小型Linux運維架構實驗-實踐篇
1、網絡拓撲、地址規劃。php
硬件防火牆:用一臺機器的iptables模擬,公有IP:1.1.1.1 私有IP:192.168.1.24html
交換機就省略了,都是同一個網段沒事,再說VMworkstation的虛擬機都是橋接到虛擬交換機的。前端
虛擬IP:192.168.1.10node
| 機器 | IP地址 |
| LVS主 | 192.168.1.22 |
| LVS備 | 192.168.1.23 |
| 硬件防火牆(iptables替代) | 192.168.1.24 |
| Nginx1/salt-minion | 192.168.1.25 |
| Nginx2/salt-minion | 192.168.1.26 |
| NFS | 192.168.1.27 |
| Rsync | 192.168.1.28 |
| Zabbix/salt-master | 192.168.1.20 |
| Mysql主 | 192.168.1.30 |
| Mysql備 | 192.168.1.31 |
2、LVS+keepalived實現訪問Nginx。mysql
一、LVS主:192.168.1.22,LVS備:192.168.1.23 。linux
[root@lvs-backup ~]# yum install ipvsadm keepalived -y ##yum安裝算了,源碼包安裝太容易報錯,yum源選擇centos7官方源便可nginx
[root@lvs-backup ~]# cd /etc/keepalived/c++
[root@lvs-backup keepalived]# cp keepalived.conf keepalived.conf.defaultweb
[root@lvs-backup keepalived]# echo >keepalived.conf
[root@lvs-backup keepalived]# vim keepalived.conf面試
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost ##
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1 ##
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP ##
interface eth0
virtual_router_id 51
priority 99 ##
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.10
}
}
virtual_server 192.168.1.10 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.1.25 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.26 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
Note: LVS主跟上述步驟同樣,直接拷貝過來便可,只須要把state改成Master,Proiority改成100
2、現學現用,利用Saltstack部署真實服務器Nginx1:192.168.1.25 ,Nginx2 :192.168.1.26。Nginx1和Nginx2做爲salt-minion,選擇Zabbix機器做爲salt-master
[root@nginx-01 ~]# yum install salt-minion -y
[root@nginx-01 ~]# vim /etc/salt/minion
master: salt ##發現寫成IP的形式不會成功。
id:nginx-192.168.1.25 ##指定Minion-id
[root@nginx-01 ~]# echo "192.168.1.20 salt" >>/etc/hosts ##必須配域名解析才行
[root@nginx-01 ~]# systemctl start salt-minion
[root@salt-master ~]# salt-key -A -y
[root@salt-master ~]# salt-key -L
Accepted Keys:
nginx-01
nginx-02
Denied Keys:
Unaccepted Keys:
Rejected Keys:
參考saltstack推送nginx文檔:http://xiaoluoge.blog.51cto.com/9141967/1722289/
##保證兩臺nginx的80端口正常開放
[root@nginx-02 nginx]# ss -tunlp|grep 80
tcp LISTEN 0 128 *:80 *:* users:(("nginx",pid=22474,fd=6),("nginx",pid=22390,fd=6))
[root@nginx-01 nginx]# bash lvs_dr.sh ##在2臺真實服務器上均作
#!/bin/bash VIP=192.168.1.10 . /etc/rc.d/init.d/functions case $1 in start) ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up #設置廣播爲自已,掩碼4個255,表示網絡中只有自已自己一個主機 /sbin/route add -host $VIP dev lo:0echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore ##拒絕發出ARP應答 echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce ##拒絕發出ARP請求 echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >&/dev/null ;; stop) ifconfig lo:0 down route del $VIP >/dev/null 2>&1 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore ##啓用ARP應答 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce ##容許發出ARP請求 echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce ;; *) echo "Usage:$0 {start|stop}" exit 1 esac exit 0
[root@lvs-master keepalived]# echo 1 >/proc/sys/net/ipv4/ip_forward
[root@lvs-backup keepalived]# echo 1 >/proc/sys/net/ipv4/ip_forward
[root@lvs-master keepalived]# servce keepalived start
[root@lvs-master keepalived]# ipvsadm -L -n
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.10:80 rr persistent 50
-> 192.168.1.25:80 Route 1 1 2
-> 192.168.1.26:80 Route 1 0 0
##lvs的負載均衡暫告段落,當停掉lvs主的時候,lvs備賦予了虛擬IP,當lvs主恢復過來的時候,虛擬IP又回到了lvs主上,這是由於咱們默認非搶佔模式
3、搭建NFS服務器,並共享給nginx01和nginx02,並提供寫權限,讓nginx01上傳的附件能夠在nginx02看到。
