N46-第十六周作业

架构题：前端有一个 LAMP 架构通过 wordpress 来部署，后端构建一个 NFS 服务器实现要求将用户上传的图片保存至后端 NFS 服务器上。

答：

一、通过LANMP架构部署wordpress

1、编译安装apache
# 下载apache相关源码包
dnf -y install gcc make pcre-devel openssl-devel expat-devel
wget https://downloads.apache.org/apr/apr-1.7.0.tar.bz2
wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.bz2
wget https://downloads.apache.org/httpd/httpd-2.4.46.tar.bz2

# 解压源码包至指定位置
dnf install -y tar bzip2
tar xvf apr-1.7.0.tar.bz2 -C /usr/local/src/
tar xvf apr-util-1.6.1.tar.bz2 -C /usr/local/src/
tar xvf httpd-2.4.46.tar.bz2 -C /usr/local/src/

# 编译apr
cd /usr/local/src/apr-1.7.0/
./configure --prefix=/app/apr
make -j 4 && make install

# 编译apr-util
cd /usr/local/src/apr-util-1.6.1/
./configure --prefix=/app/apr-util --with-apr=/app/apr/
make -j 4 && make install

# 编译apache
cd /usr/local/src/httpd-2.4.46/
./configure --prefix=/app/httpd24/ --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/app/apr/ --with-apr-util=/app/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=event
make -j 4 && make install

# 添加apache用户并修改httpd配制文件
useradd -s /sbin/nologin -r -u 88 apache
sed -i s#'User daemon'#'User apache'# /app/httpd24/conf/httpd.conf
sed -i s#'Group daemon'#'Group apache'# /app/httpd24/conf/httpd.conf
sed -i s/'#ServerName www.example.com:80'/'ServerName www.example.com:80'/ /app/httpd24/conf/httpd.conf

# 环境变量添加apache路径
echo 'PATH=/app/httpd24/bin:$PATH' > /etc/profile.d/lamp.sh
. /etc/profile.d/lamp.sh

# 添加apache启动脚本
cat > /usr/lib/systemd/system/httpd24.service <<-EOF
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
EnviromentFile=/app/httpd24/conf/httpd.conf
ExecStart=/app/httpd24/bin/apachectl -k start
ExecReload=/app/httpd24/bin/apachectl -k graceful
ExecStop=/app/httpd24/bin/apachectl -k stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.targe
EOF

systemctl daemon-reload
systemctl start httpd24

2、二进制安装mariadb
# 添加mysql用户、下载mariadb二进制包
cd ~
useradd -s /sbin/nologin -r mysql
wget https://mirrors.tuna.tsinghua.edu.cn/mariadb//mariadb-10.5.5/bintar-linux-systemd-x86_64/mariadb-10.5.5-linux-systemd-x86_64.tar.gz

# 解压mariadb二进制包
tar xvf mariadb-10.5.5-linux-systemd-x86_64.tar.gz -C /usr/local/

# 创建软链接，修改mariadb目录权限
cd /usr/local
ln -sv mariadb-10.5.5-linux-systemd-x86_64 mysql
cd mysql/
chown -R root.root ./*
mkdir -p /data/mysql
chown -R mysql.mysql /data/mysql/
mkdir /etc/mysql
\cp -a support-files/wsrep.cnf /etc/mysql/my.cnf
sed -i '14i datadir=/data/mysql' /etc/mysql/my.cnf
sed -i '15i skip_name_resolve=ON' /etc/mysql/my.cnf

# 添加mariadb的环境变量
sed -i s#'PATH=/app/httpd24/bin:$PATH'#'PATH=/app/httpd24/bin:/usr/local/mysql/bin/:$PATH'# /etc/profile.d/lamp.sh

# 初始化mariadb，并自启动mariadb
dnf install -y ncurses-compat-libs
cd /usr/local/mysql/;scripts/mysql_install_db --user=mysql --datadir=/data/mysql
\cp -a support-files/systemd/mariadb.service /usr/lib/systemd/system/
systemctl daemon-reload
systemctl enable --now mariadb.service

# 添加wordpress库，并在mariadb中添加wpuser用户并授权
mysql -e 'create database wordpress;'

mysql << EOF
grant all on wordpress.* to wpuser@'%' identified by "wppass";
grant all on wordpress.* to wpuser@'localhost' identified by "wppass";
EOF

 

3、编译安装php 7.4.10
# 添加阿里云的epel源，并下载php所需要的相关包
cd ~
yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
yum clean all
dnf install -y gcc gcc-c++ libxml2-devel bzip2-devel sqlite-devel libmcrypt-devel

