1.运行环境
这里的主机IP是自己虚拟器的IP。
| 主机 | 主机名 | 系统 | 服务 |
| 192.168.179.128 | Server-Web | Linux | Web |
| 192.168.179.129 | Server-NFSDNS | Linux | NFS/DNS |
2.基础配置
1.配置主机名,静态IP地址
2.开启防火墙并配置
3.部分开启SElinux并配置
4.服务器之间使用同ntp.aliyun.com进行时间同步
5.服务器之间实现SSH免密登录
3.业务需求
1.Server-NFS-DNS主机配置NFS服务器,将博客网站资源 文件共享给Server-web主机,Server-NFS-DNS主机配 置DNS
2.Server-web主机配置web服务,通过域名www.openla b.com可以访问到自建的博客网站
4.准备工作
4.1配置静态IP
#在192.168.179.128中配置
[root@server ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses '192.168.179.128/24' ipv4.gateway '192.168.179.2' ipv4.dns '114.114.114.114'
[root@server ~]# nmcli c reload
[root@server ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
[root@server ~]#
#在192.168.179.129中配置
[root@node ~]# nmcli c modify ens33 ipv4.method manual ipv4.addresses '192.168.179.129/24' ipv4.gateway '192.168.179.2' ipv4.dns '114.114.114.114'
[root@node ~]# nmcli c reload
[root@node ~]# nmcli c up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
[root@node ~]#
#在192.168.179.128
#在192.168.179.129
4.2修改主机名及hosts映射
#在192.168.179.128
其中,vim /etc/hosts修改如下:
#在192.168.179.129
其中,vim /etc/hosts修改如下:
4.3开启防火墙
#在192.168.179.128
#在192.168.179.129
4.4时间同步
#在192.168.179.128
[root@Server-Web ~]# vim /etc/chrony.conf
[root@Server-Web ~]# systemctl restart chronyd
[root@Server-Web ~]# chronyc sources -v timedatectl status
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 17 11 -520us[-1254us] +/- 45ms
[root@Server-Web ~]#
其中,vim /etc/chrony.conf修改如下:
****只修改第三行****
#在192.168.179.129
[root@Server-NFS-DNS ~]# vim /etc/chrony.conf
[root@Server-NFS-DNS ~]# systemctl restart chronyd
[root@Server-NFS-DNS ~]# chronyc sources -v timedatectl status
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 17 1 +2700us[ +23ms] +/- 51ms
[root@Server-NFS-DNS ~]#
其中,vim /etc/chrony.conf修改如下:
****只修改第三行****
4.5配置免密ssh登录
#在192.168.179.128
[root@Server-Web ~]# ssh-keygen -t rsa # 生成公钥私钥,一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:cNtuVI4LGHqi1vEBcJZWVxdk/BJgThJFMKHpJ9qXzzM root@Server-Web
The key's randomart image is:
+---[RSA 3072]----+
| . oo. BBB+=. |
| +o + * oo |
| .. = . . .o |
| + = o +. . |
| + * S + .. |
| o B + = . |
| o o o o + |
| . . +E |
| oo |
+----[SHA256]-----+
[root@Server-Web ~]# ssh-copy-id 192.168.179.129
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.179.129 (192.168.179.129)' can't be established.
ED25519 key fingerprint is SHA256:dM/C+n5JHJmF8kOIz1/p88dbHJ3PjcswbBYrsEErnBc.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Authorized users only. All activities may be monitored and reported.
root@192.168.179.129's password: #这是主机192.168.179.129的登录密码
Permission denied, please try again.
root@192.168.179.129's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.179.129'"
and check to make sure that only the key(s) you wanted were added.
[root@Server-Web ~]# ssh 192.168.179.129 #连接主机192.168.179.129进行测试
Authorized users only. All activities may be monitored and reported.
Authorized users only. All activities may be monitored and reported.
Last failed login: Mon Apr 15 19:06:28 CST 2024 from 192.168.179.128 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Mon Apr 15 18:44:23 2024 from 192.168.179.1
Welcome to 5.10.0-182.0.0.95.oe2203sp3.x86_64
System information as of time: 2024年 04月 15日 星期一 19:07:04 CST
System load: 0.10
Processes: 193
Memory used: 12.3%
Swap used: 0%
Usage On: 12%
IP address: 192.168.179.129
Users online: 2
[root@Server-NFS-DNS ~]# exit #连接成功,退出
注销
Connection to 192.168.179.129 closed.
