Day 22
LVS的配置
========环境准备=======
DSN() 用来解析各主机的域名和ip地址,配置域名解析huajuan,负责管理其他主机
web1--->web1.tangpin.huajuan
web2--->web2.tangpin.huajuan
dns--->dns.tangpin.huajuan
web1(192.168.2.200) 用nginx部署
web2(192.168.2.201) 用nginx部署
nat(添加一块网卡,ip为192.168.2.202,vip为192.168.2.203)
dns(192.168.2.204)
client(192.168.2.205)
# 正常来说应该配置两个不同的网段的ip,一个对外ip,一个对内的ip,现在只要使用nat的网络模式,可以配置桥接模式对外,nat对内,但也可将两个ip的网络模式均设置为vm2【nat】模式,并且保证物理机都能Ping通这两个ip。
Web主机
======web1=======
[root@web1 ~]# yum -y install nginx
[root@web1 ~]# echo '====web1======' /usr/share/nginx/html/index.html
====web1====== /usr/share/nginx/html/index.html
[root@web1 ~]# nginx
[root@web1 ~]# ss -lntpu|grep 80
tcp LISTEN 0 128 *:80 *:* users:(("nginx",pid=1575,fd=6),("nginx",pid=1574,fd=6))
tcp LISTEN 0 128 :::80 :::* users:(("nginx",pid=1575,fd=7),("nginx",pid=1574,fd=7))
浏览器访问进行测试,能看到重新编写的页面
======web2========
[root@web2 ~]# yum -y install nginx^C
[root@web2 ~]# echo '====web2======' /usr/share/nginx
====web2====== /usr/share/nginx/html/index.html
[root@web2 ~]# nginx
[root@web2 ~]# ss -lntpu|grep 80
tcp LISTEN 0 128 *:80 *:* users:(("nginx",pid=1837,fd=6),("nginx",pid=1836,fd=6))
tcp LISTEN 0 128 :::80 :::* users:(("nginx",pid=1837,fd=7),("nginx",pid=1836,fd=7))
======Nat主机=======
[root@nat ~]#ping nat.tangoin.huajuan
[root@nat ~]# yum -y install ntpdate
[root@nat ~]# ntpdate cn.ntp.org.cn
12 Aug 14:12:20 ntpdate[1580]: adjust time server 203.107.6.88 offset 0.011727 sec
[root@nat ~]# which ntpdate
/usr/sbin/ntpdate
[root@nat ~]# crontab -e
* 2 * * * /usr/sbin/ntpdate cn.ntp.org.cn
[root@dns ~]# crontab -l
30 2 * * * /usr/sbin/ntpdate 192.168.2.202
[root@nat ~]# yum -y install ntp
[root@nat ~]# systemctl start ntpd
[root@nat ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
======DNS服务搭建=======
1、安装bind软件
[root@DNS ~]# yum search bind # 查询是否有bind
[root@DNS ~]# yum -y install bind # 安装
[root@DNS ~]#yum list installed|grep bind
[root@DNS ~]#rpm -ql bind
/etc/named.conf /etc/named.rfc1912.zones
[root@DNS ~]#systemctl start named
2、备份两个文件
[root@DNS ~]# cp /etc/named.conf /etc/named.conf.bak
[root@DNS ~]# cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bak
3、修改named.conf文件
[root@DNS ~]# vim /etc/named.conf
listen-on port 53 { 127.0.0.1;any; };
allow-query { localhost;any; };
[root@DNS ~]#systemctl restart named
[root@DNS ~]#vim /etc/named.rfc1912.zones
zone "tangpin.huajuan" IN {
type master;
file "tangpin.huajuan.zone";
allow-update { none; };
};
[root@DNS ~]# ls /var/named/
data named.ca named.localhost slaves dynamic named.empty named.loopback
4、创建文件,定义正向解析
[root@DNS ~]# cd /var/named/
[root@DNS named]# cp -p named.localhost tangpin.huajuan.zone
5、编辑域名文件
[root@DNS named]#vim tangpin.huajuan.zone
......
NS @
A 127.0.0.1
AAAA ::1
nat A 192.168.2.202(nat主机的ip)
xn A 192.168.2.203(nat主机的虚拟ip)
web1 A 192.168.2.200(web1主机的ip)
web2 A 192.168.2.201(web2主机的ip)
4、检查配置文件
[root@DNS named]# named-checkconf /etc/named.conf
[root@DNS named]# named-checkconf /etc/named.rfc1912.zones
[root@DNS named]# named-checkzone tangpin.huajuan.zone tangpin.huajuan.zone
[root@DNS named]# systemctl restart named
5、真机访问测试
依次ping web1.tangpin.huajuan、ping web2.tangpin.huajuan、ping nat.tangpin.huajuan
ping www.yuanyu.zhangmin
PING nat.tangpin.huajuan (192.168.2.202) 56(84) bytes of data.
