云主机访问互联网必须绑定公网IP
为解决其他主机不联网安装软件问题,内网yum源
在华为云主页搜索栏查询----centOSyum
两个yum仓库
一个指向huawei_yum
另一个在跳板机(ecs-proxy)上自定义yum源 ansible管理主机
配置跳板机
1,配置yum源
rm -rf /etc/yum.repos.d/*.repo #删除源仓库
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirro rs.myhuaweicloud.com/repo/CentOS-Base- 7.repo #下载仓库
yum clean all #清缓存
yum makecache #更新
yum install -y net-tools lftp rsync psmisc vim-enhance d tree vsftpd bash-completion createrepo lrzsz iproute #下载让软件包
net-tools 命令 ifconfig
lftp 命令
rsync 同步拷贝软件
psmisc 命令 PStree
vim-enhanced vim
bash-completion tab 键
mkdir /var/ftp/localrepo #创建目录
cd /var/ftp/localrepo #进入
createrepo .
createrepo --update . #更新
systemctl enable --now vsftpd #开启ftp服务
2、优化系统服务
[root@ecs-proxy ~]# systemctl stop postfix atd tuned #停止其他服务
[root@ecs-proxy ~]# yum remove -y postfix at audit tuned kexec-tools firewalld-* #删除其他软件包
[root@ecs-proxy ~]# vim /etc/cloud/cloud.cfg #修改配置文件
manage_etc_hosts: localhost 注释掉这一行
[root@ecs-proxy ~]# reboot #重启
3.配置ansible管理主机
将ansible_centos7.tar.gz传到主机
[root@ecs-proxy ~]# ls #查看ansible_centos7.tar.gz
[root@ecs-proxy ~]# tar zxf ansible_centos7.tar.gz #解压
[root@ecs-proxy ~]# yum install -y ansible_centos7/*.rpm #安装
[root@ecs-proxy ~]# ssh-keygen -t rsa -b 2048 -N '' -f /root/.ssh/id_rsa #生成密钥 -t: 加密方式 -b:密码长度 -N:密码 -f:指定路径
[root@ecs-proxy ~]# chmod 0400 /root/.ssh/id_rsa #修改权限
[root@ecs-proxy ~]# ssh-copy-id -i /root/.ssh/id_rsa 192.168.1.120
#将密钥传给模板主机 -i:指定密钥
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.1.120 (192.168.1.120)' can't be established. ECDSA key fingerprint is SHA256:bAN62Ciq2dAM1s7TNsgqe8FdlJhp8ftOgdDfw2HSBXc. ECDSA key fingerprint is MD5:c7:3e:d3:6e:c3:63:ee:89:4a:f2:01:3e:53:9c:1c:9e. Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.1.120's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.1.120'" and check to make sure that only the key(s) you wanted were added.
[root@ecs-proxy ~]# ssh 192.168.1.120 #测试远程管理
Welcome to Huawei Cloud Service
[root@ecs-host ~]# exit
logout Connection to 192.168.1.120 closed.
模板镜像配置
1,配置yum源
[root@ecs-host ~]# rm -rf /etc/yum.repos.d/*.repo #删除之前仓库
[root@ecs-host ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo #下载仓库
[root@ecs-host ~]# vim /etc/yum.repos.d/local.repo #编写本地仓库
[local_repo] #标识
name=CentOS-$releasever – Localrepo #名字
baseurl=ftp://192.168.1.252/localrepo #跳板机IP
enabled=1 #默认=1
gpgcheck=0 #检测
[root@ecs-host ~]# yum clean all #清缓存
[root@ecs-host ~]# yum makecache #更新仓库
[root@ecs-host ~]# yum repolist #查看
[root@ecs-host ~]# yum install -y net-tools lftp rsync psmisc vim-enhanced tree lrzsz bash-completion iproute #下载软件
2、优化系统服务
[root@ecs-host ~]# systemctl stop postfix atd tuned #停止其他服务
[root@ecs-host ~]# yum remove -y postfix at audit tuned kexec-tools firewalld-* #删除其他软件包 [root@ecs-host ~]# vim /etc/cloud/cloud.cfg #修改配置文件
manage_etc_hosts: localhost 注释掉这一行
[root@ecs-host ~]# yum clean all #查看yum
[root@ecs-host ~]# poweroff #关机
关机以后把主机系统盘制作为模板
将真机五阶段所有软件包传到跳板机上 proxy
网站云平台部署
购买三台云主机 软件素材在云盘的 public/web_install 目录下webhome.tar.gz
[root@ecs-proxy ~]# mkdir -p web-site #创建目录
[root@ecs-proxy ~]# cd web-site #进入目录
[root@ecs-proxy web-site]# vim ansible.cfg #编写脚本
[defaults]
inventory = hostlist #主机清单
host_key_checking = False #遇到yes时,直接yes,不需要手动输入
[root@ecs-proxy web-site]# vim hostlist #编写主机清单文件
[web]
192.168.1.[11:13] #11,12,13三台云主机
[root@ecs-proxy web-site]# vim web_install.yaml #编写ansible执行脚本
- - -
- name: web 集群安装
hosts: web tasks:
- name: 安装 apache 服务
yum:
name: httpd,php state:
latest update_cache: yes
- name: 配置 httpd 服务 service:
name: httpd state: started enabled: yes
name: 部署网站网页 unarchive:
src: files/webhome.tar.gz
dest: /var/www/html/ copy: yes
owner: apache group: apache
[root@ecs-proxy web-site]# mkdir files #创建files目录
[root@ecs-proxy web-site]# ls ansible.cfg files hostlist web_install.yaml
[root@ecs-proxy files]# cd files
[root@ecs-proxy files]# pwd #查看当前所在目录
/root/web-site/files
[root@ecs-proxy ~]# ls #查看当前目录下有没有webhome.tar.gz 软件包 ansible_centos7 ansible_centos7.tar.gz webhome.tar.gz web-site webhome.tar.gz
#将public/web_install 目录下的webhome.tar.gz 拷贝到/root/web-site/files目录下
[root@ecs-proxy files]# cd
[root@ecs-proxy ~]# cp -r webhome.tar.gz /root/web-site/files/ #拷贝到/root/web-site/files目录下
[root@ecs-proxy ~]# cd web-site #进到写有ansible执行脚本的目录
[root@ecs-proxy web-site]# ansible-playbook web_install.yaml #执行ansible执行脚本
PLAY [web 集群安装] ***************************
TASK [Gathering Facts] ************************ ok: [192.168.1.13] ok: [192.168.1.11] ok: [192.168.1.12]
TASK [安装 apache 服务] *************************** changed: [192.168.1.13] changed: [192.168.1.12] changed: [192.168.1.11]
TASK [配置 httpd 服务] ************************ changed: [192.168.1.13] changed: [192.168.1.12] changed: [192.168.1.11]
TASK [部署网站网页] ***************************** changed: [192.168.1.13] changed: [192.168.1.11] changed: [192.168.1.12]
PLAY RECAP **************************** 192.168.1.11 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.1.12 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.1.13 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
购买负载均衡
选择共享型负载均衡![](https://i-blog.csdnimg.cn/blog_migrate/4db4273fd92449a1ee178ffa784041c3.jpeg)
解决单一主机访问
listen接收用户请求 前端接收
分摊请求 后端转发
将web三台主机添加到负载均衡中
首先标位异常,然后逐台检测,大约1分钟,正常标记正常
购买公网IP
绑定负载均衡
浏览器访问公网IP测试