一.系统优化

1、修改/etc/sysctl.conf,优化tcp连接数

net.ipv4.tcp_fin_timeout = 30

net.ipv4.tcp_keepalive_time = 1200

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_tw_recycle = 1

net.ipv4.ip_local_port_range = 1024 65000

net.ipv4.tcp_max_syn_backlog = 8192

net.ipv4.tcp_max_tw_buckets = 5000

2、修改/etc/security/limits.conf,修改最大文件打开数为65535

添加如下两行:

*      soft  nofile       65535

*      hard nofile       65535

*      soft  nproc       16384

*      hard nproc       16384

二.安装JDK

chmod +x jdk-6u38-linux-x64.bin

# ./jdk-6u38-linux-x64.bin

#添加环境变量

# vi /etc/profile

export JAVA_HOME=/kjt/java/jdk1.6.0_38

export CLASSPATH=.:$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar

export PATH=$JAVA_HOME/bin:$PATH

#使环境变量生效

# source /etc/profile

#查看java版本

# java -version

java version "1.6.0_38"

Java(TM) SE Runtime Environment (build 1.6.0_27-b07)

Java HotSpot(TM) 64-Bit Server VM (build 20.2-b06, mixed mode)

三.安装Tomcat

1、确保防火墙已关闭

#service iptables stop

#chkconfig iptables off

#vi /etc/selinux/config

selinux=disabled

2、安装tomcat

# tar zxvf apache-tomcat-6.0.36.tar.gz

# cd apache-tomcat-6.0.36

#修改/bin/catalina.sh,在cygwin=false前加路径

export JAVA_HOME=/kjt/java/jdk1.6.0_38/

export PATH=$JAVA_HOME/bin:$PATH

export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

export TOMCAT_HOME=/kjt/java/apache-tomcat-6.0.36

export CATALINA_HOME=/kjt/java/apache-tomcat-6.0.36

export CATALINA_BASE=/kjt/java/apache-tomcat-6.0.36

3、修改/conf/server.xml,做tomcat线程池优化

<Connector port="8081" protocol="HTTP/1.1"

connectionTimeout="15000" maxThreads="500" minSpareThreads="50" maxSpareTheads="250" maxProcessors="600"

acceptCount="1000" enableLookups="false" compression="on"

redirectPort="8443" URIEncoding="utf-8" useBodyEncodingForURI="true"/>

<!-- A "Connector" using the shared thread pool-->

4、启动tomcat

cd /kjt/java/apache-tomcat-6.0.35/bin

./startup

5、查看tomcat进程

ps –ef|grep tomcat

四.Nginx配置

1.确定Nginx所需pcre库、openssl库等依赖包已经安装,若没有安装,安装nginx过程中将报错。

2.安装Nginx

tar zxvf nginx-1.0.15.tar.gz

cd nginx-1.0.15/

./configure  --prefix=/kjt/app/nginx --with-http_stub_status_module --with-http_ssl_module

make

make install

3.Nginx配置文件如下:

4.测试配置文件

/kjt/app/nginx/sbin/nginx -t

显示以下信息为正确的

the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok

configuration file /usr/local/nginx/conf/nginx.conf test is successful

5、启动nginx服务

/kjt/app/nginx/sbin/nginx

6、查看nginx进程

ps -ef|grep nginx

五.安装配置Keepalived

1、安装keepalived

tar -zxvf keepalived-1.2.7.tar.gz

cd keepalived-1.2.7

./configure --prefix=/kjt/app/keepalived

make

make install

2、将keepalived设置为开机启动

cp /kjt/app/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/

cp/kjt/app/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

cp /kjt/app/keepalived/sbin/keepalived /usr/sbin/

chkconfig --add keepalived

chkconfig keepalived on

3.修改配置文件为以下内容:

mkdir /etc/keepalived

cp /kjt/app/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

vim  /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id Nginx_Id_1

}

vrrp_script Monitor_Nginx {

script "/kjt/app/keepalived/etc/keepalived/samples/monitor_nginx.sh
"  #脚本存放位置

interval 2     #检查间隔为2秒

weight 2

}

vrrp_instance VI_1 {

state
BACKUP  #设置nopreempt,表示之前挂掉的master重新恢复后不再切换为master,直接成为BACKUP,nopreempt只能配置在BACKUP状态下

nopreempt

interface eth0

virtual_router_id 51

priority 100    #优先级较高的成为MASTER

advert_int 5   #健康检查间隔为5秒

authentication {

auth_type PASS

auth_pass kjt2013

}

virtual_ipaddress {

10.46.86.60

}

track_script {

Monitor_Nginx

}

}

注:monitor_nginx.sh为监控nginx进程的脚本,内容如下:当检测到nginx主进程挂掉之后,系统将自动重启nginx,若nginx主进程重启失败,延迟5秒后杀掉keepalived进程,进行切换。

