网站架构部暑

最新推荐文章于 2022-04-03 18:13:52 发布

cjm712

最新推荐文章于 2022-04-03 18:13:52 发布

阅读量426

点赞数

本文链接：https://blog.csdn.net/cjm712/article/details/82754314

版权

环境规划

IP	主机名	角色
192.168.0.13	lb7-01	Nginx，Keepalived
192.168.0.14	lb7-02	Nginx，Keepalived，MySQL，NFS
192.168.0.15	web-01	Nginx+PHP-FPM,Tomcat
192.168.0.16	web-02	Nginx+PHP-FPM,Tomcat
192.168.0.88	VIP

安装系统：CentOS7.5

架构图

1、数据库与NFS(lb7-02)

1.1、部署MySQL5.7版本

1. 1. 环境配置

iptables -F

setenforce 0

配置主机名：

hostnamectl set-hostname lb7-02

cat /etc/hostname

1. 1. 安装

软件包管理器安装

YUM或APT安装或更新MySQL是最方面的方法。

https://dev.mysql.com/downloads/repo/yum/

https://dev.mysql.com/doc/mysql-yum-repo-quick-guide/en/

配置yum源：

cat /etc/yum.repos.d/mysql.repo

# Enable to use MySQL 5.7

[mysql57-community]

name=MySQL 5.7 Community Server

baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/7/$basearch/

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

查看可安装的mysql版本:

yum repolist all|grep mysql

安装MySQL，默认最新版本：

# yum install mysql-community-server -y

启动MySQL服务：

# systemctl start mysqld

# systemctl status mysqld

root账户默认密码存储在错误日志中：

# grep 'temporary password' /var/log/mysqld.log

# mysql -uroot -p

mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass4!';

注意：密码要求包含一个大写字母，一个小写字母，一位数字和一个特殊字符，并且密码长度至少为8个字符。

# systemctl enable mysqld

1. 1. MySQL服务器配置

vi /etc/my.cnf

user = mysql

port = 3306

datadir = /var/lib/mysql

socket = /var/lib/mysql/mysql.sock

bind-address = 0.0.0.0

pid-file = /var/run/mysqld/mysqld.pid

character-set-server = utf8

collation-server = utf8_general_ci

log-error = /var/log/mysqld.log

max_connections = 10240

open_files_limit = 65535

innodb_buffer_pool_size = 3G

innodb_flush_log_at_trx_commit = 2

innodb_log_file_size = 256M

innodb_flush_method = O_DIRECT

interactive_timeout = 1800

wait_timeout = 1800

slave-parallel-type = LOGICAL_CLOCK

slave-parallel-workers = 8

master-info-repository = TABLE

relay-log-info-repository = TABLE

# systemctl restart mysqld

1.2、部署NFS

# yum install nfs-utils -y

# vi /etc/exports

/data/nfs 192.168.0.0/24(rw,no_root_squash)

# mkdir -p /data/nfs/wordpress

# systemctl start nfs

# systemctl enable nfs

在192.168.0.15服务器上挂载

# mount -t nfs 192.168.0.14:/data/nfs/wordpress /mnt/

vim /etc/fstab #自动挂载

192.168.0.14:/data/nfs/wordpress /mnt nfs defaults 0 0

注意事项：挂载不成功，检查nfs状态或重启，检查exports文件

2、部暑Web服务器(两台web)

Nginx与PHP工作流程图：

2.1、部署Nginx

2.1.1 web服务器配置

2.1.1.1 环境配置

Web-01配置：

iptables -F

setenforce 0

配置主机名：

hostnamectl set-hostname web-01

cat /etc/hostname

Web-02配置：

iptables -F

setenforce 0

配置主机名：

hostnamectl set-hostname web-02

cat /etc/hostname

2.1.1.2 安装

wget http://nginx.org/download/nginx-1.15.3.tar.gz

yum install gcc pcre-devel openssl-devel -y

useradd -M -s /sbin/nologin nginx

tar -xzf nginx-1.15.3.tar.gz

cd nginx-1.15.3

./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream=dynamic

make && make install

2.2、部署PHP与配置

wget http://docs.php.net/distributions/php-5.6.38.tar.gz

yum install gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel -y

tar -xzf php-5.6.38.tar.gz

cd php-5.6.38

./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysql --with-mysqli --with-openssl --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir --with-iconv --enable-fpm --enable-zip --enable-mbstring

make -j 8 && make install

cp php.ini-production /usr/local/php/etc/php.ini

cd /usr/local/php/etc/

vi php.ini

date.timezone = Asia/Shanghai

cp php-fpm.conf.default php-fpm.conf

vi php-fpm.conf

user = nginx

group = nginx

cd /opt/php-5.6.38

cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/

vi /usr/lib/systemd/system/php-fpm.service

[Unit]

Description=The PHP FastCGI Process Manager

After=syslog.target network.target

[Service]

