git常用命令及wab环境准备

git常用命令及wab环境准备


git常用命令

一、创建用户和组及项目

1:创建一个用户


2:查看此用户是否创建成功,并设置密码


3:使用新为开发创建的账号登陆测试

4:给开发的账号设置密码,也可以管理员不设置密码,直接测试登陆,然后开发账号预留的邮箱会接收到初始化设置密码的连接,可以点击链接设置新的密码

5:使用root用户关闭首页注册功能



6:验证页面是否还有无注册功能

7:创建组:

  • 使用管理员root创建组,一个组里面可以有多个项目分支,可以将开发添加到组里面进行设置权限,不同的组就是公司不同的开发项目或者服务模块,不同的组添加不同的开发即可实现对开发设置权限的管理。

8:创建项目


9:用户可以有权限查看到的项目(root用户可以查看到所有组中的项目)

10:将此组授权给开发部门的老大,去维护此项目

  • 授权可以对组授权,可以对项目授权

11:授权完普通用户权限后使用普通用户登陆(这里为了演示授予属主属组权限)

  • 将相当于此项目交给开发部门维护

12:在此项目中添加一个README

README已经添加


二、如何从github上克隆项目

1:在github上查找项目的链接(下载时支持的协议 : ssh/http)

  • ssh:克隆下载是使用密钥认证的
  • http:是使用帐户名密码认证的

2:使用客户端命令克隆下载

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
解释

安装客户端命令

~]# yum install git -y

下载克隆此项目

~]# git clone 项目链接

修改完项目上传

clone下来的项目的目录下,先添加到本地的暂停区

项目目录]# git add 添加的文件/目录/.代表当前目录下的所有的文件

上传到github

项目目录]# git commit -m "自定义标签"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
演示执行命令

root@jenkins:/source# git clone http://192.168.8.3/test-service/test-project.git
Cloning into 'test-project'...
Username for 'http://192.168.8.3': jack
Password for 'http://jack@192.168.8.3':
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
root@jenkins:/source# cat test-project/index.html
<h1>11111111111</h1>

编辑文件并测试提交:

root@jenkins:/source# cd 项目目录/
root@jenkins:/source/项目目录# git config --global user.name "jack"
root@jenkins:/source/项目目录# git config --global user.email 2973707860@qq.com
root@jenkins:/source/项目目录# vim index.html
root@jenkins:/source/项目目录# cat index.html
<h1>11111111111</h1>
<h1>22222222222</h1>

root@jenkins:/source/项目目录# git add index.html
root@jenkins:/source/项目目录# git commit -m "v1"

3:上传

4:github验证数据


三、将gitlab上创建的项目下载到本地

1:使用git命令下载(http协议)

1
2
3
4
5
6
7
8
9
10
11
下载克隆此项目

~]# cd /data/
data]# git clone http://172.18.135.1/group1/project1.git
Cloning into 'project1'...
Username for 'http://172.18.135.1': daizhe
Password for 'http://daizhe@172.18.135.1':
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.

2:查看下载下来的项目

1
2
3
4
5
6
7
8
9
10
下载下来的目录是以项目名称命名的

data]# ls
project1
data]# cd project1/
project1]# ls
README.md
project1]# cat README.md
# 一级标题
## 二级标题

3:修改项目内容并上传

1
2
3
4
5
6
修改项目内容

project1]# vim README.md
# 一级标题
## 二级标题
### 三级标题

4:上传至Gitlab

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
先添加到本地的暂停区

project1]# git add README.md

上传至Gitlab

project1]# git commit -m "v1"
[master dd12ca1] v1
Committer: root <root@centos7.com>
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly:

git config --global user.name "Your Name"
git config --global user.email you@example.com

After doing this, you may fix the identity used for this commit with:

git commit --amend --reset-author

1 file changed, 2 insertions(+), 1 deletion(-)

project1]# git push
warning: push.default is unset; its implicit value is changing in
Git 2.0 from 'matching' to 'simple'. To squelch this message
and maintain the current behavior after the default changes, use:

git config --global push.default matching

To squelch this message and adopt the new behavior now, use:

git config --global push.default simple

See 'git help config' and search for 'push.default' for further information.
(the 'simple' mode was introduced in Git 1.7.11. Use the similar mode
'current' instead of 'simple' if you sometimes use older versions of Git)

