标签:listen 拷贝 default 80端口 source meta name request etc
lamp分离部署前面我已经写过lamp的本机部署,但是现在生活中几个服务是不可能部署在一台服务器上的,所以,我接下来介绍lamp 的分离部署,下面的计划图
如上图,准备了三台服务器(蓝色字样),分别运行mariadb,php-fpm,httpd,每台机子处在不同的网段,他们有不同的网络桥(红色字样)分开,这样保证他们是互不相通的,每个网桥之间通过堡垒机相连,实现不同的的网段的通信,br0网桥可以上网,最后由PC机访问httpd服务器的80端口,展现在php-fpm里的php程序,php程序读取mariadb服务器的数据.
如上图,准备三台虚拟机,在VMware里运行的主机做堡垒机,在这个堡垒机里使用kvm虚拟出三个虚拟主机,首先做出一个模板机,然后复制出三台虚拟主机来,
[root@centos7 ~]# yum -y install libvirt-daemon-kvm qemu-kvm virt-manager libvirt
[root@centos7 ~]# systemctl restart libvirtd[root@centos7 ~]# mkdir -pv /virtualmachines/centos7_base
#创建qcow2镜像文件,大小为80G,预先配置为元数据(metadata),兼容1.1,指定镜像文件位置
[root@centos7 ~]# qemu-img create -f qcow2 -o size=80G,preallocation=metadata,compat=1.1 /virtualmachines/centos7_base/centos7.img#提前准备好centos7 镜像文件,这一步去VMware上去做,要求堡垒机安装图形化界面
[root@localhost qemu]# virt-manager
#正常安装centos7系统,把系统安装在 /virtualmachines/centos7_base/centos7.img中即可
#做完以后在virt-manger中,点击运行centos7模板机,进去安装一些必要软件包,如nmcli,vim.base等[root@centos7 ~]# mkdir -pv /virtualmachines/{httpd,php,mysql}
[root@centos7 ~]# cp /virtualmachines/centos7_base/centos7.img /virtualmachines/httpd/httpd.img
[root@centos7 ~]# cp /virtualmachines/centos7_base/centos7.img /virtualmachines/php/php.img
[root@centos7 ~]# cp /virtualmachines/centos7_base/centos7.img /virtualmachines/mysql/mysql.img
[root@centos7 ~]# cd /etc/libvirt/qemu/
#开始做虚拟主机,修改centos7.img镜像文件即可
[root@centos7 qemu]# cp centos7.5.xml httpd.xml
[root@centos7 qemu]# vim httpd.xml
#修改如下四列选项
<name>httpd</name>#虚拟主机名称
<uuid>a8dbf8ae-d691-4f00-835b-3c29ce8972a0</uuid> #虚拟主机uuid,可以用uuidgen生成
<source file=‘/virtualmachines/httpd/httpd.img‘/> #镜像文件位置
<mac address=‘52:54:00:cc:f6:d1‘/> #mac地址
[root@centos7(nanyibo) qemu]# virsh define httpd.xml #定义httpd.img镜像配置文件
[root@centos7(nanyibo) qemu]# virsh autostart httpd #使其开机自动开启
[root@centos7(nanyibo) qemu]# virsh start httpd #运行镜像
#剩下的两个虚拟主机如法炮制
[root@localhost networks]# virsh list #查看虚拟主机的状况
Id Name State
----------------------------------------------------
12 mysql running
14 php running
16 httpd running[root@centos7 ~]# cd /etc/libvirt/qemu/networks/
[root@centos7 networks]# cp default.xml httpfpm.xml
[root@centos7 networks]# vim httpfpm.xml
<network>
<name>httpfpm</name> #修改网桥名
<uuid>06a6d52e-6c03-4b29-bdf7-2cfe6d5e937a</uuid> #修改uuid
<bridge name=‘httpfpm‘ stp=‘on‘ delay=‘0‘/>
<mac address=‘52:54:00:c6:21:33‘/>
<ip address=‘10.0.0.1‘ netmask=‘255.255.255.0‘> #这里使用一个网桥,设置网关和子网掩码
<dhcp>
<range start=‘10.0.0.2‘ end=‘10.0.0.254‘/> #分配的IP地址范围
</dhcp>
</ip>
</network>
[root@centos7 ~]# virsh net-define /etc/libvirt/qemu/networks/httpfpm.xml
[root@centos7 ~]# virsh net-start httpfpm #开启网桥
