1.分别配置两台tomcat后端服务的java环境
1)准备jdk8压缩包
[root@tomcat jdk]# pwd
/usr/local/src/jdk
root@tomcat jdk]# ls
jdk-8u211-linux-x64.tar.gz
2)解压jdk压缩包当前目录下并创建软连接
[root@tomcat jdk]# tar xvf jdk-8u211-linux-x64.tar.gz
[root@tomcat jdk]# ln -sv jdk1.8.0_211/ jdk
3)配置java的环境变量并生效
[root@tomcat ~]# vim /etc/profile
……
export JAVA_HOME=/usr/local/src/jdk/jdk
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=$JAVA_HOME/lib/:$JRE_HOME/lib
export TOMCAT_HOME=/usr/local/src/tomcat/tomcat
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin:$TOMCAT_HOME/bin
[root@tomcat ~]# source /etc/profile
4)测试java环境
[root@tomcat ~]# echo $JAVA_HOME
/usr/local/src/jdk/jdk
[root@tomcat ~]# echo $CLASSPATH
/usr/local/src/jdk/jdk/lib/:/usr/local/src/jdk/jdk/jre/lib
[root@tomcat ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/src/jdk/jdk/bin:/usr/local/src/jdk/jdk/jre/bin:/usr/local/src/tomcat/tomcat/bin:/root/bin
[root@tomcat ~]# java -version #查看java的版本
java version "1.8.0_211"
Java(TM) SE Runtime Environment (build 1.8.0_211-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.211-b12, mixed mode)
2.分别安装配置tomcat服务
1)准备tomcat二进制压缩包
[root@tomcat tomcat]# pwd
/usr/local/src/tomcat
[root@tomcat tomcat]# ls
apache-tomcat-8.5.43.tar.gz
2)解压tomcat压缩文件并创建软连接
[root@tomcat tomcat]# tar xvf apache-tomcat-8.5.43.tar.gz
[root@tomcat tomcat]# ln -sv apache-tomcat-8.5.43 tomcat
3)启动tomcat服务
[root@tomcat ~]# /usr/local/src/tomcat/tomcat/bin/catalina.sh start
4)查看启动端口
[root@tomcat ~]# ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=3716,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=3936,fd=13))
LISTEN 0 100 :::8009 :::* users:(("java",pid=5861,fd=54))
LISTEN 0 100 :::8080 :::* users:(("java",pid=5861,fd=49))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=3716,fd=4))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=3936,fd=14))
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::* users:(("java",pid=5861,fd=75))
5)浏览器访问测试“主tomcat服务”
6)浏览器访问测试“备tomcat-1服务”
3.分别配置两台keepalived+haproxy高可用分离调度服务
1)安装高可用服务keepalived
[root@keepalive_haproxy ~]# yum install keepalive -y
2)修改keepalived配置文件
[root@keepalive_haproxy ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id haproxy #在备份服务中的路由id设置为 ”haproxy-1“,不可相同
vrrp_skip_check_adv_addr
# vrrp_strict #禁用掉vrrp,否则只支持组播不支持单播模式
vrrp_iptables #开启不自动添加防火墙规则,避免无法访问此主机
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #设置为主服务,在备份服务中设置为”BACKUP“,备份服务
interface eth0 #绑定的网卡
virtual_router_id 51 #实例路由id号,此id号主备服务可相同
priority 100 #优先级,备份服务优先级必须小于100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.23/ dev eth0 label eth0:0 #将虚拟vip绑定到本地eth0网卡并取名为eth0:0
}
unicast_src_ip 192.168.1.10 #单播源地址ip,在备份服务中设置源ip为192.168.1.11
unicast_peer{
192.168.1.11 #单播目标地址ip,在备份服务中设置目标ip为192.168.1.10
}
