Nginx动静分离

用学习抵御孤独
413 阅读2分钟

架构图

  • nginx使用的是主线稳定版:1.16.1
  • php使用的是主线稳定版:7.4.2
  • 所有架构软件网络等优化后面单独开篇幅讲
  • 我知道ngin前面还缺,那是后面的工作了

环境初始化

  • 时间同步、yum仓库等一些系列已经在后端盘制作的时候已经配置好了。
主机名 IP地址 配置 作用规划
0_nginx_01 192.168.1.10/24 1C,1G nginx处理静态请求
0_nginx_02 192.168.1.11/24 1C,1G
0_nginx_03 192.168.1.12/24 1C,1G
0_nginx_04 192.168.1.13/24 1C,1G
0_ha_fpm_01 192.168.1.167/24 1C,0.5G 高可用LSB FastCGI PHP-fpm
0_ha_fpm_02 192.168.1.168/24 1C,0.5G
0_php-fpm_01 192.168.1.160/24 1C,1G FastCGI协议PHP-fpm处理动态页面
0_php-fpm_02 192.168.1.161/24 1C,1G
0_php-fpm_03 192.168.1.162/24 1C,1G

PHP-fpm

  • 编译安装php
#依赖说明:
[root@php-fpm_01 ~]# yum install -y gcc libxml2-devel sqlite-devel
[root@php-fpm_01 php-7.4.2]# ./configure --prefix=/usr/local/php --enable-fpm --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd
[root@php-fpm_01 php-7.4.2]# make && make install
  • 修改php-fpm配置文件/usr/local/php/etc/ 需要将文件名字改为php-fpm.conf 和 下面的www.conf.default 子目录也需要修改
[root@php-fpm_02 etc]# cp php-fpm.conf.default php-fpm.conf
[root@php-fpm_02 php-fpm.d]# cp www.conf.default www.conf
  • 编辑php-fpm.conf配置文件
pid = /var/run/php-fpm.pid
  • 添加php-fpm服务到systemd管理放到/usr/lib/systemd/system下面命名为php-fpm.service
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target

[Service]
Type=forking
PIDFile=/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm
ExecReload=/bin/kill -USR2 $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
  • 编辑www.conf 修改监听网卡
[www]
user = nobody
group = nobody
listen = 192.168.1.161:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
  • 服务启动测试:
[root@php-fpm_03 etc]# systemctl start php-fpm
[root@php-fpm_03 etc]# systemctl status php-fpm.service 
● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-02-17 16:31:35 CST; 5s ago
  Process: 30017 ExecStart=/usr/local/php/sbin/php-fpm (code=exited, status=0/SUCCESS)
 Main PID: 30018 (php-fpm)
   CGroup: /system.slice/php-fpm.service
           ├─30018 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
           ├─30019 php-fpm: pool www
           └─30020 php-fpm: pool www

Feb 17 16:31:35 php-fpm_03 systemd[1]: Starting The PHP FastCGI Process Manager...
Feb 17 16:31:35 php-fpm_03 systemd[1]: Started The PHP FastCGI Process Manager.
[root@php-fpm_03 etc]# systemctl stop php-fpm.service 
[root@php-fpm_03 etc]# systemctl status php-fpm.service 
● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

Feb 17 16:31:35 php-fpm_03 systemd[1]: Starting The PHP FastCGI Process Manager...
Feb 17 16:31:35 php-fpm_03 systemd[1]: Started The PHP FastCGI Process Manager.
Feb 17 16:31:46 php-fpm_03 systemd[1]: Stopping The PHP FastCGI Process Manager...
Feb 17 16:31:46 php-fpm_03 systemd[1]: Stopped The PHP FastCGI Process Manager.

HAProxy+Keepalived 高可用php-fpm

  • 安装HAPorxy 和 Keepalived
[root@ha_fpm_01 ~]# yum install -y keepalived haproxy
  • 修改haproxy配置文件
global
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

defaults
    mode                    tcp
    log                     global
    option		    abortonclose
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

listen proxy_status 0.0.0.0:39000
    mode tcp
    balance roundrobin
    server php-fpm 192.168.1.160:9000 check inter 5s
    server php-fpm 192.168.1.161:9000 check inter 5s
    server php-fpm 192.168.1.162:9000 check inter 5s

frontend stats 0.0.0.0:33808  #后台统计页面
    mode http
    stats enable
    maxconn 5
    stats refresh 50s
    stats uri /admin
    stats auth admin:123456
    stats hide-version
  • 修改keepalived配置文件
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.169
    }
}
  • 修改backup的主配置文件
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.169
    }
}
  • 初始化VIP
[root@ha_fpm_01 ~]# ifconfig eth0 add 192.168.1.169
  • 设置开机启动
[root@ha_fpm_02 ~]# systemctl enable haproxy
[root@ha_fpm_02 ~]# systemctl enable keepalived
[root@ha_fpm_02 ~]# systemctl start haproxy
[root@ha_fpm_02 ~]# systemctl start keepalived

