LVS之-LAMP搭建wordpress
author:JevonWei
版权声明:原创作品
LVS搭建wordpress,涉及的知识点有DNS,LAMP,NFS及LVS
- 网络拓扑图
网络环境
NFS 192.168.198.130
mysql 192.168.198.132
RS1 192.168.198.138
RS2 192.168.198.120
LVS:
DIP 192.168.198.128
vip 172.16.253.105
DNS 172.16.252.248
Client 172.16.254.150
RS1,RS2的网关指向192.168.198.128,client的DNS指向DNS服务器172.16.252.248
VS
[root@VS ~]# iptables -F
添加路由转发选项
[root@VS ~]# vim /etc/sysctl.d/99-sysctl.conf
net.ipv4.ip_forward=1
[root@VS ~]# sysctl -p /etc/sysctl.d/99-sysctl.conf \\刷新生效
net.ipv4.ip_forward = 1
配置LVS的调度算法为rr轮询
[root@VS ~]# yum -y install ipvsadm
[root@VS ~]# ipvsadm -A -t 172.16.253.105:80 -s rr \\-t指定TCP协议,-s指定调度算法为轮询
[root@VS ~]# ipvsadm -a -t 172.16.253.105:80 -r 192.168.198.138 -m \\添加192.168.198.138 RS1服务器到LVS调度,-m 为nat类型
[root@VS ~]# ipvsadm -a -t 172.16.253.105:80 -r 192.168.198.120 -m
[root@VS ~]# ipvsadm -Ln \\查看LVS调度信息
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:80 rr
-> 192.168.198.120:80 Masq 1 0 0
-> 192.168.198.138:80 Masq 1 0 0
[root@VS ~]# curl 192.168.198.120
welcome to RS2
[root@VS ~]# curl 192.168.198.138
welcome to RS1
修改LVS的调度模式为wrr
[root@VS ~]# ipvsadm -E -t 172.16.253.105:80 -s wrr
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:80 wrr
-> 192.168.198.120:80 Masq 1 0 0
-> 192.168.198.138:80 Masq 1 0 0
[root@VS ~]# ipvsadm -e -t 172.16.253.105:80 -r 192.168.198.138 -m -w 3 \\修改192.168.198.138 RS1主机的权重为3,-w 指定权重,-m为nat算法,192.168.198.120权重仍为1
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:80 wrr
-> 192.168.198.120:80 Masq 1 0 0
-> 192.168.198.138:80 Masq 3 0 0
脚本实现lvs-wrr的配置
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=wrr
case $1 in
start)
ipvsadm -A -t $vip -s $sch
ipvsadm -a -t $vip -r $rip1 -m -w 3
ipvsadm -a -t $vip -r $rip2 -m -w 1
;;
stop)
ipvsadm -C
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
RS1
[root@RS1 ~]# iptables -F
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# vim /var/www/html/index.html
welcome to RS1
[root@RS1 ~]# service httpd start
RS2
[root@RS2 ~]# iptables -F
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# vim /var/www/html/index.html
welcome to RS2
[root@RS2 ~]# service httpd start
查看LVS的信息
[root@VS ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 172.16.253.105:80 29 158 139 10710 15609
-> 192.168.198.120:80 15 82 69 5554 7923
-> 192.168.198.138:80 14 76 70 5156 7686
[root@VS ~]# ipvsadm -Ln --connection \\查看网络连接数
[root@VS ~]# cut -d " " -f1 /var/log/httpd/access_log | sort -nr | uniq -c| sort -n \\查看网络连接
client
访问rr轮询算法
[root@client ~]# for i in {1..10};do curl 172.16.253.105;sleep 1;done
welcome to RS2
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS2
访问wrr权重算法
[root@client ~]# for i in {1..10};do curl 172.16.253.105;sleep 1;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
实现HTTPS加密
将VS服务端同时作为CA服务端,即VS同时作为CA服务端
搭建CA服务端环境
[root@VS ~]# cat /etc/pki/tls/openssl.cnf \\查看证书的相关路径
[root@VS ~]# (umask 077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 1024) \\生成私钥文件
Generating RSA private key, 1024 bit long modulus
.............++++++
.........++++++
e is 65537 (0x10001)
[root@VS ~]# cd /etc/pki/CA
[root@VS CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 1024 \\生成自签名证书
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:zhengzhou
Organization Name (eg, company) [Default Company Ltd]:danran.com
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:ca.danran.com
Email Address []:
[root@VS CA]# touch index.txt
[root@VS CA]# echo 00 > serial
RS1申请CA证书
