1、项目名称: 某公司IDC机房托管中心项目实施
1.1 项目要求:
1.1.1 租用IDC机房机柜
1.1.2 使用pxe(cobbler)批量安装系统与初始化配置(规划IP地址)
1.1.3 服务器采用2网卡设计,接入公网与内网IP
1.1.4 实现智能DNS,方便公网用户快速访问
1.1.5 采用LNMP架构,实现公司论坛到搭建,论坛采用PHP语言开发
1.1.6 采用nginx+tomcat+jdk+jsp页面,实现对公司企业网站的WEB实现
1.1.7 使用nginx调度器,对2套网页(php,jsp)负载均衡
1.1.8 采用CDN架构(squid/varnish)实现静态数据加速
1.1.9 采用rsync-sersync将所有服务器数据实现一致性
1.1.10 安装mysql集群实现一主多从,通过读写分离实现主读从写
1.1.11 使用redis或者memcache对PHP加速缓存,解决JSP会话一致性
1.1.12 设计内网ssh管理方案
1.1.13 设置公网防火墙,对ssh与http协议开放
1.1.14 IDC托管中心考察广州几家:如唯一网络,长城带宽等(各种费用)

2.2 说明(具体实施措施)
2.2.1 搭建pxe批量安装系统(vm克隆)
2.2.2 安装后端数据库实现mysql读写分离与主从复制(建议5台[1台])
2.2.3 安装servsync实现页面一致性的发布(sersync)
2.2.4 安装nginx+php+memcache/redis(php论坛) bbs.abc.com 2台
2.2.5 安装nginx+tomcat+jdk+jsp+memcache(jsp企业网站) www.abc.com 2台
2.2.6 安装nginx反向代理服务器(调度器)实现负载均衡(轮循) 1台
2.2.7 安装squid或者varnish实现静态缓存加速(CDN)2台
2.2.8 安装nginx反向代理服务器(双机互备) 1台
2.2.9 通过DNS轮循访问2台nginx调度器 建议2台<DNS主从> 1台
2.2.10 搭建openldap实现帐号集中制管理
2.2.11 设计ssh服务(监听内网,使用密钥对登录,设置跳板机)
2.2.12 设计防火墙规则,只允许公网访问http与ssh协议
2.2.13 编写项目文档

2.3 拓扑图
mysql/servsync 1台
nginx+php+memcache 2台
nginx+tomcat+memcache 2台
nginx反向代理 2台
squid反向代理 2台
DNS轮循 1台

3.实施步骤:(在所有节点上都需要关闭防火墙,注:本章RPM包需要自行下载)
3.1 设置节点172.25.1.250作为数据库主机

3.1.1 安装数据库(mariadb)并启动、设置自启动
yum -y install mariadb-server mariadb
systemctl start mariadb
systemctl enable mariad

3.1.2 初始化数据库
mysql -p
Enter password: —–初次启动不需要密码,直接回车即可
3.1.2.1 删除匿名用户及赋予root用户密码
MariaDB [(none)]> delete from mysql.user where user=”;
MariaDB [(none)]> set password for root@”localhost”=password(‘123′);
MariaDB [(none)]> flush privileges;

3.1.2.2 创建bbs和jsp数据库
MariaDB [(none)]> create database bbs default charset utf8;
MariaDB [(none)]> create database jsp default charset utf8;
MariaDB [(none)]> grant all on bbs.* to bbsroot@’%’ identified by ‘123’;
MariaDB [(none)]> grant all on jsp.* to jsproot@’%’ identified by ‘123’;
MariaDB [(none)]> flush privileges;

3.1.3 关闭防火墙
setenforce 0
iptables -F

3.2 在节点172.25.1.10上搭建bbs网站(PHP+nginx)

3.2.1 安装软件
3.2.1.1 安装php
yum -y install php php-mysql

3.2.2.2 安装nginx
rpm -ivh nginx-1.8.1-1.el7.ngx.x86_64.rpm

3.2.2.3 安装spawn-fcgi
rpm -ivh spawn-fcgi-1.6.3-5.el7.x86_64.rpm

3.2.2 配置虚拟主机
3.2.2.1 修改nginx主配置文件
vim /etc/nginx/nginx.conf
worker_processes 1
events {
use epoll;
worker_connections 1024;
}

