preface
This article is a summary of the learning process of Nginx, the so-called LNMP is Linux+Nginx+MySQL+PHP, and distributed means that a work is divided into different businesses to multiple different servers, so that they can carry out their own processing, and jointly complete the work. Cluster is to centralize a number of servers to achieve load balancing and high availability. Distributed and cluster have their own advantages and disadvantages, so a distributed cluster is formed by combining the advantages. Divide a job into multiple services and distribute them in a cluster. In addition to LNMP, you can also deploy LNAMPs (join Apache for dynamic resources and Nginx for static resources and reverse proxies), but I won’t go into that here.
The thing that blew me off was that I originally used Nginx version 1.16.1 and PHP version 5.6.27, but they didn’t work together properly, so Nginx went back to 1.10.3.
As can be seen from the figure, we created nine servers with their respective roles, each representing a service.
| Serial number | IP | The server |
|---|---|---|
| 1 | 192.168.177.11 | Nginx (www.itshop.test) : load balancing |
| 2 | 192.168.177.12 | Nginx(file.itshop.test) : static file cache |
| 3 | 192.168.177.13 | Nginx+PHP(upload.itshop.test) : upload a file |
| 4 | 192.168.177.14 | Nginx+PHP |
| 5 | 192.168.177.15 | Nginx+PHP |
| 6 | 192.168.177.16 | NFS: file storage |
| 7 | 192.168.177.17 | MySQL (main) |
| 8 | 192.168.177.18 | MySQL (from) |
| 9 | 192.168.177.19 | Memcached: data cache |
The deployment of
Linux server deployment
For details on this section, see article: Installing Nginx from source code compilation in CentOS.
The memory quota of each vm must be controlled to prevent insufficient memory on the dedicated vm. If the dedicated vm has 8 gb memory, it is recommended that 512MB be allocated to each vm.
Nettools: yum -y install Nettools. Change the tuna source for the system.
After the Linux system installation of server 1 is completed, clone the other 4 Nginx servers that do not need to be installed, and then deploy Nginx and clone the other 4 servers that need Nginx. The basic process is shown as follows:
Each server should pay attention to the network configuration as required, mainly the static configuration of the network.
We write either a SHELL script or a manual configuration:
#! /bin/bash
ens33=/etc/sysconfig/network-scripts/ifcfg-ens33
sed -i 's/BOOTPROTO=.*/BOOTPROTO=\"static\"/g' $ens33
sed -i '$aIPADDR = 192.168.177.1'The $1' ' $ens33
sed -i '$aNETMASK = 255.255.255.0' $ens33
sed -i '$aGATEWAY = 192.168.177.2' $ens33
sed -i '$aDNS1 = 192.168.177.2' $ens33
service network restart
Copy the codeThen use./network-settings.sh 1 to set the network for the server.
In sed, I indicates direct editing, s indicates replacement, $matches the end of the last line, and a indicates append. man.linuxde.net/sed, instead use sed -i ‘s/IPADDR=.*/IPADDR=192.168.177.1’$1’/g’ $ens33.
Before we move on to formal deployment, let’s review a diagram that illustrates the architecture to keep in mind:
Deployment of the Nginx environment
Install Nginx on CentOS first:
Nginx is 1.10.3, PHP is 5.6.27, otherwise it will be very bad, because the version does not match, either use the latest version, or follow the configuration of this article.
Wget http://nginx.org/download/nginx-1.10.3.tar.gz tar - ZXVF nginx - 1.10.3. Tar. Gz yum - y install GCC pcre - devel openssl-develcdNginx - 1.10.3. / configure -- preifx = / usr /local/nginx --with-http_ssl_module --with-http_realip_module
make && make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx
vi /etc/init.d/nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
Create user WWW and site directory /data/ WWW
useradd -s /sbin/nologin -M www
mkdir -p /data/www
cp /usr/local/nginx/html/* /data/www
chown -R www:www /data/www
vi /usr/local/nginx/conf/nginx.conf
# configure user
user www
Modify the server block
server {
listen 80;
server_name localhost;
root /data/www;
index index.html index.htm;
}
service nginx start
Update and configure firewalls
systemctl stop firewalld
systemctl disable firewalld
firewall-cmd --state
yum -y install iptables-services
systemctl enable iptables
systemctl start iptables
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
Copy the codeUseradd command, -m: do not automatically create user login directory; -s: specifies the shell used by the user after login. The chown command has the following parameters: User group: specifies the owner and working group. When the: group is omitted, only the file owner is changed. -r or — recursive: processing user users [user groups] recursively; Command to configure users or groups for the server to run
Then clone VMS 2 and 3 and execute the script to configure the network.
After this, modify the hosts file on the local host, such as vi /etc/hosts on my MacBook Pro:
Test 192.168.177.11 www.itshop.test 192.168.177.12 file.itshop.test 192.168.177.13 upload.itshop.testCopy the codeNginx + PHP server setup
Install PHP on servers 3, 4, and 5, where server 3 provides file upload services, including image compression, thumbnail generation, watermarking, etc., and finally save to file storage server 6, where server 4 and 5 are a cluster of scripts used to execute web sites.