64 bytes fromnat.tangpin.huajuan (192.168.2.202): icmp_seq=1ttl=64 time=0.011 ms
64 bytes from nat.tangpin.huajuan (192.168.2.202): icmp_seq=2ttl=64 time=0.026 ms
64 bytes from nat.tangpin.huajuan (192.168.2.202): icmp_seq=3ttl=64 time=0.022 ms
64 bytes from nat.tangpin.huajuan (192.168.2.202): icmp_seq=4ttl=64 time=0.043 ms
======client测试=======
[root@client ~]#vim /etc/sysconfig/network-scripts/ifcfg-ens33
DNS3=192.168.2.204 # 将DNS服务器ip地址(或者域名)添加进去
[root@DNS ~]# crontab -e
30 2 * * * /usr/sbin/ntpdate 192.168.2.202
======NAT模式搭建实战(nat主机)=======
# 安装ipvsadm
[root@dns ~]# yum -y install ipvsadm
# 清空之前的规则
[root@nat ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.203:80 rr
# 添加对外网的规则(vip)
[root@nat ~]# ipvsadm -A -t 192.168.2.203:80 -s rr
【公网ip】
[root@nat ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.203:80 rr
# 添加对内网的规则
[root@nat ~]# ipvsadm -a -t 192.168.2.202:80 -r 192.168.2.200:80 -m
内网 web1
[root@nat ~]# ipvsadm -a -t 192.168.2.202:80 -r 192.168.2.200:80 -m
【内网】 【web2】
Mysql主从复制补充
slave服务器不⼩⼼写⼊数据的解决⽅案
1. 正常情况下,master既可以读,也可以写,但是slave从服务器
只能读取操作,⼀旦我们在slave从服务器中写⼊数据,主从结
构会失败。
2. show slave status\G
3. 如果数据⽐较少,可以通过跳过当前语句的⽅式解决,但是如果从服务器写⼊的数据⽐较多,架构必须重新搭建
4. 可通过变量sql_slave_skip_counter临时跳过事务进⾏处理
mysql> set GLOBAL sql_slave_skip_counter=N # n代表跳过的n个事务
mysql> stop slave;
mysql> start slave;
5. 跳过事务应该在slave上运⾏
6. 传统的ab复制⽅式可以使⽤,基于GTIDs的⽅式不⽀持基于gtids的主从复制搭建
基于gtids的主从复制搭建
1. 什么是GTIDs
1)Global transaction identifiers 全局事务标识符,是mysql5.6新加⼊的技术
2)使⽤GTIDs时,每⼀个事务都可以被识别和个跟踪
3)添加的新的slave或者发⽣故障时,需要将master身份或者⻆⾊迁移到slave上时,都需要考虑哪⼀个⼆进制⽇志以及哪个position值,极⼤简化了相关操作。
4)GTIDs是完全基于事务的,因此不⽀持MYISAM存储引擎
5) GTIDs由source_id 和transaction组成;
source_id来源于server.uuid可以在auto.cnf中看到;tansaction_id 是⼀个序列数字,⾃动⽣成
2. 限制条件
1)不⽀持⾮事务引擎(MyISAM)因为可以回导致多个gtid分布给同⼀个事务
2)create table select语句不⽀持(主库语法报错)
3) create、drop temprary table语法不⽀持
4)必须使⽤enforce-gtid-consistency参数
5)sql-slave-skip-counter不⽀持
6) gtid复制环境中必须统⼀开启gtid或者关闭gtid
7)在5.7之前使⽤mysql upgrade命令也会出现问题
3. replication是基于传统的⽅式部署,并且已经在运⾏,利⽤已经
存在的环境升级⾄基于GTIDs的replication
1)修改配置⽂件,⽀持GTIDs(主从)
2)重启数据库(主从)
3)为了保证数据⼀直,master和slave都设置为只读
4)从服务器上重新配置同步
4. 实践步骤
1)修改配置⽂件⽀持GTIDs
=======master的配置=========
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
socket=/tmp/mysql.sock
port=3306
log-error=/usr/local/mysql/data/db01-
master.err
log-bin=/usr/local/mysql/data/binlog
server-id=10
character_set_server=utf8mb4
gtid-mode=on
log-slave-updates=1
enforce-gtid-consistency
=======slave的配置=========
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
socket=/tmp/mysql.sock
port=3310
log-error=/usr/local/mysql/data/db01-
slave.err
relay-log=/usr/local/mysql/data/relaylog
server-id=11
character_set_server=utf8mb4
log-bin=/usr/local/mysql/data/binlog
gtid-mode=on
log-slave-updates=1
enforce-gtid-consistency
skip-slave-start
2)重启启动mysql服务
[root@mysql001 ~]# service mysql8 restart
Shutting down MySQL.......... SUCCESS!
Starting MySQL.. SUCCESS!
[root@slave ~]# service mysql8 restart
Shutting down MySQL.. SUCCESS!
Starting MySQL... SUCCESS!
3)主从配置只读模式
mysql> set @@global.read_only=ON;
Query OK, 0 rows affected (0.00 sec)
mysql> set @@global.read_only=ON;
Query OK, 0 rows affected (0.00 sec)
4) slave重新配置change master to
mysql> stop slave;
mysql> reset slave;
mysql> change master to
-> master_host='10.1.1.100',
-> master_user='slave',
-> master_password='slave_123',
-> master_port=3306,
-> master_auto_position=1;
Query OK, 0 rows affected, 8 warnings (0.01sec)
mysql> start slave;
mysql> show slave status\G
5)关闭主从服务器的只读模式
mysql> set @@global.read_only=OFF;
Query OK, 0 rows affected (0.00 sec)
mysql> set @@global.read_only=OFF;
Query OK, 0 rows affected (0.00 sec)
6)获得公钥
[root@slave ~]# mysql -uslave -pslave_123 -h
10.1.1.100 -P3306 --get-server-public-key
mysql: [Warning] Using a password on the
command line interface can be insecure.
Welcome to the MySQL monitor. Commands end
with ; or \g.
Your MySQL connection id is 11
Server version: 8.0.33 MySQL Community
Server - GPL
Copyright (c) 2000, 2023, Oracle and/or its
affiliates.
Oracle is a registered trademark of Oracle
Corporation and/or its
affiliates. Other names may be trademarks of
their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to
clear the current input statement.
mysql> quit
Bye
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
