使用lvs+keepalived架构架构实现后端web服务器(该web服务器要求搭建wordpress博客站)的负载均衡
最终客户端访问域名 我的名字.wordpress.cn 能够访问搭建的博客站 ,达到负载均衡的目的
IP | 主机名 | 角色 |
192.168.26.101 | rs1 | 后端真实服务器/nginx |
192.168.26.102 | rs2 | 后端真实服务器/nginx |
192.168.26.103 | master | keepalived服务器master |
192.168.26.104 | backup | keepalived服务器backup |
192.168.26.105 | nfs | Nfs服务器 |
192.168.26.201 | web | 数据库服务器 |
192.168.26.12 | cesi | 客户端 |
一.基础环境搭建
1.1master配置
1.1.1安装配置keepalived
[root@master ~]# yum -y install keepalived
[root@master ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs { router_id master } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.26.222/24 dev ens33 label ens33:1 } } virtual_server 192.168.26.222 80 { delay_loop 6 lb_algo wrr lb_kind DR # persistence_timeout 50 protocol TCP real_server 192.168.26.101 80 { weight 1 HTTP_GET { url { path / status_code 200 } } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } real_server 192.168.26.102 80 { weight 1 HTTP_GET { url { path / status_code 200 } } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } }
1.1.2查看下ipvsadm -ln是否帮你自动添加了lvs集群规则
[root@master ~]# systemctl restart keepalived.service #生效 [root@master ~]# yum -y install ipvsadm
[root@master ~]# ipvsadm -ln #查看当前ipvs模块中记录的连接
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.26.222:80 wrr
-> 192.168.26.101:80 Route 1 0 0
-> 192.168.26.102:80 Route 1 0 0
1.2Backup配置
[root@backup ~]# yum -y install keepalived
[root@backup ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id backup
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.26.222/24 dev ens33 label ens33:1
}
}
virtual_server 192.168.26.222 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 192.168.26.101 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
real_server 192.168.26.102 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
[root@backup ~]# systemctl restart keepalived.service
[root@master ~]# systemctl restart keepalived.service
[root@master ~]# yum -y install ipvsadm
[root@backup ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.26.222:80 wrr
-> 192.168.26.101:80 Route 1 0 0
-> 192.168.26.102:80 Route 1 0 0
1.3Rs1 安装nginx 添加虚拟IP arp抑制
#关闭防火墙和slinux
[root@rs1 ~]# systemctl stop firewalld.service
[root@rs1 ~]# setenforce 0
[root@rs1 ~]# yum -y install nginx
[root@rs1 ~]# echo "rs1" > /usr/share/nginx/html/index.html [root@rs1 ~]# systemctl enable --now nginx Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service. [root@rs1 ~]# curl 127.0.0.1 rs1 [root@rs1 ~]# ip addr add 192.168.26.222/32 dev ens33 label ens33:1 [root@rs1 ~]# vim /etc/sysctl.conf #在末尾插入 [root@rs1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2
1.4RS2同上
[root@rs2 ~]# systemctl stop firewalld.service [root@rs2 ~]# setenforce 0 [root@rs2 ~]# yum -y install nginx
[root@rs2 ~]# echo "rs2" > /usr/share/nginx/html/index.html
[root@rs2 ~]# systemctl enable --now nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@rs2 ~]# ip addr add 192.168.26.222/32 dev lo label lo:1
[root@rs2 ~]# curl 127.0.0.1
rs2
[root@rs2 ~]# vim /etc/sysctl.conf
[root@rs2 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
1.5测试
二.实现后端服务器上运行wordpress博客站点
2.1Rs1 rs2继续配置 都配置PHP环境(编译安装)
[root@rs1 ~]# yum -y remove php-fpm php-mysqlnd php-json #(删除自带yum安装的)
Loaded plugins: fastestmirror
No Match for argument: php-fpm
No Match for argument: php-mysqlnd
No Match for argument: php-json
No Packages marked for removal
[root@rs1 ~]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
[root@rs1 ~]# cd /usr/local/src
[root@rs1 src]# wget https://www.php.net/distributions/php-7.4.11.tar.xz --2023-03-23 15:56:56-- https://www.php.net/distributions/php-7.4.11.tar.xz Resolving www.php.net (www.php.net)... 185.85.0.29, 2a02:cb40:200::1ad Connecting to www.php.net (www.php.net)|185.85.0.29|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 10302076 (9.8M) [application/octet-stream] Saving to: ‘php-7.4.11.tar.xz’ 100%[============================================================================================>] 10,302,076 2.26MB/s in 4.6s 2023-03-23 15:57:02 (2.16 MB/s) - ‘php-7.4.11.tar.xz’ saved [10302076/10302076] [root@rs1 src]# tar xf php-7.4.11.tar.xz [root@rs1 src]# cd php-7.4.11/
#编译安装
[root@rs1 php-7.4.11]# ./configure --prefix=/usr/local/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
+--------------------------------------------------------------------+
| License: |
| This software is subject to the PHP License, available in this |
| distribution in the file LICENSE. By continuing this installation |
| process, you are bound by the terms of this license agreement. |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point. |
+--------------------------------------------------------------------+
Thank you for using PHP.
