PEOPLESOFT项⽬⽣产环境安装配置⼿册-NGINX+KEEPALIVED 本⽂档描述了PS⽣产环境nginx+keepalived全套搭建过程,包括如下产品:
1. Peoplesoft HCM 9.
2.027
2. Nginx:nginx-1.16.0
3. Keepalived:keepalived-2.0.6
节点环境信息:
机序号服务器名称
虚拟机主
机名
CPU核
(虚拟
机)
内存
(虚拟
机)
OS版本
(虚拟机)
IP地址
1PS应⽤服务器
01
EHR-
APP01
1664
Oracle Linux
7.4
10.160.144.59
2PS应⽤服务器
02
EHR-
APP02
1664
Oracle Linux
7.4
10.160.144.60
3Keepalived虚
拟IP
10.160.144.68
1.
全局环境
1.
1.
1.
配置hosts:
vi /etc/hosts
10.160.144.68  hrmspanyname
10.160.144.59  EHR-APP01panyname        EHR-APP01
10.160.144.60  EHR-APP02panyname        EHR-APP02 1.
1.
1. 内核参数
修改linux内核参数:
vi /etc/f
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
* soft stack 65536
* hard stack 65536
vi /etc/security/limits.f
*          soft    nproc    unlimited
vi /f
fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
f.lo.arp_ignore = 1
f.lo.arp_announce = 2
f.all.arp_ignore = 1
f.all.arp_announce = 2
p_max_orphans = 102400
p_max_syn_backlog =  102400
p_timestamps = 0
p_synack_retries = 1
p_syn_retries = 1
/sbin/sysctl –p
1.
1.
1.
临时关闭SELinux:即时⽣效
setenforce 0
关闭SELinux:需重启操作系统⽣效
vim /etc/selinux/config
[root@EHR-APP01 Packages]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#    enforcing - SELinux security policy is enforced.
#    permissive - SELinux prints warnings instead of enforcing.
#    disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#    targeted - Targeted processes are protected,
#    minimum - Modification of targeted policy. Only selected processes are protected.
#    mls - Multi Level Security protection.
SELINUXTYPE=targeted
环境安装
1.
1.
1.
安装依赖包:
yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel patch
1.
1.
1.
1. 获取nginx安装包:
2. 解压安装包:
tar -zxvf nginx-1.6.
3. 获取upstream模块插件:
nginx_upstream_check_module-0.3.
4. 解压插件:
tar -zxvf nginx_upstream_check_module-0.3.
5. 获取sticky模块插件:
nginx-sticky-module-ng-1.2.
6. 解压插件:
tar -zxvf nginx-sticky-module-ng-1.2.
7. 进⼊nginx源码解压后⽬录:
cd /usr/local/src/nginx-1.6.2
8. 编译nginx:
./configure --prefix=/usr/local/nginx --with-pcre --with-http_stub_status_module --with-http_ssl_module  --with-
http_gzip_static_module --with-http_realip_module  --add-module=/usr/local/src/nginx_upstream_check_module-0.3.0 --
add-module=/usr/local/src/nginx-sticky-module-ng-1.2.5
9. 编译安装:
make && make install
10. 添加组和⽤户
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
1.
1.
1.
启动:/usr/local/nginx/sbin/nginx
停⽌:/usr/local/nginx/sbin/nginx -s stop
重启:/usr/local/nginx/sbin/nginx -s reload
⽇志⽂件⽬录:/usr/local/nginx/logs
注:需关闭服务器防⽕墙:
systemctl stop firewalld.service
1.
1.
1. 参数调整
#user  nobody;
user www www;
worker_processes  8;
error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
pid        logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
http {
include      pes;
default_type  application/octet-stream;
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log  logs/access.log  main;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile        on;
tcp_nopush    on;nginx 配置文件
keepalive_timeout  65;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#\u4e0b\u9762\u662fserver\u865a\u62df\u4e3b\u673a\u7684\u914d\u7f6e
upstream hrmspanyname {
#    ip_hash;
sticky;
server 10.160.144.59:8000;
server 10.160.144.60:8000;
}
server {
listen      80;
server_name  localhost;
location / {
}
}
}
环境安装
1.
1.
1.
yum install libnl libnl-devel libnfnetlink-devel
1.
1.
1.
1. 获取安装包:
2. 解压安装包:
tar -zxvf keepalived-2.0.
3. 编译:
./configure --prefix=/usr/local/keepalived
4. 安装:
make && make install
1.
1.
1.
1. 将keepalived 安装成 Linux 系统服务:
a. 创建⽂件夹:mkdir /etc/keepalived
b. 拷贝配置⽂件:cp /usr/local/keepalived/etc/f /etc/keepalived/
c. 拷贝命令⽂件:
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/sbin/keepalived /usr/sbin/
2.修改keepalived配置⽂件:

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。