1.说明
mysql高可用+lnp集群+负载均衡高可用
2.1环境准备:
两台虚拟机 master slave
master:3306
slave:3307 3308
2.2 删除历史环境:
pkill mysqld
rm -rf /data/330*
mv /etc/my.cnf /etc/my.cnf.bak
2.3master部署
[ ! -d /software/ ] && mkdir /software
rpm -qa | grep mariadb
yum remove mariadb-libs -y
useradd mysql -s /sbin/nologin
mkdir -p /usr/local/mysql
mkdir -p /data/mysqldata
mkdir -p /var/log/mysql
echo " PATH=$PATH:/usr/local/mysql/bin
export PATH" >> /etc/profile
source /etc/profile
cat > /etc/my.cnf <<EOF
[mysqld]
user=mysql #指定用户
basedir=/usr/local/mysql
datadir=/data/mysqldata
server_id=1
log-error=/var/log/mysql/error.log
pid-file=/data/mysqldata/mysql.pid
port=3306
log_bin=/data/mysqldata/mysql-bin
binlog_format=row
socket=/tmp/mysql.sock
gtid-mode=on
enforce-gtid-consistency=true
log-slave-updates=1
EOF
cd /software
wget http://192.168.210.5/package/gz/mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
tar -xf mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
mv /software/mysql-5.7.30-linux-glibc2.12-x86_64/* /usr/local/mysql
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chown mysql:mysql -R /var/log/mysql
mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysqldata
/etc/init.d/mysqld restart
mysql -e "alter user root@'localhost' identified by '123456';"
2.4slave部署
[mysqld]
basedir=/usr/local/mysql
datadir=/data/3307/mysqldata
socket=/data/3307/mysql.sock
port=3307
log-error=/data/3307/mysql.log
log_bin=/data/3307/mysql-bin
binlog_format=row
skip-name-resolve
server-id=37
gtid-mode=on
enforce-gtid-consistency=true
log-slave-updates=1
EOF
cat >/data/3308/my.cnf<<EOF
[mysqld]
basedir=/usr/local/mysql
datadir=/data/3308/mysqldata
port=3308
socket=/data/3308/mysql.sock
log-error=/data/3308/mysql.log
log_bin=/data/3308/mysql-bin
binlog_format=row
skip-name-resolve
server-id=38
gtid-mode=on
enforce-gtid-consistency=true
log-slave-updates=1
EOF
cat >/etc/systemd/system/mysqld3307.service<<EOF
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/data/3307/my.cnf
LimitNOFILE = 5000
EOF
cat >/etc/systemd/system/mysqld3308.service<<EOF
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/data/3308/my.cnf
LimitNOFILE = 5000
EOF
chown -R mysql.mysql /data/*
systemctl start mysqld3307
systemctl start mysqld3308
2.5配置主从环境:
master:
mysql -e "grant replication slave on *.* to repl@'%' identified by '123456';"
slave:
mysql -S /data/3307/mysql.sock -e "CHANGE MASTER TO MASTER_HOST='192.168.204.22', MASTER_PORT=3306, MASTER_AUTO_POSITION=1, MASTER_USER='repl', MASTER_PASSWORD='123456';"
mysql -S /data/3308/mysql.sock -e "CHANGE MASTER TO MASTER_HOST='192.168.204.22', MASTER_PORT=3306, MASTER_AUTO_POSITION=1, MASTER_USER='repl', MASTER_PASSWORD='123456';"
2.5.1检查组从部署情况
[root@slave ~]# mysql -S /data/3308/mysql.sock -e "show slave status\G"|grep "Yes"
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
[root@slave ~]# mysql -S /data/3307/mysql.sock -e "show slave status\G"|grep "Yes"
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
[root@slave ~]#
3. MHA环境搭建
3.1 规划:
master: 22 node
slave: 23 node
mha:24 manager
3.2准备环境:
master/slave/mha:
ln -s /usr/local/mysql/bin/mysqlbinlog /usr/bin/mysqlbinlog
ln -s /usr/local/mysql/bin/mysql /usr/bin/mysql
3.3生成密钥对
/master/slave/mha
[root@master ~]#ssh-keygen -t rsa
[root@master ~]# ls ~/.ssh/
id_rsa id_rsa.pub
#弹窗回车默认就行
3.4.将公钥发给其他服务器保持互通
/master/slave/mha
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.204.22
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.204.23
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.204.24
输入密码回车
3.5.安装软件
3.5.1下载mha软件
mha官网:https://code.google.com/archive/p/mysql-master-ha/
github下载地址:https://github.com/yoshinorim/mha4mysql-manager/wiki/Downloads
3.5.2.配置阿里源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache
3.5.3安装依赖
master/slave安装Node软件依赖包
yum install perl-DBD-MySQL -y
rpm -ivh mha4mysql-node-0.54-1.el5.noarch.rpm
准备中... ################################# [100%]
正在升级/安装...