3.2.2.2 生成子配置文件
vim /etc/nginx/conf.d/www.php.com.conf
server {
listen 80;
server_name www.php.com;
root /usr/share/nginx/php.com;
index index.php index.html index.htm;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/php.com$fastcgi_script_name;
include fastcgi_params;
}
}

3.2.2.3 下载网站源码并解压
cd /usr/share/nginx/
wget http://download.comsenz.com/DiscuzX/3.1/Discuz_X3.1_SC_UTF8.zip
unzip Discuz_X3.1_SC_UTF8.zip
mv upload php.com

3.2.2.4 配置php服务(spwan-fcgi)
vim /etc/sysconfig/spawn-fcgi
OPTIONS=”-u nginx -g nginx -p 9000 -C 32 -F 1 -P /var/run/spawn-fcgi.pid — /usr/bin/php-cgi”
service spawn-fcgi start
chkconfig spawn-fcgi on
netstat -tnlp |grep :9000 –>
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 1397/php-cgi

3.2.2.5 修改网页所属
chown nginx. -R /usr/share/nginx/

3.2.2.6 启动nginx
service nginx start
chkconfig nginx on

3.2.2.7 安装Discuz网页
3.2.2.7.1 在客户机上设置/etc/hosts文件
echo “172.25.1.10 www.php.com“ >> /etc/hosts

3.2.2.7.2 在安装界面输入的参数:
数据库服务器: 172.25.1.250
数据库名: bbs
数据库用户名: bbsroot
数据库密码: 123

3.3 在节点172.25.12.11上搭建bbs网站(PHP+nginx)

3.3.1 安装软件
3.3.1.1 安装php
yum -y install php php-mysql

3.3.2.2 安装nginx
rpm -ivh nginx-1.8.1-1.el7.ngx.x86_64.rpm

3.3.2.3 安装spawn-fcgi
rpm -ivh spawn-fcgi-1.6.3-5.el7.x86_64.rpm

3.3.2 将节点172.25.1.10的配置文件和网站数据同步至节点172.25.1.11
3.3.2.1 在节点172.25.1.10上执行以下操作
rsync -avzR /etc/nginx/ 172.25.1.11:/
rsync -avzR /etc/nginx/conf.d/www.php.com.conf 172.25.1.11:/
rsync /etc/sysconfig/spawn-fcgi 172.25.1.11:/
rsync -avzR /usr/share/nginx/php.com 172.25.1.11:/

3.3.2.2 在节点172.25.1.11上启动服务
systemctl restart spawn-fcgi.service
systemctl restart nginx
systemctl enable spawn-fcgi.service
systemctl ebable nginx

3.4 在节点172.25.1.12上搭建jsp网站(tomcat+jdk)
3.4.1 下载软件并安装
3.4.1.2 下载软件 —-自行到http://www.oracle.com/下载JDK以及下面要用到的TAR包
3.4.1.3 安装软件
cd pkg
3.4.1.3.1 安装jdk
tar xf jdk-7u15-linux-x64.tar.gz -C /opt/
mv /opt/jdk1.7.0_15/ /opt/java

3.4.1.3.2 创建tomcat用户
groupadd -g 888 tomcat
useradd -g 888 -u 888 -s /sbin/nologin tomcat
yum -y install gcc
cd /home/tomcat/apache-tomcat-8.0.24/bin

3.4.1.3.3 解压并配置二进制包
tar -xf commons-daemon-native.tar.gz
cd commons-daemon-1.0.15-native-src/unix/
./configure –with-java=/opt/java
make
cp -a jsvc /home/tomcat/apache-tomcat-8.0.24/bin/

3.4.1.3.4 拷贝启动脚本至/etc/init.d/tomcat文件,优化tomcat启动
cd /home/tomcat/apache-tomcat-8.0.24/bin
cp daemon.sh /etc/init.d/tomcat