[root@RS1 ~]# cd /etc/httpd/conf.d/
[root@RS1 conf.d]# (umask 077;openssl genrsa -out httpd.key 1024)
Generating RSA private key, 1024 bit long modulus
........++++++
...........++++++
e is 65537 (0x10001)
[[root@RS1 conf.d]# openssl req -new -key httpd.key -out httpd.csr -days 10
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:zhengzhou
Organization Name (eg, company) [Default Company Ltd]:danran.com
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:ca.danran.com
Email Address []:
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@RS1 conf.d]# scp httpd.csr 192.168.198.128:/etc/pki/CA \\证书申请文件发送给CA服务端
CA服务端颁发证书
[root@VS CA]# openssl ca -in httpd.csr -out certs/httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Aug 19 13:00:12 2017 GMT
Not After : Aug 19 13:00:12 2018 GMT
Subject:
countryName = CN
stateOrProvinceName = henan
organizationName = danran.com
organizationalUnitName = it
commonName = ca.danran.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
BB:DC:5C:85:69:2B:0A:41:98:3B:7F:3E:15:69:1D:2B:C3:81:3E:EF
X509v3 Authority Key Identifier:
keyid:91:15:B3:DB:2D:94:91:2E:12:87:26:ED:05:5E:08:78:E0:10:7C:F8
[root@VS CA]# scp certs/httpd.crt 192.168.198.138:/etc/httpd/conf.d \\将证书文件颁发给RS1申请者
[root@VS CA]# scp cacert.pem 192.168.198.138:/etc/httpd/conf.d \\将CA服务端证书发送给申请者
RS1
[root@RS1 conf.d]# scp cacert.pem httpd.crt httpd.key 192.168.198.120:/etc/httpd/conf.d \\将RS1的证书、私钥及CA证书文件发送给RS2
[root@RS1 ~]# yum -y install mod_ssl
[root@RS1 ~]# vim /etc/httpd/conf.d/ssl.conf \\修改如下证书私钥、证书文件及CA证书文件的存放路径
SSLCertificateFile /etc/httpd/conf.d/httpd.crt
SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
修改后如下所示
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/httpd/conf.d/httpd.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
[root@RS1 conf.d]# service httpd restart
RS2
[root@RS2 ~]# cd /etc/httpd/conf.d/
[root@RS2 conf.d]# ls
cacert.pem httpd.key php.conf welcome.conf
httpd.crt mod_dnssd.conf README
[root@RS2 conf.d]# yum -y install mod_ssl \\安装软件包
[root@RS2 conf.d]# vim ssl.conf \\修改如下证书私钥、证书文件及CA证书文件的存放路径
SSLCertificateFile /etc/httpd/conf.d/httpd.crt
SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
修改后如下所示
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/httpd/conf.d/httpd.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
[root@RS2 conf.d]# service httpd restart
VS
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:443
rip1=192.168.198.138
rip2=192.168.198.120
sch=wrr
case $1 in
start)
ipvsadm -A -t $vip -s $sch
ipvsadm -a -t $vip -r $rip1 -m -w 3
ipvsadm -a -t $vip -r $rip2 -m -w 1
;;
stop)
ipvsadm -C
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:443 wrr
-> 192.168.198.120:443 Masq 1 0 0
-> 192.168.198.138:443 Masq 3 0 0
client客户端
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done \\-k跳过证书
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
LAMP搭建wordpress,并通过NFS共享
搭建DNS服务端
[root@DNS ~]# yum -y install bind
[root@DNS ~]# systemctl restart named
[root@DNS ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@DNS ~]# iptables -F
配置DNS
[root@DNS ~]# vim /etc/named.conf
options {
listen-on port 53 { localhost; };
allow-query { any; };
}
[root@DNS ~]# vim /etc/named.rfc1912.zones
zone "danran.com" IN {
type master;
file "danran.zone";
allow-update { none; };
};
[root@DNS ~]# cd /var/named/
[root@DNS named]# vim danran.zone
$TTL 1D
@ IN SOA dns.danran.com. admin (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.danran.com.
