标签:lamp centos apache php nfs mariadb dns bind
要达到的目的
双Apache+PHP能正常的被DNS轮询解析到
Apache 1 2 服务器能正常访问NFS上的静态资源
PHP 1 2 服务器能正常访问NFS上的PHP资源
Apache 1 2 和PHP 1 2服务器都能和MariaDB数据库服务器通信
最终实现低价格提高网站负载的方案
由于这里使用了7台服务器所以下文区别服务器的方法请看命令行的[root@LookBack163 ~]这个字段
服务器编号 | 服务器IP | 服务器安装的服务 | 服务器系统 |
LookBack163 | 172.16.41.163 | Apache 1 | Centos 6.5 x86_64 |
LookBack164 | 172.16.41.164 | PHP 1 | Centos 6.5 x86_64 |
LookBack165 | 172.16.41.165 | MariaDB | Centos 6.5 x86_64 |
LookBack166 | 172.16.41.166 | Apache 1 | Centos 6.5 x86_64 |
LookBack167 | 172.16.41.167 | PHP 1 | Centos 6.5 x86_64 |
LookBack168 | 172.16.41.168 | DNS | Centos 6.5 x86_64 |
LookBack169 | 172.16.41.169 | NFS | Centos 6.5 x86_64 |
这里采取了7个VMware的虚拟机一台VMware的Windows虚拟机做测试
下面是基础的原理图
1.1编译安装Apache 2.4.x
[root@LookBack163 ~]# httpdDir="/etc/httpd2410/httpd.conf" [root@LookBack163 ~]# sed -ri ‘s@(^[[:space:]]+DirectoryIndex)( index.html)@\1 index.php\2@‘ $httpdDir [root@LookBack163 ~]# sed -ri "/$(grep -E "^[[:space:]]+AddType" $httpdDir | tail -1 | sed ‘s@/@\\&@‘)/a \\\tAddType application/x-httpd-php .php" !$ [root@LookBack163 ~]# sed -ri "/$(grep -E "^[[:space:]]+AddType" $httpdDir | tail -1 | sed ‘s@/@\\&@‘)/a \\\tAddType application/x-httpd-php-source .phps" !$ [root@LookBack163 ~]# sed -i "s@^ServerRoot .*@#&@" !$ [root@LookBack163 ~]# sed -i "/^Listen 80/a \#Listen 443" !$ [root@LookBack163 ~]# sed -ri "s@^#(Include /etc/httpd2410/extra/httpd-vhosts.conf)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(Include /etc/httpd2410/extra/httpd-ssl.conf)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(LoadModule ssl_module modules/mod_ssl.so)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(LoadModule socache_shmcb_module modules/mod_socache_shmcb.so)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(LoadModule proxy_module .*)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(LoadModule proxy_fcgi_module.*)@\1@" !$ [root@LookBack163 ~]# sed -ri "s@^#(LoadModule rewrite_module modules/mod_rewrite.so)@\1@" !$ [root@LookBack163 ~]# sed -i "s@^DocumentRoot.*@#&@" !$ [root@LookBack163 ~]# sed -i "s@^PidFile.*@PidFile "/usr/local/apache2410/logs/httpd.pid"@" !$ [root@LookBack163 ~]# grep ‘^[^#]‘ $httpdDir | grep -vE ‘^[[:space:]]+#‘ PidFile /usr/local/apache2410/logs/httpd.pid Listen 80 LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_socache_module modules/mod_authn_socache.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule access_compat_module modules/mod_access_compat.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule reqtimeout_module modules/mod_reqtimeout.so LoadModule filter_module modules/mod_filter.so LoadModule mime_module modules/mod_mime.so LoadModule log_config_module modules/mod_log_config.so LoadModule env_module modules/mod_env.so LoadModule headers_module modules/mod_headers.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule version_module modules/mod_version.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so LoadModule ssl_module modules/mod_ssl.so LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule unixd_module modules/mod_unixd.so LoadModule status_module modules/mod_status.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule dir_module modules/mod_dir.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.soUser daemon Group daemonServerAdmin you@example.com ServerName LookBack163.05hd.com:80AllowOverride none Require all deniedOptions Indexes FollowSymLinks AllowOverride None Require all grantedDirectoryIndex index.php index.htmlRequire all deniedErrorLog "logs/error_log" LogLevel warnLogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" commonLogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedioCustomLog "logs/access_log" commonScriptAlias /cgi-bin/ "/usr/local/apache2410/cgi-bin/"AllowOverride None Options None Require all grantedTypesConfig /etc/httpd2410/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phpsInclude /etc/httpd2410/extra/httpd-vhosts.conf Include /etc/httpd2410/extra/httpd-default.confInclude /etc/httpd2410/extra/proxy-html.confInclude /etc/httpd2410/extra/httpd-ssl.confSSLRandomSeed startup builtin SSLRandomSeed connect builtin
配置Apache2
