架构简介
参加马哥linux培训一周了,自己感觉每天都进步很多,现在来说说这个架构,也是架构师第一周的作业第二题。搭建一套LVS-DR模型的高性能集群,做了两天终于完成并实现了这个架构,我设计的架构图如下所示:
此架构主要是用ipvsadm来实现高性能集群,Realserver(RS1,RS2)安装配置nginx,RS服务器分别配置了一个内网,一个外网。正常情况时,客户端web请求发送到lvs服务器(vip),lvs服务器根据ipvsadm定义的规则将请求负载均衡至后端RS服务器,RS服务器的nginx对于静态资源请求就直接在本机检索并返回,对于php的动态请求,则反向代理制PHP-FPM服务器。如果有涉及到MYSQL的请求,PHP-FPM服务器会自动与mariadb服务器处理数据。NFS服务器挂载到rs1,rs2,php-fpm服务器。达到数据同步的功能。
架构要求
1:wordpress程序通过nfs共享给各个realserver
2:后端realserver中的nginx和php分离
环境说明
LVS-SERVER
-
网卡1: 192.168.31.21
-
配置ipvsadmin工具
RS1-server
-
网卡1: 192.168.31.22(外网)
-
网卡2:192.168.68.22(内网)
-
配置nginx服务,NFS服务,
RS2-server
-
网卡1: 192.168.31.23(外网)
-
网卡2:192.168.68.23(内网)
-
配置nginx,NFS
NFS-server
-
网卡1:192.168.68.24(内网)
-
配置nfs,
PHP-FPM-server
-
网卡1:192.168.68.25(内网)
-
配置php-fpm,nfs
MARIADB-server
-
网卡1:192.168.68.26(内网)
-
配置mariadb
系统都是Centos 7
VIP: 192.168.31.2
windows做本地解析 192.168.31.2 z.com
软件安装
LVS-SERVER
[root@lvs-server ~]# yum -y install ipvsadm
RS1-SERVER
[root@rs1-server ~]# yum -y install nginx nfs-utils rpcbind
RS2-SERVER
[root@rs2-server ~]# yum -y install nginx nfs-utils rpcbind
NFS-server
[root@nfs-server ~]# yum -y install nfs-utils rpcbind
PHP-fpm server
[root@phpfpm-server ~]# yum -y install php-fpm php-mysql php-gd php-mbstring php-mcrypt [root@phpfpm-server ~]# yum -y nfs-utils rpcbind
Mariadb-server
[root@mariadb-server ~]# yum -y install nfs-utils rpcbind
服务配置
NFS文件共享
[root@nfs-server ~]#groupadd www -g 501 [root@nfs-server ~]#useradd www -u 501 -g www -M -r [root@nfs-server ~]#mkdirp -pv /data/wwwroot [root@nfs-server ~]#chown -R www:www /data/wwwroot [root@nfs-server ~]#echo '/data/wwwroot 192.168.68.0/24(rw,sync,all_squash,anongid=501,anonuid=501)' > /etc/exports [root@nfs-server ~]#exportfs -rv [root@nfs-server ~]#systemctl start rpcbind.service #启动rpcbind,nfs注册工具 [root@nfs-server ~]#systemctl start nfs.service #启动nfs [root@nfs-server ~]#mkdir -pv /data/wwwroot/z_com
LVS 配置
[root@lvs-server ~]# ifconfig eno16777736:0 192.168.32.2 netmask 255.255.255.0 broadcast 192.168.31.2 [root@lvs-server ~]# route add -host 192.168.31.2 dev eno16777736:0 [root@lvs-server ~]# ipvsadm -A -t 192.168.31.2:80 -s rr [root@lvs-server ~]# ipvsadm -a -t 192.168.31.2:80 -r 192.168.31.22 -g [root@lvs-server ~]# ipvsadm -a -t 192.168.31.2:80 -r 192.168.31.23 -g [root@lvs-server ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.31.2:80 rr -> 192.168.31.22:80 Route 1 0 0 -> 192.168.31.23:80 Route 1 0 0
RS1、RS2 配置一样
[root@rs1-server ~]#vim skp.sh #LVS-DR配置
#!/bin/bash
VIP=192.168.31.2
case "$1" in
start)
echo "配置lvs Real Server开始..."
ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
echo "正在关闭lvs Real server"
ifconfig lo:0 down
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "用法:$0 {start|stop}"
exit 1
esac
[root@rs1-server ~]#chmod +x skp.sh
[root@rs1-server ~]#./skp.sh start
[root@rs1-server ~]#groupadd www -g 501
[root@rs1-server ~]#useradd www -u 501 -g www -M -r
[root@rs1-server ~]# ifconfig lo:0 192.168.32.2 netmask 255.255.255.255 broadcast 192.168.31.2
[root@rs1-server ~]# route add -host 192.168.31.2 dev lo:0
[root@rs1-server ~]#systemctl start rpcbind.service
[root@rs1-server ~]#showmount -e 192.168.68.24
Export list for 192.168.68.24:
/data/wwwroot 192.168.68.0/24
[root@rs1-server ~]#mkdir -p /htdocs
[root@rs1-server ~]#mount -t nfs 192.168.68.24:/data/wwwroot /htdocs
[root@rs1-server ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 58G 2.3G 56G 4% /
devtmpfs 484M 0 484M 0% /dev
tmpfs 493M 0 493M 0% /dev/shm
tmpfs 493M 6.8M 487M 2% /run
tmpfs 493M 0 493M 0% /sys/fs/cgroup
/dev/sda1 497M 118M 379M 24% /boot
tmpfs 99M 0 99M 0% /run/user/0
192.168.68.24:/data/wwwroot 58G 2.3G 56G 4% /htdocs
[root@rs1-server ~]#vim /etc/nginx/conf.d/z.com.conf
server {
listen 80;
server_name z.com;
root /htdocs/z_com;
index index.php;
add_header X-via $server_addr;
location / {
root /htdocs/z_com;
index index.php index.html index.html;
}
location ~* \.(jpg|jpeg|png|gif|js|css)$ {
root /htdocs/z_com;
}
location ~ \.php$ {
root /htdocs/z_com;
fastcgi_pass 192.168.68.25:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /htdocs/z_com$fastcgi_script_name;
include fastcgi_params;
}
}
[root@rs1-server ~]#systemctl start nginx.service
PHP-FPM配置
[root@phpfpm-server ~]#groupadd www -g 501 [root@phpfpm-server ~]#useradd www -u 501 -g www -M -r [root@phpfpm-server ~]#systemctl start rpcbind.service [root@phpfpm-server ~]#showmount -e 192.168.68.24 Export list for 192.168.68.24: /data/wwwroot 192.168.68.0/24 [root@phpfpm-server ~]#mkdir -p /htdocs [root@phpfpm-server ~]#mount -t nfs 192.168.68.24:/data/wwwroot /htdocs [root@phpfpm-server ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda2 58G 2.3G 56G 4% / devtmpfs 484M 0 484M 0% /dev tmpfs 493M 0 493M 0% /dev/shm tmpfs 493M 6.8M 487M 2% /run tmpfs 493M 0 493M 0% /sys/fs/cgroup /dev/sda1 497M 118M 379M 24% /boot tmpfs 99M 0 99M 0% /run/user/0 192.168.68.24:/data/wwwroot 58G 2.3G 56G 4% /htdocs [root@phpfpm-server ~]#vim /etc/php-fpm.d/www.conf ##修改/etc/php-fpm.d/www.conf的部分选项 listen = 192.168.68.22:9000 listen.allowed_clients = 192.168.68.22,192.168.68.23 user = www group = www [root@phpfpm-server ~]#systemctl start php-fpm.service
Mariadb数据库配置
[root@mariadb-server ~]#systemctl start mariadb.service [root@mariadb-server ~]#mysql -uroot MariaDB [(none)]> create database wordpress; #创建wordpress数据库 MariaDB [(none)]> grant all on wordpress.* to 'wordpress'@'192.168.68.%' identified by '123456'; 授权worpress用户
搭建wordpress
[root@nfs-server ~]#cd /data/wwwroot/z_com uzip wordpress.zip
用浏览器访问z.com:
试验总结
-
在php-fpm服务配置中要注意listen的监听,和 listen.allowed_clients
-
架设web服务时,要注意网站根目录的权限问题。
-
此架构可以用ansible一键配置完成……,日后要实现
原创文章,作者:N25_木头钟,如若转载,请注明出处:http://www.178linux.com/62736
评论列表(1条)
总结的很好,有例子有说明,加油