文章目錄
1. mysql的主從複製高可用性解決方案MHA
- 軟件包
mha4mysql-manager-0.56-0.el6.noarch.rpm
mha4mysql-node-0.56-0.el6.noarch.rpm
5.5.64-MariaDB - 實現一主兩從的架構
- MHA監控一主兩從,當主掛了,會自動切換到指定的從節點上
1.1 MHA配置
主機ip:192.168.43.129/24
gateway:192.168.43.139
安裝包
yum --enablerepo=aliyun_epel install mariadb-server mha4mysql-manager-0.56-0.el6.noarch.rpm mha4mysql-node-0.56-0.el6.noarch.rpm -y
基於key的證
ssh-keygen
ssh-copy-id 127.0.0.1
scp -r ~/.ssh/ 192.168.43.99:/root/
scp -r ~/.ssh/ 192.168.43.109:/root/
scp -r ~/.ssh/ 192.168.43.119:/root/
配置文件
mkdir /etc/mha/
vim /etc/mha/app1.cnf
[server default]
user=mha
password=mha
manager_workdir=/data/mastermha/app1/
manager_log=/data/mastermha/app1/manager.log
remote_workdir=/data/mastermha/app1/
ssh_user=root
repl_user=replication
repl_password=replication
ping_interval=1
[server1]
hostname=192.168.43.119
candidate_master=1
[server2]
hostname=192.168.43.109
[server3]
hostname=192.168.43.99
candidate_master=1
檢測
連接檢測
masterha_check_ssh --conf=/etc/mha/app1.cnf
複製檢測
masterha_check_repl --conf=/etc/mha/app1.cnf
啓動MHA
masterha_manager --conf=/etc/mha/app1.cnf
1.2 mysql master 的配置
主機ip:192.168.43.119
gateway:192.168.43.139
安裝包
yum install mha4mysql-node-0.56-0.el6.noarch.rpm mariadb-server -y
配置文件 /etc/my.conf
[mysqld]
log-bin
server_id=119
skip_name_resolv=1
systemctl enable --now mariadb
啓動服務
systemctl enable --now mariadb
配置相關聯的數據庫用戶
mysq
grant replication slave on *.* to replication@'192.168.43.%' identified by 'replication';
grant all on *.* to mha@'192.168.43.%' identified by 'mha';
grant replication client on *.* to monitor@'192.168.43.%' identified by 'monitor';
grant all on *.* to sqluser@'192.168.43.%' identified by 'sql';
grant all on discuz.* to discuz@'192.168.43.%' identified by 'discuz';
create database discuz;
1.3 mysql slave的配置
主機ip: 192.168.43.109 192.168.43.99
gateway:192.168.43.139
安裝包
yum install mha4mysql-node-0.56-0.el6.noarch.rpm mariadb-server -y
配置文件 /etc/my.cnf
[mysqld]
log-bin
server_id=99 // 另一臺主機配置 109
read_only
skip_name_resolve=1
relay_log_purge=0
啓動服務
systemctl enable --now mariadb
同步信息配置
mysql
CHANGE MASTER TO
MASTER_HOST='192.168.43.119',
MASTER_USER='replication',
MASTER_PASSWORD='replication',
MASTER_PORT=3306,
MASTER_LOG_FILE='mariadb-bin.000001',
MASTER_LOG_POS=245;
start slave;
show slave status\G
2. client 的配置
主機ip:192.168.1.8/24
gateway:192.168.1.9
ip、gateway、dns設置
nmcli connection modify ens33 ipv4.addresses 192.168.1.8/24 ipv4.gateway 192.168.1.9 ipv4.dns 192.168.2.200
nmcli connection reload
nmcli connection up ens33
3. route 的配置
ens33:: 192.168.1.9/24
ens37: 192.168.2.254/24
查看ip
開啓路由轉發功能
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
配置防火牆規則
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 ! -d 192.168.1.0/24 -j SNAT --to-source 192.168.2.254
4. 主DNS 的配置
主機ip: 192.168.2.200/24
安裝包
yum install bind -y
配置文件
vim /etc/named.conf
options {
listen-on port 53 { localhost; };
allow-query { any; };
}
vim /etc/named.rfc1912.zones
zone "xuepeng.com" IN {
type master;
file "xuepeng.com.zone";
};
區域數據庫文件
cd /var/named/
cp -p named.localhost xuepeng.com.zone
vim xuepeng.com.zone
檢測語法