1:mha4mysql-node-0.54-1.el5 ################################# [100%]
mha/安装manager软件依赖包
yum install perl-DBD-MySQL -y
yum install -y perl-Config-Tiny epel-release perl-Log-Dispatch perl-Parallel-ForkManager perl-Time-HiRes
(执行两遍,第一遍安装epel加载而外包,第二遍安装包)
rpm -ivh mha4mysql-node-0.54-1.el5.noarch.rpm
rpm -ivh mha4mysql-manager-0.55-1.el5.noarch.rpm
3.5.4.数据库主节点中授权(从库节点会同步)
mysql -e "grant all privileges on *.* to mha@'%' identified by 'mha';"
adduser mha
3.5.5.创建相关目录和配置文件
创建配置目录:
mkdir /etc/mha
创建日志目录:
mkdir -p /usr/local/mha/manager
创建工作目录:
mkdir -p /usr/local/mha/work
创建mha配置文件:
vim /etc/mha/mha.cnf
server default]
manager_log=/usr/local/mha/manager
manager_workdir=/usr/local/mha/work
master_binlog_dir=/data/mysqldata
user=mha
password=mha
ping_interval=2
repl_password=123456
repl_user=repl
ssh_user=root
[server1]
hostname=192.168.204.22
port=3306
[server2]
hostname=192.168.204.23
port=3307
[server3]
hostname=192.168.204.23
port=3308
3.5.6.互相检查
主状态检查:
masterha_check_repl --conf=/etc/mha/mha.cnf
互信检查:
masterha_check_ssh --conf=/etc/mha/mha.cnf
3.6.启动MHA
nohup masterha_manager --conf=/etc/mha/mha.cnf --remove_dead_master_conf --ignore_last_failover < /dev/null >/var/log/mha/app1/manager.log 2>&1 &
3.7查看MHA状态
masterha_check_status --conf=/etc/mha/app1.cnf
4. Atlas读写分离
4.1.安装atlas
rpm -ivh Atlas-2.2.1.el6.x86_64.rpm
4.1.2.配置文件
[root@mha_atlas bin]# cat /usr/local/mysql-proxy/conf/test.cnf
[mysql-proxy]
#带#号的为非必需的配置项目
#管理接口的用户名
admin-username = user
#管理接口的密码
admin-password = pwd
#Atlas后端连接的MySQL主库的IP和端口,可设置多项,用逗号分隔
proxy-backend-addresses = 192.168.204.22:3306
#Atlas后端连接的MySQL从库的IP和端口,@后面的数字代表权重,用来作负载均衡,若省略则默认为1,可设置多项,用逗号分隔
proxy-read-only-backend-addresses = 192.168.204.22:3306,192.168.204.23:3307,192.168.204.23:3308
#用户名与其对应的加密过的MySQL密码,密码使用PREFIX/bin目录下的加密程序encrypt加密,下行的user1和user2为示例,将其替换为你的MySQL的用户名和加密密码!
