热门标签
热门文章
- 1opengles 绘制图元 ——glDrawArrays() 相关API介绍 (十)
- 215款超实用学习APP安利_社会人士用什么学习app
- 3Failed to build * ERROR: Could not build wheels for*, which is required to install py_error: could not build wheels for pygraphviz, whic
- 4JAVA数组与字符串_java 数组字符串
- 5数据结构实现 6.2:优先队列_基于最大二叉堆实现(C++版)_c++二叉堆优先队列
- 6人工智能时代的转型与挑战:从就业替代到技术创新的新纪元
- 7JavaScript高级开发必备:Bom和Dom全解析_javascript bom dom
- 8线程池:Java并发编程的加速器
- 9hugging face model hub 下载预训练模型下载加速_huggingface 下载加速
- 10配置vue3+vite+eslint+prettierrc项目_vite eslint
当前位置: article > 正文
web 服务搭建_搭建web服务
作者:爱喝兽奶帝天荒 | 2024-08-15 22:58:52
赞
踩
搭建web服务
目录
一、在Nginx服务器上搭建LNMP服务,并且能够对外提供Discuz论坛服务,在Web1、Web2服务器上搭建Tomcat 服务
三、对基于www.benet.com域名的虚拟机主机的nginx服务调优:隐藏nginx版本号,缓存静态图片网页时间为1天,设置防盗链功能
方法二:因为我们根本身就是逻辑卷;所以就不另外添加磁盘了,就在根下面做
六、在Nginx服务器上对基于www.benet.com域名的虚拟机主机设置动静分离由nginx提供静态页面服务,将对 .jsp文件的动态页面请求转发到Tomcat 服务器处理,并实现负载均衡
七、在网关服务器上设置SNAT/DNAT,使client使用网关服务器的ens36接口的IP地址访问也可实现上一题的效果。
拓扑图:
环境搭建
Centos7-5作为Client(12.0.0.12/24);Centos7-1作为网关服务器(配置两块网卡ens33 192.168.246.7/24,ens36 12.0.0.1/24);Centos7-2作为Web1(192.168.246.8/24 提供web1服务);Centos7-3作为Web2(192.168.246.9/24 提供web2服务);Centos7-4作为Nginx服务器(192.168.246.10/24)
五台机器都关闭防火墙、防护
7-1网关服务器配置双网卡
- [root@localhost ~]#ifconfig
- [root@localhost ~]#cd /etc/sysconfig/network-scripts/
- [root@localhost network-scripts]#ls
- ifcfg-ens33 ifdown-ipv6 ifdown-TeamPort ifup-ippp ifup-routes network-functions
- ifcfg-lo ifdown-isdn ifdown-tunnel ifup-ipv6 ifup-sit network-functions-ipv6
- ifdown ifdown-post ifup ifup-isdn ifup-Team
- ifdown-bnep ifdown-ppp ifup-aliases ifup-plip ifup-TeamPort
- ifdown-eth ifdown-routes ifup-bnep ifup-plusb ifup-tunnel
- ifdown-ib ifdown-sit ifup-eth ifup-post ifup-wireless
- ifdown-ippp ifdown-Team ifup-ib ifup-ppp init.ipv6-global
- [root@localhost network-scripts]#cp ifcfg-ens33 ifcfg-ens36
- [root@localhost network-scripts]#vim ifcfg-ens36
一、在Nginx服务器上搭建LNMP服务,并且能够对外提供Discuz论坛服务,在Web1、Web2服务器上搭建Tomcat 服务
(一)Nginx服务器上搭建LNMP服务
①编译安装nginx
- [root@zzzcentos4 ~]#yum -y install pcre-devel zlib-devel gcc gcc-c++ make
- [root@zzzcentos4 ~]#cd /opt
- [root@zzzcentos4 opt]#ls
- rh
- [root@zzzcentos4 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos4 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos4 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos4 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos4 opt]#ls
- Discuz_X3.4_SC_UTF8.zip nginx-1.22.0.tar.gz rh
- mysql-boost-5.7.20.tar.gz php-7.1.10.tar.bz2
- [root@zzzcentos4 opt]#tar xf nginx-1.22.0.tar.gz
- [root@zzzcentos4 opt]#cd nginx-1.22.0/
- [root@zzzcentos4 nginx-1.22.0]#useradd -M -s /sbin/nologin nginx
- [root@zzzcentos4 nginx-1.22.0]#./configure \
- > --prefix=/usr/local/nginx \
- > --user=nginx \
- > --group=nginx \
- > --with-http_stub_status_module
- [root@zzzcentos4 nginx-1.22.0]#make -j 2
- [root@zzzcentos4 nginx-1.22.0]#make install
- [root@zzzcentos4 nginx-1.22.0]#echo $PATH
- /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
- [root@zzzcentos4 nginx-1.22.0]#
- [root@zzzcentos4 nginx-1.22.0]#ln -s /usr/local/nginx/sbin/nginx /usr/bin
- #为了使用nginx命令可以补全 (做到$PATH下面就行)