[root@LookBack166 ~]# httpdDir="/etc/httpd2410/httpd.conf" [root@LookBack166 ~]# sed -ri ‘s@(^[[:space:]]+DirectoryIndex)( index.html)@\1 index.php\2@‘ $httpdDir [root@LookBack166 ~]# sed -ri "/$(grep -E "^[[:space:]]+AddType" $httpdDir | tail -1 | sed ‘s@/@\\&@‘)/a \\\tAddType application/x-httpd-php .php" !$ [root@LookBack166 ~]# sed -ri "/$(grep -E "^[[:space:]]+AddType" $httpdDir | tail -1 | sed ‘s@/@\\&@‘)/a \\\tAddType application/x-httpd-php-source .phps" !$ [root@LookBack166 ~]# sed -i "s@^ServerRoot .*@#&@" !$ [root@LookBack166 ~]# sed -i "/^Listen 80/a \#Listen 443" !$ [root@LookBack166 ~]# sed -ri "s@^#(Include /etc/httpd2410/extra/httpd-vhosts.conf)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(Include /etc/httpd2410/extra/httpd-ssl.conf)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(LoadModule ssl_module modules/mod_ssl.so)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(LoadModule socache_shmcb_module modules/mod_socache_shmcb.so)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(LoadModule proxy_module .*)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(LoadModule proxy_fcgi_module.*)@\1@" !$ [root@LookBack166 ~]# sed -ri "s@^#(LoadModule rewrite_module modules/mod_rewrite.so)@\1@" !$ [root@LookBack166 ~]# sed -i "s@^DocumentRoot.*@#&@" !$ [root@LookBack166 ~]# sed -i "s@^PidFile.*@PidFile "/usr/local/apache2410/logs/httpd.pid"@" !$ [root@LookBack166 ~]# grep ‘^[^#]‘ $httpdDir | grep -vE ‘^[[:space:]]+#‘ PidFile /usr/local/apache2410/logs/httpd.pid Listen 80 LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_socache_module modules/mod_authn_socache.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule access_compat_module modules/mod_access_compat.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule reqtimeout_module modules/mod_reqtimeout.so LoadModule filter_module modules/mod_filter.so LoadModule mime_module modules/mod_mime.so LoadModule log_config_module modules/mod_log_config.so LoadModule env_module modules/mod_env.so LoadModule headers_module modules/mod_headers.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule version_module modules/mod_version.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so LoadModule ssl_module modules/mod_ssl.so LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule unixd_module modules/mod_unixd.so LoadModule status_module modules/mod_status.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule dir_module modules/mod_dir.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.soUser daemon Group daemonServerAdmin you@example.com ServerName LookBack166.05hd.com:80AllowOverride none Require all deniedOptions Indexes FollowSymLinks AllowOverride None Require all grantedDirectoryIndex index.php index.htmlRequire all deniedErrorLog "logs/error_log" LogLevel warnLogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" commonLogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedioCustomLog "logs/access_log" commonScriptAlias /cgi-bin/ "/usr/local/apache2410/cgi-bin/"AllowOverride None Options None Require all grantedTypesConfig /etc/httpd2410/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phpsInclude /etc/httpd2410/extra/httpd-vhosts.conf Include /etc/httpd2410/extra/httpd-default.confInclude /etc/httpd2410/extra/proxy-html.confInclude /etc/httpd2410/extra/httpd-ssl.confSSLRandomSeed startup builtin SSLRandomSeed connect builtin
1.3 制作配置两台Apache服务器的启动脚本
制作172.16.41.163服务器上Apache启动脚本
[root@LookBack166 ~]# for I in $(ps -aux | grep [h]ttp |awk ‘{print$2}‘); do kill -9 $I;done [root@LookBack166 ~]# for I in $(ps -aux | grep [a]pache |awk ‘{print$2}‘); do kill -9 $I;done [root@LookBack166 ~]# [ -f /etc/init.d/httpd ] && mv /etc/init.d/httpd /etc/init.d/httpd.bak [root@LookBack166 ~]# wget -c4 -O /etc/rc.d/init.d/httpd2410 "http://www.05hd.com/httpd.sh" [root@LookBack166 ~]# chmod +x /etc/rc.d/init.d/httpd2410 [root@LookBack166 ~]# sed -ri "s@^# chkconfig.*@# chkconfig: 2345 85 15\n# Default-Start: 2 3 4 5\n# Default-Stop: 0 1 6@" /etc/rc.d/init.d/httpd2410 [root@LookBack166 ~]# sed -ri "s@^pidfile=.*@pidfile=\${PIDFILE-/usr/local/apache2410/logs/httpd.pid}@" /etc/rc.d/init.d/httpd2410 [root@LookBack166 ~]# sed -ri "s@^apachectl=.*@apachectl=/usr/local/apache2410/bin/apachectl111@" /etc/rc.d/init.d/httpd2410 [root@LookBack166 ~]# sed -ri "s@^httpd=.*@httpd=\${HTTPD-/usr/local/apache2410/bin/httpd}@" /etc/rc.d/init.d/httpd2410 [root@LookBack166 ~]# chkconfig --add httpd [root@LookBack166 ~]# chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@LookBack166 ~]# chkconfig httpd on [root@LookBack166 ~]# chkconfig --list httpd
1.4 配置两台Apache服务器上的虚拟主机
配置172.16.41.163的虚拟主机
[root@LookBack163 ~]# mkdir -p /web/hosta [root@LookBack163 ~]# grep ‘^[^#]‘ /etc/httpd2410/extra/httpd-vhosts.conf | grep -vE ‘^[[:space:]]+#‘ServerAdmin admin@05hd.com ServerName www1.05hd.com DocumentRoot "/home/wwwroot/www.05hd.com/"Require all grantedSetHandler server-status Require all grantedProxyRequests Off ProxyPassMatch ^/(.*.php)$ fcgi://172.16.41.164:9000/home/wwwroot/www.05hd.com/$1 ErrorLog "logs/www1.05hd.com-error_log" CustomLog "logs/www1.05hd.com-access_log" common
配置好Apache和虚拟主机下面来启动httpd服务
[root@LookBack163 ~]# service httpd2410 start Starting httpd: [ OK ] [root@LookBack163 ~]# service httpd2410 status httpd (pid 13827) is running... [root@LookBack163 ~]#
配置172.16.41.166的虚拟主机
