實現LNMP
實現環境:
服務 | 版本 |
---|---|
系統 | CentOS7.6 |
Mysql | 5.6.34 |
Nginx | 1.14.2 |
PHP | 7.1.30 |
HAProxy | 1.8.20 |
Keepalived | 1.3.5 |
NFS | 1.3.0 |
主機 | IP |
---|---|
Mysql_master | 192.168.37.108 |
Mysql_slave | 192.168.37.105 |
Nginx+PHP | 192.168.37.103 |
Nginx+PHP | 192.168.37.104 |
HAProxy+Keepalived | 192.168.37.101 |
HAProxy+Keepalived | 192.168.37.102 |
VIP | 192.168.37.240 |
NFS_server | 192.168.37.107 |
1 搭建數據庫 (192.168.37.108)
1.1 安裝Mysql
使用腳本一鍵完成
將數據庫軟件包,腳本,配置文件my.cnf放在同一個目錄中執行
#!/bin/bash
DIR=`pwd`
NAME="mysql-5.6.34-linux-glibc2.5-x86_64.tar.gz"
FULL_NAME=${DIR}/${NAME}
DATA_DIR="/data/mysql"
yum install vim gcc gcc-c++ wget autoconf net-tools lrzsz iotop lsof iotop bash-completion -y
yum install curl policycoreutils openssh-server openssh-clients postfix -y
yum install libaio -y
if [ -f ${FULL_NAME} ];then
echo "安裝文件存在"
else
echo "安裝文件不存在"
exit 3
fi
if [ -h /usr/local/mysql ];then
echo "Mysql 已經安裝"
exit 3
else
tar xvf ${FULL_NAME} -C /usr/local/src
ln -sv /usr/local/src/mysql-5.6.34-linux-glibc2.5-x86_64 /usr/local/mysql
if id mysql;then
echo "mysql 用戶已經存在,跳過創建用戶過程"
fi
useradd mysql -s /sbin/nologin
if id mysql;then
chown -R mysql.mysql /usr/local/mysql/* -R
if [ ! -d /data/mysql ];then
mkdir -pv /data/mysql && chown -R mysql.mysql /data -R
/usr/local/mysql/scripts/mysql_install_db --user=mysql --datadir=/data/mysql --basedir=/usr/local/mysql/
cp /usr/local/src/mysql-5.6.34-linux-glibc2.5-x86_64/support-files/mysql.server /etc/init.d/mysqld
chmod a+x /etc/init.d/mysqld
cp ${DIR}/my.cnf /etc/my.cnf
ln -sv /usr/local/mysql/bin/mysql /usr/bin/mysql
/etc/init.d/mysqld start
else
echo "MySQL數據目錄已經存在,"
exit 3
fi
fi
fi
1.2 創建wordpress數據庫並授權
[root@s8 src]#mysql
mysql> CREATE DATABASE wordpress;
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"192.168.37.%" IDENTIFIED BY "123456";
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| wordpress |
+--------------------+
5 rows in set (0.00 sec)
1.3 測試數據庫連接
在wordpress服務器或者HAProxy服務器用授權帳號測試遠程連接是否正滿
[root@s0 ~]#mysql -uwordpress -p123456 -h192.168.37.108
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
| wordpress |
+--------------------+
2 安裝PHP 分別在兩主機上完成相同的操作(192.168.37.103/104)
2.1 編譯安裝php
創建PHP,Nginx共同使用的系統帳號
[root@s4 ~]#useradd -s /sbin/nologin -u 1001
安裝依賴包
[root@s3 src]#yum -y install wget vim pcre pcre-devel openssl openssl-devel libicudevel gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel ison automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl libcurl-devel openjpegdevel
[root@s3 src]#pwd
/usr/local/src
[root@s3 src]#tar xvf php-7.1.30
[root@s3 src]#cd php-7.1.30/
[root@s3 php-7.1.30]#./configure --prefix=/apps/php --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-pear --with-curl --with-png-dir --with-freetype-dir --with-iconv --with-mhash --with-zlib --with-xmlrpc --with-xsl --with-openssl --with-mysqli --with-pdo-mysql --disable-debug --enable-zip --enable-sockets --enable-soap --enable-inline-optimization --enable-xml --enable-ftp --enable-exif --enable-wddx --enable-bcmath --enable-calendar --enable-shmop --enable-dba --enable-sysvsem --enable-sysvshm --enable-sysvmsg
