基础环境
- 操作系统:RHEL7.4(VM workstation 14pro)
- 数据库:mariadb10.1.28-systemd
- web服务器:Nginx1.10+php-fpm
- 文件服务器:NFS
DS服务器实现高可用
1、关闭selinux及防火墙
[root@localhost ~]#sed -i 's/SELINUX=enforcing/SELINUX=disabled' /etc/selinux/conf
[root@localhost ~]#systemctl stop firewalld
[root@localhost ~]#systemctl disable firewalld
2、配置Centos的yum源
配置如下:
[root@localhost ~]#cat /etc/yum.repo.d/Centos7.repo
[Centos7]
name=Centos7repo
baseurl=http://mirrors.aliyun.com/centos/7/os/x86_64/
gpgkey=http://mirror.aliyun.org/centos/7/os/x86_64/RPM-GPG-KEY-CentOS-7
gpgcheck=1
enable=1
3、安装并配置keepalived
[root@localhost ~]#yum install -y keepalived
[root@localhost ~]#cp /etc/keepalived/keepalived.conf{,.bak}
[root@localhost ~]#vim /etc/keealived/keepalived.conf
! Configuration File for keepalived
global_defs {
# notification_email { 告警通知的email
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict 默认开启情况下,当keepalived启动后,会在INPUT链上添加一条全DROP规则
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 { 实例名
state MASTER 主
interface ens33 实例指定网络接口
virtual_router_id 51 虚拟路由ID,主备相同
priority 100 主备优先级
advert_int 1
authentication {
auth_type PASS 认证方式
auth_pass 1111 明文密码
}
virtual_ipaddress {
192.168.101.200 虚拟路由IP地址
}
}
备机上需要对优先级,主备状态进行修改
state BACKUP 备
priority 80 主备优先级,值越大,级别越高
[root@localhost ~]#systemctl restart keepalived.service
可通过ping 192.168.101.200进行简单的测试
Mariadb、NFS服务器搭建
1、关闭selinux及防火墙
[root@localhost ~]#sed -i 's/SELINUX=enforcing/SELINUX=disabled' /etc/selinux/conf
[root@localhost ~]#systemctl stop firewalld
[root@localhost ~]#systemctl disable firewalld
2、创建用户、组
[root@localhost ~]#groupadd -g 700 mysql
[root@localhost ~]#useradd -u 700 -g mysql -s /sbin/nologin mysql
[root@localhost ~]#
3、安装mariadb数据库
因为systemd模式已经完全取代init,所以,在RHEL安装中最好使用systemd[Maridb安装包for systems with systemd](https://downloads.mariadb.org/mariadb/mariadb-10.1.28-linux-systemd-x86_64.tar.gz (for systems with systemd))
[root@localhost ~]#cd /tmp
[root@localhost tmp]#tar -zvxf mariadb-10.1.28-linux-systemd-x86_64.tar.gz
[root@localhost ~]#ln -s /tmp/mariadb-10.1.28 /usr/local/mysql
[root@localhost ~]#cp /usr/local/mysql/support-files/mariadb.service /usr/lib/systemd/system/ 复制mariadb.service文件至systemd加载目录
[root@localhost ~]#systemctl enable mariadb.service
[root@localhost ~]#cp /usr/local/mysql/my-large.cnf /etc/my.cnf 复制配置文件至/etc目录
[root@localhost ~]#sed -i '$aexport PATH=/usr/local/mysql/bin:$PATH' /etc/profile
[root@localhost ~]#source /etc/profile 添加环境变量
[root@localhost ~]#./usr/local/mysql/scripts/mysql_install_db --user=mysql
[root@localhost ~]#mysqladm -uroot passwod 指定root用户登录密码
[root@localhost ~]#systemctl start mariadb.service
[root@localhost ~]#mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 6
Server version: 10.1.28-MariaDB MariaDB Server
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> grant all privileges on *.* to 'root'@'%' identified by '********';
赋权root用户可以在任何主机通过******(密码) 访问所有数据库及表
MariaDB [(none)]> flush privileges;
4、搭建NFS文件共享
[root@localhost ~]#yum install -y nfs-utils
[root@localhost ~]#mkdir /www
[root@localhost ~]#chown -R root:root /www
[root@localhost ~]#chmod -R 775 /www
[root@localhost ~]#vim /etc/exports
添加如下内容:
/www 192.168.101.0/24(rw,no_root_squash)
no_root_squash:root用户可以对该目录进行读写操作;
[root@localhost ~]#systemctl restart nfs.service
[root@localhost ~]#showmount -e
Export list for localhost.localdomain:
/www 192.168.101.0/24
RS(Nginx)服务器搭建
1、编译安装Nginx1.10
通过Nginx官方下载[Nginx1.10.tar.gz](http://nginx.org/download/nginx-1.10.3.tar.gz)
[root@localhost ~]#yum install -y gcc openssl-devel perl-devel pcre-devel perl-ExtUtils-Embed
[root@localhost ~]#tar -zvxf nginx-1.10.3.tar.gz
[root@localhost nginx-1.10.3]#./configure \
--prefix=/usr/local/nginx1.10 \
--modules-path=/usr/local/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx.log \
--pid-path=/var/run/nginx.pid \
--user=nginx --group=nginx \ 需要先创建用户、组
--with-http_ssl_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_perl_module \
--with-ld-opt="-L,/usr/local/lib" 支持perl模块时必须安装,否则启动服务会报错
[root@localhost nginx-1.10.3]#make && make install
[root@localhost ~]#sed -i '$aexport PATH=/usr/local/nginx1.10/sbin:$PATH' /etc/profile
[root@localhost ~]#source /etc/profile 指定Nginx环境变量并生效
[root@localhost ~]#nginx -c /etc/nginx/nginx.conf
[root@localhost ~]#netstat -atnlp
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 14156/nginx: master
通过浏览器便可访问Nginx测试页面
2、安装配置php-fpm
[root@localhost ~]#yum install -y php-fpm php-mysql
[root@localhost ~]#systemctl start php-fpm.service
[root@localhost ~]#netstat -atnlp
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1462/php-fpm: maste
[root@localhost ~]#vim /etc/php-fpm.d/www.conf
; Start a new pool named 'www'.
