puppet实现nginx反代tomcat+memcached

puppet实现nginx反代tomcat+memcached

 

1、准备六台主机,一台puppet,一台nginx反代,两台memcached,两台tomcat

192.168.1.33 puppet.test.com puppet

192.168.1.34 nginx.test.com nginx

192.168.1.35 tomcat1.test.com tomcat1

192.168.1.36 tomcat2.test.com tomcat2

192.168.1.40 memcached1.test.com memcached1

192.168.1.41 memcached2.test.com memcached2

2、puppet主机

vim /etc/hosts


1
2
3
4
5
6
7
8
9
10
11
192.168.1.33 puppet.test.com puppet

192.168.1.34 nginx.test.com nginx

192.168.1.35 tomcat1.test.com tomcat1

192.168.1.36 tomcat2.test.com tomcat2

192.168.1.40 memcached1.test.com memcached1

192.168.1.41 memcached2.test.com memcached2

hostname set-hostname puppet.test.com

vim /etc/ssh/ssh_config


1
StrictHostKeyChecking=no

//加入此条,为了在连接目标主机时不再提示“Are you sure you want to continue connecting”

ssh-keygen -t rsa -P ”

ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.33

在每台主机的root目录下创建.ssh目录

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} nginx:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} tomcat1:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} tomcat2:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} memcached1:/root/.ssh

scp -p .ssh/authorized_keys .ssh/id_rsa{,.pub} memcached2:/root/.ssh

scp -p /etc/ssh/ssh_config nginx:/etc/ssh/

scp -p /etc/ssh/ssh_config tomcat1:/etc/ssh/

scp -p /etc/ssh/ssh_config tomcat2:/etc/ssh/

scp -p /etc/ssh/ssh_config memcached1:/etc/ssh/

scp -p /etc/ssh/ssh_config memcached2:/etc/ssh/

scp /etc/hosts nginx:/etc/

scp /etc/hosts tomcat1:/etc/

scp /etc/hosts tomcat2:/etc/

scp /etc/hosts memcached1:/etc/

scp /etc/hosts memcached2:/etc/

下载facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm puppet-server-3.8.7-1.el7.noarch.rpm

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm nginx:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm tomcat1:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm tomcat2:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm memcached1:/root

scp facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm memcached2:/root

yum install epel-release -y

yum install facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm puppet-server-3.8.7-1.el7.noarch.rpm -y

vim /etc/puppet/puppet.conf

environmentpath = $confdir/environments

//服务器工作在哪个环境

puppet master –no-daemonize -v

//启动服务

ss -tln

//监听8140端口

mkdir -pv /etc/puppet/enviroments/{production,testing,development}/{manifests,modules}

mkdir -pv /etc/puppet/enviroments/{production,testing,development}/modules/{nginx,tomcat,httpd,memcached,jdk8}/{manifests,files,templates,lib,spec,tests}

  • memcached

cd /etc/puppet/enviroments/development/modules/memcached

vim manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
class memcached {
    package{'memcached':
        name  => 'memcached',
        ensure  => latest,
    }

    service{'memcached':
        ensure  => running,
        enable  => true,
    }
}
  • jdk8

cd /etc/puppet/enviroments/development/modules/jdk8

vim manifests/init.pp


1
2
3
4
5
6
7
8
9
10
class jdk8 {
    package{'jdk8':
        name  => 'java-1.8.0-openjdk-devel',
        ensure  => latest,
    }
    file{'java.sh':
        path  => '/etc/profile.d/java.sh',
        source  => "puppet:///modules/jdk8/java.sh",
    }
}

vim files/java.sh


1
export JAVA_HOME=/usr
  • tomcat

/etc/puppet/environments/development

vim modules/tomcat/manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
class tomcat {
    package{['tomcat','tomcat-admin-webapps','tomcat-webapps','tomcat-docs-webapp']:
    ensure  => latest,
}
file{'server.xml':
    path  => '/etc/tomcat/server.xml',
    source  => "puppet:///modules/tomcat/server.xml",
}
file{'tomcat':
    path  => '/etc/sysconfig/tomcat',
    source  => "puppet:///modules/tomcat/tomcat",
}
file{'jar':
    path  => '/usr/share/java/tomcat/',
    ensure  => directory,
    source  => "puppet:///modules/tomcat/jar/",
    recurse  => true,
}
file{'tomcat-users.xml':
    path  => '/etc/tomcat/tomcat-users.xml',
    source  => "puppet:///modules/tomcat/tomcat-users.xml",
}
file{'test':
    ensure  => directory,
    path  => '/var/lib/tomcat/webapps/test',
    source  => "puppet:///modules/tomcat/test",
    recurse  => true,
}
service{'tomcat':
    ensure  => running,
    enable  => true,
}
Package['tomcat','tomcat-admin-webapps','tomcat-webapps','tomcat-docs-webapp'] -> File['server.xml'] -> File['tomcat-users.xml'] -> File['test'] -> File['tomcat'] -> File['jar'] ~> Service['tomcat']
}

vim files/server.xml


1
2
3
4
5
6
7
8
9
<Host ...>
<Context path="/test" docBase="test" allowLinking="true" reloadable="true">
    <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
    memcachedNodes="m1:192.168.1.34:11211,m2:192.168.1.35:11211"
    failoverNodes="m1"
    requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$"                    
    transcoderFactoryClass="de.javakaffee.web.msm.serializer.javolution.JavolutionTranscoderFactory"  
    />
</Context>