[root@rs1 php-7.4.11]# make -j 8 && make install
[root@rs1 php-7.4.11]# cp /usr/local/src/php-7.4.11/php.ini-production /etc/php.ini
[root@rs1 php-7.4.11]# cd /usr/local/php74/etc/
[root@rs1 etc]# cp php-fpm.conf.default php-fpm.conf
[root@rs1 etc]# pwd
/usr/local/php74/etc
[root@rs1 etc]# cd php-fpm.d/
[root@rs1 php-fpm.d]# cp www.conf.default www.conf
[root@rs1 php-fpm.d]# vim www.conf
user = nginx
group = nginx
打开
listen.allowed_clients = 127.0.0.1
pm.status_path = /status
[root@rs1 php-fpm.d]# /usr/local/php74/sbin/php-fpm -t
[23-Mar-2023 16:07:09] NOTICE: configuration file /usr/local/php74/etc/php-fpm.conf test is successful
[root@rs1 php-fpm.d]# /usr/local/php74/sbin/php-fpm
[root@rs1 php-fpm.d]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@rs1 php-fpm.d]# vim /etc/nginx/nginx.conf
域名登录
index index.php;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
插入 location ~ .php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
[root@rs1 php-fpm.d]# systemctl restart nginx.service
2.2部署 WordPress
[root@rs1 ~]# wget https://cn.wordpress.org/wordpress-6.0.1-zh_CN.tar.gz --2023-03-23 16:23:27-- https://cn.wordpress.org/wordpress-6.0.1-zh_CN.tar.gz Resolving cn.wordpress.org (cn.wordpress.org)... 198.143.164.252 Connecting to cn.wordpress.org (cn.wordpress.org)|198.143.164.252|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 21933976 (21M) [application/octet-stream] Saving to: ‘wordpress-6.0.1-zh_CN.tar.gz’ 100%[============================================================================================>] 21,933,976 4.26MB/s in 6.8s 2023-03-23 16:23:35 (3.09 MB/s) - ‘wordpress-6.0.1-zh_CN.tar.gz’ saved [21933976/21933976] [root@rs1 ~]# tar xf wordpress-6.0.1-zh_CN.tar.gz [root@rs1 ~]# cp -r wordpress/* /usr/share/nginx/html/ [root@rs1 ~]# cd /usr/share/nginx/html/ [root@rs1 html]# cp wp-config-sample.php wp-config.php [root@rs1 html]# vim wp-config.php
[root@rs1 html]# chown -R nginx.nginx . #修改权限所属
2.3rocky安装数据库
[root@web ~]# systemctl stop firewalld.service [root@web ~]# setenforce 0 [root@web ~]# curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup [root@web ~]# bash mariadb_repo_setup --mariadb-server-version=10.6 # [info] Checking for script prerequisites. # [info] MariaDB Server version 10.6 is valid # [info] Repository file successfully written to /etc/yum.repos.d/mariadb.repo # [info] Adding trusted package signing keys... /etc/pki/rpm-gpg ~ ~ # [info] Successfully added trusted package signing keys # [info] Cleaning package cache... 25 文件已删除 [root@web ~]# dnf -y install mariadb-server
[root@web ~]# systemctl enable --now mariadb
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
[root@web ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 6
Server version: 10.6.12-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> create database wordpress;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> create user wordpress@'192.168.26.%' identified by '123456';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> grant all on wordpress.* to wordpress@'192.168.26.%';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> quit
百度访问RS1IP 192.168.26.101
2.4RS2配置
[root@rs2 ~]# yum -y remove php-fpm php-mysqlnd php-json
Loaded plugins: fastestmirror
No Match for argument: php-fpm
No Match for argument: php-mysqlnd
No Match for argument: php-json
No Packages marked for removal
[root@rs2 ~]# yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
[root@rs2 src]# wget https://www.php.net/distributions/php-7.4.11.tar.xz --2023-03-23 15:56:56-- https://www.php.net/distributions/php-7.4.11.tar.xz Resolving www.php.net (www.php.net)... 185.85.0.29, 2a02:cb40:200::1ad Connecting to www.php.net (www.php.net)|185.85.0.29|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 10302076 (9.8M) [application/octet-stream] Saving to: ‘php-7.4.11.tar.xz’ 100%[============================================================================================>] 10,302,076 2.26MB/s in 4.6s 2023-03-23 15:57:02 (2.16 MB/s) - ‘php-7.4.11.tar.xz’ saved [10302076/10302076] [root@rs2 src]# tar xf php-7.4.11.tar.xz [root@rs2 src]# cd php-7.4.11/
[root@rs2 php-7.4.11]# ./configure --prefix=/usr/local/php74 --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
+--------------------------------------------------------------------+
| License: |
| This software is subject to the PHP License, available in this |
| distribution in the file LICENSE. By continuing this installation |
| process, you are bound by the terms of this license agreement. |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point. |
+--------------------------------------------------------------------+
Thank you for using PHP.
