一、实验准备:
192.168.150.102 :配置nginx反向代理,haproxy+keepalive提高高可用(主)
192.168.150.103 :配置nginx反向代理,haproxy+keepalived提高高可用(副)
192.168.150.104 :web1 配置lamp平台
192.168.150.105 :web2 配置lamp平台
192.168.150.106 :nfs共享文件服务
192.168.150.107 :mysql-master
192.168.150.108 :mysql-slave1
192.168.150.109 :mysql -slave2
192.168.150.110 :客户端
所有主机设置防火墙、selinux
本次nextcloud版本22-2.0 、php74
二、配置mariadb主从复制
192.168.1.7 主
192.168.1.8 从
192.168.1.9 从
三台主机下载mariadb
yum -y install mariadb-server
1)主的操作
vim /etc/my.cnf server-id=1 log-bin=mysql-bin log-slave-updates=ture character-set-server=utf8 binlog-format = mixed
1. systemctl start mariadb 2. netstat -anput |grep 3306
初始化数据库 mysql_secure_installation 创建hy用户 grant replication slave on *.* to 'hy'@'192.168.150.%' identified by '123456';(用于远程登录数据库) show master status;
2)从的操作
2)从的操作 [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock server-id=2 #另一个从改为3 relay-log=relay-log-bin relay-log-index=slave-relay-bin.index character-set-server=utf8 binlog-format = mixed 重置数据库 systemctl start mariadb mysql_secure_installation mysql -u root -p"123.com" 设置授权 stop slave; CHANGE MASTER TO MASTER_HOST='192.168.150.107',MASTER_USER='hy',MASTER_PASSWORD='123456',MASTER_LOG_FILE='mysql-bin.000003',MASTER_LOG_POS=1484; start slave; show slave status\G;
3)测试数据是否同步
在主上为nextcloud创建库,并创建用于登录的用户 create database nextcloud; grant all on nextcloud.* to "nextcloud"@"192.168.150.%" identfied by "123456" select user,host,password from mysql.user;
在从上验证是否同步,以及用户nextcloud是否可以远程登录
验证用户nextcloud
mysql -unextcloud -p"123456" -h 192.168.150.107 -P 3306
三、配置nfs让web服务挂载
192.168.150.6 nfs服务器
192.168.150.5 web服务器
192.168.150.4 web服务器
1、安装
1. 安装yum -y install rpcbind 、yum -y install nfs-utils 2. 先启动nfs,在启动rpcbind(如果操作过程中报错,把这两个服务停掉,然后按照顺序启动)
2、配置nfs服务器
mkdir /share ##创建共享目录 vim /etc/exports /share 192.168.150.0/24(rw,sync,no_root_squash) 启动 systemctl enable --now nfs systemctl enable --now rpcbind 查看可用的共享目录 exportfs showmount -e
3、配置web服务的httpd
yum -y install httpd systemctl enable --now httpd 挂载共享目录 yum -y install nfs-utils yum -y install rpcbind systemctl enable --now nfs showmount -e 192.168.150.106 mount 192.168.150.106:/share /var/www/html/
4、测试
来到nfs服务器配置网页
echo this is a test > /share/index.html
访问
四、web 服务器 配置 lamp
192.168.1.4 web服务器
192.168.1.5 web服务器
1、配置php环境
yum install epel-release -y yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y yum install yum-utils -y yum-config-manager --enable remi-php74 yum -y install php php-xml php-gd php-mbstring php-process php-ldap php-xml php-zip php-mysql php-intl
php -v #查看版本
2、配置访问测试界面
1. vim index.html 2. mv index.html index.php 3. cat index.php
3、修改httpd配置文件
vim /etc/httpd/conf/httpd.conf <Directory "/var/www/html/nextcloud"> Require all granted AllowOverride All Options FollowSymLinks MultiViews <IfModule mod_dav.c> Dav off </IfModule> </Directory>
4、访问web页面测试
此时的php环境没什么问题了
5、在nfs服务器上配置nextcloud页面
下载(比较慢)
1. wget https://download.nextcloud.com/server/releases/nextcloud-22.2.0.zip 2. yum -y install unzip
unzip nextcloud-22.2.0.zip cp nextcloud /share/ -R useradd -s /sbin/nologin -M apache chown apache.apache /share chmod 777 /share