named-checkconf
named-checkzone xuepeng.com xuepeng.com.zone
開啓dns
systemctl enable --now named
驗證dns是否成功
5. firewall 的配置
ip 設置
ens37:192.168.2.100/24
ens33:192.168.43.139/24
防火牆規則
iptables -t nat -A PREROUTING -d 192.168.2.100 -p tcp --dport 80 -j DNAT --to-destination 192.168.43.100
iptables-save > /data/iptables_rule
echo "iptables-restore < /data/iptables_rule" >> /etc/rc.d/rc.local
chmod +x /etc/rc.d/rc.local
開啓路由轉發功能
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
6. keepalived + lvs 實現web集羣高可用
6.1 keepalived + lvs_01
- ip: 192.168.43.19/24
- gateway: 192.168.43.139
- vip: 192.168.43.100
安裝包
yum install keepalived ipvsadm -y
配置文件
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.bak
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepalived01
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.43.100/24 dev ens33 label ens33:0
}
}
virtual_server 192.168.43.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.43.39 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.43.49 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
啓動服務查看進程
systemctl enable --now keepalived
ps aux|grep keepalived
6.2 keepalived + lvs_02
- ip: 192.168.43.29/24
- gateway: 192.168.43.139
- vip: 192.168.43.200
配置文件
相對 192.168.43.19修改如下:
router_id keepalived02
state BACKUP
priority 80
啓動服務
systemctl enable --now keepalived
ps aux|grep keepalived
6.3 nginx + php-fpm_01 的配置
ip: 192.168.43.43.39/24
gateway: 192.168.43.139
安裝包,啓動服務,查看端口
yum --enablerepo=aliyun_epel install nginx -y
nginx
lsof -i:80
配置vip
cd /etc/sysconfig/network-scripts/
cp ifcfg-lo ifcfg-lo:0
vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.43.100
NETMASK=255.255.255.255
NETWORK=192.168.43.0
BROADCAST=192.168.43.255
ONBOOT=yes
NAME=lo:0
systemctl restart network
設置arp讓vip保持沉默
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
sysctl -p
yum 安裝新版本php-fpm
yum install https://mirror.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm --enablerepo=aliyun_epel -y
yum install php73-php-fpm php73-php-mysql --enablerepo=remi-php73 --enablerepo=aliyun_epel -y
php-fpm相關配置優化
grep "^[a-z]" /etc/opt/remi/php73/php-fpm.conf
include=/etc/opt/remi/php73/php-fpm.d/*.conf
pid = /var/opt/remi/php73/run/php-fpm/php-fpm.pid
error_log = /var/opt/remi/php73/log/php-fpm/error.log
daemonize = yes
vim /etc/opt/remi/php73/php-fpm.d/www.conf
listen = 127.0.0.1:9000 //監聽地址及ip
listen.allowed_clients = 127.0.0.1 //允許客戶端從哪個源ip地址訪問
user = nginx //啓動的用戶和組
group = nginx
pm = dynamic //動態模式進程管理
pm.max_children = 500 //靜態方式下開啓的php-fpm進程數量,在動態模式下這個值限定php-fpm的最大進程數
pm.start_servers = 100 //動態模式下的初始進程數,必須大於等於pm.min_spare_servers,小於等於 pm.man_spare_servers
pm.min_spare_servers = 100 //最小空閒進程數
pm.man_spare_servers = 200 // 最大空閒進程數
pm.max_requests = 500000 //進程累計請求回收值,會重啓
pm.status_path = /pm_status //狀態訪問url
ping.path = /ping // 訪問動地址
ping.response = pong //ping 返回值
slowlog = /var/opt/remi/php73/log/php-fpm/www-slow.log //慢日誌路徑
php_admin_value[error_log] = /var/opt/remi/php73/log/php-fpm/www-error.log //錯誤日誌
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files //php session 保存方式方式及路徑
