KVM 3:基于 KVM 虚拟机实现 HAProxy+Keepalived 高可用 Wordpress 站点搭建

4 篇文章 0 订阅
3 篇文章 0 订阅

本次实验基于 KVM 虚拟化环境进行,虚拟化环境搭建参考博客《搭建 KVM 虚拟化环境》。

实验拓扑

在这里插入图片描述

3.1:部署负载均衡

3.1.1:pm1-node201 部署 Keepalived

keepalived 节点上需要开启的两个 Linux 内核参数:net.ipv4.ip_forward = 1 和 net.ipv4.ip_nonlocal_bind = 1,已在系统初始化的过程中添加。

  • 编译安装 keepalived-1.3.6:
[root@pm1-node201 ~]# wget -O /usr/local/src/keepalived-1.3.6.tar.gz http://www.keepalived.org/software/keepalived-1.3.6.tar.gz
[root@pm1-node201 ~]# cd /usr/local/src
[root@pm1-node201 src]# tar xvf keepalived-1.3.6.tar.gz
[root@pm1-node201 src]# cd keepalived-1.3.6

[root@pm1-node201 keepalived-1.3.6]# yum install libnfnetlink-devel libnfnetlink ipvsadm libnl libnl-devel libnl3 libnl3-devel lm_sensors-libs net-snmp-agent-libs net-snmp-libs openssh-server openssh-clients openssl openssl-devel tree sudo psmisc lrzsz gcc gcc-c++ automake pcre pcredevel zlib zlib-devel openssl openssl-devel iproute -y

[root@pm1-node201 keepalived-1.3.6]# ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install

[root@pm1-node201 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig

[root@pm1-node201 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/keepalived.service /usr/lib/systemd/system/

[root@pm1-node201 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/bin/keepalived /usr/sbin/
  • 配置 Keepalived,将 pm1-node201 设为 192.168.1.200 的 master 节点,172.16.1.200 的 backup 节点:
[root@pm1-node201 ~]# mkdir /etc/keepalived
[root@pm1-node201 ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@pm1-node201 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
   notification_email {
      root@pm1-node201.yqc.com
   }
   notification_email_from root@pm1-node201.yqc.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id pm1-node201.yqc.com
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VIP_1 {
        state MASTER
        interface eth0
        virtual_router_id 1
        priority 100
        advert_int 2
        unicast_src_ip 192.168.1.201
        unicast_peer {
                192.168.1.202
        }
        authentication {
                auth_type PASS
                auth_pass 123456
        }
        virtual_ipaddress {
                192.168.1.200/24 dev eth0 label eth0:0
        }
}

vrrp_instance VIP_2 {
        state BACKUP
        interface eth1
        virtual_router_id 2
        priority 80
        advert_int 2
        unicast_src_ip 172.16.1.201
        unicast_peer {
                172.16.1.202
        }
        authentication {
                auth_type PASS
                auth_pass 123456
        }
        virtual_ipaddress {
                172.16.1.200/24 dev eth1 label eth1:0
        }
}
  • 启动keepalived并设为开机启动:
[root@pm1-node201 ~]# systemctl start keepalived
[root@pm1-node201 ~]# systemctl enable keepalived
  • 验证 VIP:
[root@pm1-node201 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.201  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 240e:324:79e:f400:5054:ff:fe1f:99c7  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::5054:ff:fe1f:99c7  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:1f:99:c7  txqueuelen 1000  (Ethernet)
        RX packets 220  bytes 34831 (34.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 105  bytes 9825 (9.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.200  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 52:54:00:1f:99:c7  txqueuelen 1000  (Ethernet)

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.1.201  netmask 255.255.255.0  broadcast 172.16.1.255
        inet6 fe80::5054:ff:fef2:3384  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:f2:33:84  txqueuelen 1000  (Ethernet)
        RX packets 153  bytes 10230 (9.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 36  bytes 1872 (1.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

