注意:WEB服务器和数据库需要分离,同时WEB服务器也需要编译安装MySQL。
做集群架构的重要思想就是找到主干,从主干区域向外延展。
WEB服务器: apache nginx 本地做三个产品 dedecms workprocess discuz 将用户存放图片,附件的目录挂载到nfs服务器的共享目录上
NFS服务器 本地做三个共享目录,实现将用户上传的图片及附件分别存放到对应的目录上,
使用sersync与备份服务器实现实时同步,批量分发密钥及脚本,hosts文件(实际生产环境下,在同一局域网下,hosts文件通常保持一致),
MySQL服务器:用于用户存放数据的服务器,
Backup服务器:用于备份的服务器,防止其他服务器宕机、感染病毒、等等数据丢失。同时要将每天备份的内容通过邮件发送给管理员,确保数据备份成功。
我的主干思想就是先配置LAMP和LNMP服务器,之后向外延展配置nfs服务器及MySQL服务器,然后将所有需要备份的数据打包好,配置backu备份服务器,最后做nginx负载均衡服务器,如果有精力又有能力的情况下,继续延伸一个nginx的高可用(提示ngixn高可用服务使用的是VRRP技术)
1.LAMP(192.168.190.20)
(1)tar xvf /apache-2.2.27
cd apache-2.2.27
编译安装
./configure \
--prefix=/application/appache2.2.27 \ 安装目录
--enable-deflate \ 压缩安装
--enable-expires \ 过期 缓存时间
--enable-headers \
--enable-modules=most \ 模块激活
--enable-so \
--with-mpm=worker \ apache的两种模式:worker,prefork
--enable-rewrite && make &&make install
(注意编译环境下换行后边不能存在空格,上述编译添加了注释,如果粘贴请自行删除,手打忽略)
ln -s /application/apache-2.2.27 /application/apache
echo “<html>
<head><title> a ,s blog. </title><head>
<body>
Hi,i'm a ,My blog address is
<a href="" targe=_parent > </a>
</ body>
</html>” > /application/apache/htdos/index.html
/application/apache/bin/apachectl graceful
浏览器输入192.168.190.20 会出现
Hi,i'm a ,My blog address is 等字样说明apache服务安装成功
(2)安装数据库msyql
解压编译安装 ,编译过程略长,安装结束后进行检查做软链接
创建MySQL虚拟用户和用户组
groupadd mysql
cat /etc/group
useradd -g mysql -M -s /sbin/nologin mysql
id mysql
编译安装MySQL
./configure \
--prefix=/application/mysql5.1.72 \
--with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock \
--localstatedir=/application/mysql5.1.72/data \
--enable-assembler \
--enable-thread-safe-client \
--with-mysqld-user=mysql \
--with-big-tables \
--without-debug \
--with-pthread \
--enable-assembler \
--with-extra-charsets=complex \
--with-readline \
--with-ssl \
--with-embedded-server \
--enable-local-infile \
--with-plugins=partition,innobase \
--with-mysqld-ldflags=-all-static \
--with-client-ldflags=-all-static
#--with-plugin-PLUGIN \
make && make install
echo $? 检查编译是否成功
ln -s /application/mysql5.1.72/ /application/mysql 创建软链接
复制配置mysql的配置文件
cd mysql-5.1.72/support-files/
ls
cp -p my-small.cnf /etc/my.cnf
chown -R mysql.mysql /application/mysql 授权MySQL用户管理权限
初始化mysql
/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql ##两个OK即为初始化成功
/application/mysql/bin/mysqld_safe & 启动mysql
netstat -lntup|grep mysqld ##查看MySQL服务是否启动成功
mysqladmin -u root password '123456' ##设置MySQL用户密码
(3)安装完apache和mysql之后再安装PHP(注意php配合apache是以模块的方式存在)
yum install -y openssl-devel
tar -xvf php-5.3.27.tar.gz
cd php-5.3.27.tar.gz
./configure \
--prefix=/application/php5.3.27 \ //注意php的安装目录
--with-apxs2=/application/apache/bin/apxs \ //注意apache的安装目录
--with-mysql=/application/mysql \
--with-xmlrpc \
--with-openssl \
--with-zlib \
--with-freetype-dir \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-iconv=/usr/local/libiconv \