[root@nfs ~]# yum -y install nfs-utils rpcbind
[root@nfs ~]# vim /etc/exports
/nfs/web 192.168.1.0/24(rw,sync,all_squash)
[root@nfs ~]# service rpcbind status
[root@nfs ~]# service nfs start
[root@nfs ~]# showmount -e localhost ##exportfs -arv 從新導出命令
Export list for localhost:
/nfs/web 192.168.1.0/24
[root@nfs ~]# systemctl enable nfs
在nginx01和nginx02上:
[root@nfs web]# chown -R nfsnobody.nfsnobody /nfs/web ##屬於匿名權限,客戶端才能寫入文件
[root@nginx-02 ~]# yum install -y showmount
[root@nginx-02 ~]# showmount -e 192.168.1.27
Export list for 192.168.1.27:
/nfs/web 192.168.1.0/24
[root@nginx-02 ~]# mount -t nfs 192.168.1.27:/nfs/web /usr/local/nginx/html/
[root@nginx-02 ~]# mount|grep nfs
192.168.1.27:/nfs/web on /usr/local/nginx/html type nfs4 (rw,relatime,vers=4.0,rsize=32768,wsize=32768,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.26,local_lock=none,addr=192.168.1.27)
[root@nginx-02 ~]# cd /usr/local/nginx/html/
[root@nginx-02 html]# touch 1.txt
[root@nfs ~]# cd /nfs/web/
[root@nfs web]# ls ##NFS服務器查看共享
1.txt
[root@nginx-01 html]# pwd ##nginx其餘節點查看共享。
/usr/local/nginx/html
[root@nginx-02 html]# ls
1.txt
[root@nginx-02 nginx]# umount /usr/local/nginx/html/ ##取消掛載在一個根目錄,而是在當前目錄下專門建立一個附件目錄
[root@nginx-01 nginx]# mkdir /usr/local/nginx/html/fuJian
[root@nginx-01 nginx]# mount -t nfs 192.168.1.27:/nfs/web /usr/local/nginx/html/fuJian/
4、搭建Rsync服務器。
## NFS服務器部署inotify,一觸即發同步到rsync服務端。
[root@nfs ~]# ll /proc/sys/fs/inotify/
[root@nfs ~]# tar xf inotify-tools-3.14.tar.gz
[root@nfs ~]# cd inotify-tools-3.14/
[root@nfs inotify-tools-3.14]# ./configure --prefix=/usr/local/inotify-3.14
[root@nfs inotify-tools-3.14]# make && make install
##部署rsync備份服務器。
[root@rsync ~]# tar xf rsync-3.1.2.tar.gz
[root@rsync ~]# cd rsync-3.1.2/
[root@rsync rsync-3.1.2]# ./configure --prefix=/usr/local/rsync
[root@rsync rsync-3.1.2]# make && make install
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid #設置pid文件位置
lock file = /var/run/rsyncd.lock #設置lock文件位置
uid = body #設置啓動時以哪一個用戶來代替root運行rsync
gid = nobody
list = yes #不容許列出名單
chroot = no #不切換根目錄
timeout = 300 #設置超時時間
ignore errors = yes #是否忽略錯誤
max connections = 100 #最大鏈接數
hosts allow = 192.168.1.0/24
[backup] #設定模塊名稱
path = /root/backup/nfs/ #指定模塊路徑
read only = no #是否可寫
auth users = rsync #建立容許鏈接該模塊的虛擬用戶
secrets file = /usr/local/rsync/rsyncd.passwd
##安裝MySQL
一、[root@www ~]# yum install mysql-server mysql-devel
主:vi /etc/my.cnf
server-id=1
log-bin=binlog
[root@www ~]# service mysqld restart
[root@www ~]# mysql -uroot -p
##mysqladmin -uroot -p password 199510 設置初始化密碼
mysql> grant replication slave on *.* to 'root'@'192.168.1.4' identified by '199510';
##admin是虛擬用戶,192.168.1.4是從機器的IP地址,能夠從機器上登錄測試 [root@www ~]# mysql -uadmin -p199510 -h 192.168.1.3
mysql> show master status;
+---------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+---------------+----------+--------------+------------------+
| binlog.000001 | 338 | | |
+---------------+----------+--------------+------------------+
1 row in set (0.00 sec)
二、從機器不須要開啓binlog: vi /etc/my.cnf
==============
server-id=2
read_only=1
================
[root@www ~]# service mysqld restart
mysql> stop slave;
mysql> change master to master_host='192.168.1.3',master_user='root',master_password='199510',master_log_file='mysql- binlog.000001 ',master_log_pos=338;
mysql>start slave;
三、主:mysql>create database d1;
mysql>use d1;
mysql>create table t1(id int primary key auto_increment,name varchar(10));
一、檢查主從複製是否正常?