- [root@zzzcentos4 nginx-1.22.0]#tee /lib/systemd/system/nginx.service <<eof
- > [Unit]
- > Description=nginx
- > After=network.target
- > [Service]
- > Type=forking
- > PIDFile=/usr/local/nginx/logs/nginx.pid
- > ExecStart=/usr/local/nginx/sbin/nginx
- > ExecReload=/bin/kill -1 $MAINPID
- > ExecStop=/bin/kill -3 $MAINPID
- > PrivateTmp=true
- > [Install]
- > WantedBy=multi-user.target
- > eof
- [Unit]
- Description=nginx
- After=network.target
- [Service]
- Type=forking
- PIDFile=/usr/local/nginx/logs/nginx.pid
- ExecStart=/usr/local/nginx/sbin/nginx
- ExecReload=/bin/kill -1
- ExecStop=/bin/kill -3
- PrivateTmp=true
- [Install]
- WantedBy=multi-user.target
- [root@zzzcentos4 nginx-1.22.0]#systemctl daemon-reload
- [root@zzzcentos4 nginx-1.22.0]#systemctl enable --now nginx.service
- Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
- [root@zzzcentos4 nginx-1.22.0]#systemctl start nginx
- [root@zzzcentos4 nginx-1.22.0]#systemctl status nginx
②编译安装mysql
- [root@zzzcentos4 nginx-1.22.0]#cd /opt
- [root@zzzcentos4 opt]#ls
- Discuz_X3.4_SC_UTF8.zip nginx-1.22.0 php-7.1.10.tar.bz2
- mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
- [root@zzzcentos4 opt]#yum -y install \
- > ncurses \
- > ncurses-devel \
- > bison \
- > cmake
- [root@zzzcentos4 opt]#yum -y install gcc gcc-c++ cmake bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
- [root@zzzcentos4 opt]#useradd -M -s /sbin/nologin mysql
- [root@zzzcentos4 opt]#ls
- Discuz_X3.4_SC_UTF8.zip nginx-1.22.0 php-7.1.10.tar.bz2
- mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
- [root@zzzcentos4 opt]#tar xf mysql-boost-5.7.20.tar.gz
- [root@zzzcentos4 opt]#ls
- Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
- mysql-5.7.20 nginx-1.22.0 php-7.1.10.tar.bz2
- [root@zzzcentos4 opt]#cd mysql-5.7.20/
- [root@zzzcentos4 mysql-5.7.20]#
- [root@zzzcentos4 mysql-5.7.20]#cmake \
- > -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
- > -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
- > -DSYSCONFDIR=/etc \
- > -DSYSTEMD_PID_DIR=/usr/local/mysql \
- > -DDEFAULT_CHARSET=utf8 \
- > -DDEFAULT_COLLATION=utf8_general_ci \
- > -DWITH_EXTRA_CHARSETS=all \
- > -DWITH_INNOBASE_STORAGE_ENGINE=1 \
- > -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
- > -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
- > -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
- > -DMYSQL_DATADIR=/usr/local/mysql/data \
- > -DWITH_BOOST=boost \
- > -DWITH_SYSTEMD=1
- [root@zzzcentos4 mysql-5.7.20]#vim /etc/my.cnf
- [client]
- port = 3306
- socket=/usr/local/mysql/mysql.sock
-
- [mysqld]
- user = mysql
- basedir=/usr/local/mysql
- datadir=/usr/local/mysql/data
- port = 3306
- character-set-server=utf8
- pid-file = /usr/local/mysql/mysqld.pid
- socket=/usr/local/mysql/mysql.sock
- bind-address = 0.0.0.0
- skip-name-resolve
- max_connections=2048
- default-storage-engine=INNODB
- max_allowed_packet=16M
- server-id = 1
-
- sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,
- NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
- [root@zzzcentos4 mysql-5.7.20]#chown -R mysql:mysql /usr/local/mysql/