[root@LookBack166 ~]# mkdir -p /web/hosta [root@LookBack166 ~]# grep ‘^[^#]‘ /etc/httpd2410/extra/httpd-vhosts.conf | grep -vE ‘^[[:space:]]+#‘ServerAdmin admin@05hd.com ServerName www1.05hd.com DocumentRoot "/home/wwwroot/www.05hd.com/"Require all grantedSetHandler server-status Require all grantedProxyRequests Off ProxyPassMatch ^/(.*.php)$ fcgi://172.16.41.167:9000/home/wwwroot/www.05hd.com/$1 ErrorLog "logs/www1.05hd.com-error_log" CustomLog "logs/www1.05hd.com-access_log" common
配置好Apache和虚拟主机下面来启动httpd服务
[root@LookBack166 ~]# service httpd2410 start Starting httpd: [ OK ] [root@LookBack166 ~]# service httpd2410 status httpd (pid 13827) is running... [root@LookBack166 ~]#
2.1为了使数据库的数据安全这里还是采取在MariaDB服务器先做LVM
[root@LookBack165 ~]# fdisk /dev/sda &> /dev/null > /etc/fstab [root@LookBack165 ~]# mount -a [root@LookBack165 ~]# mount /dev/mapper/vg0-root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg0-usr on /usr type ext4 (rw) /dev/mapper/vg0-var on /var type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) /dev/mapper/MYDATA-MYDATAlv on /MYSQLDATA type ext4 (rw) [root@LookBack165 ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg0-root 20G 924M 18G 5% / tmpfs 935M 0 935M 0% /dev/shm /dev/sda1 194M 35M 150M 19% /boot /dev/mapper/vg0-usr 9.9G 2.4G 7.1G 26% /usr /dev/mapper/vg0-var 20G 433M 19G 3% /var /dev/mapper/MYDATA-MYDATAlv 20G 172M 19G 1% /MYSQLDATA
2.2配置MariaDB
[root@LookBack165 ~]# groupadd -r mysql [root@LookBack165 ~]# mkdir /MYSQLDATA/data [root@LookBack165 ~]# useradd -g mysql -r -s /sbin/nologin -M -d /MYSQLDATA/data mysql [root@LookBack165 ~]# chown -R mysql:mysql /MYSQLDATA/data/ [root@LookBack165 ~]# wget http://mirrors.hustunique.com/mariadb/mariadb-galera-5.5.38/bintar-centos5-amd64/mariadb-galera-5.5.38-linux-x86_64.tar.gz [root@LookBack165 ~]# tar xf mariadb-galera-5.5.38-linux-x86_64.tar.gz -C /usr/local [root@LookBack165 ~]# cd /usr/local/ [root@LookBack165 local]# ls bin etc games glibc-2.19 include lib lib64 libexec mariadb-galera-5.5.38-linux-x86_64 sbin share src [root@LookBack165 local]# ln -sv mariadb-galera-5.5.38-linux-x86_64/ mariadb `mariadb‘ -> `mariadb-galera-5.5.38-linux-x86_64/‘ ###` [root@LookBack165 local]# cd mariadb [root@LookBack165 mariadb]# chown -R mysql:mysql .
2.3初始化MariaDB
[root@LookBack165 mariadb]# pwd /usr/local/mariadb [root@LookBack165 mariadb]# scripts/mysql_install_db --user=mysql --datadir=/MYSQLDATA/data/ WARNING: The host ‘LookBack165.05hd.com‘ could not be looked up with resolveip. This probably means that your libc libraries are not 100 % compatible with this binary MariaDB version. The MariaDB daemon, mysqld, should work normally with the exception that host name resolving will not work. This means that you should use IP addresses instead of hostnames when specifying MariaDB privileges ! Installing MariaDB/MySQL system tables in ‘/MYSQLDATA/data/‘ ... 140813 11:46:44 [Note] WSREP: Read nil XID from storage engines, skipping position init 140813 11:46:44 [Note] WSREP: wsrep_load(): loading provider library ‘none‘ 140813 11:46:44 [Note] [Debug] WSREP: dummy_init 140813 11:46:45 [Note] [Debug] WSREP: dummy_disconnect 140813 11:46:45 [Note] WSREP: Service disconnected. 140813 11:46:46 [Note] WSREP: Some threads may fail to exit. 140813 11:46:46 [Note] [Debug] WSREP: dummy_free OK Filling help tables... 140813 11:46:46 [Note] WSREP: Read nil XID from storage engines, skipping position init 140813 11:46:46 [Note] WSREP: wsrep_load(): loading provider library ‘none‘ 140813 11:46:46 [Note] [Debug] WSREP: dummy_init 140813 11:46:46 [Note] [Debug] WSREP: dummy_disconnect 140813 11:46:46 [Note] WSREP: Service disconnected. 140813 11:46:47 [Note] WSREP: Some threads may fail to exit. 140813 11:46:47 [Note] [Debug] WSREP: dummy_free OK To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER ! To do so, start the server, then issue the following commands: ‘./bin/mysqladmin‘ -u root password ‘new-password‘ ‘./bin/mysqladmin‘ -u root -h LookBack165.05hd.com password ‘new-password‘ Alternatively you can run: ‘./bin/mysql_secure_installation‘ which will also give you the option of removing the test databases and anonymous user created by default. This is strongly recommended for production servers. See the MariaDB Knowledgebase at http://mariadb.com/kb or the MySQL manual for more instructions. You can start the MariaDB daemon with: cd ‘.