在master上面檢查受權,msyql>show grants;
主庫加鎖FLUSH TABLES WITH READ LOCK;主庫解鎖:unlock tables;
stop slave;
set global sql_slave_skip_counter=1; (1是指跳過一個錯誤)
slave start;
誤操做:revoke all privileges on *.* from 'root'@'localhost',誤操做給root取消受權,致使任何命令都沒法執行,再進行grant都不行。我日尼瑪呀!幸好是測試環境。
二、mysql-proxy的安裝
[root@www Packages]# tar xf mysql-proxy-0.8.5-linux-el6-x86-32bit.tar.gz
[root@www Packages]# mv mysql-proxy-0.8.5-linux-el6-x86-32bit /usr/local/mysql-proxy
[root@www Packages]# cd /usr/local/mysql-proxy/
[root@www mysql-proxy]# mkdir lua logs
[root@www mysql-proxy]#cp share/doc/mysql-proxy/rw-splitting.lua ./lua #複製讀寫分離配置文件
[root@www mysql-proxy]#useradd -s /sbin/nologin -M mysql-proxy
[root@www mysql-proxy]# chown -R root:mysql-proxy /usr/local/mysql-proxy/*
三、安裝Lua軟件
[root@www Packages]#yum install libtermcap-devel ncurses-devel libevent-devel readline-devel gcc gcc-c++ autoconf mysql-devel pkgconfig libtool ##若是不作這個,安裝lua會報錯不斷
[root@www Packages]# tar xf lua-5.1.4.tar.gz
[root@www Packages]# cd lua-5.1.4
[root@www Packages]# make linux
[root@www Packages]# make install
四、配置SysV啓動腳本,vi /etc/init.d/mysql-proxy,該腳本會自動讀取/etc/sysconfig/mysql-proxy
=====================================================
#!/bin/bash
#
# mysql-proxy This script starts and stops the mysql-proxy daemon
#
# chkconfig: - 78 30
# processname: mysql-proxy
# description: mysql-proxy is a proxy daemon for mysql
# Source function library.
. /etc/rc.d/init.d/functions
prog="/usr/local/mysql-proxy/bin/mysql-proxy"
# Source networking configuration.
if [ -f /etc/sysconfig/network ]; then
. /etc/sysconfig/network
fi
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Set default mysql-proxy configuration.
ADMIN_USER="admin"
ADMIN_PASSWD="admin"
ADMIN_LUA_SCRIPT="/usr/local/mysql-proxy/share/doc/mysql-proxy/admin.lua"
PROXY_OPTIONS="--daemon"
PROXY_PID=/var/run/mysql-proxy.pid
PROXY_USER="mysql-proxy"
