kod云项目搭建

image-20201106234425355

web01

1. 安装nginx, php-fpm环境
yum install nginx -y

yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd  \
php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache \ php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb

2. 创建www 用户
groupadd -g666  www
useradd -g666 -u666  www
 
3. 改变进程用户
vim   /etc/nginx/nginx.conf 
vim  /etc/php-fpm.d/www.conf

4.编辑kod云网站配置文件:
cat >/etc/nginx/conf.d/kod.oldhou.com.conf<<'EOF'
server {
	listen 80;
	server_name kod.oldhou.com;
	root  /code/;
	
  location / {
      index  index.php;
}
  location ~ \.php$ {
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_param  HTTPS  on;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
}
}
EOF

5. 检查语法:
 nginx  -t
 
6.rz 上传代码 并解压至指定目录
mkdir /code/  -p
unzip  kodbox.1.13.zip   -d /code/

7.授权
chown -R www.  /code/

8.启动nginx,加入开机自启动
 systemctl  start     nginx php-fpm 
 systemctl  enable    nginx php-fpm 

  • 如果使用nfs服务器

    find /code -type f -name 'word*' #找到你上传的文件

    [root@web01 /code]# ll /code/data/files/202011/06_98b43a7a/
    -rw-r--r-- 1 www www 0 Nov 6 16:19 index.html
    -rw-r--r-- 1 www www 217 Nov 6 16:19 trello.oexe
    -rw-r--r-- 1 www www 103311645 Nov 6 22:53 wordpress项目.mp4
    -rw-r--r-- 1 www www 209 Nov 6 16:19 一起写office.oexe

  • 先推送静态目录到nfs主机

    配置nfsserver

    cat >>/etc/exports<<EOF

    /data/kod 172.16.1.31/24(rw,async,all_squash,anonuid=666,anongid=666)

    EOF

    mkdir -p /data/kod && chown -R www. /code

    scp /code/data/files/ 172.16.1.31:/data/kod

  • 挂载静态资源:

    mount -t nfs 172.16.1.31:/data/kod /code/data/files/

db01

db01 没有恢复快照,mariadb直接创建相应的库就行了。

db01加入redis缓存,并且提供会话保持服务

1.创建数据库
mysql -uroot -p
mysql> create database  kod;

2.安装redis
yum  install redis -y

3.修改配置文件
sed -i '/^bind/c  bind 127.0.0.1 172.16.1.7'  /etc/redis.conf

4.启动redis,设置开机自启动
systemctl  start redis
systemctl  enable redis

此时可以修改web01的php-fpm进程-加入redis功能:

① [root@web01 ~]# vim /etc/php-fpm.d/www.conf #添加注释

;php_value[session.save_handler] = files
;php_value[session.save_path] = /var/lib/php/session

② [root@web01 ~]# vim /etc/php.ini #修改

​ session.save_handler = redis
​ session.save_path = "tcp://172.16.1.51:6379?weight=1&timeout=2.5" #连接redis

③ [root@web01 ~]# systemctl restart php-fpm

web02

1. 安装nginx, php-fpm环境
yum install nginx -y
yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd  \
php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache \ php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb

2. 创建www 用户
groupadd -g666  www
useradd -g666 -u666  www

2.拉取web01的配置文件及kod云代码
scp  -rp     172.16.1.7:/etc/nginx/conf.d/   /etc/nginx/
scp  -rp     172.16.1.7:/etc/php-fpm.d/www.conf  /etc/php-fpm.d/
scp  -rp     172.16.1.7:/etc/php.ini   /etc/php.ini 

scp -rp      172.16.1.7:/code   /

3.授权站点目录
chown  -R www.  /code


4.启动nginx,加入开机自启动
 systemctl  start     nginx php-fpm 
 systemctl  enable    nginx php-fpm 
 
5. 挂载静态资源:
mount  -t nfs   172.16.1.31:/data/kod    /code/data/files/

lb01,2

  • 配置负载均衡
  • 配置https
1.安装nginx
yum  install  -y  nginx

2.创建https证书:
mkdir  /etc/nginx/ssl_key
cd /etc/nginx/ssl_key
openssl genrsa -idea -out server.key 2048
openssl req -days 36500 -x509 -sha256 -nodes -newkey rsa:2048 -keyout server.key -out server.crt
ll    #检查


3. 配置七层负载均衡:
gzip /etc/nginx/conf.d/default.conf
--------------------------------------proxy_params
cat >/etc/nginx/proxy_params<'EOF'
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_http_version 1.1;
proxy_connect_timeout  60s;     # nginx连接后端的超时时间  TCP
proxy_read_timeout 60s;         # 响应头部超时时间
proxy_send_timeout 60s;         # 响应数据主体的超时时间
proxy_buffering on;		          # 开启缓冲区
proxy_buffer_size 8k;		# 缓冲区Header大小
proxy_buffers 4 64k;		# 缓冲区数量 * 大小 = 最大接收
EOF

--------------------------------------proxy.kod.oldhou.com.conf
cat >/etc/nginx/conf.d/proxy.kod.oldhou.com.conf<<'EOF'
upstream http {
	server 172.16.1.7:80;
	server 172.16.1.8:80;
}

	#2.用户请求https协议,通过负载均衡方式请求资源池,使用的是http协议
server {
	listen 443 ssl;
	server_name  kod.oldhou.com;
	ssl_certificate ssl_key/server.crt;
	ssl_certificate_key ssl_key/server.key;

	location / {
		proxy_pass http://http;
		include proxy_params;
	}
}

#1.用户请求http协议,强制跳转至https协议
server {
	listen 80;
	server_name kod.oldhou.com;
	return 302 https://$http_host$request_uri;
}
EOF


4. 启动nginx负载均衡
nginx -t

systemctl  start  nginx
systemctl  enable  nginx


5. 推送至db02,配置高可用
scp  -rp  /etc/nginx/    172.16.1.6:/etc/


lb02

  • 安装nginx

    yum install nginx -y

  • 启动nginx

    systemctl enable nginx

    systemctl start nginx

lb配置高可用

  • yum install keepalived -y

  • lb01 02 nginx状态监测脚本

mkdir /server/scripts -p

cat  >/server/scripts/check_web.sh<<'EOF'
#!/bin/sh
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginxpid -eq 0 ];then
    systemctl start nginx
    sleep 3
    #2.等待3秒后再次获取一次Nginx状态
    nginxpid=$(ps -C nginx --no-header|wc -l) 
    #3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本  
    if [ $nginxpid -eq 0 ];then
        systemctl stop keepalived
   fi
fi
EOF


#给脚本增加执行权限
chmod +x /server/scripts/check_web.sh

  • lb01 02 keepalived配置文件:
---------------------------------------------lb01
cat >/etc/keepalived/keepalived.conf<<'EOF'
global_defs {
    router_id lb01
}
vrrp_script check_web {                  #定义脚本,名称check_web
    script "/server/scripts/check_web.sh"  #指定脚本所在的路径
    interval 5                             #5s检查一次,要大于脚本运行的时间
}
vrrp_instance VI_1 {
    state BACKUP
    priority 150
    nopreempt
    interface eth0
    virtual_router_id 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
}
    virtual_ipaddress {
        10.0.0.3
    }
  
    track_script {                      #调用脚本定义脚本的名称,并运行该脚本
    check_web
    }
}
EOF

---------------------------------------------lb02
cat >/etc/keepalived/keepalived.conf<<'EOF'
global_defs {
    router_id lb01
}
vrrp_script check_web {                  #定义脚本,名称check_web
    script "/server/scripts/check_web.sh"  #指定脚本所在的路径
    interval 5                             #5s检查一次,要大于脚本运行的时间
}
vrrp_instance VI_1 {
    state BACKUP
    priority 100
    nopreempt
    interface eth0
    virtual_router_id 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
}
    virtual_ipaddress {
        10.0.0.3
    }
  
    track_script {                      #调用脚本定义脚本的名称,并运行该脚本
    check_web
    }
}
EOF

systemctl  start keepalived
systemctl  enable keepalived
posted @ 2020-11-09 17:17  HSping  阅读(665)  评论(0编辑  收藏  举报