3.1.2:pm2-node202 部署 Keepalived

  • 将 pm1-node201 的 keepalived 程序打包,并拷贝解压到 pm2-node202 相应目录:
[root@pm1-node201 ~]# cd /usr/local/keepalived/
[root@pm1-node201 keepalived]# tar zcvf keepalived-pm1-node201.tar.gz ./*

[root@pm2-node202 ~]# mkdir /usr/local/keepalived
[root@pm2-node202 ~]# scp pm1-node201:/usr/local/keepalived/keepalived-pm1-node201.tar.gz /usr/local/keepalived/
[root@pm2-node202 ~]# cd /usr/local/keepalived/
[root@pm2-node202 keepalived]# tar zxvf keepalived-pm1-node201.tar.gz
  • 拷贝 pm1-node201 的 keepalived 相关配置文件、主程序、Unit file 到 pm2-node202 相应目录:
[root@pm2-node202 ~]# mkdir /etc/keepalived

[root@pm2-node202 ~]# scp pm1-node201:/etc/keepalived/keepalived.conf /etc/keepalived/
[root@pm2-node202 ~]# scp pm1-node201:/etc/sysconfig/keepalived.sysconfig /etc/sysconfig/keepalived.sysconfig
[root@pm2-node202 ~]# scp pm1-node201:/usr/lib/systemd/system/keepalived.service /usr/lib/systemd/system/keepalived.service
[root@pm2-node202 ~]# scp pm1-node201:/usr/sbin/keepalived /usr/sbin/
  • 配置 Keepalived,将 pm2-node202 设为 192.168.1.200 的 backup 节点,172.16.1.200 的 master 节点:
[root@pm2-node202 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
   notification_email {
      root@pm2-node202.yqc.com
   }
   notification_email_from root@pm2-node202.yqc.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id pm2-node202.yqc.com
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VIP_1 {
        state BACKUP
        interface eth0
        virtual_router_id 1
        priority 80
        advert_int 2
        unicast_src_ip 192.168.1.202
        unicast_peer {
                192.168.1.201
        }
        authentication {
                auth_type PASS
                auth_pass 123456
        }
        virtual_ipaddress {
                192.168.1.200/24 dev eth0 label eth0:0
        }
}

vrrp_instance VIP_2 {
        state MASTER
        interface eth1
        virtual_router_id 2
        priority 100
        advert_int 2
        unicast_src_ip 172.16.1.202
        unicast_peer {
                172.16.1.201
        }
        authentication {
                auth_type PASS
                auth_pass 123456
        }
        virtual_ipaddress {
                172.16.1.200/24 dev eth1 label eth1:0
        }
}
  • 启动keepalived并设为开机启动:
[root@pm2-node202 ~]# systemctl start keepalived
[root@pm2-node202 ~]# systemctl enable keepalived
  • 验证 VIP:
[root@pm2-node202 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.202  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::5054:ff:fe04:2d17  prefixlen 64  scopeid 0x20<link>
        inet6 240e:324:79e:f400:5054:ff:fe04:2d17  prefixlen 64  scopeid 0x0<global>
        ether 52:54:00:04:2d:17  txqueuelen 1000  (Ethernet)
        RX packets 290  bytes 42205 (41.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 64  bytes 7813 (7.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.1.202  netmask 255.255.255.0  broadcast 172.16.1.255
        inet6 fe80::5054:ff:fe1d:9e2  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:1d:09:e2  txqueuelen 1000  (Ethernet)
        RX packets 133  bytes 8820 (8.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 67  bytes 3630 (3.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.1.200  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 52:54:00:1d:09:e2  txqueuelen 1000  (Ethernet)

3.1.3:pm1-node201 部署 HAProxy

  • 编译安装 haproxy-1.8.20:
[root@pm1-node201 ~]# cd /usr/local/src
[root@pm1-node201 src]# tar zxvf haproxy-1.8.20.tar.gz 
[root@pm1-node201 src]# cd haproxy-1.8.20/

[root@pm1-node201 haproxy-1.8.20]# yum install gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate -y

