实现LNMP
实现环境:
服务
版本
系统
CentOS7.6
Mysql
5.6.34
Nginx
1.14.2
PHP
7.1.30
HAProxy
1.8.20
Keepalived
1.3.5
NFS
1.3.0
主机
IP
Mysql_master
192.168.37.108
Mysql_slave
192.168.37.105
Nginx+PHP
192.168.37.103
Nginx+PHP
192.168.37.104
HAProxy+Keepalived
192.168.37.101
HAProxy+Keepalived
192.168.37.102
VIP
192.168.37.240
NFS_server
192.168.37.107
1 搭建数据库 (192.168.37.108)
1.1 安装Mysql
使用脚本一键完成
将数据库软件包,脚本,配置文件my.cnf放在同一个目录中执行
#!/bin/bash
DIR=`pwd`
NAME="mysql-5.6.34-linux-glibc2.5-x86_64.tar.gz"
FULL_NAME=${DIR}/${NAME}
DATA_DIR="/data/mysql"
yum ×××tall vim gcc gcc-c++ wget autoconf net-tools lrzsz iotop lsof iotop bash-completion -y
yum ×××tall curl policycoreutils openssh-server openssh-clients postfix -y
yum ×××tall libaio -y
if [ -f ${FULL_NAME} ];then
echo "安装文件存在"
else
echo "安装文件不存在"
exit 3
fi
if [ -h /usr/local/mysql ];then
echo "Mysql 已经安装"
exit 3
else
tar xvf ${FULL_NAME} -C /usr/local/src
ln -sv /usr/local/src/mysql-5.6.34-linux-glibc2.5-x86_64 /usr/local/mysql
if id mysql;then
echo "mysql 用户已经存在,跳过创建用户过程"
fi
useradd mysql -s /sbin/nologin
if id mysql;then
chown -R mysql.mysql /usr/local/mysql/* -R
if [ ! -d /data/mysql ];then
mkdir -pv /data/mysql && chown -R mysql.mysql /data -R
/usr/local/mysql/scripts/mysql_×××tall_db --user=mysql --datadir=/data/mysql --basedir=/usr/local/mysql/
cp /usr/local/src/mysql-5.6.34-linux-glibc2.5-x86_64/support-files/mysql.server /etc/init.d/mysqld
chmod a+x /etc/init.d/mysqld
cp ${DIR}/my.cnf /etc/my.cnf
ln -sv /usr/local/mysql/bin/mysql /usr/bin/mysql
/etc/init.d/mysqld start
else
echo "MySQL数据目录已经存在,"
exit 3
fi
fi
fi
1.2 创建wordpress数据库并授权
[root@s8 src]#mysql
mysql> CREATE DATABASE wordpress;
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"192.168.37.%" IDENTIFIED BY "123456";
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| wordpress |
+--------------------+
5 rows in set (0.00 sec)
1.3 测试数据库连接
在wordpress服务器或者HAProxy服务器用授权帐号测试远程连接是否正满
[root@s0 ~]#mysql -uwordpress -p123456 -h192.168.37.108
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
| wordpress |
+--------------------+
2 安装PHP 分别在两主机上完成相同的操作(192.168.37.103/104)
2.1 编译安装php
创建PHP,Nginx共同使用的系统帐号
[root@s4 ~]#useradd -s /sbin/nologin -u 1001
安装依赖包
[root@s3 src]#yum -y ×××tall wget vim pcre pcre-devel openssl openssl-devel libicu-devel gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel json automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpeg-devel
[root@s3 src]#pwd
/usr/local/src
[root@s3 src]#tar xvf php-7.1.30
[root@s3 src]#cd php-7.1.30/
[root@s3 php-7.1.30]#./configure --prefix=/apps/php --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-pear --with-curl --with-png-dir --with-freetype-dir --with-iconv --with-mhash --with-zlib --with-xmlrpc --with-xsl --with-openssl --with-mysqli --with-pdo-mysql --disable-debug --enable-zip --enable-sockets --enable-soap --enable-inline-optimization --enable-xml --enable-ftp --enable-exif --enable-wddx --enable-bcmath --enable-calendar --enable-shmop --enable-dba --enable-sysvsem --enable-sysvshm --enable-sysvmsg