# Source mysql-proxy configuration.
if [ -f /etc/sysconfig/mysql-proxy ]; then
. /etc/sysconfig/mysql-proxy
fi
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon $prog $PROXY_OPTIONS --pid-file=$PROXY_PID --proxy-address="$PROXY_ADDRESS" --user=$PROXY_USER --admin-username="$ADMIN_USER" --admin-lua-script="$ADMIN_LUA_SCRIPT" --admin-password="$ADMIN_PASSWORD"
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/mysql-proxy
fi
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $PROXY_PID -d 3 $prog
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/mysql-proxy
rm -f $PROXY_PID
fi
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart|try-restart)
if status -p $PROXY_PIDFILE $prog >&/dev/null; then
stop
start
fi
;;
status)
status -p $PROXY_PID $prog
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status|condrestart|try-restart}"
RETVAL=1
;;
esac
exit $RETVAL
=======================================================
[root@www mysql-proxy]# chmod +x /etc/init.d/mysql-proxy
[root@www mysql-proxy]# chkconfig --add mysql-proxy
五、配置mysql-proxy的配置選項
============================================
# Options for mysql-proxy
ADMIN_USER="admin"
ADMIN_PASSWORD="admin"
ADMIN_ADDRESS="192.168.186.5:4041"
ADMIN_LUA_SCRIPT="/usr/local/mysql-proxy/lua/admin.lua"
PROXY_ADDRESS="192.168.186.5:4040"
PROXY_USER="mysql-proxy"
PROXY_OPTIONS="--daemon --log-level=info --log-file=/var/log/mysql-proxy.log --plugins=proxy --plugins=admin --proxy-backend-addresses=192.168.186.3:3306 --proxy-read-only-backend-addresses=192.168.186.4:3306 --proxy-lua-script=/usr/local/mysql-proxy/lua/rw-splitting.lua
============================================
六、編寫Lua腳本
(1)讀寫分離腳本
[root@www mysql-proxy]# vi /usr/local/mysql-proxy/lua/rw-splitting.lua
=======================================
if not proxy.global.config.rwsplit then
proxy.global.config.rwsplit = {
min_idle_connections = 1,
##當鏈接沒有超過min_idle_connections預設值時,不會進行讀寫分離,即查詢操做會發生到主庫上。
max_idle_connections = 2, ##默認是8,主從機器共有幾臺
is_debug = false
}
end
========================================
(2)管理員腳本
[root@www mysql-proxy]# vi /usr/local/mysql-proxy/lua/admin.lua
=============================================
function set_error(errmsg)
proxy.response = {
type = proxy.MYSQLD_PACKET_ERR,
errmsg = errmsg or "error"
}
end
function read_query(packet)
if packet:byte() ~= proxy.COM_QUERY then
set_error("[admin] we only handle text-based queries (COM_QUERY)")
return proxy.PROXY_SEND_RESULT
end
local query = packet:sub(2)
local rows = { }
local fields = { }
if query:lower() == "select * from backends" then
fields = {
{ name = "backend_ndx",
type = proxy.MYSQL_TYPE_LONG },
{ name = "address",
type = proxy.MYSQL_TYPE_STRING },
{ name = "state",
type = proxy.MYSQL_TYPE_STRING },
{ name = "type",
type = proxy.MYSQL_TYPE_STRING },
{ name = "uuid",
type = proxy.MYSQL_TYPE_STRING },
{ name = "connected_clients",
type = proxy.MYSQL_TYPE_LONG },
}
for i = 1, #proxy.global.backends do
local states = {
"unknown",
"up",
"down"
}
local types = {
"unknown",
"rw",
"ro"
}
local b = proxy.global.backends[i]
rows[#rows + 1] = {
i,
b.dst.name, -- configured backend address
states[b.state + 1], -- the C-id is pushed down starting at 0
types[b.type + 1], -- the C-id is pushed down starting at 0
b.uuid, -- the MySQL Server's UUID if it is managed
b.connected_clients -- currently connected clients
}
end
elseif query:lower() == "select * from help" then
fields = {
{ name = "command",
type = proxy.MYSQL_TYPE_STRING },
{ name = "description",
type = proxy.MYSQL_TYPE_STRING },
}
rows[#rows + 1] = { "SELECT * FROM help", "shows this help" }
rows[#rows + 1] = { "SELECT * FROM backends", "lists the backends and their state" }
else
set_error("use 'SELECT * FROM help' to see the supported commands")
return proxy.PROXY_SEND_RESULT
end
proxy.response = {
type = proxy.MYSQLD_PACKET_OK,
resultset = {
fields = fields,
rows = rows
}
}
return proxy.PROXY_SEND_RESULT
end
=============================================
五、(1)啓動mysql-proxy
[root@www mysql-proxy]#service mysql-proxy start
netstat -tupln | grep 4040 #發現無任何現象,mysql-proxy啓動不成功,咋回事呢?
