LNMP项目案例
1、环境准备
2、搭建backup服务器
# 关闭防火墙、selinux
[root@backup ~]# systemctl stop firewalld
[root@backup ~]# setenforce 0
# 安装rsync
[root@backup ~]# yum install rsync -y
# 统一用户
[root@backup ~]# useradd -u1000 www
[root@backup ~]# id www
uid=1000(www) gid=1000(www) groups=1000(www)
# 编写配置文件(前端代码仓库、数据库备份、上传文件的备份)
[root@backup ~]# vim /etc/rsyncd.conf
uid=www
gid=www
port=873
fake super=yes
use chroot=no
max connection=200
timeuot=600
ignore errors
read only=false
list=false
auth users=dandan
secrets file=/etc/rsync.passwd
log file=/var/log/rsyncd/log
###################################
[web]
comment="前端代码仓库"
path=/backup/web
[database]
comment="数据库备份"
path=/backup/database
[download]
comment="上传文件备份"
path=/backup/download
# 创建仓库
[root@backup ~]# mkdir /backup
[root@backup ~]# mkdir /backup/web
[root@backup ~]# mkdir /backup/database
[root@backup ~]# mkdir /backup/download
[root@backup ~]# tree /backup/
/backup/
├── database
├── download
└── web
# 授权
[root@backup ~]# chown www.www -R /backup/
# 创建密码文件
[root@backup ~]# echo "dandan:111" > /etc/rsync.passwd
[root@backup ~]# chmod 600 /etc/rsync.passwd
# 启动 (立即启动和设置开机自启)
[root@backup ~]# systemctl enable --now rsyncd
3、搭建NFS服务器
# 安装软件 nfs-utils rpcbind
[root@nfs ~]# yum install nfs-utils rpcbind -y
# 创建用户
[root@nfs ~]# useradd www -u1000
# 创建前端代码仓库、数据库备份、上传文件的备份
[root@nfs ~]# mkdir /nfs
[root@nfs ~]# mkdir /nfs/web
[root@nfs ~]# mkdir /nfs/database
[root@nfs ~]# mkdir /nfs/download
[root@nfs ~]# tree /nfs/
/nfs/
├── database
├── download
└── web
# 授权
[root@nfs ~]# chown www.www -R /nfs/
# 设置挂载点
[root@nfs ~]# vim /etc/exports
/nfs/web 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
/nfs/database 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
/nfs/download 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
# 启动
[root@nfs ~]# systemctl enable --now nfs-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
# 检测
[root@nfs ~]# showmount -e
Export list for nfs:
/nfs/download 172.16.1.0/20
/nfs/database 172.16.1.0/20
/nfs/web 172.16.1.0/20
[root@nfs ~]# cat /var/lib/nfs/etab #另外一种检测的命令
4、搭建数据库(mariadb)
# 安装软件
[root@db01 ~]# yum install mariadb* -y
# 启动
[root@db01 ~]# systemctl enable --now mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
# 创建密码并登陆数据库
[root@db01 ~]# mysqladmin -uroot password '123'
[root@db01 ~]# mysql -uroot -p123
# 创建用户给予web以及其它网站使用(授权)
MariaDB [mysql]> grant all privileges on *.* to dandan@'%' identified by 'dandan';
Query OK, 0 rows affected (0.01 sec)
#重载数据库
MariaDB [mysql]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
#备份数据库
[root@db01 ~]# mysqldump -uroot -p111 --all-databases --single-transaction > mysql-all.sql
[root@db01 ~]# cat mysql-all.sql
# 编写每天备份脚本
[root@db01 ~]# vim mysql_dump.sh
#!/bin/bash
DATE=`date +%F`
BACKUP="/databases"
cd $BACKUP
mysqldump -uroot -p123 --all-databases --single-transaction > mysql-all-${DATE}.sql
tar -czf mysql-all-${DATE}.tar.gz mysql-all-${DATE}.sql
rm -rf mysql-all-${DATE}.sql
[root@db01 ~]# chmod 600 mysql_dump.sh #授权
[root@db01 ~]# mkdir /databases #创建目录
[root@db01 ~]# useradd www -u1000
[root@db01 ~]# chown www.www /databases/
[root@db01 ~]# mount -t nfs 172.16.1.31:/nfs/database /databases/ #挂载
# 脚本加入定时任务
[root@db01 ~]# crontab -e
01 00 * * * /databases/mysql_dump.sh
5、搭建web服务器(点击xshell中的工具—>发送键输入到所有会话,web01-03)
# 安装官方源
[root@web01 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@web01 ~]# yum clean all
[root@web01 ~]# yum makecache
# 安装nginx
[root@web01 ~]# yum install -y nginx
# 启动
[root@web01 ~]# systemctl enable --now nginx
6、安装PHP
# 安装PHP #最好用安装包安装
[root@web01 ~]# vim /etc/yum.repos.d/php.repo
[php-webtatic]
