永中文档在线转换预览双活实现方案
永中文档在线转换预览服务 是永中软件股份有限公司基于十多年核心技术积累、面向移动互联领域推出的 一款文档处理软件。永中采用自主可控核心技术,具备快速技术和服务响应能力,把文档原样输出为 HTML,图片等,即点即得、无需下载、保护文档隐私,快速高效,轻松实现文档在线安全阅读。
实现目标
通过nginx实现业务fcsserver负载均衡,后端可以动态扩展应用服务器nginx通过keepalived实现高可用,解决单点故障通过keepalived实现nginx双活配置,解决nginx主备资源使用率50%问题通过dns轮询解析域名到双活vip,达到负载均衡效果后期nginx达到瓶颈应考虑lvs+keepalived+nginx架构,动态扩展nginx服务器
环境准备
服务器可以连通外网或者有内网yum源服务器,本次实验服务器可连通外网nginx01和nginx02服务器需要在同一网段的网络内保证各服务器之前网络互通保证服务器的防火墙和selinux关闭必须对外提供域名访问,否则只能使用其中一个vip内网部署DNS服务器,模拟DNS轮询解析
1、网络架构
2、实验服务器分布 主机ip操作系统软件端口vipnginx01192.168.56.101Centos7.6nginx keepalived80192.168.56.200nginx02192.168.56.106Centos7.6nginx keepalived80192.168.56.201fcs01192.168.56.101Centos7.6tomcat8080fcs02192.168.56.106Centos7.6tomcat8080共享存储192.168.56.108Centos7.6nfs缓存192.168.56.108Centos7.6redis6379内部DNS192.168.56.108Centos7.6bind533、redis
部署服务器:
192.168.56.108
3.1 配置redis
/etc/redis.conf
# 监听地址bind 0.0.0.0# 认证密码requirepass yozosoft
3.2 启动redis
systemctl enable redis --now && systemctl status redis
4、nfs 4.1 配置nfs
192.168.56.108(服务端)
# 创建存储目录mkdir -p /opt/yozo/data# 修改权限chown -R nfsnobody.nfsnobody /opt/yozo/data# 修改配置文件vim /etc/exports/opt/yozo/data 192.168.56.0/24(rw,sync,all_squash)
192.168.56.101/192.168.56.106(客户端)
# 创建挂载点mkdir -p /opt/yozo/data# 挂载nfs共享目录mount -t nfs 192.168.56.108:/opt/yozo/data /opt/yozo/data
4.2 启动nfs
systemctl enable rpcbind nfs --now && systemctl status rpcbind nfs
5、fcsserver
部署服务器:
192.168.56.101(fcsserver01)
192.168.56.106(fcsserver02)
5.1 部署fcs
以tomcat为中间件,本次实验fcs安装目录/opt/yozo/fcsserver/webapps/fcsserver,/opt/yozo/fcsserver为解压后的tomcat
部署项目包
mkdir opt/yozo/fcsserver/webapps/fcsserver -punzip fcscloud.war -d opt/yozo/fcsserver/webapps/fcsserver
修改fcsserver配置文件
# /opt/yozo/fcsserver/webapps/fcsserver/WEB-INF/classes/config.propertiesinputDir=/opt/yozo/data/fcsdata/input# 必须指定挂载共享存储目录的outputDir=/opt/yozo/data/fcsdata/output# 如果不提供域名,就只能配置其中一个vip;如果配置为域名,则缓存后,通过vip和fcsserver的ip将不能访问转换的缓存文件viewDomain=http://www.fcsserver.com/fcsserver/
# /opt/yozo/fcsserver/webapps/fcsserver/WEB-INF/classes/application.ymlcache: #采用哪种缓存数据方式 type: redis #local,redis,mysql(local模式只适用于单机,集群部署不支持) redis: enable: true #redis开关(预览设置权限时需要使用redis,并发和异步waitting机制使用redis,必开) redis: database: 1 # Redis数据库索引(默认为0) timeout: 10000 #设置客户端超时时间,单位是毫秒,默认为2000 password: yozosoft #密码 #单机版 host: 192.168.56.108 port: 6379
# /opt/yozo/fcsserver/webapps/fcsserver/WEB-INF/classes/<property name="LOG_HOME">../logs</property>
5.2 配置fcs系统服务
配置fcsserver.service
# cat /usr/lib/systemd/system/fcsserver.service[Unit]Description=fcsserver Service.After=network.target[Service]Type=forkingEnvironment="PATH=/opt/yozo/jdk-8u251-amd64/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin"WorkingDirectory=/opt/yozo/fcsserver/binExecStart=/opt/yozo/fcsserver/bin/startup.shRestart=alwaysPrivateTmp=true# 可以指定相关用户启动fcsserver# User=yozo# Group=yozoLimitNOFILE=65536[Install]WantedBy=multi-user.target
如果以普通用户启动,需要将tomcat目录属主属组设置成相应账户
# 此次实验以yozo用户启动chown -R yozo. /opt/yozo/fcsserver
5.3 启动fcs
systemctl enable fcsserver --now && systemctl status fcsserver
6、nginx
部署服务器:
192.168.56.101(nginx01)
192.168.56.106(nginx02)
6.1 配置nginx
/etc/nginx/conf.d/fcsserver.conf配置
server { .... location ~ /fcsserver { add_header Cache-Control private,no-store,max-age=0,no-cache,must-revalidate,post-check=0,pre-check=0; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded_Proto "http"; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_request_buffering off; proxy_read_timeout 7200; proxy_send_timeout 7200; proxy_pass http://fcsserver; } ....}upstream fcsserver { server 192.168.56.101:8080 fail_timeout=60s; server 192.168.56.106:8080 fail_timeout=60s; keepalive 256;}
