nginx做负载均衡服务器,配置动静分离
- 题目与要求
- 后端RS服务器⼀台部署LNMP(nginx1.22+mysql8.0+php8.1),⼀台部署lamp。
- 要求nginx和php使⽤编译安装
- 最后要通过访问nginx负载均衡服务器的IP看到动静分离的效果。
- ⽂档中需要有每⼀步的详细截图,图中关键点需有描述。
环境说明:
系统平台 | IP | 需要安装的服务 |
---|---|---|
centos8 | 192.168.188.128 | nginx |
centos8 | 192.168.188.129 | nginx1.22+mysql8.0+php8.1 |
centos8 | 192.168.188.137 | lamp |
RS1端部署
#部署LNMP
#关闭selinux和防火墙
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS1 ~]# systemctl disable --now firewalld.service
[root@RS1 ~]# setenforce 0
setenforce: SELinux is disabled
[root@RS1 ~]# getenforce
Disabled
#配置yum源
[root@php ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
[root@php ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
#源码安装nginx
#创建用户
[root@nginx ~]# useradd -rMs /sbin/nologin nginx
#安装所需要的依赖包
[root@nginx ~]# dnf -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make wget vim
#下载nginx源码包,并解压
[root@RS1 ~]# wget http://nginx.org/download/nginx-1.22.0.tar.gz
[root@RS1 ~]# tar -xf nginx-1.22.0.tar.gz
[root@RS1 ~]# cd nginx-1.22.0/
[root@RS1 nginx-1.22.0]#
#开始配置
[root@nginx nginx-1.22.0]# ./configure \
> --prefix=/usr/local/nginx \ //指定安装路径
> --user=nginx \ //指定用户和组
> --group=nginx \
> --with-debug \ //开启debug功能
> --with-http_ssl_module \ //开启各类模块
> --with-http_realip_module \
> --with-http_image_filter_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module
#开启编译安装
[root@nginx nginx-1.22.0]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
#安装完成
[root@nginx nginx-1.22.0]# cd /usr/local/nginx/
[root@nginx nginx]# ls
conf html logs sbin
#配置环境变量
[root@nginx ~]# echo "export PATH=$PATH:/usr/local/nginx/sbin" > /etc/profile.d/nginx.sh
[root@nginx ~]# source /etc/profile.d/nginx.sh
#启动服务
[root@nginx ~]# nginx
#关闭服务,编写service文件,并设置服务开机自启
[root@nginx ~]# nginx -s stop
[root@nginx ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[root@nginx ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
[Unit]
Description=nginx server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecStop=/usr/local/nginx/sbin/nginx -s stop
ExecReload=/bin/kill -HUP \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@nginx ~]# systemctl daemon-reload
[root@nginx ~]# systemctl enable --now nginx.service
#部署mysql
[root@RS1 ~]# dnf -y install mysql*
[root@RS1 ~]# systemctl start mysqld.service
[root@RS1 ~]# mysql
mysql> ALTER user 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY '123';
Query OK, 0 rows affected (0.00 sec)
[root@RS1 ~]# mysql -uroot -p123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
#源码安装php
#安装依赖包
[root@php ~]# dnf -y install epel-release
[root@php ~]# dnf -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd libsqlite3x-devel libzip-devel wget gcc gcc-c++ make
[root@php ~]# dnf -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
#下载php源码包,并解压
[root@php ~]# wget https://www.php.net/distributions/php-8.1.11.tar.gz
[root@php ~]# tar -xf php-8.1.11.tar.gz -C /usr/local/src/
[root@php ~]# cd /usr/local/src/php-8.1.11/
[root@php php-8.1.11]#
#编译安装php
[root@php php-8.1.11]# ./configure --prefix=/usr/local/php \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--with-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix
#开始安装
[root@php php-8.1.11]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
[root@php php-8.1.11]# cd /usr/local/php/
[root@php php]# ls
bin etc include lib php sbin var
#配置服务(复制默认配置文件,使配置文件生效)
[root@php php]# cp etc/php-fpm.conf.default etc/php-fpm.conf
[root@php php]# cp etc/php-fpm.d/www.conf.default etc/php-fpm.d/www.conf
#头文件映射
[root@php php]# ln -s /usr/local/php /usr/include/php
#创建库文件
[root@mysql ~]# echo "/usr/local/php/lib" > /etc/ld.so.conf.d/php.conf
[root@mysql ~]# ldconfig
#编写service文件
[root@php ~]# cat > /usr/lib/systemd/system/php.service << EOF
[Unit]
Description=php server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/php/sbin/php-fpm
ExecStop=ps -ef |grep php |grep -v grep|awk '{print$2}'|xargs kill
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@php ~]# systemctl daemon-reload
[root@php ~]# systemctl enable --now php.service
Created symlink /etc/systemd/system/multi-user.target.wants/php.service → /usr/lib/systemd/system/php.service.