{
殺死相應的PID文件便可,好比/var/run/mysql-proxy.pid
}
在代理機器上面:[root@www lua]# netstat -tnlp
tcp 0 0 0.0.0.0:4041 0.0.0.0:* LISTEN 8026/mysql-proxy
能夠看到4041端口,那麼其實這是管理端口。對應的管理員的用戶和密碼參見/etc/sysconfig/mysql-proxy
(2)修改path環境變量
[root@proxy ~]# vim /etc/profile.d/mysql-proxy.sh
export PATH=$PATH:/usr/local/mysql-proxy/bin
[root@proxy ~]# source /etc/profile
[root@proxy ~]# mysql-proxy --help-all
六、排錯
(2)很好奇mysql-proxy的日誌在哪,一看進程,原來是在系統日誌裏面
[root@www lua]# ps -aux|grep mysql-proxy
/usr/local/mysql-proxy/libexec/mysql-proxy --daemon --log-level=info --log-use-syslog --plugins=proxy --plugins=admin --proxy-backend-addresses=192.168.186.3:3306 --proxy-read-only-backend-addresses=192.168.186.4:3306 --proxy-lua-script=/usr/local/mysql-proxy/lua/rw-splitting.lua --pid-file=/var/run/mysql-proxy.pid --proxy-address=192.168.186.5:4040 --user=mysql-proxy --admin-username=admin --admin-lua-script=/usr/local/mysql-proxy/lua/admin.lua --admin-password=admin
能夠在/etc/sysconfig/mysql-proxy中改動--log-file=/var/log/mysql-proxy.log
(3)登錄到Mysql-proxy的4041管理端口,又報錯,初步分析是/usr/local/mysql-proxy/lua/admin.lua腳本有錯,查看系統日誌,果真,看來必須更換admin.lua
任意客戶端登錄便可[root@www libexec]# mysql -uadmin -padmin -h192.168.186.5 -P4041
mysql> select * from backends;
ERROR 1105 (07000): MySQL Proxy Lua script failed to load. Check the error log.
[root@www lua]# tail /var/log/mysql-proxy.log ##這個日誌是在/etc/sysconfig/mysql-proxy.log指定的
network-mysqld-lua.c:234: lua_load_file(/usr/local/mysql-proxy/lua/admin.lua) failed: lua-scope.c:241: stat(/usr/local/mysql-proxy/lua/admin.lua) failed: No such file or directory (2)
分析:說了沒有這樣的文件,你看嘛,結果是文件命名出錯了,真尼瑪笨吶
{
[root@www lua]# pwd
/usr/local/mysql-proxy/lua
[root@www lua]# ls
admin-sql.lua admin-sql.lua.51cto admin-sql.lua.bak rw-splitting.lua
[root@www lua]# mv admin-sql.lua admin.lua
}
mysql-proxy服務器不用重啓,直接在客戶端好比slave登錄,mysql -uadmin -padmin -h192.168.186.5 -P4041
mysql> select * from backends;
+-------------+--------------------+---------+------+------+-------------------+
| backend_ndx | address | state | type | uuid | connected_clients |
+-------------+--------------------+---------+------+------+-------------------+
| 1 | 192.168.186.3:3306 | unknown | rw | NULL | 0 |
| 2 | 192.168.186.4:3306 | unknown | ro | NULL | 0 |
+-------------+--------------------+---------+------+------+-------------------+
七、問題解決,測試。
(1)在主機器上:mysql> grant all on *.* to 'mysql-proxy'@'192.168.186.5' identified by '199510';
##給mysql-proxy客戶端能在192.168.186.5的這臺機器上登錄master機器的權限
master上面:mysql> select user,host from mysql.user;
+-------------+---------------+
| user | host |
+-------------+---------------+
| root | 127.0.0.1 |
| mysql-proxy | 192.168.186.5 |
+-------------+---------------+
##這纔是真正有意義查看受權的
(2)從機器上:mysql> stop slave; ##停掉從庫,否則數據寫入到master上的時候,會複製到從機器上,影響測試
(3)代理機器上,安裝mysql,yum install mysql-server,可是在這裏下載mysql的緣由是,僅僅做爲前端客戶端進行測試。
[root@www lua]# mysql -umysql-proxy -p199510 -h192.168.186.5 -P4040 ##登陸的是代理服務器的4040的端口,可是請求被跳轉到master機器上
mysql>use test;
mysql>insert into t1 values(5,'one');
在主機器上:select * from test.t1;能夠看到數據,可是在從機器上看不到,由於已經關閉了複製。
(4)在從機器上,mysql -uadmin -padmin -h192.168.186.5 -P4041 只要客戶端已登陸到代理服務器,便能知曉狀態
mysql> select * from backends;