--enable-short-tags \
--enable-sockets \
--enable-zend-multibyte \
--enable-soap \
--enable-mbstring \
--enable-static \
--enable-gd-native-ttf \
--with-curl \
--with-xsl \
--enable-ftp \
--with-libxml-dir && make && make install
ln -s /application/php5.3.27/ /application/php ##做软链接去版本号
cp /application/apache/conf/httpd.conf /application/apache/conf/httpd.conf.bak.1
vim /application/apache/conf/httpd.conf #修改主配置文件
cd /application/apache/conf
diff httpd.conf httpd.conf.bak.1
67,68c67,68
< User www
< Group www
---
> User daemon
> Group daemon
149c149
< DirectoryIndex index.php index.html
---
> DirectoryIndex index.html
292,294c292
< AddType application/x-httpd-php .php .phtml
< AddType application/x-httpd-php-source .phps
---
>
401c401
< Include conf/extra/httpd-vhosts.conf
---
># Include conf/extra/httpd-vhosts.conf:
423 <Directory "/data0/www">
424 Options -Indexes FollowSymLinks
425 AllowOverride None
426 Order allow,deny
427 Allow from all
428 </Directory>
创建对应的apache的虚拟用户www
useradd www -s /sbin/nologin -M
id www
cd /application/apache/conf/extra
vim httpd-vhosts.conf
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
ServerAdmin 1227566276@qq.com
DocumentRoot "/data0/www/cms"
ServerName cms.etiantian.org
ServerAlias etiantian.org
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "|/usr/local/sbin/cronolog /app/logs/access_cms_%Y%m%d.log" combined
</VirtualHost>
<VirtualHost *:800>
ServerAdmin 1227566276@qq.com
DocumentRoot "/data0/www/bbs"
ServerName bbs.etiantian.org
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "|/usr/local/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined
</VirtualHost>
<VirtualHost *:8000>
ServerAdmin 1227566276@qq.com
DocumentRoot "/data0/www/blog"
ServerName blog.etiantian.org
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "|/usr/local/sbin/cronolog /app/logs/access_blog_%Y%m%d.log" combined
</VirtualHost>
如果有错误则查看错误日志
cd /application/appache/logs/
建立站点目录
mkdir /data0/{www,blog,bbs}
for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done
/application/apache/bin/apachectl -t #检查配置文件的语法
/application/apache/bin/apachectl graceful #平滑重启apache
本地做hosts解析 访问三个网站 ,查看基于域名的虚拟主机是否配置成功
Dedecms,Discuz,workprocess三个产品解压之后自行安装(安装完MySQL数据库再进行安装)
2.LNMP(192.168.190.10)
(1)安装nginx服务
编译nginx前 需安装
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
编译安装nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
make && make install
ln -s /application/nginx1.6.2/ /application/nginx
启动nginx
/application/nginx/sbin/nginx
lsof -I :80 #查看nginx服务是否启动成功
(2)安装MySQL数据库
编译安装MySQL
./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler
--enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline
--with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static
make && make install
echo $?