[root@s3 src]make -j 2
[root@s3 src]make ×××tall
PHP安装时间较长
准备配置文件
[root@s3 php-7.1.30]#cd /apps/php/etc/php-fpm.d/
root@s3 php-fpm.d]#ll
total 40
-rw-r--r-- 1 www www 18760 Jun 9 13:01 www.conf.default
[root@s3 php-fpm.d]#cp www.conf.default www.conf
[root@s3 php-fpm.d]#cp /usr/local/src/php-7.1.30/php.ini-production /apps/php/etc/php.ini
编辑配置文件
[root@s3 php-fpm.d]#vim www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 30
pm.min_spare_servers = 30
pm.max_spare_servers = 35
pm.status_path = /pm_status
ping.path = /ping
ping.response = pong
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow
[root@s3 php-fpm.d]#mkdir /apps/php/log/
root@s3 php-fpm.d]#cd /apps/php/etc/
[root@s3 etc]#ll
total 92
-rw-r--r-- 1 www www 1178 Jun 9 13:01 pear.conf
-rw-r--r-- 1 www www 4438 Jun 9 13:01 php-fpm.conf.default
drwxr-xr-x 2 www www 46 Jun 10 10:20 php-fpm.d
-rw-r--r-- 1 www www 72020 Jun 9 13:02 php.ini
[root@s3 etc]#cp php-fpm.conf.default php-fpm.conf
2.2 启动,测试PHP
检测语法 启动
[root@s3 etc]#/apps/php/sbin/php-fpm -t
[10-Jun-2019 10:28:47] NOTICE: configuration file /apps/php/etc/php-fpm.conf test is successful
[root@s3 etc]#/apps/php/sbin/php-fpm
[root@s3 etc]#/apps/php/sbin/php-fpm -c /apps/php/etc/php.ini
[root@s3 etc]#netstat -tanlp |grep php-fpm
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 6386/php-fpm: maste
[root@s3 etc]#ps -ef |grep php-fpm
root 6386 1 0 06:56 ? 00:00:01 php-fpm: master process (/apps/php/etc/php-fpm.conf)
www 6389 6386 0 06:56 ? 00:00:01 php-fpm: pool www
www 6390 6386 0 06:56 ? 00:00:01 php-fpm: pool www
...
3 安装Nginx(192.168.37.103/104)
3.1 安装依赖包
[root@s3 src]#pwd
/usr/local/src
[root@s3 src]#yum ×××tall -y vim lrzsz tree screen psmisc lsof tcpdump wget ntpdate gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools iotop bc zip unzip zlib-devel bash-completion nfs-utils automake libxml2 libxml2-devel libxslt libxslt-devel perl perl-ExtUtils-Embed
[root@s3 src]#tar xvf nginx-1.14.2
[root@s3 src]#cd nginx-1.14.2/
3.2 自定义server信息
[root@s3 nginx-1.14.2]#vim src/core/nginx.h
13 #define NGINX_VERSION "000"
14 #define NGINX_VER "000" NGINX_VERSION
引号""中为Nginx版本信息,修改后安装会显示自己定义的Nginxt版本
[root@s3 nginx-1.14.2]#vim src/http/ngx_http_header_filter_module.c
49 static u_char ngx_http_server_string[] = "Server: Myserver" CRLF;
Server: 设置为自定义服务器信息
3.3 编译安装Nginx
[root@s3 nginx-1.14.2]#./configure --prefix=/apps/nginx --user=www --group=www --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module
[root@s3 nginx-1.14.2]#make
[root@s3 nginx-1.14.2]#make ×××tall
准备一个PHP测试页面
[root@s3 nginx-1.14.2]#mkdir /data/nginx/wordpress -p
[root@s3 nginx-1.14.2]#vim /data/nginx/wordpress/test.php
phpinfo();
?>
3.4 配置Nginx
设置启动帐号
[root@s3 nginx-1.14.2]#vim /apps/nginx/conf/nginx.conf
user www www ;