Type=simple

PIDFile=/usr/local/php/var/run/php-fpm.pid

ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf

ExecReload=/bin/kill -USR2 $MAINPID

[Install]

WantedBy=multi-user.target

systemctl daemon-reload

systemctl start php-fpm

systemctl enable php-fpm

2.3、配置Nginx与PHP-FPM

cat /usr/local/nginx/conf/nginx.conf

user nginx;

worker_processes 8;

#error_log logs/error.log;

#error_log logs/error.log notice;

error_log logs/error.log info;

pid logs/nginx.pid;

events {

worker_connections 1024;

}

http {

include mime.types;

include vhost/*.conf;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;

tcp_nopush on;

#keepalive_timeout 0;

keepalive_timeout 65;

#gzip on;

}

cd /usr/local/nginx/conf

mkdir vhost

cat vhost/wordpress.conf

server {

listen 80;

server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location / {

root html/wordpress;

index index.php index.html index.htm;

}

location ~ \.php$ {

root html/wordpress;

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include fastcgi_params;

}

重启服务：

/usr/local/nginx/sbin/nginx

ps -ef |grep nginx

2.4、部署PHP项目

wget https://wordpress.org/latest.tar.gz

tar -xzf latest.tar.gz

cp -r wordpress /usr/local/nginx/html

chown nginx.nginx -R /usr/local/nginx/html/wordpress

在Mysql实例创建数据库并授权用户：

mysql -uroot -p

mysql> create database wordpress;

mysql> grant all on wordpress.* to 'wp'@'192.168.0.%' identified by 'MyNewPass4!';

配置wordpress连接mysql：

访问:http://192.168.0.15/wp-admin/setup-config.php

登陆: http://192.168.0.15/wp-login.php

2.5、部署Java项目

项目包：https://pan.baidu.com/s/1dzk7SU

wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-8/v8.5.34/bin/apache-tomcat-8.5.34.tar.gz

yum install java-1.8.0-openjdk -y

java -version

tar -xzf apache-tomcat-8.5.34.tar.gz

cd apache-tomcat-8.5.34/webapps/

rm -rf ./*

yum install unzip -y

unzip /opt/solo-2.9.4.war -d ROOT

cd /opt/apache-tomcat-8.5.34/bin

./startup.sh

tail ../logs/catalina.out -f

3、负载均衡器(lb7-01、lb7-02)

3.1、环境配置

iptables -F

setenforce 0

配置主机名：

hostnamectl set-hostname lb7-01

cat /etc/hostname

3.2、部署Nginx

wget http://nginx.org/download/nginx-1.15.3.tar.gz

yum install gcc pcre-devel openssl-devel -y

useradd -M -s /sbin/nologin nginx

tar -xzf nginx-1.15.3.tar.gz

cd nginx-1.15.3

./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream=dynamic

make && make install

3.2、配置负载均衡

cat /usr/local/nginx/conf/nginx.conf

user nginx;

worker_processes 8;

#error_log logs/error.log;

#error_log logs/error.log notice;

error_log logs/error.log info;

pid logs/nginx.pid;

events {

worker_connections 1024;

}

http {

include mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;

tcp_nopush on;

#keepalive_timeout 0;

keepalive_timeout 65;

#gzip on;

upstream wordpress {

ip_hash;

server 192.168.0.15:80;

server 192.168.0.16:80;

}

server {

listen 80;

server_name wordpress.ctnrs.com;

location / {

proxy_pass http://wordpress;

}

access_log logs/wordpress.access.log main;

}

upstream solo {

ip_hash;

server 192.168.0.13:8080;

server 192.168.0.14:8080;

}

server {

listen 80;

server_name solo.ctnrs.com;

location / {

proxy_pass http://solo;

}

access_log logs/solo.access.log main;

}

/usr/local/nginx/sbin/nginx

/usr/local/nginx/sbin/nginx -t

/usr/local/nginx/sbin/nginx -s reload

3.3、Nginx+Keepalived高可用

3.3.1、master配置

yum install keepalived -y

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

# 接收邮件地址

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

# 邮件发送地址

notification_email_from Alexandre.Cassen@firewall.loc

# 本地邮件服务器发邮件

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id NGINX_MASTER

}

vrrp_script check_nginx {

script "/usr/local/nginx/sbin/check_nginx.sh"

interval 2

weight -20

}

vrrp_instance VI_1 {

state MASTER

interface ens33

nopreempt #不抢占

virtual_router_id 51 # VRRP路由ID实例，每个实例是唯一的

priority 100 # 优先级，备服务器设置90

advert_int 1 # 指定VRRP心跳包通告间隔时间，默认1秒

# VRRP验证块

authentication {

auth_type PASS

auth_pass 1111

}

# VIP定义块

virtual_ipaddress {

192.168.0.88/24

}

track_script {

check_nginx

}

systemctl start keepalived

systemctl enable keepalived

nginx状态检查脚本：

cat /usr/local/nginx/sbin/check_nginx.sh

#!/bin/bash

count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ]; then

exit 1

#systemctl stop keepalived

chmod +x /usr/local/nginx/sbin/check_nginx.sh

3.3.2、backup配置

yum install keepalived -y

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

# 接收邮件地址

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

# 邮件发送地址

notification_email_from Alexandre.Cassen@firewall.loc

# 本地邮件服务器发邮件

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id NGINX_MASTER

}

vrrp_script check_nginx {

script "/usr/local/nginx/sbin/check_nginx.sh"

