Linux运维中级(实操)- 部署LNMP(CentOS8+lvs+nginx+mysql5.7+uwsgi+django)

Linux中级实操-LNMP(uwsgi+django)

介绍

本次部署基于centos 8,部署Django二手商城项目
实现反向代理,负载均衡,高可用,静态资源共享,动静分离等效果

环境准备

名称IPhostname软件启动服务
nfs备份192.168.10.5nfs-backuprsync-daemonrsyncd
nfs服务器192.168.10.15nfs-servernfs-utils rsync sersyncrpcbind nfs-server sersync2
数据库192.168.10.20database-mysqlmysql-devel mysql-servermysqld
web服务器1192.168.10.30web1python36 python3-devel gcc nfs-utils libjpeg-devel zlib-devel libtiff-devel net-toolsuwsgi
web服务器2192.168.10.31web2和web1保持一致uwsgi
nginx静态服务器1192.168.10.40nginx1nfs-utils nginx keepalived net-tools tcpdumpnginx keepalived
nginx静态服务器2192.168.10.41nginx2和nginx1保持一致nginx keepalived
LVS负载均衡器主机192.168.10.10lvs1net-tools tcpdump ipvsadmkeepalived
LVS负载均衡器从机192.168.10.11lvs2和lvs1保持一致keepalived

架构设计在这里插入图片描述

mysql集群

​ 数据存储,sersync实现实时数据同步(本案例只有一台MySQL)

静态资源存储集群

​ nfs网络共享,为nginx和web服务器提供静态资源

web服务集群

​ 处理动态路由

nginx静态资源集群

​ 实现动静分离,七层代理,将动态路由交给web服务器处理

LVS主从

​ 实现负载均衡,调度nginx服务器,四层转发

配置静态IP

每台主机单独配置

nmcli c mod "ens160" ipv4.addr 192.168.10.5/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.15/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.20/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.30/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.31/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.40/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.41/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.10/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

nmcli c mod "ens160" ipv4.addr 192.168.10.11/24 gw4 192.168.10.254 ipv4.dns 114.114.114.114 ipv4.method manual autoconnect yes && nmcli c up ens160

配置主机名映射

所有主机

cat >> /etc/hosts<<EOF
192.168.10.5 nfs-backup
192.168.10.15 nfs-server
192.168.10.20 database-mysql
192.168.10.30 web1
192.168.10.31 web2
192.168.10.40 nginx1
192.168.10.41 nginx2
192.168.10.10 lvs1
192.168.10.11 lvs2
EOF

搭建网络yum源

cd /etc/yum.repos.d/ && mkdir bak && mv *.repo bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
mv Centos-8.repo redhat.repo
yum clean all && yum makecache && yum install -y -q epel-release 
yum clean all && yum makecache

关闭防火墙

systemctl stop firewalld && setenforce 0

软件安装

nfs-backup

yum install -y rsync-daemon

nfs-server

yum install -y rsync nfs-utils rsync
# 下载sersync二进制包
cd /home && wget https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz
# 解压,添加命令
tar -zxvf /home/sersync2.5.4_64bit_binary_stable_final.tar.gz
mv GNU-Linux-x86/ /usr/local/sersync 
ln -s /usr/local/sersync/sersync2 /usr/local/bin/sersync2

database-mysql

方式一:二进制部署

# 删除自带的mariadb
yum -y remove mariadb-libs.x86_64
# 安装依赖
yum install libaio-devel ncurses-compat-libs ncurses-devel -y -q  && ldconfig
# 下载二进制包
wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.26-linux-glibc2.12-x86_64.tar.gz
# 创建mysql用户和用户组
groupadd -r mysql && useradd mysql -r -g mysql -c "MySQL Server" -s /bin/false
# 解压
tar xf /home/mysql-5.7.43-linux-glibc2.12-x86_64.tar -C /usr/local/
tar xf /usr/local/mysql-5.7.43-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
# 创建软链接
ln -sv /usr/local/mysql-5.7.43-linux-glibc2.12-x86_64 /usr/local/mysql
# 初始化
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql/ --datadir=/usr/local/mysql/data
mkdir /var/log/mysql && chmod 777 /var/log/mysql
# 手动生成配置文件,注意结尾EOF后不能有空格
cat >/etc/my.cnf<<EOF
[mysqld]
user=mysql
# mysql 程序目录
basedir=/usr/local/mysql
# mysql data目录
datadir=/usr/local/mysql/data
# mysqld 本地监听socket文件
socket=/tmp/mysql.sock
# mysqld实例id,一台机器多实例id需不一样
server_id=6
port=3306
# mysql 错误日志
log_error=/var/log/mysql/mysql3306.err

