Deploy wordpress on load balancing cluster based on LNMP (low configuration version)
Before explaining session persistence, let's use the previous learning content to do a small experiment: deploy wordpress on a load balancing cluster.
Prepare three servers:
The first proxy server acts as a proxy server, load balancer, ip: 192.168.242.140 domain name: www.zcg666.com
The second and third serve as real servers that provide services:
web-1 ip: 192.168.242.137 domain name: www.zcy666.com
web-2 ip: 192.168.242.138 domain name: www.hjf777.com
Experimental requirements: Put the wordpress project on two web servers, act as a proxy for the two web servers through a proxy server, and finally access the wordpress project by accessing the proxy server through a browser.
Experiment idea: This is a simple LNMP-based WordPress deployment, first deploy two web servers. Download nginx, php, php-fpm, php-mysql, php-gd gd from web-1 and web-2. Install the mysql database (version 5.37) on any of the web servers, and create the database required for the wordpress project in mysql. Share the directory through nfs, put the wordpress project in the shared directory, and use the shared directory as the nginx website publishing directory. Then configure nginx to support php. After the web server is deployed, on the premise that wordpress can be accessed normally through the browser, deploy load balancing + proxy on the proxy server. The last time limit is to be able to access wordpress by accessing a proxy server.
experiment procedure:
(The nginx version I use is 1.20.2)
Before the experiment, do local domain name resolution on three servers and windows:
proxy server: 192.168.242.140 www.zcg666.com
web-1: 192.168.242.137 www.zcy666.com
web-2: 192.168.242.138 www.hjf777.com
First deploy the nfs shared directory on web-2 and web-1, upload the wordpress compressed package to the shared directory and decompress it.
web-2
[root@web2-server ~]# yum -y install nfs-utils
[root@web2-server ~]# systemctl start nfs
[root@web2-server ~]# mkdir /nfs-dir
[root@web2-server ~]# vim /etc/exports
/nfs-dir 192.168.242.137(rw,no_root_squash,sync) 保存退出
[root@web2-server ~]# systemctl restart nfs
[root@web2-server ~]# exportfs -v #确保exports配置文件生效
[root@web2-server ~]# echo "ceshi" >>/nfs-dir/a.txt #在共享目录创建测试文件
web-1
[root@web1-server ~]# yum -y install nfs-utils
[root@web1-server ~]# mkdir /nfs-dir #创建挂载目录
[root@web1-server ~]# vim /etc/fstab #设置开机自动挂载
.....
192.168.242.138/nfs-dir /nfs-dir nfs defaults 0 0
挂载设备 挂载点 文件类型 属性
[root@web1-server ~]# systemctl restart nfs
[root@web1-server ~]# mount -a
[root@web1-server ~]# cat /nfs-dir/a.txt
ceshi
将wordpress项目的压缩包上传到共享目录,可以通过rpm -ivh下载,或者从windows上上传到共享目录都可以
[root@web1-server ~]# cd /nfs-dir
[root@web1-server nfs-dir]# ls
a.txt wordpress-4.9.1-zh_CN.tar.gz
[root@web1-server ~]# tar zxf wordpress-4.9.1-zh_CN.tar.gz
[root@web1-server nfs-dir]# ls
a.txt wordpress-4.9.1-zh_CN.tar.gz wordpress Then download mysql5.7 on web-2, create a wordpress library in the mysql database, and create a corresponding database user
[root@web2-server ~]# yum -y install nginx php php-fpm php-mysql php-gd gd
[root@web2-server ~]# rpm -ivh https://dev.mysql.com/get/mysql80-community-release-el7-5.noarch.rpm #下载mysql的yum仓库
[root@web2-server ~]# cd /etc/yum.repos.d
[root@web2-server ~]# vim mysql-community.repo
[mysql57-community] #开启mysql5.7关闭mysql8.0
...
enabled=1
....
[mysql80-community]
...
enabled=0
....
