m6-第11周作业
部署网站并挂载nfs
(1)部署dedecms(www网站),discuz(bbs网站), wordpress(blog网站)
1.下载 分别下载安装包文件 [root@web02 ~]# cd /home/oldboy/tools/ wget http://updatenew.dedecms.com/base‐v57/package/DedeCMS‐V5.7‐UTF8‐SP2.tar.gz wget http://download.comsenz.com/DiscuzX/2.5/Discuz_X2.5_SC_UTF8.zip wget https://cn.wordpress.org/wordpress‐4.9.4‐zh_CN.tar.gz 2.解压安装 分别解压下载解压安装包,移动文件到对应站点目录即可 这里以www站点安装包解压移动为例,其他站点原理一样 [root@web02 tools]# tar xf DedeCMS‐V5.7‐UTF8‐SP2.tar.gz [root@web02 tools]# cd DedeCMS‐V5.7‐UTF8‐SP2 [root@web02 DedeCMS‐V5.7‐UTF8‐SP2]# mv uploads/* /application/nginx/html/www/ 3.修改权限 让html下的www blog bbs 站点目录的用户及组都是 www 用户 [root@web02 tools]#chown ‐R www.www /application/nginx/html 4.编辑配置文件 各个站点的配置文件及站点目录 [root@web02 tools]#cat /application/nginx/conf/extra/www.conf blog.conf bbs.conf server { listen 80; server_name www.lewen.com ; root html/www; index index.php index.html index.htm; location ~ .*\.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } access_log logs/access_www.log main; } server { listen 80; server_name blog.lewen.com ; root html/blog; index index.php index.html index.htm; location ~ .*\.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } access_log logs/access_blog.log main; } server { listen 80; server_name bbs.lewen.com ; root html/bbs; index index.php index.html index.htm; location ~ .*\.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } access_log logs/access_bbs.log main; } 5.平滑重启服务 /application/nginx/sbin/nginx ‐t /application/nginx/sbin/nginx ‐s reload 6.创建数据库及用户名 在浏览器中,站点后续安装需要用到,记住数据库名,用户名及密码,后面对应填入即 可 create database wordpress; grant all on wordpress.* to 'wordpress'@'172.16.1.0/255.255.255.0' identified by '123456'; create database wwwcms; grant all on wwwcms.* to 'wwwcms'@'172.16.1.0/255.255.255.0' identified by '123456'; create database bbsdis; grant all on bbsdis.* to 'bbsdis'@'172.16.1.0/255.255.255.0' identified by '123456'; 7.浏览器站点后续安装完善 这里以浏览器中完善安装www站点为例。bbs站点的浏览器中完善原理相同。
(2)并把用户上传的目录挂载到nfs01的/data/www /data/bbs /data/blog上
nfs服务器前面已经安装配置好,这里不再赘述,主要列出关键的步骤
1.创建共享目录
[root@nfs01 data]# mkdir /data/{www,bbs,blog}
[root@nfs01 data]# tree /data
/data
├── bbs
├── blog
└── www
2.编辑配置文件
[root@nfs01 data]# vim /etc/exports
#share to 172.16.1.0/24
/data/www
172.16.1.0/24(rw,sync,all_squash,anonuid=65534,anongid=65534)
/data/blog
172.16.1.0/24(rw,sync,all_squash,anonuid=65534,anongid=65534)
/data/bbs
172.16.1.0/24(rw,sync,all_squash,anonuid=65534,anongid=65534)
3.平滑重启
[root@nfs01 data]# /etc/init.d/nfs reload
4.查看
[root@nfs01 data]# showmount ‐e 172.16.1.31
Export list for 172.16.1.31:
/data/bbs 172.16.1.0/24
/data/blog 172.16.1.0/24
/data/www 172.16.1.0/24
5.客户端
5.1 安装软件
yum install nfs‐utils rpcbind ‐y
/etc/init.d/rpcbind start
chkconfig rpcbind on
chkconfig nfs off
5.2 创建上传目录
[root@web01 ~]# tree /upload/
/upload/
├── bbs
├── blog
└── www
5.3 客户端查看nfs服务器分享信息
[root@web01 ~]# showmount ‐e 172.16.1.31
Export list for 172.16.1.31:
/data/bbs 172.16.1.0/24
/data/blog 172.16.1.0/24