‘ ; ./bin/mysqld_safe --datadir=‘/MYSQLDATA/data/‘ You can test the MariaDB daemon with mysql-test-run.pl cd ‘./mysql-test‘ ; perl mysql-test-run.pl Please report any problems at http://mariadb.org/jira The latest information about MariaDB is available at http://mariadb.org/. You can find additional information about the MySQL part at: http://dev.mysql.com Support MariaDB development by buying support/new features from SkySQL Ab. You can contact us about this at sales@skysql.com. Alternatively consider joining our community based development effort: http://mariadb.com/kb/en/contributing-to-the-mariadb-project/ [root@LookBack165 mariadb]# chown -R root . [root@LookBack165 mariadb]# ls -l total 244 drwxr-xr-x 2 root mysql 4096 Jun 25 12:57 bin -rw-r--r-- 1 root mysql 17987 Jun 23 22:14 COPYING -rw-r--r-- 1 root mysql 26545 Jun 23 22:13 COPYING.LESSER drwxr-xr-x 3 root mysql 4096 Jun 25 12:56 data drwxr-xr-x 2 root mysql 4096 Jun 25 12:57 docs -rw-r--r-- 1 root mysql 8245 Jun 23 22:13 EXCEPTIONS-CLIENT drwxr-xr-x 3 root mysql 4096 Jun 25 12:57 include -rw-r--r-- 1 root mysql 8694 Jun 23 22:13 INSTALL-BINARY drwxr-xr-x 3 root mysql 4096 Jun 25 12:57 lib drwxr-xr-x 4 root mysql 4096 Jun 25 12:56 man drwxr-xr-x 11 root mysql 4096 Jun 25 12:57 mysql-test -rw-r--r-- 1 root mysql 110472 Jun 23 22:13 README -rw-r--r-- 1 root mysql 19510 Jun 23 22:13 README-wsrep drwxr-xr-x 2 root mysql 4096 Jun 25 12:57 scripts drwxr-xr-x 27 root mysql 4096 Jun 25 12:57 share drwxr-xr-x 4 root mysql 4096 Jun 25 12:57 sql-bench drwxr-xr-x 3 root mysql 4096 Jun 25 12:56 support-files
2.4修改MariaDB配置文件
[root@LookBack165 mariadb]# cd /usr/local/mariadb [root@LookBack165 mariadb]# cp support-files/my-large.cnf /etc/my.cnf ###并修改此文件中thread_concurrency的值为你的CPU个数乘以2,比如这里使用如下行: thread_concurrency = 2 ###[root@LookBack165 mariadb]# sed -i "@^thread_concurrency.*@thread_concurrency = 2@" /etc/my.cnf###也可以用这个命令直接修改 [root@LookBack165 mariadb]# sed -i "/^thread_concurrency.*/i \datadir = \/MYSQLDATA\/data" /etc/my.cnf
2.5制作配置MariaDB启动脚本等
[root@LookBack165 mariadb]# cp /usr/local/mariadb/support-files/mysql.server /etc/rc.d/init.d/mysql [root@LookBack165 mariadb]# chmod +x /etc/rc.d/init.d/mysql [root@LookBack165 mariadb]# chkconfig --add mysql [root@LookBack165 mariadb]# chkconfig --list mysql mariadb 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LookBack165 mariadb]# sed -i ‘s@/usr/local/mysql@/usr/local/mariadb@‘ /etc/rc.d/init.d/mysql [root@LookBack165 mariadb]# service mysql start Starting MySQL..... [ OK ] [root@LookBack165 mariadb]# service mysql stop Shutting down MySQL. [ OK ] [root@LookBack165 mariadb]# sed -i "$(cat /etc/man.config | grep -nE ‘^MANPATH[[:space:]]+‘ | tail -1 | awk -F: ‘{print$1}‘)a MANPATH\t/usr/local/mariadb/man" /etc/man.config [root@LookBack165 mariadb]# ln -sv /usr/local/mariadb/include /usr/include/mysql [root@LookBack165 mariadb]# echo ‘/usr/local/mariadb/lib/‘ > /etc/ld.so.conf.d/mysql.conf [root@LookBack165 mariadb]# ldconfig [root@LookBack165 mariadb]# echo "export PATH=/usr/local/mariadb/bin:$PATH" > /etc/profile.d/mariadb5538.sh
2.6修改MariaDB root帐户的空密码和建立两个用于PHP1 PHP2服务器的远程帐号并有权限
###1.这里将MariaDB root的密码修改成了YTJmZjQ5NThiMGNl,
###2.新建了一个05hdtest的帐号和同名的数据库
###3.设置05hdtest这个帐号允许在172.16.41.164和172.16.41.167服务器上连接使用
###4.设置05hdtest帐号的权限是同名数据库的全部权限
###5.设置05hdtest帐号登录的密码是Fa7A29f67eJ3RRHu
[root@LookBack165 ~]# service mysql start Starting MySQL.... [ OK ] [root@LookBack165 ~]# mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 2 Server version: 5.5.38-MariaDB-wsrep-log MariaDB Server, wsrep_25.10.r3997 Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others. Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement. MariaDB [mysql]> use mysql Database changed MariaDB [mysql]> update user set password=password(‘YTJmZjQ5NThiMGNl‘) where user=‘root‘; Query OK, 4 rows affected (0.07 sec) Rows matched: 4 Changed: 4 Warnings: 0 MariaDB [mysql]> flush privileges; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> CREATE USER ‘05hdtest‘@‘172.16.41.164‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> GRANT USAGE ON *.* TO ‘05hdtest‘@‘172.16.41.164‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘ WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> CREATE DATABASE IF NOT EXISTS `05hdtest`; Query OK, 1 row affected (0.00 sec) MariaDB [mysql]> GRANT ALL PRIVILEGES ON `05hdtest`.* TO ‘05hdtest‘@‘172.16.41.164‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> GRANT ALL PRIVILEGES ON `05hdtest\_%`.* TO ‘05hdtest‘@‘172.16.41.164‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> CREATE USER ‘05hdtest‘@‘172.16.41.167‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> GRANT USAGE ON *.* TO ‘05hdtest‘@‘172.16.41.167‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> GRANT ALL PRIVILEGES ON `05hdtest\_%`.* TO ‘05hdtest‘@‘172.16.41.167‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> GRANT ALL PRIVILEGES ON `05hdtest`.* TO ‘05hdtest‘@‘172.16.41.167‘; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) MariaDB [mysql]> \q Bye
下面是新建05hdtest数据 新建05hdtest帐号的mysql命令
CREATE USER ‘05hdtest‘@‘172.16.41.164‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; GRANT USAGE ON *.* TO ‘05hdtest‘@‘172.16.41.164‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘ WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0; CREATE DATABASE IF NOT EXISTS `05hdtest`; GRANT ALL PRIVILEGES ON `05hdtest`.* TO ‘05hdtest‘@‘172.16.41.164‘; GRANT ALL PRIVILEGES ON `05hdtest\_%`.* TO ‘05hdtest‘@‘172.16.41.164‘; CREATE USER ‘05hdtest‘@‘172.16.41.167‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; GRANT USAGE ON *.* TO ‘05hdtest‘@‘172.16.41.167‘ IDENTIFIED BY ‘Fa7A29f67eJ3RRHu‘; GRANT ALL PRIVILEGES ON `05hdtest\_%`.* TO ‘05hdtest‘@‘172.16.41.167‘; GRANT ALL PRIVILEGES ON `05hdtest`.* TO ‘05hdtest‘@‘172.16.41.167‘;
