zoukankan      html  css  js  c++  java
  • discuz项目

    web

    三台web挂载nfs端的conf与web

    [root@web01 nginx]# mount -t nfs 172.16.1.31:/conf /etc/nginx/conf.d/
    [root@web01 web]# mount -t nfs 172.16.1.31:/web /web/
    
    #查看挂载
    [root@web01 web]# df -h
    Filesystem               Size  Used Avail Use% Mounted on
    172.16.1.31:/conf         99G  2.7G   97G   3% /etc/nginx/conf.d
    172.16.1.31:/web          99G  2.7G   97G   3% /web
    

    编写Nginx配置文件

    [root@web01 conf.d]# cat discuz.conf 
    server {
            listen 80;
            server_name luntan123.com;
            root /web/DiscuzX/upload;
    
            location / {
            index index.php;
            }
    
            location ~* .php$ {
                    fastcgi_pass 127.0.0.1:9000;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    #fastcgi_param HTTPS ON;
                    include fastcgi_params;
            }
    }
    
    

    上传代码至web目录并解压

    [root@web01 web]# ll
    total 16616
    drwxrwxrwx  6 www www       95 Apr 23 14:08 DiscuzX
    drwxr-xr-x 13 www www     4096 May  6 20:28 phpMyAdmin-5.1.0-all-languages
    -rw-rw-r--  1 www www 17005138 May  6 23:02 web.tar.gz
    drwxr-xr-x  5 www www     4096 May  6 23:05 wordpres
    
    #注:如果安装DiscuzX出现不可写,授权777站点目录
    

    三个web分别用ip访问测试

    #db01增加一个discuz的数据库
    #创建用户并登录
    [root@db01 ~]# mysqladmin -uroot password '***'
    [root@db01 ~]# mysql -uroot -p***
    
    #创建数据库
    MariaDB [(none)]> create database discuz;
    Query OK, 1 row affected (0.00 sec)
    
    # 创建用户给予web以及其它网站使用
    MariaDB [mysql]> grant all privileges on *.* to baimo@'%' identified by 'baimo';
    Query OK, 0 rows affected (0.01 sec)
    
    MariaDB [mysql]> flush privileges;#刷新
    Query OK, 0 rows affected (0.00 sec)
    
    #按照流程安装
    

    配置伪静态

    [root@web01 conf.d]# cat discuz.conf 
    server {
    	listen 80;
    	server_name luntan123.com;
    	root /web/DiscuzX/upload;
    	rewrite ^([^.]*)/topic-(.+).html$ $1/portal.php?mod=topic&topic=$2 last;
    rewrite ^([^.]*)/article-([0-9]+)-([0-9]+).html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
    rewrite ^([^.]*)/forum-(w+)-([0-9]+).html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
    rewrite ^([^.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
    rewrite ^([^.]*)/group-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
    rewrite ^([^.]*)/space-(username|uid)-(.+).html$ $1/home.php?mod=space&$2=$3 last;
    rewrite ^([^.]*)/blog-([0-9]+)-([0-9]+).html$ $1/home.php?mod=space&uid=$2&do=blog&id=$3 last;
    rewrite ^([^.]*)/archiver/(fid|tid)-([0-9]+).html$ $1/archiver/index.php?action=$2&value=$3 last;
    rewrite ^([^.]*)/([a-z]+[a-z0-9_]*)-([a-z0-9_-]+).html$ $1/plugin.php?id=$2:$3 last;
    if (!-e $request_filename) {
    	return 404;
    }
    
    	location / {
    	index index.php;
    	}
    
    	location ~* .php$ {
    		fastcgi_pass 127.0.0.1:9000;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    		fastcgi_param HTTPS ON;	#http返回的给https乱码开启
                    include fastcgi_params;
    	}
    }
    

    配置负载均衡lb01

    需求分析:

    1、有证书ssl

    2、负载均衡

    3、用户访问(.*)的时候自动跳转到https;

    生成证书

    [root@lb01 nginx]# mkdir ssl_key
    [root@lb01 nginx]# cd ssl_key/
    [root@lb01 ssl_key]# openssl genrsa -idea -out server.key 2048
    [root@lb01 ssl_key]# openssl req -days 36500 -x509 -sha256 -nodes -newkey rsa:2048 -keyout server.key -out server.crt
    
    [root@lb01 ssl_key]# ll
    -rw-r--r-- 1 root root 1220 May  9 14:57 server.crt
    -rw-r--r-- 1 root root 1704 May  9 14:57 server.key
    

