web01: lnmp
搭建一个正真意义上的lnmp集群
db01:数据库配置不需要外网
机器的主机名 | 外网IP | 内网IP |
---|---|---|
db01 | 192.168.15.51(不需要) | 172.16.1.51 |
web01 | 192.168.15.7 | 172.16.1.7 |
web02 | 192.168.15.8 | 172.16.1.8 |
web03 | 192.168.15.9 | 172.16.1.9 |
nfs | 192.168.15.31 | 172.16.1.31 |
backup | 192.168.15.41 | 172.16.1.41 |
# 软件
rsync
# 安装rsync
[root@backup ~]# yum install rsync -y
# 关闭防火墙、selinux
[root@backup ~]# systemctl disable --now firewalld
[root@backup ~]# setenforce 0
setenforce: SELinux is disabled
# 编写配置文件
[root@backup ~]# vim /etc/rsyncd.conf
## 前端代码仓库、数据库备份、上传文件的备份
uid=www
gid=www
port=873
fake super=yes
use chroot=no
max connection=200
timeuot=600
ignore errors
read only=false
list=false
auth users=ytt
secrets file=/etc/rsync.passwd
log file=/var/log/rsyncd/log
###################################
[web]
comment="前端代码仓库"
path=/backup/web
[database]
comment="数据库备份"
path=/backup/database
[download]
comment="上传文件备份"
path=/backup/download
# 统一用户
[root@backup ~]# useradd -u1000 www
# 创建仓库
[root@backup ~]# mkdir -p /backup/web
[root@backup ~]# mkdir /backup/database
[root@backup ~]# mkdir /backup/download
# 授权
[root@backup ~]# chown www.www -R /backup/
# 创建密码文件
[root@backup ~]# echo "ytt:123" > /etc/rsync.passwd
[root@backup ~]# chmod 600 /etc/rsync.passwd
# 启动
[root@backup ~]# systemctl enable --now rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
# 软件
nfs-utils rpcbind
# 安装软件
[root@nfs ~]# yum install nfs-utils rpcbind -y
# 创建用户
[root@nfs ~]# useradd www -u1000
# 创建前端代码仓库、数据库备份、上传文件的备份
[root@backup ~]# mkdir /nfs/web -p
[root@backup ~]# mkdir /nfs/database
[root@backup ~]# mkdir /nfs/download
# 授权
[root@nfs ~]# chown www.www -R /nfs/
# 设置挂载点
[root@nfs ~]# vim /etc/exports
/nfs/web 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
/nfs/database 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
/nfs/download 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
# 重启
[root@nfs ~]# systemctl restart nfs-fpm rpcbind
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
# 检测挂载点
[root@nfs ~]# showmount -e
Export list for nfs:
/nfs/download 172.16.1.0/20
/nfs/database 172.16.1.0/20
/nfs/web 172.16.1.0/20
#第二种检查方法
[root@nfs ~]# cat /var/lib/nfs/etab
/nfs/download 172.16.1.0/20(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=1000,anongid=1000,sec=sys,rw,secure,root_squash,all_squash)
/nfs/database 172.16.1.0/20(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=1000,anongid=1000,sec=sys,rw,secure,root_squash,all_squash)
/nfs/web 172.16.1.0/20(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=1000,anongid=1000,sec=sys,rw,secure,root_squash,all_squash)
# 软件:mariadb
# 安装
[root@db01 ~]# yum install mariadb-server -y
# 启动
[root@db01 ~]# systemctl enable --now mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
# 创建密码并登录数据库
[root@db01 ~]# mysqladmin -uroot password '123'
[root@db01 ~]# mysql -uroot -p123
#创建对应数据库
MariaDB [(none)]> create database wordpress;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database zhihu;
Query OK, 1 row affected (0.00 sec)
# 创建用户并授权给数据库
MariaDB [(none)]> grant all privileges on wordpress.* to hzl@'%''888';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all privileges on zhihu.* to hzl@'%''888';
Query OK, 0 rows affected (0.00 sec)
#重载数据库
MariaDB [mysql]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
# 数据备份
点击xshell中的工具—》发送键输入到所有会话,统一安装操作
# 安装官方源
[root@web01 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
module_hotfixes=true
[root@web01 ~]# yum clean all
# 安装nginx
[root@web01 ~]# yum install nginx -y
# 启动
[root@web01 ~]# systemctl enable --now nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
# 安装PHP(安装官方源)
[root@web01 ~]# vim /etc/yum.repos.d/php.repo
[php-webtatic]
name = PHP Repository
baseurl = http://us-east.repo.webtatic.com/yum/el7/x86_64/
gpgcheck = 0
#清除缓存--生成缓存
[root@web01 ~]# yum clean all
[root@web01 ~]# yum makecache
[root@web01 ~]# yum remove php-mysql-5.4 php php-fpm php-common
[root@web01 ~]# yum -y install php71w php71w-cli php71w-common php71w-devel
php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71wxml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71wpecl-redis php71w-pecl-mongodb
# 修改配置文件(统一用户管理)
[root@web01 ~]# vim /etc/php-fpm.d/www.conf
user = www
group = www
# 启动php
[root@web01 ~]# systemctl enable --now php-fpm.service
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.
######## 本地安装包安装
#上传代码包
[root@web01 ~]# rz -E
rz waiting to receive.
