HAproxy+varnish动静分离部署wordpress
来源:互联网 发布:吉林大学网络教育统考 编辑:程序博客网 时间:2024/06/06 11:39
实验背景:将wordpress应用部署在后端服务器上,使用HAProxy做代理服务器,Varnish做缓存服务器,后端有四台web服务器,web1和web2服务器组成一个动态资源组dynsrvs,web3和web4服务器组成静态资源组stasrvs,Varnish用来缓存静态资源组stasrvs的数据; 受条件限制,在此使用web虚拟主机做为物理主机使用,使用NFS共享wordpress文件,wordpress与mysql为同一主机
实验目的:为了提高应用的访问速度和访问承载量,使用HAProxy技术做负载均衡,使用HAProxy的ACL访问控制实现动静分离的效果,将动态资源存放在动态web组中,将静态资源存放在静态资源组中,为了提高访问速度,在静态服务器组和代理服务器之间使用了缓存服务器做数据缓存
网络拓扑图
环境:
HAProxy 172.16.252.82dynsrvs为后端动态网页web组 web1:172.16.252.92:80 web2:172.16.252.92:8080stasrvs为后端静态网页web组 web3:172.16.253.67:80 web4:172.16.253.67:8080Varnish 172.16.252.100NFS+Mysql 172.16.252.103
配置后端动态web组
[root@dynsrvs ~]# yum -y install httpd php php-mysql[root@dynsrvs ~]# mkdir /data/web/vhost{1,2} -pv
编辑动态php的测试页面
[root@dynsrvs ~]# vim /data/web/vhost1/index.php<h1> Application Server 1</h1><?php phpinfo();?>[root@dynsrvs ~]# vim /data/web/vhost2/index.php <h1> Application Server 2</h1><?php phpinfo();?>
配置后端web主机
[root@dynsrvs ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost *:80> ServerName web1.danran.com DocumentRoot "/data/web/vhost1" <Directory "/data/web/vhost1"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>Listen 8080<VirtualHost *:8080> ServerName web2.danran.com DocumentRoot "/data/web/vhost2" <Directory "/data/web/vhost2"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>
访问测试php动态页面
http://172.16.252.92/
http://172.16.252.92/:8080
配置后端动态web组
[root@stasrvs ~]# yum -y install httpd[root@stasrvs ~]# iptables -F[root@stasrvs ~]# setenforce 0[root@stasrvs ~]# mkdir -pv /data/web/vhost{1,2}[root@stasrvs ~]# mkdir /data/web/vhost1/png[root@stasrvs ~]# mkdir /data/web/vhost2/png复制静态资源做测试[root@stasrvs ~]# find /usr/share/ -iname "*.jpg" -exec cp {} /data/web/vhost1/png/ \;[root@stasrvs ~]# find /usr/share/ -iname "*.jpg" -exec cp {} /data/web/vhost2/png/ \;[root@stasrvs ~]# vim /data/web/vhost1/index.html<h1> Image Server 1 </h1>[root@stasrvs ~]# vim /data/web/vhost2/index.html<h1> Image Server 2 </h1>
配置虚拟主机
[root@stasrvs ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost *:80> ServerName web3.danran.com DocumentRoot "/data/web/vhost1" <Directory "/data/web/vhost1"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>[root@stasrvs ~]# vim /etc/httpd/conf.d/vhost2.confListen 8080<VirtualHost *:8080> ServerName web4.danran.com DocumentRoot "/data/web/vhost1" <Directory "/data/web/vhost1"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>[root@stasrvs ~]# systemctl start httpd.service
访问测试静态页面
http://172.16.252.67/png/3.jpg
http://172.16.252.67:8080/png/3.jpg
配置NFS+Mysql
Mysql
