目标:三台网站服务器在负载服务器的调度下轮询地接受着三个网站的请求
环境准备
在“综合架构 – 网站服务器”章节中已经构建好了cloudbarn.com
网站,按照同样的流程继续构建poplarleaf.com
网站以及它的子网站cloth.poplarleaf.com
:
- 编写NFS配置文件
[root@nfs01 ~]# vi /etc/exports
[root@nfs01 ~]# cat /etc/exports
/data/web01 web01(rw)
/data/web02 web02(rw)
/data/web03 web03(rw)
/data/cloudbarn web0[1-3](rw,anonuid=993,anongid=990)
/data/poplarleaf web0[1-3](rw,anonuid=993,anongid=990)
/data/cloth_poplarleaf web0[1-3](rw,anonuid=993,anongid=990)
[root@nfs01 ~]#
- 配置相关目录
[root@nfs01 ~]# mkdir /data/web02
[root@nfs01 ~]# mkdir /data/web03
[root@nfs01 ~]# chown nobody.nobody /data/web02
[root@nfs01 ~]# chown nobody.nobody /data/web03
[root@nfs01 ~]# mkdir /data/poplarleaf
[root@nfs01 ~]# mkdir /data/cloth_poplarleaf
[root@nfs01 ~]# tar -zxf latest.tar.gz
[root@nfs01 ~]# cp -r wordpress/* /data/poplarleaf/
[root@nfs01 ~]# cp -r wordpress/* /data/cloth_poplarleaf/
[root@nfs01 ~]# chown -Rf nginx.nginx /data/poplarleaf/
[root@nfs01 ~]# chown -Rf nginx.nginx /data/cloth_poplarleaf/
[root@nfs01 ~]#exportfs -ra
[root@nfs01 ~]#
- 创建数据库并配置权限:
[root@db01 ~]# mysql -uroot -pabcd1234..
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 16
Server version: 10.3.17-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database poplarleaf;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> create database cloth_poplarleaf;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> grant all on poplarleaf.* to 'webuser'@'192.168.1.%' identified by 'abcd1234..';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> grant all on cloth_poplarleaf.* to 'webuser'@'192.168.1.%' identified by 'abcd1234..';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]>
- 编写Nginx配置文件:
[root@web01 ~]# cd /etc/nginx/conf.d/
[root@web01 conf.d]# ls
cloudbarn.conf default.conf default.conf.bak php-fpm.conf
[root@web01 conf.d]# cp cloudbarn.conf poplarleaf.conf
[root@web01 conf.d]# cp cloudbarn.conf cloth_poplarleaf.conf
[root@web01 conf.d]# grep cloudbarn poplarleaf.conf
server_name cloudbarn.com www.cloudbarn.com;
root /usr/share/nginx/html/cloudbarn;
[root@web01 conf.d]# sed -i 's/cloudbarn/poplarleaf/g' poplarleaf.conf
[root@web01 conf.d]# grep poplarleaf poplarleaf.conf
server_name poplarleaf.com www.poplarleaf.com;
root /usr/share/nginx/html/poplarleaf;
[root@web01 conf.d]# sed -i 's/cloudbarn/cloth_poplarleaf/g' cloth_poplarleaf.conf
[root@web01 conf.d]#
- 创建挂载目录:
[root@web01 ~]# mkdir /usr/share/nginx/html/poplarleaf
[root@web01 ~]# mkdir /usr/share/nginx/html/cloth_poplarleaf
[root@web01 ~]# vi /etc/fstab
[root@web01 ~]# tail -4 /etc/fstab
# NFS web dir
nfs01:/data/cloudbarn /usr/share/nginx/html/cloudbarn nfs defaults 0 0
nfs01:/data/poplarleaf /usr/share/nginx/html/poplarleaf nfs defaults 0 0
nfs01:/data/cloth_poplarleaf /usr/share/nginx/html/cloth_poplarleaf nfs defaults 0 0
[root@web01 ~]# mount -a
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 380M 0 380M 0% /dev
tmpfs 396M 5.7M 391M 2% /run
tmpfs 396M 0 396M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 1.8G 16G 11% /
tmpfs 80M 0 80M 0% /run/user/0
/dev/nvme0n1p1 976M 185M 724M 21% /boot
nfs01:/data/web01 17G 2.1G 15G 13% /daily_bak
nfs01:/data/cloudbarn 17G 2.1G 15G 13% /usr/share/nginx/html/cloudbarn
nfs01:/data/poplarleaf 17G 2.1G 15G 13% /usr/share/nginx/html/poplarleaf
nfs01:/data/cloth_poplarleaf 17G 2.1G 15G 13% /usr/share/nginx/html/cloth_poplarleaf
[root@web01 ~]#
- 重启Nginx:
[root@web01 ~]# systemctl restart nginx
- 安装Wordpress:
克隆主机
使用样板机克隆出一台负载服务器,使用已有的网站服务器克隆出另外两台:
初始化克隆网站服务器:
[root@web01 ~]# cat skel_refine.sh
#!/bin/bash
hostname=web02
ens160Ipv4="10.0.0.8/24"
ens192Ipv4="192.168.1.8/24"
hostnamectl set-hostname $hostname
nmcli c modify ens160 ipv4.addresses $ens160Ipv4
nmcli c modify ens192 ipv4.addresses $ens192Ipv4
# Generate new UUIDs for interfaces
sed -i "s/^UUID.*/UUID=`uuidgen ens160`/g" /etc/sysconfig/network-scripts/ifcfg-ens160
sed -i "s/^UUID.*/UUID=`uuidgen ens192`/g" /etc/sysconfig/network-scripts/ifcfg-ens192
nmcli c reload