#!/bin/bash

if [ "$(ps -ef | grep "nginx:
master process"| grep -v grep )" == "" ]

then

/kjt/app/nginx/sbin/nginx

sleep 5

if [ "$(ps -ef | grep "nginx: master process"| grep -v
grep )" == "" ]

then

killall keepalived

fi

fi

5.启动keepalived

service keepalived start

注:备机的keepalived的安装和上面一样,只要把配置文件中的priority改为小于100的数即可

6、配置Keepalived监控脚本,每分钟执行一次,当检测到原先MASTER上的Keepalived进程挂掉之后,将重启Keepalived进程

vi  /root/shell/keepalived.sh

touch  /root/shell/keepalived.log

chmod 755 *

新增计划任务

crontab –e

* * * * * (sh /root/shell/keepalived.sh
>> /root/shell/keepalived.log)

六.测试步骤

1.访问VIP看是否能够正常访问后端的tomcat

2.停止其中一个tomcat看是否能将访问转到另一台上

3.停止两台nginx上任何一个nginx进程看监控进程脚本是否会自动启动nginx

VRRP_Script(Monitor_Nginx) timed out

VRRP_Script(Monitor_Nginx) succeeded

4.停止任何一台nginx上的keepalived进程看另一台是否接管vip

比如停止Master上的keepalived,例如如下killall keepalived,查看BACKUP机器是否已经接管,如果BACKUP接管后,BACKUP机器日志会是出下情况

tail 
-f  /var/log/messages

Keepalived_vrrp: VRRP_Instance(VI_1)
Transition to MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
setting protocol VIPs.

Keepalived_vrrp: VRRP_Instance(VI_1)
Sending gratuitous ARPs on eth0 for 10.46.86.60

MASTER机器上日志会显示

Keepalived_vrrp: Terminating VRRP child
process on signal

Keepalived_vrrp: VRRP_Instance(VI_1)
removing protocol VIPs.

现在把原先MASTER上的Keepalived重新启动,会看到原先MASTER直接成为BACKUP,不再做一次切换。

现在的BACKUP日志如下:

Keepalived_vrrp: VRRP_Instance(VI_1)
Received higher prio advert

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering BACKUP STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
removing protocol VIPs.

Master日志如下:

Keepalived_vrrp: VRRP_Script(Monitor_Nginx)
succeeded

Keepalived_vrrp: VRRP_Instance(VI_1)
Transition to MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
setting protocol VIPs.

Keepalived_vrrp: VRRP_Instance(VI_1)
Sending gratuitous ARPs on eth0 for 10.46.86.60

一.系统优化

1、修改/etc/sysctl.conf,优化tcp连接数

net.ipv4.tcp_fin_timeout = 30

net.ipv4.tcp_keepalive_time = 1200

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_tw_recycle = 1

net.ipv4.ip_local_port_range = 1024 65000

net.ipv4.tcp_max_syn_backlog = 8192

net.ipv4.tcp_max_tw_buckets = 5000

2、修改/etc/security/limits.conf,修改最大文件打开数为65535

添加如下两行:

*      soft  nofile       65535

*      hard nofile       65535

*      soft  nproc       16384

*      hard nproc       16384

二.安装JDK

chmod +x jdk-6u38-linux-x64.bin

# ./jdk-6u38-linux-x64.bin

#添加环境变量

# vi /etc/profile

export JAVA_HOME=/kjt/java/jdk1.6.0_38

export
CLASSPATH=.:$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar

export PATH=$JAVA_HOME/bin:$PATH

#使环境变量生效

# source /etc/profile

#查看java版本

# java -version

java version "1.6.0_38"

Java(TM) SE Runtime Environment (build
1.6.0_27-b07)

Java HotSpot(TM) 64-Bit Server VM (build
20.2-b06, mixed mode)

三.安装Tomcat

1、确保防火墙已关闭

#service iptables stop

#chkconfig iptables off

#vi /etc/selinux/config

selinux=disabled

2、安装tomcat

# tar zxvf apache-tomcat-6.0.36.tar.gz

# cd apache-tomcat-6.0.36

#修改/bin/catalina.sh,在cygwin=false前加路径

export JAVA_HOME=/kjt/java/jdk1.6.0_38/

export PATH=$JAVA_HOME/bin:$PATH

export
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

export
TOMCAT_HOME=/kjt/java/apache-tomcat-6.0.36

export
CATALINA_HOME=/kjt/java/apache-tomcat-6.0.36

export
CATALINA_BASE=/kjt/java/apache-tomcat-6.0.36

3、修改/conf/server.xml,做tomcat线程池优化

<Connector port="8081" protocol="HTTP/1.1"

connectionTimeout="15000" maxThreads="500"
minSpareThreads="50" maxSpareTheads="250"
maxProcessors="600"

acceptCount="1000"
enableLookups="false" compression="on"

redirectPort="8443"
URIEncoding="utf-8" useBodyEncodingForURI="true"/>

<!-- A
"Connector" using the shared thread pool-->

4、启动tomcat

cd /kjt/java/apache-tomcat-6.0.35/bin

./startup

5、查看tomcat进程

ps –ef|grep tomcat

四.Nginx配置

1.确定Nginx所需pcre库、openssl库等依赖包已经安装,若没有安装,安装nginx过程中将报错。

2.安装Nginx

tar zxvf nginx-1.0.15.tar.gz

cd nginx-1.0.15/

./configure  --prefix=/kjt/app/nginx --with-http_stub_status_module
--with-http_ssl_module

make

make install

3.Nginx配置文件如下:

