阶段总结——用虚拟机搭建一个高可用负载均衡集群架构
linux基本知识已经介绍完,现有一个业务需要操作,通过对这个项目的操作,可以复习、总结、巩固之前的知识点;
用13台虚拟机搭建一个高可用负载均衡集群架构出来,并运行三个站点,具体需求如下
1 设计你认为合理的架构,用visio把架构图画出来
2 搭建lnmp、tomcat+jdk环境
3 三个站点分别为:discuz论坛、dedecms企业网站以及zrlog博客
4 由于机器有限,尽可能地把三个站点放到同一台服务器上,然后做负载均衡集群,要求所有站点域名解析到一个ip上,也就是说只有一个出口ip
5 需要共享静态文件,比如discuz需要共享的目录是 data/attachment,dedecms需要共享upload(具体目录,你可以先上传一个图片,查看图片所在目录)
6 设计合理的目录、文件权限,比如discuz的data目录需要给php-fpm进程用户可写权限,其他目录不用写的就不要给写权限(目录755,文件644,属主属组root)
7 所有服务器要求只能普通用户登录,而且只能密钥登录,root只能普通用户sudo
8 给所有服务器做一个简单的命令审计功能
9 php-fpm服务要求设置慢执行日志,超时时间为2s,并做日志切割,日志保留一月
10 所有站点都需要配置访问日志,并做日志切割,要求静态文件日志不做记录,日志保留一月
11 制定合理的mysql数据备份方案,并写备份脚本,要求把备份数据传输到备份服务器
12 制定代码、静态文件的备份方案,并写备份脚本,要求把备份数据传输到备份服务器
12 编写数据恢复文档,能保证当数据丢失在2小时内恢复所有数据
13 搭建zabbix监控告警系统,要求监控各个基础指标(cpu、内存、硬盘),网卡流量需要成图,还需要监控web站点的可用性,
14 定制自定义监控脚本,监控web服务器的并发连接数,接入zabbix,成图,设置触发器,超过100告警
15 定制自定义监控脚本,监控mysql的队列,接入zabbix,成图,设置触发器,队列超过300告警
16 定制自定义监控脚本,监控mysql的慢查询日志,接入zabbix,成图,设置触发器,每分钟超过60条日志需要告警,需要仔细分析慢查询日志的规律,确定日志条数
17 利用jmx,在zabbix上监控tomcat
18 给三个站点的后台访问做二次认证,增加安全性
19 用shell脚本实现文件、代码同步上线(参考分发系统)
第一步:先完成基础架构:
1 设计你认为合理的架构,用visio把架构图画出来
2 搭建lnmp、tomcat+jdk环境
3 三个站点分别为:discuz论坛、dedecms企业网站以及zrlog博客
4 由于机器有限,尽可能地把三个站点放到同一台服务器上,然后做负载均衡集群,要求所有站点域名解析到一个ip上,也就是说只有一个出口ip
5 需要共享静态文件,比如discuz需要共享的目录是 data/attachment,dedecms需要共享upload(具体目录,你可以先上传一个图片,查看图片所在目录)
6 设计合理的目录、文件权限,比如discuz的data目录需要给php-fpm进程用户可写权限,其他目录不用写的就不要给写权限(目录755,文件644,属主属组root)
19 给三个站点的后台访问做二次认证,增加安全性;
第二部分:布置监控、以及日志查询等
14 搭建zabbix监控告警系统,要求监控各个基础指标(cpu、内存、硬盘),网卡流量需要成图,还需要监控web站点的可用性,
15 定制自定义监控脚本,监控web服务器的并发连接数,超过100告警
16 定制自定义监控脚本,监控mysql的队列,队列超过300告警
17 定制自定义监控脚本,监控mysql的慢查询日志,每分钟超过60条日志需要告警,需要仔细分析慢查询日志的规律,确定日志条数
18 利用jmx,在zabbix上监控tomcat
8 给所有服务器做一个简单的命令审计功能
9 php-fpm服务要求设置慢执行日志,超时时间为2s,并做日志切割,日志保留一月
10 所有站点都需要配置访问日志,并做日志切割,要求静态文件日志不做记录,日志保留一月
第三部分:数据备份及分发
11 制定合理的mysql数据备份方案,并写备份脚本,要求把备份数据传输到备份服务器
12 制定代码、静态文件的备份方案,并写备份脚本,要求备份
13 编写数据恢复文档,能保证当数据丢失在2小时内恢复所有数据
20 用shell脚本实现文件、代码同步上线(参考分发系统)
7 所有服务器要求只能普通用户登录,而且只能密钥登录,root只能普通用户sudo
集群环境搭建
一、准备工作
1.1 集群架构图
1 设计你认为合理的架构,用visio把架构图画出来
1.2 机器分配
- 机器分配: 由于电脑配置问题,我分配了9台机器,做实验;
mysql服务器:
主机名 IP 功能 zq00 192.168.112.180 Master zq01 192.168.112.181 Slave1 zq02 192.168.112.182 Slave2 Mycat读写分离调度器+备份服务器
主机名 IP 功能 zq03 192.168.112.183 mycat Web服务器:
主机名 IP 功能 zq04 192.168.112.184 zabbix、NFS服务器 zq05 192.168.112.185 web服务器 zq06 192.168.112.186 web服务器 负载均衡服务器:
主机名 IP 功能 zq07 192.168.112.187 dir zq08 192.168.112.188 load dir
确定好机器的角色后,现在怎么创建这些机器?有以下两种方法:
1、批量远程执行命令的expect脚本,这个我测试过,速度太慢;
2、利用虚拟机的优势克隆;
3、整体同步;
实际应用还是需要:批量远程执行命令的expect脚本; 目前主要是测试,因此这3种方法,我将都会利用到;
二、安装mysql
首先用VMware创建虚拟机zq00;ip设为:192.168.112.180;并用xshell远程连接;
安装一些常用工具
[root@zq00 ~]# yum -y install expect vim-enhanced epel-release libmcrypt-devel libmcrypt
安装mysql,最后输出为0,为操作正确
[root@zq00 ~]# cd /usr/local/src/; yum install -y epel-release wget perl-Module-Install.noarch libaio*; wget http://mirrors.sohu.com/mysql/MySQL-5.6/mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz; tar -zxf mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz; mv mysql-5.6.36-linux-glibc2.5-x86_64 ../mysql; cd /usr/local/mysql; mkdir /data/; useradd mysql; ./scripts/mysql_install_db --user=mysql --datadir=/data/mysql; echo $?
