标签:ensure OWIN web 登录 ack The name done aec
一、案例概述本案例采用四层模式实现,主要分为前端反向代理、web层、数据库缓存层和数据库层。
由于实验条件限制,本次实验共打开四台虚拟机,此处实验将前端代理层、数据库缓存层、数据库层服务搭建在前两台虚拟服务器上,web层采用群集模式,用于单独放置两台虚拟机。故本次实验实际模型为了模拟实际环境,服务搭建按照如下拓扑搭建。
| 主机名 | 操作系统 | IP地址 | 用途 |
|---|---|---|---|
| server1 | centosx84_64 | 192.168.144.112 | 前端反向代理Nginx、Redis缓存主机、MySQL主数据库 |
| server2 | centosx84_64 | 192.168.144.111 | 前端反向代理备Nginx、Redis备缓存主机、MySQL备数据库 |
| web1 | centosx84_64 | 192.168.144.113 | Web服务tomcat |
| web2 | centosx84_64 | 192.168.144.114 | Web服务tomcat |
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install -y keepalived nginx
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
route_id NGINX_HA //主从不同
}
vrrp_script nginx {
script "/opt/shell/nginx.sh" //配置带动Nginx启动脚本
interval 2 //每隔2s响应
}
vrrp_instance VI_1 {
state MASTER //备为BACKUP
interface ens33 //注意主机网卡端口名称
virtual_router_id 51 //从需不同
priority 100 //从需比主低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
nginx //调度Nginx启动脚本的函数名
}
virtual_ipaddress {
192.168.144.188 //设置虚拟IP
}
}mkdir -p /opt/shell
vim /opt/shell/nginx.sh
#!/bin/bash
k=`ps -ef | grep keepalived | grep -v grep | wc -l`
if [ $k -gt 0 ];then
/bin/systemctl start nginx.service
else
/bin/systemctl stop nginx.service
fichmod +x /opt/shell/nginx.sh
vim /etc/nginx/nginx.conf
upstream tomcat_pool {
server 192.168.144.113:8080;
server 192.168.144.114:8080;
ip_hash; //会话稳固功能,否则无法通过vip地址登陆
}
server {
listen 80;
server_name 192.168.144.188; //虚拟IP
location / {
proxy_pass http://tomcat_pool;
proxy_set_header X-Real-IP $remote_addr;
}
}nginx -t -c /etc/nginx/nginx.conf
关闭防火墙和SELinux,准备启动keepalive,随后会通过配置文件带动脚本,启动Nginx,此处需要注意,若要停止Nginx,则需要先关闭keepalive,然后才可以。
netstat -ntap | grep nginx
tar xf apache-tomcat-8.5.23.tar.gz
tar xf jdk-8u144-linux-x64.tar.gz
mv jdk1.8.0_144/ /usr/local/java
mv apache-tomcat-8.5.23/ tomcat8
vim /etc/profile
export JAVA_HOME=/usr/local/java
export JRE_HOME=/usr/local/java/jre
export PATH=$PATH:/usr/local/java/bin
export CLASSPATH=./:/usr/local/java/lib:/usr/local/java/jre/libsource /etc/profile
配置tomcat启动与关闭命令为系统识别
ln -s /usr/local/tomcat8/bin/startup.sh /usr/bin/tomcatup
ln -s /usr/local/tomcat8/bin/shutdown.sh /usr/bin/tomcatdown
tomcatup
netstat -anpt | grep 8080http://192.168.144.113:8080/ //测试默认测试页是否正常显示
http://192.168.144.114:8080/
vim /usr/local/tomcat8/webapps/ROOT/index.jsp
<h1>Server 129!!</h1> //注意,web2需要首页内容不同
cd /usr/local/tomcat8/conf/
vim server.xml
跳到行尾,在Host name下新增 在148行位置
<Context path="" docBase="SLSaleSystem" reloadable="true" debug="0"></Context>
//日志调试信息debug为0表示信息越少,docBase指定访问目录tar zxvf SLSaleSystem.tar.gz -C /usr/local/tomcat8/webapps/
cd /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes
vim jdbc.properties //修改数据库IP地址是VRRP的虚拟IP,以及授权的用户名root和密码abc123。
driverClassName=com.mysql.jdbc.Driver
url=jdbc\:mysql\://192.168.144.188\:3306/slsaledb?useUnicode\=true&characterEncoding\=UTF-8 //该成我们设定的虚拟IP
uname=root
password=123456
minIdle=10
maxIdle=50
initialSize=5
maxActive=100
maxWait=100
removeAbandonedTimeout=180
removeAbandoned=truehttp://192.168.144.113:8080/ //默认的用户名admin 密码:123456
http://192.168.144.114:8080/
http://192.168.175.188 //输入虚拟地址测试登录,并且关闭主再测试登录
yum install -y mariadb-server mariadb
systemctl start mariadb.service
systemctl enable mariadb.servicenetstat -anpt | grep 3306
mysql_secure_installation //
Set root password? [Y/n] y //设置MySQL管理员账户的密码,我选择密码为abc123
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] n //删除匿名用户?