[root@s3 src]make -j 2
[root@s3 src]make install
PHP安裝時間較長
準備配置文件
[root@s3 php-7.1.30]#cd /apps/php/etc/php-fpm.d/
root@s3 php-fpm.d]#ll
total 40
-rw-r--r-- 1 www www 18760 Jun 9 13:01 www.conf.default
[root@s3 php-fpm.d]#cp www.conf.default www.conf
[root@s3 php-fpm.d]#cp /usr/local/src/php-7.1.30/php.ini-production /apps/php/etc/php.ini
編輯配置文件
[root@s3 php-fpm.d]#vim www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 30
pm.min_spare_servers = 30
pm.max_spare_servers = 35
pm.status_path = /pm_status
ping.path = /ping
ping.response = pong
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow
[root@s3 php-fpm.d]#mkdir /apps/php/log/
root@s3 php-fpm.d]#cd /apps/php/etc/
[root@s3 etc]#ll
total 92
-rw-r--r-- 1 www www 1178 Jun 9 13:01 pear.conf
-rw-r--r-- 1 www www 4438 Jun 9 13:01 php-fpm.conf.default
drwxr-xr-x 2 www www 46 Jun 10 10:20 php-fpm.d
-rw-r--r-- 1 www www 72020 Jun 9 13:02 php.ini
[root@s3 etc]#cp php-fpm.conf.default php-fpm.conf
2.2 啓動,測試PHP
檢測語法 啓動
[root@s3 etc]#/apps/php/sbin/php-fpm -t
[10-Jun-2019 10:28:47] NOTICE: configuration file /apps/php/etc/php-fpm.conf test is successful
[root@s3 etc]#/apps/php/sbin/php-fpm
[root@s3 etc]#/apps/php/sbin/php-fpm -c /apps/php/etc/php.ini
[root@s3 etc]#netstat -tanlp |grep php-fpm
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 6386/php-fpm: maste
[root@s3 etc]#ps -ef |grep php-fpm
root 6386 1 0 06:56 ? 00:00:01 php-fpm: master process (/apps/php/etc/php-fpm.conf)
www 6389 6386 0 06:56 ? 00:00:01 php-fpm: pool www
www 6390 6386 0 06:56 ? 00:00:01 php-fpm: pool www
...
3 安裝Nginx(192.168.37.103/104)
3.1 安裝依賴包
[root@s3 src]#pwd
/usr/local/src
[root@s3 src]#yum install -y vim lrzsz tree screen psmisc lsof tcpdump wget ntpdate gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools iotop bc zip unzip zlib-devel bash-completion nfs-utils automake libxml2 libxml2-devel libxslt libxslt-devel perl perl-ExtUtils-Embed
[root@s3 src]#tar xvf nginx-1.14.2
[root@s3 src]#cd nginx-1.14.2/
3.2 自定義server信息
[root@s3 nginx-1.14.2]#vim src/core/nginx.h
13 #define NGINX_VERSION "000"
14 #define NGINX_VER "000" NGINX_VERSION
引號""中爲Nginx版本信息,修改後安裝會顯示自己定義的Nginxt版本
[root@s3 nginx-1.14.2]#vim src/http/ngx_http_header_filter_module.c
49 static u_char ngx_http_server_string[] = "Server: Myserver" CRLF;
Server: 設置爲自定義服務器信息
3.3 編譯安裝Nginx
[root@s3 nginx-1.14.2]#./configure --prefix=/apps/nginx --user=www --group=www --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module
[root@s3 nginx-1.14.2]#make
[root@s3 nginx-1.14.2]#make install
準備一個PHP測試頁面
[root@s3 nginx-1.14.2]#mkdir /data/nginx/wordpress -p
[root@s3 nginx-1.14.2]#vim /data/nginx/wordpress/test.php
<?php
phpinfo();
?>
3.4 配置Nginx
設置啓動帳號
[root@s3 nginx-1.14.2]#vim /apps/nginx/conf/nginx.conf
user www www ;
worker_processes 1;