/data/www 172.16.1.0/24
5.4 挂载目录
[root@web01 ~]# for name in www bbs blog;do mount ‐t nfs ‐o
nosuid,noexec,nodev,noatime,nodiratime,rsize=131072,wsize=131072
172.16.1.31:/data/$name /upload/$name;done
5.5 查看
[root@web01 ~]# df ‐h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 8.6G 4.1G 4.1G 50% /
tmpfs 491M 0 491M 0% /dev/shm
/dev/sda1 190M 27M 154M 15% /boot
172.16.1.31:/data/www
8.6G 1.2G 7.0G 15% /upload/www
172.16.1.31:/data/bbs
8.6G 1.2G 7.0G 15% /upload/bbs
172.16.1.31:/data/blog
8.6G 1.2G 7.0G 15% /upload/blog
6.测试
web客户端
[root@web01 www]# cd /upload/www
[root@web01 www]# touch www.txt
[root@web01 www]# ll
total 0
‐rw‐r‐‐r‐‐. 1 nfsnobody nfsnobody 0 Sep 6 21:18 www.txt
nfs服务器端查看
[root@nfs01 data]# ll /data/www/
total 0
‐rw‐r‐‐r‐‐. 1 nfsnobody nfsnobody 0 Sep 6 21:18 www.txt
至此全部置完成
负载均衡与高可用搭建
2.在题目1基础上完成负载均衡及高可用的搭建并测试。
搭建全网备份服务器备份所有的配置文件和数据库的数据及存储的数据。
给出操作步骤
(1)负载均衡及高可用的搭建
1.负载均衡服务器lb01(主)配置 lb02(备)配置同理
nginx 配置文件
[root@lb01 conf]# cat /application/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream server_pools {
server 10.0.0.7:80 weight=1;
server 10.0.0.8:80 weight=1;
}
server {
listen 80;
server_name bbs.lewen.com;
location / {
proxy_pass http://server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 80;
server_name www.lewen.com;
location / {
proxy_pass http://server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 80;
server_name blog.lewen.com;
location / {
proxy_pass http://server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
2. lb01 keepalived 配置文件
lb02 需要将state MASTER 改为state BACKUP 其他相同
[root@lb01 conf]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id LB01
}
vrrp_script check_lb {
script "/server/scripts/check_lb.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
track_script {
check_lb
}
}
2.1 检查lb服务器nginx状态的脚本
[root@lb01 conf]# cat /server/scripts/check_lb.sh
#!/bin/bash
if [ `ps -ef |grep nginx|grep -v grep|wc -l` -eq 0 ];
then
/etc/init.d/keepalived stop
fi
3.平滑重启服务
[root@lb01 conf]# nginx -t
nginx: the configuration file /application/nginx-1.14.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.14.0//conf/nginx.conf test is successful
[root@lb01 conf]# nginx -s reload
[root@lb01 conf]# /etc/init.d/keepalived restart
Stopping keepalived: [ OK ]
Starting keepalived: [ OK ]
4.查看
[root@lb01 conf]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ca:26:c4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
inet 10.0.0.3/24 scope global secondary eth0:1
inet6 fe80::20c:29ff:feca:26c4/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 conf]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ca:e7:7f brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:feca:e77f/64 scope link
valid_lft forever preferred_lft forever
4.1 测试负载均衡
[root@lb01 conf]# killall nginx
[root@lb01 conf]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ca:26:c4 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:feca:26c4/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 conf]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ca:e7:7f brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