3.4.1.3.5 修改/etc/init.d/tomcat文件
vim /etc/init.d/tomcat
# chkconfig: 2345 30 20
CATALINA_HOME=/home/tomcat/apache-tomcat-8.0.24
CATALINA_BASE=/home/tomcat/apache-tomcat-8.0.24
JAVA_HOME=/opt/java/

3.4.1.3.6 启动tomcat
chmod +x /etc/init.d/tomcat
chown tomcat.tomcat -R /home/tomcat/apache-tomcat-8.0.24/
chkconfig –add tomcat
service tomcat start

3.4.1.3.7 配置虚拟主机
vim /home/tomcat/apache-tomcat-8.0.24/conf/server.xml
<Host name=”www.jsp.com” appBase=”jsp.com”
unpackWARs=”true” autoDeploy=”true”>
<Valve className=”org.apache.catalina.valves.AccessLogValve” directory=”logs”
prefix=”jsp_f12.com_access_log” suffix=”.txt”
pattern=”%h %l %u %t &quot;%r&quot; %s %b” />
</Host>

3.3.1.3.8
cd ejforum-2.3/
unzip ejforum-2.3.zip
mkdir jsp.com
mv ejforum-2.3/ejforum/* jsp.com/ROOT/

3.3.1.3.9 配置和数据库的连接
cd ~/pkg/
tar xf mysql-connector-java-5.1.36.tar.gz -C /tmp/
cp /tmp/mysql-connector-java-5.1.36/mysql-connector-java-5.1.36-bin.jar /home/tomcat/apache-tomcat-8.0.24/lib/
vim /home/tomcat/apache-tomcat-8.0.24/jsp.com/ROOT/WEB-INF/conf/config.xml –xg>
<database maxActive=”10″ maxIdle=”10″ minIdle=”2″ maxWait=”10000″
username=”jsproot” password=”123″
driverClassName=”com.mysql.jdbc.Driver”
url=”jdbc:mysql://172.25.12.250:3306/jsp?characterEncoding=gbk&amp;autoReconnect=true&amp;autoReconnectForPools=true&amp;zeroDateTimeBehavior=convertToNull”
sqlAdapter=”sql.MysqlAdapter”

3.3.1.3.10 在数据库节点172.25.1.250上执行以下操作,导入数据
ls ejforum-2.3.zip
unzip ejforum-2.3.zip -d /tmp/
cd /tmp/ejforum-2.3/install/script/

3.3.1.3.11 在节点172.25.12.12上执行以下操作,修改权限相关:
chown tomcat. -R /home/tomcat/apache-tomcat-8.0.24/
service tomcat stop
service tomcat start

3.4.2 搭建过程中遇到的问题
3.4.2.1 在刚搭建好的时候可以正常访问网页,但重启电脑后就无法访问了,显示空白网页,无论重启tomcat或修改配置文件都无法正常访问了,后来将jsp.com网站目录下的ROOT目录改名为ROOT1,重新创建ROOT目录,在ROOT目录下创建index.jsp并输入内容,浏览器可正常访问,说明tomcat是正常工作的,将ROOT目录删除,再将ROOT1重新改名为ROOT,这时又可以正常访问了。

3.5 在节点172.25.1.13上搭建jsp网站(tomcat+jdk)

3.5.1 做法同172.25.1.12节点

3.6 在节点172.25.1.12和172.25.1.13上实现用户通过80端口访问网页

3.6.1 修改nginx主配置文件
vim /etc/nginx/nginx.conf
upstream java_dongjing {    —此段代码要写在http标签段里
server 127.0.0.1:8080 max_fails=2 fail_timeout=30s;
}

3.6.2 修改nginx子配置文件
vim /etc/nginx/conf.d/www.jsp.com.conf =>
server {
listen 80;
server_name www.jsp.com;

location / {
root /home/tomcat/apache-tomcat-8.0.24/jsp.com/ROOT/;
index index.jsp index.html index.htm;
}

location ~ \.jsp.* {
proxy_set_header Host $host;
proxy_set_header X-Forward-For $remote_addr;
proxy_pass http://java_upstream;
}
}