In itself, PHP and Apache are the perfect combination (PHP works as a module), but here we are using Nginx (PHP works as a CGI), so we need to configure FastCGI. See Nginx+ php-fpm for more details.
Install PHP on server 3:
# install dependencies, Need to download [libmcrypt - 2.5.8. Tar. Gz] (HTTP: / / https://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz/downl oad)yum -y install gcc-c++ libxmk2-devel curl-devel libjpeg-devel libpng-devel freetype-devel tar -zxf Libmcrypt - 2.5.8. Tar. GzcdLibmcrypt-2.5.8./configure && make && make install &&cd.# build and install PHP (for demonstration, we will use phP-5.6.27)Wget https://www.php.net/distributions/php-7.4.0.tar.gz tar ZXF PHP - 5.6.27. Tar. GzcdPHP - 5.6.27. / configure -- prefix = / usr /local/php --enable-fpm --with-zlib --enable-zip --enable-mbstring --with-mcrypt --with mysql \ --with-mysqli --with-pdo-mysql --with-gd --with-jpeg-dir --with-png-dir \ --with-freetype-dir --with-curl --with-openssl --with-mhash --enable-bcmath \ --enable-opcache && make && make installConfigure Nginx and PHP
cp php.ini-production /usr/local/php/lib/php.ini
vi /usr/local/php/lib/php.ini PRC date.timezone=PRC
cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm Create service script and configure startup
chmod +x /etc/init.d/php-fpm
chkconfig --add php-fpm
cd /usr/local/php/etc
cp php-fpm.conf.default php-fpm.conf
vi php-fpm.conf
# change the configuration under [WWW]
user=www # child process work user
group=www
listen=/dev/shm/php-cgi.sock # Monitor sock files
listen.owner=www The owner of the socket file
listen.group=www
service php-fpm start
vi /usr/local/nginx/conf/nginx.conf
# configure in server block:
index index.html index.htm index.php
location ~\.php$ {
try_files $uri= 404; fastcgi_pass unix:/dev/shm/php-cgi.sock; include fastcgi.conf; } service nginx reloadCopy the codeYou may also want to know about the Unix domain socket connection socket /dev/shm/php-cgi.sock (many tutorials use/TMP, and /dev/shm is TMPFS, Nginx fastcgi_pass listens for port differences between Unix sockets and TCP sockets.
With that done, the Nginx+PHP platform is complete.
Clone VMS 4 and 5 based on VM 3 and configure IP addresses and firewalls. Servers 4 and 5 do not need to be directly accessed by external users. Therefore, you can change firewall rules to allow only IP addresses of load balancing server 1 to access VMS:
vi /etc/sysconfig/network-scripts/ifcfg-ens33 # change the IP
iptables --list -n --line-numbers# check rules
iptables -R INPUT 1 -s192.168.177.1 -p tcp --dport 80 -j ACCEPT
service iptables save
Copy the codeFor iptables, access native: filter on the INPUT chain; Local access to external: filtering on the OUTPUT chain; Accessing other hosts from the local machine: Filter on the FORWARD chain. You may need to take up the Iptables tutorial.
Configure reverse proxy and load balancing
After the previous configuration, 4, and 5 server can by no. 1 server access, below in the no. 1 server for Nginx configuration in order to realize the reverse proxy and load balancing, edit the/usr/local/Nginx/conf/Nginx. Conf:
server {
listen 80;
server_name itshop.test www.itshop.test;
location / {
proxy_pass http://web_server;
proxy_http_version 1.1; # Support server uses HTTP1.1
proxy_set_header Connection ""; Empty the client Connection header
proxy_set_header Host $host; Pass the Host header
proxy_set_header X-Real-IP $remote_addr; # pass real client IP}}upstream web_server{
server 192.168.177.14;
server 192.168.177.15;
keepalive 32; # Number of long connections to the backend server
}
Copy the codePHP = /data/ WWW
echo phpinfo();
? >
Copy the codeREMOTE__ADDR = load balancer (machine 1);
The x-real_IP request header is used to pass the IP address of the Real client. In order to identify the X-real_IP request header from server 1 as the IP address of the client, the server block of server 4 and server 5 needs to be configured:
real_ip_header X-Real-IP;
set_real_ip_from 192.168.177.11; Get x-real_IP only from requests from specified IP addresses
Copy the codeRemember: service nginx reload.
[In fact, I think it’s too complicated to deploy. It’s better to use Docker, but we will continue to finish the follow-up content.]
LNMP Distributed Cluster deployment Practice
- Nginx+PHP Platform Construction and Load Balancing Configuration
- (2) NFS File Server Setup and File Buffer Upload Configuration
- (3) : Setup of MySQL Primary and Secondary Database Server
- (4) : Memcached Server Construction
- (5) ThinkPHP Project Deployment
- Keepalived High Availability Solution (VI)
dffaceCopyright notice: All articles are valid unless otherwise statedCC BY – NC – SA 4.0License agreement. Reproduced please indicate the source, commercial use is strictly prohibited!