环境规划
IP |
主机名 |
角色 |
192.168.0.13 |
lb7-01 |
Nginx,Keepalived |
192.168.0.14 |
lb7-02 |
Nginx,Keepalived,MySQL,NFS |
192.168.0.15 |
web-01 |
Nginx+PHP-FPM,Tomcat |
192.168.0.16 |
web-02 |
Nginx+PHP-FPM,Tomcat |
192.168.0.88 |
VIP |
|
安装系统:CentOS7.5
iptables -F
setenforce 0
配置主机名:
hostnamectl set-hostname lb7-02
cat /etc/hostname
软件包管理器安装
YUM或APT安装或更新MySQL是最方面的方法。
https://dev.mysql.com/downloads/repo/yum/
https://dev.mysql.com/doc/mysql-yum-repo-quick-guide/en/
配置yum源:
cat /etc/yum.repos.d/mysql.repo
# Enable to use MySQL 5.7
[mysql57-community]
name=MySQL 5.7 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/7/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
查看可安装的mysql版本:
yum repolist all|grep mysql
安装MySQL,默认最新版本:
# yum install mysql-community-server -y
启动MySQL服务:
# systemctl start mysqld
# systemctl status mysqld
root账户默认密码存储在错误日志中:
# grep 'temporary password' /var/log/mysqld.log
# mysql -uroot -p
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass4!';
注意:密码要求包含一个大写字母,一个小写字母,一位数字和一个特殊字符,并且密码长度至少为8个字符。
# systemctl enable mysqld
vi /etc/my.cnf
user = mysql
port = 3306
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
bind-address = 0.0.0.0
pid-file = /var/run/mysqld/mysqld.pid
character-set-server = utf8
collation-server = utf8_general_ci
log-error = /var/log/mysqld.log
max_connections = 10240
open_files_limit = 65535
innodb_buffer_pool_size = 3G
innodb_flush_log_at_trx_commit = 2
innodb_log_file_size = 256M
innodb_flush_method = O_DIRECT
interactive_timeout = 1800
wait_timeout = 1800
slave-parallel-type = LOGICAL_CLOCK
slave-parallel-workers = 8
master-info-repository = TABLE
relay-log-info-repository = TABLE
# systemctl restart mysqld
# yum install nfs-utils -y
# vi /etc/exports
/data/nfs 192.168.0.0/24(rw,no_root_squash)
# mkdir -p /data/nfs/wordpress
# systemctl start nfs
# systemctl enable nfs
在192.168.0.15服务器上挂载
# mount -t nfs 192.168.0.14:/data/nfs/wordpress /mnt/
vim /etc/fstab #自动挂载
192.168.0.14:/data/nfs/wordpress /mnt nfs defaults 0 0
注意事项:挂载不成功,检查nfs状态或重启,检查exports文件
Nginx与PHP工作流程图:
2.1.1.1 环境配置
Web-01配置:
iptables -F
setenforce 0
配置主机名:
hostnamectl set-hostname web-01
cat /etc/hostname
Web-02配置:
iptables -F
setenforce 0
配置主机名:
hostnamectl set-hostname web-02
cat /etc/hostname
2.1.1.2 安装
wget http://nginx.org/download/nginx-1.15.3.tar.gz
yum install gcc pcre-devel openssl-devel -y
useradd -M -s /sbin/nologin nginx
tar -xzf nginx-1.15.3.tar.gz
cd nginx-1.15.3
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream=dynamic
make && make install
wget http://docs.php.net/distributions/php-5.6.38.tar.gz
yum install gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel -y
tar -xzf php-5.6.38.tar.gz
cd php-5.6.38
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-mysql --with-mysqli --with-openssl --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir --with-iconv --enable-fpm --enable-zip --enable-mbstring
make -j 8 && make install
cp php.ini-production /usr/local/php/etc/php.ini
cd /usr/local/php/etc/
vi php.ini
date.timezone = Asia/Shanghai
cp php-fpm.conf.default php-fpm.conf
vi php-fpm.conf
user = nginx
group = nginx
cd /opt/php-5.6.38
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
vi /usr/lib/systemd/system/php-fpm.service
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target
[Service]
Type=simple
PIDFile=/usr/local/php/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl start php-fpm
systemctl enable php-fpm
cat /usr/local/nginx/conf/nginx.conf
user nginx;
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
include vhost/*.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
}
cd /usr/local/nginx/conf
mkdir vhost
cat vhost/wordpress.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html/wordpress;
index index.php index.html index.htm;
}
location ~ \.php$ {
root html/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
重启服务:
/usr/local/nginx/sbin/nginx
ps -ef |grep nginx
wget https://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
cp -r wordpress /usr/local/nginx/html
chown nginx.nginx -R /usr/local/nginx/html/wordpress
在Mysql实例创建数据库并授权用户:
mysql -uroot -p
mysql> create database wordpress;
mysql> grant all on wordpress.* to 'wp'@'192.168.0.%' identified by 'MyNewPass4!';
配置wordpress连接mysql:
访问:http://192.168.0.15/wp-admin/setup-config.php
登陆: http://192.168.0.15/wp-login.php
项目包:https://pan.baidu.com/s/1dzk7SU
wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-8/v8.5.34/bin/apache-tomcat-8.5.34.tar.gz
yum install java-1.8.0-openjdk -y
java -version
tar -xzf apache-tomcat-8.5.34.tar.gz
cd apache-tomcat-8.5.34/webapps/
rm -rf ./*
yum install unzip -y
unzip /opt/solo-2.9.4.war -d ROOT
cd /opt/apache-tomcat-8.5.34/bin