[root@web2-server ~]# grep password /var/log/mysqld.log #查看数据库的初始密码
[root@web2-server ~]# mysqladmin -uroot -p'S7ydsrRT6w_r' password 'HanJing@123' 修改密码
[root@web2-server ~]# mysql -uroot -p'HanJing@123' 进入数据库
mysql> create database wordpress; #创建wordpress项目需要的库
mysql> grant all on wordpress.* to 'wordpress'@'%' identified by 'QianFeng@123';
mysql> exitNext, edit the configuration files of nginx and php on web-2 to make nginx support php
[root@web2-server ~]# cd /etc/nginx/conf.d/
[root@web2-server conf.d]# mv default.conf default.conf.bak
[root@web2-server ~]# vim /etc/nginx/conf.d/wordpress.conf
server {
listen 80;
server_name www.hjf777.com;
access_log /var/log/nginx/nfs-dir_access_log;
location / {
root /nfs-dir/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /nfs-dir/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
然后修改php的配置文件,将/etc/php.ini文件中的short_open_tag=Off打开
[root@web2-server ~]# sed -i '/short_open_tag=Off/c short_open_tag=On' /etc/php.ini
然后重启nginx和php
[root@web2-server ~]# systemctl restart nginx php-fpm.serviceweb-1 does the same
[root@web1-server ~]# cd /etc/nginx/conf.d/
[root@web1-server conf.d]# mv default.conf default.conf.bak
[root@web1-server ~]# vim /etc/nginx/conf.d/wordpress.conf
server {
listen 80;
server_name www.hjf777.com;
access_log /var/log/nginx/nfs-dir_access_log;
location / {
root /nfs-dir/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /nfs-dir/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
然后修改php的配置文件,将/etc/php.ini文件中的short_open_tag=Off打开
[root@web1-server ~]# sed -i '/short_open_tag=Off/c short_open_tag=On' /etc/php.ini
然后重启nginx和php
[root@web1-server ~]# systemctl restart nginx php-fpm.serviceThen access the web-1 and web-2 servers through the browser to verify whether wordpress can be accessed. Enter www.zcy666.com www.hjf777.com respectively in the browser. See the following interface is considered successful.
Next, you need to deploy load balancing + proxy on the proxy server.
[root@proxy-server ~]# yum -y install nginx
[root@proxy-server ~]# systemctl start nginx
[root@proxy-server ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
upstream web{ #创建一个负载均衡地址池 upstream后面跟的是地址池的名字
server www.zcy666.com; #web-1服务器的域名
server www.hjf777.com; #web-2服务器的域名
}
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@proxy-server ~]# vim /etc/nginx/conf.d/proxy.conf
server {
listen 80;
server_name www.zcg666.com; #本机域名
location / {
proxy_pass http://web; #地址池
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
[root@proxy-server ~]# systemctl restart nginxWell, finally, visit the domain name of the proxy server on the browser to verify whether wordpress can be accessed.
Go to the web-2 server and create the wp-config.php file in the /nfs-dir/wordpress directory
[root@web2-server ~]# vim /nfs-dir/wordpress/wp-config.php
<?php
/**
* WordPress基础配置文件。
*
* 这个文件被安装程序用于自动生成wp-config.php配置文件,
* 您可以不使用网站,您需要手动复制这个文件,
* 并重命名为“wp-config.php”,然后填入相关信息。
*
* 本文件包含以下配置选项:
*
* * MySQL设置
* * 密钥
* * 数据库表名前缀
* * ABSPATH
*
* @link https://codex.wordpress.org/zh-cn:%E7%BC%96%E8%BE%91_wp-config.php
*
* @package WordPress
*/
// ** MySQL 设置 - 具体信息来自您正在使用的主机 ** //
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wordpress');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'HanJing@123');
/** MySQL主机 */
define('DB_HOST', '192.168.242.138');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8mb4');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');
/**#@+
* 身份认证密钥与盐。
*
* 修改为任意独一无二的字串!