[root@pm1-node201 haproxy-1.8.20]# make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy
[root@pm1-node201 haproxy-1.8.20]# make install PREFIX=/usr/local/haproxy
[root@pm1-node201 haproxy-1.8.20]# cp haproxy /usr/sbin/

[root@pm1-node201 ~]# vim /usr/lib/systemd/system/haproxy.service
[Unit]  
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q 
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target

[root@pm1-node201 ~]# mkdir /etc/haproxy
[root@pm1-node201 ~]# useradd haproxy -s /sbin/nologin
[root@pm1-node201 ~]# mkdir /var/lib/haproxy
[root@pm1-node201 ~]# chown haproxy.haproxy /var/lib/haproxy/ -R
  • 配置 HAProxy,代理后端 Web 服务器以及 MySQL:
[root@pm1-node201 examples]# vim /etc/haproxy/haproxy.cfg
global
        maxconn 100000
        user haproxy
        group haproxy
        daemon
        nbproc 1
        pidfile /run/haproxy.pid
        log 127.0.0.1 local3 info
        chroot /usr/local/haproxy
        stats socket /var/lib/haproxy/haproxy.socket mode 600 level admin

defaults
        option redispatch
        option abortonclose
        option http-keep-alive
        option forwardfor
        maxconn 100000
        mode http
        timeout connect 10s
        timeout client 20s
        timeout server 30s
        timeout check 5s

listen stats
        bind :9999
        stats enable
        #stats hide-version
        stats uri /haproxy-status
        stats realm HAPorxy\ Stats\ Page
        stats auth haadmin:123456
        stats auth admin:123456
        stats refresh 30s
        stats admin if TRUE

listen nginx
        bind 192.168.1.200:80
        mode tcp
        log global
        balance roundrobin
        server 172.16.1.204 172.16.1.204:80 check inter 3000 fall 3 rise 5
        server 172.16.1.205 172.16.1.205:80 check inter 3000 fall 3 rise 5

listen mysql
        bind 172.16.1.200:3306
        mode tcp
        log global
        balance source
        server 172.16.1.203 172.16.1.203:3306 check inter 3000 fall 3 rise 5
  • 配置 rsyslog 接收 haproxy 的日志:
[root@pm1-node201 ~]# vim /etc/rsyslog.conf
local3.*    /var/log/haproxy.log
$ModLoad imudp
$UDPServerRun 514

[root@pm1-node201 ~]# systemctl restart rsyslog
  • 启动 HAProxy
[root@pm1-node201 ~]# systemctl start haproxy
[root@pm1-node201 ~]# systemctl enable haproxy
  • 验证监听端口:
[root@pm1-node201 ~]# ss -tnl | egrep "(80|3306|9999)"
LISTEN     0      20480  172.16.1.200:3306                     *:*                  
LISTEN     0      20480        *:9999                     *:*                  
LISTEN     0      20480  192.168.1.200:80                       *:*                  
  • 验证 HAProxy 状态页(http://192.168.1.201:9999/haproxy-status):

在这里插入图片描述

3.1.4:pm2-node202 部署 HAProxy

  • pm2-node202 创建相应目录及haproxy用户:
[root@pm2-node202 ~]# mkdir /usr/local/haproxy /etc/haproxy /var/lib/haproxy
[root@pm2-node202 ~]# useradd haproxy -s /sbin/nologin
[root@pm2-node202 ~]# chown haproxy.haproxy /var/lib/haproxy/ -R
  • 打包 pm1-node201 的 HAPoxy 安装目录,拷贝并解压到 pm2-node202 相应目录:
[root@pm1-node201 ~]# cd /usr/local/haproxy/
[root@pm1-node201 haproxy]# tar zcvf haproxy-pm1-node201.tar.gz ./*