- [root@zzzcentos4 mysql-5.7.20]#chown mysql:mysql /etc/my.cnf
- [root@zzzcentos4 mysql-5.7.20]#
- [root@zzzcentos4 mysql-5.7.20]#echo 'export PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH' >> /etc/profile
- [root@zzzcentos4 mysql-5.7.20]#source /etc/profile
- [root@zzzcentos4 mysql-5.7.20]#cd /usr/local/mysql/bin/
- [root@zzzcentos4 bin]#./mysqld \
- > --initialize-insecure \
- > --user=mysql \
- > --basedir=/usr/local/mysql \
- > --datadir=/usr/local/mysql/data
- [root@zzzcentos4 bin]#cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
- [root@zzzcentos4 bin]#systemctl daemon-reload
- [root@zzzcentos4 bin]#systemctl start mysqld.service
- [root@zzzcentos4 bin]#systemctl status mysqld.service
③ 编译安装php软件
- [root@zzzcentos4 bin]#cd /opt
- [root@zzzcentos4 opt]#ls
- Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
- mysql-5.7.20 nginx-1.22.0 php-7.1.10.tar.bz2
- [root@zzzcentos4 opt]#tar xf php-7.1.10.tar.bz2
- [root@zzzcentos4 opt]#cd php-7.1.10/
- [root@zzzcentos4 php-7.1.10]#yum -y install gd \
- > libjpeg libjpeg-devel \
- > libpng libpng-devel \
- > freetype freetype-devel \
- > libxml2 libxml2-devel \
- > zlib zlib-devel \
- > curl curl-devel \
- > openssl openssl-devel
- [root@zzzcentos4 php-7.1.10]#./configure \
- > --prefix=/usr/local/php \
- > --with-mysql-sock=/usr/local/mysql/mysql.sock \
- > --with-mysqli \
- > --with-zlib \
- > --with-curl \
- > --with-gd \
- > --with-jpeg-dir \
- > --with-png-dir \
- > --with-freetype-dir \
- > --with-openssl \
- > --enable-fpm \
- > --enable-mbstring \
- > --enable-xml \
- > --enable-session \
- > --enable-ftp \
- > --enable-pdo \
- > --enable-tokenizer \
- > --enable-zip
- [root@zzzcentos4 php-7.1.10]#make -j 2
- [root@zzzcentos4 php-7.1.10]#make install
- [root@zzzcentos4 etc]#ls
- pear.conf php-fpm.conf php-fpm.conf.default php-fpm.d
- [root@zzzcentos4 etc]#cd php-fpm.d/
- [root@zzzcentos4 php-fpm.d]#ls
- www.conf.default
- [root@zzzcentos4 php-fpm.d]#cp www.conf.default www.conf
- [root@zzzcentos4 php-fpm.d]#ls
- www.conf www.conf.default
- [root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/bin/* /usr/local/bin/
- [root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/sbin/* /usr/local/sbin/
- [root@zzzcentos4 php-fpm.d]#
- [root@zzzcentos4 php-fpm.d]#cd /opt/php-7.1.10/sapi/fpm
- [root@zzzcentos4 fpm]#cp php-fpm.service /usr/lib/systemd/system/php-fpm.service
- [root@zzzcentos4 fpm]#systemctl daemon-reload
- [root@zzzcentos4 fpm]#systemctl start php-fpm.service
- [root@zzzcentos4 fpm]#systemctl status php-fpm.service
④配置 Nginx支持PHP解析
[root@zzzcentos4 fpm]#vim /usr/local/nginx/conf/nginx.conf
- [root@zzzcentos4 fpm]#nginx -s reload
- [root@zzzcentos4 fpm]#systemctl restart nginx.service
- [root@zzzcentos4 fpm]#cd /usr/local/nginx/html/
- [root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php
- [root@zzzcentos4 html]#cat /usr/local/nginx/html/index.php
- <?php
- phpinfo();
- ?>
- [root@zzzcentos4 html]#
验证数据库工作是否正常
- [root@zzzcentos4 html]#mysql -uroot -pabc123
- mysql: [Warning] Using a password on the command line interface can be insecure.