}
3)分别启动keepalived服务
主keepalivd:
[root@keepalive_haproxy ~]# systemctl start keepalived
root@keepalive_haproxy ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-08-05 18:10:00 CST; 21s ago
Process: 4313 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 4314 (keepalived)
[root@keepalive_haproxy ~]# ip a
……
eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:36:53:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.10.23/0 scope global eth0:0 #绑定的虚拟vip
valid_lft forever preferred_lft forever
……
备keepalivd:
[root@keepalive_haproxy ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-08-05 17:32:01 CST; 40min ago
Process: 3712 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 3853 (keepalived)
[root@keepalive_haproxy ~]# ip a #没有看到虚拟vip,当主服务挂掉,虚拟vip会自动漂移到此主机
……
eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:c4:e2:07 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.11/24 brd 192.168.1.255 scope global eth0
……
4)分别配置两台调度服务内核参数
[root@keepalive_haproxy ~]# vim /etc/sysctl.conf
……
net.ipv4.ip_nonlocal_bind = 1 #开启非本地ip绑定,避免haproxy无法绑定非本机ip
net.ipv4.ip_forward = 1 #开启路由转发功能
5)生效内核参数
[root@keepalive_haproxy ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
6)分别编译安装好haproxy,以下为编译安装后的路径
[root@keepalive_haproxy haproxy]# pwd
/usr/local/src/haproxy
[root@keepalive_haproxy haproxy]# ls
doc sbin share
7)再修改配置文件,两台服务配置文件必须保持相同
[root@keepalive_haproxy ~]# vim /etc/haproxy/haproxy.cfg
Global
maxconn 100000 #每个进程并发最大连接数
chroot /usr/local/src/haproxy #锁定 运行的目录
#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
stats socket /usr/local/src/haproxy/haproxy.sock mode 600 level admin #自定义sock
文件路径,此路径下haproxy启动用户必须有权限创建haproxy.sock文件,否则服务无法
启动,此sock文件为支持动态下线后端服务功能,也可注释掉不创建sock文件
uid 88 #执行haproxy的用户身份
gid 88 #所属的组
daemon
nbproc 2 #开启的线程数
cpu-map 1 0 #绑定到cup的第0号核心
cpu-map 2 1 #绑定到cup的第1号核心
pidfile /run/haproxy.pid #pid文件路径
log 127.0.0.1 local3 info #定义全局syslog
defaults #默认设置,为前端、后端及listen默认设置
option http-keep-alive
option forwardfor #ip透传
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats #开启监听状态页
mode http #http协议
bind 0.0.0.0:9999 #状态页访绑定的端口
stats enable #开启状态页
log global #全局日志
stats uri /haproxy-status #状态也路径
stats auth admin:123456 #状态页登录的用户名及密码
listen web_port #监听的服务
bind 192.168.10.23:80 #绑定的虚拟vip及端口,当外网访问此虚拟vip时会自动调度到后端服务
mode http #http协议
balance roundrobin #调度算法 roundrobin动态轮询
log global #全局日志
server 192.168.1.20 192.168.1.20:8080 check inter 3000 fall 2 rise 5 #调度的后端服务
server 192.168.1.21 192.168.1.21:8080 check inter 3000 fall 2 rise 5 #调度的后端服务
8)创建haproxy启动用户
[root@keepalive_haproxy haproxy]# useradd -r -s /sbin/nologin haproxy -u 88
9)分别创建haproxy启动脚本
[root@keepalive_haproxy haproxy]# vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAproxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