更改配置文件 ,更改以下目录
[root@zq00 ~]# vim /etc/my.cnf
[mysqld]
datadir=/data/mysql
socket=/tmp/mysql.sock
修改启动mysql启动脚本
[root@zq00 ~]# cd /usr/local/mysql/
[root@zq00 mysql]# ls support-files/ //mysql的启动脚本也在此目录下
binary-configure magic my-default.cnf mysqld_multi.server mysql-log-rotate mysql.server
[root@zq00 mysql]# cp support-files/mysql.server /etc/init.d/mysqld //把mysql.server复制到mysqld这个新目录
[root@zq00 mysql]# vim !$ //编辑此脚本文件
vim /etc/init.d/mysqld
..... //下面为在编辑mysqld下
basedir=/usr/local/mysql //指定mysql 的程序目录
datadir=/data/mysql //指定日期目录
开启服务
[root@zq00 mysql]# chkconfig --add mysqld
[root@zq00 mysql]# chkconfig --list
注:该输出结果只显示 SysV 服务,并不包含
原生 systemd 服务。SysV 配置数据
可能被原生 systemd 配置覆盖。
要列出 systemd 服务,请执行 'systemctl list-unit-files'。
查看在具体 target 启用的服务请执行
'systemctl list-dependencies [target]'。
mysqld 0:关 1:关 2:开 3:开 4:开 5:开 6:关 //系统服务开启
netconsole 0:关 1:关 2:关 3:关 4:关 5:关 6:关
network 0:关 1:关 2:关 3:关 4:关 5:关 6:关
开启mysql
[root@zq00 mysql]# service mysqld start
Starting MySQL.Logging to '/data/mysql/zq00.err'.
进入mysql,设置密码
[root@zq00 ~]# mysql -uroot
mysql> set password=password('www123');
mysql> quit
Bye
[root@zq00 ~]# service mysqld restart //重启mysql服务
配置环境变量
[root@zq00 ~]# mysql -uroot //直接启动,找不到mysql命令
-bash: mysql: 未找到命令
[root@zq00 ~]# vim /etc/profile
export PATH=$PATH:/usr/local/mysql/bin/ //在配置文件中,添加此行语句
[root@zq00 ~]# source /etc/profile //加载配置文件
设置mysql密码
[root@zq00 ~]# mysqladmin -uroot password 'www123' //设置密码为 www123
Warning: Using a password on the command line interface can be insecure.
此时配置完之后,开始克隆zq01、zq02、zq03、zq04这4台机器,因为mysql每台机器都需要的;
[root@zq00 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
IPADDR=192.168.112.181
重启网络服务
[root@zq00 ~]# systemctl restart networkw.service
更改主机名
[root@zq00 ~]# hostnamectl set-hostname zq01
[root@zq00 ~]# bash
[root@zq01 ~]#
依次更改IP,以及主机名;
三、创建myaql主从服务
根据架构,zq00为master,zq01、zq02为slaver1、slaver2
在zq00上,修改配置文件
[root@zq00 ~]# vim /etc/my.cnf
[mysqld]
server-id=180 //定义id,
log_bin=master-bin //定义log_bin
在zq00上,修改配置文件
[root@zq01 ~]# vim /etc/my.cnf
[mysqld]
server-id=181 //定义id,这个与master不一致即可
在zq02上,修改配置文件
[root@zq02 ~]# vim /etc/my.cnf
[mysqld]
server-id=182 //定义id,这个与master不一致即可
zq01、zq01、zq02都重启mysql服务,使其配置生效
[root@zq00 ~]# service mysqld restart //修改完配置文件后,重启mysqld服务
[root@zq00 ~]# ls /data/mysql //看看master是否多了以下两个文件
master-bin.000001 master-bin.index
在master(zq00)上,登录mysql,为zq01、zq02授权两个账号
mysql> grant replication on *.* to 'repl''@'192.168.112.184' identified by 'www1234';
Query OK, 0 rows affected (0.10 sec)
mysql> grant replication on *.* to 'repl''@'192.168.112.184' identified by 'www1234';
Query OK, 0 rows affected (0.10 sec)
在zq01、zq02上登录这个账号,是否成功
[root@zq01 ~]# mysql -urepl -h192.168.112.180 -pwww1234
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 815
Server version: 5.6.36-log MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
回到master(zq00)机器上,进行锁表,防止配置过程中,主表写入
mysql> flush tables with read lock;
看一下master的状态,并记录file、position
mysql> show master status;
+-------------------+----------+--------------+------------------+-------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
+-------------------+----------+--------------+------------------+-------------------+
| master-bin.000001 | 1820 | | | |
+-------------------+----------+--------------+------------------+-------------------+
1 row in set (0.07 sec)
现在在slaver上进行配置,zq01、zq02操作一样
[root@zq01 ~]# mysql -uroot -pwww123
mysql> stop slave;
mysql> change master to master_host='192.168.112.180', master_user='repl', master_password='www1234', master_log_file='master-bin.000001', master_log_pos=1820;
mysql> start slave;
查看两台slave的主从状态是否正常,Slave_IO_Running和 Slave_SQL_Running要为yes:
mysql> show slave status\G
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 192.168.112.180
Master_User: repl
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: master-bin.000002
Read_Master_Log_Pos: 1820
Relay_Log_File: zq01-relay-bin.000003
Relay_Log_Pos: 3204
Relay_Master_Log_File: master-bin.000002
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
回到master(zq00)机器上解锁表;
mysql> unlock tables;
此时mysql主从设置完成;
四、搭建Mycat服务器
master:192.168.112.180 zq00
mycat: 192.168.112.183 zq03
4.1 安装jdk环境
之前下载过JDK,则用scp命令复制到mycat机器的;解压,更改目录、名称;
[root@zq03 src]# scp 192.168.112.136:/usr/local/src/jdk-8u171-linux-x64.tar.gz ./
[root@zq03 src]# tar zxf jdk-8u171-linux-x64.tar.gz
[root@zq03 src]# mv jdk1.8.0_171 /usr/local/jdk1.8
编辑/etc/profile文件,添加以下配置
[root@zq03 src]# vim /etc/profile
JAVA_HOME=/usr/local/jdk1.8/
JAVA_BIN=/usr/local/jdk1.8/bin
JRE_HOME=/usr/local/jdk1.8/jre
PATH=$PATH:/usr/local/jdk1.8/bin:/usr/local/jdk1.8/jre/bin
CLASSPATH=/usr/local/jdk1.8/jre/lib:/usr/local/jdk1.8/lib:/usr/local/jdk1.8/jre/lib/charsets.jar
加载/etc/profile配置文件,并查看版本号;
[root@zq03 src]# source /etc/profile
[root@zq03 src]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)
4.2 安装、配置mycat
下载mycat,解压;
[root@zq03 src]# wget http://dl.mycat.io/1.6-RELEASE/Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz
[root@zq03 src]# tar -zxf Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz //解压
[root@zq03 src]# ls
5.txt Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz
jdk-8u171-linux-x64.tar.gz mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz
mycat
[root@zq03 src]# mv mycat/ /usr/local/ //移到新目录
[root@zq03 src]# ls /usr/local/mycat/
bin catlet conf lib logs version.txt
[root@zq03 src]# ls /usr/local/mycat/conf/
autopartition-long.txt rule.xml
auto-sharding-long.txt schema.xml
auto-sharding-rang-mod.txt sequence_conf.properties
cacheservice.properties sequence_db_conf.properties
ehcache.xml sequence_distributed_conf.properties
index_to_charset.properties sequence_time_conf.properties
log4j2.xml server.xml
migrateTables.properties sharding-by-enum.txt
myid.properties wrapper.conf
partition-hash-int.txt zkconf
partition-range-mod.txt zkdownload
编辑Mycat服务器参数调整和用户授权的配置文件server.xml;(把以下内容添加,默认的删除,类似的配置)
[root@zq03 src]# vim /usr/local/mycat/conf/server.xml
# root用户对逻辑数据库ultrax,DedeCMS,zrlog具有增删改查的权限
<user name="root">
<property name="password">www123</property>
<property name="schemas">ultrax,DedeCMS,zrlog</property>
</user>
# discuz用户对逻辑数据库ultrax具有增删改查的权限
<user name="discuz">
<property name="password">www123</property>