3.6.3 问题:测试时输入网址不加端口访问网页出现403页面,查询错误日志是权限拒绝,联想到tomcat是放在home目录下的,而home目录下的用户文件是700权限,所以nginx无法访问,将home目录下的tomcat、tomcat/apache-tomcat-8.0.24目录改为755权限,问题解决。

3.7 在节点172.25.1.15上实现php服务器调度轮询

3.7.1 安装nginx
rpm -ivh nginx-1.8.1-1.el7.ngx.x86_64.rpm

3.7.2 修改主配置文件
vim /etc/nginx/nginx.conf    —以下内容写在http标签里
upstream php {
server 172.25.1.11:80 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.10:80 weight=1 max_fails=2 fail_timeout=1s;
}

3.7.3 修改子配置文件
vim /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name 127.0.0.1;
location ~ .*\.php$ {
proxy_pass http://php;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location / {
index index.php index.html index.htm;
proxy_pass http://php;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

3.8 在节点172.25.1.14上实现jsp服务器调度轮询
3.8.1 安装nginx
rpm -ivh nginx-1.8.1-1.el7.ngx.x86_64.rpm
3.8.2 修改配置文件
3.8.2.1 修改主配置文件
vim /etc/nginx/nginx.conf  —以下内容写在http标签里
upstream static-jsp {
server 172.25.1.12:80 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.12:80 weight=1 max_fails=2 fail_timeout=1s;
}
upstream tomcat {
server 172.25.1.12:8080 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.13:8080 weight=1 max_fails=2 fail_timeout=1s;
}

3.8.2.2 修改子配置文件
vim /etc/nginx/conf.d/default.conf
location / {
index index.jsp index.html index.htm;
proxy_pass http://static-jsp;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location ~ .*\.jsp$ {
proxy_pass http://tomcat;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location ~ ^/forum-[0-9]-[0-9]-[0-9]\.html$ {
proxy_pass http://tomcat;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}

3.8.3 重启服务
systemctl restart nginx

3.9 在节点172.25.1.16上安装内存缓存服务器memcached

3.9.1 安装memcached并启动
yum -y install memcached
systemctl start memcached
systemctl enable memcached

3.9.2 在tomcat节点上下载memcached的jar文件到tomcat
cp msm/* /usr/local/tomcat/apache-tomcat-8.0.24/lib/

3.9.2.1 修改配置文件
vim /home/tomcat/apache-tomcat-8.0.24/conf/context.xml
<?xml version=’1.0′ encoding=’utf-8′?>
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<Manager className=”de.javakaffee.web.msm.MemcachedBackupSessionManager”
memcachedNodes=”n1:172.25.1.18:11211″
lockingMode=”auto”
sticky=”false”
requestUriIgnorePattern= “.*\.(png|gif|jpg|css|js)$”
sessionBackupAsync= “false”
sessionBackupTimeout= “100”
copyCollectionsForSerialization=”true”
transcoderFactoryClass=”de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory” />
</Context>

3.9.2.2
service tomcat stop
service tomcat start

3.9.2.3
vim /home/tomcat/apache-tomcat-8.0.24/jsp.com/ROOT/test.jsp
<html>
<body bgcolor=”red”>
<center>
<%out.print(request.getSession().getId()) ;%>
<h1>Tomcat</h1>
</body>
</html>

3.9.3 在tomcat节点172.25.1.13上执行同上操作
3.9.4 测试:在客户机上
elinks http://www.jsp.com/test.jsp -dump
28C9545F6060C59F4C210E114D6D72AB-n1

Tomcat

3.10 在节点172.25.1.17上部署squid作为静态缓存服务器
3.10.1 安装squid
yum -y install squid

3.10.2 修改配置文件:
vim /etc/squid/squid.conf
http_access allow all
http_port 3128 accel vhost vport
cache_peer 172.25.1.10 parent 80 0 no-query originserver name=web1
cache_peer 172.25.1.11 parent 80 0 no-query originserver name=web2
cache_peer 172.25.1.12 parent 80 0 no-query originserver name=web3
cache_peer 172.25.1.13 parent 80 0 no-query originserver name=web4
cache_peer_domain web1 www.php.com
cache_peer_domain web2 www.php.com
cache_peer_domain web1 172.25.1.10
cache_peer_domain web2 172.25.1.11
cache_peer_domain web3 www.jsp.com
cache_peer_domain web4 www.jsp.com
cache_peer_domain web3 172.25.1.12
cache_peer_domain web4 172.25.1.13