worker_processes 1;
在http中设置server字段,设置监听域名www.a.net,主目录/data/nginx/wordpress index.php
并设置php转发
server {
listen 80;
server_name www.a.net;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
3.5 配置Nginx启动脚本
没有nginx.service文件就用vim创建一个
[root@s3 nginx-1.14.2]#cat /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/apps/nginx/logs/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /apps/nginx/logs/nginx.pid
ExecStartPre=/apps/nginx/sbin/nginx -t
ExecStart=/apps/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
#KillSignal=SIGQUIT
#TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
启动Nginx
[root@s3 nginx-1.14.2]#systemctl start nginx
[root@s3 nginx-1.14.2]#systemctl status nginx
查看服务是否正常启动
[root@s3 nginx-1.14.2]#ps -ef |grep nginx
root 6680 1 0 07:04 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx
www 6681 6680 0 07:04 ? 00:00:02 nginx: worker process
root 9495 7297 0 11:22 pts/0 00:00:00 grep --color=auto nginx
浏览器测试
4 部署WordPress
4.1 创建网站目录
[root@s3 nginx-1.14.2]#chown -R www.www /data/nginx
[root@s3 nginx-1.14.2]#cd /data/nginx/
[root@s3 nginx]#tar xf wordpress-5.0.1-zh_CN.tar.gz
[root@s3 nginx]#chown -R www.www /data/
[root@s3 nginx]#cd wordpress
[root@s3 wordpress]#cp wp-config-sample.php wp-config.php
4.2 设置连接数据库
使用前的数据库帐号进行连接,通过keepalive服务器的VIP(192.168.37.240)连接数据库,不直接连接
[root@s3 wordpress]#vim wp-config.php
...
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wordpress');
/** MySQL数据库密码 */
define('DB_PASSWORD', '123456');
/** MySQL主机 */
define('DB_HOST', '192.168.37.240');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');
/**#@+
* 身份认证密钥与盐。
*
* 修改为任意独一无二的字串!
* 或者直接访问{@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org密钥生成服务}
* 任何修改都会导致所有cookies失效,所有用户将必须重新登录。
*
* @since 2.6.0
*/
define('AUTH_KEY', '`plxTeyf>=SNRd|)F8PLSLOB#xl?|WlOG');
define('SECURE_AUTH_KEY', '{Q>.,YBJbZKR.+Msb0RMV&6( P-(4_`zQgj@?{-A[=#
define('LOGGED_IN_KEY', '_N|`YMNp.4{ tBS,/sSP{H4g
define('NONCE_KEY', 'mF__L/-fP[2ouP Y&pY^)
define('AUTH_SALT', 'mNDLO|3Ir:72N Mrdn?xAocUme?8/0K.ax>/Yp|0G18a8Pn8{ r@O$u&k1Z{>uso');
define('SECURE_AUTH_SALT', 'K0)Eb;ShB|4=7I]iAqi>v]cRkU7 #}/CwvcY?OAEwe+mr
define('LOGGED_IN_SALT', 'NgBg!C(7UJ>P{3|oS6J#svt3A>CC{m_QKkt?2eqzMI=TMuSw,PDW>!+ qz1e9U$l');
define('NONCE_SALT', 'C2&*P1]9Uo[|%b|fFJgMjIe1_Rs_(pb?:55ZXzjU;[Mutt:o~y1u@HB]eP.]z=Z)');
/**#@-*/
访问https://api.wordpress.org/secret-key/1.1/salt/生成密钥与盐
替换文件中的信息
其他的不用再修改
如果有多个wordpress 修改一下数据表前缀(多个wordpress放在一个服务器上才修改为不同的前缀)
/**
* WordPress数据表前缀。
*
* 如果您有在同一数据库内安装多个WordPress的需求,请为每个WordPress设置
* 不同的数据表前缀。前缀名只能为数字、字母加下划线。
*/
$table_prefix = 'wp_';
5 设置haproxy (192.168.37.101/102)
因为要使用VIP,vip同一时间只能存在一台服务器上,没有VIP的一服务器会有故障。所以先打开两个系统设置,使其在没有VIP是不报故障
[root@s1 ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
[root@s1 ~]#sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
5.1 编译安装haproxy
5.1.1 安装依赖的工具包
yum ×××tall -y gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate
