实验1:
部署discuz
1、 不做会话绑定 基于roundrobin
—————————10.1.72.40|30——————————
安装环境,启动服务
[root@localhost ~]# yum -y install php php-fpm mariadb-server httpd
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# cp -a upload/ /var/www/html/
[root@localhost ~]# cd /var/www/html/
测试服务器是否启动成功
[root@localhost html]# setfacl -Rm u:apache:rwx upload/ //给安装权限
更改php.ini的时区
创建数据库并授权
MariaDB [(none)]> create database discuz;
MariaDB [(none)]> grant all on discuz.* to 'user'@'localhost' identified by '123';
MariaDB [(none)]> grant all on discuz.* to 'user'@'127.0.0.1' identified by '123';
MariaDB [(none)]> grant all on discuz.* to 'user'@'%' identified by '123';
MariaDB [(none)]> flush privileges;
—————————–10.1.72.60—————————
63 frontend discuz
64 bind :80
65 defa ult_backend app
66
67 backend app
68 balance roundrobin
69 maxconn 350
70 server ser1 10.1.72.30:80 check maxconn 100 maxqueue 20
71 server ser2 10.1.72.40:80 check maxconn 200 maxqueue 30
72
73 listen stats *:9001
74 stats enable
75 stats uri /admin?stats
76 stats realm "haproxy status"
77 stats refresh 3s
78 stats hide-version
79 stats auth admin:123
80 stats admin if LOCALHOST
2、 基于cookie的会话粘性,测试上传图片是否可以访问
frontend discuz
bind :80
default_backend app
backend app
balance roundrobin
maxconn 350
cookie web insert indirect nocache
server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20
server ser2 10.1.72.40:80 check cookie ser2 maxconn 200 maxqueue 30
实验2:
—————————–10.1.72.40———————————
[root@localhost html]# systemctl start rpcbind
[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum
[root@localhost ~]# systemctl start nfs
[root@localhost ~]#setfacl –m u:apache:rwx /pic
[root@localhost ~]# vim /etc/exports
/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)
Vim /etc/nginx/nginx.conf
location / {
root /var/www/html;
}
———————-10.1.72.30————————–
共享的nfs挂载到discuz上传的目录
[root@centos7 ~]# mount -t nfs 10.1.72.40:/var/www/html/upload/data/attachment/forum/ /var/www/html/upload/data/attachment/forum/
——————10.1.72.60————————–
frontend discuz
bind :80
acl static path_reg .*/data/attachment/forum.*
use_backend upload if static
default_backend app
backend app
balance roundrobin
maxconn 350
cookie web insert indirect nocache
server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20
backend upload
balance roundrobin
maxconn 350
server ser1 10.1.72.40:80 check maxconn 100 maxqueue 20
测试:
取消挂载,并刷新页面
———————-10.1.72.30———————
[root@centos7 upload]# umount /var/www/html/upload/data/attachment/forum/
实验3、
——————————-10.1.72.50———————————–
[root@localhost varnish]# vim default.vcl
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "10.1.72.40";
.port = "80";
}
#probe health_check {
# .url = "/";
# .window = 5;
# .threshold = 4;
# .interval = 2s;
# .timeout = 1s;
#}
#backend ser1 {
# .host = "10.1.72.40";
# .port = "80";
# .probe = health_check;
#}
#import directors;
#sub vcl_init {
# new sers = directors.random();
# sers.add_backend(ser1);
#}
#acl client_purge {
# "127.0.0.0"/8;
# "10.1.72.60";
#}
sub vcl_purge {
return(synth(200,"clean suss"));
}
sub vcl_recv {
# if (req.http.Authorization || req.http.Cookie) {
# /* Not cacheable by default */
# return (hash);
# }
# set req.backend_hint = sers.backend();
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
# if (req.url ~ "^/") {
# return(pass);
# }
# if (req.method == "PURGE") {
# if (client.ip ~ client_purge) {
# return(purge);
# } else {
# return(synth(405,"not allow for "+client.ip));
# }
# }
# if (req.url ~ "(?i)\.php$") {
# } else {
# set req.backend_hint = default;
# }
}
sub vcl_deliver {
if (obj.hits>0) {
set resp.http.x-ache = "hit via "+server.ip;
} else {
set resp.http.x-cache = "miss via "+server.ip;
}
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
if (bereq.url ~ "(?i)\.(jpg|png|jpeg)$") {
unset beresp.http.Set-Cookie;
set beresp.ttl=10s;
}
}
—————————10.1.72.60———————————-
vim /etc/haproxy/haproxy.cfg
frontend discuz
bind :80
acl static path_reg .*/data/attachment/forum.*
use_backend upload if static
default_backend app
backend app
balance roundrobin
maxconn 350
server ser1 10.1.72.30:80 check maxconn 100 maxqueue 20
backend upload
balance roundrobin
maxconn 350
server ser1 10.1.72.50:6081 check maxconn 100 maxqueue 20
listen stats *:9001
stats enable
stats uri /admin?stats
stats realm "haproxy status"
stats refresh 3s
stats hide-version
stats auth admin:123
stats admin if LOCALHOST
—————————–10.1.72.40———————————
[root@localhost html]# systemctl start rpcbind
[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum
[root@localhost ~]# systemctl start nfs
[root@localhost ~]#setfacl –m u:apache:rwx /pic
[root@localhost ~]# vim /etc/exports
/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)
Vim /etc/nginx/nginx.conf
location / {
root /var/www/html;
}
实验4:
————————————————–10.1.72.60———————————-
[root@centos7clean haproxy]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.72.111
}
}
Haproxy:
vim haproxy.cfg
frontend discuz
bind :80
acl static path_reg .*/data/attachment/forum.*
use_backend upload if static
default_backend app
backend app
balance roundrobin
maxconn 350
server ser1 10.1.72.30:80 check maxconn 100 maxqueue 20
backend upload
balance roundrobin
maxconn 350
server ser1 10.1.72.50:6081 check maxconn 100 maxqueue 20
listen stats *:9001
stats enable
stats uri /admin?stats
stats realm "haproxy status"
stats refresh 3s
stats hide-version
stats auth admin:123
stats admin if TRUE
日志:
修改/etc/rsyslog
开启udp 514号端口
错误页:
frontend discuz
bind :80
acl static path_reg .*/data/attachment/forum.*
use_backend upload if static
default_backend app
errorfile 503 /var/www/html/index.html
原创文章,作者:landanhero,如若转载,请注明出处:http://www.178linux.com/59250
