内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
风哥提示:
本文档介绍企业Web应用部署综合实战案例。
Part01-项目需求分析
1.1 项目背景
[root@fgedu-project ~]# cat > /root/project-requirements.txt << 'EOF' FGEDU企业门户网站项目 ==================== 1. 项目目标 - 部署高可用企业门户网站 - 支持10000并发用户 - 99.9%可用性 2. 技术架构 - 负载均衡: Nginx + Keepalived - Web服务: Nginx - 应用服务: Tomcat - 数据库: MySQL主从 - 缓存: Redis Cluster 3. 服务器规划 - 负载均衡: 2台 (192.168.1.10-11) - Web服务器: 3台 (192.168.1.20-22) - 应用服务器: 3台 (192.168.1.30-32) - 数据库: 2台 (192.168.1.40-41) - 缓存: 3台 (192.168.1.50-52) 4. 安全要求 - HTTPS加密 - WAF防护 - 访问控制 5. 监控要求 - 服务监控 - 性能监控 - 日志分析 EOF
Part02-负载均衡部署
2.1 Nginx+Keepalived配置
[root@fgedu-lb1 ~]# cat > /etc/keepalived/keepalived.conf << 'EOF' global_defs { router_id FGEDU_LB1 } vrrp_script check_nginx { script "/usr/local/bin/check_nginx.sh" interval 2 weight -20 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass fgedu123 } virtual_ipaddress { 192.168.学习交流加群风哥微信: itpux-com1.100/24 } track_script { check_nginx } } EOF # 配置Nginx负载均衡 [root@fgedu-lb1 ~]# cat > /etc/nginx/nginx.conf << 'EOF' user nginx; worker_processes auto; events { worker_connections 65535; } http { upstream fgedu_web { least_conn学习交流加群风哥QQ113257174; server 192.168.1.20:80 weight=5; server 192.168.1更多学习教程公众号风哥教程itpux_com.21:80 weight=5; server 192.168.1.22:80 weight=5; keepalive 32; } server { listen 80; server_name www.fgedu.net.cn; return 301 https://$server_name$request_uri; } server { listen 443 ssl http2; server_name www.fgedu.net.cn; ssl_certificate /etc/nginx/ssl/fgedu.crt; ssl_certificate_key /etc/nginx/ssl/fgedu.key; ssl_protocols TLSv1.2 TLSv1.3; location / { proxy_pass http://fgedu_web; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /nginx_status { stub_status on; allow 127.0.0.1; deny all; } } } EOF [root@fgedu-lb1 ~]# systemctl enable nginx keepalived --now # 验证VIP [root@fgedu-lb1 ~]# ip addr show eth0 | grep 192.168.1.100 inet 192.168.1.100/24 scope global secondary eth0
Part03-Web服务器配置
3.1 Nginx+PHP-FPM部署
[root@fgedu-web1 ~]# yum install -y nginx php-fpm php-mysqlnd php-gd php-xml php-mbstring
# 配置PHP-FPM
[root@fgedu-web1 ~]# cat > /etc/php-fpm.d/www.conf << 'EOF'
[www]
user = nginx
group = nginx
listen = /run/php-fpm/www.sock
listen.owner = nginx
listen.group = nginx
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
slowlog = /var/log/php-fpm/www-slow.log
request_slowlog_timeout = 5s
EOF
# 配置Nginx
[root@fgedu-web1 ~]# cat > /etc/nginx/conf.d/fgedu.conf << 'EOF'
server {
listen 80;
server_name _;
root /var/www/fgedu;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
add_header Cache-Control "public, no-transform";
}
location /health {
access_log off;
return 200 "OK\n";
}
}
EOF
[root@fgedu-web1 ~]# mkdir -p /var/www/fgedu
[root@fgedu-web1 ~]# echo "” > /var/www/fgedu/index.php
[root@fgedu-web1 ~]# systemctl enable nginx php-fpm –now
# 验证服务
[root@fgedu-web1 ~]# curl http://localhost/health
OK
Part04-数据库配置
4.1 MySQL主从复制
[root@fgedu-db1 ~]# cat > /etc/my.cnf.d/mysql-server.cnf << 'EOF' [mysqld] server-id = 1 log-bin = mysql-bin binlog-format = ROW gtid-mode = ON enforce-gtid-consistency = ON log-slave-updates = ON innodb_buffer_pool_size = 4G max_connections = 1000 EOF [root@fgedu-db1 ~]# systemctl restart mysqld # 创建复制用户 [root@fgedu-db1 ~]# mysql -u root -p << 'EOF' CREATE USER 'repl'@'%' IDENTIFIED BY 'Repl@123456'; GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%'; FLUSH PRIVILEGES; EOF # 从库配置 [root@fgedu-db2 ~]# cat > /etc/my.cnf.d/mysql-server.cnf << 'EOF' [mysqld] server-id = 2 relay-log = relay-bin read-only = ON gtid-mode = ON enforce-gtid-consistency = ON EOF [root@fgedu-db2 ~]# systemctl restart mysqld # 配置复制 [root@fgedu-db2 ~]# mysql -u root -p << 'EOF' CHANGE MASTER TO MASTER_HOST='192.168.1.40', MASTER_USER='repl', MASTER_PASSWORD='Repl@123456', MASTER_AUTO_POSITION=1; START SLAVE;更多视频教程www.fgedu.net.cn SHOW SLAVE STATUS\G EOF # 验证复制状态 [root@fgedu-db2 ~]# mysql -u root -p -e "SHOW SLAVE STATUS\G" | grep -E "Slave_IO_Running|Slave_SQL_Running" Slave_IO_Running: Yes Slave_SQL_Running: Yes
- 做好项目规划和架构设计
- 配置高可用负载均衡
- 优化Web服务器性能
- 配置数据库主从复制
- 实施全面监控
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