interval 2

weight -20

}

vrrp_instance VI_1 {

state BACKUP

interface ens33

virtual_router_id 51 # VRRP路由ID实例，每个实例是唯一的

priority 90 # 优先级，备服务器设置90

advert_int 1 # 指定VRRP心跳包通告间隔时间，默认1秒

# VRRP验证块

authentication {

auth_type PASS

auth_pass 1111

}

# VIP定义块

virtual_ipaddress {

192.168.0.88/24

}

track_script {

check_nginx

}

systemctl start keepalived

systemctl enable keepalived

nginx状态检查脚本：

cat /usr/local/nginx/sbin/check_nginx.sh

#!/bin/bash

count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ]; then

exit 1

#systemctl stop keepalived

chmod +x /usr/local/nginx/sbin/check_nginx.sh

3.3.3、master存在VIP

[root@lb7-01 ~]# ip addr |grep ens33

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

inet 192.168.0.13/24 brd 192.168.0.255 scope global noprefixroute ens33

inet 192.168.0.88/24 scope global secondary ens33

3.3.4、BACKUP不存在VIP

[root@lb7-02 ~]# ip addr

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

inet 192.168.0.14/24 brd 192.168.0.255 scope global noprefixroute ens33

3.3.5、查看keepalived日志

[root@lb7-01 log]# tail -f messages

Sep 18 22:52:10 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:12 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:14 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:16 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:18 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:20 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1

Sep 18 22:52:22 lb7-01 Keepalived_vrrp[5999]: VRRP_Script(check_nginx) succeeded

Sep 18 22:52:23 lb7-01 Keepalived_vrrp[5999]: VRRP_Instance(VI_1) Changing effective priority from 80 to 100

Sep 18 23:01:01 lb7-01 systemd: Started Session 4 of user root.

Sep 18 23:01:01 lb7-01 systemd: Starting Session 4 of user root.

[root@lb7-02 conf]# tail -f /var/log/messages

Sep 18 23:33:37 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2

Sep 18 23:33:39 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2

Sep 18 23:33:41 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2

Sep 18 23:33:43 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2

4、测试

4.1、停止Nginx服务查看VIP是否偏移成功

lb7-01配置：

pkill nginx

ps -ef |grep nginx

master不存在VIP：

[root@lb7-01 etc]# ip addr |grep ens33

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

inet 192.168.0.13/24 brd 192.168.0.255 scope global noprefixroute ens33

BACKUP存在VIP：

[root@lb7-02 conf]# ip a |grep ens33

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

inet 192.168.0.14/24 brd 192.168.0.255 scope global noprefixroute ens33

inet 192.168.0.88/24 scope global secondary ens33

测试网站：

访问http://192.168.0.88是否正常

4.2、访问VIP网站测试是否正常均衡到Web服务器

两台web服务器配置：

cat /usr/local/nginx/conf/vhost/wordpress.conf #把wordpress访问去掉

location ~ \.php$ {

root html;

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include fastcgi_params;

}

Web-01配置：

cat /usr/local/nginx/html/index.php

/usr/local/nginx/sbin/nginx -s reload

Web-02配置：

cat /usr/local/nginx/html/index.php

/usr/local/nginx/sbin/nginx -s reload

测试nginx轮询效果：

再次刷新页面：

cjm712

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
网站架构部暑

环境规划 IP 主机名角色 192.168.0.13 lb7-01 Nginx，Keepalived 192.168.0.14 lb7-02 Nginx，Keepalived，MySQL，NFS ...
复制链接

扫一扫

网站架构部暑

架构图

1、数据库与NFS(lb7-02)

1.1、部署MySQL5.7版本

1.2、部署NFS

2、部暑Web服务器(两台web)

2.1、部署Nginx

2.1.1 web服务器配置

2.2、部署PHP与配置

2.3、配置Nginx与PHP-FPM

2.4、部署PHP项目

2.5、部署Java项目

3、负载均衡器(lb7-01、lb7-02)

3.1、环境配置

3.2、部署Nginx

3.2、配置负载均衡

3.3、Nginx+Keepalived高可用

3.3.1、master配置

3.3.2、backup配置

3.3.3、master存在VIP

3.3.4、BACKUP不存在VIP

3.3.5、查看keepalived日志

4、测试

4.1、停止Nginx服务查看VIP是否偏移成功

4.2、访问VIP网站测试是否正常均衡到Web服务器

“相关推荐”对你有帮助么？