[mysql]
socket=/tmp/mysql.sock
EOF
# 复制MySQL服务文件
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld && chkconfig mysqld on
# 启动服务
echo "export PATH=/usr/local/mysql/bin:\$PATH" >> /etc/profile && source /etc/profile && systemctl start mysqld

方式二:yum安装

wget https://repo.mysql.com/mysql80-community-release-el7-1.noarch.rpm
rpm -ivh mysql80-community-release-el7-1.noarch.rpm
rpm --import http://repo.mysql.com/RPM-GPG-KEY-mysql-2022
yum install -y mysql-devel mysql-server && systemctl enable --now mysqld

# 初始化数据库,不管选哪种方式安装都要本次初始化
cat > /home/scripts/ini.sql <<EOF
use mysql;
flush privileges;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'Twf:2001!';
SET character_set_server = 'utf8mb4';
SET sql_mode=(SELECT REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
update user set host='%' where user='root';
use mysql;
grant all privileges on *.* to root@'%';
flush privileges;
create database shoppingmall;
EOF
# 设置初始密码
mysql -e "alter user root@'localhost' identified by '123456';"
# 执行初始化脚本
mysql -uroot -p123456 < /home/scripts/ini.sql

web服务器

yum install -y python36 python3-devel gcc nfs-utils libjpeg-devel zlib-devel libtiff-devel net-tools
pip3 install --upgrade && pip3 install django pymysql pillow uwsgi

nginx服务器

yum install -y nginx nfs-utils keepalived net-tools tcpdump

lvs

yum install -y keepalived tcpdump ipvsadm net-tools

部署

nfs backup

cat > /etc/rsyncd.conf <<EOF
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = true
hosts allow = 192.168.10.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.pwd
# 模块名
[nfs_backup]
comment = "backup dir for nfs"
path = /backup
[wwwlog_backup]
EOF
# 创建rsync用户,使用密码文件登录
useradd rsync -M -s /bin/nologin && echo "rsync_backup:123456" >/etc/rsync.pwd && chmod 600 /etc/rsync.pwd && mkdir /backup && chown rsync.rsync /backup/
systemctl enable --now rsyncd

nfs server

# 创建映射用户,所有访问来的用户映射为本机的www
useradd -u 1001 www && chmod 777 /static
cat > /etc/exports <<EOF
/static 192.168.10.0/24(all_squash,async,anonuid=1001,anongid=1001)
EOF
systemctl enable --now nfs-server
cd /usr/local/sersync
cat > confxml.xml <<EOF
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
	<!-- "改这里,本机IP" -->
    <host hostip="192.168.10.15" port="8008"></host>
    <debug start="false"/>
    <fileSystem xfs="false"/>
    
    <filter start="false">
	<exclude expression="(.*)\.svn"></exclude>
	<exclude expression="(.*)\.gz"></exclude>
	<exclude expression="^info/*"></exclude>
	<exclude expression="^static/*"></exclude>
    </filter>

    <inotify>
	<delete start="true"/>
	<createFolder start="true"/>
	<createFile start="true"/>
	<closeWrite start="true"/>
	<moveFrom start="true"/>
	<moveTo start="true"/>
	<attrib start="true"/>
	<modify start="true"/>
    </inotify>
    <sersync>
	<localpath watch="/static">
		<!-- "改这里,ip=backup的ip, name=backup上rsync-daemon的模块名" -->
	    <remote ip="192.168.10.5" name="nfs_backup"/>
	    <!--<remote ip="192.168.8.39" name="tongbu"/>-->
	    <!--<remote ip="192.168.8.40" name="tongbu"/>-->
	</localpath>
	<rsync>
	    <commonParams params="-avz"/>
	    <auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pwd"/>
	    <userDefinedPort start="false" port="874"/><!-- port=874 -->
	    <timeout start="false" time="100"/><!-- timeout=100 -->
	    <ssh start="false"/>
	</rsync>
	<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
	<crontab start="false" schedule="600"><!--600mins-->
	    <crontabfilter start="false">
		<exclude expression="*.php"></exclude>
		<exclude expression="info/*"></exclude>
	    </crontabfilter>
	</crontab>
	<plugin start="false" name="command"/>
    </sersync>
    