- Welcome to the MySQL monitor. Commands end with ; or \g.
- Your MySQL connection id is 5
- Server version: 5.7.20 Source distribution
-
- Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
-
- Oracle is a registered trademark of Oracle Corporation and/or its
- affiliates. Other names may be trademarks of their respective
- owners.
-
- Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
-
- mysql> CREATE DATABASE bbs;
- Query OK, 1 row affected (0.02 sec)
-
- mysql> GRANT all ON bbs.* TO 'bbsuser'@'%' IDENTIFIED BY 'admin123';
- Query OK, 0 rows affected, 1 warning (0.03 sec)
-
- mysql> GRANT all ON bbs.* TO 'bbsuser'@'localhost' IDENTIFIED BY 'admin123';
- Query OK, 0 rows affected, 2 warnings (0.00 sec)
-
- mysql> flush privileges;
- Query OK, 0 rows affected (0.01 sec)
-
- mysql> quit
- Bye
- [root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php
- <?php
- $link=mysqli_connect('192.168.246.10','bbsuser','admin123');
- if($link) echo "<h1>Success!!</h1>";
- else echo "Fail!!";
- ?>
⑤安装论坛
- [root@zzzcentos4 opt]#ls
- dir_SC_UTF8 mysql-5.7.20 nginx-1.22.0 php-7.1.10 rh
- Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz php-7.1.10.tar.bz2 说明.htm
- [root@zzzcentos4 opt]#cd dir_SC_UTF8/
- [root@zzzcentos4 dir_SC_UTF8]#ls
- readme upload utility
- [root@zzzcentos4 dir_SC_UTF8]#cp -r upload/ /usr/local/nginx/html/bbs/
- [root@zzzcentos4 dir_SC_UTF8]#cd /usr/local/nginx/html/bbs/
- [root@zzzcentos4 bbs]#ls
- admin.php archiver crossdomain.xml forum.php index.php member.php portal.php source uc_client
- api config data group.php install misc.php robots.txt static uc_server
- api.php connect.php favicon.ico home.php m plugin.php search.php template
- [root@zzzcentos4 bbs]#chown -R nginx.nginx ./config/
- [root@zzzcentos4 bbs]#chown -R nginx.nginx ./data/
- [root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_client/
- [root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_server/
- [root@zzzcentos4 bbs]#chmod -R 777 ./config/
- [root@zzzcentos4 bbs]#chmod -R 777 ./data/
- [root@zzzcentos4 bbs]#chmod -R 777 ./uc_client/
- [root@zzzcentos4 bbs]#chmod -R 777 ./uc_server/
- [root@zzzcentos4 bbs]#
(二)Web1、Web2服务器上搭建Tomcat 服务
①安装Oracle JDK(即部署java环境)
- [root@zzzcentos2 ~]#cd /opt/
- [root@zzzcentos2 opt]#ls
- rh
- [root@zzzcentos2 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos2 opt]#rz -E
- rz waiting to receive.