+-------------+--------------------+---------+------+------+-------------------+
| backend_ndx | address | state | type | uuid | connected_clients |
+-------------+--------------------+---------+------+------+-------------------+
| 1 | 192.168.186.3:3306 | up | rw | NULL | 0 |
| 2 | 192.168.186.4:3306 | unknown | ro | NULL | 0 |
+-------------+--------------------+---------+------+------+-------------------+
2 rows in set (0.01 sec)
八、完結測試
(1)啓動salve,在從機器上再開一個終端,start slave;
(2)如今有4個終端,一個是在代理服務器上面的4040端口客戶端(只有這個是須要主從都受權的,記住是都要,grant all on *.* to 'msyql-proxy'@'192.168.186.5' idientified by '199510'),
[root@www mysql-proxy]# mysql -umysql-proxy -p199510 -h192.168.186.5 -P4040,
##代理服務器自己是須要mysql服務的,可是這裏因爲機器少緣由,選擇的測試客戶端,不信再開一臺機器。
mysql>use test;
mysql> insert into t1 values(4,'two');
(3)一個是在slave機器上登錄的4041管理端口,mysql -uadmin -padmin -h192.168.186.5 -P4041
mysql> select * from backends;
+-------------+--------------------+-------+------+------+-------------------+
| backend_ndx | address | state | type | uuid | connected_clients |
+-------------+--------------------+-------+------+------+-------------------+
| 1 | 192.168.186.3:3306 | up | rw | NULL | 1 |
| 2 | 192.168.186.4:3306 | up | ro | NULL | 0 |
+-------------+--------------------+-------+------+------+-------------------+
2 rows in set (0.01 sec)
都變爲up up 了
(3)一個是主機器。
mysql> select * from t1;
+----+------+
| id | name |
+----+------+
| 1 | y |
| 2 | h |
| 3 | c |
| 5 | one |
| 4 | two |
+----+------+
5 rows in set (0.00 sec)
(4)一個是從機器,主從一致。
mysql> select * from t1;
+----+------+
| id | name |
+----+------+
| 1 | y |
| 2 | h |
| 3 | c |
| 5 | one |
| 4 | two |
+----+------+
5 rows in set (0.00 sec)
九、總結:
太不容易了,一直報錯啊,不管是主從複製仍是讀寫分離。怎麼給面試官講述測試效果呢?
(1)使用任意一臺客戶端,登錄mysql-proxy代理服務器的4041管理端口,select * from backends;查看主從機器狀態;
(2)而後再使用任意一臺客戶端,登錄mysql-proxy代理服務器的4040讀寫分離端口,再進行插入表數據,然後,分別在主從機器
上,查看是否有對應的數據,而且保持一致的功能。
(3)最後,重複(1)步驟,登錄到4041管理端口,觀察主從機器狀態是否發生了變化,好比Up Up轉態
7、部署Zabbix監控
abbix—server服務器:zabbix-web gui(LAMP環境)、zabbix-datatabase(mysql、oracle)、zabbix-server軟件,其中三種元素能夠分離式部署在不一樣機器上面。同時,能夠監控本身,也能夠安裝agent。
zabbix-proxy服務器(可選):有本身獨立proxy.conf和proxy.log以實現分佈式監控的前提。
zabbix-agent服務器:有本身的數據庫,zabbix-sender向zabbix-server發送報告,也有本身agent.log和agent.conf配置文件。
zabbix具備自動發現被監控主機功能。zabbix產生的數據只要有四部分:
配置數據、歷史數據、歷史數據、歷史趨勢數據
一、Zabbix部署LAMP環境。
源碼包安裝官網文檔: https://www.zabbix.com/documentation/3.2/manual/installation/install
(1)安裝受權mysql數據庫
[root@zabbix ]# //yum install mysql-server mysql-devel;
===============================================
報錯現象:
Error: MariaDB-common conflicts with 1:mariadb-libs-5.5.52-1.el7.x86_64
Error: Package: 1:mariadb-devel-5.5.52-1.el7.x86_64 (base)
Requires: mariadb-libs(x86-64) = 1:5.5.52-1.el7
Installed: MariaDB-shared-10.0.25-1.el7.centos.x86_64 (@Centos7)
mariadb-libs(x86-64) = 1:10.0.25-1.el7.centos
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
分析:試試不安裝Mysql-devel如何?沒有Mysql-server,應該安裝mariadb-server{依然報錯}
安裝包發生衝突,必須先移走一些包
解決:[root@zabbix ]# yum remove mariadb-libs MariaDB-common
##再嘗試安裝數據庫
[root@zabbix ]# yum install mariadb-devel mariadb-server
==================================================================
