目录
架构演变
- 单机版
- 独立数据库服务器
- web服务器集群与session保持:有一台调度器
- web服务器集群与session保持:调度器组(心跳)\nginx集群<->FPM或Tomcat应用服务器<->数据库
web1 | 192.168.88.11/24 |
web2 | 192.168.88.12/24 |
web3 | 192.168.88.13/24 |
database | 192.168.88.21/24 |
nfs | 192.168.88.31/24 |
haproxy01 | 192.168.88.5 |
haproxy02 | 192.168.88.6 |
单机版LNMP
安装软件
- 创建虚拟机,并配置防火墙、SELINUX、主机名、IP地址、yum、有了ansible软件主机
- 配置ansible管理环境
- ansible.cfg 、 inventory、file目录
- yum文件
#files/local88.repo
[BaseOS]
name = BaseOS
baseurl = ftp://192.168.88.240/dvd/BaseOS
enabled = 1
gpgcheck = 0
[AppStream]
name = AppStream
baseurl = ftp://192.168.88.240/dvd/AppStream
enabled = 1
gpgcheck = 0
[rpms]
name = rpms
baseurl = ftp://192.168.88.240/rpms
enabled = 1
gpgcheck = 0
# 01-upload-repo.yml
---
- name: config repos.d
hosts: all
tasks:
- name: delete repos.d
file:
path: /etc/yum.repos.d
state: absent
- name: create repos.d
file:
path: /etc/yum.repos.d
state: directory
mode: '0755'
- name: upload local88
copy:
src: files/local88.repo
dest: /etc/yum.repos.d/
nginx配置
- 配置web1服务
#02-config-web1.yml
---
- name: config web1
hosts: webservers
tasks:
- name: install pkgs # 安装软件包
yum:
name:
- nginx
- mysql-server
- php-mysqlnd
- php-fpm
- php-json
state: present
- name: start service # 循环启动多个服务
service:
name: "{{item}}"
state: started
enabled: yes
loop:
- nginx
- php-fpm
- mysqld
- 编写php文件,并访问http://192.168.88.11/测试
- 验证nginx和php-fpm是否连接
// 创建/usr/share/nginx/html/index.php
<?php
phpinfo();
?>
配置数据库
- 安装Wordpress网站,需要数据库,创建数据库并授权
[root@pubserver project01]# vim files/config_mysql.sh
#!/bin/bashmysql -e "create database wordpress character set utf8mb4"
mysql -e "create user wpuser01@localhost identified by 'wordpress'"
mysql -e "grant all privileges on wordpress.* to wpuser01@localhost"# 2. 通过ansible的script模块执行脚本
[root@pubserver project01]# vim 03-config-mysql.yml
---
- name: config mysql
hosts: web1
tasks:
- name: create database
script: files/config_mysql.sh[root@pubserver project01]# ansible-playbook 03-config-mysql.yml
# 3. 测试账号,如果可以成功登陆mysql,则数据库和用户创建正确
[root@web1 ~]# mysql -uwpuser01 -pwordpress -hlocalhost wordpress
部署wordpress
- 复制程序文件到nginx工作目录
# 1. 拷贝wordpress到web1
# 2. 解压并复制文件到nginx文档目录
[root@web1 ~]# tar xf wordpress-6.1.1-zh_CN.tar.gz
[root@web1 ~]# cp -r wordpress/* /usr/share/nginx/html/
# 3. php程序是由php-fpm处理的,php-fpm以apache身份运行
[root@web1 ~]# ps aux | grep php-fpm
root 5655 0.0 0.4 395620 19056 ? Ss 12:13 0:00 php-fpm: master process (/etc/php-fpm.conf)
apache 5670 0.0 0.3 412108 13812 ? S 12:13 0:00 php-fpm: pool www
# 4. 为了让php-fpm程序能对html目录进行读写操作,需要为他授予权限
[root@web1 ~]# chown -R apache:apache /usr/share/nginx/html/
- 访问http://192.168.88.11/,根据提示进行初始化
web与数据库服务分离
- 修改ansible配置环境
- 配置数据库服务器
# 1. 修改yum配置
[root@pubserver project01]# ansible-playbook 01-upload-repo.yml
# 2. 安装数据库服务,并创建数据库及用户
[root@pubserver project01]# vim files/config_mysql2.sh
#!/bin/bash
mysql -e "create database wordpress character set utf8mb4"
mysql -e "create user wpuser01@'%' identified by 'wordpress'"
mysql -e "grant all privileges on wordpress.* to wpuser01@'%'"
[root@pubserver project01]# vim 04-config-database.yml
---
- name: config database
hosts: dbs
tasks:
- name: install mysql # 安装数据库服务
yum:
name: mysql-server
state: present
- name: start service # 启动数据库服务
service:
name: mysqld
state: started
enabled: yes
- name: create database
script: files/config_mysql2.sh
[root@pubserver project01]# ansible-playbook 04-config-database.yml
- 迁移数据库
迁移数据库
# 1. 在源服务器上备份数据库中的数据。备份数据库wordpress中的数据到wordpress.sql文件
[root@web1 ~]# mysqldump wordpress > wordpress.sql
# 2. 将备份文件拷贝到新数据库服务器
[root@web1 ~]# scp wordpress.sql 192.168.88.21:/root/
# 3. 在新数据库服务器上,导入数据。将wordpress.sql中的数据导入到wordpress数据库中
[root@database ~]# mysql wordpress < wordpress.sql
# 4. 修改php网站,将数据库服务器地址,指向新数据库服务器
[root@web1 ~]# vim /usr/share/nginx/html/wp-config.php
...略...