inet 10.0.0.3/24 scope global secondary eth0:1
inet6 fe80::20c:29ff:feca:e77f/64 scope link
valid_lft forever preferred_lft forever
vip 已经飘到lb02 keepalived 安装配置成功
5.添加Windows本地hosts解析
10.0.0.3 www.lewen.com blog.lewen.com bbs.lewen.com status.lewen.com
6.测试连接
www.lewen.com
blog.lewen.com
bbs.lewen.com 都能正常访问
6.1 测试当web01挂掉后,看能不能访问站点
关掉web01的nginx所有服务
发现此时再访问时,负载均衡已经到web 02
见6.1图
6.2 访问 www.lewen.com
居然报错了,不应该啊。
为什么访问 oldboy.html 可以,而主站点www.lewen.com就不行 见6.2 a 图
经过查看日志,检查服务,发现是web02的php服务没有开启
经过检查,再次访问www.lewen.com
已经可以正常访问了 见 6.2 b 图
到此负载均衡安装完毕
(2)搭建全网备份服务器备份文件和数据库的数据及存储的数据
1.backup服务器搭建
[root@backup ~]# rpm -qa rsync
rsync-3.0.6-12.el6.x86_64
[root@backup ~]# mkdir /wwwbackup
[root@backup ~]# useradd -s /sbin/nologin -M rsync
[root@backup ~]# chown -R rsync.rsync /wwwbackup
[root@backup ~]# ll /wwwbackup -d
drwxr-xr-x. 2 rsync rsync 4096 Sep 7 15:06 /wwwbackup
[root@backup ~]# echo 'rsync_backup:123456' >/etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:123456
[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 20 Jan 18 23:32 /etc/rsync.password
[root@backup ~]# vim /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
[wwwbackup]
path = /wwwbackup/
2.客户端
2.1 备份脚本的书写
[root@web01 mysql]# vim /server/scripts/bak-www.sh
#!/bin/bash
#desc: backup html && conf
Date=$(date +%F_%w)
#backup file && conf
cd / && \
tar zchf /backup/web01-${Date}.tar.gz /application/nginx/html/ /application/nginx/conf/ /application/mysql/data /etc/rc.local /var/spool/cron/
#make md5sum
cd /backup/ && \
md5sum web01-${Date}.tar.gz >check.log
#rsync file to backup
rsync -az /backup/ rsync_backup@172.16.1.41::wwwbackup --password-file=/etc/rsync.password
#delete 7 day ago
find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm -i /backup/{}
2.2定时任务
[root@web01 mysql]# crontab -e
#backup conf html lewen 2018-07-25
00 0 * * * /bin/sh /server/scripts/bak-www.sh >/dev/null 2>&1
3.backup服务器检查
3.1 backup 检查脚本
[root@backup backup]# cat /server/scripts/check_www_bak.sh
#!/bin/bash
#del 180 day file keep every 6
find /wwwbackup/ -type f -name "*.tar.gz" -mtime +180 ! -name "*_6.tar.gz"|xargs rm
#check
cd /backup/ && md5sum -c check.log >/wwwbackup/result.log
if [ $? -ne 0 ];then
mail -s "md5sum wrong" fadewalk@qq.com </wwwbackup/result.log
fi
3.2 backup 定时任务
[root@backup ~]# crontab -e
#check & send result lewen
* * * * * /bin/bash /server/scripts/check_www_bak.sh >/dev/null 2>&1
4 测试
4.1 web服务器端
[root@web01 mysql]# ll /backup/
-rw-r--r--. 1 root root 60 Sep 7 15:44 check.log
-rw-r--r--. 1 root root 29394487 Sep 7 15:44 web01-2018-09-07_5.tar.gz
4.2 backup备份服务器端
[root@backup ~]# ll /wwwbackup/
-rw-r--r--. 1 rsync rsync 60 Sep 7 15:44 check.log
-rw-r--r--. 1 rsync rsync 29394487 Sep 7 15:44 web01-2018-09-07_5.tar.gz
到此全部结束
本文来自博客园,作者:元贞,转载请注明原文链接:https://www.cnblogs.com/yuleicoder/articles/10528147.html
浙公网安备 33010602011771号