puppet實現nginx反代tomcat+memcached

ruopu1989 ? ? Linux筆記

puppet實現nginx反代tomcat+memcached

 

1、準備六臺主機,一臺puppet,一臺nginx反代,兩臺memcached,兩臺tomcat

192.168.1.33 puppet.test.com puppet

192.168.1.34 nginx.test.com nginx

192.168.1.35 tomcat1.test.com tomcat1

192.168.1.36 tomcat2.test.com tomcat2

192.168.1.40 memcached1.test.com memcached1

192.168.1.41 memcached2.test.com memcached2

2、puppet主機

vim /etc/hosts

192.168.1.33 puppet.test.com puppet

192.168.1.34 nginx.test.com nginx

192.168.1.35 tomcat1.test.com tomcat1

192.168.1.36 tomcat2.test.com tomcat2

192.168.1.40 memcached1.test.com memcached1

192.168.1.41 memcached2.test.com memcached2

hostname set-hostname puppet.test.com

vim /etc/ssh/ssh_config

StrictHostKeyChecking=no

//加入此條,為了在連接目標主機時不再提示“Are you sure you want to continue connecting”

ssh-keygen -t rsa -P ”

ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.33

在每臺主機的root目錄下創建.ssh目錄

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} nginx:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} tomcat1:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} tomcat2:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} memcached1:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} memcached2:/root/.ssh

scp -p /etc/ssh/ssh_config nginx:/etc/ssh/

scp -p /etc/ssh/ssh_config tomcat1:/etc/ssh/

scp -p /etc/ssh/ssh_config tomcat2:/etc/ssh/

scp -p /etc/ssh/ssh_config memcached1:/etc/ssh/

scp -p /etc/ssh/ssh_config memcached2:/etc/ssh/

scp /etc/hosts nginx:/etc/

scp /etc/hosts tomcat1:/etc/

scp /etc/hosts tomcat2:/etc/

scp /etc/hosts memcached1:/etc/

scp /etc/hosts memcached2:/etc/

下載facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm puppet-server-3.8.7-1.el7.noarch.rpm

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm nginx:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm tomcat1:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm tomcat2:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm memcached1:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm memcached2:/root

yum install epel-release -y

yum install facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm puppet-server-3.8.7-1.el7.noarch.rpm -y

vim /etc/puppet/puppet.conf

environmentpath = $confdir/environments

//服務器工作在哪個環境

puppet master –no-daemonize -v

//啟動服務

ss -tln

//監聽8140端口

mkdir -pv /etc/puppet/enviroments/{production,testing,development}/{manifests,modules}

mkdir -pv /etc/puppet/enviroments/{production,testing,development}/modules/{nginx,tomcat,httpd,memcached,jdk8}/{manifests,files,templates,lib,spec,tests}

  • memcached

cd /etc/puppet/enviroments/development/modules/memcached

vim manifests/init.pp

class memcached {
    package{'memcached':
        name  => 'memcached',
        ensure  => latest,
    }

    service{'memcached':
        ensure  => running,
        enable  => true,
    }
}
  • jdk8

cd /etc/puppet/enviroments/development/modules/jdk8

vim manifests/init.pp

class jdk8 {
    package{'jdk8':
        name  => 'java-1.8.0-openjdk-devel',
        ensure  => latest,
    }
    file{'java.sh':
        path  => '/etc/profile.d/java.sh',
        source  => "puppet:///modules/jdk8/java.sh",
    }
}

vim files/java.sh

export JAVA_HOME=/usr
  • tomcat

/etc/puppet/environments/development

vim modules/tomcat/manifests/init.pp

class tomcat {
    package{['tomcat','tomcat-admin-webapps','tomcat-webapps','tomcat-docs-webapp']:
    ensure  => latest,
}
file{'server.xml':
    path  => '/etc/tomcat/server.xml',
    source  => "puppet:///modules/tomcat/server.xml",
}
file{'tomcat':
    path  => '/etc/sysconfig/tomcat',
    source  => "puppet:///modules/tomcat/tomcat",
}
file{'jar':
    path  => '/usr/share/java/tomcat/',
    ensure  => directory,
    source  => "puppet:///modules/tomcat/jar/",
    recurse  => true,
}
file{'tomcat-users.xml':
    path  => '/etc/tomcat/tomcat-users.xml',
    source  => "puppet:///modules/tomcat/tomcat-users.xml",
}
file{'test':
    ensure  => directory,
    path  => '/var/lib/tomcat/webapps/test',
    source  => "puppet:///modules/tomcat/test",
    recurse  => true,
}
service{'tomcat':
    ensure  => running,
    enable  => true,
}
Package['tomcat','tomcat-admin-webapps','tomcat-webapps','tomcat-docs-webapp'] -> File['server.xml'] -> File['tomcat-users.xml'] -> File['test'] -> File['tomcat'] -> File['jar'] ~> Service['tomcat']
}

vim files/server.xml

<Host ...>
<Context path="/test" docBase="test" allowLinking="true" reloadable="true">
    <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
    memcachedNodes="m1:192.168.1.34:11211,m2:192.168.1.35:11211"
    failoverNodes="m1"
    requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$"                    
    transcoderFactoryClass="de.javakaffee.web.msm.serializer.javolution.JavolutionTranscoderFactory"   
    />
</Context>