31 /** Database hostname */
32 define( 'DB_HOST', '192.168.88.21' );
...略...
# 5. 停止web1上的数据库服务,wordpress网站仍然可以访问
[root@web1 ~]# systemctl stop mysqld
[root@web1 ~]# yum remove -y mysql-server
# 6. 停止database上的数据库服务,wordpress将不能访问
- 查询数据库内容
[root@database ~]# mysql # 打开mysql命令行
mysql> show databases; # 查看有哪些数据库
mysql> use wordpress; # 切换到wordpress数据库
mysql> show tables; # 查看wordpress库中有哪些表
mysql> select * from wp_posts\G # 查看wp_posts表中的内容
配置额外的web服务器
- 配置web服务
- 将web1的html目录打包并下载
- 释放html压缩包到web2和web3上
#vim 06-fetch-web1.yml
---
- name: copy web
hosts: web1
tasks:
- name: compress html # 压缩html目录到/root下
archive:
path: /usr/share/nginx/html
dest: /root/html.tar.gz
format: gz
- name: download html # 下载压缩文件
fetch:
src: /root/html.tar.gz
dest: files/
flat: yes
#07-deploy-web23.yml
---
- name: deploy web2 and web3
hosts: web2,web3
tasks:
- name: unarchive to web # 解压文件到指定位置
unarchive:
src: files/html.tar.gz
dest: /usr/share/nginx/
总结:在web1主机上部署wordpress,将数据库进行迁移,需要将旧数据下载传输到新主机上,并修改php文件告诉wordpress新数据库位置;web集群,将web1上的wp传输其他web主机上;
配置NFS服务器
- 配置ansible环境
- 配置nfs服务
# 1. 配置yum
[root@pubserver project01]# ansible-playbook 01-upload-repo.yml
# 2. 配置nfs服务
[root@pubserver project01]# vim 08-config-nfs.yml
---
- name: config nfs
hosts: nfs
tasks:
- name: install nfs # 安装nfs
yum:
name: nfs-utils
state: present
- name: mkdir /nfs_root # 创建共享目录
file:
path: /nfs_root
state: directory
mode: "0755"
- name: nfs share # 修改配置文件
lineinfile:
path: /etc/exports
line: '/nfs_root 192.168.88.0/24(rw)'
- name: start service # 循环启动服务
service:
name: "{{item}}"
state: started
enabled: yes
loop:
- rpcbind # nfs服务依赖rpcbind服务
- nfs-server
[root@pubserver project01]# ansible-playbook 08-config-nfs.yml
# 3. 查看共享输出
[root@nfs ~]# showmount -e
Export list for nfs:
/nfs_root 192.168.88.0/24
- 迁移文件至nfs共享
# 1. 重新下载web1的html目录
[root@pubserver project01]# cp 06-fetch-web1.yml 09-fetch-web1.yml
---
- name: copy web
hosts: web1
tasks:
- name: compress html # 压缩html目录到/root下
archive:
path: /usr/share/nginx/html
dest: /root/html2.tar.gz
format: gz
- name: download html
fetch:
src: /root/html2.tar.gz # 下载压缩文件
dest: files/
flat: yes
[root@pubserver project01]# ansible-playbook 09-fetch-web1.yml
# 2. 释放压缩包到nfs服务器
[root@pubserver project01]# cp 07-deploy-web23.yml 10-deploy-nfs.yml
[root@pubserver project01]# vim 10-deploy-nfs.yml
---
- name: deploy nfs
hosts: nfs
tasks:
- name: unarchive to web # 将控制端压缩文件解压到指定位置
unarchive:
src: files/html2.tar.gz
dest: /nfs_root/
[root@pubserver project01]# ansible-playbook 10-deploy-nfs.yml
# 3. 清除web服务器的html目录
[root@pubserver project01]# vim 11-rm-html.yml
---
- name: rm html
hosts: webservers
tasks:
- name: rm html
file:
path: /usr/share/nginx/html
state: absent
- name: create html
file:
path: /usr/share/nginx/html
state: directory
owner: apache
group: apache
mode: "0755"
[root@pubserver project01]# ansible-playbook 11-rm-html.yml
# 4. 挂载nfs到web服务器
[root@pubserver project01]# vim 12-mount-nfs.yml
---
- name: mount nfs
hosts: webservers
tasks:
- name: install nfs
yum:
name: nfs-utils
state: present
- name: mount nfs
mount:
path: /usr/share/nginx/html
src: 192.168.88.31:/nfs_root/html
fstype: nfs
state: mounted