[root@Server-Web ~]# #在192.168.179.129
[root@Server-NFS-DNS ~]# ssh-keygen -t rsa # 生成公钥私钥,一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:rqyCl1ZsB8OMJewLmB8YYHJbaWCDfz75N3Z3UqFwgko root@Server-NFS-DNS
The key's randomart image is:
+---[RSA 3072]----+
|++=... |
|=oo++ |
|.*.B . |
|= = * E . o . . |
| o * = .S + . . |
| o B o. . . |
| . + + . . |
|. = ...+ . o . |
| o ...oo o . o |
+----[SHA256]-----+
[root@Server-NFS-DNS ~]# ssh-copy-id 192.168.179.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.179.128 (192.168.179.128)' can't be established.
ED25519 key fingerprint is SHA256:dM/C+n5JHJmF8kOIz1/p88dbHJ3PjcswbBYrsEErnBc.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Authorized users only. All activities may be monitored and reported.
root@192.168.179.128's password: #这里是主机192.168.179.128的登录密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.179.128'"
and check to make sure that only the key(s) you wanted were added.
[root@Server-NFS-DNS ~]# ssh 192.168.179.129 连接主机192.168.179.128,进行测试
The authenticity of host '192.168.179.129 (192.168.179.129)' can't be established.
ED25519 key fingerprint is SHA256:dM/C+n5JHJmF8kOIz1/p88dbHJ3PjcswbBYrsEErnBc.
This host key is known by the following other names/addresses:
~/.ssh/known_hosts:1: 192.168.179.128
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.179.129' (ED25519) to the list of known hosts.
Authorized users only. All activities may be monitored and reported.
root@192.168.179.129's password:
Authorized users only. All activities may be monitored and reported.
Last login: Mon Apr 15 19:07:04 2024 from 192.168.179.128
Welcome to 5.10.0-182.0.0.95.oe2203sp3.x86_64
System information as of time: 2024年 04月 15日 星期一 19:11:28 CST
System load: 0.00
Processes: 195
Memory used: 12.4%
Swap used: 0%
Usage On: 12%
IP address: 192.168.179.129
Users online: 2
[root@Server-NFS-DNS ~]# exit #连接成功,退出
注销
Connection to 192.168.179.129 closed.
[root@Server-NFS-DNS ~]# 5.环境搭建
5.1. Server-web端安装LNMP环境软件
[root@Server-Web ~]# yum install nginx mariadb-server php* -y5.2. Server-NFS-DNS端上传博客软件
网址:https://cn.wordpress.org/ ,下载后为zip压缩 文件
这里建议不要下载太高的版本,因为这里对PHP要求很高,如果下载不对或者不兼容,后续补救会很麻烦。
将wordpress上传到192.168.179.129(Server-NFSDNS)端的/目录下
这里用Xftp上传
解压缩:
[root@Server-NFS-DNS ~]# cd /
[root@Server-NFS-DNS /]# unzip wordpress6.1-zh_CN.zip #等待解压缩,完成即可
#这里我用了6.1的版本,zh_CN ——这里是中文版
[root@Server-NFS-DNS /]# cd wordpress
[root@Server-NFS-DNS wordpress]# ls
index.php wp-blog-header.php wp-includes wp-settings.php
license.txt wp-comments-post.php wp-links-opml.php wp-signup.php
readme.html wp-config-sample.php wp-load.php wp-trackback.php
wp-activate.php wp-content wp-login.php xmlrpc.php
wp-admin wp-cron.php wp-mail.php
[root@Server-NFS-DNS wordpress]# 5.3. Server-NFS-DNS端设置NFS共享
目的:将Server-NFS-DNS端的/wordpress 目录共享给 192.168.179.128(Server-Web)
[root@Server-NFS-DNS wordpress]# yum install rpcbind -y
[root@Server-NFS-DNS wordpress]# yum install nfs-utils -y
[root@Server-NFS-DNS wordpress]# cd ~
[root@Server-NFS-DNS ~]# vim /etc/exports #编辑配置文件
#设置权限
[root@Server-NFS-DNS ~]# chmod -Rf 777 /wordpress
#防火墙添加服务放行
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=mountd
