linux学习--week17--nginx-lnmp

2. 负载均衡
   2.1 负载均衡与反向代理区别
   2.2nginx 7层负载
   2.3 nginx 7层负载
   2.4 nginx 4层负载均衡
3. nginx缓存
4. lnmp
   4.1 概述
   4.2 环境准备
5. LNMP环境迁移
   5.1 数据库迁移
   5.2 用户上传文件到nfs
   5.3

回顾及今日内容:

nginx

老男孩教育-Linux学院

web服务

负载均衡(反向代理) wireshark抓包

nginx缓存

web服务

部署:yum 编译(增加第3方模块rtmp )

配置:nginx.conf conf.d/xxxx.conf 含义

Alphabetical index of directives

Alphabetical index of variables

http://tengine.taobao.org/nginx_docs/cn/docs/dirindex.htm

l

模块:

log

core核心

日志

ssl https

rewirte

upstream

proxy

配置虚拟主机(server )

基于域名的虚拟主机 最常用

基于端口 后台 内部系统 + vpn

基于ip

nginx配置 认证 autoindex 状态

nginx location ~ ~*

nginx rewrite

nginx if

nginx root 与 alias 区别

负载均衡(反向代理)

负载均衡与反向代理区别

回顾osi7层模型

7层负载均衡 wireshark

给多个虚拟主机配置的时候 只能访问1个.

4层负载均衡

老男孩教育-Linux学院

nginx缓存

expires

proxy_cache

lnmp

php+mysql

负载均衡高可用

tomcat

任务: bbs(discuz) wiki(wecenter)

• 多域名负载均衡故障案例
• 让web服务器记录用户真实ip地址
  proxy_set_header X-Forwarded-For $remote_addr;
• 轮询算法
  rr 轮询 round robin
  wrr 加权轮询 weight round robin

upstream web_pools {
server 10.0.0.7:80 weight=2;
server 10.0.0.8:80 weight=1;
}

wlc 加权的最小连接数 weight least connection

ip_hash 只要客户端ip地址一样 就会访问相同的机器 (会话保持)

• 负载均衡参数

upstream web_pools {
server 10.0.0.7:80 weight=1 max_fails=3
fail_timeout=30s ;
server 10.0.0.8:80;
server 10.0.0.9:80 backup;
server 10.0.0.10:80 backup;
}
#max_fails 1-3 次
# 10次 CDN网站 给网站加速 缓存静态资源
#fail_timeout 后端节点失败后 经过多久回来重新检查
#backup 被标记为backup的节点 会在所有机器挂了后才能使用.

2.4 nginx 4层负载均衡

用户访问nginx 81端口 则被转发到后端 web01 8888 web02 9999

端口

用户访问nginx 81 lb01

web01 8888 : nc -kl 8888

web02 9999 : nc -kl 9999

#7层负载均衡
http {
upstream web_pools {
server 10.0.0.7:80;
server 10.0.0.8:80;
}
server {
listen 80;
server_name www.oldboy.com;
location / {
proxy_pass http://
}
}
}
#4层负载均衡
stream {
upstream tcp_pools {
server 10.0.0.7:8888;
server 10.0.0.8:9999;
}
server {
listen 81;
proxy_pass tcp_pools;
}
}

3. nginx缓存

• expires web配置 缓存到用户的浏览器

  expires 30d;

  expires max; 10年

location ~* "/.(png|jpeg|bmp)$" {
expires 30d;
}

• proxy_cache nginx负载均衡

  