<property name="schemas">ultrax</property>
</user>
# dedecms用户对逻辑数据库DedeCMS具有增删改查的权限
<user name="dedecms">
<property name="password">www123</property>
<property name="schemas">DedeCMS</property>
</user>
# zrlog用户对逻辑数据库zrlog具有增删改查的权限
<user name="zrlog">
<property name="password">www123</property>
<property name="schemas">zrlog</property>
</user>
# 该用户对逻辑数据库ultrax,DedeCMS,zrlog仅有只读的权限
<user name="user">
<property name="password">www123</property>
<property name="schemas">ultrax,DedeCMS,zrlog</property>
<property name="readOnly">true</property>
</user>
修改逻辑库定义和表及分片定义的配置文件schema.xml;
[root@zq03 src]# mv /usr/local/mycat/conf/schema.xml /usr/local/mycat/conf/schema.xml_bak //备份schema.xml
[root@zq03 src]# vim /usr/local/mycat/conf/schema.xml
<?xml version="1.0"?>
<!DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
<schema name="ultrax" checkSQLschema="false" sqlMaxLimit="1000" dataNode="dn1" />
<schema name="DedeCMS" checkSQLschema="false" sqlMaxLimit="1000" dataNode="dn2" />
<schema name="zrlog" checkSQLschema="false" sqlMaxLimit="1000" dataNode="dn3" />
<dataNode name="dn1" dataHost="localhost1" database="ultrax" />
<dataNode name="dn2" dataHost="localhost1" database="DedeCMS" />
<dataNode name="dn3" dataHost="localhost1" database="zrlog" />
<dataHost name="localhost1" maxCon="2000" minCon="1" balance="3"
writeType="1" dbType="mysql" dbDriver="native" switchType="1" slaveThreshold="100">
<heartbeat>select user()</heartbeat>
<writeHost host="hostM1" url="192.168.112.180:3306" user="root" password="www123">
<!-- can have multi read hosts -->
<readHost host="hostS1" url="192.168.112.181:3306" user="root" password="123456" />
<readHost host="hostS2" url="192.168.112.182:3306" user="root" password="123456" />
</writeHost>
</dataHost>
</mycat:schema>
mycat机器配置完毕。启动mycat并查看端口8066和9066端口是否起来:
[root@zq03 src]# /usr/local/mycat/bin/mycat start
Starting Mycat-server...
[root@zq03 src]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1012/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1096/master
tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN 2355/java
tcp6 0 0 :::38862 :::* LISTEN 2355/java
tcp6 0 0 :::41234 :::* LISTEN 2355/java
tcp6 0 0 :::22 :::* LISTEN 1012/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1096/master
tcp6 0 0 :::1984 :::* LISTEN 2355/java
tcp6 0 0 :::8066 :::* LISTEN 2355/java
tcp6 0 0 :::9066 :::* LISTEN 2355/java
tcp6 0 0 :::3306 :::* LISTEN 1558/mysqld
注意:如果没有这两个端口没有启动,查看java环境是否生效。
- 8066是用于web连接mycat.
- 9066是用于SA|DBA管理端口.
4.3 测试mycat配置
在mastet机器上,用户名登录mycat机器的mysql;需要先关闭firewalld
master机器上的防火墙
[root@zq00 ~]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
mycat机器上的防火墙
[root@zq03 ~]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
用discuz用户登录mycat机器;
[root@zq00 ~]# mysql -h192.168.112.183 -udiscuz -pwww123 -P8066
能查看到所有的数据库;里面只有ultrax库
mysql> show databases;
+----------+
| DATABASE |
+----------+
| ultrax |
+----------+
1 row in set (0.00 sec)
使用root用户登录mycat;
[root@zq00 ~]# mysql -h192.168.112.183 -uroot -pwww123 -P8066
能查看到所有的数据库:
mysql> show databases;
+----------+
| DATABASE |
+----------+
| DedeCMS |
| ultrax |
| zrlog |
+----------+
3 rows in set (0.00 sec)
在master(192.168.112.180)以9066端口登陆
[root@zq00 ~]# mysql -h192.168.112.183 -uroot -pwww123 -P9066
查看数据源
mysql> show @@datasource;
+----------+--------+-------+-----------------+------+------+--------+------+------+---------+-----------+------------+
| DATANODE | NAME | TYPE | HOST | PORT | W/R | ACTIVE | IDLE | SIZE | EXECUTE | READ_LOAD | WRITE_LOAD |
+----------+--------+-------+-----------------+------+------+--------+------+------+---------+-----------+------------+
| dn1 | hostM1 | mysql | 192.168.112.180 | 3306 | W | 0 | 0 | 2000 | 1 | 0 | 0 |
| dn1 | hostS1 | mysql | 192.168.112.181 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
| dn1 | hostS2 | mysql | 192.168.112.182 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
| dn3 | hostM1 | mysql | 192.168.112.180 | 3306 | W | 0 | 0 | 2000 | 1 | 0 | 0 |
| dn3 | hostS1 | mysql | 192.168.112.181 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
| dn3 | hostS2 | mysql | 192.168.112.182 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
| dn2 | hostM1 | mysql | 192.168.112.180 | 3306 | W | 0 | 0 | 2000 | 1 | 0 | 0 |
| dn2 | hostS1 | mysql | 192.168.112.181 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
| dn2 | hostS2 | mysql | 192.168.112.182 | 3306 | R | 0 | 0 | 2000 | 0 | 0 | 0 |
+----------+--------+-------+-----------------+------+------+--------+------+------+---------+-----------+------------+
9 rows in set (0.00 sec)
mysql> quit
在master上登录mysql,创建ultrax、DedeCMS、zrlog这三个数据库;
[root@zq00 ~]# mysql -uroot -pwww123
mysql> create database ultrax default character set utf8; //创建数据库,默认字体,设置为utf8字符编码
Query OK, 1 row affected (0.00 sec)
mysql> create database DedeCMS default character set utf8;
Query OK, 1 row affected (0.00 sec)
mysql> create database zrlog default character set utf8;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| ABC |
| DedeCMS |
| mysql |
| performance_schema |
| test |
| ultrax |
| zrlog |
+--------------------+
8 rows in set (0.00 sec)
mysql>
还需要对创建用户,并授权;
mysql> grant all on *.* to 'root'@'192.168.112.183' identified by 'www123';
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on ultrax.* to 'discuz'@'192.168.112.%' identified by 'www123';
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on DedeCMS.* to 'dedecms'@'192.168.112.%' identified by 'www123';
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on zrlog.* to 'zrlog'@'192.168.112.%' identified by 'www123';
Query OK, 0 rows affected (0.00 sec)
mysql> quit
完成以上操作后主从复制和读写分离就弄好了,接下来就是搭建web服务器,然后进行对接即可。
五、搭建lnmp、tomcat+jdk环境
剩下的所有服务器(zq04、zq05、zq06、zq07、zq08)
先搭建LNMP环境,和Tomcat+Java环境,默认80端口给Nginx,Tomcat使用8080端口。
5.1 安装、配置nginx
下载nginx,并解压
[root@zq04 ~]# cd /usr/local/src/;wget http://nginx.org/download/nginx-1.4.7.tar.gz;tar zxf nginx-1.4.7.tar.gz
安装需要的安装包及库
[root@zq04 nginx-1.4.7]# yum -y install epel-release wget gcc gcc-c++ libmcrypt-devel libmcrypt libcurl-devel libxml2-devel openssl-devel bzip2-devel libjpeg-devel libpng-devel freetype-devel libmcrypt-devel;
编辑ngnix
[root@zq04 nginx-1.4.7]# cd nginx-1.4.7/;./configure --prefix=/usr/local/nginx;echo $?
