一环境介绍
主机名 | ip | 安装软件 |
---|---|---|
nginx_mysql_m | 192.168.255.67 | keepalived+nginx |
nginx_mysql_s | 192.168.255.66 | keepalived+nginx |
mysql1 | 192.168.255.52 | mysql、mysql-server |
mysql2 | 192.168.255.57 | mysql、mysql-server |
二、keepalived配置
keepalived的配置和上一篇的类似
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id nginx_mysql_s vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" # 检查nginx状态的脚本 interval 2 weight 3 } vrrp_instance VI_1 { state BACKUP interface ens160 virtual_router_id 66 priority 100 #backup这里要比100小 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.255.200 } track_script { chk_nginx } }
三、nginx的配置
因为这里nginx监听的是3306的端口,不需要web服务所以配置文件较简单,但是需要用到stream模块
在配置的时候需要添加上--with--stream
/configure --add-module=../ngx_cache_purge-2.3 --prefix=/usr/local/nginx --with-http_ssl_module --with-stream --with-pcre=../pcre-8.41 --with-zlib=../zlib-1.2.11 --with-openssl=../openssl-1.0.2o
其他和上一篇的安装方法一样
修改nginx配置文件
#user nobody;
worker_processes 1;#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;events {
worker_connections 1024;
}stream {
upstream mysql {
server 192.168.255.52:3306 weight=5 max_fails=3 fail_timeout=30s;
server 192.168.255.57:3306 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 3306;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass mysql;
}
}
启动nginx
/usr/local/nginx/sbin/nginx
netstat -napt
发现nginx已经被成功监听
backup的nginx配置相同
四、mysql数据库配置
接下来是重头戏,mysql主主配置
1 mysql安装
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
mv http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm /etc/yum.repo/
rpm -ivh http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
yum install -y mysql&&yum install mysql-server -y
systemctl start mysql
首先我们配置mysql双主模型,让其数据同步
vim /etc.my.cnf
server-id=1
log-bin=mysql-bin
binlog_format=mixed
relay-log=relay-bin
relay-log-index=slave-relay-bin.index
auto-increment-increment=2
auto-increment-offset=1
log-slave-updates
其中红框历史需要添加的内容
粉框中是两个mysql不同的地方
mysql2的粉框处是2
然后重启mysql
systemctl restart mysql
mysql
mysql> grant all privileges on . to [email protected] identified by '123456';
在mysql2上把ip改成mysql1的
剩下的步骤在上一篇博客mysql数据不同步里面有,这里不多说了
我们给web服务器授权,让其可以进行所有操作
mysql
mysql> create database db_jd;
mysql> create user web@localhost identified by '123456';
mysql> grant all privileges on *.* to web@localhost;
mysql> create user [email protected] identified by '123456';
mysql> create user [email protected] identified by '123456';
mysql> grant all privileges on db_jd.* to [email protected];
mysql> grant all privileges on db_jd.* to [email protected];
mysql> flush privileges;
然后在web服务器上用php连接一下mysql看是否成功
>cd /var/www/html
vim con.php
然后在数据库db_jd里创建表
mysql > create table tb_goods (id int(11) null, tltle VarChar(40), price Decimal(10), market_price Decimal(10));
然后在web服务器编写接口程序连接mysql,并写一个能插入数据到数据库的表单
vim coon.php
vim index.php
产品添加-JD产品管理系统
JD产品管理
vim deal.php
接下来我们给web和mysql的keepalived主机还有两台mysql添加时间同步,这里举例两台MySQL主机。
yum -y install ntp
修改npt配置文件,添加下面两行
vim /etc/ntp.conf
server 127.127.1.0 iburst local clock #添加使用本地时间 restrict 192.168.255.52 mask 255.255.255.0 nomodify #允许更新的IP地址段
启动ntp服务,并加入开机启动
systemctl start ntpd
systemctl enable ntpd
添加防火墙策略
只允许192.168.255.57访问ntp服务。
打开防火墙
systemctl start firewalld
firewalld-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.255.57" port protocol="udp" port="123" accept"
firewalld-cmd --reload
配置 keepalived虚拟路由协议vrrp通过防火墙
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens192 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
配置web80端口通过防火墙
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-interface=ens160
firewall-cmd --reload
配置3306端口通过防火墙
firewall-cmd --zone=public --add-port=3306/tcp
firewall-cmd --zone=public --add-interface=ens160