Username for 'http://172.18.135.1': daizhe
Password for 'http://daizhe@172.18.135.1':
Counting objects: 5, done.
Writing objects: 100% (3/3), 256 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To http://172.18.135.1/group1/project1.git
a259ec8..dd12ca1 master -> master

4:Gitlab服务端进行验证是否已经上传成功

5:在命令行本地添加一个测试页面

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
编写测试页面

project1]# vim index.html

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>你好代哲</title>
</head>
<body>
<h1>测试页面 v1</h1>
<h1></h1>
</html>

上传至gitlab

project1]# git add .
project1]# git commit -m "v1"
project1]# git push

6:在gitlab 页面验证是否已经上传

四、gitlab 分支操作

  • 分支:命名空间上的一个隔离
    • 默认情况下全是对master上的操作

1:项目中创建一个新的分支(此分支适用于开发上传的代码先在测试环境测试,测试完成无误后在合并到master分支)

2:验证测试的develop分支是否创建成功

3:客户端继续编写测试的项目,并上传到develop分支上

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
克隆一下gitlab上的develop分支
-b选项指定分支,如果不指定,默认的情况下为master分支

data]# git clone -b develop http://172.18.135.1/group1/project1.git
Cloning into 'project1'...
Username for 'http://172.18.135.1': daizhe
Password for 'http://daizhe@172.18.135.1':
remote: Enumerating objects: 11, done.
remote: Counting objects: 100% (11/11), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 11 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (11/11), done.

编辑新的测试版本

data]# ls
project1
project1]# ls
index.html
project1]# vim index.html

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>你好代哲</title>
</head>
<body>
<h1>测试页面 v1</h1>
<h1>测试页面 v2</h1>
</html>

上传到gitlab的develop测试分支

project1]# git add .
project1]# git commit -m "v2"
project1]# git push

4:gitlab查看develop测试分支是否成功上传新的测试页面

五、git常用命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
git config --global user.name “name“ #设置全局用户名 
git config --global user.email xxx@xx.com #设置全局邮箱
git config --global –list #列出用户全局设置
git add index.html / . #添加指定文件、目录或当前目录下所有数据到暂存区
git commit -m “11“ #提交文件到工作区
git status #查看工作区的状态
git push #提交代码到服务器
git pull #获取代码到本地
git log #查看操作日志
vim .gitignore #定义忽略文件
git reset --hard HEAD^^ #git版本回滚, HEAD为当前版本,加一个^为上一个,^^为上上一个版本
git reflog # #获取每次提交的ID,可以使用--hard根据提交的ID进行版本回退
git reset --hard 5ae4b06 #回退到指定id的版本
# git branch #查看当前所处的分支
#git checkout -b develop #创建并切换到一个新分支
#git checkout develop #切换分支

1:设置全局的用户名和邮箱地址

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
在克隆的项目下有一个隐藏的文件

project1]# pwd
/data/project1
project1]# ls -a
.git #保存的配置信息
project1]# vim .git/config #这也是在git push时不用指定gitlab服务器的地址直接给上传到gitlab上的原因
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = http://172.18.135.1/group1/project1.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "develop"]
remote = origin
merge = refs/heads/develop

设置全局的用户和邮箱(指定以下命令需要在项目目录下)

project1]# git config --global user.name "daizhe"
project1]# git config --global user.email "1284808408@qq.com"
project1]# git config --global --list
user.name=daizhe
user.email=1284808408@qq.com

2:查看当前工作目录的状态信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
project1]# git status
# On branch develop
nothing to commit, working directory clean

project1]# vim index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>你好代哲</title>
</head>
<body>
<h1>测试页面 v1</h1>
<h1>测试页面 v2</h1>
<h1>测试页面 v3</h1>
</html>

project1]# git add index.html
project1]# git status
# On branch develop
# Changes to be committed:
# (use "git reset HEAD <file>..." to unstage)
#
# modified: index.html
#

3:获取代码到本地

1
2
3
4
project1]# git pull
Username for 'http://172.18.135.1': daizhe
Password for 'http://daizhe@172.18.135.1':
Already up-to-date. #显示当前代码为最新的