name = PHP Repository
baseurl = http://us-east.repo.webtatic.com/yum/el7/x86_64/
gpgcheck = 0
[root@web01 ~]# yum clean all
[root@web01 ~]# yum makecache
[root@web01 ~]# yum remove php-mysql-5.4 php php-fpm php-common
[root@web01 ~]# yum -y install php71w php71w-cli php71w-common php71w-devel
php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71wxml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71wpecl-redis php71w-pecl-mongodb
# 修改配置文件
[root@web01 ~]# vim /etc/php-fpm.d/www.conf
user = www
group = www
# 启动php
[root@web01 ~]# systemctl enable --now php-fpm.service
7、将web01-web03加入集群
[root@web02 ~]# mkdir /www
[root@web02 ~]# chown -R www.www /www/
[root@web02 ~]# mount -t nfs 172.16.1.31:/nfs/web /www
[root@web02 ~]# mount -t nfs 172.16.1.31:/nfs/conf /etc/nginx/conf.d/
[root@web02 ~]# systemctl restart nginx
8、搭建wordpress,搭建WeCenter
# 共享代码、共享数据、共享nginx配置
# 在nfs服务器上创建/nfs/conf目录
[root@nfs ~]# mkdir /nfs/conf
# 授权/nfs/conf
[root@nfs ~]# chown www.www /nfs/conf
# 加入nfs配置文件
[root@nfs ~]# vim /etc/exports
/nfs/conf 172.16.1.0/20(rw,sync,all_squash,anonuid=1000,anongid=1000)
# 重启nfs
[root@nfs ~]# systemctl restart nfs-server rpcbind
# 创建站点目录,授权,挂载,上传,解压
[root@web01 ~]# mkdir /www
[root@web01 ~]# chown www.www -R /www
[root@web01 ~]# mount -t nfs 172.16.1.31:/nfs/web /www
[root@web01 ~]# mount -t nfs 172.16.1.31:/nfs/conf /etc/nginx/conf.d
[root@web01 ~]# cd /www
[root@web01 www]# rz -E
rz waiting to receive
[root@web01 www]# unzip zhihu.zip
# 增加wordpress配置
[root@web01 ~]# vim /etc/nginx/conf.d/wordpress.conf
server {
listen 80;
server_name linux.wps.cluster.local.com;
root /www/wordpress;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@web01 ~]# vim /etc/nginx/conf.d/wecenter.conf
server {
listen 80;
server_name linux.wecenter.cluster.local.com;
root /www/zhihu;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# 重启
[root@web01 ~]# systemctl restart nginx
# 创建wordpress数据库
MariaDB [(none)]> create database wordpress;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database wecenter;
9. 添加nginx访问认证模块
[root@web01 ~]# htpasswd -c /etc/nginx/conf.d/auth_basic linux #创建用户并存密码
[root@web01 ~]# vim /etc/nginx/conf.d/wordpress.conf #配置访问登录
server {
listen 80;
server_name linux.wps.cluster.local.com;
root /www/wordpress;
client_max_body_size 10m;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location =/wp-admin {
auth_basic "please input password!";
auth_basic_user_file /etc/nginx/conf.d/auth_basic;
index index.php;
}
}
10.数据备份与同步
#上传实时备份软件sersync
[root@nfs ~]# cd /nfs/download
[root@nfs download]# rz -E
rz waiting to receive.
[root@nfs download]# tar -xf sersync.gz
[root@nfs download]# cd GNU-Linux-x86/
[root@nfs GNU-Linux-x86]# vim confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/nfs/download">
<remote ip="172.16.1.41" name="download"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="dandan" passwordfile="/etc/rsync.passwd"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
[root@nfs GNU-Linux-x86]# echo "111"> /etc/rsync.passwd
[root@nfs GNU-Linux-x86]# ./sersync2 -dro confxml.xml
[root@nfs ~]# cd /nfs/database
[root@nfs download]# rz -E
rz waiting to receive.
[root@nfs download]# tar -xf sersync.gz
[root@nfs download]# cd GNU-Linux-x86/
[root@nfs GNU-Linux-x86]# vim confxml.xml
cat confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/nfs/database">
<remote ip="172.16.1.41" name="database"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="ytt" passwordfile="/etc/rsync.passwd"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
[root@nfs GNU-Linux-x86]# ./sersync2 -dro confxml.xml #开启resync[]