[root@mysql ~]# yum -y install mariadb-server[root@mysql ~]# systemctl start mariadb[root@mysql ~]# systemctl enable mariadb[root@mysql ~]# systemctl disable firewalld[root@mysql ~]# systemctl stop firewalld[root@mysql ~]# iptables -F 关闭防火墙[root@mysql ~]# setenforce 0创建数据库账号[root@mysql ~]# mysql_secure_installation \\数据库安全初始化[root@mysql ~]# mysql -uroot -hlocalhost -pMariaDB [(none)]> create database blog;MariaDB [(none)]> grant all on blog.* to blog@'172.16.%.%' identified by 'blog'; 登录测试[root@mysql ~]# mysql -ublog -h172.16.252.103 -p添加防火墙,仅允许RS1和RS2及自己本身连接数据库[root@mysql ~]# iptables -A INPUT -s 172.16.252.92 -p tcp --dport 3306 -j ACCEPT[root@mysql ~]# iptables -A INPUT -s 172.16.252.67 -p tcp --dport 3306 -j ACCEPT [root@mysql ~]# iptables -A INPUT -s 172.16.252.103 -p tcp --dport 3306 -j ACCEPT [root@mysql ~]# iptables -A INPUT -j REJECT
NFS
[root@NFS ~]# iptables -F[root@NFS ~]# setenforce 0[root@NFS ~]# rpm -ql nfs-utilspackage nfs-utils is not installed[root@NFS ~]# yum -y install nfs-utils将wordpress程序包解压缩[root@NFS ~]# tar xf wordpress-4.8-zh_CN.tar.gz -C /app[root@NFS ~]# cd /app/wordpress[root@NFS wordpress]# cp wp-config-sample.php wp-config.php[root@NFS ~]# chmod o+w /app/blog/wp-config.php [root@NFS wordpress]# vim wp-config.php/** WordPress数据库的名称 */define('DB_NAME', 'blog');/** MySQL数据库用户名 */define('DB_USER', 'blog');/** MySQL数据库密码 */define('DB_PASSWORD', 'blog');/** MySQL主机 */define('DB_HOST', '172.16.252.103');创建与dynsrvs和stasrvs主机上相同UID的apache用户[root@NFS blog]# useradd -u 48 -r -s /sbin/nologin apache \\dynsrvs和stasrvs的apache用户UID为48修改blog目录的属组,从而使apache用户对blog有读写权限[root@NFS app]# useradd -u 48 -r -s /sbin/nologin apache [root@NFS app]# chown -R apache:apache blog/[root@NFS app]# ll -d blog/drwxr-xr-x. 2 apache apache 6 Sep 8 13:12 blog/配置NFS[root@NFS ~]# vim /etc/exports /app/blog 172.16.252.0/24(rw,all_squash,anonuid=48,anongid=48) \\all_squash为压缩所有用户名,anonuid意为压缩为UID为48的用户,anongid组压缩为GID为48的组[root@NFS ~]# systemctl start nfs-server
dynsrvs和stasrvs服务器挂载NFS共享目录
stasrvs
[root@stasrvs ~]# yum -y install nfs-utils[root@stasrvs ~]# cd /data/web/vhost2/[root@stasrvs vhost2]# mkdir blog[root@stasrvs vhost2]# chmod o+w blog[root@stasrvs ~]# vim /etc/fstab172.16.252.103:/app/blog /data/web/vhost2/blog nfs defaults 0 0 [root@stasrvs ~]# mount -a[root@stasrvs ~]# df 将web1的根文件路径修改为/data/web/vhost2,同web2路径一致 [root@stasrvs vhost1]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost *:80> ServerName web3.danran.com DocumentRoot "/data/web/vhost2" <Directory "/data/web/vhost2"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>[root@stasrvs ~]# systemctl restart httpd
dynsrvs
[root@dynsrvs ~]# yum -y install nfs-utils[root@dynsrvs ~]# cd /data/web/vhost2/[root@dynsrvs vhost2]# mkdir blog[root@dynsrvs vhost2]# chmod o+w blog[root@dynsrvs ~]# vim /etc/fstab172.16.252.103:/app/blog /data/web/vhost2/blog nfs defaults 0 0 [root@dynsrvs ~]# mount -a[root@dynsrvs ~]# df 将web1的根文件路径修改为/data/web/vhost2,同web2路径一致 [root@stasrvs vhost1]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost *:80> ServerName web1.danran.com DocumentRoot "/data/web/vhost2" <Directory "/data/web/vhost2"> Options FollowSymLinks AllowOverride None Require all granted </Directory></VirtualHost>[root@dynsrvs ~]# systemctl restart httpd