dns A 172.16.252.248
websrv A 172.16.253.105
www CNAME websrv
[root@DNS named]# systemctl restart named
MYSQL
[root@mysql ~]# yum -y install mariadb-server
[root@mysql ~]# systemctl start mariadb
[root@mysql ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@mysql ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# systemctl stop firewalld
[root@mysql ~]# iptables -F 关闭防火墙
创建数据库账号
[root@mysql ~]# mysql_secure_installation \\数据库安全初始化
MariaDB [(none)]> create database blogdb; \\创建数据库blogdb表
MariaDB [(none)]> grant all on blogdb.* to wpuser@'192.168.198.%' identified by 'danran'; \\创建wpuser用户,并授予blogdb表的所有权限
登录测试
[root@mysql ~]# mysql -uwpuser -h192.168.198.132 -p
添加防火墙,仅允许RS1和RS2及自己本身连接数据库
[root@mysql ~]# iptables -A INPUT -s 192.168.198.138 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -s 192.168.198.120 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -s 192.168.198.1 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -j REJECT
NFS
[root@NFS app]# setenforce 0
[root@NFS ~]# iptables -F
[root@mysql ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# systemctl stop firewalld
[root@NFS ~]# rpm -q nfs-utils
nfs-utils-1.3.0-0.33.el7.x86_64
将wordpress上传到服务器,并配置wordpress
[root@NFS app]# tar xvf wordpress-4.8-zh_CN.tar.gz \\解压wordpress
[root@NFS app]# mv wordpress blog
[root@NFS app]# cd blog/
[root@NFS blog]# cp wp-config-sample.php wp-config.php
[root@NFS blog]# vim wp-config.php
// ** MySQL 设置 - 具体信息来自您正在使用的主机 ** //
/** WordPress数据库的名称 */
define('DB_NAME', 'blogdb');
/** MySQL数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'danran');
/** MySQL主机 */
define('DB_HOST', '192.168.198.132');
创建与RS1和RS2主机上相同UID的apache用户
[root@NFS blog]# useradd -u 48 -r -s /sbin/nologin apache \\RS1和RS2的apache用户UID为48
修改blog目录的属组,从而使apache用户对blog有读写权限
[root@NFS app]# chown -R apache.apache blog/
[root@NFS app]# ll -d blog/
drwxr-xr-x. 5 apache apache 4096 Aug 20 13:03 blog/
配置NFS
[root@NFS app]# vim /etc/exports
/app/blog 192.168.198.0/24(rw,all_squash,anonuid=48,anongid=48) \\all_squash为压缩所有用户名,anonuid意为压缩为UID为48的用户,anongid组压缩为GID为48的组
[root@NFS app]# systemctl restart nfs-server
RS1挂载NFS共享目录
[root@RS1 html]# setenforce 0
[root@RS1 ~]# cd /var/www/html/
[root@RS1 html]# mkdir blog
[root@RS1 html]# chmod o+w blog/
[root@RS1 html]# vim /etc/fstab
192.168.198.130:/app/blog /var/www/html/blog nfs defaults 0 0
[root@RS1 html]# yum -y install nfs-utils \\使RS1支持NFS格式的文件
[root@RS1 html]# mount -a
[root@RS1 html]# df | grep /blog
192.168.198.130:/app/blog 30705024 62208 30642816 1% /var/www/html/blog
RS2挂载NFS共享目录
[root@RS2 html]# setenforce 0
[root@RS2 ~]# cd /var/www/html/
[root@RS2 html]# mkdir blog
[root@RS2 html]# chmod o+w blog/
[root@RS2 html]# vim /etc/fstab
192.168.198.130:/app/blog /var/www/html/blog nfs defaults 0 0
[root@RS2 html]# yum -y install nfs-utils \\使RS1支持NFS格式的文件
[root@RS2 html]# mount -a
[root@RS2 html]# df | grep /blog
192.168.198.130:/app/blog 30705024 62208 30642816 1% /var/www/html/blog