- [root@zzzcentos2 opt]#ls
- apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
- [root@zzzcentos2 opt]#ls
- apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
- [root@zzzcentos2 opt]#systemctl stop firewalld
- [root@zzzcentos2 opt]#setenforce 0
- setenforce: SELinux is disabled
- [root@zzzcentos2 opt]#java -version
- openjdk version "1.8.0_131"
- OpenJDK Runtime Environment (build 1.8.0_131-b12)
- OpenJDK 64-Bit Server VM (build 25.131-b12, mixed mode)
- [root@zzzcentos2 opt]#tar xf jdk-8u291-linux-x64.tar.gz -C /usr/local/
- [root@zzzcentos2 opt]#cd /usr/local/
- [root@zzzcentos2 local]#ls
- bin etc games include jdk1.8.0_291 lib lib64 libexec sbin share src
- [root@zzzcentos2 local]#ln -s jdk1.8.0_291/ jdk
- [root@zzzcentos2 local]#vim /etc/profile.d/jdk.sh
- [root@zzzcentos2 local]#cat /etc/profile.d/jdk.sh
- export JAVA_HOME=/usr/local/jdk
- export PATH=$JAVA_HOME/bin:$PATH
- export JRE_HOME=$JAVA_HOME/jre
- export CLASSPATH=$JAVA_HOME/lib/:$JRE_HOME/lib/
-
- [root@zzzcentos2 local]#source /etc/pro
- profile profile.d/ protocols
- [root@zzzcentos2 local]#source /etc/profile.d/jdk.sh
- [root@zzzcentos2 local]#java -version
- java version "1.8.0_291"
- Java(TM) SE Runtime Environment (build 1.8.0_291-b10)
- Java HotSpot(TM) 64-Bit Server VM (build 25.291-b10, mixed mode)
- [root@zzzcentos2 local]#
②安装tomcat
- [root@zzzcentos2 local]#cd /opt/
- [root@zzzcentos2 opt]#ls
- apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
- [root@zzzcentos2 opt]#tar xf apache-tomcat-9.0.16.tar.gz
- [root@zzzcentos2 opt]#ls
- apache-tomcat-9.0.16 apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
- [root@zzzcentos2 opt]#cp -r apache-tomcat-9.0.16 /usr/local/
- [root@zzzcentos2 opt]#cd /usr/local/
- [root@zzzcentos2 local]#ls
- apache-tomcat-9.0.16 bin etc games include jdk jdk1.8.0_291 lib lib64 libexec sbin share src
- [root@zzzcentos2 local]#ln -s apache-tomcat-9.0.16/ tomcat
- [root@zzzcentos2 local]#useradd -s /sbin/nologin -M tomcat
- [root@zzzcentos2 local]#chown -R tomcat:tomcat tomcat/
- [root@zzzcentos2 local]#vim /usr/lib/systemd/system/tomcat.service
- [root@zzzcentos2 local]#cat /usr/lib/systemd/system/tomcat.service
- [Unit]
- Description=Tomcat
- After=syslog.target network.target
-
- [Service]
- Type=forking
- ExecStart=/usr/local/tomcat/bin/startup.sh
- ExecStop=/usr/local/tomcat/bin/shutdown.sh
- RestartSec=3
- PrivateTmp=true
- User=tomcat
- Group=tomcat
-
- [Install]
- WantedBy=multi-user.target
-
- [root@zzzcentos2 local]#systemctl daemon-reload
- [root@zzzcentos2 local]#systemctl start tomcat
- [root@zzzcentos2 local]#systemctl status tomcat
二、为nginx服务配置虚拟主机,新增两个域名 www.kgc.com 和 www.benet.com,使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面。使用http://www.benet.com则访问/var/www/html目录中的index.html文件的内容,内容自定义
