主/備模式高可用keepalived+{nginx(proxy)|lvs}
兩台主機:httpd+php+Discuz!+phpMyAdmin
一台主機:memcached用來緩存php的session;
一台主機:mysql-server或mariadb-server;
實驗規劃:
這裡我規劃用備用模式高可用兩台keepalived+nginx(proxy)伺服器作為前端代理,兩台主機httpd+php+MariaDB+Discuz作為後端真實機,memcached放在第一台director上用來緩存php的session,最後用一台ansible主機實作對所有主機的部署調用。
ansible主機:172.16.1.7
director1(nginx+keepalived+memcached):172.16.1.10,虛拟ip:172.16.1.100
director2(nginx+keepalived):172.16.1.5
RS1(Apache+php+MariaDB):172.16.1.3
RS2(Apache+php+MariaDB):172.16.1.6
拓撲圖如下:
f678443a34ae6ce1cb5a54e507f93c03.png
注意:
1.把所有節點的防火牆和SElinux關閉,避免對實驗幹擾。
2.同步所有節點的時間。
當部署完所有的應用後,生成如下是以的檔案和子檔案。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
[root@zj07 ansible]# tree
.
├── ansible.cfg
├── files
│ └── nginx.conf
├── hosts
├── playbooks
│ ├── amp.yml
│ ├── first.retry
│ ├── first.yml
│ ├── ngx.retry
│ └── ngx.yml
├── roles
│ ├── amp
│ │ ├── default
│ │ ├── files
│ │ │ └── db.sh
│ │ ├── handlers
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ └── vars
│ ├── keepalived
│ │ │ └── keepalived.conf.j2
│ ├── memcached
│ │ │ └── Discuz_X3.2_SC_UTF8.zip
│ │ │ ├── php.ini.j2
│ │ │ └── sessstore.php.j2
│ ├── memcached1
│ └── nginx
│ ├── default
│ ├── files
│ │ ├── default.conf.j2
│ │ └── ip_forward.sh
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ ├── templates
│ │ ├── nginx.conf.j2
│ │ └── nginx.repo.j2
│ └── vars
├── zrs.retry
└── zrs.yml
36 directories, 29 files
下面開始部署
配置ansible主機
1.yum -y install ansible
vim /etc/ansible/hosts
[knsrvs]
172.16.1.10 STATE=MASTER PRI=100
172.16.1.5 STATE=BACKUP PRI=98
[websrvs]
172.16.1.3
172.16.1.6
[memcached1]
172.16.1.10
[memcached]
3.建立免秘鑰登陸,發給是以主機
ssh-keygen -t rsa -f .ssh/id_rsa -P ''
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ansible all -m ping測試連通性
6bb4ac4811ae5fe63ca0bd7492c87970.png
4.在ansible主機上安裝nginx和keepalived和php-fpm,以便ansible過程中需要使用其配置檔案
keepalived配置
1.mkdir /etc/ansible/roles/keepalived/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/keepalived/tasks/main.yml
0fa610dbe484dbe2dc0a40427869ac05.png
3.vim /etc/ansible/roles/keepalived/handlers/main.yml
name: restart keepalived server
service: name=keepalived state=restarted
4.複制剛才安裝的keepalived主配置檔案到指定目錄,并修改如下
vim /etc/ansible/roles/keepalived/template/keepalived.conf.j2
! Configuration File for keepalived
global_defs {
<a href="mailto:br/"></a>
<a href="mailto:br/">vrrp_script ngx_server { script "killal -0 nginx" interval 1 weight -5 }</a>
<a href="mailto:br/">vrrp_instance VI_1 { state {{ STATE }} interface eno16777736 virtual_router_id 43 priority {{ PRI }} advert_int 1 track_script ngx_server authentication { auth_type PASS auth_pass zrs66zrs } virtual_ipaddress { 172.16.1.100/32 brd 172.16.1.100 dev eno16777736 label eno16777736:0 } }</a>
<a href="mailto:br/">nginx的配置:</a>
<a href="mailto:br/">1.mkdir /etc/ansible/roles/nginx/{files,tasks,templates,handlers,vars,default} -pv</a>
<a href="mailto:br/">2.vim /etc/ansible/roles/nginx/tasks/main.yml</a>
<a href="mailto:br/">4eec1a9be1a65933ee63635d2a45e53b.png</a>
<a href="mailto:br/">3.vim /etc/ansible/roles/nginx/templates/nginx.repo.j2 1 2 3 4 5</a>
gpgcheck=0
enabled=1
複制剛才安裝的nginx主配置檔案到指定目錄,并修改如下
vim /etc/ansible/roles/nginx/templates/nginx.conf.j2
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
listen 80;
location / {
proxy_set_header X-Real-IP $remote_addr;
4.複制剛才安裝的nginx主配置檔案到指定目錄,并修改如下
vim /etc/ansible/roles/nginx/files/default.conf.j2
listen 80 default_server;
server_name localhost;
5.建立ip_forward腳本,開啟前端代理伺服器的核心轉發功能
vim /etc/ansible/roles/nginx/files/ip_forward.sh
#!/bin/bash
#
echo > 1 /proc/sys/net/ipv4/ip_forward
amp的配置:
1.mkdir /etc/ansible/roles/amp/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/amp/tasks/main.yml
884f0059f4a33875850140a91ce21ae0.png
3.建立testdb資料庫,和授權使用者通路
vim /etc/ansible/roles/amp/files/db.sh
#!/bin/bash