HAProxy
安装HAProxy
[root@haproxy ~]# yum -y install haproxy[root@haproxy ~]# rpm -ql haproxy[root@haproxy ~]# iptables -F[root@haproxy ~]# setenforce 0[root@haproxy ~]# systemctl enable haproxy[root@haproxy ~]# cp /etc/haproxy/haproxy.cfg{,.bak}
配置HAProxy代理
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfgfrontend myweb *:80 rspadd X-Via:\ HAProxy-1 rspidel Server.* acl static path_end .jpg .jpeg .png .gif .txt .html acl static path_beg -i /images /static use_backend staticsrvs if static default_backend dynsrvsbackend dynsrvs balance uri option forwardfor header X-Client server dynsrv1 172.16.252.92:80 check cookie dynsrv1 server dynsrv2 172.16.252.92:8080 check cookie dynsrv2 hash-type consistentbackend staticsrvs option forwardfor header X-Client balance uri server staticsrv1 172.16.252.67:80 check server staticsrv2 172.16.252.67:8080 check hash-type consistentlisten status bind *:9009 acl auth_admin src 172.16.251.196 stats enable stats uri /myhaproxy?status stats realm HAProxy\ Admin\ Area stats auth admin:admin stats admin if auth_admin[root@haproxy ~]# systemctl restart haproxy
测试HAProxy的状态页
http://172.16.252.82:9009/myhaproxy?status
Varnish
[root@varnish ~]# yum -y install varnish
[root@varnish ~]# iptables -F
[root@varnish ~]# setenforce 0
[root@varnish ~]# vim /etc/varnish/varnish.params
VARNISH_LISTEN_PORT=80 \监听端口为80,默认为6081
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 \监听管理接口的IP,默认为本机
VARNISH_ADMIN_LISTEN_PORT=6082 \管理接口的端口,默认为6082
VARNISH_SECRET_FILE=/etc/varnish/secret \认证密码文件
#DAEMON_OPTS=”-p thread_pool_min=5 -p thread_pool_max=500 -p thread_pool_timeout=300” \\定义运行时参数[root@varnish ~]# vim /etc/varnish/default.vcl import directors; # 导入负载均衡模块probe healthchk { # 配置健康状态检查 .url = “/.healthchk.html”; # 检查状态检查的URL .timeout = 2s; # 超时时间 .interval = 2s;# 每2秒检查一次 .window = 8; # 一共检查的次数 .threshold = 5; # 如果大于4次则为健康}# Default backend definition. Set this to point to your content server.backend imgsrv1 { # 配置后端主机 .host = “172.16.252.67”; .port = “80”; .probe = healthchk;}backend imgsrv2 { # 配置后端主机 .host = “172.16.252.67”; .port = “8080”; .probe = healthchk;}sub vcl_init { # 初始化负载均衡 new imgsrvs = directors.round_robin(); imgsrvs.add_backend(imgsrv1); imgsrvs.add_backend(imgsrv2);}sub vcl_recv { if (req.url ~ “(?i)\.(jpg|jpeg|png|gif|svg|txt|html|css|js)$”) { set req.backend_hint = websrvs.backend(); } if (req.restarts == 0) { if (req.http.X-Fowarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + “,” + client.ip; } else { set req.http.X-Forwarded-For = client.ip; }}sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = ” Hit via ” + server.ip; } else { set resp.http.X-Cache = ” Miss via ” + server.ip; }}[root@varnish ~]# systemctl start varnish 修改HAproxy配置文件,使HAproxy调用Varnish服务器