pwds = repl:/iZxz+0GRoA=, mha:O2jBXONX098=
#设置Atlas的运行方式,设为true时为守护进程方式,设为false时为前台方式,一般开发调试时设为false,线上运行时设为true,true后面不能有空格。
daemon = true
#设置Atlas的运行方式,设为true时Atlas会启动两个进程,一个为monitor,一个为worker,monitor在worker意外退出后会自动将其重启,设为false时只有worker,没有monitor,一般开发调试时设为false,线上运行时设为true,true后面不能有空格。
keepalive = true
#工作线程数,对Atlas的性能有很大影响,可根据情况适当设置
event-threads = 8
#日志级别,分为message、warning、critical、error、debug五个级别
log-level = message
#日志存放的路径
log-path = /usr/local/mysql-proxy/log
#SQL日志的开关,可设置为OFF、ON、REALTIME,OFF代表不记录SQL日志,ON代表记录SQL日志,REALTIME代表记录SQL日志且实时写入磁盘,默认为OFF
sql-log = ON
#慢日志输出设置。当设置了该参数时,则日志只输出执行时间超过sql-log-slow(单位:ms)的日志记录。不设置该参数则输出全部日志。
#sql-log-slow = 10
#实例名称,用于同一台机器上多个Atlas实例间的区分
#instance = test
#Atlas监听的工作接口IP和端口
proxy-address = 0.0.0.0:1234
#Atlas监听的管理接口IP和端口
admin-address = 0.0.0.0:2345
#分表设置,此例中person为库名,mt为表名,id为分表字段,3为子表数量,可设置多项,以逗号分隔,若不分表则不需要设置该项
#tables = person.mt.id.3
#默认字符集,设置该项后客户端不再需要执行SET NAMES语句
acharset = utf8
#允许连接Atlas的客户端的IP,可以是精确IP,也可以是IP段,以逗号分隔,若不设置该项则允许所有IP连接,否则只允许列表中的IP连接
#client-ips = 127.0.0.1, 192.168.1
#Atlas前面挂接的LVS的物理网卡的IP(注意不是虚IP),若有LVS且设置了client-ips则此项必须设置,否则可以不设置
#lvs-ips = 192.168.1.1
注意: 密码需要生成pwds = repl:/iZxz+0GRoA=, mha:O2jBXONX098=
4.2,启动atlas
/usr/local/mysql-proxy/bin/mysql-proxyd test start
4.3.测试读写分离
mysql -umha -pmha -h 192.168.204.24 -P 1234
mysql> select @@server_id;
+-------------+
| @@server_id |
+-------------+
| 37 |
+-------------+
1 row in set (0.00 sec)
mysql> select @@server_id;
+-------------+
| @@server_id |
+-------------+
| 38 |
+-------------+
1 row in set (0.00 sec)
mysql> begin;select @@server_id;commit;
Query OK, 0 rows affected (0.00 sec)
+-------------+
| @@server_id |
+-------------+
| 1 |
+-------------+
1 row in set (0.00 sec)
Query OK, 0 rows affected (0.00 sec)
mysql> begin;select @@server_id;commit;
Query OK, 0 rows affected (0.00 sec)
读写分离完成//后端数据库已经完成
5. 搭建后端LNPT
5.1 安装nginx
/lnp_1/lnp_2
[root@lnp_1 data]# cat nginx_install.sh
#!/bin/bash
cd /data/
yum clean all
yum repolist
wget http://192.168.210.5/package/gz/nginx-1.18.0.tar.gz
tar -xf nginx-1.18.0.tar.gz
cd /data/nginx-1.18.0
groupadd -r www
useradd -r -gwww -s /bin/false -M www
yum install -y gcc gcc-c++ automake openssl openssl-devel curl curl-devel bzip2 bzip-devel make pcre-devel
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_v2_module --with-http_ssl_module --with-ipv6 --with-http_gzip_static_module --with-http_realip_module --with-http_flv_module --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/usr/local/nginx/conf/nginx.conf --user=www --group=www
make && make install
if [ $?==0 ]
then
`nginx`
fi
cat > /usr/local/nginx/conf/nginx.conf <<EOF
user www;
worker_processes auto;
error_log logs/error.log warn;
pid logs/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
access_log logs/access.log main;
charset utf-8;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
}
EOF
5.2 安装php
#!/bin/bash
#安装java_JDK
rpm -ivh jdk-8u151-linux-x64.rpm
echo "export JAVA_HOME=/usr/java/jdk1.8.0_151" >> /etc/profile
echo "export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar" >> /etc/profile
echo "export PATH=$JAVA_HOME/bin:$PATH" >> /etc/profile
source /etc/profile