mysql -u root -e "
create database testdb;
grant all on testdb.* TO 'testuser'@'localhost' IDENTIFIED BY '123456';
FLUSH PRIVILEGES;"
memcached配置
memcached緩存伺服器為第一台排程器即172.16.1.10伺服器,是以單獨配置為memcached1
1.mkdir /etc/ansible/roles/memcached1/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/memcached1/tasks/main.yml
e529bc1acbdb06003731bdf352777a55.png
後端伺服器上的配置
3.mkdir /etc/ansible/roles/memcached/{files,tasks,templates,handlers,vars,default} -pv
4.vim /etc/ansible/roles/memcached/tasks/main.yml
8f49696cd9782bab1a422bdf5e5648ad.png
說明:
第二個任務:在本機安裝php-fpm即可出現并修改/etc/php.ini該配置檔案中的[Session]段中的緩存路徑為如下,
session.save_handler = memcache
session.save_handler = "tcp://172.16.1.10:11211"
第四個任務:是建立一個緩存測試頁面
vim /etc/ansible/roles/memcached/templates/sessstore.php
<?php
$mem = new Memcache;
$mem->connect("172.16.1.10", 11211) or die("Could not connect");
$version = $mem->getVersion();
echo "Server's version: ".$version."<br/>\n";
$mem->set('hellokey', 'Hello World', 0, 600) or die("Failed to save data at the memcached server");
echo "Store data in the cache (data will expire in 600 seconds)<br/>\n";
$get_result = $mem->get('hellokey');
echo "$get_result is from memcached server.";
?>
第五個任務:将Discuz安裝包放置在該目錄下,傳送到後端主機的指定目錄。
第六個任務:解壓該壓縮包并賦予制定使用者的權限
建立主配置檔案,并且調用roles:
vim /etc/ansible/zrs.yml
9444d57861d8c98730c8a3961f39bd62.png
配置完成
先測試運作一下ansible-playbook --check zrs.yml,因為有的主機已經安裝了某些軟體,是以測試顯示的是changed或者ok或者skipping
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
[root@zj07 ansible]# ansible-playbook --check zrs.yml
PLAY [knsrvs] **
TASK [Gathering Facts] *****
ok: [172.16.1.10]
ok: [172.16.1.5]
TASK [keepalived : install keepalived] *****
changed: [172.16.1.5]
changed: [172.16.1.10]
TASK [keepalived : install conf file] **
TASK [keepalived : start keepalived] ***
TASK [nginx : copy nginx repo] *****
TASK [nginx : install nginx] ***
TASK [nginx : copy conf file] **
TASK [nginx : reload nginx] ****
TASK [nginx : start nginx] *****
TASK [nginx : ip_forward] **
RUNNING HANDLER [keepalived : restart keepalived server] ***
PLAY [websrvs] *****
ok: [172.16.1.6]
ok: [172.16.1.3]
TASK [amp : install apache-php-mysql some package on CentOS 6] *****
skipping: [172.16.1.3] => (item=[])
skipping: [172.16.1.6] => (item=[])
TASK [amp : install apache-php-mysql some package on CentOS 7] *****
ok: [172.16.1.6] => (item=[u'httpd', u'mariadb-server', u'php-fpm', u'php-mysql'])
changed: [172.16.1.3] => (item=[u'httpd', u'mariadb-server', u'php-fpm', u'php-mysql'])
TASK [amp : start apm server] **
skipping: [172.16.1.3] => (item=httpd)
skipping: [172.16.1.3] => (item=mysqld)
skipping: [172.16.1.6] => (item=httpd)
skipping: [172.16.1.6] => (item=mysqld)
changed: [172.16.1.6] => (item=httpd)
changed: [172.16.1.3] => (item=httpd)
changed: [172.16.1.6] => (item=mariadb)
changed: [172.16.1.3] => (item=mariadb)
PLAY [memcached1] **
TASK [memcached1 : install memcached] **
TASK [memcached1 : start memcached] ****
PLAY [memcached] ***
TASK [memcached : install memcached php session] ***
TASK [memcached : transfer php session conf] ***
changed: [172.16.1.3]
changed: [172.16.1.6]
TASK [memcached : reload httpd] ****
TASK [memcached : copy sessstore file] *****
TASK [memcached : copy discuz file] ****
TASK [memcached : tar discuz] **
PLAY RECAP *****
172.16.1.10 : ok=14 changed=8 unreachable=0 failed=0
172.16.1.3 : ok=10 changed=7 unreachable=0 failed=0
172.16.1.5 : ok=11 changed=10 unreachable=0 failed=0
172.16.1.6 : ok=10 changed=6 unreachable=0 failed=0
測試沒問題,檢視緩存頁面是否成功,顯示沒問題。
0332779093768825b0180fc91000b779.png
開始運作
ansible-playbook zrs.yml
用戶端檢視,成功。
eb6a49fe3c0a4967f945773e28aaa494.png679116343fb5e1f8246423294d7d714c.png
本文轉自Vincent一馬 51CTO部落格,原文連結:http://blog.51cto.com/mazhenbo/2084371,如需轉載請自行聯系原作者
![Apache靜态檔案通路配置(書封伺服器)[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)