[root@pm2-node202 ~]# scp pm1-node201:/usr/local/haproxy/haproxy-pm1-node201.tar.gz /usr/local/haproxy/
[root@pm2-node202 ~]# cd /usr/local/haproxy/
[root@pm2-node202 haproxy]# tar zxvf haproxy-pm1-node201.tar.gz 
  • 拷贝 pm1-node201 的HAProxy 主程序文件、配置文件和 Unit file:
[root@pm2-node202 ~]# scp pm1-node201:/usr/sbin/haproxy /usr/sbin/
[root@pm2-node202 ~]# scp pm1-node201:/etc/haproxy/haproxy.cfg /etc/haproxy/
[root@pm2-node202 ~]# scp pm1-node201:/usr/lib/systemd/system/haproxy.service /usr/lib/systemd/system/haproxy.service
  • 配置 rsyslog 接收 haproxy 的日志:
[root@pm2-node202 ~]# vim /etc/rsyslog.conf
local3.*    /var/log/haproxy.log
$ModLoad imudp
$UDPServerRun 514

[root@pm2-node202 ~]# systemctl restart rsyslog
  • 启动 HAProxy
[root@pm2-node202 ~]# systemctl start haproxy
[root@pm2-node202 ~]# systemctl enable haproxy
  • 验证监听端口:
[root@pm2-node202 ~]# ss -tnl | egrep "(80|3306|9999)"
LISTEN     0      20480  172.16.1.200:3306                     *:*                  
LISTEN     0      20480        *:9999                     *:*                  
LISTEN     0      20480  192.168.1.200:80                       *:*
  • 验证 HAProxy 状态页(http://192.168.1.202:9999/haproxy-status):

在这里插入图片描述

3.2:部署数据库和共享存储

3.3.1:pm2-node203 部署 MariaDB

  • 安装 MariaDB:
[root@pm2-node203 ~]# yum install mariadb mariadb-server -y
  • 编辑主配置文件:
[root@pm2-node203 ~]# cp /etc/my.cnf /etc/my.cnf.bak

[root@pm2-node203 ~]# vim /etc/my.cnf
[mysqld]
socket=/var/lib/mysql/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
# skip-grant-tables
relay-log=/data/mysql
server-id=10
log-error=/data/mysql-log/mysql_error.log
log-bin=/data/mysql-binlog/master-log
# general_log=ON
# general_log_file=/data/general_mysql.log
long_query_time=5
slow_query_log=1
slow_query_log_file=/data/mysql-log/slow_mysql.log
max_connections=1000
bind-address=172.16.1.203

[client]
port=3306
socket=/var/lib/mysql/mysql.sock

[mysqld_safe]
log-error=/data/mysql-log/mysqld_safe.log
pid-file=/var/run/mariadb/mariadb.pid
  • 创建数据目录并授权:
[root@pm2-node203 ~]# mkdir -pv /data/{mysql,mysql-log,mysql-binlog}
[root@pm2-node203 ~]# chown mysql:mysql /data/mysql* -R
  • 启动 MariaDB 并验证端口:
[root@pm2-node203 ~]# systemctl start mariadb
[root@pm2-node203 ~]# systemctl enable mariadb
[root@pm2-node203 ~]# ss -tnl | grep 3306
LISTEN     0      50     192.168.1.107:3306                     *:* 
  • 初始化安全配置:
[root@pm2-node203 ~]# mysql_secure_installation
  • 验证 mysql 登录:
[root@pm2-node203 ~]# mysql -uroot -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.65-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> 
  • 创建 wordpress 数据库并授权:
MariaDB [(none)]> CREATE DATABASE wordpress;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON  wordpress.* TO "wordpress"@"%" IDENTIFIED BY "123456";
MariaDB [(none)]> flush privileges;
  • 使用 wordpress 服务器使用 VIP 远程连接数据库:
[root@pm1-node204 ~]# mysql -h172.16.1.200 -uwordpress -p 
Enter password: 
MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| wordpress          |
+--------------------+
2 rows in set (0.01 sec)

[root@pm2-node205 ~]# mysql -h172.16.1.200 -uwordpress -p
Enter password: 
MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| wordpress          |
+--------------------+
2 rows in set (0.00 sec)

3.3.2:pm2-node203 部署 NFS

  • 安装 nfs-utils:
[root@pm2-node203 ~]# yum install nfs-utils -y
  • 配置 NFS:
[root@pm2-node203 ~]# vim /etc/exports
/data/wordpress *(rw,no_root_squash)