yum install -y autoconf gcc libxml2-devel openssl-devel curl-devel libjpeg-devel libpng-devel libXpm-devel
freetype-devel libmcrypt-devel make ImageMagick-devel libssh2-devel gcc-c++ cyrus-sasl-devel freetype-devel
yum install -y epel-release
yum install -y libmcrypt-devel
mkdir -p /home/wwwlogs/
chown www:www -R /home/wwwlogs/
tar -xvf php-7.0.27.tar.gz -C /data/
cd /data/php-7.0.27
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-config-file-scan-dir=/usr/local/php/etc/php.d \
--disable-ipv6 \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-fpm \
--with-fpm-user=www \
--with-fpm-group=www \
--enable-ftp \
--enable-gd-jis-conv \
--enable-gd-native-ttf \
--enable-inline-optimization \
--enable-mbregex \
--enable-mbstring \
--enable-mysqlnd \
--enable-opcache \
--enable-pcntl \
--enable-shmop \
--enable-soap \
--enable-sockets \
--enable-static \
--enable-sysvsem \
--enable-wddx \
--enable-xml \
--with-curl \
--with-gd \
--with-jpeg-dir \
--with-freetype-dir \
--with-xpm-dir \
--with-png-dir \
--with-gettext \
--with-iconv \
--with-libxml-dir \
--with-mcrypt \
--with-mhash \
--with-mysqli \
--with-pdo-mysql \
--with-pear \
--with-openssl \
--with-xmlrpc \
--with-zlib \
--disable-debug \
--disable-phpdbg
make && make install
#提示安装完成还能不启动需要下载一下两个文件
cd /usr/local/php/etc
wget http://192.168.210.5/config/php-fpm.conf
wget http://192.168.210.5/config/php.ini
#需要把php.ini里面后面10行的模块先注释掉,因为这些模块还没有加载
sed -i "1921,1931s/^/#/" /usr/local/php/etc/php.ini
cd /data/php-7.0.27/sapi/fpm
cp init.d.php-fpm /etc/init.d/php-fpm
chmod a+x /etc/init.d/php-fpm
/etc/init.d/php-fpm start
5.3安装tomcat
#解压
tar -xvf apache-tomcat-8.5.59.tar.gz
#移动到/usr/local/下并更名为tomcat
mv /data/apache-tomcat-8.5.59/ /usr/local/tomcat
#添加环境变量
echo "export JAVA_HOME=/usr/java/jdk1.8.0_151" >> /etc/profile
echo "export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar" >> /etc/profile
echo "export PATH=$JAVA_HOME/bin:$PATH" >> /etc/profile
echo "export TOMCAT_HOME=/usr/local/tomcat" >> /etc/profile
source /etc/profile
#检查java环境,因为之前装php脚本已经配好了,如果php安装成功意味着java环境没问题,正常情况下我们是要检查一下的。
java -version
#启动tomcat
/usr/local/tomcat/bin/startup.sh
#关闭tomcat
/usr/local/tomcat/bin/shutdown.sh
5.4检查服务启动情况
lnpt_1
[root@lnp_1 data]# ps axu | grep "php\|nginx\|tomcat"
root 9158 0.0 0.0 46024 1180 ? Ss 4月02 0:00 nginx: master process nginx
www 9159 0.0 0.1 48508 2524 ? S 4月02 0:01 nginx: worker process
www 9160 0.0 0.1 48508 2524 ? S 4月02 0:00 nginx: worker process
root 13166 0.0 0.3 229016 6316 ? Ss 4月02 0:09 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
www 13167 0.0 0.5 234292 11552 ? S 4月02 0:00 php-fpm: pool www
www 13168 0.0 0.5 234292 11552 ? S 4月02 0:00 php-fpm: pool www
www 13169 0.0 0.5 234292 11552 ? S 4月02 0:00 php-fpm: pool www
www 13170 0.0 0.5 234292 11560 ? S 4月02 0:00 php-fpm: pool www
www 13171 0.0 0.5 234292 11552 ? S 4月02 0:00 php-fpm: pool www
www 13172 0.0 0.5 234288 11548 ? S 4月02 0:00 php-fpm: pool www
www 13173 0.0 0.5 234292 11560 ? S 4月02 0:00 php-fpm: pool www
www 13174 0.0 0.5 234292 11568 ? S 4月02 0:00 php-fpm: pool www
www 13175 0.0 0.5 234288 11556 ? S 4月02 0:00 php-fpm: pool www
www 13176 0.0 0.5 234292 11560 ? S 4月02 0:00 php-fpm: pool www