安装ngnix
[root@zq04 nginx-1.4.7]# make;make install;echo $?
在init.d目录下,新建nginx脚本文件
[root@zq04 nginx-1.4.7]# vim /etc/init.d/nginx
以下为脚本内容.....
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
然后增加权限,以及启动服务;
[root@zq04 nginx-1.4.7]# chmod 755 /etc/init.d/nginx
[root@zq04 nginx-1.4.7]# chkconfig --add nginx
[root@zq04 nginx-1.4.7]# chkconfig nginx on
- 编辑配置文件
进入nginx/conf/目录下,把默认的配置文件作为备份;
[root@zq04 nginx-1.4.7]# cd /usr/local/nginx/conf/
[root@zq04 conf]# mv nginx.conf nginx.conf.1 //把原配置文件作为备份
新建nginx.conf配置文件,并按下面写入内容
[root@zq04 conf]# vim nginx.conf
以下为配置内容.....
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
}
注意:此时关机,拍摄快照,克隆zq04,创建zq07、zq08,创建keepalived + nginx 实现负载均衡;
更改其IP
[root@zq04 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 IPADDR=192.168.112.187
重启网络服务
[root@zq04 ~]# systemctl restart networkw.service
更改主机名
[root@zq04 ~]# hostnamectl set-hostname zq07 [root@zq04 ~]# bash [root@zq07 ~]#
zq08机器一样配置;
5.2 安装jdk环境;
之前下载过JDK,则用scp命令复制到mycat机器的;解压,更改目录、名称;
[root@zq04 src]# scp 192.168.112.184:/usr/local/src/jdk-8u171-linux-x64.tar.gz ./
[root@zq04 src]# tar zxf jdk-8u171-linux-x64.tar.gz
[root@zq04 src]# mv jdk1.8.0_171 /usr/local/jdk1.8
编辑/etc/profile文件,添加以下配置
[root@zq03 src]# vim /etc/profile
JAVA_HOME=/usr/local/jdk1.8/
JAVA_BIN=/usr/local/jdk1.8/bin
JRE_HOME=/usr/local/jdk1.8/jre
PATH=$PATH:/usr/local/jdk1.8/bin:/usr/local/jdk1.8/jre/bin
CLASSPATH=/usr/local/jdk1.8/jre/lib:/usr/local/jdk1.8/lib:/usr/local/jdk1.8/jre/lib/charsets.jar
加载/etc/profile配置文件,并查看版本号;
[root@zq03 src]# source /etc/profile
[root@zq03 src]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)
5.3 安装Tomcat
在官网找到二进制包,下载;
[root@zq04 src]# wget http://www-eu.apache.org/dist/tomcat/tomcat-8/v8.5.32/bin/apache-tomcat-8.5.32.tar.gz
解压、并把解压包移到 /usr/local/tomcat下;
[root@zq04 src]# tar zxf apache-tomcat-8.5.32.tar.gz
[root@zq04 src]# mv apache-tomcat-8.5.32 /usr/local/tomcat
开启服务与关闭服务
[root@zq04 src]# /usr/local/tomcat/bin/startup.sh //启动服务
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr/local/jdk1.8
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Tomcat started.
[root@zq04 src]# /usr/local/tomcat/bin/shutdown.sh //关闭服务
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr/local/jdk1.8
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
监听端口;
[root@zq04 src]# /usr/local/tomcat/bin/startup.sh
[root@zq04 src]# netstat -lntp |grep java
tcp6 0 0 :::8080 :::* LISTEN 8986/java
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 8986/java
tcp6 0 0 :::8009 :::* LISTEN 8986/java
三个端口释义:
8080为提供web服务的端口;
8005为管理端口;显示调用会慢半拍
8009端口为第三方服务调用的端口,比如httpd和Tomcat结合时会用到
5.4 安装php5
php解压目录中的php.ini-production文件复制到php-fpm/etc/目录中,并且重命名为php.ini
[root@zq04 php-5.6.32]# cp php.ini-production /usr/local/php-fpm/etc/php.ini
创建php-fpm.conf配置文件
[root@zq04 php-5.6.32]# cd /usr/local/php-fpm/etc/
[root@zq04 etc]# vim php-fpm.conf //新创建文件
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
listen = /tmp/php-fcgi.sock
#listen =127.0.0.1:9000
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
把解压目录下的脚本sapi/fpm/init.d.php-fpm 复制到/etc/init.d下
[root@zq04 etc]# cd /usr/local/src/php-5.6.32/
[root@zq04 php-5.6.32]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
然后给予755权限,创建php-fpm用户名,增加开机服务等操作
[root@zq04 php-5.6.32]# chmod 755 /etc/init.d/php-fpm
[root@zq04 php-5.6.32]# chkconfig --add php-fpm //开机启动
[root@zq04 php-5.6.32]# chkconfig php-fpm on
[root@zq04 php-5.6.32]# useradd -s /sbin/nologin php-fpm //创建 php-fpm用户
[root@zq04 php-5.6.32]# tail -1 /etc/passwd
php-fpm:x:1001:1001::/home/php-fpm:/sbin/nologin
[root@zq04 php-5.6.32]# service php-fpm start //开启php-fpm服务
Starting php-fpm done
测试nginx是否解析php
[root@zq04 php-5.6.32]# curl localhost/1.php
How do uou do!
- 配置nginx默认虚拟主机,方便以后可以直接使用:
在nginx.conf配置文件下,更改以下内容;
[root@zq04 ~]# vim /usr/local/nginx/conf/nginx.conf
以下默认虚拟主机,删除;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
更换成此语句;
include vhost/*.conf; //相当于把虚拟主机做成模块
创建vhost目录:
[root@zq04 ~]# mkdir /usr/local/nginx/conf/vhost
[root@zq04 ~]# cd /usr/local/nginx/conf/vhost
[root@zq04 vhost]# vim default.conf
server
{
listen 80 default_server;
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/default$fastcgi_script_name;
}
}
创建网站目录,并此次目录下新建一个php文件
[root@zq04 vhost]# mkdir -p /data/wwwroot/default/
[root@zq04 vhost]# cd /data/wwwroot/default/
[root@zq04 default]# vim index.php
<?php
echo "Nice to meet you!"
?>
重启nginx服务,解析php文件
[root@zq04 default]# service nginx restart
Restarting nginx (via systemctl): [ 确定 ]
[root@zq04 default]# curl localhost
Nice to meet you!