* 或者直接访问{@link https://api.wordpress.org/secret-key/1.1/salt/
* WordPress.org密钥生成服务}
* 任何修改都会导致所有cookies失效,所有用户将必须重新登录。
*
* @since 2.6.0
*/
define('AUTH_KEY', '>$OYl?CV>.zZ>LekR}iDn[.+&7ssW |}?9[E/,-f06IOoI8@l%0T_~c}f.|?G My');
define('SECURE_AUTH_KEY', '7ko&V6CI:_o|fRrJSLrR:y9QB,>yrK~&(.?b_XsmGI=$3s6nFI<HDP+D|b,g8!</');
define('LOGGED_IN_KEY', 'Zbk/@w2>`gt-9nI>ws@$!;~-L;R:m;`?9kLLpGZ_:@,wwzf3Q&PMCZ8)o1#n(Iu8');
define('NONCE_KEY', '7y`e^p8$E}{Eq;M]k.LI,qz],3Zv?,iIlO}P}Y[-La;f]j%5X}af4vFl;)1Xk%}G');
define('AUTH_SALT', 'xE7OwR!}x9FqJzw{C&pHd<1p9z_zc*MiTZ[9895KeMu.dbse?;9D3`w}GfvNbP&/');
define('SECURE_AUTH_SALT', '5rexQ,&|XfRoaG`^=x$ x@<E~V+-{1lXAKa4Fv3~26n:J&U=us6rlo(zmm.6rn22');
define('LOGGED_IN_SALT', '#m?@!hA^5^2tQeJxFr So:&$X<!-}Kq@f#=cxD]fLkY/S;jGm ,b@V3jN{o@&{~]');
define('NONCE_SALT', 'h0Q%sNl[N <9$xPPPDnR3#33RU[!f+m5elZIB}Oag,owp=Zr~vvC0INz]D$ljk05');
/**#@-*/
/**
* WordPress数据表前缀。
*
* 如果您有在同一数据库内安装多个WordPress的需求,请为每个WordPress设置
* 不同的数据表前缀。前缀名只能为数字、字母加下划线。
*/
$table_prefix = 'wp_';
/**
* 开发者专用:WordPress调试模式。
*
* 将这个值改为true,WordPress将显示所有用于开发的提示。
* 强烈建议插件开发者在开发环境中启用WP_DEBUG。
*
* 要获取其他能用于调试的信息,请访问Codex。
*
* @link https://codex.wordpress.org/Debugging_in_WordPress
*/
define('WP_DEBUG', false);
/**
* zh_CN本地化设置:启用ICP备案号显示
*
* 可在设置→常规中修改。
* 如需禁用,请移除或注释掉本行。
*/
define('WP_ZH_CN_ICP_NUM', true);
/* 好了!请不要再继续编辑。请保存本文件。使用愉快! */
/** WordPress目录的绝对路径。 */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
/** 设置WordPress变量和包含文件。 */
require_once(ABSPATH . 'wp-settings.php');
[root@web2-server ~]# systemctl restart nginx php-fpm.serviceThen click Install Now on the browser page just now. Then follow the prompts to create an account.
nginx session persistence
There are mainly the following implementation methods for nginx session persistence.
ip_hash
ip_hash uses the source address hash algorithm to always send requests from the same client to the same backend server unless the server is unavailable.
ip_hash syntax:
upstream web {
ip_hash;
server www.zcy666.com;
server www.hjf777.com;
}Note:
ip_hash is easy to use, but has the following problems:
- When the backend server goes down, the session will be lost;
- Clients from the same LAN will be forwarded to the same backend server, which may cause load imbalance;
sticky_cookie_insert
Use sticky_cookie_insert to enable session affinity, which causes requests from the same client to be delivered to the same server of a set of servers. The difference with ip_hash is that it does not judge the client based on IP, but judges based on cookie. Therefore, the load imbalance caused by the client and the front-end agent from the same LAN in the above ip_hash can be avoided. (Need to introduce third-party modules to achieve sticky)
sticky syntax:
upstream web{
server www.zcy666.com;
server www.hjf777.com;
sticky expires=1h domain=3evip.cn path=/;
}
说明:
expires:设置浏览器中保持cookie的时间
domain:定义cookie的域
path:为cookie定义路径Experimental case: This experiment is based on the experimental environment of the wordpress project above.
Sticky机器:
在原有的基础上添加sticky模块,首先准备好一台yum安装好的带有nginx的服务器
下载nginx的源码包和sticky的源码包
[root@proxy-server ~]# wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/08a395c66e42.zip
[root@proxy-server ~]# yum -y install unzip
[root@proxy-server ~]# unzip 08a395c66e42.zip
[root@proxy-server ~]# mv nginx-goodies-nginx-sticky-module-ng-08a395c66e42/ nginx-sticky-module-ng
[root@proxy-server ~]# yum install -y pcre* openssl* gcc gcc-c++ make
[root@proxy-server ~]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
[root@proxy-server ~]# tar zxf nginx-1.20.2.tar.gz
[root@proxy-server ~]# cd nginx-1.20.2/
[root@proxy-server nginx-1.20.2]# ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' --add-module=/root/nginx-sticky-module-ng
[root@proxy-server nginx-1.20.2]# make &&make install
[root@proxy-server ~]# vim /etc/nginx/nginx.conf 在upstream块中添加sticky参数
...
upstream web{
server www.zcy666.com;
server www.hjf777.com;
sticky expires=1h domain=3evip.cn path=/;
}
.....
保存退出后从新加载nginx配置
[root@proxy-server ~]# nginx -s reloadThe browser accesses the domain name of the proxy server. After entering the domain name in the URL bar, do not press Enter to enter, press F12 to open the developer tool, then press Enter in the address bar to enter the page, and you will see the following interface
After clicking, you can see the cache format we defined