3.10.3 测试:
3.10.3.1 在客户机上
vim /etc/hosts
172.25.1.17 www.php.com
172.25.1.17 www.jsp.com

3.10.3.2 第一次访问
curl -I http://www.jsp.com:3128/images/answer.gif
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Fri, 29 Sep 2017 11:31:11 GMT
Content-Type: image/gif
Content-Length: 864
Last-Modified: Wed, 16 Apr 2008 22:29:56 GMT
ETag: “48067de4-360”
Accept-Ranges: bytes
X-Cache: MISS from serveri.example.com
X-Cache-Lookup: MISS from serveri.example.com:3128
Via: 1.1 serveri.example.com (squid/3.3.8)
Connection: keep-alive

3.10.3.2 第二次访问
curl -I http://www.jsp.com:3128/images/answer.gif
HTTP/1.1 200 OK
Server: nginx/1.8.1
Date: Fri, 29 Sep 2017 08:58:56 GMT
Content-Type: image/gif
Content-Length: 864
Last-Modified: Wed, 16 Apr 2008 22:29:56 GMT
ETag: “48067de4-360″
Accept-Ranges: bytes
Age: 8074
X-Cache: HIT from serverh.example.com
X-Cache-Lookup: HIT from serverh.example.com:3128
Via: 1.1 serverh.example.com (squid/3.3.8)
Connection: keep-alive

3.11 在节点172.25.1.14和172.25.1.15上实现动静分离
3.11.1
vim /etc/nginx/nginx.conf
upstream squid_upstream {
server 172.25.1.17:3128 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.18:3128 weight=1 max_fails=2 fail_timeout=1s;
}

upstream php_upstream {
server 172.25.1.10:80 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.11:80 weight=1 max_fails=2 fail_timeout=1s;
}

upstream jsp_upstream {
server 172.25.1.12:8080 weight=1 max_fails=2 fail_timeout=1s;
server 172.25.1.13:8080 weight=1 max_fails=2 fail_timeout=1s;
}

3.11.2
vim /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name 127.0.0.1;
location / {
index index.php index.jsp index.html index.htm;
proxy_pass http://squid_upstream;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location ~ .*\.php$ {
proxy_pass http://php_upstream;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}

location ~ .*\.jsp$ {
proxy_pass http://jsp_upstream;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}

3.11.3 将/etc/nginx/同步到172.25.1.15
3.11.3.1 在节点172.25.1.14上
rsync -avzR /etc/nginx/ 172.25.1.15:/

3.11.3.2 在节点172.25.1.14上
systemctl restart nginx.service
3.12 在节点172.25.12.16上部署sersync+rsync,并使php节点172.25.1.10、172.25.1.11和jsp节点172.25.1.12、172.25.1.13能与节点172.25.1.16自动同步
3.12.1 在节点172.25.1.16上部署sersync+rsync
3.12.1.1 创建用于同步的目录
mkdir -p /webroot/{ROOT,php} >> chown nobody. /webroot/ >> chmod 770 /webroot/

3.12.1.2 配置文件
vim /etc/rsyncd.conf
uid=nobody
gid=nobody
use chroot=yes
address=172.25.1.16
port 873
log file=/var/log/rsyncd.log
pid file=/var/run/rsyncd.pid
hosts allow=172.25.12.0/24
motd file=/etc/rsyncd.welcome

[webdata]
path=/webroot
comment= web root share with rsync
read only=no
dont compress=*.gz *.bz2 *.tgz *.rar *.zip *.rpm
auth users=user01 user02
secrets file=/etc/rsyncd_user.db