此时 zq04 配置好了环境
六、开始创建 网站目录
6.1 discuz.com网站创建
创建虚拟主机配置文件:discuz.com.conf
[root@zq04 ~]# cd /usr/local/nginx/conf/vhost
[root@zq04 vhost]# vim discuz.com.conf
server
{
listen 80;
server_name www.discuz.com;
index index.html index.htm index.php;
root /data/wwwroot/discuz.com;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/discuz.com$fastcgi_script_name;
}
}
创建相应的discuz.com网站数据目录;
[root@zq04 vhost]# cd /data/wwwroot/discuz.com/
[root@zq04 discuz.com]# vim index.php
<?php
echo "Welcome to discuz.com"
?>
重启,测试网站discuz.com
[root@zq04 discuz.com]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@zq04 discuz.com]# /usr/local/nginx/sbin/nginx -s reload
[root@zq04 discuz.com]# curl -x192.168.112.184:80 www.discuz.com
Welcome to discuz.com
开始安装Discuz
[root@zq06 src]# yum install -y unzip
[root@zq06 src]# unzip Discuz_X3.3_SC_UTF8.zip
[root@zq06 src]# ls
5.txt Discuz_X3.3_SC_UTF8.zip mysql-5.6.36-linux-glibc2.5-x86_64.tar.gz nginx-1.4.7.tar.gz php-5.6.32.tar.bz2 upload
apache-tomcat-8.5.32.tar.gz jdk-8u171-linux-x64.tar.gz nginx-1.4.7 php-5.6.32 readme utility
此时把之前discuz.com目录下的,测试文件index.php删除,把upload下的所有文件复制到discuz.com目录下
[root@zq06 src]# rm -f /data/wwwroot/discuz.com/index.php
[root@zq06 src]# ls /data/wwwroot/discuz.com/
[root@zq06 src]# cp -r upload/* /data/wwwroot/discuz.com/
[root@zq06 src]# ls /data/wwwroot/discuz.com/
admin.php archiver cp.php favicon.ico home.php member.php portal.php source uc_client
api config crossdomain.xml forum.php index.php misc.php robots.txt static uc_server
api.php connect.php data group.php install plugin.php search.php template userapp.php
在windows下,打开hosts文件
添加以下:
192.168.112.184 www.discuz.com www.dedecms.com www.zrlog.com
在浏览器下,输入 www.discuz.com 域名,出现discuz的安装页面
现在出现红色,那是需要授权777权限
现把所有需要更改权限的文件,复制到一个文本里
[root@zq04 discuz.com]# vim filelist.txt
./config
./data
./data/cache
./data/avatar
./data/plugindata
./data/download
./data/addonmd5
./data/template
./data/threadcache
./data/attachment
./data/attachment/album
./data/attachment/forum
./data/attachment/group
./data/log
./uc_client/data/cache
./uc_server/data/
./uc_server/data/cache
./uc_server/data/avatar
./uc_server/data/backup
./uc_server/data/logs
./uc_server/data/tmp
./uc_server/data/view
创建一个shell脚本,这个脚本很简单,就是轮流给清单里的文件777权限;
[root@zq04 discuz.com]# vim qxgg.sh
#!bin/bash
for file in `cat ./filelist.txt`
do
chmod 777 $file
done
执行此脚本
[root@zq04 discuz.com]# sh qxgg.sh
执行完脚本后,此时刷新浏览器,就可以看到全部变绿色
点击下一步,
点击下一步,按下面内容填写;假如此处有问题,那说明没有在mastet(zq01)上没有创建用户,及授权;
现在开始用使用mycat连接mysql
[root@zq04 ~]# vim /data/wwwroot/discuz.com/config/config_global.php
// ---------------------------- CONFIG DB ----------------------------- //
$_config['db']['1']['dbhost'] = '192.168.112.183:8066'; //mycat ip 及其端口
$_config['db']['1']['dbuser'] = 'discuz'; //用户名
$_config['db']['1']['dbpw'] = 'www123'; //密码
$_config['db']['1']['dbcharset'] = 'utf8';
$_config['db']['1']['pconnect'] = '0';
$_config['db']['1']['dbname'] = 'ultrax';
$_config['db']['1']['tablepre'] = 'pre_';
$_config['db']['slave'] = '';
$_config['db']['common']['slave_except_table'] = '';
重启nginx服务;
[root@zq04 ~]# nginx restart
Restarting nginx (via systemctl): [ 确定 ]
此时退出登录页面,只要能够重新登录,那证明架构没问题;
6.2 dedecms.com网站创建
搭建dedecms企业网站,同样的也需要先配置一个虚拟主机站点:
[root@zq04 ~]# cd /usr/local/nginx/conf/vhost
[root@zq04 vhost]# vim dedecms.com.conf
server
{
listen 80;
server_name www.dedecms.com;
index index.html index.htm index.php;
root /data/wwwroot/dedecms.com;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/dedecms.com$fastcgi_script_name;
}
}
创建站点目录,并创建测试页
[root@zq04 vhost]# mkdir -p /data/wwwroot/dedecms.com/
[root@zq04 vhost]# cd /data/wwwroot/dedecms.com/
[root@zq04 dedecms.com]# vim index.php
<?php
echo "Welcome to dedecms.com"
?>
重启,测试网站dedecms.com
[root@zq04 dedecms.com]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@zq04 dedecms.com]# /usr/local/nginx/sbin/nginx -s reload
[root@zq04 dedecms.com]# curl -x192.168.112.184:80 www.dedecms.com
Welcome to discuz.com
[root@zq04 dedecms.com]# rm -f index.php //删除此测试页
开始安装dedecms,下载dedecms的安装包
[root@zq04 dedecms.com]# cd /usr/local/src/
[root@zq04 src]# wget http://updatenew.dedecms.com/base-v57/package/DedeCMS-V5.7-UTF8-SP2.tar.gz
把软件包的uploads目录里,所有的文件都复制到dedecms.com网站目录下
[root@zq04 src]# ls DedeCMS-V5.7-UTF8-SP2
docs uploads
[root@zq04 src]# cd DedeCMS-V5.7-UTF8-SP2/
[root@zq04 DedeCMS-V5.7-UTF8-SP2]# docs uploads
[root@zq04 DedeCMS-V5.7-UTF8-SP2]# cp -r ./uploads/* /data/wwwroot/dedecms.com/
因为之前在 windows上 添加了域名www.dedecms.com,因此直接在浏览器输入 www.dedecms.com;
此处需要授权,因为需要授权的目录少,没必要写脚本
[root@zq04 DedeCMS-V5.7-UTF8-SP2]# cd /data/wwwroot/dedecms.com/
[root@zq04 dedecms.com]# chmod 777 ./
[root@zq04 dedecms.com]# chmod 777 ./dede
[root@zq04 dedecms.com]# chmod 777 ./data
[root@zq04 dedecms.com]# chmod 777 ./a
[root@zq04 dedecms.com]# chmod 777 ./install
[root@zq04 dedecms.com]# chmod 777 ./special
[root@zq04 dedecms.com]# chmod 777 ./uploads/
更改权限后,直接刷新浏览器
点继续;按下图填写,连接服务器;
点击继续;此时显示安装完成;
点击登录网站后台,此时需要输入用户名;(注意此处不是数据库的,而是网站的)
能够登录到后台,配置正确;
6.3 搭建zrlog博客系统
[root@zq04 ~]# vim /usr/local/tomcat/conf/server.xml
# 在文件中增加以下内容:
<Host name="www.zrlog.com" appBase=""
unpackWARs= "true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context path="" docBase="/data/wwwroot/zrlog.com/" debug="0" reloadable="true" crossContext="true"/>
</Host>
创建相应的站点目录,下载安装包,并解压到zrlog.com站点目录下
[root@zq04 ~]# mkdir /data/wwwroot/zrlog.com
[root@zq04 src]# wget http://dl.zrlog.com/release/zrlog-1.7.1-baaecb9-release.war
[root@zq04 src]# ls zrlog-1.7.1-baaecb9-release.war
zrlog-1.7.1-baaecb9-release.war
[root@zq04 src]# unzip zrlog-1.7.1-baaecb9-release.war -d /data/wwwroot/zrlog.com