回到web服务器修改默认的访问页面
1. vim /etc/httpd/conf/httpd.conf 2. 3. 4. DocumentRoot "/var/www/html/nextcloud"
重启
systemctl restart httpd
访问http://192.168.150.104 和 http://192.168.150.105
192.168.150.104报错
解决办法vim /var/www/html/nextcloud/config/config.php
解决现在2个web服务器都可以登录了
五、配置nginx反向代理&&haproxy&&keepalived
192.168.150.102
192.168.150.103
1、安装nginx
1. yum -y install epel-release.noarch 2. yum -y install nginx 3. systemctl enable --now nginx
2、配置两台nginx 的反向代理
vim /etc/nginx/nginx.conf 在http字段下插入 upstream nextcloud { ip_hash; server 192.168.150.104:80; server 192.168.150.105:80; } server { listen 80; server_name nextcloud1; location / { proxy_pass http://192.168.150.104; } } server { listen 80; server_name nextcloud2; location / { proxy_pass http://192.168.150.105; } }
检查配置文件
nginx -t
重载配置文件
systemctl reload nginx
访问测试192.168.150.102
访问测试192.168.150.103
3、为NGINX配置haporxy
1)安装
##下载HAproxy wget https://www.haproxy.org/download/1.7/src/haproxy-1.7.2.tar.gz ##解压 tar -xf haproxy-1.7.2.tar.gz ##进入目录 cd haproxy-1.7.2/ ##编译(没有gcc请先安装) make PREFIX=/usr/local/haproxy TARGET=linux2628 make install PREFIX=/usr/local/haproxy
2)配置haproxy
从haproxy的源码包中的examples下的init.haproxy中获得配置文件的路径“/etc/haproxy/haproxy.cfg” mkdir /etc/haproxy touch /etc/haproxy/haproxy.cfg vim /etc/haproxy/haproxy.cfg ##插入 global #全局属性 daemon #以daemon方式在后台运行 maxconn 256 #最大同时256连接 pidfile /home/ha/haproxy/conf/haproxy.pid #指定保存HAProxy进程号的文件 defaults #默认参数 mode http #http模式 timeout connect 5000ms #连接server端超时5s timeout client 50000ms #客户端响应超时50s timeout server 50000ms #server端响应超时50s frontend http-in #前端服务http-in bind *:88 #监听88端口(不修改会与nginx冲突) default_backend Nginxservers #请求转发至名为"servers"的后端服务 backend Nginxservers #后端服务servers server server1 192.168.150.102:80 maxconn 32 #backend servers中只有一个后端服务,名字叫server1,起在本机的80端口,HAProxy同时最多向这个服务发起32个连接 server server2 192.168.150.103:80 maxconn 32 #backend servers中只有一个后端服务,名字叫server2,起在本机的80端口,HAProxy同时最多向这个服务发起32个连接
将haproxy添加为系统服务
cp /root/haproxy-1.7.2/examples/haproxy.init /etc/init.d/haproxy vim /etc/init.d/haproxy 修改: 35行 内容为 BIN=/usr/local/haproxy/sbin/$BASENAME chmod +x /etc/init.d/haproxy chkconfig --add /etc/init.d/haproxy ##添加3和5运行级别下自启动 chkconfig haproxy --level 35 on chkconfig --list service haproxy start
验证haproxy
4、配置keepalived
192.168.150.102(主)
192.168.150.103 (副)
##安装keepalived yum -y install keepalived ##加载查看模块 modprobe ip_vs lsmod |grep ip_vs ###配置 vim /etc/keepalived/keepalived.conf ##插入 global_defs { router_id LVS_DEVEL } #HAProxy健康检查配置 vrrp_script chk_haproxy { script "killall -0 haproxy" #使用killall -0检查haproxy实例是否存在,性能高于ps命令 interval 2 #脚本运行周期 weight 2 #每次检查的加权权重值 } vrrp_instance HA_1 { state MASTER #副的写SLAVE interface ens160 virtual_router_id 51 priority 100 #从的到比100低 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.150.200 } track_script { chk_haproxy #对应的健康检查配置 } }
启动keepalived+haproxy
1. systemctl restart keepalived.service 2. 3. service haproxy restart
查看主的ip
查看从的ip
浏览器访问192.168.150.200
验证:宕掉192.168.150.102观察192.168.150.103的VIP
继续访问192.168.150.200
配置完成,实验结束(nfs换成ceph存储会更好些)
