LNMP + HAProxy + Keepalived 부하 균형 (3) - 프로필 집합
16944 단어 nginxlnmpkeepalivedhaproxy부하 균형
vim /usr/local/nginx/conf/nginx.conf
# 80 10001, :
listen 10001 default_server;
# nginx
# Nginx, ;
service nginx restart & service nginx status
user www www;
worker_processes auto;
error_log /home/wwwlogs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
multi_accept on;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
#limit_conn_zone $binary_remote_addr zone=perip:10m;
##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
server_tokens off;
access_log off;
server
{
#
listen 10001 default_server;
server_name _;
index index.html index.htm index.php default.html default.htm default.php;
#
root /home/wwwroot/publishPath;
include rewrite/laravel.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
# , server ;
# include vhost/*.conf;
}
vim /etc/my.cnf
service mysql restart & service mysql status
lnmp restart
[client]
port = 10002
socket = /tmp/mysql.sock
[mysqld]
port = 10002
socket = /tmp/mysql.sock
#
datadir = /home/lnmp/mysql/data
skip-external-locking
key_buffer_size = 128M
max_allowed_packet = 1M
table_open_cache = 512
sort_buffer_size = 2M
net_buffer_length = 8K
read_buffer_size = 2M
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 32M
thread_cache_size = 64
query_cache_size = 64M
tmp_table_size = 64M
performance_schema_max_table_instances = 4000
explicit_defaults_for_timestamp = true
#skip-networking
max_connections = 500
max_connect_errors = 100
open_files_limit = 65535
log-bin=mysql-bin
binlog_format=mixed
server-id = 51
lower_case_table_names = 1
expire_logs_days = 10
replicate_wild_do_table=lgd_system.%
# relay_log=mysqld-relay-bin
log-slave-updates=YES
default_storage_engine = InnoDB
innodb_file_per_table = 1
innodb_data_home_dir = /home/lnmp/mysql/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /home/lnmp/mysql/data
innodb_buffer_pool_size = 512M
innodb_log_file_size = 128M
innodb_log_buffer_size = 8M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
[mysqldump]
# ,
user=bakuser
password=ZXdfty^&
quick
max_allowed_packet = 16M
[mysql]
no-auto-rehash
[myisamchk]
key_buffer_size = 128M
sort_buffer_size = 2M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
# :
# Web HAProxy - http://192.168.6.111:8080/web
# DB HAProxy - http://192.168.6.211:8080/db
# , 8080 。
# :
vim /etc/haproxy/haproxy.cfg
service haproxy restart & service haproxy status
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# , log , 127.0.0.1 syslog local0 , info
log 127.0.0.1 local3
#
chroot /var/lib/haproxy
# haproxy pid ,
pidfile /usr/local/haproxy/haproxy.pid
# , 4000
maxconn 30000
#
user haproxy
#
group haproxy
# haproxy
daemon
# turn on stats unix socket
# stats socket /var/lib/haproxy/stats # socket
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http # mode { tcp|http|health },tcp 4 ,http 7 ,health OK
log global #
option httplog # HTTP , haproxy HTTP
option dontlognull #
option http-server-close # http
# ip , Http Header ip
option forwardfor except 127.0.0.0/8
option redispatch # serverId ,
retries 3 # 3 ,
timeout http-request 10s # http
timeout queue 1m #
timeout connect 10s #
timeout client 1m #
timeout server 1m #
timeout http-keep-alive 10s # http-keep-alive
timeout check 10s #
maxconn 3000 #
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#
frontend main *:80
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend servers
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#
backend static
balance roundrobin
server static1 192.168.6.100:10001 check inter 2000 fall 3 weight 50
server static2 192.168.6.110:10001 check inter 2000 fall 3 weight 50
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#
backend servers
balance roundrobin
# cookie , , ,
cookie app_cook insert nocache
server app1 192.168.6.100:10001 check inter 2000 fall 3 weight 50 cookie server1
server app2 192.168.6.110:10001 check inter 2000 fall 3 weight 50 cookie server2
# HAProxy
listen stats
#
bind *:8080
mode http
# stats enable
# :192.168.6.100:8080/web 192.168.6.110:8080/web
stats uri /web
stats realm Global\ statistics
#
stats auth hapadmin:1qazse$#2
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
pidfile /var/run/haproxy.pid
maxconn 30000
user haproxy
group haproxy
daemon
nbproc 1
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode tcp
option redispatch
retries 3
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
maxconn 4096
option abortonclose
frontend main
bind *:3306
default_backend servers
backend servers