[root@pm2-node203 ~]# mkdir /data/wordpress -pv
[root@pm2-node203 ~]# chown 2000:2000 -R /data/wordpress
  • 启动 nfs 并设为开机启动:
[root@pm2-node203 ~]# systemctl start nfs
[root@pm2-node203 ~]# systemctl enable nfs
  • 验证 NFS 挂载点:
[root@pm1-node204 ~]# showmount -e 172.16.1.203
Export list for 172.16.1.203:
/data/wordpress *
  • pm1-node204 挂载共享存储:
[root@pm1-node204 ~]# mkdir /data/nginx/wordpress -pv
[root@pm1-node204 ~]# vim /etc/fstab
172.16.1.203:/data/wordpress /data/nginx/wordpress      nfs     defaults,_netdev        0 0
[root@pm1-node204 ~]# mount -a

[root@pm1-node204 ~]# ll -d /data/nginx/wordpress/
drwxr-xr-x 2 nginx nginx 6 Nov 11 22:17 /data/nginx/wordpress/

[root@pm1-node204 ~]# df -Th
Filesystem                   Type      Size  Used Avail Use% Mounted on
/dev/mapper/centos-root      xfs       7.5G  2.9G  4.7G  39% /
devtmpfs                     devtmpfs  487M     0  487M   0% /dev
tmpfs                        tmpfs     497M     0  497M   0% /dev/shm
tmpfs                        tmpfs     497M  6.7M  490M   2% /run
tmpfs                        tmpfs     497M     0  497M   0% /sys/fs/cgroup
/dev/vda1                    xfs       509M  124M  386M  25% /boot
tmpfs                        tmpfs     100M     0  100M   0% /run/user/0
172.16.1.203:/data/wordpress nfs4      7.5G  1.4G  6.2G  18% /data/nginx/wordpress/
  • pm2-node205 挂载共享存储:
[root@pm2-node205 ~]# mkdir /data/nginx/wordpress -pv
[root@pm2-node205 ~]# vim /etc/fstab
172.16.1.203:/data/wordpress /data/nginx/wordpress      nfs     defaults,_netdev        0 0
[root@pm2-node205 ~]# mount -a

[root@pm2-node205 ~]# ll -d /data/nginx/wordpress/
drwxr-xr-x 2 nginx nginx 6 Nov 11 22:17 /data/nginx/wordpress/

[root@pm2-node205 ~]# df -Th
Filesystem                   Type      Size  Used Avail Use% Mounted on
/dev/mapper/centos-root      xfs       7.5G  1.8G  5.8G  24% /
devtmpfs                     devtmpfs  487M     0  487M   0% /dev
tmpfs                        tmpfs     497M     0  497M   0% /dev/shm
tmpfs                        tmpfs     497M  6.7M  490M   2% /run
tmpfs                        tmpfs     497M     0  497M   0% /sys/fs/cgroup
/dev/vda1                    xfs       509M  124M  386M  25% /boot
tmpfs                        tmpfs     100M     0  100M   0% /run/user/0
172.16.1.203:/data/wordpress nfs4      7.5G  1.4G  6.2G  18% /data/nginx/wordpress/

3.3:部署 Web 服务

3.3.1:pm1-node204 部署 PHP

  • 编译安装 php-7.1.30:
[root@pm1-node204 ~]# cd /usr/local/src/
[root@pm1-node204 src]# tar zxvf  php-7.1.30.tar.gz
[root@pm1-node204 src]# cd  php-7.1.30/

[root@pm1-node204 php-7.1.30]# yum -y install wget vim pcre pcre-devel openssl openssl-devel libicudevel gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel bison automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpegdevel libzip