ExecStop=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
10)分别启动haproxy服务
[root@keepalive_haproxy haproxy]# systemctl start haproxy
root@keepalive_haproxy haproxy]# systemctl status haproxy
● haproxy.service - HAproxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-08-05 17:31:48 CST; 1h 25min ago
Process: 3716 ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q (code=exited, status=0/SUCCESS)
Main PID: 3769 (haproxy)
[root@keepalive_haproxy haproxy]# ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:9999 *:* users:(("haproxy",pid=3828,fd=5),("haproxy",pid=3827,fd=5))
LISTEN 0 128 192.168.10.23:80 *:* users:(("haproxy",pid=3828,fd=7),("haproxy",pid=3827,fd=7))
……
11)haproxy状态页访问
12)浏览器访问调度服务,成功调度到后端服务
4.创建Jenkins的执行脚本,用以实现通过Jenkins的选项参数来自动测试、部署、回滚代码(事先搭建好jenkins、gitlab、sonaqube等服务,其中jenkins要安装scanner扫描器)
1)自定义创建指定的jenkins服务工作目录
[root@jenkins]# mkdir /data/jenkins/worker -pv
2)jenkins服务器脚本的保存路径
[root@jenkins jenkins]# pwd
/data/jenkins
3)jenkins服务器编辑脚本
[root@jenkins jenkins]# vim project.sh
#!/bin/bash
#jenkins参数选项
time=`date +%Y-%m-%d_%H-%M-%S`
method=$1
group=$2
branch=$3
#后端tomcat服务ip地址组
ip_value(){
if [[ $group == "group1" ]];then
ip_list="192.168.1.20"
echo ${ip_list}
elif [[ $group == "group2" ]];then
ip_list="192.168.1.21"
echo ${ip_list}
ssh [email protected] "echo "enable server web_port/192.168.1.20" | socat stdio /usr/local/src/haproxy/haproxy.sock"
ssh [email protected] "echo "enable server web_port/192.168.1.20" | socat stdio /usr/local/src/haproxy/haproxy.sock"
elif [[ $group == "group3" ]];then
ip_list="192.168.1.20 192.168.1.21"
echo ${ip_list}
fi
}
#代码先部署至Jenkins服务端
code_deploy(){
cd /data/jenkins/worker
rm -rf ./*
git clone -b $branch [email protected]:jie/web-page.git
}
#代码测试
code_test(){
cd /data/jenkins/worker/web-page
cat > sonar-project.properties <
4)再各后端创建好代码压缩文件保存路径
主tomcat:
[root@tomcat tomcat]# mkdir web-code
[root@tomcat tomcat]# pwd
/usr/local/src/tomcat/tomcat
备tomcat-1:
[root@tomcat-1 tomcat]# mkdir web-code
[root@tomcat-1 tomcat]# pwd
/usr/local/src/tomcat/tomcat
5)再jenkins服务设置好免密秘钥登录各服务
[root@jenkins jenkins]# ssh-copy-id 192.168.1.10
[root@jenkins jenkins]# ssh-copy-id 192.168.1.11
[root@jenkins jenkins]# ssh-copy-id 192.168.1.20
[root@jenkins jenkins]# ssh-copy-id 192.168.1.21
5.再gitlab服务器克隆并推送代码
1)克隆指定的develop分支代码
root@ubuntu1804:~# git clone -b develop http://192.168.1.30/jie/web-page.git
Cloning into 'web-page'...
Username for 'http://192.168.1.30': jie
Password for 'http://[email protected]':
remote: Enumerating objects: 39, done.
remote: Counting objects: 100% (39/39), done.
remote: Compressing objects: 100% (22/22), done.
remote: Total 39 (delta 4), reused 27 (delta 4)
Unpacking objects: 100% (39/39), done.