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = apache
group = apache
……
默认情况下,php-fpm监听本地127.0.0.1:9000地址
3、配置Nginx支持php-fpm解析
[root@localhost ~]#vim /etc/nginx/nginx.conf
……
server {
listen 80;
server_name localhost;
charset utf-8; 支持简体中文字符
root html; 根目录/usr/local/nginx1.10/html
client_max_body_size 50M;
#access_log logs/host.access.log main;
location / {
index index.php index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 当root在server段定义后,此处可以修改为$document_root来定位文件位置
include fastcgi_params;
}
}
……
4、配置本地网络实现lvs_dr模式
创建如下脚本,修改内核参数执行:
[root@localhost ~]#vim dr.sh
#!/bin/bash
VIP=192.168.101.200
case $1 in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
route add -host $VIP dev lo:0
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
sysctl -p >/dev/null 2>&1
echo "The VIP configure successful!"
;;
stop)
ifconfig lo:0 down
route del -host $VIP dev lo:0
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
sysctl -p > /dev/null 2>&1
echo "The VIP deleted!"
;;
*)
echo "usage:please choose options {start|stop}"
;;
esac
[root@localhost ~]#chmod +x dr.sh
[root@localhost ~]#./dr.sh start
[root@localhost ~]#ifconfig
lo:0: flags=73<up,loopback,running> mtu 65536
inet 192.168.101.200 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
</up,loopback,running>5、本地添加NFS共享目录
[root@localhost ~]#yum install -y nfs-utils [root@localhost ~]#mkdir /www [root@localhost ~]#vim /etc/fstab 添加一条挂载信息 192.168.101.151:/www /www nfs defaults 0 0 [root@localhost ~]#mount -t nfs 192.168.101.151:/www /www
以上相同操作再部署一台RS服务器,IP地址192.168.101.202
基于keepalived实现lvs_dr模式负载均衡
1、配置keepalived
在原有高可用基础上,增加虚拟服务器及realserver
[root@localhost ~]#vim /etc/keepalived/keepalived.conf
virtual_server 192.168.101.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.101.201 80 {
weight 1
TCP_CHECK { 监控服务状态方式,类似的还有SSL_GET\HTTP_GET等
connect_port 80 监控的端口
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.101.202 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
}
}
}
以上代码需要在主备上均配置添加
[root@localhost ~]#systemctl restart keepalived
[root@localhost ~]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.101.200:80 rr persistent 50
-> 192.168.101.201:80 Route 1 0 0
-> 192.168.101.202:80 Route 1 0 0
部署wordpress个人网站
1、官网下载wordpress安装包,解压至NFS服务器/www目录下
[root@localhost ~]#cd /www
[root@localhost www]#tar -zvxf wordpress-4.9.1-zh_CN.tar.gz
[root@localhost www]#cd wordpress
[root@localhost wordpress]#cp wp-config-sample.php wp-config.php{,.bak}2、配置数据库信息
[root@localhost wordpress]#vim wp-config.php
define('DB_NAME', 'wordpress');
define('DB_USER', 'root');
define('DB_PASSWORD', '********');
define('DB_HOST', '192.168.101.151');
define('DB_CHARSET', 'utf8');
define("FS_METHOD","direct");
define("FS_CHMOD_DIR", 0777);
define("FS_CHMOD_FILE", 0777);
3、配置Nginx访问目录
在两台RS服务器上修改nginx.conf
[root@localhost ~]#vim /etc/nginx/nginx.conf
server {
listen 80;
server_name localhost;
charset utf-8;
root /www/wordpress;
client_max_body_size 50M;
……
}
4、开启wordpress之旅 
本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/89869