4.测试配置文件

/kjt/app/nginx/sbin/nginx -t

显示以下信息为正确的

the configuration file
/usr/local/nginx/conf/nginx.conf syntax is ok

configuration file
/usr/local/nginx/conf/nginx.conf test is successful

5、启动nginx服务

/kjt/app/nginx/sbin/nginx

6、查看nginx进程

ps -ef|grep nginx

五.安装配置Keepalived

1、安装keepalived

tar -zxvf keepalived-1.2.7.tar.gz

cd keepalived-1.2.7

./configure --prefix=/kjt/app/keepalived

make

make install

2、将keepalived设置为开机启动

cp /kjt/app/keepalived/etc/rc.d/init.d/keepalived
/etc/rc.d/init.d/

cp/kjt/app/keepalived/etc/sysconfig/keepalived
/etc/sysconfig/

cp /kjt/app/keepalived/sbin/keepalived
/usr/sbin/

chkconfig --add keepalived

chkconfig keepalived on

3.修改配置文件为以下内容:

mkdir /etc/keepalived

cp /kjt/app/keepalived/etc/keepalived/keepalived.conf
/etc/keepalived/

vim  /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id Nginx_Id_1

}

vrrp_script Monitor_Nginx {

script "/kjt/app/keepalived/etc/keepalived/samples/monitor_nginx.sh
"  #脚本存放位置

interval 2     #检查间隔为2秒

weight 2

}

vrrp_instance VI_1 {

state
BACKUP  #设置nopreempt,表示之前挂掉的master重新恢复后不再切换为master,直接成为BACKUP,nopreempt只能配置在BACKUP状态下

nopreempt

interface eth0

virtual_router_id 51

priority 100    #优先级较高的成为MASTER

advert_int 5   #健康检查间隔为5秒

authentication {

auth_type PASS

auth_pass kjt2013

}

virtual_ipaddress {

10.46.86.60

}

track_script {

Monitor_Nginx

}

}

注:monitor_nginx.sh为监控nginx进程的脚本,内容如下:当检测到nginx主进程挂掉之后,系统将自动重启nginx,若nginx主进程重启失败,延迟5秒后杀掉keepalived进程,进行切换。

#!/bin/bash

if [ "$(ps -ef | grep "nginx:
master process"| grep -v grep )" == "" ]

then

/kjt/app/nginx/sbin/nginx

sleep 5

if [ "$(ps -ef | grep "nginx: master process"| grep -v
grep )" == "" ]

then

killall keepalived

fi

fi

5.启动keepalived

service keepalived start

注:备机的keepalived的安装和上面一样,只要把配置文件中的priority改为小于100的数即可

6、配置Keepalived监控脚本,每分钟执行一次,当检测到原先MASTER上的Keepalived进程挂掉之后,将重启Keepalived进程

vi  /root/shell/keepalived.sh

touch  /root/shell/keepalived.log

chmod 755 *

新增计划任务

crontab –e

* * * * * (sh /root/shell/keepalived.sh
>> /root/shell/keepalived.log)

六.测试步骤

1.访问VIP看是否能够正常访问后端的tomcat

2.停止其中一个tomcat看是否能将访问转到另一台上

3.停止两台nginx上任何一个nginx进程看监控进程脚本是否会自动启动nginx

VRRP_Script(Monitor_Nginx) timed out

VRRP_Script(Monitor_Nginx) succeeded

4.停止任何一台nginx上的keepalived进程看另一台是否接管vip

比如停止Master上的keepalived,例如如下killall keepalived,查看BACKUP机器是否已经接管,如果BACKUP接管后,BACKUP机器日志会是出下情况

tail 
-f  /var/log/messages

Keepalived_vrrp: VRRP_Instance(VI_1)
Transition to MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
setting protocol VIPs.

Keepalived_vrrp: VRRP_Instance(VI_1)
Sending gratuitous ARPs on eth0 for 10.46.86.60

MASTER机器上日志会显示

Keepalived_vrrp: Terminating VRRP child
process on signal

Keepalived_vrrp: VRRP_Instance(VI_1)
removing protocol VIPs.

现在把原先MASTER上的Keepalived重新启动,会看到原先MASTER直接成为BACKUP,不再做一次切换。

现在的BACKUP日志如下:

Keepalived_vrrp: VRRP_Instance(VI_1)
Received higher prio advert

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering BACKUP STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
removing protocol VIPs.

Master日志如下:

Keepalived_vrrp: VRRP_Script(Monitor_Nginx)
succeeded

Keepalived_vrrp: VRRP_Instance(VI_1)
Transition to MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
Entering MASTER STATE

Keepalived_vrrp: VRRP_Instance(VI_1)
setting protocol VIPs.

Keepalived_vrrp: VRRP_Instance(VI_1)
Sending gratuitous ARPs on eth0 for 10.46.86.60

04-30 04:48