//allowLinking=”true”表示支持軟鏈接,也就是前面的docBase中的test可以是軟鏈接;path是定義訪問路徑的,docBase是在服務器上的相對路徑。

vim files/tomcat-users.xml

<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user name="tomcat" password="tomcat" roles="admin-gui,manager-gui" />

mkdir files/test/WEB-INF/{class,lib}

vim files/test/index.jsp

<%@ page language="java" %>
<html>
  <head><title>TomcatA</title></head>
  <body>
    <h1><font color="red">TomcatA.magedu.com</font></h1>
    <table align="centre" border="1">
      <tr>
        <td>Session ID</td>
    <% session.setAttribute("magedu.com","magedu.com"); %>
        <td><%= session.getId() %></td>
      </tr>
      <tr>
        <td>Created on</td>
        <td><%= session.getCreationTime() %></td>
     </tr>
    </table>
  </body>
</html>

下載memcached-session-manager相關包到development/modules/tomcat/files/jar中

javolution-5.4.3.1.jar      //流式化工具

msm-javolution-serializer-1.9.7.jar      //MSM支持兩種模式即粘性sessions和非粘性sessions

memcached-session-manager-1.9.7.jar    //memcached會話管理器

memcached-session-manager-tc7-1.9.7.jar    //memcached會話管理器

spymemcached-2.11.1.jar    //驅動:tomcat連接memcached
  • httpd

cd /etc/puppet/enviroments/development/modules/httpd

vim manifests/init.pp

class httpd {
    package{'httpd':
        name  => 'httpd',
        ensure  => latest,
    }
    file{'httpd-tomcat.conf':
        path  => '/etc/httpd/conf.d/httpd-tomcat.conf',
        source  => "puppet:///modules/httpd/httpd-tomcat.conf",
    }
    service{'httpd.service':
        ensure  => running,
        enable  => true,
    }
    Package['httpd'] -> File['httpd.conf'] -> File['httpd-tomcat.conf'] ~> Service['httpd.service']
}

vim files/httpd-tomcat.conf

<VirtualHost *:80>
    ProxyRequests off
    ProxyPreserveHost on
    ProxyVia on
    <Proxy *>
        Require all granted
    </Proxy>
    ProxyPass / ajp://127.0.0.1:8009/
    ProxyPassReverse / ajp://127.0.0.1:8009/
//讓httpd用ajp協議將請求都反代到本機的tomcat上
    <Location />
        Require all granted
    </Location>
</VirtualHost>
  • nginx

cd /etc/puppet/enviroments/development/modules/nginx

vim manifests/init.pp

class nginx {
    package{'nginx':
        name  => 'nginx',
        ensure  => 'latest',
    }
    file{'nginx.conf':
        path  => '/etc/nginx/nginx.conf',
        source  => "puppet:///modules/nginx/nginx.conf",
    }
    file{'ilinux.conf':
        path  => '/etc/nginx/conf.d/ilinux.conf',
        source  => "puppet:///modules/nginx/ilinux.conf",
    }
    service{'nginx':
        ensure  => running,
        enable  => true,
    }
     Package['nginx'] -> File['nginx.conf'] -> File['ilinux.conf'] ~> Service['nginx']
}

vim files/ngin.conf

http {
upstream tcsrvs {
        server node1.ruopu.com;
        server node2.ruopu.com;
    }
}

vim files/ilinux.conf

server {
    listen 80;
    server_name www.ilinux.io;
    location / {
        proxy_pass http://tcsrvs;
    }
}
  • 主機清單 cd /etc/puppet/enviroments/development

vim manifests/site.pp

node 'tomcat1.ruopu.com' {
    include jdk8
    include tomcat
    include httpd
}
node 'tomcat2.ruopu.com' {
    include jdk8
    include tomcat
    include httpd
}
node 'nginx.ruopu.com' {
    include nginx
}
node 'memcached1.ruopu.com' {
include memcached
}
node 'memcached2.ruopu.com' {
include memcached
}

2、到其他主機

同步時間

hostnamectl set-hostname **.test.com

yum install facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm

vim /etc/puppet/puppet.conf

server = puppet.ruopu.com
listen = true
environment = development

vim /etc/puppet/auth.conf

path /run
method save
auth any
allow puppet.magedu.com

puppet agent –no-daemonize -v -d

3、puppet主機

puppet cert list

puppet cert sign –all

//簽證

本文來自投稿,不代表Linux運維部落立場,如若轉載,請注明出處:http://www.www58058.com/96316

(0)
ruopu1989ruopu1989
上一篇 2018-04-16 10:33
下一篇 2018-04-16

相關推薦

  • 基本正則表達式

    城還是這座城,人已非故人

    2018-04-18

  • —help 和-h選項

    Linux筆記 2018-04-01

  • Linux基礎知識(2)

    N31
    第二周

    Linux筆記 2018-06-30

  • linux基礎2

    1.文件管理常用命令: <1>mkdir,rmdir mkdir:make directory mkdir [OPTION]… DIRECTORY… -p:自動按需創建父目錄; -v:verbose,顯示詳細過程; -m MODE;直接給定權限; 注意:路徑基名方為命令的作用對象;基名之前的路徑必須存在; rmdir:re…

    Linux筆記 2018-07-01

  • Linux啟動和內核管理

    系統啟動和內核管理 Linux組成 Linux:kerne+rootfs(應用程序) kernel:進程管理、內存管理、網絡管理、驅動程序、文件系統、安全功能 roots:程序和glibc 函數:相當于命令的集合 庫:函數集合,function,調用接口(頭文件負責描述) 過程調用:procedure,無返回值 函數調用:function 程序:二進制執行文…

    Linux筆記 2018-05-13

  • 初學linux你該死記它們

    最笨的方法往往是最好的方法

    Linux筆記 2018-04-08
欧美性久久久久