[root@zq04 src]# cd /data/wwwroot/zrlog.com
[root@zq04 zrlog.com]# ls
admin assets attached error favicon.ico include install logs META-INF WEB-INF
为了共享80端口还需要配置nginx反向代理tomcat,不然就会访问冲突;编辑主机配置文件:
[root@zq04 zrlog.com]# vim /usr/local/nginx/conf/vhost/zrlog.com.conf
upstream zrlog_com
{
ip_hash;
server localhost:8080;
}
server
{
listen 80;
server_name www.zrlog.com;
location /
{
proxy_pass http://zrlog_com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
6.4 配置检测
重启nginx服务;
[root@zq04 zrlog.com]# service nginx restart
Restarting nginx (via systemctl): [ 确定 ]
[root@zq04 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2164/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1007/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1262/master
tcp6 0 0 :::22 :::* LISTEN 1007/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1262/master
tcp6 0 0 :::3306 :::* LISTEN 1218/mysqld
因为zrlog是java站点,因此重启tomcat服务;并查看端口
[root@zq04 ~]# /usr/local/tomcat/bin/shutdown.sh
[root@zq04 ~]# /usr/local/tomcat/bin/startup.sh
[root@zq04 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2164/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1007/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1262/master
tcp6 0 0 :::8080 :::* LISTEN 2208/java
tcp6 0 0 127.0.0.1:42102 :::* LISTEN 2262/java
tcp6 0 0 127.0.0.1:22102 :::* LISTEN 2262/java
tcp6 0 0 :::22 :::* LISTEN 1007/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1262/master
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 2208/java
tcp6 0 0 127.0.0.1:52102 :::* LISTEN 2262/java
tcp6 0 0 :::8009 :::* LISTEN 2208/java
tcp6 0 0 :::3306 :::* LISTEN 1218/mysqld
在Windows上,直接浏览器访问 www.zrlog.com
跟前面一样,都是同mycat连接mysql;
此处按照自定义,填写
登录到就可以进入后台管理;
七、站点后台二次访问
6.给站点的后台访问做二次认证
做二次访问,需要一个命令:htpasswd,因此需要安装httpd
[root@zq04 ~]# yum install -y httpd //安装httpd
[root@zq04 ~]# htpasswd -c /usr/local/nginx/conf/htpasswd admin //设置 登录用户的密码
New password:
Re-type new password:
Adding password for user admin //用户为admin,这个可以自定义
[root@zq04 ~]# cat /usr/local/nginx/conf/htpasswd //此时密码生成
admin:$apr1$lIcVEl3m$HE8Q86GfFlJ4te6T2UY.k.
- 编辑discuz的主机配置文件
[root@zq04 ~]# vim /usr/local/nginx/conf/vhost/discuz.com.conf
server
{
listen 80;
server_name www.discuz.com;
index index.html index.htm index.php;
root /data/wwwroot/discuz.com;
access_log /data/wwwroot/discuz.com/data/log/discuz.com.log combined_realip;
location ~ admin.php //此模块为 ,二次访问
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd; //密码文件
}
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/discuz.com$fastcgi_script_name;
}
- 配置dedecms,同样的也是需要编辑主机配置文件
[root@zq04 ~]# vim /usr/local/nginx/conf/vhost/dedecms.com.conf
server
{
listen 80;
server_name www.dedecms.com;
index index.html index.htm index.php;
root /data/wwwroot/dedecms.com;
location /dede/ //此模块为 ,二次访问
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/dedecms.com$fastcgi_script_name;
}
}
- zrlog,编辑nginx的反向代理配置文件
[root@zq04 ~]# vim /usr/local/nginx/conf/vhost/zrlog.com.conf
upstream zrlog_com
{
ip_hash;
server localhost:8080;
}
server
{
listen 80;
server_name www.zrlog.com;
location /admin/ //此模块为 ,二次访问
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
proxy_pass http://zrlog_com/admin/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /
{
proxy_pass http://zrlog_com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
- 测试其配置
检查语法错误,重新加载配置文件,重启nginx服务;
[root@zq04]# usr/local/nginx/sbin/nginx -t
[root@zq04]# /usr/local/nginx/sbin/nginx -s reload
[root@zq04]# service nginx restart
Restarting nginx (via systemctl): [ 确定 ]
在登录后台管理时候,都说明需要auth ,也就是密码访问;
[root@zq04 ~]# curl -x127.0.0.1:80 http://www.discuz.com/admin.php -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 20 Aug 2018 07:51:49 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
[root@zq04 ~]# curl -x127.0.0.1:80 http://www.dedecms.com/dede/ -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 20 Aug 2018 07:52:28 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
[root@zq04 ~]# curl -x127.0.0.1:80 http://www.zrlog.com/admin/ -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 20 Aug 2018 07:52:53 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
为了更清楚看到,在浏览器登录后台,此时会弹出一个对话框
搭建lnmp、tomcat+jdk环境 ; 三个站点分别为:discuz论坛、dedecms企业网站以及zrlog博客都已经布置完毕;
现在把zq04机器,关机,排快照保存,再克隆两台机器为,zq05、zq06
更改其IP
[root@zq04 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 IPADDR=192.168.112.185
重启网络服务
[root@zq05 ~]# systemctl restart networkw.service
更改主机名
[root@zq04 ~]# hostnamectl set-hostname zq05 [root@zq04 ~]# bash [root@zq05 ~]#
zq06机器一样配置;
八、配置机器中web服务器的静态文件共享
5 需要共享静态文件,比如discuz需要共享的目录是 data/attachment,dedecms需要共享upload(具体目录,你可以先上传一个图片,查看图片所在目录)
此步骤用NFS,参照 Linux 第25课——NFS/FTP服务搭建与配置
计划安排:zq04作为NFS服务器,zq05、zq06作为客户端
在zq04上安装 nfs-utils和rpcbind包,安装命令
[root@zq04 ~]# install -y nfs-utils rpcbind
开启rpcbind和nfs
[root@zq04 ~]# systemctl start rpcbind
[root@zq04 ~]# systemctl start nfs
[root@zq04 ~]# ps aux |grep nfs
root 1051 0.0 0.0 0 0 ? S< 07:36 0:00 [nfsd4_callbacks]
root 1055 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1056 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1057 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1058 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1059 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1060 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1061 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1062 0.0 0.0 0 0 ? S 07:36 0:00 [nfsd]
root 1799 0.0 0.0 112720 980 pts/1 R+ 08:24 0:00 grep --color=auto nfs
[root@zq04 ~]# ps aux |grep rpc
root 500 0.0 0.0 0 0 ? S< 07:36 0:00 [rpciod]