nmcli c up ens160
nmcli c up ens192
[root@web01 ~]# sh skel_refine.sh
更正备份挂载目录nfs01:/data/web02 /daily_bak nfs defaults 0 0
:
[root@web02 ~]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Tue Sep 8 05:34:54 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/cl-root / xfs defaults 0 0
UUID=ce4bc8b5-a786-44d4-8b83-2878f58eb6ba /boot ext4 defaults 1 2
/dev/mapper/cl-swap swap swap defaults 0 0
# NFS backup dir
nfs01:/data/web02 /daily_bak nfs defaults 0 0
# NFS web dir
nfs01:/data/cloudbarn /usr/share/nginx/html/cloudbarn nfs defaults 0 0
nfs01:/data/poplarleaf /usr/share/nginx/html/poplarleaf nfs defaults 0 0
nfs01:/data/cloth_poplarleaf /usr/share/nginx/html/cloth_poplarleaf nfs defaults 0 0
[root@web02 ~]# mount -a
[root@web02 ~]#
修改Windows主机文件准备测试:
测试页面:
对第三台网站服务器进行同样的配置。
负载服务器
初始化负载服务器:
[root@localhost ~]# cat skel_refine.sh
#!/bin/bash
hostname=lb01
ens160Ipv4="10.0.0.5/24"
ens192Ipv4="192.168.1.5/24"
hostnamectl set-hostname $hostname
nmcli c modify ens160 ipv4.addresses $ens160Ipv4
nmcli c modify ens192 ipv4.addresses $ens192Ipv4
# Generate new UUIDs for interfaces
sed -i "s/^UUID.*/UUID=`uuidgen ens160`/g" /etc/sysconfig/network-scripts/ifcfg-ens160
sed -i "s/^UUID.*/UUID=`uuidgen ens192`/g" /etc/sysconfig/network-scripts/ifcfg-ens192
nmcli c reload
nmcli c up ens160
nmcli c up ens192
[root@localhost ~]# ./skel_refine.sh
安装Nginx:
[root@lb01 ~]# vi /etc/yum.repos.d/nginx.repo
[root@lb01 ~]# cat /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@lb01 ~]# dnf install nginx
Repository AppStream is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository PowerTools is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
CentOS-8 - Base - mirrors.aliyun.com 36 kB/s | 3.9 kB 00:00
CentOS-8 - Extras - mirrors.aliyun.com 16 kB/s | 1.5 kB 00:00
Extra Packages for Enterprise Linux Modular 8 - x86_64 26 kB/s | 3.0 kB 00:00
Extra Packages for Enterprise Linux 8 - x86_64 17 kB/s | 4.7 kB 00:00
nginx stable repo 17 kB/s | 16 kB 00:00
Dependencies resolved.
=============================================================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================================================
Installing:
nginx x86_64 1:1.18.0-1.el8.ngx nginx-stable 806 k
Transaction Summary
=============================================================================================================================================================================
Install 1 Package
Total download size: 806 k
Installed size: 3.6 M
Is this ok [y/N]:
编写Nginx负载均衡配置文件:
[root@lb01 ~]# cd /etc/nginx/conf.d/
[root@lb01 conf.d]# vi cloudbarn_lb.conf
[root@lb01 conf.d]# cat cloudbarn_lb.conf
upstream cloud {
server 192.168.1.7;
server 192.168.1.8;
server 192.168.1.9;
}
server {
listen 80;
server_name cloudbarn.com www.cloudbarn.com;
location / {
proxy_pass http://cloud;
proxy_set_header Host $host;
}
}
[root@lb01 conf.d]#
修改Windows主机文件指向负载均衡服务器:
启动服务:
[root@lb01 ~]# systemctl start nginx
[root@lb01 ~]# systemctl enable nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
[root@lb01 ~]#
尝试访问(检查代理和防火墙):
打开防火墙:
[root@lb01 ~]# firewall-cmd --zone=public --permanent --add-service=http
success
[root@lb01 ~]# firewall-cmd --zone=public --permanent --add-service=https
success
[root@lb01 ~]# firewall-cmd --reload
success
[root@lb01 ~]#
再次尝试访问:
检查SELinux:
[root@lb01 ~]# journalctl -xe
***** Plugin catchall_boolean (24.7 confidence) suggests ******************
If you want to allow httpd to can network connect
Then you must tell SELinux about this by enabling the 'httpd_can_network_connect' boolean.
Do
setsebool -P httpd_can_network_connect 1
***** Plugin catchall_boolean (24.7 confidence) suggests ******************
If you want to allow httpd to graceful shutdown
Then you must tell SELinux about this by enabling the 'httpd_graceful_shutdown' boolean.
Do
setsebool -P httpd_graceful_shutdown 1
配置SELinux:
[root@lb01 ~]# setsebool -P httpd_can_network_connect 1
[root@lb01 ~]#
再次尝试:
按照上述流程做剩余两个网站的负载均衡配置。