3.1下载和编译安装PHP
[root@LookBack164 ~]# wget http://www.05hd.com/wp-content/uploads/2014/08/php-5.4.31.tar.bz2 [root@LookBack164 ~]# yum groupinstall "Development tools" -y && yum groupinstall "Server Platform Development" -y [root@LookBack164 ~]# yum install libxml2 libxml2-devel libmcrypt bzip2 bzip2-devel libmcrypt-devel mhash-devel mhash pcre-devel vim tree screen htop -y [root@LookBack164 ~]# for i in libxml2 bzip2 libmcrypt pcre mhash; do rpm -qa |grep "$i";done libxml2-2.7.6-14.el6.x86_64 libxml2-python-2.7.6-14.el6.x86_64 libxml2-devel-2.7.6-14.el6.x86_64 bzip2-libs-1.0.5-7.el6_0.x86_64 bzip2-1.0.5-7.el6_0.x86_64 bzip2-devel-1.0.5-7.el6_0.x86_64 libmcrypt-devel-2.5.8-9.el6.x86_64 libmcrypt-2.5.8-9.el6.x86_64 pcre-devel-7.8-6.el6.x86_64 pcre-7.8-6.el6.x86_64 mhash-devel-0.9.9.9-3.el6.x86_64 mhash-0.9.9.9-3.el6.x86_64 [root@LookBack164 ~]# tar xf php-5.4.31.tar.bz2 [root@LookBack164 ~]# cd php-5.4.31 [root@LookBack164 php-5.4.31]# ./configure --prefix=/usr/local/php --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-openssl --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-mcrypt --enable-fpm --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts [root@LookBack164 php-5.4.31]# make -j4 && make install
[root@LookBack167 ~]# wget http://www.05hd.com/wp-content/uploads/2014/08/php-5.4.31.tar.bz2 [root@LookBack167 ~]# yum groupinstall "Development tools" -y && yum groupinstall "Server Platform Development" -y [root@LookBack167 ~]# yum install libxml2 libxml2-devel libmcrypt bzip2 bzip2-devel libmcrypt-devel mhash-devel mhash pcre-devel vim tree screen htop -y [root@LookBack167 ~]# for i in libxml2 bzip2 libmcrypt pcre mhash; do rpm -qa |grep "$i";done libxml2-2.7.6-14.el6.x86_64 libxml2-python-2.7.6-14.el6.x86_64 libxml2-devel-2.7.6-14.el6.x86_64 bzip2-libs-1.0.5-7.el6_0.x86_64 bzip2-1.0.5-7.el6_0.x86_64 bzip2-devel-1.0.5-7.el6_0.x86_64 libmcrypt-devel-2.5.8-9.el6.x86_64 libmcrypt-2.5.8-9.el6.x86_64 pcre-devel-7.8-6.el6.x86_64 pcre-7.8-6.el6.x86_64 mhash-devel-0.9.9.9-3.el6.x86_64 mhash-0.9.9.9-3.el6.x86_64 [root@LookBack167 ~]# tar xf php-5.4.31.tar.bz2 [root@LookBack167 ~]# cd php-5.4.31 [root@LookBack167 php-5.4.31]# ./configure --prefix=/usr/local/php --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-openssl --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-mcrypt --enable-fpm --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts [root@LookBack167 php-5.4.31]# make -j4 && make install
3.2修改和配置php的配置文件
修改172.16.41.164的配置文件
[root@LookBack164 php-5.4.31]# cp php.ini-production /etc/php.ini [root@LookBack164 php-5.4.31]# cp sapi/fpm/init.d.php-fpm.in /etc/rc.d/init.d/php-fpm [root@LookBack164 php-5.4.31]# chmod +x /etc/rc.d/init.d/php-fpm [root@LookBack164 php-5.4.31]# chkconfig --add php-fpm [root@LookBack164 php-5.4.31]# chkconfig --list php-fpm php-fpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LookBack164 php-5.4.31]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf [root@LookBack164 php-5.4.31]# sed -i ‘s@^pm.max_children.*@pm.max_children = 50@;s@^pm.start_servers.*@pm.start_servers = 5@;s@^pm.min_spare_servers.*@pm.min_spare_servers = 2@;s@^pm.max_spare_servers.*@pm.max_spare_servers = 8@;s@;pid = .*@pid = /usr/local/php/var/run/php-fpm.pid@‘ /usr/local/php/etc/php-fpm.conf [root@LookBack164 php-5.4.31]# sed -i "s@^listen.*@listen = $(ifconfig eth0 | awk -F‘[ :]+‘ ‘/inet addr/{print$4}‘):9000@" /usr/local/php/etc/php-fpm.conf [root@LookBack164 php-5.4.31]# cat /usr/local/php/etc/php-fpm.conf | grep -vE ‘^;|^[[:space:]]{0,}$‘ [global] pid = /usr/local/php/var/run/php-fpm.pid [www] user = nobody group = nobody listen = 172.16.41.164:9000 pm = dynamic pm.max_children = 50 pm.start_servers = 5 pm.min_spare_servers = 2 pm.max_spare_servers = 8 [root@LookBack164 php-5.4.31]# mkdir -p /home/wwwroot/www.05hd.com [root@LookBack164 php-5.4.31]# chmod 755 /home/wwwroot/www.05hd.com
下面来启动172.16.41.164服务器上的php-fpm
[root@LookBack164 php-5.4.31]# service php-fpm start Starting php-fpm done [root@LookBack164 php-5.4.31]# ss -tnlp
修改172.16.41.164的配置文件