    <!-- " " -->
    <plugin name="command">
	<param prefix="/bin/sh" suffix="" ignoreError="true"/>	<!--prefix /opt/tongbu/mmm.sh suffix-->
	<filter start="false">
	    <include expression="(.*)\.php"/>
	    <include expression="(.*)\.sh"/>
	</filter>
    </plugin>
    <plugin name="socket">
	<localpath watch="/opt/tongbu">
	    <deshost ip="192.168.138.20" port="8009"/>
	</localpath>
    </plugin>
    <plugin name="refreshCDN">
	<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
	    <cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
	    <sendurl base="http://pic.xoyo.com/cms"/>
	    <regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
	</localpath>
    </plugin>
</head>
EOF
# 创建远程连接密码文件,启动服务
echo "123456" > /etc/rsync.pwd && chmod 600 /etc/rsync.pwd
sersync2 -d -r -o /usr/local/sersync/confxml.xml >/dev/null 2>&1 
systemctl restart rpcbind && systemctl restart nfs-server

web1 && web2

# 挂载,共享nfs的静态文件
chmod 777 /home/wuyu/static && echo "192.168.10.15:/static /home/wuyu/static nfs _netdev 0 0" >> /etc/fstab && mount -a
cd /home/wuyu && python3 manage.py makemigrations wuyu && python3 manage.py migrate
cat > /home/wuyu/uwsgi.ini <<EOF
[uwsgi]
# web2这里写web2
socket=web1:8000
chdir=/home/wuyu
module=wuyu.wsgi
master=true
processes=2
threads=2
max-requests=2000
chmod-socket=664
vacuum=true
daemonize=/home/wuyu/uwsgi.log
EOF
# 启动uwsgi服务
chmod u+x uwsgi.ini && uwsgi --ini uwsgi.ini

database-mysql

cat > /home/scripts/create.sql <<EOF
use shoppingmall;
source /home/shoppingmall.sql;
EOF
chmod u+x /home/shoppingmall.sql
# 导入数据
mysql -uroot -p"Twf:2001!" < /home/scripts/create.sql

nginx1 && nginx2

mkdir /home/static && chmod 777 /home/static
echo "192.168.10.15:/static /home/static nfs _netdev 0 0" >> /etc/fstab && mount -a
mkdir -p /var/nginx/mydjango
# 配置动静分离
cat > /etc/nginx/conf.d/mydjango.conf <<EOF
upstream  xback {
      server  web1:8000;
      server web2:8000;
    }
server  {
  listen  81;
  server_name www.xbacks.com;
  charset utf-8;
  access_log  /var/nginx/mydjango/access.log;
  error_log /var/nginx/mydjango/error.log;
  client_max_body_size  100M;
  location  /static  {
    alias /home/static;
  }

  location  / {
    include /etc/nginx/uwsgi_params;
    uwsgi_pass  xback;
  }
}
EOF
systemctl enable --now nginx

虚拟IP配置

# 关闭广播和响应
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore && echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce && echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
# 配置VIP
ifconfig lo:1 192.168.10.100/32

lvs1 && lvs2

VIP配置

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf && sysctl -p
ifconfig lo:1 192.168.10.100/32