[root@zabbix ~]# systemctl enable mariadb.service ##注意啓動的時候是service而不是server
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@zabbix ~]# systemctl start mariadb.service
[root@zabbix ]# mysql
MariaDB [(none)]> create datatabase zabbix default charset utf8;
MariaDB [(none)]> grant all on zabbix.* to 'zabbix'@'192.168.%.%' identified by 'zabbix'; ##在受權的同時建立了該用戶
MariaDB [(none)]> grant all on zabbix.* to 'zabbix'@'localhost' identified by 'zabbix'; ##使用socket鏈接,由於數據庫也在同一臺機器上
MariaDB [(none)]> flush privileges;
[root@zabbix ~]# mysql -uzabbix -p ##測試登陸
Enter password:
[root@zabbix mariadb]# yum install httpd httpd-devel httpd-manual -y
[root@zabbix httpd]# cat /var/www/html/index.html
<h1>
this is Zabbix Server,and IP is 192.168.0.24
</h1>
[root@zabbix httpd]# service httpd start
(2)配置zabbix的yum倉庫,指明一個baseurl便可,以便爲了下載軟件方便。
[root@zabbix yum.repos.d]# //cat zabbix.repo
[zabbix]
name=zabbix-repo
baseurl=http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[root@zabbix yum.repos.d]# yum list|grep zabbix
[root@zabbix yum.repos.d]# yum install zabbix-server zabbix-server-mysql zabbix-get zabbix zabbix-web zabbix-web-mysql zabbix-agent zabbix-sender
=======================================================================================
報錯現象:
Transaction check error:
file /etc/zabbix/zabbix_agentd.conf conflicts between attempted installs of zabbix22-2.2.16-1.el7.x86_64 and zabbix-agent-3.2.3-1.el7.x86_64
file /usr/bin/zabbix_sender conflicts between attempted installs of zabbix22-2.2.16-1.el7.x86_64 and zabbix-sender-3.2.3-1.el7.x86_64
file /usr/share/man/man1/zabbix_sender.1.gz conflicts between attempted installs of zabbix22-2.2.16-1.el7.x86_64 and zabbix-sender-3.2.3-1.el7.x86_64
file /usr/bin/zabbix_get conflicts between attempted installs of zabbix-get-3.2.3-1.el7.x86_64 and zabbix22-2.2.16-1.el7.x86_64
file /usr/share/man/man1/zabbix_get.1.gz conflicts between attempted installs of zabbix-get-3.2.3-1.el7.x86_64 and zabbix22-2.2.16-1.el7.x86_64
Error Summary
解決:從新更換zabbix的Yum源,在次基礎上禁用epel源,由於epel源中也有個zabbix的落後版本
[root@zabbix ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
====================================================================================================
導入數據庫的表結構,注意順序,首先是scheme>image>data,可是在3.2版本當中,只有一個create.sql.gz
[root@zabbix doc]# rpm -ql zabbix-server-mysql
[root@zabbix ~]# cd /usr/share/doc/zabbix-server-mysql-3.2.3/
[root@zabbix ~]# gunzip create.sql.gz
[root@zabbix ~]# mysql zabbix <create.sql ##默認root密碼爲空
[root@zabbix zabbix-server-mysql-3.2.3]# mysql
MariaDB [(none)]> use zabbix;
MariaDB [zabbix]> show tables;
[root@zabbix ~]# vim /etc/zabbix/zabbix_server.conf
## DBHost=zabbix ##若是指定爲localhost的意思是,數據庫也在本機上,那麼咱們是不須要修改接下來的DBsocket的
DBPassword=zabbix
[root@zabbix ~]# service zabbix-server start
[root@zabbix ~]# systemctl enable zabbix-server
[root@zabbix ~]# netstat -tunlp ##並無察覺到10051端口處於監聽狀態
=========================================================
查看日誌:[root@zabbix ~]# vim /var/log/zabbix/zabbix-server.log/
3660:20170123:000150.258 [Z3001] connection to database 'zabbix' failed: [1045] Access denied for user 'zabbix'@'zabbix' (using password: YES)