4:查看操作历史记录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
project1]# git log
commit 67c23338f9305ff655d6820b1f011e84727d9663
Author: root <root@centos7.com>
Date: Tue Mar 12 13:37:11 2019 +0800

v2

commit b348f8abf5f7870ac25cd9072e1bfd5359fb21b5
Author: daizhe <1284808408@qq.com>
Date: Tue Mar 12 13:23:00 2019 +0800 #操作的时间

Delete README.md #操作的文件

commit 8a388405bd4f517eac2d6144466aef897f2de30d
Author: root <root@centos7.com>
Date: Tue Mar 12 13:20:45 2019 +0800

5:版本回滚

比如说现在的代码版本已经到了v3了

从v3回滚到v2版本(HEAD^ :代表当前版本的前上一个版本、HEAD^^ : 回滚到当前版本的前两个版本)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
回滚到上一个版本

project1]# git reset --hard HEAD^
HEAD is now at 67c2333 v2

验证本地客户端是否已经混滚到上一个版本

project1]# vim index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>你好代哲</title>
</head>
<body>
<h1>测试页面 v1</h1>
<h1>测试页面 v2</h1>
</html>

6:可以回滚到gitlab指定的版本号

什么是版本号

根据指定的版本号克隆回滚

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
project1]# git reset --hard 7aeb57e677633c4e7b80058c1acd525637633f52
HEAD is now at 7aeb57e v3

project1]# vim index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>你好代哲</title>
</head>
<body>
<h1>测试页面 v1</h1>
<h1>测试页面 v2</h1>
<h1>测试页面 v3</h1>
</html>

7:分支相关的操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
查看当前所处的分支

project1]# git branch
* develop

切换到项目的master分支

project1]# git checkout master
Branch master set up to track remote branch master from origin.
Switched to a new branch 'master'
project1]# git branch
develop
* master #切换到master就可以将客户端本地的代码上传到master分支上了(前提是在测试端已经测试通过的代码)

创建新的分支并切换到此分支

project1]# git checkout -b develop #创建并切换到一个新分支

Web环境准备

一、安装两台tomcat作为后端的web服务器

1:二进制安装java 8环境(JDK)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
两台tomcat的jdk的安装步骤相同

标准化目录规划
web应用路劲/apps #运行身份为tomcat,运行java不可使用root用户运行


~]# ls
dk-8u192-linux-x64.tar.gz

创建应用放置路径

~]# mkdir /apps
~]# mv jdk-8u192-linux-x64.tar.gz /apps

创建运行tomcat的用户

~]# useradd tomcat -u 2001
~]# passwd tomcat #设置密码 (强制删除用户命令 userdel -rf user)

解压jdk

~]# cd /apps/
apps]# tar xvf jdk-8u192-linux-x64.tar.gz

设置环境变量

apps]# vim /etc/profile
最后面添加
export HISTTIMEFORMAT="%F %T `whoami` "
export export LANG="en_US.utf-8"
export JAVA_HOME=/apps/jdk
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin

apps]# source /etc/profile

为了方便升级JDK制作软连接

apps]# ln -sv /apps/jdk1.8.0_192/ /apps/jdk

验证是否已经安装java环境

apps]# java -version
java version "1.8.0_192"
Java(TM) SE Runtime Environment (build 1.8.0_192-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.192-b12, mixed mode)

2:二进制安装tomcat(版本为8.5.37)

版本下载站点:http://mirrors.shu.edu.cn/apache/tomcat/

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
两台tomcat的安装步骤相同

上传

apps]# pwd
/apps
apps]# ls
apache-tomcat-8.5.37.tar.gz

解压

apps]# tar xvf apache-tomcat-8.5.37.tar.gz

制作软链接

apps]# ln -sv /apps/apache-tomcat-8.5.37/ /apps/tomcat

手动测试启动tomcat

1
~]# /apps/tomcat/bin/catalina.sh start

tomcatA

tomcatB

二、tomcat各服务器上创建数据目录

  • 代码路径标准化
    • /data/tomcat_webdir : 存放解压完后的应用程序
    • /data/tomcat_appdir : 存放远程服务器发来的打包文件