[root@RS1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 70 *:33060 *:*
LISTEN 0 128 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
#编写测试主页php端
[root@RS1 php]# mkdir -p /usr/local/nginx/html
[root@RS1 php]# cat > /usr/local/nginx/html/index.php << EOF
<?php
phpinfo();
?>
EOF
[root@nginx ~]# systemctl restart nginx.service
#创建一个虚拟主机
[root@RS1 php]# cd /usr/local/nginx/conf
[root@RS1 conf]# vim nginx.conf
......
server {
listen 82;
location / {
root html/static;
index index.html;
}
}
......
[root@RS1 conf]# cd /usr/local/nginx/html
[root@RS1 html]# mkdir static
[root@RS1 html]# ls
50x.html index.html index.php static
[root@RS1 html]# echo 'nginx' > static/index.html
[root@RS1 html]# ls
50x.html index.html index.php static
[root@RS1 html]# cat static/index.html
nginx
[root@RS1 html]# systemctl restart nginx.service
#将php与nginx连接
[root@RS1 html]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm index.php;//添加index.php
}
......
......//取消注释下面的一段
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;//将/script改为$document_root
include fastcgi_params;
}
......
#重新加载服务配置
[root@nginx ~]# systemctl reload nginx.service
RS2端部署
部署lamp
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS2 ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# dnf -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
[root@RS2 ~]# dnf -y module install mariadb*
[root@RS2 ~]# systemctl enable --now mariadb
[root@RS2 ~]# dnf -y install php
[root@RS2 ~]# systemctl enable --now php-fpm.service
#配置httpd
[root@RS2 ~]# vim /etc/httpd/conf/httpd.conf
......
<IfModule dir_module>
DirectoryIndex index.html index.php //新增index.php
</IfModule>
......
#写一个php测试页面
[root@RS2 ~]# cd /var/www/html/
[root@RS2 html]# cat >index.php <<EOF
<?php
phpinfo();
?>
EOF
[root@RS2 www]# systemctl restart php-fpm.service
#把vhost的模板copy到conf.d目录下
[root@RS2 html]# find / -name httpd-vhost*
/usr/share/doc/httpd/httpd-vhosts.conf
[root@RS2 html]# cd /etc/httpd/conf.d/
[root@RS2 conf.d]# cp /usr/share/doc/httpd/httpd-vhosts.conf .
#配置虚拟主机
[root@RS2 conf.d]# vim httpd-vhosts.conf
Listen 82
<VirtualHost 192.168.188.137:82>
DocumentRoot "/var/www/vhost1"
ErrorLog "/var/log/httpd/error_log"
CustomLog "/var/log/httpd/access_log" combined
</VirtualHost>
#创建vhost的网页存放目录
[root@RS2 www]# mkdir vhost1
[root@RS2 www]# echo 'apache' >vhost1/index.html
[root@RS2 www]# systemctl restart httpd
[root@RS2 www]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:82 *:*
LISTEN 0 128 [::]:22 [::]:*
配置LB
[root@LB ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@LB ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@LB ~]# setenforce 0
[root@LB ~]# dnf -y install nginx
[root@LB ~]# systemctl restart nginx.service
[root@LB ~]# vim /etc/nginx/nginx.conf
//upstream要写在server外面
......
upstream static {
server 192.168.188.129:82;
server 192.168.188.137:82;
}
upstream dynamic {
server 192.168.188.129;
server 192.168.188.137;
}
......
//写在server里面
location / {
proxy_pass http://static;
}
location ~ \.php$ {
proxy_pass http://dynamic;
}
......
[root@LB ~]# systemctl restart nginx.service
负载均衡测试访问
动静分离测试