  image.png

[root@lb01 ~]# mkdir -p /cache
[root@lb01 ~]# mount -t tmpfs -o size=512m tmpfs
/cache/
[root@lb01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.8G 18G 10% /
devtmpfs 980M 0 980M 0% /dev
tmpfs 991M 0 991M 0% /dev/shm
tmpfs 991M 9.6M 981M 1% /run
tmpfs 991M 0 991M 0% /sys/fs/cgroup
/dev/sda1 197M 105M 93M 54% /boot
tmpfs 199M 0 199M 0% /run/user/0
tmpfs 512M 0 512M 0% /cache
[root@lb01 ~]# dd if=/dev/zero of=/tmp/100m bs=1M
count=100
[root@lb01 ~]# cat /etc/nginx/conf.d/proxy_cache.conf
upstream web_pools {
server 172.16.1.7:8081;
server 172.16.1.7:8082;
server 172.16.1.7:8083;
}
#proxy_cache存放缓存临时文件
#levels 按照两层目录分级
#keys_zone 开辟空间名, 10m:开辟空间大小, 1m可存放8000key
#max_size 控制最大大小, 超过后Nginx会启用淘汰规则
#inactive 60分钟没有被访问缓存会被清理
#use_temp_path 临时文件, 会影响性能, 建议关闭
proxy_cache_path /soft/cache levels=1:2
keys_zone=code_cache:10m max_size=10g inactive=60m
use_temp_path=off;
server {
listen 80;
server_name www.oldboy.com;
#proxy_cache 开启缓存
#proxy_cache_valid 状态码200|304的过期为12h, 其余状态码10
分钟过期
#proxy_cache_key 缓存key
#add_header 增加头信息, 观察客户端respoce是否命中
#proxy_next_upstream 出现502-504或错误, 会跳过此台服务器访
问下台
location / {
proxy_pass http://web_pools;
proxy_cache code_cache;
proxy_cache_valid 200 304 12h;
proxy_cache_valid any 10m;
add_header Nginx-Cache
"$upstream_cache_status";
proxy_next_upstream error timeout
invalid_header http_500 http_502 http_503 http_504;
include proxy_params;
}
}
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for"
'"$upstream_cache_status"' ;
access_log /var/log/nginx/access.log main;
cat proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;

4. lnmp

• LNMP
• nginx处理静态页面/请求
• php 处理动态的请求 location ~* .PHP$ 访问 php
• mysql
  
  

  image.png

  

  image.png

  https://www.wecenter.com/
  老男孩教育-Linux学院

4.1 概述

• 网站
  静态资源: html页面 css样式 js 图片 视频 nginx自己可以处理
  动态资源: 交互功能 评论 发布文章 下单 购物
  php|java|python|golang
• 动态网站环境:
  Linux Nginx(engine x) MySQL PHP LNMP /LEMP
  LNMT (java代码)
  Tomcat(java )
  Resin
  Weblogic (oracle ) 与oracle数据库使用
  LNMP (python)
  uwsgi
  LNM + 自己开发

4.2 环境准备

• Linux
• nginx
• PHP
• mysql
• web01 LNMP
• db01
• nfs01

#lnmp web01
##nginx
##mysql mariadb-server
#查看/创建 数据库 用户
#数据库 用户特点 用户名和在哪里登录
[root@web01 ~]# systemctl enable mariadb.service
Created symlink from /etc/systemd/system/multiuser.
target.wants/mariadb.service to
/usr/lib/systemd/system/mariadb.service.
[root@web01 ~]# systemctl start mariadb.service
[root@web01 ~]# ss -lntup |grep mysql
tcp LISTEN 0 50 *:3306
*:* users:
(("mysqld",pid=7986,fd=14))
mysql -uroot -p
mysql
#查看所有数据库
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.00 sec)
#查看所有表信息
MariaDB [(none)]> show tables from mysql;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
#查看mysql中所有用户和host信息
MariaDB [(none)]> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| | localhost |
| root | localhost |
| | web01 |
| root | web01 |
+------+-----------+
6 rows in set (0.00 sec)
#创建数据库
MariaDB [(none)]> create database wordpress;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| wordpress |
+--------------------+
5 rows in set (0.00 sec)
#添加用户
MariaDB [(none)]> grant all on wordpress.* to
'wordpress'@'localhost' identified by '123456';
grant all on wordpress.* to 'wordpress'@'localhost'
identified by '123456';
授权(并添加用户) all(所有权限) on 数据库.表 to '用户
名'@'在哪里登录' identified by '123456';
MariaDB [(none)]> grant all on wordpress.* to
'wordpress'@'172.16.1.%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> select user,host from mysql.user;
+-----------+------------+
| user | host |
+-----------+------------+
| root | 127.0.0.1 |
| wordpress | 172.16.1.% |
| root | ::1 |
| | localhost |
| root | localhost |
| wordpress | localhost |
| | web01 |
| root | web01 |
+-----------+------------+
8 rows in set (0.00 sec)
#数据库中删除或修改用户信息 需要更新权限表
grant all on wordpress.* to 'wordpress'@'172.16.1.%'
identified by '123456';
MariaDB [(none)]> drop user ''@'localhost' ;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> drop user ''@'web01' ;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
#查看用户
MariaDB [(none)]> select user,host from mysql.user;
+-----------+------------+
| user | host |
+-----------+------------+
| root | 127.0.0.1 |
| wordpress | 172.16.1.% |
| root | ::1 |
| root | localhost |
| wordpress | localhost |
| root | web01 |
+-----------+------------+
6 rows in set (0.00 sec)
#使用用户
[root@web01 ~]# mysql -uwordpress -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ;
or /g.
Your MariaDB connection id is 9
Server version: 5.5.64-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation
Ab and others.
Type 'help;' or '/h' for help. Type '/c' to clear the
current input statement.
MariaDB [(none)]>