高可用配置

cp /etc/keepalived/keepalived.conf  /etc/keepalived/keepalived.conf.bak
# master
cat > /etc/keepalived/keepalived.conf<<EOF
! Configuration File for keepalived
global_defs {
  router_id LVS_DEVEL		
  vrrp_skip_check_adv_addr
  vrrp_strict
  vrrp_garp_interval 0
  vrrp_gna_interval 0
}
vrrp_instance VI_1 {
    state MASTER
    interface ens160
    virtual_router_id 51	
    priority 100		
    advert_int 1    
    authentication {
        auth_type PASS  
        auth_pass 1111
    }
    virtual_ipaddress {
      192.168.10.100
    }
}
vrrp_instance VI_2 {
    state BACKUP
    interface ens160
    virtual_router_id 52	
    priority 51		
    advert_int 1    
    authentication {
        auth_type PASS  
        auth_pass 1111
    }
    virtual_ipaddress {
      192.168.10.101
    }
}
# backup
cat > /etc/keepalived/keepalived.conf<<EOF
! Configuration File for keepalived
global_defs {
  router_id LVS_DEVEL2
  vrrp_skip_check_adv_addr
  vrrp_strict
  vrrp_garp_interval 0
  vrrp_gna_interval 0
}
vrrp_instance VI_1 {
    state BACKUP
    interface ens160
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
      192.168.10.100
    }
}
vrrp_instance VI_2 {
    state MASTER	
    interface ens160
    virtual_router_id 52	
    priority 102		
    advert_int 1    
    authentication {
        auth_type PASS  
        auth_pass 1111
    }
    virtual_ipaddress {
      192.168.10.101
    }
}
# 两台
systemctl enable --now keepalived

lvs集群配置

# lvs1 && lvs2
ipvsadm -A -t 192.168.10.100:81 -s wrr
ipvsadm -a -t 192.168.10.100:81 -r 192.168.10.40 -g
ipvsadm -a -t 192.168.10.100:81 -r 192.168.10.41 -g
ipvsadm -Ln

测试

# 两台
systemctl enable --now keepalived

lvs集群配置

# lvs1 && lvs2
ipvsadm -A -t 192.168.10.100:81 -s wrr
ipvsadm -a -t 192.168.10.100:81 -r 192.168.10.40 -g
ipvsadm -a -t 192.168.10.100:81 -r 192.168.10.41 -g
ipvsadm -Ln

测试

浏览器输出 192.168.10.100:80

存在问题:
解决高可用的裂脑问题
文件权限过高

  • 3
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 3
    评论
抱歉,我作为AI语言模型无法提供代码的功能,以下是一个基于LNMP的WordPress安装指南,供参考。 1. 安装LNMP(请自行搜索LNMP安装教程) 2. 创建WordPress数据库 - 登录MySQL服务器 ``` mysql -u root -p ``` - 创建数据库 ``` CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; ``` - 创建数据库用户并授权 ``` GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; ``` 3. 下载和配置WordPress - 下载WordPress ``` wget https://wordpress.org/latest.tar.gz ``` - 解压WordPress ``` tar -zxvf latest.tar.gz ``` - 复制WordPress文件到Nginx的网站目录 ``` sudo cp -r wordpress/* /usr/local/nginx/html ``` - 配置WordPress ``` sudo cp /usr/local/nginx/html/wp-config-sample.php /usr/local/nginx/html/wp-config.php sudo vi /usr/local/nginx/html/wp-config.php ``` 在wp-config.php文件中,修改以下内容: ``` define('DB_NAME', 'wordpress'); define('DB_USER', 'wordpressuser'); define('DB_PASSWORD', 'password'); define('DB_HOST', 'localhost'); ``` 4. 配置Nginx - 创建Nginx配置文件 ``` sudo vi /usr/local/nginx/conf/conf.d/wordpress.conf ``` 在wordpress.conf文件中,添加以下内容: ``` server { listen 80; server_name your-domain.com; # 替换为你的域名或IP地址 root /usr/local/nginx/html; index index.php index.html index.htm; location / { try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { fastcgi_pass unix:/run/php/php7.2-fpm.sock; # 替换为你的PHP版本和sock文件位置 fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } } ``` - 重启Nginx ``` sudo systemctl restart nginx ``` 5. 安装WordPress 在浏览器中访问你的域名或IP地址,按照WordPress的安装向导进行操作。 以上仅为一个简单的指南,可能无法涵盖所有情况。在实际部署过程中,请仔细阅读官方文档和相关教程,并根据自己的需求进行相应的配置。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值