Shulou(Shulou.com)06/01 Report--

This article is about how to build a Tomcat7 session synchronization cluster. I think it is very practical, so I share it with you. I hope you can get something after reading this article. Let's take a look at it.

Construction of Tomcat session synchronous Cluster

1. How to maintain a session session

In order to enable web to adapt to large-scale access, it is necessary to implement the cluster deployment of applications. The most effective solution of the cluster is load balancing, and every request of load balancing users may be assigned to a non-fixed server, so we must first solve the unity of session to ensure the normal use of users no matter which server their requests are forwarded to, that is, we need to implement the sharing mechanism of session.

Because I provide web services to two Tomcat servers, there will also be the issue of session sharing. After talking to developers, I learned that the session they applied is generated by JVM, so in order to allow one tomcat server to fail, the other can continue to undertake the service and maintain the original session, that is, users who are logged in on the failed server do not need to log in again.

2. There are three ways to achieve session unification under the cluster system:

1. Request to locate the web server that produces session: sticky session, that is, all the requests of the current user are located in one server, which stores the user's session login information. If the server is down,

Is equivalent to a single point of deployment and is lost and the session is not replicated.

# Note: the above situation applies to the situation where session sharing is done on the web and sticky session is done in the load balancer layer, then accurate positioning and troubleshooting can be achieved.

2. Session replication sharing: session replication, for example, tomcat comes with session sharing, which mainly refers to synchronizing session among multiple application servers in a cluster environment to make session consistent and transparent.

If one of the servers fails, according to the principle of load balancing, the scheduler will traverse to find available nodes and distribute requests. Because the session has been synchronized, it can ensure that the user's session information will not be lost and achieve session replication.

But it must be done between the same kind of middleware (e.g. between tomcat-tomcat).

The performance loss caused by session replication will increase rapidly. Especially when large objects are saved in session, and the objects change rapidly, the performance degradation is more significant, which will consume the system performance. This feature limits the horizontal expansion of web applications.

Session content is synchronized to members through broadcasting, which will cause network traffic bottleneck, even if it is an intranet bottleneck, it does not perform well under large concurrency.

# Note: the above 2 are suitable for cluster requirements with small concurrency

3. Session sharing based on memcache/redis caching

Even if the session information is accessed by cacheDB, the application server accepts the new request to save the session information in the cacheDB. When the application server fails, the scheduler will traverse to find the available node and distribute the request. When the application server finds that the session is not in the local memory, it looks for it in the cacheDB, and if it finds it, it copies it to the local machine, so as to achieve session sharing and high availability.

Second, this article mainly talks about the second cluster mode, which is configured based on the tomcat7 environment. Through the session replication that comes with the tomcat cluster, the session information will be automatically copied to each node.

Involving the environment:

Host operating system IP address main software

Nginx centos7.2 172.16.22.2 nginx-1.10.1

Tomcat01 centos7.2 172.16.22.3 jdk-8u102-linux-x64.tar.gz 、 apache-tomcat-7.0.72.tar.gz

Tomcat02 centos7.2 172.16.22.4 jdk-8u102-linux-x64.tar.gz 、 apache-tomcat-7.0.72.tar.gz

III. Installation of software

1. Install Nginx

a. First of all, you need to install some database openssl-devel, zlib-devel, pcre-devel before installing nginx.

[root@~] # yum install-y openssl-devel, zlib-devel, pcre-devel

Because the program runs as nobody by default, we can create nginx users to run it for easy viewing. We first add nginx groups and users, but do not create a home directory and are not allowed to log in to the system.