[root@centos7 ~]# virsh net-autostart httpfpm #自启动mysql -php网桥如法配置
[root@centos7 ~]# nmcli connection add type bridge con-name br0 ifname br0 #添加网桥方案br0
[root@centos7 ~]# nmcli connection modify br0 ipv4.method manual ipv4.addresses 172.18.254.39/16 ipv4.gateway 172.18.0.1 ipv4.dns 172.18.0.1#给桥设置IP(这个IP是堡垒机的ens33网卡的IP),网关,dns
[root@centos7 ~]# nmcli connection up br0 #方案生效
[root@centos7 ~]# nmcli connection add type bridge-slave ifname ens33 master br0 #设置主从方案
[root@centos7 ~]# nmcli connection up bridge-slave-ens33
[root@centos7t networks]# nmcli connection show #查看网桥是否生效
NAME UUID TYPE DEVICE
br0 4f24bc16-320a-4fa9-9ead-fa6ff089ff2e bridge br0
bridge-slave-ens33 7a91f27a-f961-4ba4-a598-a87cc0063e6d ethernet ens33
ens38 be9e2b6b-674b-771d-7251-f3b49b3d23e0 ethernet ens38
httpdfpm bd0ca03f-071c-4422-8f1f-2231156defd0 bridge httpdfpm
phpmysql 7666e396-9fc3-4a7a-8713-9566ac74147b bridge phpmysql
virbr0 7fd973b4-bf9a-453a-ad52-1e3477ff8b5b bridge virbr0
vnet0 5f89eb2d-6029-4d35-945d-4ac47b4be79c tun vnet0
[root@localhost networks]# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.252.106 netmask 255.255.0.0 broadcast 172.18.255.255
...
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:9f:42:af txqueuelen 1000 (Ethernet)
...[root@httpd ~]# yum -y install httpd
[root@httpd conf.d]# vim /etc/httpd/conf/httpd.conf #修改优先级
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
[root@httpd conf.d]# vim pma.conf #创建一个虚拟主机
<VirtualHost *:80>
DocumentRoot /vhosts/pam/htdocs
#ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://10.10.0.11:9000/vhosts/pam/htdocs/$1
<Directory /vhosts/pam/htdocs>
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@httpd conf.d]# httpd -t
[root@httpd conf.d]# mkdir -pv /vhosts/pam/htdocs
[root@httpd conf.d]# systemctl restart httpd[root@php ~]# yum -y install php-fpm php-mysql php-mbstring
[root@php ~]# vim /etc/php-fpm.d/www.conf #修改两处即可
listen = 0.0.0.0:9000 #是所有网卡监听9000端口
;listen.allowed_clients = 127.0.0.1 #默认所以可以连接
[root@php ~]# ss -tnl |grep 9000.
LISTEN 0 128 *:9000 *:*
[root@php ~]# systemctl restart php-fpm
[root@php ~]# mkdir -pv /vhosts/pam
[root@php ~]# cd /vhosts/pam
[root@php pam]# tar xvf wordpress-4.9.4-zh_CN.tar.gz
[root@php pam]# ln -sv wordpress htdocs[root@mysql ~]# yum -y install mariadb-server
[root@mysql ~]# vim /etc/my.cnf
skip_name_resolve #增加一条 ,关闭域名解析
[root@mysql ~]# mysql
MariaDB [(none)]> create database wpdb;
MariaDB [(none)]> grant all on wpdb.* to ‘wpuser‘@‘%‘ identified by ‘wppass‘ with grant option;#创建连接用户至此,lamp分离部署实现.
apache + php-fpm + mariadb 分离部署
标签:listen 拷贝 default 80端口 source meta name request etc
原文地址:http://blog.51cto.com/13805636/2312108