①nginx服务配置虚拟主机
[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.conf
搭好论坛会生成它,注意题目访问www.kgc.com跳到论坛,注意位置,在www.kgc.com域名下面
再编辑域名www.benet.com
- server {
- listen 80;
- server_name www.benet.com;
- root /var/www/html;
- }
②创建对应文件夹
- [root@zzzcentos4 conf]#mkdir -p /var/www/html
- [root@zzzcentos4 conf]#cd /var/www/html/
- [root@zzzcentos4 html]#ls
- [root@zzzcentos4 html]#echo hello /var/www/html/ > index.html
- [root@zzzcentos4 html]#cat index.html
- hello /var/www/html/
③真机配置:
C:\Windows\System32\drivers\etc
④检测:
使用http://www.benet.com则访问/var/www/html/目录中的index.html文件的内容
使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面
三、对基于www.benet.com域名的虚拟机主机的nginx服务调优:隐藏nginx版本号,缓存静态图片网页时间为1天,设置防盗链功能
①配置文件
[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.conf- server {
- listen 80;
- server_name www.benet.com;
- root /var/www/html;
- expires 1d;
- server_tokens off;
- location ~* \.(jpg|gif|jepg|bmp|png)$ {
- valid_referers none bloaced *.benet.com benet.com;
- if ( $invalid_referer ) {
- return 403;
- }
- }
- }
②客户机检测:
③防盗链检测:
使用另一台机器检测,就随意选7-2吧
- [root@zzzcentos2 ~]#yum install httpd -y
- [root@zzzcentos2 ~]#cd /var/www/html/
- [root@zzzcentos2 html]#systemctl start httpd
- [root@zzzcentos2 html]#vim index.html
- [root@zzzcentos2 html]#cat index.html #检测页面
- <html>
- <body>
- <h1>this is yun</h1>
- <img src="http://www.benet.com/a.jpg"/>
- </body>
- </html>
- [root@zzzcentos2 html]#systemctl restart httpd.service
- [root@zzzcentos2 html]#rz -E
- rz waiting to receive.
- [root@zzzcentos2 html]#ls
- c38f51c57937c53c60ebba856b53cc3.png index.html
- [root@zzzcentos2 html]#mv c38f51c57937c53c60ebba856b53cc3.png a.jpg
- [root@zzzcentos2 html]#ls
- a.jpg index.html
- [root@zzzcentos2 html]#
没设置反盗链的时候,是可以访问到图片的,设置放盗链后再次访问,返回设置的403
四、网关服务器搭建NFS服务,提供的文件系统使用LVM类型,共享目录名称为/opt/nfs;要求根据日期对Discuz论坛服务的访问日志进行日志分割,要求每天生成一份日志文件,保存到NFS服务共享的目录内。
Centos7-1作为网关服务器
①文件系统使用LVM类型
方法一:新加盘做一个LVM类型
- [root@localhost ~]#lsblk
- [root@localhost ~]#echo "- - -" > /sys/class/scsi_host/host0/scan;echo "- - -" > /sys/class/scsi_host/host1/scan;echo "- - -" > /sys/class/scsi_host/host2/scan
- [root@localhost ~]#lsblk
- NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
- sda 8:0 0 60G 0 disk
- ├─sda1 8:1 0 5G 0 part /boot
- └─sda2 8:2 0 54G 0 part
- ├─centos-root 253:0 0 50G 0 lvm /
- └─centos-swap 253:1 0 4G 0 lvm [SWAP]
- sdb 8:16 0 20G 0 disk
- sdc 8:32 0 20G 0 disk
- sr0 11:0 1 4.2G 0 rom
- [root@localhost ~]#pvcreate /dev/sdb /dev/sdc
- #建物理卷
- Physical volume "/dev/sdb" successfully created.
- Physical volume "/dev/sdc" successfully created.
- [root@localhost ~]#vgcreate vg /dev/sdb /dev/sdc
- #建卷组
- Volume group "vg" successfully created
- [root@localhost ~]#lvcreate -n lvm -L 10G /dev/vg
- #建逻辑卷 指定名称lvm 指定大小30G 存放在/dev/vg下
- Logical volume "lvm" created.
