第3周

1、Nginx四、七层反代总结
2、Nginx反代wordpress的实现
3、HAProxy的安装配置

------------------------------------------------------------------------------------------------------------

1 Nginx四、七层反代总结

#Nginx四层反代:
 将接收到的客户端TCP/UDP请求,转发到后端TCP/UDP服务器进行处理。
 代理服务器根据后端服务器的处理情况,返回客户端处理结果。

#Nginx七层反代:
 在四层通信建立的基础上,将接收到的客户端应用层请求(如HTTP),转发到后端应用服务器(如Nginx/Apache)进行处理。
 代理服务器根据后端服务器的处理情况,返回客户端处理结果。

2 Nginx反代wordpress的实现

2.1 环境

10.0.0.7     #Nginx proxy
10.0.0.27    #Nginx server/php-fpm server/mysql server

2.2 Nginx proxy 配置

#yum安装Nginx
# yum -y install nginx

#新建子配置文件
# cat /etc/nginx/conf.d/testou.com.conf
upstream webservers {
  server 10.0.0.27:80 max_fails=3 fail_timeout=5;
}
server {
  server_name www.testou.com;
  location / {
    proxy_pass http://webservers;
  }
}

#设置开机自启并立即启动服务
# systemctl enable --now nginx

2.3 Nginx server/php-fpm server/mysql server 配置

#yum安装Nginx/php-fpm/maridb
# yum -y install https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm
# yum -y install nginx php82-php-fpm php82-php-mysqlnd mariadb-server

#注释/etc/nginx/nginx.conf文件中的server配置块

#新建Nginx子配置文件
# cat /etc/nginx/conf.d/testou.com.conf 
server {
  location / {
    root /data/www/wordpress;
    index index.php;
  }
  location ~ \.php$ {
    root /data/www/wordpress;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }
}

#修改php配置文件
# sed -ri '/^user/s#(.*= ).*#\1nginx#' /etc/opt/remi/php82/php-fpm.d/www.conf
# sed -ri '/^group/s#(.*= ).*#\1nginx#' /etc/opt/remi/php82/php-fpm.d/www.conf

#准备访问资源
# mkdir -p /data/www
# wget https://cn.wordpress.org/latest-zh_CN.zip
# unzip -q latest-zh_CN.zip -d /data/www/
# setfacl -m u:nginx:rwx /data/www/wordpress/

#开启服务并设置开机自启
# systemctl enable --now nginx php82-php-fpm mariadb

#准备数据库资源
MariaDB [(none)]> create database wordpress;
MariaDB [(none)]> grant all on wordpress.* to wordpress@'localhost' identified by 'root';

#客户机配置/etc/hosts,访问http://www.testou.com进行安装

3 HAProxy的安装配置

3.1 CentOS7.9 编译安装 HAProxy 2.6.8

3.1.1 预先编译 lua-5.4.4

# cd /usr/local/src
# wget http://www.lua.org/ftp/lua-5.4.4.tar.gz
# tar xf lua-5.4.4.tar.gz -C /usr/local
# yum -y install gcc
# cd /usr/local/lua-5.4.4
# make all test

3.1.2 编译 HAProxy 2.6.8

#准备编译环境
# yum -y install gcc zlib-devel pcre-devel systemd-devel
#下载源码后解压,需过墙
# cd /usr/local/src
# wget http://www.haproxy.org/download/2.6/src/haproxy-2.6.8.tar.gz
# tar xf haproxy-2.6.8.tar.gz -C /usr/local/

#编译HAProxy_2.6.8
# cd /usr/local/haproxy-2.6.8/
# make -j 4 ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=/usr/local/lua-5.4.4/src LUA_LIB=/usr/local/lua-5.4.4/src
# make install PREFIX=/usr/local/haproxy_2.6.8
# ln -s /usr/local/haproxy_2.6.8/ /usr/local/haproxy
# cp /usr/local/haproxy/sbin/haproxy /usr/sbin/

3.1.3 准备 service 文件

# cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=network-online.target
Wants=network-online.target
[Service]
EnvironmentFile=-/etc/default/haproxy
EnvironmentFile=-/etc/sysconfig/haproxy
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/var/lib/haproxy/haproxy.pid" "EXTRAOPTS=-S /var/lib/haproxy/haproxy-master.sock"
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS
ExecReload=/usr/sbin/haproxy -Ws -f $CONFIG -c -q $EXTRAOPTS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
Restart=always
SuccessExitStatus=143
Type=notify
[Install]
WantedBy=multi-user.target

3.1.4 准备配置文件

# mkdir /etc/haproxy
# cat /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /usr/local/haproxy
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
user haproxy
group haproxy
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info

defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms

listen stats
 mode http
 bind 0.0.0.0:9999
 stats enable
 log global
 stats uri    /haproxy-status
 stats auth    haadmin:q1w2e3r4ys

#listen web_port
# bind 192.168.7.101:80
# mode http
# log global
# server web1    127.0.0.1:8080    check inter 3000 fall 2 rise 5

3.1.5 启动服务

 

#创建启动用户
# useradd -r -d /var/lib/haproxy -s /bin/false -M haproxy

#创建工作目录
# mkdir -p /var/lib/haproxy
# chown -R haproxy:haproxy /var/lib/haproxy

#设置开机自启并立即启动haproxy
# systemctl daemon-reload 
# systemctl enable --now haproxy

 

posted on 2023-02-01 17:57  不期而至  阅读(24)  评论(0编辑  收藏  举报
Copyright © 2024 不期而至
Powered by .NET 8.0 on Kubernetes Powered by: 博客园