3.12.1.3 设置密码
vim /etc/rsyncd_user.db
user01:123
user02:456

3.12.1.3.1 权限
chmod 600 /etc/rsyncd_user.db

3.12.1.4 安装sersync
mv sersync /opt/

3.12.1.5 修改sersync配置文件
vim /opt/sersync/confxml.xml
<?xml version=”1.0″ encoding=”ISO-8859-1″?>
<head version=”2.5″>
<host hostip=”localhost” port=”8008″></host>
<debug start=”false”/>
<fileSystem xfs=”false”/>
<filter start=”true”>
<exclude expression=”(.*)\.svn”></exclude>
<exclude expression=”(.*)\.gz”></exclude>
<exclude expression=”^info/*”></exclude>
<exclude expression=”^static/*”></exclude>
<exclude expression=”(.*)\.mp3″></exclude>
</filter>
<inotify>
<delete start=”true”/>
<createFolder start=”true”/>
<createFile start=”true”/>
<closeWrite start=”true”/>
<moveFrom start=”true”/>
<moveTo start=”true”/>
<attrib start=”false”/>
<modify start=”true”/>
</inotify>

<sersync>
<localpath watch=”/webroot”>
<remote ip=”172.25.1.10″ name=”webdata”/>
<remote ip=”172.25.1.11″ name=”webdata”/>
<remote ip=”172.25.1.12″ name=”webdata”/>
<remote ip=”172.25.1.13″ name=”webdata”/>
<!–<remote ip=”192.168.8.39″ name=”tongbu”/>–>
<!–<remote ip=”192.168.8.40″ name=”tongbu”/>–>
</localpath>
<rsync>
<commonParams params=”-az”/>
<auth start=”true” users=”user01″ passwordfile=”/etc/rsync.pas”/>
<userDefinedPort start=”false” port=”874″/><!– port=874 –>
<timeout start=”false” time=”100″/><!– timeout=100 –>
<ssh start=”false”/>
</rsync>
…….
</head>

3.12.1.6 设置密码文件
echo 123 > /etc/rsync.pas
chmod 600 /etc/rsync.pas

3.12.1.7 启动
/opt/sersync/sersync2 -d -r -n 12 -o /opt/sersync/confxml.xml

3.12.2 在php节点172.25.1.10、172.25.1.11上执行以下操作

3.12.2.1
chown nobody. -R /usr/share/nginx/php.com
chmod 775 /usr/share/nginx/php.com -R

3.12.2.2
vim /etc/rsyncd.conf
uid=nobody
gid=nobody
use chroot=yes
port 873
log file=/var/log/rsyncd.log
pid file=/var/run/rsyncd.pid
hosts allow=172.25.1.0/24
motd file=/etc/rsyncd.welcome

[webdata]
path=/usr/share/nginx/php.com
comment= php webroot with rsync
read only=no
dont compress=*.gz *.bz2 *.tgz *.rar *.zip *.rpm
auth users=user01 user02
secrets file=/etc/rsyncd_user.db

3.12.2.3
vim /etc/rsyncd_user.db
user01:123
chmod 600 /etc/rsyncd_user.db

3.12.2.4
vim /etc/rc.local
/usr/bin/rsync –daemon
source /etc/rc.local

3.12.3 在jsp节点172.25.1.12、172.25.1.13上执行以下操作
3.12.3.1
chmod 775 /home/tomcat -R

3.12.3.2
vim /etc/rsyncd.conf
uid=tomcat
gid=tomcat
use chroot=yes
port 873
log file=/var/log/rsyncd.log
pid file=/var/run/rsyncd.pid
hosts allow=172.25.1.0/24
motd file=/etc/rsyncd.welcome

[webdata]
path=/home/tomcat/apache-tomcat-8.0.24/jsp.com
comment= webroot jsp rsync
read only=no
dont compress=*.gz *.bz2 *.tgz *.rar *.zip *.rpm
auth users=user01 user02
secrets file=/etc/rsyncd_user.db

3.12.3.3
vim /etc/rsyncd_user.db
user01:123
chmod 600 /etc/rsyncd_user.db

3.12.3.4
vim /etc/rc.local
/usr/bin/rsync –daemon
source /etc/rc.local

3.13 在节点172.25.1.17和172.25.1.18上部署数据库从服务器(主从级联)
3.13.1 安装mariadb
yum -y install mariadb mariadb-server.x86_64