[root@~] # groupadd nginx

[root@~] # useradd-M-s / sbin/nologin-g nginx nginx

b. Extract the nginx-1.10.1.tar.gz and compile

[root@~] # tar xf nginx-1.10.1.tar.gz

[root@~] # cd nginx-1.10.1

#. / configure\

-- prefix=/data0/nginx\

-- pid-path=/data0/nginx/logs/nginx.pid\

-- lock-path=/var/lock/nginx.lock\

-- user=nginx\

-- group=nginx\

-- with-http_ssl_module\

-- with-http_flv_module\

-- with-http_stub_status_module\

-- with-http_gzip_static_module\

-- http-client-body-temp-path=/var/tmp/nginx/client/\

-- http-proxy-temp-path=/var/tmp/nginx/proxy/\

-- http-fastcgi-temp-path=/var/tmp/nginx/fcgi/\

-- http-uwsgi-temp-path=/var/tmp/nginx/uwsgi\

-- http-scgi-temp-path=/var/tmp/nginx/scgi\

-- with-pcre

The results are as follows:

Configuration summary

+ using system PCRE library

+ using system OpenSSL library

+ md5: using OpenSSL library

+ sha1: using OpenSSL library

+ using system zlib library

Nginx path prefix: "/ data0/nginx"

Nginx binary file: "/ data0/nginx/sbin/nginx"

Nginx modules path: "/ data0/nginx/modules"

Nginx configuration prefix: "/ data0/nginx/conf"

Nginx configuration file: "/ data0/nginx/conf/nginx.conf"

Nginx pid file: "/ data0/nginx/nginx.pid"

Nginx error log file: "/ data0/nginx/logs/error.log"

Nginx http access log file: "/ data0/nginx/logs/access.log"

Nginx http client request body temporary files: "/ var/tmp/nginx/client/"

Nginx http proxy temporary files: "/ var/tmp/nginx/proxy/"

Nginx http fastcgi temporary files: "/ var/tmp/nginx/fcgi/"

Nginx http uwsgi temporary files: "/ var/tmp/nginx/uwsgi"

Nginx http scgi temporary files: "/ var/tmp/nginx/scgi"

c. After the above configuration, edit and install

[root@~] # make & & make install

[root@~] # mkdir / var/tmp/nginx/client/-pv

After the compilation and installation is complete, the nginx directory will appear under / data0. When you enter this directory, you will find that the directory is very simple.

Its configuration files are stored in the conf directory, web page files are stored in html, and log files are stored in logs

There is only one executable program "nginx" in the sbin directory

d. Enter / data0/nginx/conf and configure nginx.conf

Configure the nginx.conf file

[root@conf] vim nginx.conf

User nginx

# user root

Worker_processes auto

Error_log / data0/nginx/logs/error.log crit

Pid / data0/nginx/logs/nginx.pid

Worker_rlimit_nofile 100000

Events {

Worker_connections 2048

Multi_accept on

Use epoll

}

Http {

Include / data0/nginx/conf/mime.types

Default_type application/octet-stream

Server_tokens off

Sendfile on

Tcp_nopush on

Tcp_nodelay on

Keepalive_timeout 10

Client_header_timeout 10

Client_body_timeout 10

Reset_timedout_connection on

Send_timeout 10

Limit_conn_zone $binary_remote_addr zone=addr:5m

Limit_conn addr 100

Gzip_disable "msie6"

Gzip_proxied any

Gzip_min_length 1000

Gzip_comp_level 6

Gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript

Open_file_cache max=100000 inactive=20s

Open_file_cache_valid 30s

Open_file_cache_min_uses 2

Open_file_cache_errors on

# load balance

Upstream tomcat {

Server 172.16.22.3:8080

Server 172.16.22.4:8080

}

# load balance

Server {

Listen 80

Server_name localhost

Charset utf-8

Location ~ / uploads/.*\. (gif | jpg | jpeg | png | pdf | doc | xls | docx | xlsx | apk | htm | html | mp4 | flv) ${

Expires 24h

Root / data0/nginx/res/home/

Access_log off

Proxy_store on

Proxy_store_access user:rw group:rw all:rw

Proxy_temp_path / data0/nginx/res/home/

Proxy_redirect off

Proxy_set_header Host $host

Proxy_set_header X-Real-IP $remote_addr

Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for

Client_max_body_size 20m

Client_body_buffer_size 1280k

Proxy_connect_timeout 900

Proxy_send_timeout 900

Proxy_read_timeout 900

Proxy_buffer_size 40k

Proxy_buffers 40 320k

Proxy_busy_buffers_size 640k

Proxy_temp_file_write_size 640k

If (!-e $request_filename)

