标签:haproxy 动静分离 负载均衡 discuz 反向代理
[root@cs2 ~]# yum install httpd [root@cs3 ~]# yum install httpd [root@cs4 ~]# yum install httpd
[root@cs3 ~]# yum install php [root@cs3 ~]# yum install php-mysql [root@cs4 ~]# yum install php [root@cs4 ~]# yum install php-mysql
[root@cs5 ~]# yum install mariadb-server
[root@cs5 ~]# systemctl start mariadb [root@cs5 ~]# mysql #创建一个discuz用的数据库,库名叫dz MariaDB [(none)]> create database dz; #创建并授权账号dzadmin密码123321给dz库,授权范围为全网 MariaDB [(none)]> grant all privileges on dz.* to dzadmin@‘%‘ identified by ‘123321‘; #授权账号dzadmin密码123321给dz库,授权范围为本地 MariaDB [(none)]> grant all privileges on dz.* to dzadmin@localhost identified by ‘123321‘; #刷新权限 MariaDB [(none)]> flush privileges;
[root@cs2 ~]# vim /etc/httpd/conf/httpd.conf ServerName cs2.xinfeng.com:80 #修改此处 DocumentRoot "/var/www/html/upload" #因为次文件还不存在,所以会报错,等装了dz之后再执行之后的就OK了 [root@cs2 ~]# httpd -t [root@cs2 ~]# systemctl start httpd [root@cs3 ~]# vim /etc/httpd/conf/httpd.conf ServerName cs3.xinfeng.com:80 #修改此处 DocumentRoot "/var/www/html/upload" [root@cs3 ~]# httpd -t [root@cs3 ~]# systemctl start httpd [root@cs4 ~]# vim /etc/httpd/conf/httpd.conf ServerName cs4.xinfeng.com:80 #修改此处 DocumentRoot "/var/www/html/upload" [root@cs4 ~]# httpd -t [root@cs4 ~]# systemctl start httpd
[root@cs3 ~]# wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip [root@cs3 ~]# mkdir Discuz [root@cs3 ~]# unzip -d /root/Discuz Discuz_X3.2_SC_UTF8.zip [root@cs3 ~]# cp -a /root/Discuz/* /var/www/html/ [root@cs3 ~]# chmod -R 777 /var/www/html/upload/*
打开cs3.xinfeng.com安装
论坛管理员账号admin,密码123
#复制cs3下的/var/www/html所有文件到cs2/var/www/html/下 [root@cs3 ~]# scp -r /var/www/html/* 192.168.1.114:/var/www/html/ #复制cs3下的/var/www/html所有文件到cs4/var/www/html/下 [root@cs3 ~]# scp -r /var/www/html/* 192.168.1.115:/var/www/html/
#/var/www/html/upload中需要挂载的目录如下 data ┄┄┄数据缓存及附件 static ┄┄┄静态文件
设置cs2为NFS服务器
[root@cs2 ~]# yum install nfs-utils [root@cs2 ~]# yum install rpcbind [root@cs2 ~]# service rpcbind start [root@cs2 ~]# vim /etc/exports #NFS输出目录为data,可以访问这个目录的主机为cs3和cs4,权限为读写,访问uid为0(root),允许超过1024的端口号连接 /var/www/html/upload/data/ 192.168.1.113(rw,all_squash,anonuid=0,insecure) /var/www/html/upload/data/ 192.168.1.115(rw,all_squash,anonuid=0,insecure) #NFS输出目录为static,可以访问这个目录的主机为cs3和cs4,权限为读写,访问uid为0(root),允许超过1024的端口号连接 /var/www/html/upload/static/ 192.168.1.113(rw,all_squash,anonuid=0,insecure) /var/www/html/upload/static/ 192.168.1.115(rw,all_squash,anonuid=0,insecure) [root@cs2 ~]# service nfs start #查看共享状态 [root@cs2 ~]# showmount -e Export list for cs2.xinfeng.com: /var/www/html/upload/static 192.168.1.115,192.168.1.113 /var/www/html/upload/data 192.168.1.115,192.168.1.113
在cs3上挂载
[root@cs3 ~]# yum install nfs-utils [root@cs3 ~]# yum install rpcbind [root@cs3 ~]# service rpcbind start [root@cs3 ~]# service nfs start [root@cs3 ~]# mount 192.168.1.114:/var/www/html/upload/data/ /var/www/html/upload/data/ [root@cs3 ~]# mount 192.168.1.114:/var/www/html/upload/static/ /var/www/html/upload/static/ [root@cs3 ~]# showmount -e 192.168.1.114 Export list for 192.168.1.114: /var/www/html/upload/static 192.168.1.115,192.168.1.113 /var/www/html/upload/data 192.168.1.115,192.168.1.113
在cs4上挂载