在http中設置server字段,設置監聽域名www.a.net,主目錄/data/nginx/wordpress index.php
並設置php轉發
server {
listen 80;
server_name www.a.net;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
3.5 配置Nginx啓動腳本
沒有nginx.service文件就用vim創建一個
[root@s3 nginx-1.14.2]#cat /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/apps/nginx/logs/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /apps/nginx/logs/nginx.pid
ExecStartPre=/apps/nginx/sbin/nginx -t
ExecStart=/apps/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
#KillSignal=SIGQUIT
#TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
啓動Nginx
[root@s3 nginx-1.14.2]#systemctl start nginx
[root@s3 nginx-1.14.2]#systemctl status nginx
查看服務是否正常啓動
[root@s3 nginx-1.14.2]#ps -ef |grep nginx
root 6680 1 0 07:04 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx
www 6681 6680 0 07:04 ? 00:00:02 nginx: worker process
root 9495 7297 0 11:22 pts/0 00:00:00 grep --color=auto nginx
瀏覽器測試
4 部署WordPress
4.1 創建網站目錄
[root@s3 nginx-1.14.2]#chown -R www.www /data/nginx
[root@s3 nginx-1.14.2]#cd /data/nginx/
[root@s3 nginx]#tar xf wordpress-5.0.1-zh_CN.tar.gz
[root@s3 nginx]#chown -R www.www /data/
[root@s3 nginx]#cd wordpress
[root@s3 wordpress]#cp wp-config-sample.php wp-config.php
4.2 設置連接數據庫
使用前的數據庫帳號進行連接,通過keepalive服務器的VIP(192.168.37.240)連接數據庫,不直接連接
[root@s3 wordpress]#vim wp-config.php
...
define('DB_NAME', 'wordpress');
/** MySQL數據庫用戶名 */
define('DB_USER', 'wordpress');
/** MySQL數據庫密碼 */
define('DB_PASSWORD', '123456');
/** MySQL主機 */
define('DB_HOST', '192.168.37.240');
/** 創建數據表時默認的文字編碼 */
define('DB_CHARSET', 'utf8');
/** 數據庫整理類型。如不確定請勿更改 */
define('DB_COLLATE', '');
/**#@+
* 身份認證密鑰與鹽。
*
* 修改爲任意獨一無二的字串!
* 或者直接訪問{@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org密鑰生成服務}
* 任何修改都會導致所有cookies失效,所有用戶將必須重新登錄。
*
* @since 2.6.0
*/
define('AUTH_KEY', '`plxTeyf>=SNRd|)F8PLSLO<Ixw<$}AB_o,ts}3 _-)hW)=Ue@<Ah>B#xl?|WlOG');
define('SECURE_AUTH_KEY', '{Q>.,YBJbZKR.+Msb0RMV&6( P-(4_`zQgj@?{-A[=#<]~*[KVCW1?V!hF2d95:S');
define('LOGGED_IN_KEY', '_N|`YMNp.4{ tBS,/sSP{H4g<-t@^z Afyv41:;=.F,4PPwI_4JGY5zUmsNXDToB');
define('NONCE_KEY', 'mF__L/-fP[2ouP Y&pY^)<S/flq=)Q-m1AwH&O`Sx-3#c? C6gpvK2|3zUgpISGB');
define('AUTH_SALT', 'mNDLO|3Ir:72N Mrdn?xAocUme?8/0K.ax>/Yp|0G18a8Pn8{ r@O$u&k1Z{>uso');
define('SECURE_AUTH_SALT', 'K0)Eb;ShB|4=7I]iAqi>v]cRkU7 #}/CwvcY?OAEwe+mr<T^C(DAA&Inw@u}IsWh');
define('LOGGED_IN_SALT', 'NgBg!C(7UJ>P{3|oS6J#svt3A>CC{m_QKkt?2eqzMI=TMuSw,PDW>!+ qz1e9U$l');
define('NONCE_SALT', 'C2&*P1]9Uo[|%b|fFJgMjIe1_Rs_(pb?:55ZXzjU;[Mutt:o~y1u@HB]eP.]z=Z)');
/**#@-*/
訪問https://api.wordpress.org/secret-key/1.1/salt/生成密鑰與鹽
替換文件中的信息
其他的不用再修改
如果有多個wordpress 修改一下數據表前綴(多個wordpress放在一個服務器上才修改爲不同的前綴)
/**
* WordPress數據表前綴。
*
* 如果您有在同一數據庫內安裝多個WordPress的需求,請爲每個WordPress設置
* 不同的數據表前綴。前綴名只能爲數字、字母加下劃線。
*/
$table_prefix = 'wp_';
5 設置haproxy (192.168.37.101/102)
因爲要使用VIP,vip同一時間只能存在一臺服務器上,沒有VIP的一服務器會有故障。所以先打開兩個系統設置,使其在沒有VIP是不報故障
[root@s1 ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