{

Proxy_pass http://127.0.0.1:80;

}

}

Location / {

Client_max_body_size 20m

Proxy_pass http://localhost:8080/;

Proxy_set_header Host $host

Proxy_set_header X-Real-IP $remote_addr

Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for

# allow 113.28.26.107

# deny all

}

Error_page 500 502 503 504 / 50x.html

Location = / 50x.html {

Root html

}

e. Check whether the configuration document is accurate

[root@~] # / data0/nginx/sbin/nginx-t

Nginx: the configuration file / data0/work/nginx/conf/nginx.conf syntax is ok

Nginx: configuration file / data0/work/nginx/conf/nginx.conf test is successful

# Note: if there is a problem, you can solve it through the prompt.

f. Start the nginx service

[root@~] # / data0/nginx/sbin/nginx

g. However, it is necessary to turn off fire prevention or add ports to firewall rules.

Because iptables is no longer used as a fire shield after CentOS 7, firewall is used directly.

[root@~] # systemctl stop firewalld.service & & systemctl disable firewalld.service

Or

[root@~] # firewall-cmd-permanet-add-port=80/tcp

[root@~] # firewall-cmd-- reload

h. Open a browser to access http://172.16.22.2 or use [root@~] curl http://localhost:80 locally. If you can open the nginx default web page and the word Welcome to nginx appears, the nginx installation is successful.

two。 Install and configure java and tomcat

a. Java needs to be installed before tomcat can be installed

Solve the problem and enter it into the safety package.

[root@~] # tar-zxvf jdk-8u101-linux-x64.tar.gz

[root@~] # mkdir / usr/local/java

[root@~] mv jdk1.8.0_101/ / usr/local/java/

b. Allocation of environmental capacity

[root@~] # vim / etc/profile

Add the following information to the last line

# java

Export JAVA_HOME=/usr/local/java/jdk1.8.0_101

Export JRE_HOME=/usr/local/java/jdk1.8.0_101/jre

Export CLASSPATH=.:$JRE_HOME/lib/dt.jar:$JRE_HOME/lib/tools.jar

Export PATH=$JRE_HOME/bin:$JRE_HOME/bin:$PATH

c. Let the configuration take effect to view the version

[root@~] # source / etc/profile

[root@~] # java-version

Java version "1.8.0mm 101"

Java (TM) SE Runtime Environment (build 1.8.0_101-b13)

Java HotSpot (TM) 64-Bit Server VM (build 25.101-b13, mixed mode)

d. First of all, tomcat is an installation-free package that can be solved directly. Check the tomcat version and JVM configuration environment information.

[root@~] # tar-xf apache-tomcat-7.0.72.tar.gz

[root@~] # sh / data0/tomcat01/bin/version.sh

Using CATALINA_BASE: / data0/tomcat01

Using CATALINA_HOME: / data0/tomcat01

Using CATALINA_TMPDIR: / data0/tomcat01/temp

Using JRE_HOME: / usr/local/java/jdk1.8.0_101/jre

Using CLASSPATH: / data0/tomcat01/bin/bootstrap.jar:/data0/tomcat01/bin/tomcat-juli.jar

Server version: Apache Tomcat/7.0.72

Server built: Sep 14 2016 12:12:26 UTC

Server number: 7.0.72.0

OS Name: Linux

OS Version: 3.10.0-327.el7.x86_64

Architecture: amd64

JVM Version: 1.8.0_101-b13

JVM Vendor: Oracle Corporation

e. Start the tomcat service

[root@~] # sh / data0/tomcat01/bin/startup.sh

f. Check whether tomcat port 8080 8009 8005 is open and whether the service is normal.