6.2 启动nginx
systemctl enable nginx --now && systemctl status nginx
7、keepalived
部署服务器:
192.168.56.101(nginx01)
192.168.56.106(nginx02)
7.1 配置keepalived 7.1.1 nginx01配置
/etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs { router_id proxy1}vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 3 rise 2}vrrp_instance VI_1 { state MASTER interface enp0s3 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.200 } track_script { chk_nginx }}vrrp_instance VI_2 { state BACKUP interface enp0s3 virtual_router_id 52 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.201 } track_script { chk_nginx }}
7.1.2 nginx02配置
# 备份keepalived.confmv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.confbak
/etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs { router_id proxy2}vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 3 rise 2}vrrp_instance VI_1 { state BACKUP interface enp0s8 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.200 } track_script { chk_nginx }}vrrp_instance VI_2 { state MASTER interface enp0s8 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.56.201 } track_script { chk_nginx }}
双机/etc/keepalived/check_nginx.sh
#!/bin/bash#时间变量,用于记录日志d=`date --date today +%Y%m%d_%H:%M:%S`#计算nginx进程数量n=`ps -C nginx --no-heading|wc -l`#如果进程为0,则启动nginx,并且再次检测nginx进程数量,#如果还为0,说明nginx无法启动,此时需要关闭keepalivedif [ $n -eq "0" ]; then /etc/init.d/nginx start n2=`ps -C nginx --no-heading|wc -l` if [ $n2 -eq "0" ]; then echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log systemctl stop keepalived fifi
7.2 启动keepalived
systemctl enable keepalived --now && systemctl status keepalived
nginx01
nginx02
7.3 模拟故障 7.3.1 nginx01手动关闭nginx
nginx故障后,keepalived会自动启动nginx
7.3.2 nginx01手动关闭keepalived
nginx01的vip将会绑定到nginx02上面,nginx02将会出现2个vip,2个vip均可以访问fcsserver
8、DNS服务器部署
用于模拟公网DNS轮询解析,实际使用中是在域名提供商处配置指向映射外网ip
8.1 配置dns
/etc/named.conf
zone "fcsserver.com" IN { type master; file "fcsserver.com.zone";};zone "56.168.192.in-addr.arpa" IN { type master; file "192.168.56.zone";};
/var/named/fcsserver.com.zone
$TTL 86400@ IN SOA tom jerry ( ; tom & jerry 这两个参数本应是主机名和邮件地址,这里随便填写,没有问题 42 ; serial (d. adams) 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS ns.fcsserver.com. ; notice : don't forget the dot in the end IN MX 10 mail.fcsserver.com.www IN A 192.168.56.200www IN A 192.168.56.201ns IN A 192.168.56.108mail IN A 192.168.56.108
/var/named/192.168.56.zone
$TTL 86400@ IN SOA ns.fcsserver.com. root ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS ns.fcsserver.com.200 IN PTR www.fcsserver.com.201 IN PTR www.fcsserver.com.108 IN PTR mail.fcsserver.com.108 IN PTR ns.fcsserver.com.
修改权限
chown named. /var/named/ -R
8.2 启动dns服务
systemctl enable named --now && systemctl status named
9、验证
目标:本次实验有2个vip 192.168.56.200 和 192.168.56.201,需要验证www.fcsserver.com分别解析到2个vip上,并确认每个vip后端服务正常可用
9.1 客户端dns配置
测试期间,禁用其他网卡,只留虚拟机网卡
添加DNS
9.2 DNS缓存清理
9.3 域名访问测试
测试之前需要确认此次DNS解析是否指向所需测试的VIP,如果不是请刷新DNS缓存
需要测试www.fcsserver.com --> 192.168.56.200和www.fcsserver.com --> 192.168.56.201
文件转换测试
转换文件访问测试
注:fcsserver的配置文件中viewDomain配置为域名,故转换文件预览连接只能通过www.fcsserver.com可以正常访问,通过vip、nginx ip、fcsserver ip均不可以访问
以上就是永中文档在线转换预览双活基于nginx的实现方案的详细内容!
永中文档在线转换预览基于nginx配置部署方案
- Author -
yozodcs- Original Sources -
声明:登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述。
Tags in this post...
Reply on: @reply_date@
@reply_contents@