- [root@localhost ~]#mkfs.xfs /dev/vg/lvm
- meta-data=/dev/vg/lvm isize=512 agcount=4, agsize=655360 blks
- = sectsz=512 attr=2, projid32bit=1
- = crc=1 finobt=0, sparse=0
- data = bsize=4096 blocks=2621440, imaxpct=25
- = sunit=0 swidth=0 blks
- naming =version 2 bsize=4096 ascii-ci=0 ftype=1
- log =internal log bsize=4096 blocks=2560, version=2
- = sectsz=512 sunit=0 blks, lazy-count=1
- realtime =none extsz=4096 blocks=0, rtextents=0
- [root@localhost ~]#mount /dev/vg/lvm /opt
- [root@localhost ~]#mkdir /opt/nfs
- [root@localhost ~]#vim /etc/exports
- /opt/nfs *
- [root@localhost ~]#cat /etc/exports
- /opt/nfs *
- [root@localhost ~]#exportfs -r
- exportfs: No options for /opt/nfs *: suggest *(sync) to avoid warning
- [root@localhost ~]#exportfs -v
- /opt/nfs <world>(ro,sync,wdelay,hide,no_subtree_check,sec=sys,secure,root_squash,no_all_squash)
- [root@localhost ~]#hostname zzzcentos1
- [root@localhost ~]#su
- [root@zzzcentos1 ~]#
方法二:因为我们根本身就是逻辑卷;所以就不另外添加磁盘了,就在根下面做
②设置共享目录
- [root@zzcentos1 ~]#mkdir /opt/nfs
- [root@zzcentos1 ~]#vim /etc/exports
- [root@zzcentos1 ~]#cat /etc/exports
- /opt/nfs *
- [root@zzcentos1 ~]#exportfs -r
- exportfs: No options for /opt/nfs *: suggest *(sync) to avoid warning
- [root@zzcentos1 ~]#exportfs -v
- /opt/nfs <world>(ro,sync,wdelay,hide,no_subtree_check,sec=sys,secure,root_squash,no_all_squash)
- [root@zzcentos1 ~]#
③nginx 服务挂载共享目录
④日志分割
编辑脚本:
- #!/bin/bash
- pid=`cat /usr/local/nginx/logs/nginx.pid`
- cd /opt
- mv benet.log /mnt/`date +%F`
- touch benet.log
- kill -USR1 ${pid}
再去页面访问:
编写crontab计划
绝对路径加脚本有执行权限,如上图就可以执行,到此结束
方法二:脚本也可以如下写法
- #!/bin/bash
- day=`date "+%Y-%m-%d"`
- log="/usr/local/nginx/logs"
- pid=`cat /usr/local/nginx/logs/nginx.pid`
-
- mv /${log}/access.log /opt/${day}
- kill -USR1 ${pid}
- sed -i '/.*bbs.*/!p' /opt/${day}
五、要求配置location匹配请求地址http://www.kgc.com/test/XXXX,使用户访问该路径下的文件时返回/var/share/nginx/html/目录下的文件内容。
要求使用rewrite将使用域名www.benet.com 请求以 .php 结尾的访问都跳转到域名www.kgc.com上,而且后面的参数保持不变,比如访问http://www.benet.com/bbs/index.php跳转到http://www.kgc.com/bbs/index.php
(1)要求配置location匹配请求地址http://www.kgc.com/test/XXXX,使用户访问该路径下的文件时返回/var/share/nginx/html/目录下的文件内容
①Nginx服务配置
- location /test {
- alias /var/share/nginx/html;
- }
②创建被访问文件内容
③检测:
(2)要求使用rewrite将使用域名www.benet.com 请求以 .php 结尾的访问都跳转到域名www.kgc.com上,而且后面的参数保持不变,比如访问http://www.benet.com/bbs/index.php跳转到http://www.kgc.com/bbs/index.php
①Nginx服务配置
- location ~* \.php$ {
- rewrite ^/(.*) http://www.kgc.com/$1 permanent;
- }
②去浏览器检测:
成功跳转
六、在Nginx服务器上对基于www.benet.com域名的虚拟机主机设置动静分离由nginx提供静态页面服务,将对 .jsp文件的动态页面请求转发到Tomcat 服务器处理,并实现负载均衡
①Nginx服务器配置
- upstream tomcat {
- server 192.168.246.8:8080;
- server 192.168.246.9:8080;
- }
- location / {
- root /var/www/html;
- index index.html index.htm;
- }
- location ~*\.jsp$ {