[root@pm1-node204 php-7.1.30]# ./configure --prefix=/usr/local/php --enable-fpm --with-fpmuser=www --with-fpm-group=www --with-pear --with-curl --with-png-dir --with-freetype-dir --with-iconv --with-mhash --with-zlib --with-xmlrpc --with-xsl --with-openssl --with-mysqli --with-pdo-mysql --disable-debug --enable-zip --enable-sockets --enable-soap --enable-inline-optimization --enable-xml --enable-ftp --enable-exif --enable-wddx --enable-bcmath --enable-calendar --enable-shmop --enable-dba --enable-sysvsem --enable-sysvshm --enable-sysvmsg



[root@pm1-node204 php-7.1.30]# make -j 2
[root@pm1-node204 php-7.1.30]# make install
  • 从相应目录拷贝 PHP 配置文件:
[root@pm1-node204 ~]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
[root@pm1-node204 ~]# cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
[root@pm1-node204 ~]# cp /usr/local/src/php-7.1.30/php.ini-production /usr/local/php/etc/php.ini
  • 创建日志文件目录:
[root@pm1-node204 ~]# mkdir /usr/local/php/log
  • 配置 pid 文件:
[root@pm1-node204 ~]# vim /usr/local/php/etc/php-fpm.conf
pid = run/php-fpm.pid
  • 将 php-fpm 添加到 service:
[root@pm1-node204 ~]# cp /usr/local/src/php-7.1.30/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@pm1-node204 ~]# chmod +x /etc/init.d/php-fpm
[root@pm1-node204 ~]# chkconfig --add php-fpm
[root@pm1-node204 ~]# chkconfig php-fpm on

[root@pm1-node204 ~]# chkconfig --list                              

Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.

      If you want to list systemd services use 'systemctl list-unit-files'.
      To see services enabled on particular target use
      'systemctl list-dependencies [target]'.

netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
php-fpm         0:off   1:off   2:on    3:on    4:on    5:on    6:off
  • 配置 www.conf:
[root@pm1-node204 ~]# vim /usr/local/php/etc/php-fpm.d/www.conf
[www]
user = nginx
group = nginx
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 50
pm.start_servers = 30
pm.min_spare_servers = 30
pm.max_spare_servers = 50
pm.status_path = /pm_status
ping.path = /ping
ping.response = pong
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow
  • 检测配置文件:
[root@pm1-node204 ~]# /usr/local/php/sbin/php-fpm -t
[13-Nov-2020 11:07:39] NOTICE: configuration file /usr/local/php/etc/php-fpm.conf test is successful
  • 启动 php-fpm 并验证:
[root@pm1-node204 ~]# service php-fpm start

[root@pm1-node204 ~]# ps -ef | grep php-fpm
root      2247     1  0 11:08 ?        00:00:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
nginx     2248  2247  0 11:08 ?        00:00:00 php-fpm: pool www
nginx     2249  2247  0 11:08 ?        00:00:00 php-fpm: pool www
nginx     2250  2247  0 11:08 ?        00:00:00 php-fpm: pool www
nginx     2251  2247  0 11:08 ?        00:00:00 php-fpm: pool www
nginx     2252  2247  0 11:08 ?        00:00:00 php-fpm: pool www
nginx     2253  2247  0 11:08 ?        00:00:00 php-fpm: pool www

[root@pm1-node204 ~]# netstat -tanlp | grep php-fpm
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      2247/php-fpm: maste

3.3.2:pm2-node205 部署 PHP

  • 安装 php 依赖环境:
[root@pm2-node205 ~]# yum -y install wget vim pcre pcre-devel openssl openssl-devel libicudevel gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel bison automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpegdevel libzip
  • 创建 php 程序目录:
[root@pm2-node205 ~]# mkdir /usr/local/php
  • 打包 pm1-node204 的 php 程序目录,拷贝到 pm2-node205 并解压到相应目录:
[root@pm1-node204 ~]# cd /usr/local/php/
[root@pm1-node204 php]# tar zcvf php-pm1-node204.tar.gz ./*

[root@pm2-node205 ~]# scp pm1-node204:/usr/local/php/php-pm1-node204.tar.gz /usr/local/php/
[root@pm2-node205 ~]# cd /usr/local/php/
[root@pm2-node205 php]# tar zxvf php-pm1-node204.tar.gz
  • 检测配置文件:
[root@pm2-node205 ~]# /usr/local/php/sbin/php-fpm -t
[13-Nov-2020 11:23:02] NOTICE: configuration file /usr/local/php/etc/php-fpm.conf test is successful
  • 将 php-fpm 添加到 service:
[root@pm2-node205 ~]# scp pm1-node204:/etc/init.d/php-fpm /etc/init.d/
[root@pm2-node205 ~]# chkconfig --add php-fpm
[root@pm2-node205 ~]# chkconfig php-fpm on
[root@pm2-node205 ~]# chkconfig --list

Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.