[root@LookBack167 php-5.4.31]# cp php.ini-production /etc/php.ini [root@LookBack167 php-5.4.31]# cp sapi/fpm/init.d.php-fpm.in /etc/rc.d/init.d/php-fpm [root@LookBack167 php-5.4.31]# chmod +x /etc/rc.d/init.d/php-fpm [root@LookBack167 php-5.4.31]# chkconfig --add php-fpm [root@LookBack167 php-5.4.31]# chkconfig --list php-fpm php-fpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LookBack167 php-5.4.31]# cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf [root@LookBack167 php-5.4.31]# sed -i ‘s@^pm.max_children.*@pm.max_children = 50@;s@^pm.start_servers.*@pm.start_servers = 5@;s@^pm.min_spare_servers.*@pm.min_spare_servers = 2@;s@^pm.max_spare_servers.*@pm.max_spare_servers = 8@;s@;pid = .*@pid = /usr/local/php/var/run/php-fpm.pid@‘ /usr/local/php/etc/php-fpm.conf [root@LookBack167 php-5.4.31]# sed -i "s@^listen.*@listen = $(ifconfig eth0 | awk -F‘[ :]+‘ ‘/inet addr/{print$4}‘):9000@" /usr/local/php/etc/php-fpm.conf [root@LookBack167 php-5.4.31]# cat /usr/local/php/etc/php-fpm.conf | grep -vE ‘^;|^[[:space:]]{0,}$‘ [global] pid = /usr/local/php/var/run/php-fpm.pid [www] user = nobody group = nobody listen = 172.16.41.167:9000 pm = dynamic pm.max_children = 50 pm.start_servers = 5 pm.min_spare_servers = 2 pm.max_spare_servers = 8 [root@LookBack167 php-5.4.31]# mkdir -p /home/wwwroot/www.05hd.com [root@LookBack167 php-5.4.31]# chmod 755 /home/wwwroot/www.05hd.com
下面来启动172.16.41.167服务器上的php-fpm
[root@LookBack167 php-5.4.31]# service php-fpm start Starting php-fpm done [root@LookBack167 php-5.4.31]# ss -tnlp
4.1编译安装BIND 9.9.x
[root@LookBack168 ~]# groupadd -g 153 -r named [root@LookBack168 ~]# useradd -g named -r -u 153 named [root@LookBack168 ~]# yum groupinstall "Development tools" "Server Platform Development" -y [root@LookBack168 ~]# wget -4c http://www.05hd.com/wp-content/uploads/2014/08/bind-9.9.5.tar.gz [root@LookBack168 ~]# tar xf bind-9.9.5.tar.gz [root@LookBack168 ~]# cd bind-9.9.5 [root@LookBack168 bind-9.9.5]# ./configure --prefix=/usr/local/bind995 --sysconfdir=/etc/named --disable-chroot --enable-threads --enable-ipv6 [root@localhost bind-9.9.5]# make -j4 && make install
4.2修改环境变量和添加named的man
(注意:修改了环境变量需要重启服务器或者重新载入环境变量)
[root@LookBack168 ~]# /usr/local/bind995/bin/dig -v [root@localhost ~]# echo "export PATH=/usr/local/bind995/bin:/usr/local/bind995/sbin:\$PATH" > /etc/profile.d/bind995.sh [root@LookBack168 ~]# echo $PATH /usr/lib64/qt-3.3/bin:/usr/local/bind995/bin:/usr/local/bind995/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin [root@LookBack168 ~]# sed -i "$(cat /etc/man.config | grep -nE ‘^MANPATH[[:space:]]+‘ | tail -1 | awk -F: ‘{print$1}‘)a \MANPATH\t/usr/local/bind995/share/man" /etc/man.config
4.3 配置BIND
[root@LookBack168 ~]# cat > /etc/named/named.conf << EOF options { directory "/var/named"; //定义工作目录 recursion yes; //允许递归 }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; //定义为主DNS master file "localhost.zone"; allow-update { none; }; //不允许任何人更新 }; zone "0.0.127.in-addr.arpa" IN { //把127.0.0反向解析 type master; file "127.0.0.zone"; allow-update { none; }; }; zone "05hd.com" IN { type master; file "05hd.com.zone"; }; EOF
[root@LookBack168 ~]# chown root:named /etc/named/named.conf [root@LookBack168 ~]# chmod 640 /etc/named/named.conf [root@LookBack168 ~]# mkdir -p /var/named/slaves [root@LookBack168 ~]# chown root:named /var/named/ [root@LookBack168 ~]# chown named:named /var/named/slaves/ [root@LookBack168 ~]# chmod 750 /var/named/ [root@LookBack168 ~]# chmod 770 /var/named/slaves/ [root@LookBack168 ~]# for i in $(grep ‘file‘ /etc/named/named.conf | awk -F‘"‘ ‘{print$2}‘); do touch /var/named/$i;chgrp named /var/named/$i;chmod 640 /var/named/$i;done
4.4配置05hd.com.zone 127.0.0.zone localhost.zone named.ca这4个文件
[root@LookBack168 bind-9.9.5]# dig -t NS . @a.root-servers.net. > /var/named/named.ca [root@LookBack168 bind-9.9.5]# cat !$ cat /var/named/named.ca ; > DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 > -t NS . @a.root-servers.net. ;; global options: +cmd ;; Got answer: ;; ->>HEADER: QUERY, status: NOERROR, id: 2346 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 500462 IN NS k.root-servers.net. . 500462 IN NS m.root-servers.net. . 500462 IN NS j.root-servers.net. . 500462 IN NS e.root-servers.net. . 500462 IN NS f.root-servers.net. . 500462 IN NS i.root-servers.net. . 500462 IN NS h.root-servers.net. . 500462 IN NS a.root-servers.net. . 500462 IN NS l.root-servers.net. . 500462 IN NS b.root-servers.net. . 500462 IN NS d.root-servers.net. . 500462 IN NS c.root-servers.net. . 500462 IN NS g.root-servers.net. ;; Query time: 38 msec ;; SERVER: 198.41.0.4#53(198.41.0.4) ;; WHEN: Sat Aug 16 13:14:02 2014 ;; MSG SIZE rcvd: 228 [root@LookBack168 named]# pwd /var/named [root@LookBack168 named]# cat localhost.zone $TTL 86400 @ IN SOA localhost. admin.05hd.org. ( 2014080601 3H 15M 7D 1D ) IN NS localhost. IN A 127.0.0.1 [root@LookBack168 named]# cat 127.0.0.zone $TTL 86400 @ IN SOA localhost. admin.05hd.org. ( 2014080601 3H 15M 7D 1D ) IN NS localhost. 1 IN PTR localhost. [root@LookBack168 named]# cat 05hd.com.zone $TTL 600 @ IN SOA ns.05hd.com. admin.05hd.com. ( ;\\ 上面的admin.05hd.com.其实邮箱地址,在这里邮箱地址不能使用@所以要使用. 2014081601 1H 10M 7D 2H ) IN NS ns.05hd.com. IN MX 10 mxdomain.qq.com. ns.05hd.com. IN A 172.16.41.168 www.05hd.com. IN A 106.186.17.185 www1.05hd.com. IN A 172.16.41.163 www1.05hd.com. IN A 172.16.41.166 pam.05hd.com. IN A 172.16.41.163 pam.05hd.com. IN A 172.16.41.166 manage.05hd.com. IN A 106.186.17.185
