1. Create a VPC
2. Release security group
3. Create ECS (Elastic Computing Service)
Basic configuration selection area, billing mode cpu architecture specification 2C 4G select image version next step
Network configuration manually assign an IP and then set a password to agree to the agreement to buy
VPC (Virtual Private Cloud) virtual private cloud
VPC is not only a cloud, but also a network model , but it should be viewed from the perspective of service and technology
Sometimes the VPC is used as a router
This is a collection of resources that run on the public cloud, isolate a part of the public cloud resources for a certain user, and give the user private use. VPC is such a kind of cloud. It is managed by the public cloud and runs on public resources, but the resources between each user are guaranteed to be isolated. Users will not be affected by other users when using it, and it feels like using their own. Same as private cloud.
VPC should be understood as a collection of isolated resources provided to users.
4. Purchase elastic public network IP
pay on demand
Pay by traffic
purchase
5. Bind the public IP address you bought
jumpserver
The public network IP is used as a Jumpserver to connect to other hosts in the intranet (this is the management method in the production environment)
Ansible writes playbook to manage backend host
yum repository
jumpserver installation configuration
[root@ecs-proxy ~]# rm -rf /etc/yum.repos.d/*.repo
[root@ecs-proxy ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo
[root@ecs-proxy ~]# yum clean all
[root@ecs-proxy ~]# yum install -y net-tools lftp rsync psmisc \
vim-enhanced tree vsftpd bash-completion createrepo lrzsz iproute
[root@ecs-proxy ~]# systemctl enable --now vsftpd
[root@ecs-proxy ~]# mkdir -p /var/ftp/localrepo
[root@ecs-proxy ~]# createrepo --update /var/ftp/localrepo
Optimize system services
[root@ecs-proxy ~]# systemctl stop postfix atd
[root@ecs-proxy ~]# yum remove -y postfix at audit kexec-tools firewalld-*
[root@ecs-proxy ~]# sed 's,^manage_etc_hosts:.*,# &,' -i /etc/cloud/cloud.cfg
[root@ecs-proxy ~]# vim /etc/hosts
# ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
[root@ecs-proxy ~]# reboot
Configure ansible management host
[root@ecs-proxy ~]# tar zxf ansible_centos7.tar.gz
[root@ecs-proxy ~]# yum install -y ansible/*.rpm
[root@ecs-proxy ~]# ssh-keygen -t rsa -b 2048 -N '' -f /root/.ssh/id_rsa
[root@ecs-proxy ~]# chmod 0400 /root/.ssh/id_rsa
[root@ecs-proxy ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.1.125
Back-end template mirror configuration (those servers without public network IP)
Configure the yum source and install the toolkit
[root@ecs-host ~]# rm -rf /etc/yum.repos.d/*.repo
[root@ecs-host ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo
[root@ecs-host ~]# vim /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever - Localrepo
baseurl=ftp://192.168.1.252/localrepo
enabled=1
gpgcheck=0
[root@ecs-host ~]# yum clean all
[root@ecs-host ~]# yum repolist
[root@ecs-host ~]# yum install -y net-tools lftp rsync psmisc vim-enhanced tree lrzsz bash-completion iproute
Optimize system services
[root@ecs-host ~]# systemctl stop postfix atd
[root@ecs-host ~]# yum remove -y postfix at audit kexec-tools firewalld-*
[root@ecs-host ~]# sed 's,^manage_etc_hosts:.*,# &,' -i /etc/cloud/cloud.cfg
[root@ecs-host ~]# vim /etc/hosts
# ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
[root@ecs-host ~]# yum clean all
[root@ecs-host ~]# poweroff
Make the host system disk as a template after shutdown
Rsync (remote data synchronization tool)
-a --archive archive mode, means to transfer files recursively, and keep all file attributes equal to -rlptgoD
-v show verbose mode output
-H preserve hard links
-S special treatment for sparse files to save space for DST
-X preserve extended attributes
Installation and deployment
[root@ecs-proxy ~]# mkdir website
[root@ecs-proxy ~]# cd website
[root@ecs-proxy website]# vim ansible.cfg
[defaults]
inventory = hostlist
host_key_checking = False
[root@ecs-proxy website]# vim hostlist
[web]
192.168.1.[11:13]
[root@ecs-proxy website]# vim install.yaml
---
- name: web 集群安装
hosts: web
tasks:
- name: 安装 apache 服务
yum:
name: httpd,php
state: latest
update_cache: yes
- name: 配置 httpd 服务
service:
name: httpd
state: started
enabled: yes
- name: 部署网站网页
unarchive:
src: website.tar.gz
dest: /var/www/html/
copy: yes
owner: apache
group: apache
Then go to buy ELB service elastic load balancing
Shared pay-as-you-go
Add a listener and follow the prompts
You can achieve load balancing to access the back-end server