      If you want to list systemd services use 'systemctl list-unit-files'.
      To see services enabled on particular target use
      'systemctl list-dependencies [target]'.

netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
php-fpm         0:off   1:off   2:on    3:on    4:on    5:on    6:off
  • 启动 php-fpm 并验证:
[root@pm2-node205 ~]# service php-fpm start

[root@pm2-node205 ~]# ps -ef | grep php-fpm
root      2760     1  0 11:23 ?        00:00:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
nginx     2761  2760  0 11:23 ?        00:00:00 php-fpm: pool www
nginx     2762  2760  0 11:23 ?        00:00:00 php-fpm: pool www
nginx     2763  2760  0 11:23 ?        00:00:00 php-fpm: pool www
nginx     2764  2760  0 11:23 ?        00:00:00 php-fpm: pool www
nginx     2765  2760  0 11:23 ?        00:00:00 php-fpm: pool www

[root@pm2-node205 ~]# netstat -tanlp | grep php-fpm
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      2760/php-fpm: maste 

3.3.3:pm1-node204 部署 Nginx

  • 编译安装 nginx-1.18.0,安装目录为 /usr/local/nginx/:
[root@pm1-node204 ~]# wget -O /usr/local/src/nginx-1.18.0.tar.gz https://nginx.org/download/nginx-1.18.0.tar.gz
[root@pm1-node204 ~]# cd /usr/local/src

[root@pm1-node204 src]# tar zxvf nginx-1.18.0.tar.gz
[root@pm1-node204 src]# cd nginx-1.18.0/

[root@pm1-node204 nginx-1.18.0]# yum install -y vim lrzsz tree screen psmisc lsof tcpdump wget ntpdate gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools iotop bc zip unzip zlib-devel bash-completion nfs-utils automake libxml2 libxml2-devel libxslt libxslt-devel perl perl-ExtUtils-Embed

[root@pm1-node204 nginx-1.18.0]# ./configure --prefix=/usr/local/nginx \
  --user=nginx \
  --group=nginx \
  --with-http_ssl_module \
  --with-http_v2_module \
  --with-http_realip_module \
  --with-http_stub_status_module \
  --with-http_gzip_static_module \
  --with-pcre \
  --with-stream \
  --with-stream_ssl_module \
  --with-stream_realip_module
[root@pm1-node204 nginx-1.18.0]# make && make install
  • 添加 Nginx 用户,指定 UID 为 2000,将 nginx 安装目录的属主更改为 nginx:
[root@pm1-node204 ~]# useradd nginx -s /sbin/nologin -u 2000
[root@pm1-node204 ~]# chown -R nginx:nginx /usr/local/nginx/
  • 准备 Nginx 启动脚本:
[root@pm1-node204 ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
  • 创建 nginx 命令软链接:
[root@pm1-node204 ~]# ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx
  • 准备 php 测试页:
[root@pm1-node204 php]# vim /data/nginx/wordpress/index.php
<?php
	phpinfo();
?>
  • 配置 nginx:
[root@pm1-node204 ~]# vim /usr/local/nginx/conf/nginx.conf 
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server_tokens off;
    server {
        listen       80;
        server_name  wordpress.yqc.com;
        location / {
            root   /data/nginx/wordpress;
            index index.php index.html index.htm;
        }

        location ~ \.php$ {
            root /data/nginx/wordpress;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_hide_header X-Powered-By;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        
        location ~ ^/(pm_status|ping)$ {
			include fastcgi_params;
			fastcgi_pass 127.0.0.1:9000;
			fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
		}
    }
}
  • 启动 Nginx:
[root@pm1-node204 ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@pm1-node204 ~]# systemctl start nginx
[root@pm1-node204 ~]# systemctl enable nginx

