Linux从入门到放弃 LNMP架构搭建博客网站

配置环境

web1	ip192.168.1.1	nginx php nfs
web2	ip192.168.1.2	nginx php nfs
web3	ip192.168.1.3	nginx php nfs
db		ip192.168.1.4	mariadb-server mariadb
nfs		ip192.168.1.5	nfs
lb1		ip192.168.1.6	nginx
lb2		ip192.168.1.7	nginx
m		ip192.168.1.8
backup	ip192.168.1.9
redis	ip192.168.1.10	redis

安装nginx

yum install -y nginx

安装php

# 解决yum安装软件冲突问题
yum remove php-mysql php php-fpm php-common
# 准备yum安装软件扩展源信息
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
# 利用yum安装PHP相关软件信息
yum install -y php71w php71w-cli php71w-common php71w-devel php71w-embedded  php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache  php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb

安装数据库

yum install mariadb-server mariadb  -y

代码下载

wordpress 提取码:paq9

链接: https://pan.baidu.com/s/1XBhXfwVv3JySpYxcFpFolw 提取码: paq9

1. 部署一台web服务器

安装环境

yum install -y nginx php-fpm
systemctl enable nginx php-fpm

统一nginx、php 用户身份

groupadd -g777 wy
useradd -u777 -g777 wy
sed -i '/^user/c user wy' /etc/nginx/nginx.conf		#修改nginx身份
sed -i '/^user/c user = wy' /etc/php-fpm.d/www.conf 
sed -i '/^group/c group = wy' /etc/php-fpm.d/www.conf

添加wordpress博客站点信息

[root@web1 ~]# vim /etc/nginx/conf.d/www.mcweiyi.club.conf
server {
        listen 80;
        server_name www.mcweiyi.club;
                root /html/wordpress;
                client_max_body_size 100m;

        location / {
                index index.php;
        }

        location ~ \.php$ {
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param HTTPS on;
                include fastcgi_params;
        }
}

创建目录

mkdir /html

上传代码

cd /html
rz wordpress.zip
unzip wordpress.zip

修改属主和属组

chown -R wy.wy /html/wordpress

重启服务

systemctl restart nginx php-fpm

完成

浏览器测试

---

2. 部署一台数据库服务器

配置环境

yum install mariadb-server -y
systemctl start mariadb
systemctl enable mariadb

配置数据库

[root@db1 ~]# mysqladmin password '123456' #配置数据库用户密码
[root@wd1 ~]# mysql -uroot -p123456		#1.登录mysql数据库
	MariaDB [(none)]> create database wordpress;	#2.创建一个wordpress名称的库
	MariaDB [(none)]> show databases;				#3.查看数据中所有的库
	+--------------------+
	| Database           |
	+--------------------+
	| information_schema |
	| mysql              |
	| performance_schema |
	| test               |
	| wordpress          |
	+--------------------+
	5 rows in set (0.00 sec)

	MariaDB [(none)]> use wordpress;			#4.进入wordpress库
	Database changed
	MariaDB [wordpress]> show tables;			#5.查看wordpress库中有多少表
	Empty set (0.00 sec)	<--空
	MariaDB [(none)]> quit						#6.退出数据库

创建远程连接用户

[root@db ~]# mysql -uroot -p123456	
MariaDB [(none)]> grant all privileges on *.* to 'all'@'%' identified by '123456';

测试

[root@web1 ~]# mysql -h192.168.1.4 -uall -p123456
	Welcome to the MariaDB monitor.  Commands end with ; or \g.
	
	MariaDB [(none)]> quit

修改wordpress连接数据库的信息

[root@web1 wordpress]# vim /html/wordpress/wp-config.php
	/** WordPress数据库的名称 */
	define( 'DB_NAME', 'wordpress' );

	/** MySQL数据库用户名 */
	define( 'DB_USER', 'all' );

	/** MySQL数据库密码 */
	define( 'DB_PASSWORD', '123456' );

	/** MySQL主机 */
	define( 'DB_HOST', '192.168.1.4' );

---

3. 搭建第二台web服务器

配置环境

yum install -y nginx php-fpm
systemctl enadble nginx php-fpm

groupadd -g777 wy
useradd -u777 -g777 wy
scp  192.168.1.1:/etc/yum.repos.d/* /etc/yum.repos.d/

同步代码

rsync -avz --delete 192.168.1.1:/html /
rsync -avz --delete 192.168.1.1:/etc/nginx/* /etc/nginx/

重启

systemctl restart nginx php-fpm

部署多台web服务器同样的

4. 部署NFS服务器

配置环境

yum install nfs-utils -y
systemctl enable nfs

创建用户组

groupadd -g777 wy
useradd -u777 -g777 wy
chmod 777 /html/wordpress/wp-content/

配置文件

vim /etc/exports
/data/blog 192.168.1.0/24(rw,sync,all_squash,anonuid=777,anongid=777)

创建目录

mkdir /data/blog -p

重启服务

systemctl restart nfs

找到web存储静态资源的位置

#查找图片存储的路径-->浏览器 -->F12 --> Select -->选择图片
http://www.mcweiyi.club/wp-content/uploads/2019/12/ks.jpeg
/html/wordpress/wp-content/uploads/2019/12/ks.jpeg

将所有节点的图片拷贝至nfs存储中

#在有图片的web节点上
[root@web1 ~]# scp -rp /html/wordpress/wp-content/uploads/* 192.168.1.5:/data/blog/
#回到nfs存储上 重新授权
[root@nfs ~]# chown -R wy.wy /data/blog/

所有web节点挂载

[root@web1 ~]# mount -t nfs 192.168.1.5:/data/blog /html/wordpress/wp-content/uploads/
[root@web2 ~]# mount -t nfs 192.168.1.5:/data/blog /html/wordpress/wp-content/uploads/

web服务器安装nfs-utils.x86_64

切记: 一定要将挂载的信息写入开机启动，否则下次启动丢失了...