... skipping.
Normally, root should only be allowed to connect from ‘localhost‘. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n //拒绝root用户远程登录?
... skipping.
By default, MariaDB comes with a database named ‘test‘ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] n //删除test数据库?
... skipping.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y //重新加载数据库的所有表?
... Success!
Cleaning up...
All done! If you‘ve completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!mysql -uroot -p //进入数据库
mysql -u root -p < slsaledb-2014-4-10.sql
mysql -uroot -p
show databases;
GRANT all ON slsaledb.* TO ‘root‘@‘%‘ IDENTIFIED BY ‘abc123‘; //授予slsaledb数据库所有表所有权限给root用户在任意网段登录,密码为abc123
flush privileges; vim /etc/my.cnf
[mysqld]下添加
binlog-ignore-db=mysql,information_schema //二进制日志格式
character_set_server=utf8
log_bin=mysql_bin //开启二进制日志
server_id=1
log_slave_updates=true
sync_binlog=1 //同步日志systemctl restart mariadb
netstat -anpt | grep 3306
mysql -u root -p
show master status; //记录日志文件名称和 位置值
+------------------+----------+--------------+--------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+--------------------------+
| mysql_bin.000001 | 626 | | mysql,information_schema |
+------------------+----------+--------------+--------------------------+
grant replication slave on *.* to ‘rep‘@‘192.168.144.%‘ identified by ‘123456‘; //授予主从状态
flush privileges;vim /etc/my.cnf
[mysqld]下添加
server_id=2systemctl restart mariadb
netstat -anpt | grep 3306
mysql -u root -p
change master to master_host=‘192.168.144.112‘,master_user=‘rep‘,master_password=‘123456‘,master_log_file=‘mysql_bin.000001‘,master_log_pos=2626;
start slave;
show slave status;
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
yum install -y epel-release //安装扩展源
yum install redis -y
vim /etc/redis.conf
bind 0.0.0.0 //将监听网址修改成任意网段systemctl start redis.service
netstat -anpt | grep 6379
redis-cli -h 192.168.144.112 -p 6379 //测试连接
192.168.144.112:6379> set name test //设置name 值是test
192.168.144.112:6379> get name //获取name值
vim /etc/redis.conf
bind 0.0.0.0 //61行,修改监听地址
...
slaveof 192.168.114.112 6379 //266行下添加主服务器的IP,不是虚拟IPsystemctl restart redis.service
redis-cli -h 192.168.144.111 -p 6379
192.168.144.111:6379> get name
"test"
vim /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/applicationContext-mybatis.xml
<!--redis 配置 开始-->
<constructor-arg value="192.168.144.188"/> //47行
<constructor-arg value="6379"/> //48行redis-cli -h 192.168.144.188 -p 6379
192.168.175.188:6379> info
keyspace_hits:1 或者 keyspace_misses:2//关注这个值,命中数和未命中数
登录商城,然后反复点击需要数据库参与的操作页面,再回来检查keyspace_hits或者keyspace_misses: 值变化。标签:ensure OWIN web 登录 ack The name done aec
原文地址:http://blog.51cto.com/13659253/2152732