3.13.2 将主服务器上的数据库数据同步至从服务器
3.13.2.1 在主服务器上
rsync -avzR /var/lib/mysql 172.25.1.17:/
rsync -avzR /var/lib/mysql 172.25.1.18:/

3.13.3 master端修改配置文件
vim /etc/my.cnf
log-bin=/var/lib/mysql/mysqld-bin
server-id=100

3.13.4 master端创建授权用户
>> mysql -p123 =>
MariaDB [(none)]> grant replication slave on *.* to ‘slave’@’172.25.1.%’ identified by ‘123’;
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> show master status\G;
–>
*************************** 1. row ***************************
File: mysqld-bin.000001
Position: 245
Binlog_Do_DB:
Binlog_Ignore_DB:

3.13.5 slave1 (172.25.1.17)端执行如下操作
3.13.5.1 修改配置文件
>> vim /etc/my.cnf =>
server-id=200
relay-log=/var/lib/mysql/relay-log
log-bin=/var/lib/mysql/mysqld-bin
log-slave-updates=1 —–打开此选项使relay日志能记录进自身的二进制日志

3.13.5.2 重启
service mariadb restart

3.13.5.3 创建授权用户
>> mysql -p123 =>
MariaDB [(none)]> grant replication slave on *.* to ‘slave’@’172.25.1.%’ identified by ‘123’;
MariaDB [(none)]> flush privileges;
3.13.5.4 设置slave
MariaDB [(none)]> change master to master_host=’172.25.1.250′, master_user=’slave’, master_password=’123′, master_port=3306,master_log_file=’mysqld-bin.000001′, master_log_pos=245;
MariaDB [(none)]> start slave;
MariaDB [(none)]> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 172.25.1.250
Master_User: slave
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysqld-bin.000001
Read_Master_Log_Pos: 405
Relay_Log_File: relay-log.000004
Relay_Log_Pos: 530
Relay_Master_Log_File: mysqld-bin.000001
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 405
Relay_Log_Space: 818
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 0
Last_IO_Error:
Last_SQL_Errno: 0
Last_SQL_Error:
Replicate_Ignore_Server_Ids:
Master_Server_Id: 100
1 row in set (0.00 sec)

MariaDB [(none)]> show master status\G;
*************************** 1. row ***************************
File: mysqld-bin.000001
Position: 245
Binlog_Do_DB:
Binlog_Ignore_DB:

3.13.6 slave2 (172.25.1.18)端执行如下操作
3.13.6.1 修改配置文件
>> vim /etc/my.cnf =>
server-id=300
relay-log=/var/lib/mysql/relay-log

3.13.6.2 重启
service mariadb restart

3.13.6.3 设置slave
MariaDB [(none)]>change master to master_host=’172.25.1.17′, master_user=’slave’, master_password=’123′, master_port=3306, master_log_file=’mysqld-bin.000001′, master_log_pos=245;
MariaDB [(none)]> start slave;
MariaDB [(none)]> show slave status\G;

Slave_IO_Running: Yes
Slave_SQL_Running: Yes —–两个yes说明成功

3.14 在节点172.25.1.251(rhel6)上部署mysql-proxy
3.14.1 安装mysql-proxy
rpm -ivh mysql-proxy-0.8.1-1.el6.x86_64.rpm

3.14.2
cp rw-splitting.lua /lib

3.14.3 修改配置文件
vim /etc/sysconfig/mysql-proxy
PROXY_OPTIONS=”–proxy-address=0.0.0.0:3306 –proxy-read-only-backend-addresses=127.25.12.17:3306 –proxy-backend-addresses=172.25.1.250:3306 –proxy-lua-script=/lib/rw-splitting.lua –daemon”
3.14.4 启动mysql-proxy并设置开机启动 >> service mysql-proxy start >> chkconfig mysql-proxy on
3.14.5 在mysql主服务器和从服务器上授权访问:mysql -p123
MariaDB [(none)]> grant all on *.* to ‘proxy’@’10.1.1.10’ identified by ‘123’;
MariaDB [(none)]> flush privileges;

项目完成!

发表评论

电子邮件地址不会被公开。 必填项已用*标注