#每台机子关闭防火墙和selinux
##NFS test1 10
##部署共享存储 test1 10
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
cd /opt/
mkdir nfs
cd nfs/
mkdir web1 web2
echo "this is web1" > web1/index.html
echo "this is web2" > web2/index.html
echo '/opt/nfs/web1 192.168.92.0/24(rw,sync,no_root_squash)
/opt/nfs/web2 192.168.92.0/24(rw,sync,no_root_squash)' >>/etc/exports
systemctl start rpcbind
systemctl start nfs
showmount -e
##keepalived+lvs net1 30 net2 40
##net1 30
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
su
yum install -y ipvsadm keepalived
cd /etc/keepalived/
echo '! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_01
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123123
}
virtual_ipaddress {
192.168.92.100
}
}
virtual_server 192.168.92.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 0
protocol TCP
real_server 192.168.92.70 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.92.60 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}' >keepalived.conf
systemctl restart keepalived.service
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl start ipvsadm
echo 'net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0' >>/etc/sysctl.conf
sysctl -p
## net2 40
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
su
yum install -y ipvsadm keepalived
cd /etc/keepalived/
echo '! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 123123
}
virtual_ipaddress {
192.168.92.100
}
}
virtual_server 192.168.92.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 0
protocol TCP
real_server 192.168.92.70 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.92.60 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}' >keepalived.conf
systemctl restart keepalived.service
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl start ipvsadm
echo 'net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0' >>/etc/sysctl.conf
sysctl -p
##动静分离 net3 60 test4 70
##net 60
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
su
cd /opt
tar xf jdk-8u91-linux-x64.tar.gz -C /usr/local/
echo 'export JAVA_HOME=/usr/local/jdk1.8.0_91
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:${JRE_HOME}/bin:$PATH' >>/etc/profile
source /etc/profile
cd /usr/local
scp -r jdk1.8.0_91/ 192.168.92.70:`pwd`
cd /opt/
tar xf apache-tomcat-9.0.16.tar.gz
mkdir /usr/local/tomcat
mv apache-tomcat-9.0.16/ /usr/local/tomcat/
cd /usr/local/tomcat/apache-tomcat-9.0.16/webapps/
mkdir test
echo '<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test1 page</title>
</head>
<body>
<% out.println("动态页面 1,this is dynamic web1");%>
</body>
</html>
' >/usr/local/tomcat/apache-tomcat-9.0.16/webapps/test/index.jsp
sed -i '148c <!-- <Host name="localhost" appBase="webapps"' /usr/local/tomcat/apache-tomcat-9.0.16/conf/server.xml
sed -i '149c unpackWARs="true" autoDeploy="true"> -->' /usr/local/tomcat/apache-tomcat-9.0.16/conf/server.xml
sed -i '150a <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">\n<Context docBase="\/usr\/local\/tomcat\/apache-tomcat-9.0.16\/webapps\/test" path="" reloadable="true">\n</Context>' /usr/local/tomcat/apache-tomcat-9.0.16/conf/server.xml
/usr/local/tomcat/apache-tomcat-9.0.16/bin/startup.sh
cd /usr/local/
scp -r /usr/local/tomcat/ 192.168.92.70:`pwd`
##安装nginx
yum -y install pcre-devel zlib-devel gcc gcc-c++ make
useradd -M -s /sbin/nologin nginx
cd /opt
tar xf nginx-1.18.0.tar.gz -C
cd nginx-1.18.0/
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
make && make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
echo '[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target' >/lib/systemd/system/nginx.service
chmod 754 /lib/systemd/system/nginx.service
systemctl start nginx.service
systemctl enable nginx.service
sed -i '/#gzip on;/a\upstream tomcat_server {\n\tserver 192.168.92.60:8080;\n\tserver 192.168.92.70:8080;\n}' /usr/local/nginx/conf/nginx.conf
sed -i '/ #access_log logs\/host.access.log main;/a\location ~ .*\\.jsp$ {\n\tproxy_pass http://tomcat_server; \n\tproxy_set_header HOST $host;\n\tproxy_set_header X-Real-IP $remote_addr;\n\tproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n}' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx.service
mount 192.168.92.10:/opt/nfs/web1 /usr/local/nginx/html
##net4 70
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
cd /usr/local/tomcat/apache-tomcat-9.0.16/webapps/
mkdir test
echo '<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test2 page</title>
</head>
<body>
<% out.println("动态页面 2,this is dynamic web2");%>
</body>
</html>' >/usr/local/tomcat/apache-tomcat-9.0.16/webapps/test/index.jsp
/usr/local/tomcat/apache-tomcat-9.0.16/bin/startup.sh
yum -y install pcre-devel zlib-devel gcc gcc-c++ make
useradd -M -s /sbin/nologin nginx
cd /opt
tar xf nginx-1.18.0.tar.gz
cd nginx-1.18.0/
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
make && make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
echo '[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target' >/lib/systemd/system/nginx.service
chmod 754 /lib/systemd/system/nginx.service
systemctl start nginx.service
systemctl enable nginx.service
sed -i '/#gzip on;/a\upstream tomcat_server {\n\tserver 192.168.92.60:8080;\n\tserver 192.168.92.70:8080;\n}' /usr/local/nginx/conf/nginx.conf
sed -i '/ #access_log logs\/host.access.log main;/a\location ~ .*\\.jsp$ {\n\tproxy_pass http://tomcat_server; \n\tproxy_set_header HOST $host;\n\tproxy_set_header X-Real-IP $remote_addr;\n\tproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n}' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx.service
mount 192.168.92.10:/opt/nfs/web2 /usr/local/nginx/html
##配置虚拟IP net6 net7
cd /etc/sysconfig/network-scripts/
cp -a ifcfg-lo ifcfg-lo:0
echo 'DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.92.100
NETMASK=255.255.255.255' >ifcfg-lo:0
ifup lo:0
route add -host 192.168.92.100 dev lo:0
echo 'net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2' >>/etc/sysctl.conf
sysctl -p
##配置重启keepalived net1 net2
systemctl restart keepalived.service
ipvsadm -ln
## net60 net70 设置时间
sed -i '/#keepalive_timeout 0;/c\keepalive_timeout 0;' /usr/local/nginx/conf/nginx.conf
sed -i '/keepalive_timeout 65;/c\#keepalive_timeout 65;' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx
##test2 21 测试
curl 192.168.92.100
curl 192.168.92.100/test/index.jsp
这一篇文章就够了](https://img-blog.csdnimg.cn/6292cd2c7a6e4da0bcc18f6afab40d12.png)