server mysql1 192.168.6.200:10002 check inter 3000 fall 3 weight 50
server mysql2 192.168.6.210:10002 check inter 3000 fall 3 weight 50
# :192.168.6.210:8080/db 192.168.6.200:8080/db
listen stats
mode http
bind 0.0.0.0:8080
stats enable
stats uri /db
stats realm Global\ statistics
stats auth dbadmin:1qazse$#2
# Keepalived :
keepalived -v
# :
cat /etc/keepalived/keepalived.conf
# :
vim /etc/keepalived/keepalived.conf
# :
mysql -h ip -P -u -p
mysql -h 192.168.6.200 -P 3306 -u dbuser -p
# vrrp , Keepalived :
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface --destination 224.0.0.18 --protocol vrrp -j ACCEPT;
firewall-cmd --reload;
# ,
# INPUT 224.0.0.18 。
# VIP VIP :
ip addr | grep
# VIP keepalived , VIP , VIP:
service keepalived stop && service keepalived status
ip addr | grep
# keepalived keepalived , VIP :
service keepalived start && service keepalived status
ip addr | grep
# Master :
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] # ,
}
notification_email_from [email protected] # ,
smtp_server 127.0.0.1 #
smtp_connect_timeout 30 #
no_email_faults
router_id WebMaster
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy { # HAProxy
script '/etc/keepalived/check_haproxy.sh'
interval 2
weight 2
}
vrrp_instance VI_1 { # vrrp_instance
state MASTER # master
interface # , eth0,
virtual_router_id 100 # id , 255
priority 100 # , , ,
advert_int 1 #
authentication { #
auth_type PASS
auth_pass 666 # , ,
}
track_script {
chk_haproxy
}
virtual_ipaddress { # Web ip :vip, IP。
#/ brd dev scope label
# Backup :
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] # ,
}
notification_email_from [email protected] # ,
smtp_server 127.0.0.1 #
smtp_connect_timeout 30 #
no_email_faults
router_id WebBackup
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy { # HAProxy
script '/etc/keepalived/check_haproxy.sh'
interval 2
weight 2
}
vrrp_instance VI_1 { # vrrp_instance
state BACKUP # backup
interface # , eth0,
virtual_router_id 100 # id , 255
priority 90 # , , ,
advert_int 1 #
authentication { #
auth_type PASS
auth_pass 666 # , ,
}
track_script {
chk_haproxy
}
virtual_ipaddress { # Web ip :vip, IP。
#/ brd dev scope label
# Master :
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] # ,
}
notification_email_from [email protected] # ,
smtp_server 127.0.0.1 #
smtp_connect_timeout 30 #
no_email_faults
router_id DBMaster
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy { # HAProxy
script '/etc/keepalived/check_haproxy.sh'
interval 2
weight 2
}
vrrp_instance VI_1 { # vrrp_instance
state MASTER # master
interface # , eth0,
virtual_router_id 99 # id , 255
priority 100 # , , ,
advert_int 1 #
authentication { #
auth_type PASS
auth_pass 666 # , ,
}
track_script {
chk_haproxy
}
virtual_ipaddress { # DB ip :vip, IP。
#/ brd dev scope label
# Backup :
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] # ,
}
notification_email_from [email protected] # ,
smtp_server 127.0.0.1 #
smtp_connect_timeout 30 #
no_email_faults
router_id DBBackup
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy { # HAProxy
script '/etc/keepalived/check_haproxy.sh'
interval 2
weight 2
}
vrrp_instance VI_1 { # vrrp_instance
state BACKUP # master
interface # , eth0,
virtual_router_id 99 # id , 255
priority 90 # , , ,
advert_int 1 #
authentication { #
auth_type PASS
auth_pass 666 # , ,
}
track_script {
chk_haproxy
}
virtual_ipaddress { # DB ip :vip, IP。
#/ brd dev scope label
mkdir /etc/keepalived/
echo '' > /etc/keepalived/check_haproxy.sh
echo '' > /etc/keepalived/clean_arp.sh
chmod +x /etc/keepalived/*.sh
# ,
#!/bin/bash
# haproxy
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
# , haproxy
haproxy -f /etc/haproxy/haproxy.cfg
fi
# , haproxy
sleep 2
# haproxy
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
# haproxy , keepalived , VIP haproxy , haproxy
service keepalived stop
#!/bin/sh
VIP=$1
GATEWAY=192.168.6.255 #
/sbin/arping -I ens160 -c 5 -s $VIP $GATEWAY &>/dev/null
#
chmod -R 777 /home/wwwroot/publishPath
# PHP
vim /home/wwwroot/publishPath/.env
# :
APP_DEBUG=false
# Web VIP, , 192.168.6.111 , IP IP
APP_URL=http://192.168.6.111
DB_CONNECTION=mysql
# DB VIP
DB_HOST=192.168.6.211
# DB
DB_PORT=3306
#
DB_DATABASE=dbName
#
DB_USERNAME=dbuser
#
DB_PASSWORD=dbpwd
# , 。
# php :
service php-fpm restart
php APP_URL
.이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
간단! Certbot을 사용하여 웹 사이트를 SSL(HTTPS)화하는 방법초보자가 인프라 주위를 정돈하는 것은 매우 어렵습니다. 이번은 사이트를 간단하게 SSL화(HTTP에서 HTTPS통신)로 변경하는 방법을 소개합니다! 이번에는 소프트웨어 시스템 Nginx CentOS7 의 환경에서 S...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.