3.3.4:pm2-node205 部署 Nginx

  • pm2-node204 创建相应目录及 nginx 用户:
[root@pm2-node205 ~]# mkdir /usr/local/nginx
[root@pm2-node205 ~]# useradd nginx -s /sbin/nologin -u 2000
[root@pm2-node205 ~]# chown -R nginx:nginx /usr/local/nginx/
  • 打包 pm1-node204 的 Nginx 安装目录,拷贝并解压到 pm2-node205 相应目录:
[root@pm1-node204 ~]# cd /usr/local/nginx/
[root@pm1-node204 nginx]# tar zcvf nginx-pm1-node204.tar.gz ./*

[root@pm2-node205 ~]# scp pm1-node204:/usr/local/nginx/nginx-pm1-node204.tar.gz /usr/local/nginx/
[root@pm2-node205 ~]# cd /usr/local/nginx/
[root@pm2-node205 nginx]# tar zxvf nginx-pm1-node204.tar.gz
  • 准备 Nginx 启动脚本:
[root@pm1-node204 ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
  • 创建 nginx 命令软链接:
[root@pm1-node204 ~]# ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx
  • 启动 Nginx:
[root@pm1-node204 ~]# systemctl start nginx
[root@pm1-node204 ~]# systemctl enable nginx
  • HAProxy 状态页验证 Nginx 后端服务器状态:

在这里插入图片描述

3.4:部署 WordPress

3.4.1:安装 WordPress

  • 解压 wordpress 安装包:
[root@pm1-node204 ~]# cd /data/nginx/wordpress/
[root@pm1-node204 wordpress]# mv index.php /tmp
[root@pm1-node204 wordpress]# tar zxvf wordpress-5.0.3-zh_CN.tar.gz
[root@pm1-node204 wordpress]# mv wordpress/* ./
[root@pm1-node204 wordpress]# rmdir wordpress/
[root@pm1-node204 wordpress]# mv wordpress-5.0.3-zh_CN.tar.gz /tmp
  • 编辑 wordpress 配置文件:
[root@pm1-node204 wordpress]# cp wp-config-sample.php wp-config.php
[root@pm1-node204 wordpress]# vim wp-config.php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', '123456');
define('DB_HOST', '172.16.1.200');
  • 更改 PC 的 hosts 文件,添加 wordpress.yqc.com 域名解析:
192.168.1.200 wordpress.yqc.com
  • 验证域名访问(http://wordpress.yqc.com):

在这里插入图片描述

3.4.2:初始化 WordPress

  • 填写相关信息后,点击“安装WordPress”:

在这里插入图片描述

  • 登录 WordPress:管理页面

在这里插入图片描述

在这里插入图片描述

  • 用户访问页面(http://wordpress.yqc.com):

在这里插入图片描述

3.5:保存 KVM 虚拟机快照

[root@pm1 ~]# virsh snapshot-create-as pm1-node201 --name "pm1-node201-HAProxy" --description "WordPress Based On HAProxy Load Balancing"
[root@pm1 ~]# virsh snapshot-create-as pm1-node204 --name "pm1-node204-HAProxy" --description "WordPress Based On HAProxy Load Balancing" 
[root@pm2 ~]# virsh snapshot-create-as pm2-node202 --name "pm2-node202-HAProxy" --description "WordPress Based On HAProxy Load Balancing"
[root@pm2 ~]# virsh snapshot-create-as pm2-node203 --name "pm2-node203-HAProxy" --description "WordPress Based On HAProxy Load Balancing"
[root@pm2 ~]# virsh snapshot-create-as pm2-node205 --name "pm2-node205-HAProxy" --description "WordPress Based On HAProxy Load Balancing"  
Domain snapshot pm2-node205-HAProxy created
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 1
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值