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfgbackend staticsrvs option forwardfor header X-Client balance uri server staticsrv1 172.16.252.100:80 check hash-type consistent[root@haproxy ~]# systemctl restart haproxy
访问测试
http://172.16.252.82/blog/
</div> <div class = "postDesc">posted @ <span id="post-date">2017-09-09 21:37</span> <a href='http://www.cnblogs.com/JevonWei/'>JevonWei</a> 阅读(<span id="post_view_count">...</span>) 评论(<span id="post_comment_count">...</span>) <a href ="https://i.cnblogs.com/EditPosts.aspx?postid=7499417" rel="nofollow">编辑</a> <a href="#" onclick="AddToWz(7499417);return false;">收藏</a></div></div><script src="//common.cnblogs.com/highlight/9.1.0/highlight.min.js?id=20160127"></script><script>markdown_highlight();</script><script type="text/javascript">var allowComments=true,cb_blogId=364740,cb_entryId=7499417,cb_blogApp=currentBlogApp,cb_blogUserGuid='0968824b-285a-4e6f-0316-08d49c352df3',cb_entryCreatedDate='2017/9/9 21:37:00';loadViewCount(cb_entryId);</script>
fixPostBody(); setTimeout(function () { incrementViewCount(cb_entryId); }, 50); deliverAdT2(); deliverAdC1(); deliverAdC2(); loadNewsAndKb(); loadBlogSignature(); LoadPostInfoBlock(cb_blogId, cb_entryId, cb_blogApp, cb_blogUserGuid); GetPrevNextPost(cb_entryId, cb_blogId, cb_entryCreatedDate); loadOptUnderPost(); GetHistoryToday(cb_blogId, cb_blogApp, cb_entryCreatedDate);
</div><!--end: forFlow --></div><!--end: mainContent 主体内容容器--><div id="sideBar"> <div id="sideBarMain">
公告
<div id="blog-calendar" style="display:none"></div><script type="text/javascript">loadBlogDefaultCalendar();</script> <div id="leftcontentcontainer"> <div id="blog-sidecolumn"></div><script type="text/javascript">loadBlogSideColumn();</script> </div> </div><!--end: sideBarMain --></div><!--end: sideBar 侧边栏容器 --><div class="clear"></div></div><!--end: main --><div class="clear"></div><div id="footer">
Copyright ©2017 JevonWei
阅读全文
0 0
- HAProxy+Varnish动静分离部署WordPress
- HAproxy+varnish动静分离部署wordpress
- HAproxy+varnish动静分离部署wordpress
- keepalived高可用haproxy配合varnish实现wordpress的动静分离
- Haproxy负载均衡/动静分离
- centos使用varnish实现网站动静分离
- Nginx 代理 varnish 实现动静分离
- haproxy实现负载均衡和动静分离
- HAproxy指南之haproxy实现动静分离(案例篇)
- HAProxy + apache 负载均衡,动静分离,读写分离
- 基于centos6.5使用varnish实现网站动静分离
- 使用HAproxy如何实现web站点的动静分离
- haproxy+nginx+tomcat+memcache实现动静分离、会话同步集群
- 使用HAproxy如何实现web站点的动静分离
- 动静分离
- 动静分离
- Nginx+Varnish 实现动静分离,为服务器分流,降低服务器负载
- Nginx+Varnish 实现动静分离,为服务器分流,降低服务器负载
- fabric源码解析18——SCC的注册和部署
- Servlet,过滤器,监听器,拦截器的区别
- MongoDB入门学习3
- CSS-超出部分的处理
- $_SERVER["REQUEST_URI"]函数
- HAproxy+varnish动静分离部署wordpress
- spark性能调优之开发调优
- selenium启动chrome模拟器模拟其他设备
- 对流处理与批处理的认识
- 旋转数组的最小数字(查找和排序)
- okhttp3.0的简单使用
- CSS-鼠标样式
- Vscode下快速开始编写html的方法
- 帆软报表多源数据过滤为何不显示数据