web01
1. 安装nginx, php-fpm环境
yum install nginx -y
yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd
php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb
2. 创建www 用户
groupadd -g666 www
useradd -g666 -u666 www
3. 改变进程用户
vim /etc/nginx/nginx.conf
vim /etc/php-fpm.d/www.conf
4.编辑kod云网站配置文件:
cat >/etc/nginx/conf.d/kod.oldhou.com.conf<<'EOF'
server {
listen 80;
server_name kod.oldhou.com;
root /code/;
location / {
index index.php;
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
EOF
5. 检查语法:
nginx -t
6.rz 上传代码 并解压至指定目录
mkdir /code/ -p
unzip kodbox.1.13.zip -d /code/
7.授权
chown -R www. /code/
8.启动nginx,加入开机自启动
systemctl start nginx php-fpm
systemctl enable nginx php-fpm
如果使用nfs服务器
find /code -type f -name 'word*' #找到你上传的文件
[root@web01 /code]# ll /code/data/files/202011/06_98b43a7a/
-rw-r--r-- 1 www www 0 Nov 6 16:19 index.html
-rw-r--r-- 1 www www 217 Nov 6 16:19 trello.oexe
-rw-r--r-- 1 www www 103311645 Nov 6 22:53 wordpress项目.mp4
-rw-r--r-- 1 www www 209 Nov 6 16:19 一起写office.oexe先推送静态目录到nfs主机
配置nfsserver
cat >>/etc/exports<<EOF
/data/kod 172.16.1.31/24(rw,async,all_squash,anonuid=666,anongid=666)
EOF
mkdir -p /data/kod && chown -R www. /code
scp /code/data/files/ 172.16.1.31:/data/kod
挂载静态资源:
mount -t nfs 172.16.1.31:/data/kod /code/data/files/
db01
db01 没有恢复快照,mariadb直接创建相应的库就行了。
db01加入redis缓存,并且提供会话保持服务
1.创建数据库
mysql -uroot -p
mysql> create database kod;
2.安装redis
yum install redis -y
3.修改配置文件
sed -i '/^bind/c bind 127.0.0.1 172.16.1.7' /etc/redis.conf
4.启动redis,设置开机自启动
systemctl start redis
systemctl enable redis
此时可以修改web01的php-fpm进程-加入redis功能:
① [root@web01 ~]# vim /etc/php-fpm.d/www.conf #添加注释
;php_value[session.save_handler] = files
;php_value[session.save_path] = /var/lib/php/session② [root@web01 ~]# vim /etc/php.ini #修改
session.save_handler = redis
session.save_path = "tcp://172.16.1.51:6379?weight=1&timeout=2.5" #连接redis③ [root@web01 ~]# systemctl restart php-fpm
web02
1. 安装nginx, php-fpm环境
yum install nginx -y
yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd
php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb
2. 创建www 用户
groupadd -g666 www
useradd -g666 -u666 www
2.拉取web01的配置文件及kod云代码
scp -rp 172.16.1.7:/etc/nginx/conf.d/ /etc/nginx/
scp -rp 172.16.1.7:/etc/php-fpm.d/www.conf /etc/php-fpm.d/
scp -rp 172.16.1.7:/etc/php.ini /etc/php.ini
scp -rp 172.16.1.7:/code /
3.授权站点目录
chown -R www. /code
4.启动nginx,加入开机自启动
systemctl start nginx php-fpm
systemctl enable nginx php-fpm
5. 挂载静态资源:
mount -t nfs 172.16.1.31:/data/kod /code/data/files/
lb01,2
- 配置负载均衡
- 配置https
1.安装nginx
yum install -y nginx
2.创建https证书:
mkdir /etc/nginx/ssl_key
cd /etc/nginx/ssl_key
openssl genrsa -idea -out server.key 2048
openssl req -days 36500 -x509 -sha256 -nodes -newkey rsa:2048 -keyout server.key -out server.crt
ll #检查
3. 配置七层负载均衡:
gzip /etc/nginx/conf.d/default.conf
--------------------------------------proxy_params
cat >/etc/nginx/proxy_params<'EOF'
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_connect_timeout 60s; # nginx连接后端的超时时间 TCP
proxy_read_timeout 60s; # 响应头部超时时间
proxy_send_timeout 60s; # 响应数据主体的超时时间
proxy_buffering on; # 开启缓冲区
proxy_buffer_size 8k; # 缓冲区Header大小
proxy_buffers 4 64k; # 缓冲区数量 * 大小 = 最大接收
EOF
--------------------------------------proxy.kod.oldhou.com.conf
cat >/etc/nginx/conf.d/proxy.kod.oldhou.com.conf<<'EOF'
upstream http {
server 172.16.1.7:80;
server 172.16.1.8:80;
}
#2.用户请求https协议,通过负载均衡方式请求资源池,使用的是http协议
server {
listen 443 ssl;
server_name kod.oldhou.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
location / {
proxy_pass http://http;
include proxy_params;
}
}
#1.用户请求http协议,强制跳转至https协议
server {
listen 80;
server_name kod.oldhou.com;
return 302 https://$http_host$request_uri;
}
EOF
4. 启动nginx负载均衡
nginx -t
systemctl start nginx
systemctl enable nginx
5. 推送至db02,配置高可用
scp -rp /etc/nginx/ 172.16.1.6:/etc/
lb02
安装nginx
yum install nginx -y
启动nginx
systemctl enable nginx
systemctl start nginx
lb配置高可用
-
yum install keepalived -y
-
lb01 02 nginx状态监测脚本
mkdir /server/scripts -p
cat >/server/scripts/check_web.sh<<'EOF'
#!/bin/sh
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginxpid -eq 0 ];then
systemctl start nginx
sleep 3
#2.等待3秒后再次获取一次Nginx状态
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
fi
fi
EOF
#给脚本增加执行权限
chmod +x /server/scripts/check_web.sh
- lb01 02 keepalived配置文件:
---------------------------------------------lb01
cat >/etc/keepalived/keepalived.conf<<'EOF'
global_defs {
router_id lb01
}
vrrp_script check_web { #定义脚本,名称check_web
script "/server/scripts/check_web.sh" #指定脚本所在的路径
interval 5 #5s检查一次,要大于脚本运行的时间
}
vrrp_instance VI_1 {
state BACKUP
priority 150
nopreempt
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script { #调用脚本定义脚本的名称,并运行该脚本
check_web
}
}
EOF
---------------------------------------------lb02
cat >/etc/keepalived/keepalived.conf<<'EOF'
global_defs {
router_id lb01
}
vrrp_script check_web { #定义脚本,名称check_web
script "/server/scripts/check_web.sh" #指定脚本所在的路径
interval 5 #5s检查一次,要大于脚本运行的时间
}
vrrp_instance VI_1 {
state BACKUP
priority 100
nopreempt
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script { #调用脚本定义脚本的名称,并运行该脚本
check_web
}
}
EOF
systemctl start keepalived
systemctl enable keepalived