1:创建数据目录及项目目录、测试文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
创建数据目录

~]# mkdir -pv /data/tomcat_webdir /data/tomcat_appdir

编辑tomcatA和tomcatB各主机的配置文件

修改tomcat服务器的应用路径:/data/tomcat_webdir
打算在/data/tomcat_webdir放置项目名称
禁用自动解压、自动部署(unpackWARs="true" autoDeploy="true">)

~]# vim /apps/tomcat/conf/server.xml
148 <Host name="localhost" :appBase="/data/tomcat_webdir"
149 unpackWARs="false" autoDeploy="false">


创建项目目录及项目文件

~]# mkdir /data/tomcat_webdir/myapp

TomcatA 的测试项目文件

~]# vim /data/tomcat_webdir/myapp/index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Tomcat A</title>
</head>
<body>
<h1>Tomcat A v1</h1>
<h1></h1>
</html>

TomcatB 的测试项目文件

~]# vim /data/tomcat_webdir/myapp/index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Tomcat B</title>
</head>
<body>
<h1>Tomcat B v1</h1>
<h1></h1>
</html>

2:先以root用户测试启动

1
2
3
4
两台tomcat A/B 都要启动测试

~]# /apps/tomcat/bin/catalina.sh stop
~]# /apps/tomcat/bin/catalina.sh start

3:web界面访问测试


4:tomcatA/B 各tomcat服务器 ,停掉tomcat修改为以普通用户启动tomcat

1
2
3
4
5
6
7
停掉tomcat

~]# /apps/tomcat/bin/catalina.sh stop

修改权限

~]# chown tomcat.tomcat /data/ /apps/ -R

使用脚本启动tomcat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
~]# cat /etc/init.d/tomcat 
#!/bin/bash:
# #########################################################
# Tomcat init script for "代哲编写"####
###########################################################
# chkconfig: 2345 96 14 ###################################
# description: 2018/11/1. 代哲##########################
# #########################################################

JDK_HOME=/apps/jdk
CATALINA_HOME=/apps/tomcat
export JDK_HOME CATALINA_HOME
source /etc/profile
#PID=`ps -ef | grep -v grep | grep java | awk '{print $2}'`
#NUM=`ps -ef | grep -v grep | grep java | awk '{print $2}' | wc -l`

#case $1 in
start() {
echo "正在判断服务状态,请稍等!"
echo "请稍等3秒钟"
echo "3";sleep 1;echo "2";sleep 1;echo "1";sleep 1
if netstat -an | grep 8080 | grep LISTEN >/dev/null
then
echo "Tomcat已经正在运行了!"
else
echo "Tomcat没有运行,1秒后启动!"
echo 1;sleep 1
$CATALINA_HOME/bin/catalina.sh start
echo "Tomcat 已经成功启动完成,5秒后判断是否启动成功"
echo "5";sleep 1;echo "4";sleep 1
echo "3";sleep 1;echo "2";sleep 1;echo "1";sleep 1
if netstat -an | grep 8080 | grep LISTEN >/dev/null
then
PID=`ps -ef | grep tomcat | grep jdk | awk '{print $2}'`
NUM=`ps -ef | grep tomcat | grep jdk | awk '{print $2}' | wc -l`
echo "Tomcat 已经成功启动${NUM} 个Tomcat进程!,PID为${PID}"
else
echo "Tomcat启动失败,请重新启动!"
echo 1
fi
fi
}
stop() {
PID=`ps -ef | grep -v grep | grep java | awk '{print $2}'`
NUM=`ps -ef | grep -v "color" | grep tomcat | awk '{print $2}' | wc -l`
echo "正在判断服务状态,请稍等3秒钟!"
echo "3";sleep 1;echo "2";sleep 1;echo "1";sleep 1
if netstat -an | grep 8080 | grep LISTEN >/dev/null
then
echo "Tomcat运行中,1秒后关闭!"
echo 1;sleep 1
echo "即将关闭Tomcat服务,请稍等!"
$CATALINA_HOME/bin/catalina.sh stop ;echo "已经执行关闭命令,正在检查关闭了多少Tomcat进程,请稍等30秒钟!"
sleep 8
echo "3";sleep 1;echo "2";sleep 1;echo "1";sleep 1
pkill java && pkill tomcat
if netstat -an | grep 8080 | grep LISTEN >/dev/null;then
PID=`ps -ef | grep -v grep | grep java | awk '{print $2}'`
NUM=`ps -ef | grep -v "color" | grep tomcat | awk '{print $2}' | wc -l`
kill -9 $PID ;echo "已成功关闭${NUM} 个tomcat进程"
else
echo "Tomcat 已经关闭完成!"
echo "3";sleep 1;echo "2";sleep 1;echo "1";sleep 1
fi
else
echo "Tomcat 没有运行"
echo 1
fi
if netstat -an | grep 8080 | grep LISTEN >/dev/null;then
PID=`ps -ef | grep -v grep | grep java | awk '{print $2}'`
#NUM=`ps -ef | grep -v "color" | grep tomcat | awk '{print $2}' | wc -l`
echo "关闭失败,即将强制删除tomcat进程!"
sleep 2
pkill tomcat ;sleep 2
if netstat -an | grep 8080 | grep LISTEN >/dev/null;then
echo "强制关闭失败,即将再次强制删除tomcat进程!"
pkill java; sleep 2
fi
fi
}
restart() {
stop
start
}