image.png

php环境

#web CentOS 7 webtatic 源

nginx

server {
server_name www.oldboy.com;
listen 80;
root /html/blog;
index index.php index.html;
location ~ /.php$ {
root /code;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
}
#fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
#fastcgi把请求向后扔的时候 加上的参数
#parameter 参数
### $document_root 站点目录 /html/blog/
### $fastcgi_script_name #用户请求中的uri /lidao/4tbtorrent.
php
curl blog.oldboy.com/lidao/4tb-torrent.php
SCRIPT_FILENAM /html/blog//lidao/4tb-torrent.php

准备测试:

测试nginx + php

[root@web01 ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for" $document_root';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
listen 80 ;
server_name www.oldboy.com;
root /html/www;
location / {
index index.html;
}
}
server {
server_name blog.oldboy.com;
listen 80;
root /html/blog;
index index.php index.html;
location ~ /.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
[root@web01 ~]# systemctl restart nginx phpfpm.
service
[root@web01 ~]# ss -lnutp|egrep 'nginx|php'
tcp LISTEN 0 128 127.0.0.1:9000
*:* users:(("phpfpm",
pid=8464,fd=9),("php-fpm",pid=8463,fd=9),("phpfpm",
pid=8462,fd=9),("php-fpm",pid=8461,fd=9),("phpfpm",
pid=8460,fd=9),("php-fpm",pid=8451,fd=7))
tcp LISTEN 0 128 *:80
*:* users:
(("nginx",pid=8472,fd=6),("nginx",pid=8471,fd=6),
("nginx",pid=8470,fd=6),("nginx",pid=8469,fd=6),
("nginx",pid=8468,fd=6))
cat >/html/blog/info.php <<'EOF'
<?php
phpinfo();
?>
EOF

php mysql

[root@web01 ~]# cat /html/blog/mysql.php
<?php
$servername = "localhost";
$username = "wordpress";
$password = "123456";
// 创建连接
$conn = mysqli_connect($servername, $username,
$password);
// 检测连接
if (!$conn) {
die("Connection failed: " .
mysqli_connect_error());
}
echo "php连接MySQL数据库成功/n";
?>

image.png

修改权限

[root@web01 /html/blog]# grep -n nginx /etc/phpfpm.
d/www.conf
8:user = nginx
10:group = nginx
[root@web01 /html/blog]# chown -R nginx.nginx
/html/blog/
[root@web01 /html/blog]# systemctl restart phpfpm.
service
[root@web01 /html/blog]#

image.png

image.png

image.png

image.png

php+mysql

负载均衡高可用 keepalived

#web01

webtatic 源 群文件:webtatic

yum localinstall -y webtatic*
yum -y install php71w php71w-cli php71w-common php71wdevel
php71w-embedded php71w-gd php71w-mcrypt php71wmbstring
php71w-pdo php71w-xml php71w-fpm php71wmysqlnd
php71w-opcache php71w-pecl-memcached php71wpecl-
redis php71w-pecl-mongodb

php环境

5. LNMP环境迁移

lnmp

把数据库迁移到db01

把用户上传的内容 挂载到 nfs01

image.png

5.1 数据库迁移

web01 进行备份

[root@web01 /html/blog]# mysqldump -A |gzip
>/root/all.sql.gz
[root@web01 /html/blog]# ll -h /root/all.sql.gz
-rw-r--r-- 1 root root 147K Nov 10 17:23
/root/all.sql.gz