www 13177 0.0 0.5 234292 11564 ? S 4月02 0:00 php-fpm: pool www
www 13178 0.0 0.5 234292 11552 ? S 4月02 0:00 php-fpm: pool www
www 13179 0.0 0.5 234292 11568 ? S 4月02 0:00 php-fpm: pool www
www 13180 0.0 0.5 234288 11556 ? S 4月02 0:00 php-fpm: pool www
www 13181 0.0 0.5 234288 11552 ? S 4月02 0:00 php-fpm: pool www
www 13182 0.0 0.5 234288 11552 ? S 4月02 0:00 php-fpm: pool www
www 13183 0.0 0.5 234288 11552 ? S 4月02 0:00 php-fpm: pool www
www 13184 0.0 0.5 234288 11556 ? S 4月02 0:00 php-fpm: pool www
www 13186 0.0 0.5 234288 11552 ? S 4月02 0:00 php-fpm: pool www
www 13187 0.0 0.5 234288 11552 ? S 4月02 0:00 php-fpm: pool www
root 122280 41.1 4.5 3028860 92696 pts/0 Sl 01:03 0:07 /usr/java/jdk1.8.0_151/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat -Dcatalina.home=/usr/local/tomcat -Djava.io.tmpdir=/usr/local/tomcat/temp org.apache.catalina.startup.Bootstrap start
root 122328 0.0 0.0 112680 980 pts/0 S+ 01:03 0:00 grep --color=auto php\|nginx\|tomcat
lnpt_2
[root@lnp_2 local]# ps axu | grep "php\|nginx\|tomcat"
root 8199 0.4 6.0 3031520 123236 pts/0 Sl 00:05 0:14 /usr/java/jdk1.8.0_151/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat -Dcatalina.home=/usr/local/tomcat -Djava.io.tmpdir=/usr/local/tomcat/temp org.apache.catalina.startup.Bootstrap start
root 10580 0.0 0.0 46024 1180 ? Ss 00:46 0:00 nginx: master process nginx
www 10581 0.0 0.0 48508 2024 ? S 00:46 0:00 nginx: worker process
www 10582 0.0 0.1 48508 2512 ? S 00:46 0:00 nginx: worker process
root 10652 0.0 0.3 229012 6324 ? Ss 00:47 0:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
www 10653 0.0 0.3 231096 6220 ? S 00:47 0:00 php-fpm: pool www
www 10654 0.0 0.3 231096 6220 ? S 00:47 0:00 php-fpm: pool www
www 10655 0.0 0.4 231568 8616 ? S 00:47 0:00 php-fpm: pool www
www 10656 0.0 0.4 231568 8428 ? S 00:47 0:00 php-fpm: pool www
www 10657 0.0 0.3 231096 6240 ? S 00:47 0:00 php-fpm: pool www
www 10658 0.0 0.3 231096 6240 ? S 00:47 0:00 php-fpm: pool www
www 10659 0.0 0.3 231096 6240 ? S 00:47 0:00 php-fpm: pool www
www 10661 0.0 0.3 231096 6240 ? S 00:47 0:00 php-fpm: pool www
www 10662 0.0 0.3 231096 6240 ? S 00:47 0:00 php-fpm: pool www
www 10663 0.0 0.3 231092 6240 ? S 00:47 0:00 php-fpm: pool www
www 10664 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10665 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10666 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10667 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10668 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10669 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10670 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10671 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10673 0.0 0.3 231096 6232 ? S 00:47 0:00 php-fpm: pool www
www 10674 0.0 0.3 231096 6236 ? S 00:47 0:00 php-fpm: pool www
root 11793 0.0 0.0 112680 980 pts/0 S+ 01:04 0:00 grep --color=auto php\|nginx\|tomcat
6.服务启动完毕后开始下一步的配置
6.1配置nginx虚拟主机
[root@lnp_2 conf]# pwd
/usr/local/nginx/conf
[root@lnp_2 conf]# mkdir -p /usr/local/nginx/conf/xuni
[root@lnp_2 conf]# cat nginx.conf
user www;
worker_processes auto;
error_log logs/error.log warn;
pid logs/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