success
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=rpc-bind
success
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=nfs
success
[root@Server-NFS-DNS ~]# firewall-cmd --reload
success
#重启服务
[root@Server-NFS-DNS ~]# systemctl start rpcbind
[root@Server-NFS-DNS ~]# systemctl start nfs-server
[root@Server-NFS-DNS ~]#
其中,配置文件文件vim /etc/exports修改如下:
5.4. Server-web设置
5.4.1. 挂载远程共享目录
[root@Server-Web ~]# showmount -e 192.168.179.129 #查看
Export list for 192.168.179.129:
/wordpress 192.168.179.128
[root@Server-Web ~]# mkdir /wp #新建本地挂载目录
[root@Server-Web ~]# mount -t nfs 192.168.179.129:/wordpress /wp #挂载
[root@Server-Web ~]# cd /wp
[root@Server-Web wp]# ls
index.php wp-blog-header.php wp-includes wp-settings.php
license.txt wp-comments-post.php wp-links-opml.php wp-signup.php
readme.html wp-config-sample.php wp-load.php wp-trackback.php
wp-activate.php wp-content wp-login.php xmlrpc.php
wp-admin wp-cron.php wp-mail.php
[root@Server-Web wp]#
5.4.2. nginx设置
[root@Server-Web wp]# cd ~
[root@Server-Web ~]# firewall-cmd --permanent --zone public --add-service=http #放行
success
[root@Server-Web ~]# firewall-cmd --reload
success
[root@Server-Web ~]# vim /etc/nginx/nginx.conf #编辑nginx配置文件
[root@Server-Web ~]#其中,配置文件vim /etc/nginx/nginx.conf修改如下:
配置文件中,只用修改root所在行就可以。
5.4.3. 修改wordpress配置文件
[root@Server-Web ~]# cd /wp
[root@Server-Web wp]# cp wp-config-sample.php wp-config.php
[root@Server-Web wp]# vim wp-config.php
[root@Server-Web wp]# 其中,配置文件vim wp-config.php修改如下:
23行是WordPress数据库名称,26行是MySQL数据库 用户名,29行是MySQL数 据库密码。
5.4.4. 启动数据库
[root@Server-Web wp]# cd ~
[root@Server-Web ~]# systemctl start mariadb
[root@Server-Web ~]#5.4.5. 在数据库中创建数据库和用户
[root@Server-Web ~]# mysql
MariaDB [(none)]> create database wordpress;
# 创建数据库,尾部有分号
MariaDB [(none)]> create user 'test1'@'localhost' identified by '123456';
# 第一个''为数据库账号,@后面的''内容为数据库可以登
录的地址,localhost意为只能本机登录。用户和密码与
wordpress配置文件一样,
MariaDB [(none)]> grant all on wordpress.* to 'test1'@'localhost'; # 给用户授权
MariaDB [(none)]> exit # 退出5.4.6. 重启数据库和http
[root@Server-Web ~]# systemctl restart mariadb
[root@Server-Web ~]# systemctl restart nginx5.5测试
在windows端输入192.168.48.130继续完成wordpress 配置 (邮箱必须设置)
进入后,我们会看到以下界面:
之后就可以填入自己的信息了!
信息填写完成后,就可以安装了。
此界面就是我们登录成功后的界面了。
5.6. 在Server-NFS-DNS端配置DNS
原则:www.openlab.com 正向解析为 192.168.48.130
1.安装:
[root@Server-NFS-DNS ~]# cd ~
[root@Server-NFS-DNS ~]# yum install bind -y
#防火墙放行
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=dns
success
[root@Server-NFS-DNS ~]# firewall-cmd --reload
success
[root@Server-NFS-DNS ~]# systemctl start named
[root@Server-NFS-DNS ~]#
2.编辑主配置文件:vim /etc/named.conf
修改11行、19行。
3.修改区域配置文件,清空添加:vim /etc/named.rfc1912.zones
4.新建区域数据文件并配置解析
[root@Server-NFS-DNS ~]# cd /var/named
[root@Server-NFS-DNS named]# cp -a named.localhost openlab.com.zone
# 添加正向解析,注意:解析为192.168.48.130web服务器
[root@Server-NFS-DNS named]# vim openlab.com.zone
[root@Server-NFS-DNS named]#
其中,配置文件vim openlab.com.zone修改如下:
5.启动服务
[root@Server-NFS-DNS named]# systemctl restart named6.测试
将Server-Web端的DNS改为192.168.48.131后并输入w ww.openlab.com域名访问
显示此界面,说明该实验已经完成了。
扫一扫
9286
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