# 源码编译onig组件
dnf install -y autoconf automake libtool
wget https://github.com/kkos/oniguruma/releases/download/v6.9.5/onig-6.9.5.tar.gz
tar xvf onig-6.9.5.tar.gz
cd onig-6.9.5
./configure --prefix=/usr
make -j 4 && make install

# 下载php源码包
cd ~
wget https://www.php.net/distributions/php-7.4.10.tar.xz

# 解压php源码包至指定位置
tar xvf php-7.4.10.tar.xz -C /usr/local/src/

# 编译安装php
cd /usr/local/src/php-7.4.10/
./configure --prefix=/app/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
make -j 4 && make install

# 添加php环境变量
sed -i s#'PATH=/app/httpd24/bin:/usr/local/mysql/bin/:$PATH'#'PATH=/app/httpd24/bin:/usr/local/mysql/bin/:/app/php74/bin:$PATH'# /etc/profile.d/lamp.sh
. /etc/profile.d/lamp.sh

# 添加相关配制文件
\cp -a php.ini-production /etc/php.ini
\cp -a sapi/fpm/php-fpm.service /usr/lib/systemd/system/
cd /app/php74/etc/
\cp -a php-fpm.conf.default php-fpm.conf

# 修改www.conf配制文件
cd php-fpm.d/
\cp -a www.conf.default www.conf
sed -i s#'user = nobody'#'user = apache'# /app/php74/etc/php-fpm.d/www.conf
sed -i s#'group = nobody'#'group = apache'# /app/php74/etc/php-fpm.d/www.conf
sed -i s#';pm.status_path = /status'#'pm.status_path = /fpm_status'# /app/php74/etc/php-fpm.d/www.conf
sed -i s#';ping.path = /ping'#'ping.path = /ping'# /app/php74/etc/php-fpm.d/www.conf

# 添加opcache.ini
mkdir /etc/php.d/
cat > /etc/php.d/opcache.ini <<-EOF
[opcache]
zend_extension=opcache.so
opcache.enable=1
EOF

# 启动php
systemctl daemon-reload
systemctl enable --now php-fpm.service

4、修改apache的httpd.conf文件，使apache支持php文件解析
sed -i s@'#LoadModule proxy_module modules/mod_proxy.so'@'LoadModule proxy_module modules/mod_proxy.so'@ /app/httpd24/conf/httpd.conf
sed -i s@'#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so'@'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so'@ /app/httpd24/conf/httpd.conf
sed -i s/'DirectoryIndex index.html'/'DirectoryIndex index.php index.html'/ /app/httpd24/conf/httpd.conf

# 添加虚拟目录
cat >> /app/httpd24/conf/httpd.conf <<-EOF
AddType application/x-httpd-php .php
ProxyRequests off

<virtualhost *:80>
servername blog.magedu.org
documentroot /data/wordpress
<directory /data/wordpress>
require all granted
</directory>
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/wordpress/$1
ProxyPassMatch ^/(fpm_status|ping)$ fcgi://127.0.0.1:9000/$1
CustomLog "logs/access_wordpress_log" common
</virtualhost>
EOF

# 重启httpd服务
systemctl restart httpd24

5、配制wordpress
# 下载wordpress二进制码包。
cd ~
wget https://cn.wordpress.org/latest-zh_CN.tar.gz

# 创建wordpree目录并授权apache用户可以正常读写。
mkdir /data/
tar xvf wordpress-5.4.2-zh_CN.tar.gz -C /data/
setfacl -R -m u:apache:rwx /data/wordpress/

 

二、建立后端nfs存储

后端：
# 安装nfs-utils包，并启动
dnf install -y nfs-utils
systemctl enable --now nfs-server.service

# 创建后台存储目录
mkdir -p /data/wordpress/uploads

# 建立挂载关系文件
vim /etc/exports.d/wp.exports
/data/wordpress/uploads 10.0.0.201(rw,no_root_squash)

# 使挂载关系文件生效，并查看挂载关系。
exportfs -r
exportfs -v
/data/wordpress/uploads    10.0.0.201(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)

 

lamp前端：
# 安装nfs-utils包
dnf install -y nfs-utils

# 查看待挂载服务器的服务目录
showmount -e 10.0.0.202
Export list for 10.0.0.202:
/data/wordpress/uploads 10.0.0.201

# 手动挂载，并在挂载点上创建目录，测试是否有读写权限
mount 10.0.0.202:/data/wordpress/uploads/ /data/wordpress/wp-content/uploads/
mkdir -p /data/wordpress/wp-content/uploads/2020/09/

#自动挂载，需要在/etc/fstab中，添加一行如下代码
vim /etc/fstab
10.0.0.202:/data/wordpress/uploads/ /data/wordpress/wp-content/uploads/ nfs _netdev 0 0