charset utf-8;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
include /usr/local/nginx/conf/xuni/*.conf;
}
6.2部署一个项目,什么项目都可以,这里我选择部署一个禅道
unzip ZenTaoPMS.12.3.2.zip
[root@lnp_2 ~]# cd /usr/local/nginx/conf/xuni/
[root@lnp_2 xuni]# cat can.conf
server {
listen 80;
#监听端口
server_name www.ca.com;
#自定义的域名,需要做域名解析
root /data/zentaopms/www;
#指定访问的目录,这里对应禅道项目的目录
index index.html index.php index.htm
error_page 404 500 502 503 504 /404.html;
#定制一个错误页面
location = /nginx_status{
auth_basic "nginx access test!";
##基于账号密码访问控制
auth_basic_user_file /usr/local/nginx/conf/admin;
stub_status on;
}
#php通信,必须开启,不然解析不了php
location ~ [^/]\.php(/|$) {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
index index.php;
fastcgi_index index.php;
fastcgi_param MB_APPLICATION production;
include fastcgi.conf;
}
}
6.2.1 开启php会话保存参数
session.save_path = "/tmp"
该参数在php.ini中
[root@lnp_2 etc]# pwd
/usr/local/php/etc
[root@lnp_2 etc]# ls
pear.conf php-fpm.conf php-fpm.conf.default php-fpm.d php.ini
重启nginx/php
[root@lnp_2 etc]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lnp_2 etc]# nginx -s reload
[root@lnp_2 etc]# /etc/init.d/php-fpm stop
[root@lnp_2 etc]# /etc/init.d/php-fpm start
6.2.2.看搭建情况/lnp_1/lnp_2
7.负载均衡
这里使用的是nginx来做的
负载的server安装nginx
7.1安装nginx
安装脚本同上面5.1
7.2负载均衡配置
7.2.1设置一个虚拟主机
mkdir -p /usr/local/nginx/conf/proxy
[root@localhost conf]# grep "include" nginx.conf | sed -n 2p
include /usr/local/nginx/conf/proxy/*.conf;
注意修改主配置文件修改包含虚拟主机的目录
[root@localhost proxy]# pwd
/usr/local/nginx/conf/proxy
[root@localhost proxy]# cat proxy.conf
upstream can {
#ip_hash;
server 192.168.204.14:80 weight=1 max_fails=1 fail_timeout=3s;
server 192.168.204.15:80 weight=1 max_fails=1 fail_timeout=3s;
#server 192.168.204.16:8080 backup;
}
server {
listen 80;
server_name www.cand.com;
location / {
proxy_pass http://can;
}
}
nginx -s reload
检查是否负载成功
通过访问负载的server,两台lnp的访问记录都有增加。可以证明负载均衡已经起到了作用
8.keepalive负载均衡高可用
8.1新建一台服务器做备用的负载server,配置方式同7.1
8.2在两台服务器上都安装keepalive
yum install -y keepalived
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.bak
vim keepalived.conf
主负载服务器keepalive配置
[root@proxy ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_connect_timeout 30
router_id LVS_DEVEL#设置本机路由id,做区分的
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check {
script "/data/check.sh"
interval 1
}
vrrp_instance VI_1 {
state MASTER#主从标记,仅做标识
interface ens33#虚拟路由的网卡名
virtual_router_id 51 #虚拟路由路由id,想要配置在同一个虚拟ip必须要有相同id
priority 200#优先级,优先级最高的自动为主机,主机宕机后按照优先级选择热备从机
advert_int 1#主备通讯时间间隔
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.204.50 #配置到哪个虚拟ip,主备机这个地方ip要相同
}
track_script {
check
}
}
-------------------------------------------------------------------
其中 script "/data/check.sh" 为一个解决脑裂的脚本
[root@proxy data]# cat check.sh
#!/bin/bash
if [ -f /usr/local/nginx/logs/nginx.pid ]
then
echo "it's runing"
else
systemctl stop keepalived.service
fi
[root@proxy data]#chmod u+x check.sh
备用服务器keepalive配置
[root@keepalive keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.204.50
}
}
启动
[root@proxy data]#systemctl start keepalived.service
关闭
[root@proxy data]#systemctl restart keepalived.service
重启
[root@proxy data]#systemctl stop keepalived.service