[root@pubserver project01]# ansible-playbook 12-mount-nfs.yml
配置代理服务器
- 配置ansible环境
- 配置高可用keepalive、负载均衡haproxy功能
# 1. 配置yum
[root@pubserver project01]# ansible-playbook 01-upload-repo.yml
# 2. 配置调度服务器
[root@pubserver project01]# vim 13-install-lb.yml
---
- name: install lb
hosts: lb
tasks:
- name: install pkg
yum:
name: haproxy,keepalived
state: present
[root@pubserver project01]# ansible-playbook 13-install-lb.yml
# 3. 修改配置文件并启动服务
[root@pubserver project01]# vim 14-config-lb.yml
---
- name: config haproxy
hosts: lb
tasks:
- name: rm lines
shell: sed -i '64,$d' /etc/haproxy/haproxy.cfg
- name: add lines
blockinfile:
path: /etc/haproxy/haproxy.cfg
block: |
listen wordpress
bind 0.0.0.0:80
balance roundrobin
server web1 192.168.88.11:80 check inter 2000 rise 2 fall 5
server web2 192.168.88.12:80 check inter 2000 rise 2 fall 5
server web3 192.168.88.13:80 check inter 2000 rise 2 fall 5
listen mon
bind 0.0.0.0:1080
stats refresh 30s
stats uri /mon
stats auth admin:admin
- name: start service
service:
name: haproxy
state: started
enabled: yes
[root@pubserver project01]# ansible-playbook 14-config-lb.yml
# 4. haproxy1配置keepalived,实现高可用集群
[root@haproxy1 ~]# vim /etc/keepalived/keepalived.conf
...略...
12 router_id haproxy1 # 为本机取一个唯一的id
13 vrrp_iptables # 自动开启iptables放行规则
...略...
20 vrrp_instance VI_1 {
21 state MASTER # 主服务器状态是MASTER
22 interface eth0
23 virtual_router_id 51
24 priority 100
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress {
31 192.168.88.80 # vip地址
32 }
33 }
# 以下全部删除
# 5. haproxy2配置keepalived
[root@haproxy1 ~]# scp /etc/keepalived/keepalived.conf 192.168.88.6:/etc/keepalived/
[root@haproxy2 ~]# vim /etc/keepalived/keepalived.conf
...略...
12 router_id haproxy2 # 为本机取一个唯一的id
13 vrrp_iptables # 自动开启iptables放行规则
...略...
20 vrrp_instance VI_1 {
21 state BACKUP # 备份服务器状态是BACKUP
22 interface eth0
23 virtual_router_id 51
24 priority 80 # 备份服务器优先级低于主服务器
25 advert_int 1
26 authentication {
27 auth_type PASS
28 auth_pass 1111
29 }
30 virtual_ipaddress {
31 192.168.88.80
32 }
33 }
# 6. 启动服务
[root@haproxy1 ~]# systemctl enable keepalived.service --now
[root@haproxy2 ~]# systemctl enable keepalived.service --now
# 7. 验证。haproxy1上出现VIP。客户端访问http://192.168.88.80即可
[root@haproxy1 ~]# ip a s | grep 192
inet 192.168.88.5/24 brd 192.168.88.255 scope global noprefixroute eth0
inet 192.168.88.80/32 scope global eth0
当点击http://www.lab.com页面中任意链接时,地址栏上的地址,都会变成192.168.88.11。通过以下方式修复它:
# 在nfs服务器上修改配置文件
[root@nfs ~]# vim /nfs_root/html/wp-config.php
# define('DB_NAME', 'wordpress')它的上方添加以下两行:
define('WP_SITEURL', 'http://www.lab.com');
define('WP_HOME', 'http://www.lab.com');
ansible.cfg 和inventory文件最终版
[root@pubserver project01]# vim inventory
[webservers]
web1 ansible_host=192.168.88.11
web2 ansible_host=192.168.88.12
web3 ansible_host=192.168.88.13
[dbs]
database ansible_host=192.168.88.21
[storages]
nfs ansible_host=192.168.88.31
[lb]
haproxy1 ansible_host=192.168.88.5
haproxy2 ansible_host=192.168.88.6
[all:vars]
ansible_ssh_user=root
ansible_ssh_pass=a
[root@pubserver project01]# vim ansible.cfg
[defaults]
inventory = inventory
host_key_checking = false
总结:将wp的页面文件html/*放到nfs主机上并与原地址进行挂载;改变haproxy配置文件实现负载均衡;配置keepalive文件实现高可用;