4.5配置制作BIND的启动脚本并启动DNS服务
[root@LookBack168 ~]# wget -c4 http://www.05hd.com/named.sh -O /etc/rc.d/init.d/named [root@LookBack168 ~]# sed -ri "s@^# chkconfig.*@# chkconfig: 2345 25 80\n# Default-Start: 2 3 4 5\n# Default-Stop: 0 1 6@" /etc/rc.d/init.d/named [root@LookBack168 ~]# chmod +x /etc/rc.d/init.d/named [root@LookBack168 ~]# chkconfig --add named [root@LookBack168 ~]# chkconfig --list named named 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LookBack168 ~]# service named start Starting named: [ OK ] [root@LookBack168 ~]# service named stop Stopping named: [ OK ] [root@LookBack168 ~]# service named start Starting named: [ OK ] [root@LookBack168 ~]# service named restart Stopping named: [ OK ] Starting named: [ OK ] [root@LookBack168 ~]# service named status named is running... [ OK ] [root@LookBack168 ~]# ss -utnl Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:111 *:* udp UNCONN 0 0 *:631 *:* udp UNCONN 0 0 *:47874 *:* udp UNCONN 0 0 *:666 *:* udp UNCONN 0 0 172.16.41.168:53 *:* udp UNCONN 0 0 127.0.0.1:53 *:* udp UNCONN 0 0 *:606 *:* udp UNCONN 0 0 :::111 :::* udp UNCONN 0 0 :::42015 :::* udp UNCONN 0 0 :::606 :::* tcp LISTEN 0 128 :::111 :::* tcp LISTEN 0 128 *:111 *:* tcp LISTEN 0 128 :::60532 :::* tcp LISTEN 0 10 172.16.41.168:53 *:* tcp LISTEN 0 10 127.0.0.1:53 *:* tcp LISTEN 0 128 :::22 :::* tcp LISTEN 0 128 *:22 *:* tcp LISTEN 0 128 127.0.0.1:631 *:* tcp LISTEN 0 128 ::1:631 :::* tcp LISTEN 0 100 ::1:25 :::* tcp LISTEN 0 100 127.0.0.1:25 *:* tcp LISTEN 0 128 *:41864 *:* [root@LookBack168 ~]#
4.6测试DNS轮询 Apache1 Apache2 PHP1 PHP2服务器运行是否正常
5.1启动NFS服务
由于NFS是直接在内核中的一种服务,所以我们需要再安装,免去了编译安装或者RPM包安装了(心里很高兴。。。。。。)
[root@LookBack169 ~]# service nfs start Starting NFS services: [ OK ] Starting NFS quotas: [ OK ] Starting NFS mountd: [ OK ] Starting NFS daemon: [ OK ] Starting RPC idmapd: [ OK ]
5.2配置NFS共享文件
[root@LookBack169 ~]# sed -ri "s@^# chkconfig.*@# chkconfig: 2345 30 60\n# Default-Start: 2 3 4 5\n# Default-Stop: 0 1 6@" /etc/rc.d/init.d/nfs [root@LookBack169 ~]# chkconfig --level 2345 rpcbind on [root@LookBack169 ~]# chkconfig --level 2345 nfs on [root@LookBack169 ~]# chkconfig --list nfs nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@LookBack169 ~]# chkconfig --list rpcbind rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LookBack169 ~]# mkdir -pv /home/wwwroot/www.05hd.com mkdir: created directory `/home/wwwroot` mkdir: created directory `/home/wwwroot/www.05hd.com` [root@LookBack169 ~]# useradd -u 600 www [root@LookBack169 ~]# setfacl -m u:www:rwx /home/wwwroot/www.05hd.com/ ###上面的命令需要目录的所在分区在挂载时有acl选项挂载,否则是写入不了facl权限的 [root@LookBack169 ~]# wwwUID=$(id www | awk -F‘[= (]‘ ‘{print$2}‘) [root@LookBack169 ~]# wwwGID=$(id www | awk -F‘[= (]‘ ‘{print$5}‘) [root@LookBack169 ~]# NFSInfo="anonuid=${wwwUID},anongid=${wwwGID},rw,sync" [root@LookBack169 ~]# echo "/home/wwwroot/www.05hd.com 172.16.41.163(${NFSInfo}) 172.16.41.164(${NFSInfo}) 172.16.41.166(${NFSInfo}) 172.16.41.167(${NFSInfo})" > /etc/exports [root@LookBack169 ~]# exportfs -arv exporting 172.16.41.163:/home/wwwroot/www.05hd.com exporting 172.16.41.164:/home/wwwroot/www.05hd.com exporting 172.16.41.166:/home/wwwroot/www.05hd.com exporting 172.16.41.167:/home/wwwroot/www.05hd.com ###exportfs -arv 用于重新导出nfs文件系统表 ###exportfs -auv 用于关闭导出所有的文件系统表 ###exportfs -Uv FS 用于关闭指定的文件系统表 [root@LookBack169 ~]# showmount -e 172.16.41.169 Export list for 172.16.41.169: /home/wwwroot/www.05hd.com 172.16.41.167,172.16.41.166,172.16.41.164,172.16.41.163
下面是一些NFS共享的常用参数: ro 只读访问 rw 读写访问 sync 所有数据在请求时写入共享 async NFS在写入数据前可以相应请求 secure NFS通过1024以下的安全TCP/IP端口发送 insecure NFS通过1024以上的端口发送 wdelay 如果多个用户要写入NFS目录,则归组写入(默认) no_wdelay 如果多个用户要写入NFS目录,则立即写入,当使用async时,无需此设置。 hide 在NFS共享目录中不共享其子目录 no_hide 共享NFS目录的子目录 subtree_check 如果共享/usr/bin之类的子目录时,强制NFS检查父目录的权限(默认) no_subtree_check 和上面相对,不检查父目录权限 all_squash 共享文件的UID和GID映射匿名用户anonymous,适合公用目录。 no_all_squash 保留共享文件的UID和GID(默认) root_squash root用户的所有请求映射成如anonymous用户一样的权限(默认) no_root_squas root用户具有根目录的完全管理访问权限 anonuid=xxx 指定NFS服务器/etc/passwd文件中匿名用户的UID anongid=xxx 指定NFS服务器/etc/passwd文件中匿名用户的GID
去其他机器上查询下共享的文件
[root@LookBack164 ~]# showmount -e 172.16.41.169 Export list for 172.16.41.169: /home/wwwroot/www.05hd.com 172.16.41.167,172.16.41.166,172.16.41.164,172.16.41.163
[root@LookBack167 ~]# showmount -e 172.16.41.169 Export list for 172.16.41.169: /home/wwwroot/www.05hd.com 172.16.41.167,172.16.41.166,172.16.41.164,172.16.41.163
5.3配置172.16.41.163 164 166 167服务器的NFS共享文件的开机自动挂载