case "$1" in
start)
start
;;

stop)
stop
;;

restart)
restart
;;

*)
echo $"Usage: $0 {start|stop|restart|status}"
esac

~]# chmod a+x /etc/init.d/tomcat

切换tomcat普通用户启动tomcat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
~]# su - tomcat
~]$ bash /etc/init.d/tomcat start
正在判断服务状态,请稍等!
请稍等3秒钟
3
2
1
Tomcat没有运行,1秒后启动!
1
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /apps/jdk
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
Tomcat 已经成功启动完成,5秒后判断是否启动成功
5
4
3
2
1
Tomcat 已经成功启动2 个Tomcat进程!,PID为3797
3826

LB + HA 负载均衡+高可用 环境部署

一、两台机器安装 haproxy+keepalived

配置keepalived

1:安装haproxy+keepalived 实现负载

1
2
3
使用yum源安装

~]# yum install haproxy keepalived -y

2:两台主机编辑keepalived的配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
其中一台主机上配置172.20.141.88为VIP

~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
1284808408@qq.com
}
notification_email_from root@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
#vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VRRP-V1 {
state MASTER
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 11111111
}
virtual_ipaddress {
172.20.141.88 dev ens37 label ens37:1
}
}


启动keepalived

~]# systemctl start keepalived
~]# systemctl enable keepalived

验证是否配置VIP

~]# ping 172.20.141.80
  • 从:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
  ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
notification_email {
1284808408@qq.com
}
notification_email_from root@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
#vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VRRP-V1 {
state BACKUP
interface ens37
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 11111111
}
virtual_ipaddress {
172.20.141.88 dev ens33 label ens33:1
}
}

启动keepalived

~]# systemctl start keepalived
~]# systemctl enable keepalived

验证是否配置VIP(可以停掉主查看从是否会飘到从节点上)

配置haproxy

  • 两台主机配置相同

1:编辑haproxy的配置文件

1
2
3
4
5
6
7
~]# vim /etc/haproxy/haproxy.cfg 
#门户网站入口
listen myapp
bind 172.20.141.88:80 #VIP
balance roundrobin
server 172.20.101.81 172.20.101.81:8080 check #后端tomcat A
server 172.20.101.221 172.20.101.221:8080 check #后端tomcat B

2:由于要绑定一个虚拟路由冗余协议上的一个虚拟地址,则需要优化内核参数

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
~]# cat sysctl.conf 
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296




# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920


# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1


net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_timestamps = 1 #?
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001 65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2


[root@centos7 ~]# mv sysctl.conf /etc/
mv: overwrite ‘/etc/sysctl.conf’? y
[root@centos7 ~]# cat /etc/sys
sysconfig/ sysctl.d/ system-release
sysctl.conf systemd/ system-release-cpe
[root@centos7 ~]# cat /etc/sysctl.conf
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296




# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920


# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1


net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_timestamps = 1 #?
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001 65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2

将其生效

~]# sysctl -p

3:启动haproxy

1
2
~]# systemctl start haproxy
~]# systemctl enable haproxy

客户段访问–访问调度器上的VIP

一、测试访问

1
2
客户端访问VIP
~]# curl 172.20.141.88:80/myapp
-------------------码字不易尊重原创转载标注不胜感激-------------------
Yes or no?
0%