php_value[session.save_path] = /var/opt/remi/php73/lib/php/session //當時使用file方式保存session的文件路徑
啓動 php-fpm
systemctl enable --now php73-php-fpm
設置nginx轉發
vim /etc/nginx/conf.d/blogs.xuepeng.com.conf
server {
listen 80;
server_name blogs.xuepeng.com;
index index.php index.html;
location ~* \.php$ {
root /data/blogs;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param SCRIPT_FILENAME /data/blogs$fastcgi_script_name;
include fastcgi_params;
}
}
mkdir /data/blogs
nginx -s reload
在dns服務器中添加記錄
rndc reload
6.4 nginx + php-fpm_02 的配置
ip: 192.168.43.43.49/24
gateway: 192.168.43.139
配置同 192.168.43.39 一樣,不過多重複
7. 測試後端的網站能否訪問
- 測試靜態頁面
[192.168.43.39]#
echo 192.168.43.39 nginx01 > /usr/share/nginx/html/index.html
[192.168.43.49]#
echo 192.168.43.49 nginx02 > /usr/share/nginx/html/index.html
配置虛擬主機
[192.168.43.39]#
[192.168.43.49]#
vim /etc/nginx/conf.d/discuz.xuepeng.com.conf
server {
listen 80;
server_name discuz.xuepeng.com;
location / {
root /usr/share/nginx/html;
}
}
2. 測試動態頁面
[192.168.43.39]#
vim /data/blogs/index.php
<h1>blogs.xuepeng.com on 192.168.43.39</h1>
<?php
phpinfo();
?>
[192.168.43.39]#
vim /data/blogs/index.php
<h1>blogs.xuepeng.com on 192.168.43.49</h1>
<?php
phpinfo();
?>
指定windows中的hosts文件
192.168.43.100 blogs.xuepeng.com
8. keepalived + lvs 實現 proxysql的高可用
8.1 配置 keepalived + lvs
在 192.168.43.19:/etc/keepalived/keepalived.conf 文件中追加以下代碼
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 61
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
192.168.43.200/24 dev ens33 label ens33:1
}
}
virtual_server 192.168.43.200 6033 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.43.59 6033 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 6033
}
}
real_server 192.168.43.69 6033 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 6033
}
}
}
重啓,查看ipvsadm規則
killall keepalived
ps aux|grep keepalived
systemctl start keepalived
ps aux|grep keepalived
ipvsadm -Ln
在 192.168.43.29:/etc/keepalived/keepalived.conf 文件中追加以下代碼
- 複製上面的代碼,作以下修改
- state MASTER
- priority 100
查看keepalived雙主有沒有成功
關掉一臺的keepalived服務,查看
8.2 配置 proxysql_01
ip:192.168.43.59/24
gateway: 192.168.43.139
vip: 192.168.43.200
配置vip
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.43.200
NETMASK=255.255.255.255
NETWORK=192.168.43.0
BROADCAST=192.168.43.255
ONBOOT=yes
NAME=lo:0
設置arp讓vip保持沉默
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
sysctl -p
準備包
proxysql-1.4.16-1-centos7.x86_64.rpm
安裝
yum install *.rpm mariadb -y
啓動服務,進入管理接口,向ProxySQL中添加MySQL節點
service proxysql start
chkconfig proxysql on
mysql -uadmin -padmin -P6032 -h127.0.0.1
insert into mysql_servers(hostgroup_id,hostname,port) values(20,'192.168.43.99',3306);
insert into mysql_servers(hostgroup_id,hostname,port) values(10,'192.168.43.119',3306);
insert into mysql_servers(hostgroup_id,hostname,port) values(20,'192.168.43.109',3306);
load mysql servers to runtime;
save mysql servers to disk;
ProxySQL上配置監控用戶
set mysql-monitor_username='monitor';
set mysql-monitor_password='monitor';
load mysql variables to runtime;
save mysql variables to disk;
分組信息
insert into mysql_replication_hostgroups values(10,20,"test");