Nginx

  • 编译安装nginx
lqh@lqh:/srv/ftp/software$ for i in {10..13}; do ssh root@192.168.1.$i "yum install gcc zlib-devel pcre-devel -y && tar -xf nginx-1.16.1.tar.gz && cd nginx-1.16.1 && ./configure && make && make install";done
  • 将nginx托管至systemd进行管理, 放入/usr/lib/systemd/system/下名nginx.service
[Unit]
Description=nginx
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop

[Install]
WantedBy=multi-user.target

lqh@lqh:/srv/ftp/software/systemctl_file$ for i in {10..13};do scp nginx.service root@192.168.1.$i:/usr/lib/systemd/system/ ; done
nginx.service                                 100%  305   747.1KB/s   00:00    
nginx.service                                 100%  305   417.2KB/s   00:00    
nginx.service                                 100%  305   424.9KB/s   00:00    
nginx.service                                 100%  305   500.7KB/s   00:00
  • 修改nginx相关配置
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       80;
        server_name  localhost;
        location / {
            root   /var/www/wordpress;
            index  index.php index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        location ~ \.php$ {
            root           /var/www/wordpress;
            fastcgi_pass   192.168.1.169:39000;
            fastcgi_index  index.php;
            include        fastcgi.conf;
        }
	location ~* \.(gif|jpg|jpeg|png|css|js|ico|svg)$ { 
           root /var/www/wordpress/static/; 
        }
    }
}
  • 在php-fpm机器上创建项目文件夹,并创建PHP动态页面
lqh@lqh:/srv/ftp/software$ for i in {160..162};do  ssh root@192.168.1.$i "mkdir -p /var/www/wordpress" ;done

<?php
$text="这是PHP的动态测试页面来自机器:";
echo $text, $_SERVER['SERVER_ADDR'];
echo PHP_EOL;
?>

lqh@lqh:/srv/ftp/software/systemctl_file$ for i in {160..162};do scp test.php root@192.168.1.$i:/var/www/wordpress/; done
  • 在nginx/var/www/wordpress/static/下传一个png的测试图片
lqh@lqh:~/图片$ scp project.png root@192.168.1.10:/var/www/wordpress/static/
project.png                                   100%  146KB  65.6MB/s   00:00
  • 单nginx节点测试分别访问动态静态页面,查看nginx是否已经动静分离,因为php代码在php-fpm的所有主机上,而png图片只在nginx一台上面,在多次访问的情况下是否出现问题,如果出现问题说明动静分离不成功,如果访问多次没有出现问题则说明动静分离成功。
lqh@lqh:/srv/ftp/software/systemctl_file$ curl 192.168.1.10/test.php
这是PHP的动态测试页面来自机器:192.168.1.10
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    56    0    56    0     0  56000      0 --:--:-- --:--:-- --:--:-- 56000
100
lqh@lqh:/srv/ftp/software/systemctl_file$ for i in {1..100}; do curl 192.168.1.10/test.php ; done  | grep PHP | wc -l
# 一百次访问成功没问题Ok
  • 多次访问静态页面也是OK的

  • 没啥问题了把配置文件传到各个nginx主机上,然后再测试下。
[root@nginx_01 conf]# for i in 11 12 13; do scp nginx.conf root@192.168.1.$i:/usr/local/nginx/conf/ ;done
lqh@lqh:/srv/ftp/software/systemctl_file$ for i in 10 11 12 13;do ssh root@192.168.1.$i "systemctl enable nginx && systemctl start nginx" ;done
lqh@lqh:~/图片$ for i in {11..13};do ssh root@192.168.1.$i "mkdir -p /var/www/wordpress/static/";done
lqh@lqh:~/图片$ scp project.png root@192.168.1.11:/var/www/wordpress/static/
project.png                                   100%  146KB  68.8MB/s   00:00    
lqh@lqh:~/图片$ scp project.png root@192.168.1.12:/var/www/wordpress/static/
project.png                                   100%  146KB  68.2MB/s   00:00    
lqh@lqh:~/图片$ scp project.png root@192.168.1.13:/var/www/wordpress/static/
project.png
  • 全部通过测试没有问题。
avatar
文章
阅读
粉丝