//allowLinking=”true”表示支持软链接,也就是前面的docBase中的test可以是软链接;path是定义访问路径的,docBase是在服务器上的相对路径。

vim files/tomcat-users.xml


1
2
3
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user name="tomcat" password="tomcat" roles="admin-gui,manager-gui" />

mkdir files/test/WEB-INF/{class,lib}

vim files/test/index.jsp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<%@ page language="java" %>
<html>
  <head><title>TomcatA</title></head>
  <body>
    <h1><font color="red">TomcatA.magedu.com</font></h1>
    <table align="centre" border="1">
      <tr>
        <td>Session ID</td>
    <% session.setAttribute("magedu.com","magedu.com"); %>
        <td><%= session.getId() %></td>
      </tr>
      <tr>
        <td>Created on</td>
        <td><%= session.getCreationTime() %></td>
     </tr>
    </table>
  </body>
</html>

下载memcached-session-manager相关包到development/modules/tomcat/files/jar中


1
2
3
4
5
6
7
8
9
javolution-5.4.3.1.jar      //流式化工具

msm-javolution-serializer-1.9.7.jar      //MSM支持两种模式即粘性sessions和非粘性sessions

memcached-session-manager-1.9.7.jar    //memcached会话管理器

memcached-session-manager-tc7-1.9.7.jar    //memcached会话管理器

spymemcached-2.11.1.jar    //驱动:tomcat连接memcached
  • httpd

cd /etc/puppet/enviroments/development/modules/httpd

vim manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
class httpd {
    package{'httpd':
        name  => 'httpd',
        ensure  => latest,
    }
    file{'httpd-tomcat.conf':
        path  => '/etc/httpd/conf.d/httpd-tomcat.conf',
        source  => "puppet:///modules/httpd/httpd-tomcat.conf",
    }
    service{'httpd.service':
        ensure  => running,
        enable  => true,
    }
    Package['httpd'] -> File['httpd.conf'] -> File['httpd-tomcat.conf'] ~> Service['httpd.service']
}

vim files/httpd-tomcat.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
<VirtualHost *:80>
    ProxyRequests off
    ProxyPreserveHost on
    ProxyVia on
    <Proxy *>
        Require all granted
    </Proxy>
    ProxyPass / ajp://127.0.0.1:8009/
    ProxyPassReverse / ajp://127.0.0.1:8009/
//让httpd用ajp协议将请求都反代到本机的tomcat上
    <Location />
        Require all granted
    </Location>
</VirtualHost>
  • nginx

cd /etc/puppet/enviroments/development/modules/nginx

vim manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
class nginx {
    package{'nginx':
        name  => 'nginx',
        ensure  => 'latest',
    }
    file{'nginx.conf':
        path  => '/etc/nginx/nginx.conf',
        source  => "puppet:///modules/nginx/nginx.conf",
    }
    file{'ilinux.conf':
        path  => '/etc/nginx/conf.d/ilinux.conf',
        source  => "puppet:///modules/nginx/ilinux.conf",
    }
    service{'nginx':
        ensure  => running,
        enable  => true,
    }
     Package['nginx'] -> File['nginx.conf'] -> File['ilinux.conf'] ~> Service['nginx']
}

vim files/ngin.conf


1
2
3
4
5
6
http {
upstream tcsrvs {
        server node1.ruopu.com;
        server node2.ruopu.com;
    }
}

vim files/ilinux.conf


1
2
3
4
5
6
7
server {
    listen 80;
    server_name www.ilinux.io;
    location / {
        proxy_pass http://tcsrvs;
    }
}
  • 主机清单 cd /etc/puppet/enviroments/development

vim manifests/site.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
node 'tomcat1.ruopu.com' {
    include jdk8
    include tomcat
    include httpd
}
node 'tomcat2.ruopu.com' {
    include jdk8
    include tomcat
    include httpd
}
node 'nginx.ruopu.com' {
    include nginx
}
node 'memcached1.ruopu.com' {
include memcached
}
node 'memcached2.ruopu.com' {
include memcached
}

2、到其他主机

同步时间

hostnamectl set-hostname **.test.com

yum install facter-2.4.6-1.el7.x86_64.rpm puppet-3.8.7-1.el7.noarch.rpm

vim /etc/puppet/puppet.conf


1
2
3
server = puppet.ruopu.com
listen = true
environment = development

vim /etc/puppet/auth.conf


1
2
3
4
path /run
method save
auth any
allow puppet.magedu.com

puppet agent –no-daemonize -v -d

3、puppet主机

puppet cert list

puppet cert sign –all

//签证

本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/96316

发表评论

登录后才能评论

联系我们

400-080-6560

在线咨询:点击这里给我发消息

邮件:1823388528@qq.com

工作时间:周一至周五,9:30-18:30,节假日同时也值班