把压缩包传递到 db01

#db01上面操作
yum install -y mariadb-server

解压并导入到 db01的数据库中

[root@db01 ~]# systemctl enable mariadb.service
Created symlink from /etc/systemd/system/multiuser.
target.wants/mariadb.service to
/usr/lib/systemd/system/mariadb.service.
[root@db01 ~]# systemctl start mariadb.service
[root@db01 ~]# file all.sql.gz
all.sql.gz: gzip compressed data, was "all.sql", from
Unix, last modified: Sun Nov 10 17:23:48 2019
[root@db01 ~]# #zcat zless zgrep
[root@db01 ~]# zless all.sql.gz
[root@db01 ~]# zcat all.sql.gz |mysql
[root@db01 ~]# mysql
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
[root@db01 ~]# mysql -uwordpress -p123456
Welcome to the MariaDB monitor. Commands end with ;
or /g.
Your MariaDB connection id is 5
Server version: 5.5.64-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation
Ab and others.
Type 'help;' or '/h' for help. Type '/c' to clear the
current input statement.
MariaDB [(none)]> Bye

测试 wordpress 连接db01数据库

[root@web01 /html/blog]# cat mysql.php
<?php
$servername = "172.16.1.51";
$username = "wordpress";
$password = "123456";
// 创建连接
$conn = mysqli_connect($servername, $username,
$password);
// 检测连接
if (!$conn) {
die("Connection failed: " .
mysqli_connect_error());
}
echo "php连接MySQL数据库成功/n";
?>

image.png

wordpress 真正的连接使用 db01

的数据库 修改程序代码

#web01操作
[root@web01 /html/blog]# ll wp-config.php
-rw-rw-rw- 1 nginx nginx 3132 Nov 10 16:12 wpconfig.
php
[root@web01 /html/blog]# vim wp-config.php
oot@web01 /html/blog]# grep DB_HOST wp-config.php
define('DB_HOST', '172.16.1.51');
[root@web01 /html/blog]# systemctl stop
mariadb.service
[root@web01 /html/blog]# systemctl disable
mariadb.service
Removed symlink /etc/systemd/system/multiuser.
target.wants/mariadb.service.

5.2 用户上传文件到nfs

#nfs01 准备
systemctl start rpcbind nfs
mkdir -p /data/web_uploads
chown -R nfsnobody.nfsnobody /data/web_uploads
vim /etc/exports
/data/web_uploads 172.16.1.0/24(rw,sync)
#web01
yum install nfs-utils -y
mount -t nfs 172.16.1.31/data/web_uploads
/html/blog//wp-content/uploads/
#开机自动挂载
[root@web01 /html/blog]# showmount -e 172.16.1.31
Export list for 172.16.1.31:
/data/web_uploads 172.16.1.0/24
[root@web01 /html/blog]# ll /html/blog/wpcontent/
uploads/
total 0
drwxr-xr-x 3 776 nginx 16 Nov 10 16:56 2019
[root@web01 /html/blog]# mv /html/blog/wpcontent/
uploads/* /tmp/
[root@web01 /html/blog]# mount -t nfs
172.16.1.31:/data/web_uploads /html/blog/wpcontent/
uploads/
[root@web01 /html/blog]# df -h
Filesystem Size Used Avail Use%
Mounted on
/dev/sda3 19G 2.1G 17G 11% /
devtmpfs 980M 0 980M 0%
/dev
tmpfs 991M 0 991M 0%
/dev/shm
tmpfs 991M 9.6M 981M 1%
/run
tmpfs 991M 0 991M 0%
/sys/fs/cgroup
/dev/sdb1 200M 11M 190M 6%
/data1
/dev/sda1 197M 105M 93M 54%
/boot
tmpfs 199M 0 199M 0%
/run/user/0
172.16.1.31:/data/web_uploads 19G 1.8G 18G 10%
/html/blog/wp-content/uploads
[root@web01 /html/blog]# mv /tmp/2019/
/html/blog/wp-content/uploads/
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/透明背景logo_黑色.png’:
Operation not permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/透明背景logo_黑色-150x150.png’:
Operation not permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/透明背景logo_黑色-100x100.png’:
Operation not permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/养.jpg’: Operation not
permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/养-150x150.jpg’: Operation not
permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/养-256x300.jpg’: Operation not
permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11/养-100x100.jpg’: Operation not
permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019/11’: Operation not permitted
mv: failed to preserve ownership for ‘/html/blog/wpcontent/
uploads/2019’: Operation not permitted
[root@web01 /html/blog]# ll /html/blog/wpcontent/
uploads/
total 0
drwxr-xr-x 3 nginx nginx 16 Nov 10 16:56 2019

老男孩教育-数据库-存储迁移.jpg