#解压并安装
[root@web01 ~]# tar -xf php.tar.gz && yum localinstall -y *.rpm
# 修改配置文件
[root@web01 ~]# vim /etc/php-fpm.d/www.conf
user = www
group = www
#创建用户
[root@web01 ~]# useradd www -u1000
# 启动php
[root@web01 ~]# systemctl enable --now php-fpm.service
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.
#优化参数
[root@web01 ~]# vim /etc/php.ini
post_max_size = 200M
upload_max_filesize = 200M
https://download.csdn.net/download/weixin_55972781/18233720(博客链接)
配置nfs(共享代码、共享数据、共享nginx配置)
## 在nfs服务器上创建/nfs/conf目录
[root@nfs web]# mkdir /nfs/conf
## 授权/nfs/conf
[root@nfs web]# chown www.www /nfs/conf
## 加入nfs配置文件
[root@nfs web]# vim /etc/exports
/nfs/conf 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
## 重启nfs
[root@nfs web]# systemctl restart nfs-server rpcbind
#创建密码文件与用户
[root@web01 ~]# htpasswd -c /etc/nginx/conf.d/auth_basic linux
## 增加wordpress配置并加入密码模块
[root@web01 ~]# vim wordpress.conf
server {
listen 80;
server_name linux.wps.com;
root /www/wordpress;
client_max_body_size 10m;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location =/wp-admin {
auth_basic "靓仔";
auth_basic_user_file /etc/nginx/conf.d/auth_basic;
index index.php;
}
}
#创建站点目录
[root@web01 ~]# mkdir /www
#挂载站点
[root@web01 ~]# mount -t nfs 172.16.1.31:/nfs/web /www
[root@web01 ~]# mount -t nfs 172.16.1.31:/nfs/conf /etc/nginx/conf.d
#上传压缩包
[root@web01 ~]# cd /www
[root@web01 www]# rz -E
rz waiting to receive
#解压
[root@web01 www]# cd /www
[root@web01 www]# tar -xf wordpress.tar.gz
#删除压缩包
[root@web01 www]# rm -rf *.gz
网站密码登录测试成功
博客安装成功
https://download.csdn.net/download/weixin_55972781/18233770(知乎链接)
[root@web01 www]# unzip zhihu.zip
[root@web01 www]# chown www.www -R /www
[root@web01 www]# vim /etc/nginx/conf.d/wecenter.conf
server {
listen 80;
server_name www.zhihu.com; #linux.wecenter.cluster.local.com
root /www/zhihu;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
#检查文件
[root@web01 conf.d]# nginx -t
# 重启
[root@web01 conf.d]# systemctl restart nginx
# 创建wordpress数据库
MariaDB [(none)]> create database wecenter;
Query OK, 1 row affected (0.00 sec)
知乎测试成功
#创建目录
[root@db01 ~]# mkdir /databases
#挂载数据库备份点
[root@db01 databases]# mount -t nfs 172.16.1.31:/nfs/database /databases/
# 编写备份脚本
[root@db01 ~]# vim /databases/mysql_dump.sh
#!/bin/bash
DATE=`date +%F`
BACKUP="/databases"
cd $BACKUP
mysqldump -uroot -p123 --all-databases --single-transaction > mysql-all-${DATE}.sql
tar -czf mysql-all-${DATE}.tar.gz mysql-all-${DATE}.sql
rm -rf mysql-all-${DATE}.sql
#创建用户并授权
[root@db01 databases]# useradd www -u1000
[root@db01 databases]# chown www.www /databases/
# 脚本加入定时任务
[root@db01 ~]# crontab -e
01 00 * * * /databases/mysql_dump.sh
[root@web02 ~]# mkdir /www
[root@web02 ~]# chown -R www.www /www/
[root@web02 ~]# mount -t nfs 172.16.1.31:/nfs/web /www
[root@web02 ~]# mount -t nfs 172.16.1.31:/nfs/conf /etc/nginx/conf.d
[root@web02 ~]# systemctl restart nginx
[root@web03 ~]# mkdir /www
[root@web03 ~]# chown -R www.www /www/
[root@web03 ~]# mount -t nfs 172.16.1.31:/nfs/web /www
[root@web03 ~]# mount -t nfs 172.16.1.31:/nfs/conf /etc/nginx/conf.d/
[root@web03 ~]# systemctl restart nginx
sersync + innotiy + rsync 实时备份
#软件 sersync
#上传软件包
[root@nfs /opt ]# rz -E
#解压缩包
[root@nfs /opt]# tar -xf sersync2.5.4_64bit_binary_stable_final.tar.gz
#服务配置
[root@nfs /opt]# mv GNU-Linux-x86 /usr/local/sersync
[root@nfs sersync]# ll
总用量 1772
-rwxr-xr-x 1 root root 2214 10月 26 2011 confxml.xml
-rwxr-xr-x 1 root root 1810128 10月 26 2011 sersync2
#配置文件修改
[root@nfs sersync]# vim confxml.xml
#修改文件并启动
[root@nfs sersync]#./sersync2 -dro confxml.xml
.............
execute command: cd /nfs/web && rsync -az -R --delete ./ [email protected]::web --password-file=/etc/rsync.passwd >/dev/null 2>&1
.......
#(模块)命令状态测试
[root@nfs sersynccd]# /nfs/web && rsync -az -R --delete ./ [email protected]::web --password-file=/etc/rsync.passwd >/dev/null 2>&1