[root@rs1 php-7.4.11]# make -j 8 && make install
[root@rs1 ~]# scp /usr/local/php74/etc/php-fpm.conf root@192.168.26.102:/usr/local/php74/etc/
root@192.168.26.102's password:
php-fpm.conf 100% 5387 3.5MB/s 00:00
[root@rs1 ~]# scp /usr/local/php74/etc/php-fpm.d/www.conf root@192.168.26.102:/usr/local/php74/etc/php-fpm.d/
root@192.168.26.102's password:
www.conf 100% 19KB 11.1MB/s 00:00
[root@rs2 php-7.4.11]# ls /usr/local/php74/etc/ php-fpm.conf php-fpm.conf.default php-fpm.d [root@rs2 php-7.4.11]# ls /usr/local/php74/etc/php-fpm.d/ www.conf www.conf.default [root@rs2 php-7.4.11]# vim /etc/nginx/nginx.conf
index index.php;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
插入 location ~ .php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
[root@rs2 php-7.4.11]# systemctl restart nginx.service [root@rs2 php-7.4.11]#
2.5NFS服务器
[root@nfs ~]# yum -y install nfs-utils
[root@nfs ~]# mkdir /code [root@nfs ~]# vim /etc/exports
/code * (rw)
[root@nfs ~]# chmod 777 /code/ [root@nfs ~]# systemctl start nfs-server.service
客户端rs1rs2 挂载
yum -y install nfs-utils
systemctl restart nfs-server
yum -y install rpcbind
systemctl enable –now nfs-server rpcbind
showmount -e 192.168.26.105 测试
Export list for 192.168.26.105:
/code * #以上rs1,2都执行
[root@rs1 ~]# tar zcf xkf.tar.gz /usr/share/nginx/html/
tar: Removing leading `/’ from member names
[root@rs1 ~]# ls
anaconda-ks.cfg wordpress wordpress-6.0.1-zh_CN.tar.gz xkf.tar.gz
[root@rs1 ~]# scp xkf.tar.gz root@192.168.26.105:/root
[root@nfs ~]# tar xf xkf.tar.gz [root@nfs ~]# cd usr/share/nginx/html/ [root@nfs html]# cd .. [root@nfs nginx]# mv html/* /code [root@nfs nginx]# ls /code/ 404.html img nginx-logo.png wp-admin wp-config-sample.php wp-links-opml.php wp-settings.php 50x.html index.html poweredby.png wp-blog-header.php wp-content wp-load.php wp-signup.php en-US index.php readme.html wp-comments-post.php wp-cron.php wp-login.php wp-trackback.php icons license.txt wp-activate.php wp-config.php wp-includes wp-mail.php xmlrpc.php
[root@rs1 ~]# mount -t nfs 192.168.26.105:/code /usr/share/nginx/html/
[root@rs1 ~]# df -Th
192.168.26.105:/code nfs4 40G 1.7G 39G 5% /usr/share/nginx/html
[root@rs2 php-7.4.11]# showmount -e 192.168.26.105
Export list for 192.168.26.105:
/code *
[root@rs2 php-7.4.11]# mount -t nfs 192.168.26.105:/code /usr/share/nginx/html/
[root@rs2 php-7.4.11]# df -Th
192.168.26.105:/code nfs4 40G 1.7G 39G 5% /usr/share/nginx/htm