load mysql servers to runtime;
save mysql servers to disk;
查看分組信息
配置發送SQL語句的用戶
insert into mysql_users(username,password,default_hostgroup)values('sqluser','sql',10);
load mysql users to runtime;
save mysql users to disk;
創建路由規則
insert into mysql_query_rules (rule_id,active,match_digest,destination_hostgroup,apply)values(1,1,'^SELECT.*FOR UPDATE$',10,1),(2,1,'^SELECT',20,1);
load mysql query rules to runtime;
save mysql query rules to disk;
授權一個數據庫用戶用於網站數據寫入數據庫時用
insert into mysql_users(username,password,default_hostgroup) values('discuz','discuz',10);
load mysql users to runtime;
save mysql users to disk;
8.3 配置 proxysql_02
配置同 proxysql_01 ,不作重複
9. 配置 NFS服務器
安裝配置nfs
yum install -y nfs-utils
mkdir /data/discuz
vim /etc/exports
/data/discuz 192.168.43.0/24(rw,all_squash,anonuid=998,anongid=996)
exportfs -arv
systemctl enable --now nfs-server
創建用戶和組
groupadd -g 996 nginx
useradd -r -u 998 -g 996 -s /sbin/nologin nginx
準備軟件包 Discuz_X3.3_SC_UTF8.zip
解壓授權
unzip Discuz_X3.3_SC_UTF8.zip
mv upload/* /data/discuz/
chown -R nginx.nginx /data/discuz/
10. 部署 discuz
[192.168.43.39]#
[192.168.43.49]#
安裝
yum install nfs-utils -y
查看共享
掛載
mkdir /data/discuz
mount 192.168.43.79:/data/discuz /data/discuz
配置虛擬主機
vim /etc/nginx/conf.d/discuz.xuepeng.com.conf
server {
listen 80;
server_name discuz.xuepeng.com;
index index.php;
location / {
root /data/discuz;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param SCRIPT_FILENAME /data/blogs$fastcgi_script_name;
include fastcgi_params;
}
}
nginx -t
nginx -s reload
綁定hosts文件,瀏覽器訪問
C:\Windows\System32\drivers\etc\hosts
192.168.43.100 discuz.xuepeng.com
http://discuz.xuepeng.com/install/index.php
安裝 php73-php-xml ,重啓 php-fpm 解決以上問題
yum install php73-php-xml -y
systemctl restart php73-php-fpm.service
11. 配置 rsync + inotify 實現時時同步
rsync 服務器的配置
ip: 192.168.43.89/24
安裝
yum install rsync -y
配置文件
vim /etc/rsyncd.conf
uid = root
gid = root
use chroot = no
max connections = 0
ignore errors
exclude = lost+found/
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
reverse lookup = no
hosts allow = 192.168.43.0/24
[backup]
path = /backup/
comment = backup
read only = no
auth users = rsyncuser
secrets file = /etc/rsync.pass
驗證文件
echo "rsyncuser:123456" > /etc/rsync.pass
chmod 600 /etc/rsync.pass
創建備份目錄
mkdir /backup
啓動服務
systemctl start rsyncd
systemctl enable rsyncd
rsync 客戶端的配置
ip : 192.168.43.79/24
安裝
yum install rsync -y
配置密碼文件
echo "123456" > /etc/rsync.pass
chmod 600 /etc/rsync.pass
安裝監控軟件
yum --enablerepo=aliyun_epel install inotify-tools -y
監控腳本
#!/bin/bash
SRC='/data/'
DEST='[email protected]::backup'
PWDFILE=/etc/rsync.pass
inotifywait -mrq --timefmt '%Y-%m-%d %H:%M' --format '%T %w %f' -e create,delete,moved_to,close_write,attrib ${SRC} |while read DATE TIME DIR FILE;do
FILEPATH=${DIR}${FILE}
rsync -az --delete --password-file=$PWDFILE $SRC $DEST && echo "At ${TIME} on ${DATE}, file $FILEPATH was backuped up via rsync" >> /var/log/changelist.log
done
chmod +x monitor.sh
後臺執行
./monitor.sh &
12. 測試
-
用戶能夠在 client 主機上訪問到 discuz.xuepeng.com 這個網站
-
測試後端服務器的存活性
關閉後端一臺nginx服務器
在調度器上查看規則
客戶端訪問,查看日誌
- 測試 lvs的高可用性
關閉一臺 keepalived的服務