[root@~] # netstat-nltp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

Tcp 00 0.0.0.0 8009 0.0.0.015 * LISTEN 9844/java

Tcp 0 0 0.0.0.0 8080 0.0.0.015 * LISTEN 9844/java

Tcp 0 0 0.0.0 0 master 80 0.0.0 0. 0. 0 master

Tcp 00 127.0.0.1 8005 0.0.0.0 * LISTEN 9844/java

3. Present the preparation for accessing the test session page

After the above steps are completed, modify the tomcat configuration file

a. Note: set the default host and add jvmRoute

[root@~] # vim / data0/tomcat01/conf/server.xml

Find line 102

one hundred and two

Add the following below to change the jvmRoute to Tomcat01

Such as:

The purpose is to know which tomcat server undertakes the service when accessing the page using the load balancing layer

# Note: tomcat02 does the same thing, but jvmRoute is different. Just replace Tomcat01 with Tomcat02.

b. Add test files in the release documents directory

[root@~] # vim / data0/tomcat01/webapps/ROOT/jsp/index.jsp

Tomcat01

Session serviced by tomcat

Session ID

Created on

# Note: in addition, the configuration of the Tomcat02 node is basically similar to that of the tomcat01 node, and in order to distinguish which node provides access, the title of the test page is also different. All other configurations are the same.

c. Restart the tomcat service and test the access to index.jsp

Visit the Tomcat01 test page

Visit the Tomcat02 test page

You can see that the session ID presented on the page in the visit result is different. At this point, it can be said that the preparation work is basically completed. Let's configure the load balance of tomcat and achieve session persistence through session replication.

4. Configure the tomcat cluster environment:

Configure the session sharing cluster to do the following in tomcat01 and tomcat02, respectively

a. Configure the server.xml file

[root@~] # vim / data0/tomcat01/conf/server.xml

Find about 110 lines

one hundred and ten

Add the following below:

# the above content of adding a cluster comes from the official website configuration document, please refer to: http://tomcat.apache.org/tomcat-7.0-doc/cluster-howto.html

b. Configure the web.xml file under the application code directory

Modify the web.xml file of the application and add tags, which is the key for tomcat cluster to achieve session replication. If it is not added, Tomcat cluster can not be realized. The settings are simple as follows:

[root@~] # vim / data0/tomcat01/webapps/ROOT/WEB-INF/web.xml

Index.shtml

Index.jspx

-- added

# Note: just add it before.

c. After both Tomcat have modified the configuration document according to the above steps, we restart the next two Tomcat servers and access the jsp test page through the browser

Let's restart the Tomcat services of the next two Tomcat servers

Tomcat02 restarts the Tomcat service

[root@~] # sh / data0/tomcat02/bin/shutdown.sh

[root@~] # sh / data0/tomcat02/bin/startup.sh

Then restart the Tomcat service for tomcat01

[root@~] # sh / data0/tomcat01/bin/shutdown.sh

[root@~] # sh / data0/tomcat01/bin/startup.sh

Check the catalina.out log on the machine that starts first.

[root@tomcat02] # tail-f / data0/work/tomcat02/logs/catalina.out

May 11, 2017 11:46:29 AM org.apache.catalina.ha.tcp.SimpleTcpCluster memberAdded

INFO: Replication member added:org.apache.catalina.tribes.membership.MemberImpl [tcp:// {172,16,22,3}: 4000, {172,16,22,3}, 4000, alive=1011, securePort=-1, UDP Port=-1, id= {- 66 109 3 57 13 98 70 60-86 23-103 16 91-52-91-49}, payload= {}, command= {}, domain= {},]

From the SimpleTcpCluster memberAdded above, tomcat01 and tomcat02 have become members of the cluster.

Then visit the test page of the load balancing layer

Refresh, and then look at the test page

As you can see from the figure, no matter how you refresh the SessionID, it will not change, only the hosting server is changing, which shows that the DeltaManager cluster configuration of our Tomcat has been completed and session sharing has been realized.

The above is how to build a Tomcat7 session synchronization cluster, and the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.