1、Nginx四、七层反代总结
2、Nginx反代wordpress的实现
3、HAProxy的安装配置
------------------------------------------------------------------------------------------------------------
1 Nginx四、七层反代总结
#Nginx四层反代: 将接收到的客户端TCP/UDP请求,转发到后端TCP/UDP服务器进行处理。 代理服务器根据后端服务器的处理情况,返回客户端处理结果。
#Nginx七层反代: 在四层通信建立的基础上,将接收到的客户端应用层请求(如HTTP),转发到后端应用服务器(如Nginx/Apache)进行处理。 代理服务器根据后端服务器的处理情况,返回客户端处理结果。
2 Nginx反代wordpress的实现
2.1 环境
10.0.0.7 #Nginx proxy 10.0.0.27 #Nginx server/php-fpm server/mysql server
2.2 Nginx proxy 配置
#yum安装Nginx # yum -y install nginx #新建子配置文件 # cat /etc/nginx/conf.d/testou.com.conf upstream webservers { server 10.0.0.27:80 max_fails=3 fail_timeout=5; } server { server_name www.testou.com; location / { proxy_pass http://webservers; } } #设置开机自启并立即启动服务 # systemctl enable --now nginx
2.3 Nginx server/php-fpm server/mysql server 配置
#yum安装Nginx/php-fpm/maridb # yum -y install https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm # yum -y install nginx php82-php-fpm php82-php-mysqlnd mariadb-server #注释/etc/nginx/nginx.conf文件中的server配置块 #新建Nginx子配置文件 # cat /etc/nginx/conf.d/testou.com.conf server { location / { root /data/www/wordpress; index index.php; } location ~ \.php$ { root /data/www/wordpress; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } #修改php配置文件 # sed -ri '/^user/s#(.*= ).*#\1nginx#' /etc/opt/remi/php82/php-fpm.d/www.conf # sed -ri '/^group/s#(.*= ).*#\1nginx#' /etc/opt/remi/php82/php-fpm.d/www.conf #准备访问资源 # mkdir -p /data/www # wget https://cn.wordpress.org/latest-zh_CN.zip # unzip -q latest-zh_CN.zip -d /data/www/ # setfacl -m u:nginx:rwx /data/www/wordpress/ #开启服务并设置开机自启 # systemctl enable --now nginx php82-php-fpm mariadb #准备数据库资源 MariaDB [(none)]> create database wordpress; MariaDB [(none)]> grant all on wordpress.* to wordpress@'localhost' identified by 'root'; #客户机配置/etc/hosts,访问http://www.testou.com进行安装
3 HAProxy的安装配置
3.1
3.1.1 预先编译 lua-5.4.4
# cd /usr/local/src # wget http://www.lua.org/ftp/lua-5.4.4.tar.gz # tar xf lua-5.4.4.tar.gz -C /usr/local # yum -y install gcc # cd /usr/local/lua-5.4.4 # make all test
3.1.2 编译 HAProxy 2.6.8
#准备编译环境 # yum -y install gcc zlib-devel pcre-devel systemd-devel #下载源码后解压,需过墙 # cd /usr/local/src # wget http://www.haproxy.org/download/2.6/src/haproxy-2.6.8.tar.gz # tar xf haproxy-2.6.8.tar.gz -C /usr/local/ #编译HAProxy_2.6.8 # cd /usr/local/haproxy-2.6.8/ # make -j 4 ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=/usr/local/lua-5.4.4/src LUA_LIB=/usr/local/lua-5.4.4/src # make install PREFIX=/usr/local/haproxy_2.6.8 # ln -s /usr/local/haproxy_2.6.8/ /usr/local/haproxy # cp /usr/local/haproxy/sbin/haproxy /usr/sbin/
3.1.3
# cat /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=network-online.target Wants=network-online.target [Service] EnvironmentFile=-/etc/default/haproxy EnvironmentFile=-/etc/sysconfig/haproxy Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/var/lib/haproxy/haproxy.pid" "EXTRAOPTS=-S /var/lib/haproxy/haproxy-master.sock" ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS ExecReload=/usr/sbin/haproxy -Ws -f $CONFIG -c -q $EXTRAOPTS ExecReload=/bin/kill -USR2 $MAINPID KillMode=mixed Restart=always SuccessExitStatus=143 Type=notify [Install] WantedBy=multi-user.target
# mkdir /etc/haproxy # cat /etc/haproxy/haproxy.cfg global maxconn 100000 chroot /usr/local/haproxy stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin user haproxy group haproxy daemon #nbproc 4 #cpu-map 1 0 #cpu-map 2 1 #cpu-map 3 2 #cpu-map 4 3 pidfile /var/lib/haproxy/haproxy.pid log 127.0.0.1 local3 info defaults option http-keep-alive option forwardfor maxconn 100000 mode http timeout connect 300000ms timeout client 300000ms timeout server 300000ms listen stats mode http bind 0.0.0.0:9999 stats enable log global stats uri /haproxy-status stats auth haadmin:q1w2e3r4ys #listen web_port # bind 192.168.7.101:80 # mode http # log global # server web1 127.0.0.1:8080 check inter 3000 fall 2 rise 5
#创建启动用户 # useradd -r -d /var/lib/haproxy -s /bin/false -M haproxy #创建工作目录 # mkdir -p /var/lib/haproxy # chown -R haproxy:haproxy /var/lib/haproxy #设置开机自启并立即启动haproxy # systemctl daemon-reload # systemctl enable --now haproxy