- proxy_pass http://tomcat;
- }
②配置Tomcat服务器
tomcat 7-2配置:
tomcat 7-3配置:
- [root@zzzcentos3 ~]#systemctl stop firewalld
- [root@zzzcentos3 ~]#setenforce 0
- [root@zzzcentos3 ~]#cd /usr/local/tomcat/webapps/ROOT/
- [root@zzzcentos3 ROOT]#ls
- asf-logo-wide.svg bg-middle.png bg-upper.png index.jsp tomcat.css tomcat.png tomcat.svg
- bg-button.png bg-nav.png favicon.ico RELEASE-NOTES.txt tomcat.gif tomcat-power.gif WEB-INF
- [root@zzzcentos3 ROOT]#cp index.jsp index.jsp.bak #先备份
- [root@zzzcentos3 ROOT]#ls
- asf-logo-wide.svg bg-nav.png index.jsp tomcat.css tomcat-power.gif
- bg-button.png bg-upper.png index.jsp.bak tomcat.gif tomcat.svg
- bg-middle.png favicon.ico RELEASE-NOTES.txt tomcat.png WEB-INF
- [root@zzzcentos3 ROOT]#echo tomcat 7-3 > index.jsp #输入内容
- [root@zzzcentos3 ROOT]#cat index.jsp
- tomcat 7-3
- [root@zzzcentos3 ROOT]#
③浏览器检测:
访问动态页面:
访问静态页面:
七、在网关服务器上设置SNAT/DNAT,使client使用网关服务器的ens36接口的IP地址访问也可实现上一题的效果。
理解:
我们想要 客户机 用 网关服务器的ens36接口IP地址(12.0.0.1)去访问www.benet.com/index.jsp,从而得到我们在 Tomcat服务器中配置的 动态页面;
所以这是外网(7-5 IP:12.0.0.12)可以访问内网(7-1 ip: 192.168.246.7),所以我们需要配置的是DNAT
①客户机地址配置
②网关服务器配置
- [root@zzcentos1 network-scripts]#sysctl -a |grep "ip_forward"
- net.ipv4.ip_forward = 0
- net.ipv4.ip_forward_use_pmtu = 0
- sysctl: reading key "net.ipv6.conf.all.stable_secret"
- sctl: reading key "net.ipv6.conf.default.stable_secret"
- ?ysctl: reading key "net.ipv6.conf.ens33.stable_secret"
- sysctl: reading key "net.ipv6.conf.ens36.stable_secret"
- sysctl: reading key "net.ipv6.conf.lo.stable_secret"
- sysctl: reading key "net.ipv6.conf.virbr0.stable_secret"
- sysctl: reading key "net.ipv6.conf.virbr0-nic.stable_secret"
- [root@zzcentos1 network-scripts]#vim /etc/sysctl.conf
- [root@zzcentos1 network-scripts]#sysctl -p
- net.ipv4.ip_forward = 1
- [root@zzcentos1 network-scripts]#
③做SNAT与DNAT
- [root@zzcentos1 network-scripts]#iptables -t nat -A POSTROUTING -o ens36 -s 192.168.246.0/24 -j SNAT --to 12.0.0.1
- [root@zzcentos1 network-scripts]#
- [root@zzcentos1 network-scripts]#iptables -t nat -A PREROUTING -i ens36 -d 12.0.0.1 -p tcp --dport 80 -j DNAT --to 192.168.246.7
- [root@zzcentos1 network-scripts]#iptables -t nat -vnL
- Chain PREROUTING (policy ACCEPT 1 packets, 71 bytes)
- pkts bytes target prot opt in out source destination
- 0 0 DNAT tcp -- ens36 * 0.0.0.0/0 12.0.0.1 tcp dpt:80 to:192.168.246.7
-
- Chain INPUT (policy ACCEPT 1 packets, 71 bytes)
- pkts bytes target prot opt in out source destination
-
- Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
-
- Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 0 0 SNAT all -- * ens36 192.168.246.0/24 0.0.0.0/0 to:12.0.0.1
- [root@zzcentos1 network-scripts]#
④客户机浏览器检测:
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/爱喝兽奶帝天荒/article/detail/985522
推荐阅读
相关标签