RS1安装PHP
[root@RS1 html]# yum -y install php php-mysql
[root@RS1 html]# service httpd restart
RS2安装PHP
[root@RS2 html]# yum -y install php php-mysql
[root@RS2 html]# service httpd restart
VS使用sh调度算法
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=sh
case $1 in
start)
ipvsadm -A -t $vip -s $sch
ipvsadm -a -t $vip -r $rip1 -m -w 3
ipvsadm -a -t $vip -r $rip2 -m -w 1
;;
stop)
ipvsadm -C
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
client
修改DNS
[root@client ~]# vim /etc/resolv.conf
# Generated by NetworkManager
search danran.com
nameserver 172.16.252.248
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done welcome to RS1
welcome to RS1
welcome to RS2
[root@client ~]# for i in {1..10};do curl -k https://www.danran.com;done
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
客户端图形化或浏览器
firefox www.danran.com/blog \\安装wordpress
实现一个LVS调用一组不同服务
即一个LVS同时调用http和https两种不同的服务
VS
搭建https的LVS_nat
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:443
rip1=192.168.198.138
rip2=192.168.198.120
sch=wrr
case $1 in
start)
ipvsadm -A -t $vip -s $sch
ipvsadm -a -t $vip -r $rip1 -m -w 3
ipvsadm -a -t $vip -r $rip2 -m -w 1
;;
stop)
ipvsadm -C
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:443 wrr
-> 192.168.198.120:443 Masq 1 0 0
-> 192.168.198.138:443 Masq 3 0 0
[root@VS ~]# bash lvs_nat.sh start
搭建http的LVS_nat
[root@VS ~]# vim lvs_nat2.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=wrr
case $1 in
start)
ipvsadm -A -t $vip -s $sch
ipvsadm -a -t $vip -r $rip1 -m -w 3
ipvsadm -a -t $vip -r $rip2 -m -w 1
;;
stop)
ipvsadm -C
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:443 wrr
-> 192.168.198.120:443 Masq 1 0 0
-> 192.168.198.138:443 Masq 3 0 0
[root@VS ~]# bash lvs_nat2.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.105:80 wrr
-> 192.168.198.120:8080 Masq 1 0 0
-> 192.168.198.138:80 Masq 3 0 0
TCP 172.16.253.105:443 wrr
-> 192.168.198.120:443 Masq 1 0 0
-> 192.168.198.138:443 Masq 3 0 0
client
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
[root@client ~]# for i in {1..10};do curl -k http://172.16.253.105;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
ipvsadm策略的保存
[root@VS ~]# ipvsadm-save > lvs
[root@VS ~]# ipvsadm -C
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@VS ~]# ipvsadm-restore < lvs
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 185.53.178.7:443 sh
-> 192.168.198.120:443 Masq 1 0 0
-> 192.168.198.138:443 Masq 2 0 0
将ipvsadm保存在/etc/sysconfig/ipvsadm文件中,将会开机自启动
[root@VS ~]# ipvsadm-save > /etc/sysconfig/ipvsadmLVS之-LAMP搭建wordpress的更多相关文章
- LAMP 搭建wordpress部署教程贴.
LAMP 搭建wordpress部署教程贴.这是一篇主要将LAMP,并且通过wordpress来进行验证,演示.如何去部署PHP CMS很多新手看到LAMP就很很头大,觉得很难搞,编译安装,搞了好几天 ...
- Centos 7使用docker部署LAMP搭建wordpress博客系统
0.简要概述 LAMP是目前比较流行的web框架,即Linux+Apache+Mysql+PHP的网站架构方案.docker是目前非常流行的虚拟化应用容器,可以为任何应用创建一个轻量级.可移植的容器. ...
- LAMP搭建wordpress
centos7安装Apache centos7安装mysql8 centos7安装php7 先登录mysql创建一个wordpress的数据库 create database wordpress 下载 ...