root 633 0.0 0.0 43860 540 ? Ss 07:36 0:00 /usr/sbin/rpc.idmapd
rpc 657 0.0 0.1 65000 1396 ? Ss 07:36 0:00 /sbin/rpcbind -w
root 1035 0.0 0.2 41704 2976 ? Ss 07:36 0:00 /usr/sbin/rpc.mountd -p 20048
rpcuser 1038 0.0 0.1 42420 1748 ? Ss 07:36 0:00 /usr/sbin/rpc.statd
root 1801 0.0 0.0 112720 984 pts/1 R+ 08:24 0:00 grep --color=auto rpc
[root@zq04 ~]# rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100005 1 udp 20048 mountd
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100024 1 udp 38738 status
100024 1 tcp 42835 status
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 49049 nlockmgr
100021 3 udp 49049 nlockmgr
100021 4 udp 49049 nlockmgr
100021 1 tcp 39016 nlockmgr
100021 3 tcp 39016 nlockmgr
100021 4 tcp 39016 nlockmgr
设置开机启动
[root@zq04 ~]# systemctl enable rpcbind
[root@zq04 ~]# systemctl enable nfs
需要共享的目录
- discuz需要共享的目录是:/data/wwwroot/discuz.com/data/attachment/
- dedecms需要共享的目录是:/data/wwwroot/dedecms.com/uploads/
- zrlog需要共享的目录是:/data/wwwroot/zrlog.com/attached/
- 然后给这些目录777的权限
先用一个脚本写入NFS服务的信息
[root@zq04 ~]# vim forIP.sh
file=$1
for i in `seq 5 6` //ip 185、186
do
echo "$file 192.168.112.18$i/24(rw,sync,no_root_squash)" >> /etc/exports
done
执行此脚本
[root@localhost ~]$ sh forIP.sh "/data/wwwroot/discuz.com/data/attachment/"
[root@localhost ~]$ sh forIP.sh "/data/wwwroot/dedecms.com/uploads/"
[root@localhost ~]$ sh forIP.sh "/data/wwwroot/zrlog.com/attached/"
查看写入的情况
[root@zq04 ~]# vim /etc/exports
/data/wwwroot/discuz.com/data/attachment/ 192.168.112.185/24(rw,sync,no_root_squash)
/data/wwwroot/discuz.com/data/attachment/ 192.168.112.186/24(rw,sync,no_root_squash)
/data/wwwroot/dedecms.com/uploads/ 192.168.112.185/24(rw,sync,no_root_squash)
/data/wwwroot/dedecms.com/uploads/ 192.168.112.186/24(rw,sync,no_root_squash)
/data/wwwroot/zrlog.com/attached/ 192.168.112.185/24(rw,sync,no_root_squash)
/data/wwwroot/zrlog.com/attached/ 192.168.112.186/24(rw,sync,no_root_squash)
清空防火墙规则;停止防火墙
[root@zq04 ~]# systemctl stop firewalld
检测NFS服务器(zq04)上的共享目录是否挂载上
[root@zq04 ~]# exportfs
/data/wwwroot/discuz.com/data/attachment
192.168.112.185/24
/data/wwwroot/discuz.com/data/attachment
192.168.112.186/24
/data/wwwroot/dedecms.com/uploads
192.168.112.185/24
/data/wwwroot/dedecms.com/uploads
192.168.112.186/24
/data/wwwroot/zrlog.com/attached
192.168.112.185/24
/data/wwwroot/zrlog.com/attached
192.168.112.186/24
其实184机器也相当于客户端、服务端一体
[root@zq04 ~]# showmount -e 192.168.112.184
Export list for 192.168.112.184:
/data/wwwroot/zrlog.com/attached 192.168.112.186/24,192.168.112.185/24
/data/wwwroot/dedecms.com/uploads 192.168.112.186/24,192.168.112.185/24
/data/wwwroot/discuz.com/data/attachment 192.168.112.186/24,192.168.112.185/24
现在再配置客户端,因为机器少,就不用脚本
安装客户端的软件,
[root@zq05 ~]# yum install -y nfs-utils
启动rpcbind服务,并设置其开机启动
[root@zq05 ~]# systemctl start rpcbind
[root@zq05 ~]# systemctl enable rpcbind
注意:客户端不需要启动nfs服务;
检查NFS服务器(即184机器上)的共享目录
root@zq05 ~]# showmount -e 192.168.112.184
Export list for 192.168.112.184:
/data/wwwroot/zrlog.com/attached 192.168.112.186/24,192.168.112.185/24
/data/wwwroot/dedecms.com/uploads 192.168.112.186/24,192.168.112.185/24
/data/wwwroot/discuz.com/data/attachment 192.168.112.186/24,192.168.112.185/24
再用mount挂载NFS服务器上的共享目录,没有目录创建目录;
[root@zq05 ~]# mount -t nfs 192.168.112.184:/data/wwwroot/dedecms.com/uploads /data/wwwroot/dedecms.com/uploads
[root@zq05 ~]# df -h
文件系统 容量 已用 可用 已用% 挂载点
/dev/mapper/centos-root 7.8G 4.2G 3.7G 53% /
devtmpfs 482M 0 482M 0% /dev
tmpfs 493M 0 493M 0% /dev/shm
tmpfs 493M 6.8M 486M 2% /run
tmpfs 493M 0 493M 0% /sys/fs/cgroup
/dev/sda1 197M 103M 95M 53% /boot
tmpfs 99M 0 99M 0% /run/user/0
192.168.112.184:/data/wwwroot/dedecms.com/uploads 7.8G 4.2G 3.7G 53% /data/wwwroot/dedecms.com/uploads
先测试一下,回到NFS服务器(184)上,在/data/wwwroot/dedecms.com/uploads目录下创建文件
[root@zq04 ~]# cd /data/wwwroot/dedecms.com/uploads
[root@zq04 uploads]# ls
allimg flink index.html litimg media soft userup
[root@zq04 uploads]# touch 2.txt
[root@zq04 uploads]# touch 5.txt
再回到客户端机器(185)上,在相应目录下查看
[root@zq05 ~]# ls /data/wwwroot/dedecms.com/uploads
2.txt 5.txt allimg flink index.html litimg media soft userup
相反操作,看NFS服务器上能看到不
root@zq05 ~]# cd /data/wwwroot/dedecms.com/uploads
[root@zq05 uploads]# ls
2.txt 5.txt allimg flink index.html litimg media soft userup
[root@zq05 uploads]# touch 88.txt
NFS服务器(184)上查看,以及另一个客户端zq06
[root@zq04 uploads]# ls
2.txt 5.txt 88.txt allimg flink index.html litimg media soft userup
[root@zq06 ~]# ls /data/wwwroot/dedecms.com/uploads
2.txt 5.txt 88.txt allimg flink index.html litimg media soft userup
此时证明配置成功;
现在把需要挂载的目录挂载上,
[root@zq05 uploads]# mount -t nfs 192.168.112.184:/data/wwwroot/zrlog.com/attached /data/wwwroot/zrlog.com/attached
[root@zq05 uploads]# mount -t nfs 192.168.112.184:/data/wwwroot/discuz.com/data/attachment /data/wwwroot/discuz.com/data/attachment
[root@zq05 uploads]# df -h
文件系统 容量 已用 可用 已用% 挂载点
/dev/mapper/centos-root 7.8G 4.2G 3.7G 53% /
devtmpfs 482M 0 482M 0% /dev
tmpfs 493M 0 493M 0% /dev/shm
tmpfs 493M 6.8M 486M 2% /run
tmpfs 493M 0 493M 0% /sys/fs/cgroup
/dev/sda1 197M 103M 95M 53% /boot
tmpfs 99M 0 99M 0% /run/user/0
192.168.112.184:/data/wwwroot/dedecms.com/uploads 7.8G 4.2G 3.7G 53% /data/wwwroot/dedecms.com/uploads
192.168.112.184:/data/wwwroot/zrlog.com/attached 7.8G 4.2G 3.7G 53% /data/wwwroot/zrlog.com/attached
192.168.112.184:/data/wwwroot/discuz.com/data/attachment 7.8G 4.2G 3.7G 53% /data/wwwroot/discuz.com/data/attachment
zq06一样的操作;
九、keepalived + nginx负载均衡
9 由于机器有限,尽可能地把三个站点放到同一台服务器上,然后做负载均衡集群,要求所有站点域名解析到一个ip上,也就是说只有一个出口ip
- 192.168.112.187 前端nginx负载主机+keepalived zq07
- 192.168.112.188 前端nginx负载备机+keepalived zq08
- 192.168.112.199 VIP