2)查看克隆的所包含的代码文件
root@ubuntu1804:~# ls web-page/
index.html Math.php
3)修改代文件
root@ubuntu1804:~/web-page# cat index.html
welcome to tomcat page
simple-version v1
4)推送v1版代码至gitlab代码库
root@ubuntu1804:~/web-page# git add ./*
root@ubuntu1804:~/web-page# git commit -m 'v1'
[develop d0dd713] v1
1 file changed, 2 insertions(+), 2 deletions(-)
root@ubuntu1804:~/web-page# git push
Username for 'http://192.168.1.30': jie
Password for 'http://[email protected]':
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 316 bytes | 316.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote:
remote: To create a merge request for develop, visit:
remote: http://192.168.1.30/jie/web-page/merge_requests/new?merge_request%5Bsource_branch%5D=develop
remote:
To http://192.168.1.30/jie/web-page.git
c10f5bf..d0dd713 develop -> develop
6.jenkins的配置文件修改及选项参数构建
1)创建一个项目code-test
2)配置此项目的configure文件,添加选项参数、字符参数且与脚本文件中的选项相对应
3)配置jenkins的shell脚本命令,此脚本实现代码的测试、部署以及 回滚
4)保存以上配置,然后部署第一组后端服务主tomcat
5)控制台输出信息
6)直接浏览器访问主tomcat服务验证是否部署成功
7)再部署第二组后端服务备tomcat-1
8)控制台输出部署成功信息
9)分别查看后端服务部署的相关代码文件,确定代码文件是否部署到后端服务
主tomcat服务端:
[root@tomcat tomcat]# pwd/usr/local/src/tomcat/tomcat
[root@tomcat tomcat]# ll web-code/
total 16
-rw-r--r-- 1 root root 14910 Aug 4 18:23 2019-08-04_18-23-01-code-tar.gz
[root@tomcat webapps]# pwd
/usr/local/src/tomcat/tomcat/webapps
[root@tomcat webapps]# cat web-page/index.html
welcome to tomcat page
simple-version v1
备tomcat-1服务端:
[root@tomcat-1 tomcat]# pwd
/usr/local/src/tomcat/tomcat
[root@tomcat-1 tomcat]# ll web-code/
total 16
-rw-r--r-- 1 root root 14910 Aug 4 18:23 2019-08-04_18-23-01-code-tar.gz
[root@tomcat-1 webapps]# pwd
/usr/local/src/tomcat/tomcat/webapps
[root@tomcat-1 webapps]# cat web-page/index.html
welcome to tomcat page
simple-version v1
10)直接浏览器访问备tomcat1服务验证是否部署成功,如下所示备tomcat-1代码也部署成功
11)最后通过浏览器haproxy调度器,成功调度到后端服务tomcat
12)代码测试结果
7.将后端服务代码升级到v2新版本
1)在gitlab服务器更新代码
root@ubuntu1804:~/web-page# cat index.html
welcome to tomcat page
enhanced-version v2--- Handled bugs on the old v1
2)在gitlab服务器再次推送v2新版本代码至gitlab代码库
root@ubuntu1804:~/web-page# git add ./*
root@ubuntu1804:~/web-page# git commit -m 'v2'
[develop 2512294] v2
1 file changed, 1 insertion(+), 1 deletion(-)
root@ubuntu1804:~/web-page# git push
Username for 'http://192.168.1.30': jie
Password for 'http://[email protected]':
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 344 bytes | 344.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote:
remote: To create a merge request for develop, visit:
remote: http://192.168.1.30/jie/web-page/merge_requests/new?merge_request%5Bsource_branch%5D=develop
remote:
To http://192.168.1.30/jie/web-page.git
d0dd713..2512294 develop -> develop
3)构建参数group3,将所有后端服务全部更新,升级至v2版本
4)查看控制台执行的结果,显示部署成功
5)在各后端服务端查看更新的代码文件,检查代码是否更新,并浏览器测试访问
tomcat服务端:
[root@tomcat webapps]# cat web-page/index.html
welcome to tomcat page
enhanced-version v2--- Handled bugs on the old v1
tomcat-1服务端:
[root@tomcat-1 webapps]# cat web-page/index.html
welcome to tomcat page
enhanced-version v2--- Handled bugs on the old v1
6)再通过浏览器访问haproxy调度器服务,检查更新代码后是否成功调度到后端服务
7)代码测试结果
8.代码回滚到旧版本(若v2版本不稳定,则需要将后端服务代码回滚到旧版本v1,避免影响业务的进行)
1)构建选择rollback回滚,group3所有后端回滚
2)查看控制台输代码部署输出信息
3)查看各后端服务代码文件,检查代码是否回滚到v1旧版本,并浏览器测试各服务端
主tomcat服务端:
[root@tomcat webapps]# cat web-page/index.html
welcome to tomcat page
simple-version v1
备tomcat-1服务端:
[root@tomcat-1 webapps]# cat web-page/index.html