- 实战!基于lamp安装wordpress详解-技术流ken
简介 LAMP 是Linux Apache MySQL PHP的简写,其实就是把Apache, MySQL以及PHP安装在Linux系统上,组成一个环境来运行动态的脚本文件.现在基于lamp搭建wor ...
- LAMP模拟搭建wordpress,phpmyadmin环境
1.安装需要的环境,centos7的mysql叫mariadb,所有的配置文件默认就可以 [root@test ~]# yum install httpd php mariadb mariadb-se ...
- 阿里云centos7搭建wordpress环境
阿里云搭建wordpress系统 一.购买阿里云 二.安装php开发环境 1. https://www.apachefriends.org/zh_cn/index.html网站下载linux下的xam ...
- 生产环境LAMP搭建 - 基于 fastcgi
生产环境LAMP搭建 - 基于 fastcgi 由于在module模式,php只是已http的模块形式存在,无形中加重了http的服务负载,通常在企业架构中,使用fastcgi的模式,将所有的服务都设 ...
- LAMP 搭建练习
目录 LAMP 搭建 1:CentOS 7, lamp (module): http + php + phpMyAdmin + wordpress 192.168.1.7 配置虚拟主机 xcache ...
- AWS之EC2搭建WordPress博客
AWS之搭建WordPress博客 注意:请确定您已经成功完成LAMP架构的搭建; 1.下载并解压WordPress安装包: ①使用wget命令在WordPress官网获取最新安装包: [ec2-us ...
随机推荐
- ionic时间插件ion-datetime-picker
https://github.com/katemihalikova/ion-datetime-picker
- zookeeper单机模式安装
zookeeper单机模式安装 更多文章:http://blogxinxiucan.sh1.newtouch.com/2017/07/26/zookeeper单机模式安装/ 下载zookeeper u ...
- Android Handler 机制 - Looper,Message,MessageQueue
Android Studio 2.3 API 25 从源码角度分析Handler机制.有利于使用Handler和分析Handler的相关问题. Handler 简介 一个Handler允许发送和处理M ...
- CentOS 6 下无法wget https链接的解决方法
CentOS6下最高版本的wget是1.11,但非常遗憾的是这个版本有bug,是没办法用来下载https链接的东西的,所以有些人为了避免这种情况会帮脚本加上不检查ssl的参数--no-check-ce ...
- Python获取股票历史、实时数据与更新到数据库
要做量化投资,数据是基础,正所谓"巧妇难为无米之炊" 在免费数据方面,各大网站的财经板块其实已提供相应的api,如新浪.雅虎.搜狐...可以通过urlopen相应格式的网址获取数据 ...
- [补档][COGS 2434]暗之链锁
[COGS 2434]暗之链锁 题目 传说中的暗之连锁被人们称为Dark.<!--more-->Dark是人类内心的黑暗的产物,古今中外的勇者们都试图打倒它.经过研究,你发现Dark呈现无 ...
- Dubbo实战快速入门 (转)
Dubbo是什么? Dubbo[]是一个分布式服务框架,致力于提供高性能和透明化的RPC远程服务调用方案,以及SOA服务治理方案. 其核心部分包含: 远程通讯: 提供对多种基于长连接的NIO框架抽象封 ...
- ABP+AdminLTE+Bootstrap Table权限管理系统第四节--仓储,服务,服务接口及依赖注入
在ABP框架中,仓储,服务,这块算是最为重要一块之一了.ABP框架提供了创建和组装模块的基础,一个模块能够依赖于另一个模块,一个程序集可看成一个模块, 一个模块可以通过一个类来定义这个模块,而给定义这 ...
- NYOJ--STL--擅长排列的小明(强大的string :: iterator 和next_permutation)
NYOJ--STL--擅长排列的小明 #include <iostream> #include <string> #include <algorithm> usin ...
- UIButton 中高亮取消
1.图片 取消高亮方法 a.第一种方法 [withdrawalBtn setAdjustsImageWhenHighlighted:NO]; b.第二种方法 [withdrawalBtn setIma ...