./startup.sh
tail ../logs/catalina.out -f
iptables -F
setenforce 0
配置主机名:
hostnamectl set-hostname lb7-01
cat /etc/hostname
wget http://nginx.org/download/nginx-1.15.3.tar.gz
yum install gcc pcre-devel openssl-devel -y
useradd -M -s /sbin/nologin nginx
tar -xzf nginx-1.15.3.tar.gz
cd nginx-1.15.3
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream=dynamic
make && make install
cat /usr/local/nginx/conf/nginx.conf
user nginx;
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream wordpress {
ip_hash;
server 192.168.0.15:80;
server 192.168.0.16:80;
}
server {
listen 80;
server_name wordpress.ctnrs.com;
location / {
proxy_pass http://wordpress;
}
access_log logs/wordpress.access.log main;
}
upstream solo {
ip_hash;
server 192.168.0.13:8080;
server 192.168.0.14:8080;
}
server {
listen 80;
server_name solo.ctnrs.com;
location / {
proxy_pass http://solo;
}
access_log logs/solo.access.log main;
}
}
/usr/local/nginx/sbin/nginx
/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx -s reload
yum install keepalived -y
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
}
# 邮件发送地址
notification_email_from [email protected]
# 本地邮件服务器发邮件
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/usr/local/nginx/sbin/check_nginx.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
nopreempt #不抢占
virtual_router_id 51 # VRRP路由ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置90
advert_int 1 # 指定VRRP心跳包通告间隔时间,默认1秒
# VRRP验证块
authentication {
auth_type PASS
auth_pass 1111
}
# VIP定义块
virtual_ipaddress {
192.168.0.88/24
}
track_script {
check_nginx
}
}
systemctl start keepalived
systemctl enable keepalived
nginx状态检查脚本:
cat /usr/local/nginx/sbin/check_nginx.sh
#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ]; then
exit 1
#systemctl stop keepalived
Fi
chmod +x /usr/local/nginx/sbin/check_nginx.sh
yum install keepalived -y
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
}
# 邮件发送地址
notification_email_from [email protected]
# 本地邮件服务器发邮件
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/usr/local/nginx/sbin/check_nginx.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51 # VRRP路由ID实例,每个实例是唯一的
priority 90 # 优先级,备服务器设置90
advert_int 1 # 指定VRRP心跳包通告间隔时间,默认1秒
# VRRP验证块
authentication {
auth_type PASS
auth_pass 1111
}
# VIP定义块
virtual_ipaddress {
192.168.0.88/24
}
track_script {
check_nginx
}
}
systemctl start keepalived
systemctl enable keepalived
nginx状态检查脚本:
cat /usr/local/nginx/sbin/check_nginx.sh
#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ]; then
exit 1
#systemctl stop keepalived
Fi
chmod +x /usr/local/nginx/sbin/check_nginx.sh
[root@lb7-01 ~]# ip addr |grep ens33
2: ens33:
inet 192.168.0.13/24 brd 192.168.0.255 scope global noprefixroute ens33
inet 192.168.0.88/24 scope global secondary ens33
[root@lb7-02 ~]# ip addr
2: ens33:
inet 192.168.0.14/24 brd 192.168.0.255 scope global noprefixroute ens33
[root@lb7-01 log]# tail -f messages
Sep 18 22:52:10 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:12 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:14 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:16 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:18 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:20 lb7-01 Keepalived_vrrp[5999]: /usr/local/nginx/sbin/check_nginx.sh exited with status 1
Sep 18 22:52:22 lb7-01 Keepalived_vrrp[5999]: VRRP_Script(check_nginx) succeeded
Sep 18 22:52:23 lb7-01 Keepalived_vrrp[5999]: VRRP_Instance(VI_1) Changing effective priority from 80 to 100
Sep 18 23:01:01 lb7-01 systemd: Started Session 4 of user root.
Sep 18 23:01:01 lb7-01 systemd: Starting Session 4 of user root.
[root@lb7-02 conf]# tail -f /var/log/messages
Sep 18 23:33:37 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2
Sep 18 23:33:39 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2
Sep 18 23:33:41 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2
Sep 18 23:33:43 lb7-02 Keepalived_vrrp[6711]: /usr/local/nginx/sbin/check_nginx.sh exited with status 2
lb7-01配置:
pkill nginx
ps -ef |grep nginx
master不存在VIP:
[root@lb7-01 etc]# ip addr |grep ens33
2: ens33:
inet 192.168.0.13/24 brd 192.168.0.255 scope global noprefixroute ens33
BACKUP存在VIP:
[root@lb7-02 conf]# ip a |grep ens33
2: ens33:
inet 192.168.0.14/24 brd 192.168.0.255 scope global noprefixroute ens33
inet 192.168.0.88/24 scope global secondary ens33
测试网站:
访问http://192.168.0.88是否正常
两台web服务器配置:
cat /usr/local/nginx/conf/vhost/wordpress.conf #把wordpress访问去掉
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Web-01配置:
cat /usr/local/nginx/html/index.php
/usr/local/nginx/sbin/nginx -s reload
Web-02配置:
cat /usr/local/nginx/html/index.php
/usr/local/nginx/sbin/nginx -s reload
测试nginx轮询效果:
再次刷新页面: