Note: WEB server and database need to be separated, while WEB server also need to compile and install MySQL.
Do the important cluster architecture of thought is to find the trunk, extend outward from the trunk area.
WEB server: apache nginx do three local products dedecms workprocess discuz users to store pictures, attachments directory to mount the shared directory on the server nfs
NFS server locally made three shared directory, the user uploaded images and attachments are stored in the corresponding directory,
Use sersync with the backup server to achieve real-time synchronization, key distribution and batch scripts, hosts file (under the actual production environment, in the same local area network, hosts file is usually consistent),
MySQL Server: a server for storing user data,
Backup Server: for server backup, to prevent other server downtime, viruses, data loss and so on. At the same time the content you want to back up every day sent to the administrator via e-mail, data backup to ensure success.
My main idea is to configure and LNMP LAMP server, nfs server configuration and then extend outward MySQL server, then all the data to back up the packed configuration backu backup server, and finally do nginx load balancing servers, if there is another energy the ability of the case, continues to extend high availability of a nginx (Tip ngixn highly available service using VRRP technology)
1.LAMP(192.168.190.20)
(. 1) the tar xvf /apache-2.2.27 CD-2.2.27 Apache compiler installation ./configure \ --prefix = / file application / appache2.2.27 \ install directory --enable-deflate \ compression mounted --enable-expires \ cache expiration time --enable-headers \ --enable = MOST-modules \ module activation --enable-SO \ --with-MPM = worker \ Apache two modes: worker, the prefork --enable the make && && the rewrite the make- install (line feed at attention behind the build environment can not exist in space, said compiling added comments, please remove yourself if you paste, hand ignored) LN -s /application/apache-2.2.27 / the Application / the Apache echo "<HTML> <head> <title> A, S Blog. </ title> <head> <body> the Hi, I'm A, My Blog address IS <a href="" targe=_parent> </a> </ body> </html>” > /application/apache/htdos/index.html /application/apache/bin/apachectl graceful
The browser will enter 192.168.190.20
Hi, i'm a, My blog address is and so forth successful installation instructions apache service
(2) Installation database msyql
Decompression compile and install, the compilation process is slightly longer, a check after the end of the installation do a soft link
MySQL create virtual users and user groups
groupadd mysql cat /etc/group useradd -g mysql -M -s /sbin/nologin mysql id mysql 编译安装MySQL ./configure \ --prefix=/application/mysql5.1.72 \ --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock \ --localstatedir=/application/mysql5.1.72/data \ --enable-assembler \ --enable-thread-safe-client \ --with-mysqld-user=mysql \ --with-big-tables \ --without-debug \ --with-pthread \ --enable-assembler \ --with-extra-charsets=complex \ --with-readline \ --with-ssl \ --with-embedded-server \ --enable-local-infile \ --with-plugins=partition,innobase \ --with-mysqld-ldflags=-all-static \ --with-client-ldflags=-all-static #--with-plugin-PLUGIN \ make && make install
echo $? Check the compilation is successful
ln -s /application/mysql5.1.72/ / application / mysql create a soft link
Mysql replication configuration profiles
MySQL 5.1.72-CD / Support-Files / LS CP -p-small.cnf My /etc/my.cnf chown -R & lt mysql.mysql / file application / user management permission MySQL MySQL authorized initialization MySQL / file application / MySQL / bin / mysql_install_db --basedir = / application / mysql --datadir = / application / mysql / data / --user = mysql ## OK two is the initialization success / application / mysql / bin / mysqld_safe & start MySQL netstat -lntup | grep MySQL mysqld ## Check whether the service is started successfully mysqladmin -u root password '123456' ## set up MySQL user password
(Note php with apache present embodiment are the module) (3) After installing apache install PHP and mysql
yum install -y openssl-devel tar -xvf php-5.3.27.tar.gz cd php-5.3.27.tar.gz ./configure \ --prefix=/application/php5.3.27 \ //注意php的安装目录 --with-apxs2=/application/apache/bin/apxs \ //注意apache的安装目录 --with-mysql=/application/mysql \ --with-xmlrpc \ --with-openssl \ --with-zlib \ --with-freetype-dir \ --with-gd \ --with-jpeg-dir \ --with-png-dir \ --with-iconv=/usr/local/libiconv \ --enable-short-tags \ --enable-sockets \ --enable-zend-multibyte \ --enable-soap \ --enable-mbstring \ --enable-static \ --enable-gd-native-ttf \ --with-curl \ --with-xsl \ --enable-ftp \ --with-libxml-dir && make && make install
ln -s /application/php5.3.27/ / application / php ## to make a soft link to the version number cp /application/apache/conf/httpd.conf /application/apache/conf/httpd.conf.bak.1 vim / the Application modifying the master configuration file /apache/conf/httpd.conf # CD / file application / Apache / the conf the diff httpd.conf.bak.1 the httpd.conf 67,68c67,68 <the User WWW <Group WWW --- > the User daemon > Group daemon 149c149 <the DirectoryIndex the index.php index.html --- > the DirectoryIndex index.html 292,294c292 <the AddType file application / X-.php .phtml the httpd-PHP <the AddType file application / X-Source. Phps the httpd-PHP- --- > 401c401 < Include conf/extra/httpd-vhosts.conf --- ># Include conf/extra/httpd-vhosts.conf: 423 <Directory "/data0/www"> 424 Options -Indexes FollowSymLinks 425 AllowOverride None 426 Order allow,deny 427 Allow from all 428 </Directory>
Create a corresponding user apache virtual www
useradd www -s /sbin/nologin -M
id www
cd /application/apache/conf/extra
vim httpd-vhosts.conf
NameVirtualHost *:80 # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for all requests that do not # match a ServerName or ServerAlias in any <VirtualHost> block. # <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "/data0/www/cms" ServerName cms.etiantian.org ServerAlias etiantian.org ErrorLog "logs/dummy-host.example.com-error_log" CustomLog "|/usr/local/sbin/cronolog /app/logs/access_cms_%Y%m%d.log" combined </VirtualHost> <VirtualHost *:800> ServerAdmin [email protected] DocumentRoot "/data0/www/bbs" ServerName bbs.etiantian.org ErrorLog "logs/dummy-host.example.com-error_log" CustomLog "|/usr/local/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined </VirtualHost> <VirtualHost *:8000> ServerAdmin [email protected] DocumentRoot "/data0/www/blog" ServerName blog.etiantian.org ErrorLog "logs/dummy-host.example.com-error_log" CustomLog "|/usr/local/sbin/cronolog /app/logs/access_blog_%Y%m%d.log" combined </VirtualHost>
If there is an error to view the error log
cd /application/appache/logs/
Set up a site directory
mkdir /data0/{www,blog,bbs}
for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done
Grammar / application / apache / bin / apachectl -t # Check the configuration file
/ Application / apache / bin / apachectl graceful # GR apache
Local hosts do resolve visit three sites, to see whether the domain name-based virtual host configuration is successful
Dedecms, Discuz, workprocess three products after self-extracting installation (after installing the MySQL database before installation)
2.LNMP(192.168.190.10)
(1) installation services nginx
To be installed before compiling nginx
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
Compile and install nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module make && make install ln -s /application/nginx1.6.2/ /application/nginx
Start nginx
/application/nginx/sbin/nginx
lsof -I: 80 # nginx see whether the service starts successfully
(2) install the MySQL database
Compile and install MySQL
./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler
--enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline
--with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static make && make install
echo $?
Database initialization:
chown -R mysql.mysql / application / mysql MySQL authorized user administrative privileges
Mysql initialization
/application/mysql/bin/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data/ --user=mysql
// initialize the display that is OK two successful initialization
(3) installation of PHP (PHP with nginx is the guardian of the existence of the work process)
(Before installing the required installation package php yum install zlib libxml libjpeg freetype libpng gd curl libiconv zlib-devel libxml2-devel libjpeg-devel freetype-devel libpng-devel gd-devel curl-devel -y)
zxf libiconv-1.14.tar.gz the tar CD-libiconv 1.14 ./configure --prefix = / usr / local / libiconv // then compiled mounted make && make install
Install its dependencies
Libmcrypt 、 mhash 、mcrypt
Install php (installed first before compiling libxslt *, otherwise it will error) decompression
./configure --prefix=/application/php5.3.27 --with-mysql=/application/mysql --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib
--with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl
--with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-sockets --with-xmlrpc
--enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=nginx --with-fpm-group=nginx --enable-ftp && make && make install
Upload the edited startup file php-frm.conf (package group which has modified a complete) à upload / application / php / etc
Create a log file
mkdir / app / logs // not created, then check the syntax of the time will complain
/ Application / php / sbin / php-fpm -t // check grammar
/ Application / php / sbin / php-fpm // start php
In setting your rc.local boot from the start
Mysql php nginx
## optimization profile
cat /application/nginx/conf/ cat nginx.conf worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; include extra/cms.conf; include extra/bbs.conf; include extra/blog.conf; } mdkir extra touch {bbs,blog,cms}.conf cat cms.conf server { listen 80; server_name cms.etiantian.org; root /data0/www/cms; index index.php index.html index.htm; location ~ \.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } } cat bbs.conf server { listen 800; server_name bbs.etiantian.org; root /data0/www/bbs; index index.php index.html index.htm; location ~ \.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } } cat blog,conf server { listen 8000; server_name blog.etiantian.org; root /data0/www/blog; index index.php index.html index.htm; location ~ \.(php|php5)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } } mkdir /data0/{www,blog,bbs} for n in www blog bbs ;do echo "$n.etiantian.org" > /data0/$n/index.html;done
Discuz, dedecms, workprocess three product install itself into the site directory bbs, www, blog
3.NFS server (192.168.190.30)
(1) install nfs and rpcbind (nfs service is by rpcbind port forwarding)
yum install nfs-utils rpcbind -y
echo "/etc/init.d/nfs restart"> /etc/rc.local // set chkconfig nfs boot from the start to use the same
vim /etc/exports
#shared storage for LAMP,LNMP /data0 192.168.190.10(rw,async) 192.168.190.20(rw.async)
(2) Bursting
ssh-copy-id -i key distribution can be achieved in a small environment, but if hundreds of servers, you need to develop scripts for automated key distribution (annex have developed a good script for reference)
Key distribution is completed, distribute the local hosts file (under the unified network under real production environment, it is necessary to resolve the same local hosts)
vim /etc/rsync.password
123456
chmod 600 /etc/rsync.password
(3) to achieve real-time synchronization and backup sersync backup server
Installation sersync
cd /tools
uzip sersync2.5.4_64bit_binary_stable_final.tar
mv sersync2 /usr/local/sersync
cd /usr/local/sersync/conf
echo ‘export PATH=$PATH:/usr/local/sersync/bin’ >>/etc/profile
vim /usr/local/sersync/conf/www_confxml.xml (which directories rsync server which needs to be synchronized to write directory, for example workprocess here to blog on behalf of rsync module name of the name server's ip is the target IP address)
24 <localpath watch="/data0/www/blog/wp-content/uploads"> 25 <remote ip="192.168.190.50" name="nfs"/> 26 </localpath>
echo ‘sersync -r -d -o /usr/local/sersync/conf/www_confxml.xml’ >> /etc/rc.local
So far sersync real-time synchronization with the backup server also completed.
4. Install the MySQL server (192.168.190.40), creating a database of products you have done, create a database user for each product used, and authorized users.
Create a MySQL virtual user useradd -g mysql -M -s / sbin / nologin mysql
(1) to compile and install MySQL database
tar xvf mysql5.1.72.tar.gz
cd mysql5.1.72
./configure --prefix=/application/mysql5.1.72 --with-unix-socket-path=/application/mysql5.1.72/tmp/mysql.sock --localstatedir=/application/mysql5.1.72/data --enable-assembler
--enable-thread-safe-client --with-mysqld-user=mysql --with-big-tables --without-debug --with-pthread --enable-assembler --with-extra-charsets=complex --with-readline
--with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase --with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static
ln -s /application/mysql5.1.72/ /application/mysql
/ Application / mysql / bin / mysql_install_db --basedir = / application / mysql --datadir = / application / mysql / data / --user = mysql ## to initialize the database
cd /tools/msyql5.1.71
\cp support-files/mysql.server /etc/init.d/mysqld
/etc/init.d/mysqld start
netstat -lntup | grep mysql # MySQL3306 see whether to open ports
mysqladmin -u root password '123456' ## set up the database user name and password
(2) access to the database to create user and authorization, create a database cms bbs blog used by the user
mysql -uroot -p123456
mysql> create database bbs; mysql> create database cms; mysql> create database blog; mysql> show databases; ##查看数据库 mysql> grant select,insert,update,delete,alter,create on cms.* to cms@"192.168.190.%" identified by '123456'; mysql> grant select,insert,update,delete,alter,create on bbs.* to bbs@'192.168.190.%' identified by '123456'; mysql> grant select,insert,update,delete,alter,create on blog.* to blog@'192.168.190.%' identified by '123456'; mysql> select user,host from mysql.user; ##查看用户是否创建成功
(3) MySQL database data backup, scheduled tasks using the periodic timed push (simple backup using mysqldump, high-level replication or backup services using drbd)
[root@mysql scripts]# cat mysqldunmp.sh
!#bin/bash cd /backup echo "You are in backup dir" File = /backup/ mysqldump -uroot -p123456 --quick --databases bbs blog cms --flush-logs --single-transaction > /backup/mysql$(date +%F).bak rsync -az /backup/mysql* [email protected]::mysql --password-file=/etc/rsync.password echo "Your database backup successfully completed"
vim /etc/rsync.password
123456
chmod 600 /etc/rsync.password
crontab -e
#send mysqlbak 00 00 * * * /bin/sh -x /server/script/mysqldump.sh
5.backup server (192.168.190.40 rsync, examine the backup content push over, regularly send messages every day to tell the system administrator backup is successful)
useradd -s / sbin / nologin rsync rsync user created
yum install -y rsync
echo "/usr/bin/rsync --daemon" >> /etc/rc.local
vim /etc/rsyncd.conf
##rsyncd.conf start## uid = rsync gid = rsync use chroot = no max connections = 200 timeout = 300 pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock log file = /var/log/rsyncd.log ignore errors read only = false list = false hosts allow = 10.0.0.0/24 hosts deny = 0.0.0.0/32 auth users = rsync_backup secrets file = /etc/rsync.password [zhang] path = /zhang/ [cms] path =/data0/www/cms/ [bbs] path =/data0/www/bbs/ [blog] path =/data0/www/blog/ [backup] path =/backup/ [nfs] path =/backup/nfs/ [mysql] path =/mysql/
All push folder must exist, otherwise it will start rsync error
chown -R rsync.rsync /zhang/
chown -R rsync.rsync /data0/www/cms/
chown -R rsync.rsync /data0/www/bbs/
chown -R rsync.rsync /data0/www/blog/
chown -R rsync.rsync /backup/
chown -R rsync.rsync /backup/nfs/
chown -R rsync.rsync /mysql/
vim /etc/rsync.password
rsync_backup:123456
chmod 600 /etc/rsync.password
echo “/usr/bin/rsync --daemon” >> /etc/rc.local
vim /server/script/check.sh
ls /mysql >> /root/check.txt
ls -l /backup/192.168.190.30/|awk '{print $9}' >> /root/check.txt
egrep -v "^$| " /root/check.txt > /root/checkadd.txt
Finally push checkadd.txt text document to the system administrator administrators can see what files are backed up
mail -s "Hello from linuxde.net by file" [email protected] < checkadd.txt
6. nginx main server load balancing (192.168.190.23)
(1) Installation Configuration Load Balancer nginx
To be installed before compiling nginx
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
## to create a virtual user of nginx
usedadd nginx -s /sbin/nologin -M
Compile and install nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module make && make install ln -s /application/nginx1.6.2/ /application/nginx
## start nginx
/application/nginx/sbin/nginx
vim /application/nginx/conf/nginx.conf
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream backend { ip_hash; server 192.168.190.10:80 max_fails=3 fail_timeout=30s; server 192.168.190.20:80 max_fails=3 fail_timeout=30s; } upstream backendyy { server 192.168.190.10:800 max_fails=3 fail_timeout=30s; server 192.168.190.20:800 max_fails=3 fail_timeout=30s; } upstream backendblog { ip_hash; server 192.168.190.10:8000 max_fails=3 fail_timeout=30s; server 192.168.190.20:8000 max_fails=3 fail_timeout=30s; } server { listen 80; server_name cms.etiantian.org; index index.html index.htm; location / { proxy_pass http://backend; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name bbs.etiantian.org; index index.html index.htm; location / { proxy_pass http://backendyy; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name blog.etiantian.org; index index.html index.htm; location / { proxy_pass http://backendblog; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
GR nginx: / application / nginx / bin / nginx -s reload
(2) Installation Configuration keepalived
yum install -y keepalived
netstat -lntup |grep keepalived
vim /etc/keepalived/keepalived.conf
global_defs { notification_email { [email protected] [email protected] [email protected] } notification_email_from [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id lb01 } vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 55 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.190.23/24 dev eth1 label eth1:1 } }
/etc/init.d/keepalived restart ifconfig will find that generate a virtual IP address you want
7. The availability of backup nginx load balancing server (192.168.190.23)
(1) Installation Configuration Load Balancer nginx
To be installed before compiling nginx
1.pcre pcre-devel
yum install -y pcre pcre-devel
2.openssl
yum install openssl openssl-devel -y
Compile and install nginx
./configure --user=nginx --group=nginx --prefix=/application/nginx1.6.2 --with-http_stub_status_module --with-http_ssl_module make && make install ln -s /application/nginx1.6.2/ /application/nginx
## to create a virtual user of nginx
usedadd nginx -s /sbin/nologin -M
## start nginx
/application/nginx/sbin/nginx
vim /application/nginx/conf/nginx.conf
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream backend { ip_hash; server 192.168.190.10:80 max_fails=3 fail_timeout=30s; server 192.168.190.20:80 max_fails=3 fail_timeout=30s; } upstream backendyy { server 192.168.190.10:800 max_fails=3 fail_timeout=30s; server 192.168.190.20:800 max_fails=3 fail_timeout=30s; } upstream backendblog { ip_hash; server 192.168.190.10:8000 max_fails=3 fail_timeout=30s; server 192.168.190.20:8000 max_fails=3 fail_timeout=30s; } server { listen 80; server_name cms.etiantian.org; index index.html index.htm; location / { proxy_pass http://backend; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name bbs.etiantian.org; index index.html index.htm; location / { proxy_pass http://backendyy; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name blog.etiantian.org; index index.html index.htm; location / { proxy_pass http://backendblog; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
GR nginx: / application / nginx / bin / nginx -s reload
(2) Installation keepalived
yum install -y keepalived
vim /etc/keepalived/keepalived.conf
global_defs { notification_email { [email protected] [email protected] [email protected] } notification_email_from [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id lb02 } vrrp_instance VI_1 { state BACKUP interface eth2 virtual_router_id 55 priority 100 ##优先级 数值越高越优先 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.190.23 dev eth2 label eth2:1 } }
/etc/init.d/keepalived restart start keepalived the main nginx load balancing server dawdle away, you will find equipment keepalived node server generates a virtual IP
Local done to resolve host of 192.168.190.23
Keepalived high availability failover principle of transfer
Keepalived failover transition between high availability service support is achieved by the VRRP. When keepalived service work, the main Master node will continue to send (multicast mode) heartbeat message to the standby node, used to tell Backup backup node to be alive. When the primary node fails, can not send a heartbeat message, the standby node can not continue thus detecting the arrival of the master node heartbeat. So they call themselves take over the program, to take over the IP resources and services of the master node. When the master node recovery, the standby node will release itself when the primary node fails to take over the IP resources and services to return to the original standby role