安装keepalived
[root@zq07 ~]# yum install -y keepalived
在虚拟主机目录,创建一个新的配置文件,名称自定义
[root@zq07 ~]# vim /usr/local/nginx/conf/vhost/load.conf
upstream zq
{
ip_hash;
server 192.168.112.184:80;
server 192.168.112.185:80;
server 192.168.112.186:80;
}
server
{
listen 80;
server_name www.discuz.com www.dedecms.com www.zrlog.com;
location /
{
proxy_pass http://zq;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
清空默认配置文件内容,写入以下代码
[root@zq07 ~]# > /etc/keepalived/keepalived.conf
[root@zq07 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
txwd188@126.com
}
notification_email_from txwd188@126.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh" //定义的脚本
interval 3
}
vrrp_instance VI_1 {
state MASTER //状态为 主
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass zq
}
virtual_ipaddress { //VIP
192.168.112.199
}
track_script {
chk_nginx
}
}
脚本路径在keepalived配置文件中有定义,路径为/usr/local/sbin/check_ng.sh 编辑配置文件:
[root@zq07 ~]# vim /usr/local/sbin/check_ng.sh
#!/bin/bash
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
/etc/init.d/nginx start
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
授予755权限,开启keepalived服务
[root@zq07 ~]# chmod 755 /usr/local/sbin/check_ng.sh
[root@zq07 ~]# systemctl start keepalived
查看zq07上是否出现VIP,出现
[root@zq07 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:13:a1:97 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.187/24 brd 192.168.112.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.112.199/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::b235:e548:b630:9167/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::9721:39ae:1869:d046/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
zq08 配置上和 zq07基本一样;只需要再/etc/keepalived/keepalived.conf配置文件中,略有不同;
[root@zq08 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
txwd188@126.com
}
notification_email_from txwd188@126.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state BACKUP //状态为 备用机
interface ens33
virtual_router_id 51 //和主机器 保持一致
priority 90 //权重比zq07上低,主次分明
advert_int 1
authentication {
auth_type PASS
auth_pass zq
}
virtual_ipaddress {
192.168.112.199
}
track_script {
chk_nginx
}
}
现在zq07、zq08搭建了 keeplived + Ngnix 负载均衡;
十、目前测试整个架构:
在windows下,打开hosts文件,把原ip 192.168.112.184 改为 192.168.112.199,此为 VIP;
192.168.112.199 www.discuz.com www.dedecms.com www.zrlog.com
此时所有的 web服务器(zq04、zq05、zq06)的出口,就成为192.168.112.199这一个出口;
任何一台web服务器宕机,都可以主动切换为其他服务器,而且zq07、zq08作为调度机也是一主、一备;
先测试调用zq的那台web服务器
对于测试,因为访问的页面 是不一样的,因此,分别在三台web服务器,做三个测试页,来分析,每次调用的 是哪个服务器
- 先测试以下,keepalived 主备工作场景;
此时vip 192.168.112.199 在zq07机器上,因为zq07作为master机器,权重高,因此处于主动工作
[root@zq07 vhost]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:13:a1:97 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.187/24 brd 192.168.112.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.112.199/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9eae:4950:ecfd:1144/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::b235:e548:b630:9167/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::9721:39ae:1869:d046/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
zq08作为备用机器;
[root@zq08 vhost]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ab:da:a2 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.188/24 brd 192.168.112.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9721:39ae:1869:d046/64 scope link
valid_lft forever preferred_lft forever
现在把zq07上的keepalived服务停止;此时 vip 192.168.112.199已经转移到zq08机器上
[root@zq07 vhost]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:13:a1:97 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.187/24 brd 192.168.112.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9eae:4950:ecfd:1144/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::b235:e548:b630:9167/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::9721:39ae:1869:d046/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
vip 192.168.112.199 在zq08上,说明zq07宕机,备用机zq08代替zq07继续工作;
[root@zq08 vhost]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ab:da:a2 brd ff:ff:ff:ff:ff:ff
inet 192.168.112.188/24 brd 192.168.112.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.112.199/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9721:39ae:1869:d046/64 scope link
valid_lft forever preferred_lft forever
- 测试 vip 调用的是那一台的web 服务器;
首先在之前zq07、zq08写一个虚拟主机配置文件; 域名www.aaa.com 可以被3台机器代理访问;
[root@zq07 vhost]# vim test.conf
upstream z
{
ip_hash;
server 192.168.112.184;
server 192.168.112.185;
server 192.168.112.186;
}
server
{
listen 80;
server_name www.aaa.com;
location /
{
proxy_pass http://z;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
在 zq04、zq05、zq06 的默认文件下,创建测试页
[root@zq04]# vim /data/wwwroot/default/index.php
<?php
echo "It,s zq04 web server"
?>
编辑其默认虚拟主机配置文件
[root@zq04]# vim /usr/local/nginx/conf/vhost/default.conf
server
{
listen 80 default_server;
server_name www.aaa.com; //域名
index index.html index.htm index.php;
root /data/wwwroot/default;
location ~ \.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/default$fastcgi_script_name;
}
}
重新加载配置文件;
[root@zq04 ~]# /usr/local/nginx/sbin/nginx -t
[root@zq04 ~]# /usr/local/nginx/sbin/nginx -s reload
zq05、zq06机器上一样配置
再在windows hosts文件中,把 www.aaa.com添加在 192.168.112.199后面
192.168.112.199 www.discuz.com www.dedecms.com www.zrlog.com www.aaa.com
此时在浏览器里,输入www.aaa.com,随机出现zq05机器,但是刷新比较久,还是未变;
模拟zq05宕机,在zq05上停止nginx服务
[root@zq05 default]# /etc/init.d/nginx stop
Stopping nginx (via systemctl): [ 确定 ]
同样模拟zq06宕机,在zq06上停止nginx服务,最后剩下zq04
[root@zq06 default]# /etc/init.d/nginx stop
Stopping nginx (via systemctl): [ 确定 ]
此时说明vip 192.168.112.199 随机调用zq04、zq05、zq06任意一台,其中一台宕机,其余的会顶上;
此部分完成;