weight权重，数值越大轮询次数越多
    }
    server {
        listen       80;
        server_name  localhost;
        location / {
            #root   html;
            #index  index.html index.htm;
            proxy_pass http://TMserver1;		#反向代理
            }
        }

~]# /usr/local/nginx/sbin/nginx -s reload 		#重载nginx

Nginx Server 2

#Nginx服务器配置反向代理
~]# cd /usr/local/nginx/conf
~]# vi nginx.conf
    upstream TMserver2 {
       server 192.168.55.134:8080 weight=1;
       server 192.168.55.135:8080 weight=1;
    }
    server {
        listen       80;
        server_name  localhost;
        location / {
            #root   html;
            #index  index.html index.htm;
            proxy_pass http://TMserver2;
            }
        }

~]# /usr/local/nginx/sbin/nginx -s reload 		#重载nginx

4.部署Keepalived服务

安装Keepalived

#安装Keepalived
~]# wget -p /tmp https://www.keepalived.org/software/keepalived-2.0.20.tar.gz
~]# tar xf /tmp/keepalived-2.0.20.tar.gz && cd /tmp/keepalived-2.0.20
~]# ./configure --prefix=/usr/local/keepalived 
~]# make && make install

编写Nginx检测脚本

#添加nginx存活脚本
~]# mkdir /etc/keepalived 
~]# cd /usr/local/keepalived
~]# cp -a etc/keepalived/keepalived.conf /etc/keepalived
~]# vi /etc/keepalived/check_nginx.sh
	#!/bin/bash   
	A=`ps -C nginx --no-header |wc -l`  
	if [ $A -eq 0 ];then  
	 /etc/init.d/nginx start  
	 sleep 3  
	 if [ `ps -C nginx --no-header |wc -l`-eq 0 ];then  
	  killall keepalived  
	 fi  
	fi

Master修改keepalived.conf

~]# vi /etc/keepalived/keepalived.conf
	#检查nginx进程是否存活
	vrrp_script chk_nginx {
	script "/etc/keepalived/check_nginx.sh"
	interval 2
	weight -20
	}

	global_defs {
	   router_id LVS_MASTER		#虚拟主机名
	}

	vrrp_instance VI_1 {
	    state MASTER			#主服务器
	    interface ens33			#当前主机的网卡名
	    virtual_router_id 51	#虚拟id，主从服务器保持一致
	    mcast_src_ip 192.168.55.136		#当前主机的IP地址
	    priority 100			#优先级，主服务器的优先级必须高于从服务器
	    advert_int 1
	    authentication {		#主从之间通信认证
	        auth_type PASS
	        auth_pass 1111
	    }

	track_script {
	        chk_nginx
	 }

	    virtual_ipaddress {
	        192.168.55.150		#虚拟IP，主从服务器保持一致
	    }
	}

Backup修改keepalived.conf

~]# vi /etc/keepalived/keepalived.conf
	vrrp_script chk_nginx {
	script "/etc/keepalived/check_nginx.sh"
	interval 2
	weight -20
	}

	global_defs {
	   router_id LVS_BACKUP
	}

	vrrp_instance VI_1 {
	    state MASTER				#从服务器
	    interface ens33				#当前主机网卡名
	    virtual_router_id 51		#主从服务器保持一致
	    mcast_src_ip 192.168.55.143	#当前主机的IP地址
	    priority 90					#优先级，低于主服务器
	    advert_int 1
	    authentication {
	        auth_type PASS
	        auth_pass 1111
	    }

	track_script {
	        chk_nginx
	 }

	    virtual_ipaddress {
	        192.168.55.150		#虚拟IP，与主服务器保持一致
	    }
	}

~]# systemctl start keepalived

测试验证：

1.检查nginx和keepalived服务是否都已经正常启动

2.master端使用ip a 查看VIP（192.168.55.150）是否绑定到了Nginx Server1（192.168.55.136）

3.backup端使用ip a 查看VIP还未绑定到Nginx Server2（192.168.55.143）

4.停止Master（192.168.55.136）的keepalived和Nginx服务，查看VIP已解除绑定

5.查看Backup（192.168.55.143），已绑定VIP

6.浏览器访问VIP地址，查看结果

本测试为抢占模式

非抢占模式：MASTER恢复后仍然由BACKUP提供服务，当BACKUP挂了MASTER再重新绑定VIP。
1>在vrrp_instance块下两个节点各增加了nopreempt指令，表示不争抢vip
2> 节点的state都为BACKUP