3660:20170123:000150.258 cannot set MySQL character set to "utf8"
3660:20170123:000150.259 database is down: reconnecting in 10 seconds
解決:以前在zabbix_server.conf中指明DBHost=zabbix是不正確的,依然改成DBHost=localhost,由於能夠登陸到數據庫中,mysql -uzabbix -pzabbix ;
show grants查看明顯沒有對zabbix的這個域名進行受權。
======================================================================
[root@zabbix ~]# vim /etc/php.ini ##
date.timezone =Asia/Shanghai
[root@zabbix ~]# vim /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Shanghai
[root@zabbix httpd]# service httpd start
[root@zabbix httpd]# systemctl enable httpd ##默認PHP已經安裝了,不知道何時安裝的
在瀏覽器進行訪問zabbix的web界面,http://zabbix-IP/zabbix便可。登陸的用戶名是admin,密碼是zabbix
========================================================
報錯:web界面依然提示,Access denied for user 'zabbix'@'zabbix' (using password: YES)
分析:奇了怪了,明明已經改了DBHost,爲何仍是不能訪問。查看mysql的日誌。 依然不行
最後在web界面把Database host由IP地址改成了localhost終於成功了。
==================================================================
(3)是zabbix server監控本身,即把本身做爲一個agent。
[root@zabbix ~]# vim /etc/zabbix/zabbix_agentd.conf
Server=127.0.0.1,192.168.0.24 ##此選項用於受權以便爲了容許讓哪一個監控端來此獲取數據。
ServerActive=127.0.0.1,192.168.0.24 ##此選項用於向哪一個監控端去報告數據,不要把127.0.0.1刪了,由於當前既是server又是agent。對於
agent來講,是主動關係,因此是active,從而,上面的server選項是被動關係。
Hostname=zabbix ##指明zabbix被監控端的域名,它是在zabbix的web界面進行顯示的, 由於有多個agent,因此域名必須全局惟一
[root@zabbix ~]# service zabbix-agent start
[root@zabbix ~]# systemctl enable zabbix-agent
[root@zabbix ~]# netstat -tnlp|grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 4939/zabbix_agentd
tcp6 0 0 :::10050 :::* LISTEN 4939/zabbix_agentd
然後,在web界面的[configuration]-[host]便可看到新增長的被監控端,初始是disabled,改成enable host
若是是在分離式主機添加一個agent,那麼必須手動在web界面的[configuration]-[host]-create host
能夠在[Monitoring]-[Screen]查看多個監控指標的圖形狀況。
[root@zabbix ~]# netstat -tnulp|awk ' /^tcp/ { a[$NF]++ } END{ for (i in a) {print a[i],i} } '
2 1708/zabbix_server
2 1071/sshd
1 1076/httpd
2 3490/zabbix_agentd
1 2139/mysqld
(4)開啓另外一臺被監控主機
[root@agent yum.repos.d]# yum install zabbix-agent zabiix-sender -y ##centos7.2中不須要安裝zabbix公共組件
[root@agent ~]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.8.24 ##申明zabbix監控端的IP地址或者域名
ServerActive=192.168.8.24
Hostname=agent.node1 ##申明被監控端的主機名,必須惟一
[root@agent ~]# service zabbix-agent start
[root@agent ~]# systemctl enable zabbix-agent
[root@agent ~]# netstat -tnulp|grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 3166/zabbix_agentd
tcp6 0 0 :::10050 :::* LISTEN 3166/zabbix_agentd
然後,登陸web界面,在[configuration]-[host]右側建立主機[create host],填入
{
Hostname 192.168.8.23
Visable Name agent.node1
Agent Interface 192.168.8.23 ##依 然填被監控端的IP地址,表示使用zabbix-agent的報告機制完成監控的狀況。
Monitor by proxy (no proxy) ##不要啓用Proxy代理
Enabled ##打鉤。
基本步驟完畢,右側其餘選項能夠添加,也能夠不添加。
}
最後,nginx部署wordpress論壇來進行測試。
- 1. Linux運維與架構工程實踐
- 2. 中小型研發團隊架構實踐:微服務架構
- 3. 實驗篇---OSPF小實驗
- 4. 新IT運維時代 | Docker運維之最佳實踐-上篇
- 5. Redis開發運維實踐高可用和集羣架構與實踐(四)
- 6. 好的架構減小運維,好的運維反哺架構
- 7. 運維技術乾貨 — 不僅是 Linux 運維最佳實踐
- 8. 運維技術乾貨 — 不只是 Linux 運維最佳實踐
- 9. 容器 PaaS 新技術架構下的運維實踐
- 10. 【筆記】《app後臺開發運維和架構實踐》
- 更多相關文章...
- • Thymeleaf項目實踐 - Thymeleaf 教程
- • Docker 架構 - Docker教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Kotlin學習(二)基本類型
-
每一个你不满意的现在,都有一个你没有努力的曾经。