[root@cs4 ~]# yum install nfs-utils [root@cs4 ~]# yum install rpcbind [root@cs4 ~]# service rpcbind start [root@cs4 ~]# service nfs start [root@cs4 ~]# mount 192.168.1.114:/var/www/html/upload/data/ /var/www/html/upload/data/ [root@cs4 ~]# mount 192.168.1.114:/var/www/html/upload/static/ /var/www/html/upload/static/ [root@cs4 ~]# showmount -e 192.168.1.114 Export list for 192.168.1.114: /var/www/html/upload/static 192.168.1.115,192.168.1.113 /var/www/html/upload/data 192.168.1.115,192.168.1.113
开起日志功能
[root@cs1 ~]# vim /etc/rsyslog.conf #打开或增加一下几行,让udp514端口处于监听状态,并将日志纪录到指定文件中 $ModLoad imudp $UDPServerRun 514 local2.* /var/log/haproxy.log [root@cs1 ~]# systemctl restart rsyslog.service [root@cs1 ~]# ss -unl | grep 514 UNCONN 0 0 *:514 *:* UNCONN 0 0 :::514 :::*
配置haproxy
[root@cs1 ~]# yum install haproxy [root@cs1 ~]# vim /etc/haproxy/haproxy.cfg #--------------------------------------------------------------------- global #全局配置 log 127.0.0.1 local2 #日志纪录位置 chroot /var/lib/haproxy #haproxy的工作目录 pidfile /var/run/haproxy.pid #pid文件位置 maxconn 4000 #最大连接数 user haproxy #运行时使用的用户身份 group haproxy #运行时使用的组身份 daemon #启动为守护进程,不加此处运行在前台 stats socket /var/lib/haproxy/stats #本地访问stats统计信息时以套接字方式通信 defaults #默认配置 mode http #已http模式运行 log global #默认日志为全局配置中日志的设置 option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 #除本机外所有发往服务器的请求首部中加入“X-Forwarded-For”首部 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000 #前端最大并发连接数 listen static #设置统计报告页面 bind *:9000 #监听在本机9000端口 stats enable #打开 stats hide-version #隐藏haproxy版本 stats uri /hadzadmin?stats #统计页面路径 stats realm "HAProxy/ Static" #打开统计页面的认证功能 stats auth hasts:123 #进入统计页面所使用的账号hasts和密码123 stats admin if TRUE #条件满足时进入管理级别 frontend dz #前端设置 bind *:80 #监听在80端口 acl url_static path_beg -i /data /static /images /javascript /stylesheets #url开头为这些的静态内容 acl url_static path_end -i .jpg .gif .png .css .js .html .ico #url结尾带为这些的静态内容 use_backend staser if url_static #如果静态内容符合url_static的条件,就调度到staser中的服务器 default_backend dyser #其他默认调度到dyser中的服务器 backend dyser #后端动态内容服务器设置 cookie srv insert nocache #在cookie中插入srv字串防止登录信息丢失 balance roundrobin #调度算法为轮询 server cs3 192.168.1.113:80 check server cs4 192.168.1.115:80 check backend staser #后端静态内容服务器设置 balance roundrobin server cs1 192.168.1.114:80 check [root@cs1 ~]# systemctl start haproxy
修改cs2、cs3、cs4的http配置文件,让他们能收到真实访问的ip
[root@cs2 ~]# vim /etc/httpd/conf/httpd.conf #修改一下内容 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined [root@cs2 ~]# service httpd reload #cs3和cs4执行同样的操作
分别看下cs2,cs3,cs4最近的访问日志
[root@cs2 ~]# tail -1 /var/log/httpd/access_log 192.168.1.110 - - [05/Jun/2016:16:36:12 +0800] "GET /data/attachment/forum/201606/05/161843j4au463pthh432zf.png HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0" [root@cs3 uc_server]# tail -1 /var/log/httpd/access_log 192.168.1.110 - - [05/Jun/2016:16:33:07 +0800] "GET /misc.php?mod=patch&action=ipnotice&_r=0.40765136777967004&inajax=1&ajaxtarget=ip_notice HTTP/1.1" 200 65 "http://cs1.xinfeng.com/forum.php?mod=viewthread&tid=1&extra=page%3D1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 [root@cs4 data]# tail -1 /var/log/httpd/access_log 192.168.1.110 - - [05/Jun/2016:16:33:07 +0800] "GET /misc.php?mod=patch&action=pluginnotice&inajax=1&ajaxtarget=plugin_notice HTTP/1.1" 200 65 "http://cs1.xinfeng.com/forum.php?mod=viewthread&tid=1&extra=page%3D1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36"
本文出自 “信风” 博客,请务必保留此出处http://xsllqs.blog.51cto.com/2308669/1787590
标签:haproxy 动静分离 负载均衡 discuz 反向代理
原文地址:http://xsllqs.blog.51cto.com/2308669/1787590