5.1.2 安装haproxy
[root@s1 src]#pwd
/usr/local/src
[root@s1 src]#tar xvf haproxy-1.8.20.tar.gz
[root@s1 src]#cd haproxy-1.8.20/
[root@s1 haproxy-1.8.20]#make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy
[root@s1 haproxy-1.8.20]#make ×××tall PREFIX=/usr/local/haproxy
[root@s1 haproxy-1.8.20]#useradd -s /sbin/nologin -u 2001 haproxy
5.1.3 设置启动脚本
[root@s1 haproxy-1.8.20]#cp haproxy /usr/sbin
[root@s1 haproxy-1.8.20]#vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pi
d
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
5.1.4 配置haproxy
[root@s1 haproxy-1.8.20]#vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /usr/local/haproxy
#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 2001
gid 2001
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /usr/local/haproxy/run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
listen wordpress
bind 192.168.37.240:80
mode http
# log global
server 192.168.37.103 192.168.37.103:80 check inter 3000 fall 2 rise 5
server 192.168.37.104 192.168.37.104:80 check inter 3000 fall 2 rise 5
listen mysql
bind 192.168.37.240:3306
mode tcp
server 192.168.37.108 192.168.37.108:3306 check inter 3000 fall 2 rise 5
启动haproxy
[root@s1 haproxy-1.8.20]#systemctl start haproxy.service
[root@s1 haproxy-1.8.20]#ps -ef |grep haproxy
root 6306 1 0 13:24 ? 00:00:00 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
haproxy 6336 6306 0 13:24 ? 00:00:02 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
root 6843 6580 0 14:10 pts/0 00:00:00 grep --color=auto haproxy
6 设置keepalived (192.168.37.101/102)
6.1 yum安装keepalived
[root@s1 ~]#yum ×××tall keepalived -y
[root@s1 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_×××tance VIP1 {
state MASTER #一台为MASTER,一台为BACKUP
interface eth1
virtual_router_id 55
priority 100
unicast_src_ip 192.168.37.101
unicast_peer {
192.168.37.102
}
authentication {
auth_type PASS
auth_pass abcd
}
virtual_ipaddress {
192.168.37.240 dev eth1 label eth1:0
}
}
6.2 启动
[root@s1 ~]#systemctl start keepalived
[root@s1 ~]#ps -ef |grep keepalived
root 6309 1 0 13:24 ? 00:00:00 /usr/sbin/keepalived -D
root 6312 6309 0 13:24 ? 00:00:00 /usr/sbin/keepalived -D
root 6313 6309 0 13:24 ? 00:00:01 /usr/sbin/keepalived -D
root 6980 6580 0 14:23 pts/0 00:00:00 grep --color=auto keepalived
7 挂载NFS文件存储
7.1 安装nfs-utils(192.168.37.107/103/104)
[root@s7 ~]#yum ×××tall nfs-utils
7.2 设置NFS同享
[root@s7 ~]#mkdir /data/nginx/wordpress
[root@s7 ~]#vim /etc/exports
/data/nginx/wordpress *(rw,no_root_squash)
[root@s7 ~]#exportfs -f
7.3 挂载NFS(192.168.37.103/104)
[root@s3 ~]#showmount -e 192.168.37.107
Export list for 192.168.37.107:
/data/nginx/wordpress *
[root@s3 ~]#mount 192.168.37.107:/data/nginx/wordpress /data/nginx/wordpress/wp-content/uploads/
验证
将自定义的域名在主机中解析为192.168.37.240
打开浏览器输入www.a.net
设置正常就应该会出现wordpress的注册界面
扫一扫
7722
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