[root@web1 ~]vim /etc/fstab
192.168.1.5:/data/blog  /html/wordpress/wp-content/uploads/     nfs     defaults        0 0
[root@web2 ~]vim /etc/fstab
192.168.1.5:/data/blog  /html/wordpress/wp-content/uploads/     nfs     defaults        0 0

---

5. 搭建负载均衡

配置环境

yum install -y nginx
systemctl enable nginx

HTTPS证书

我用的是假证书
1.创建一个存放证书的目录

[root@lb1 ~]# mkdir /etc/nginx/ssl_key
[root@lb1 ~]# cd /etc/nginx/ssl_key/

2.创建私钥证书（假证书）

openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=/ST=/L=/O=/OU=/CN=7"
openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt

配置站点

[root@lb1 ~]# vim /etc/nginx/conf.d/proxy_www.mcweiyi.club.conf

upstream blog {
        server 192.168.1.1:80;
        server 192.168.1.2:80;
}

server {
        listen 443 ssl;
        server_name www.mcweiyi.club;
		ssl_certificate ssl_key/server.crt;
		ssl_certificate_key ssl_key/server.key;


        location / {
                proxy_pass https://blog;
                include proxy_params;
        }
}
server {
	listen 80;
	server_name www.mcweiyi.club;
	return 302 https://$http_host$request_uri;
}

配置文件

[root@lb1 ~]# vim /etc/nginx/proxy_params

proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";

proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;

proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;

重启

[root@lb1 ~]# systemctl restart nginx

6.会话共享redis

redis安装 配置 启动

[root@redis ~]# yum install redis -y
[root@redis ~]# sed -i '/^bind/c bind 127.0.0.1 192.168.1.10' /etc/redis.conf
[root@redis ~]# systemctl start redis
[root@redis ~]# systemctl enable redis

php应用服务接入redis ( session -->存储—>redis ) 所有节点都需要按如下方式配置

[root@redis ~]# vim /etc/php.ini
#修改下边两条
session.save_handler = redis
session.save_path = "tcp://172.16.1.51:6379?weight=1&timeout=2.5"

[root@redis ~]# vim /etc/php-fpm.d/www.conf 
# 把下边的两条注释掉
;php_value[session.save_handler] = files
;php_value[session.save_path]    = /var/lib/php/session
			
[root@redis ~]# systemctl restart php-fpm

7. keepalived高可用

安装

[root@lb1 ~]# yum install keepalived -y
[root@lb2 ~]# yum install keepalived -y

配置

配置lb1

[root@lb1 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
	router_id lb1
}

vrrp_instance VI_1 {
	state Z
	interface eth0
	virtual_router_id 50
	priority 150
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 1111
	}
	virtual_ipaddress {
		192.168.1.77
	}
}

配置lb2

[root@lb2 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
	router_id lb2
}

vrrp_instance VI_1 {
	state F
	interface eth0
	virtual_router_id 50
	priority 100
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 1111
	}
	virtual_ipaddress {
		192.168.1.77
	}
}

重启

systemctl restart keepalived.service
systemctl enable keepalived.service

非抢占式配置

[root@lb1 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
	router_id lb1
}

vrrp_instance VI_1 {
	state 7 # 修改
	interface eth0
	virtual_router_id 50
	priority 150
	nopreempt # 添加
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 1111
	}
	virtual_ipaddress {
		192.168.1.77
	}
}

[root@lb2 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
	router_id lb2
}

vrrp_instance VI_1 {
	state 7 # 修改
	interface eth0
	virtual_router_id 50
	priority 100
	nopreempt # 添加
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 1111
	}
	virtual_ipaddress {
		192.168.1.77
	}
}

7.nginx故障自动转移

配置环境

yum install -y mailx

配置文件

[root@backup ~]# vim /etc/mail.rc	
set from=2237937322@qq.com
set smtp=smtps://smtp.qq.com:465
set smtp-auth-user=2237937322@qq.com
set smtp-auth-password=#授权码
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/

keeplaived 调脚本

[root@lb1 ~]# vim  /scripts/text.sh 
#!/usr/bin/bash

#1.检查nginx进程数量
Nginx_Process_Number=$(ps -C nginx --no-header|wc -l)

#2.判断nginx进程数量
	if [ $Nginx_Process_Number -lt 2 ];then

		#3.如果进程小于2,则尝试重新启动一次Nginx,并等待2s
		systemctl restart nginx &>/dev/null
			sleep 2
		Nginx_Process_Number=$(ps -C nginx --no-header|wc -l)

			#4.如果再次执行进程还是小于2,则直接kill掉keeplaived
			if [ $Nginx_Process_Number -lt 2 ];then
				pkill keepalived && mail -s "nginx故障自动转移 `Date`" "314833807@qq.com" < /tmp/test_`Date`.txt
			fi
	fi
[root@lb1 ~]# chmod +x /scripts/test.sh

[root@lb1 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
	router_id lb1
}

#1.每7秒执行一次脚本, 脚本执行内容不能超过7秒,否则会被中断再次重新运行脚本
vrrp_script test {
	script "/scripts/test.sh"
	interval 7
}

vrrp_instance VI_1 {
	state Z
	interface eth0
	virtual_router_id 50
	priority 150
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 1111
	}
	virtual_ipaddress {
		192.168.1.77
	}
	#2.调用并运行该脚本
	track_script {
		test
	}
}