[root@s1 ~]#sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
5.1 編譯安裝haproxy
5.1.1 安裝依賴的工具包
yum install -y gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate
5.1.2 安裝haproxy
[root@s1 src]#pwd
/usr/local/src
[root@s1 src]#tar xvf haproxy-1.8.20.tar.gz
[root@s1 src]#cd haproxy-1.8.20/
[root@s1 haproxy-1.8.20]#make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy
[root@s1 haproxy-1.8.20]#make install PREFIX=/usr/local/haproxy
[root@s1 haproxy-1.8.20]#useradd -s /sbin/nologin -u 2001 haproxy
5.1.3 設置啓動腳本
[root@s1 haproxy-1.8.20]#cp haproxy /usr/sbin
[root@s1 haproxy-1.8.20]#vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pi
d
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
5.1.4 配置haproxy
[root@s1 haproxy-1.8.20]#vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /usr/local/haproxy
#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 2001
gid 2001
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /usr/local/haproxy/run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
listen wordpress
bind 192.168.37.240:80
mode http
# log global
server 192.168.37.103 192.168.37.103:80 check inter 3000 fall 2 rise 5
server 192.168.37.104 192.168.37.104:80 check inter 3000 fall 2 rise 5
listen mysql
bind 192.168.37.240:3306
mode tcp
server 192.168.37.108 192.168.37.108:3306 check inter 3000 fall 2 rise 5
啓動haproxy
[root@s1 haproxy-1.8.20]#systemctl start haproxy.service
[root@s1 haproxy-1.8.20]#ps -ef |grep haproxy
root 6306 1 0 13:24 ? 00:00:00 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
haproxy 6336 6306 0 13:24 ? 00:00:02 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
root 6843 6580 0 14:10 pts/0 00:00:00 grep --color=auto haproxy
6 設置keepalived (192.168.37.101/102)
6.1 yum安裝keepalived
[root@s1 ~]#yum install keepalived -y
[root@s1 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VIP1 {
state MASTER #一臺爲MASTER,一臺爲BACKUP
interface eth1
virtual_router_id 55
priority 100
unicast_src_ip 192.168.37.101
unicast_peer {
192.168.37.102
}
authentication {
auth_type PASS
auth_pass abcd
}
virtual_ipaddress {
192.168.37.240 dev eth1 label eth1:0
}
}
6.2 啓動
[root@s1 ~]#systemctl start keepalived
[root@s1 ~]#ps -ef |grep keepalived
root 6309 1 0 13:24 ? 00:00:00 /usr/sbin/keepalived -D
root 6312 6309 0 13:24 ? 00:00:00 /usr/sbin/keepalived -D
root 6313 6309 0 13:24 ? 00:00:01 /usr/sbin/keepalived -D
root 6980 6580 0 14:23 pts/0 00:00:00 grep --color=auto keepalived
7 掛載NFS文件存儲
7.1 安裝nfs-utils(192.168.37.107/103/104)
[root@s7 ~]#yum install nfs-utils
7.2 設置NFS同享
[root@s7 ~]#mkdir /data/nginx/wordpress
[root@s7 ~]#vim /etc/exports
/data/nginx/wordpress *(rw,no_root_squash)
[root@s7 ~]#exportfs -f
7.3 掛載NFS(192.168.37.103/104)
[root@s3 ~]#showmount -e 192.168.37.107
Export list for 192.168.37.107:
/data/nginx/wordpress *
[root@s3 ~]#mount 192.168.37.107:/data/nginx/wordpress /data/nginx/wordpress/wp-content/uploads/
驗證
將自定義的域名在主機中解析爲192.168.37.240
打開瀏覽器輸入www.a.net
設置正常就應該會出現wordpress的註冊界面