    配置discuz.conf解析

    [root@lb01 conf.d]# cat discuz.conf 
    upstream web {
    	server 172.16.1.7:80;
    	server 172.16.1.8:80;
    	server 172.16.1.9:80;
    }	#代理转发的链接池
    
    server {
    	listen 80;
    	server_name luntan123.com;
    	rewrite (.*) https://$server_name$request_uri;
    }	#监听80端口和域名,任何请求过来都转发给 https://luntan123.com
    
    
    server {
    	listen 443 ssl;	#http默认端口
    	server_name luntan123.com;
        ssl_certificate /etc/nginx/ssl_key/server.crt;
        ssl_certificate_key /etc/nginx/ssl_key/server.key;#证书
    
    
    	location / {	#接收到请求后负载均衡转发
    		proxy_pass http://web;#转发给链接池的ip
    		proxy_set_header host $http_host;#携带域名一起转发
    	}
    }
    

    配置代码

    [root@lb01 conf.d]# cat /etc/nginx/conf.d/discuz.conf 
    upstream web {
    	server 172.16.1.7:80;
    	server 172.16.1.8:80;
    	server 172.16.1.9:80;
    }
    
    server {
    	listen 80;
    	server_name luntan123.com;
    	return 302 https://$server_name$request_uri;
    
    }
    
    server {
    	listen 443 ssl;
    	server_name luntan123.com;
    
            ssl_certificate /ssl_key/server.crt;
            ssl_certificate_key /ssl_key/server.key;
    
    	location / {
    		proxy_pass http://web;
                    include proxy_params;
    	}
    }
    

    配置hosts访问

    #访问成功
    

    keepalived

    lb02

    #配置与lb01一样的证书和conf文件
    [root@lb01 ssl_key]# yum install -y keepalived
    [root@lb02 ssl_key]# yum install -y keepalived
    
    #查看配置文件
    [root@lb01 ssl_key]# rpm -qc keepalived
    /etc/keepalived/keepalived.conf
    /etc/sysconfig/keepalived 
    

    抢占式主节点

    #配置keepalived
    #配置主节点配置文件
    [root@lb01 ~]# vim /etc/keepalived/keepalived.conf 
    global_defs {					#全局配置
       router_id lb01				#身份验证
    }
    
    vrrp_instance VI_1 {
        state MASTER				#状态,只有MASTER和BACKUP,MASTER是主,BACKUP是备
        interface eth0				#网卡绑定,心跳检测
        virtual_router_id 51		#虚拟路由标识,组id,把master和backup判断为一组
        priority 100				#优先级(真正判断是主是从的条件)(值越大优先级越高)
        advert_int 3				#检测状态间隔时间(单位是秒)
        authentication {			#认证
            auth_type PASS			#认证方式
            auth_pass 1111			#认证密码指定
        }
        virtual_ipaddress {
            10.0.0.3				#虚拟的VIP地址
        }
    }
    
    #配置主节点配置文件
    [root@lb01 ~]# vim /etc/keepalived/keepalived.conf
    
    global_defs {
       router_id lb01
    }
    
    vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 51
        priority 100
        advert_int 3
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            10.0.0.3
        }
    }
    

    抢占式备节点

    global_defs {
       router_id lb02
    }
    
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        virtual_router_id 51
        priority 90
        advert_int 3
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            192.168.15.3
        }
    }
    

    启动服务并查看

    #先启动备节点
    [root@lb02 ssl_key]# systemctl start keepalived.service 
    
    #查看ip
    [root@lb02 ssl_key]# ip addr
    inet 192.168.15.3/32 scope global eth0
    
    #启动主节点
    [root@lb01 ssl_key]# systemctl start keepalived.service
    
    #查看lb01的ip
    [root@lb01 ssl_key]# ip addr
    inet 192.168.15.3/32 scope global eth0
    #查看lb02的ip已经没有了192.168.15.3/32
    

    keepalived绑定日志

    #配置keepalived
    [root@lb01 ssl_key]# vim /etc/sysconfig/keepalived 
    KEEPALIVED_OPTIONS="-D -d -S 0"
    
    #配置rsyslog来抓取日志
    [root@lb01 ssl_key]# vim /etc/rsyslog.conf 
    local0.*             /var/log/keepalived/log
    
    #重启服务
    [root@lb01 ssl_key]# systemctl restart keepalived.service rsyslog.service 
    

    非抢占式

    我们一般配置的都是非抢占式的,因为宕机这种行为一次就够了QAQ

    global_defs {
       router_id lb01
    }
    
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        nopreempt
        virtual_router_id 51
        priority 100
        advert_int 3
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            10.0.0.3
        }
    }
    

    global_defs {
       router_id lb01
    }
    
    vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        nopreempt
        virtual_router_id 51
        priority 90
        advert_int 3
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            10.0.0.3
        }
    }
    
  • 相关阅读:
    期待Eclipse3.4
    Winforms中使用系统托盘图标
    Eclipse下的Struts2开发插件
    彩色 夺冠
    网络&系统
    A Famous Music Composer
    Quick Brown Fox
    解密QQ号——队列
    谁先倒
    bootstrap Table从零开始
  • 原文地址:https://www.cnblogs.com/zhaokunhao/p/14749179.html
Copyright © 2011-2022 走看看