[root@LookBack163 ~]# echo "172.16.41.169:/home/wwwroot/www.05hd.com /home/wwwroot/www.05hd.com nfs rw,vers=4,addr=172.16.41.169,clientaddr=172.16.41.163,_netdev 0 0" >> /etc/fstab [root@LookBack163 ~]# mount -a [root@LookBack163 www.05hd.com]# mount /dev/mapper/vg0-root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg0-usr on /usr type ext4 (rw) /dev/mapper/vg0-var on /var type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) 172.16.41.169:/home/wwwroot/www.05hd.com on /home/wwwroot/www.05hd.com type nfs (rw,vers=4,clientaddr=172.16.41.163,addr=172.16.41.169) ###上面的命令是在172.16.41.163服务器上执行的 [root@LookBack164 ~]# echo "172.16.41.169:/home/wwwroot/www.05hd.com /home/wwwroot/www.05hd.com nfs rw,vers=4,addr=172.16.41.169,clientaddr=172.16.41.164,_netdev 0 0" >> /etc/fstab [root@LookBack164 ~]# mount -a [root@LookBack164 ~]# mount /dev/mapper/vg0-root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg0-usr on /usr type ext4 (rw) /dev/mapper/vg0-var on /var type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) 172.16.41.169:/home/wwwroot/www.05hd.com on /home/wwwroot/www.05hd.com type nfs (rw,vers=4,clientaddr=172.16.41.164,addr=172.16.41.169) ###上面的命令是在172.16.41.164服务器上执行的 [root@LookBack166 ~]# echo "172.16.41.169:/home/wwwroot/www.05hd.com /home/wwwroot/www.05hd.com nfs rw,vers=4,addr=172.16.41.169,clientaddr=172.16.41.166,_netdev 0 0" >> /etc/fstab [root@LookBack166 ~]# mount -a [root@LookBack166 ~]# mount /dev/mapper/vg0-root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg0-usr on /usr type ext4 (rw) /dev/mapper/vg0-var on /var type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) 172.16.41.169:/home/wwwroot/www.05hd.com on /home/wwwroot/www.05hd.com type nfs (rw,vers=4,clientaddr=172.16.41.166,addr=172.16.41.169) ###上面的命令是在172.16.41.166服务器上执行的 [root@LookBack167 ~]# echo "172.16.41.169:/home/wwwroot/www.05hd.com /home/wwwroot/www.05hd.com nfs rw,vers=4,addr=172.16.41.169,clientaddr=172.16.41.167,_netdev 0 0" >> /etc/fstab [root@LookBack167 ~]# mount -a [root@LookBack167 ~]# mount /dev/mapper/vg0-root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg0-usr on /usr type ext4 (rw) /dev/mapper/vg0-var on /var type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) 172.16.41.169:/home/wwwroot/www.05hd.com on /home/wwwroot/www.05hd.com type nfs (rw,vers=4,clientaddr=172.16.41.167,addr=172.16.41.169) ###上面的命令是在172.16.41.167服务器上执行的
6.1下载一个Discuz的BBS程序
[root@LookBack169 wwwroot]# pwd /home/wwwroot [root@LookBack169 wwwroot]# wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip [root@LookBack169 wwwroot]# ls Discuz_X3.2_SC_UTF8.zip [root@LookBack169 wwwroot]# unzip Discuz_X3.2_SC_UTF8.zip [root@LookBack169 wwwroot]# mv upload/* www.05hd.com/ [root@LookBack169 wwwroot]# ls www.05hd.com/ admin.php api.php config cp.php data forum.php home.php install misc.php portal.php search.php static uc_client userapp.php api archiver connect.php crossdomain.xml favicon.ico group.php index.php member.php plugin.php robots.txt source template uc_server
下面我们去测试安装这个BBS程序
由于这里是测试所以下面在改变权限的时候 直接做777的权限 在正式使用的时候不建议这样做
[root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/config/config_global.php [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/config/config_ucenter.php [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/config [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/cache [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/avatar [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/plugindata [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/download [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/addonmd5 [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/template [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/threadcache [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/attachment [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/attachment/album [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/attachment/forum [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/attachment/group [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/data/log [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_client/data/cache [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/ [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/cache [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/avatar [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/backup [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/logs [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/tmp [root@LookBack169 wwwroot]# chmod -R 777 /home/wwwroot/www.05hd.com/uc_server/data/view
上面的权限修改好之后 就能过BBS程序的文件权限检测了
至此我们的分离式LAMP环境就做好了。
双Apache+PHP能正常的被DNS轮询解析到
Apache 1 2 服务器能正常访问NFS上的静态资源
PHP 1 2 服务器能正常访问NFS上的PHP资源
Apache 1 2 和PHP 1 2服务器都能和MariaDB数据库服务器通信
本文出自 “MonDeoLove” 博客,请务必保留此出处http://mondeolove.blog.51cto.com/8823973/1541269
基于Centos 6.5 配置分离式LAMP平台环境的一次扩展实现多PHP Apache和自建DNS来提升LAMP的负载,布布扣,bubuko.com
基于Centos 6.5 配置分离式LAMP平台环境的一次扩展实现多PHP Apache和自建DNS来提升LAMP的负载
标签:lamp centos apache php nfs mariadb dns bind
原文地址:http://mondeolove.blog.51cto.com/8823973/1541269