数据库初始化:
chown -R mysql.mysql /application/mysql 授权MySQL用户管理权限
初始化mysql
/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql
//初始化显示两个OK 即为初始化成功
(3)安装PHP(PHP配合nginx是以守护进程的方式存在工作的)
(安装php之前需要安装所需的包 yum install zlib libxml libjpeg freetype libpng gd curl libiconv zlib-devel libxml2-devel libjpeg-devel freetype-devel libpng-devel gd-devel curl-devel -y)
tar zxf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv //然后�nfs/
[mysql]
path =/mysql/
所有的推送文件夹必须存在 ,否则rsync启动会报错
chown -R rsync.rsync /zhang/
chown -R rsync.rsync /data0/www/cms/
chown -R rsync.rsync /data0/www/bbs/
chown -R rsync.rsync /data0/www/blog/
chown -R rsync.rsync /backup/
chown -R rsync.rsync /backup/nfs/
chown -R rsync.rsync /mysql/
vim /etc/rsync.password
rsync_backup:123456
chmod 600 /etc/rsync.password
echo “/usr/bin/rsync --daemon” >> /etc/rc.local
vim /server/script/check.sh
ls /mysql >> /root/check.txt
ls -l /backup/192.168.190.30/|awk '{print $9}' >> /root/check.txt
egrep -v "^$| " /root/check.txt > /root/checkadd.txt
最后推送checkadd.txt文本文档给系统管理员 管理员就可以看到都备份了什么文件
mail -s "Hello from linuxde.net by file" 1227566276@qq.com < checkadd.txt
6.主nginx负载均衡服务器(192.168.190.23)
(1)安装配置nginx负载均衡器
编译nginx前 需安装
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
##创建nginx的虚拟用户
usedadd nginx -s /sbin/nologin -M
编译安装nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
make && make install
ln -s /application/nginx1.6.2/ /application/nginx
##启动nginx
/application/nginx/sbin/nginx
vim /application/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream backend {
ip_hash;
server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
}
upstream backendyy {
server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
}
upstream backendblog {
ip_hash;
server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
}
server {
listen 80;
server_name cms.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backend;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name bbs.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backendyy;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name blog.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backendblog;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
平滑重启nginx :/application/nginx/bin/nginx -s reload
(2)安装配置keepalived
yum install -y keepalived
netstat -lntup |grep keepalived
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.190.23/24 dev eth1 label eth1:1
}
}
/etc/init.d/keepalived restart ifconfig会发现生成了一个你想要的虚拟IP地址
7.高可用的备份nginx负载均衡服务器(192.168.190.23)
(1)安装配置nginx负载均衡器
编译nginx前 需安装
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
编译安装nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module
make && make install
ln -s /application/nginx1.6.2/ /application/nginx
##创建nginx的虚拟用户
usedadd nginx -s /sbin/nologin -M
##启动nginx
/application/nginx/sbin/nginx
vim /application/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream backend {
ip_hash;
server 192.168.190.10:80 max_fails=3 fail_timeout=30s;
server 192.168.190.20:80 max_fails=3 fail_timeout=30s;
}
upstream backendyy {
server 192.168.190.10:800 max_fails=3 fail_timeout=30s;
server 192.168.190.20:800 max_fails=3 fail_timeout=30s;
}
upstream backendblog {
ip_hash;
server 192.168.190.10:8000 max_fails=3 fail_timeout=30s;
server 192.168.190.20:8000 max_fails=3 fail_timeout=30s;
}
server {
listen 80;
server_name cms.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backend;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name bbs.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backendyy;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name blog.etiantian.org;
index index.html index.htm;
location / {
proxy_pass http://backendblog;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
平滑重启nginx :/application/nginx/bin/nginx -s reload
(2)安装keepalived
yum install -y keepalived
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 55
priority 100 ##优先级 数值越高越优先
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.190.23 dev eth2 label eth2:1
}
}
/etc/init.d/keepalived restart 启动keepalived 把主nginx负载均衡服务器宕掉 ,会发现备keepalived节点服务器会生成一个虚拟IP
本地做192.168.190.23的host解析
Keepalived高可用故障切换转移原理
Keepalived高可用服务对之间的故障切换转移,是通过VRRP来实现的。在keepalived服务工作时,主Master节点会不断地向备节点发送(多播的方式)心跳消息,用来告诉备Backup节点自己还活着。当主节点发生故障时,就无法发送心跳的消息了,备节点也因此无法继续检测到来自主节点的心跳了。于是就会调用自身的接管程序,接管主节点的IP资源和服务。当主节点恢复时,备节点又会释放主节点故障时自身接管的IP资源和服务,恢复到原来的备用角色
如果您觉得本文的内容对您的学习有所帮助:
关键字:
Linux Web集群架构