Examples of simple web application architecture

First, the architecture diagram

../../_images/ combat Chart .png 1
  • dns complete analytical web1, web2 to achieve load balancing
  • web1, web2 use mysql database backend
  • web1, web2 page data on all nfs data, automatically mount
  • nfs server web1, web2 provide web data
10.7.2. Preparations

Set ip information

nmcli con add ifname ens33 con-name ens33 type ethernet ipv4.method manual \
ipv4.address ipv4.gateway


nmcli modified ip I'm using, of course, human modification.
10.7.3. Ansible configuration Ansible installation

[root@localhost ~]# yum install ansible Adding Host

Need to add the following to / etc / ansible / hosts file.



[self] Configuring password-free login

Here I have to write a script that automatically password-free login script before, refer to my blog

[root@localhost ~]# cat hosts.txt root oracle root oracle root oracle root oracle root oracle root oracle root oracle root oracle root oracle root oracle root oracle
[root@localhost ~]# cat mima.sh
#FileName   :expect_ssh.sh
#Author     :zhaojiedi
#DateTime   :2018-01-05 08:26:06
#Version    :V1.0
#Other      :

# install expect
rpm -q expect &>/dev/null || yum install -yq expect &>/dev/null

# create id_rsa.pub file
if [ ! -e "$pubkey" ] ; then
        ssh-keygen  -P "" -t rsa  -f ~/.ssh/id_rsa
while read host username password ; do
        echo $password
        expect <<EOF
        set timeout 20
        spawn ssh-copy-id $con
        expect {
                "yes/no"  { send "yes\n" ; exp_continue }
                "password:" { send "${password}\n"; exp_continue }
done < $host_username_password_file

# The next script to automatically copy the public key work
[root@localhost ~]# bash mima.sh

# Test case
[root@localhost ~]# ssh 'ip a show ens33' Set the host name (optional)

I have here the whole machine is just cloned virtual machine, in order to facilitate the management set down the host name to prevent misuse.

# Create a script to set the hostname
[root@localhost ~]# vim set_hostname.sh
[root@localhost ~]# cat set_hostname.sh
echo "start"
name=centos-$(ip a show ens33 |grep 'inet.*ens33' | sed -r  -n 's@.*\.([0-9]{1,3})/.*@\1@p').linuxpanda.tech
echo $name
hostnamectl set-hostname $name
echo "end"

[root@centos-localhost ~]# ansible all -m script -a '/root/set_hostname.sh'

The script also set ip ansible host. Firewall and selinux closed

# Turn off the firewall
[root@centos-150 ~]# ansible all -m service -a 'name=firewalld enabled=no'
[root@centos-150 ~]# ansible all -m service -a 'name=firewalld state=stopped'

[root@centos-150 ~]# ansible all -m shell -a 'sed  -i -r 's@SELINUX=.*@SELINUX=disabled@' /etc/sysconfig/selinux'
[root@centos-150 ~]# ansible all -m shell -a  'setenforce 0'


If the original selinux is disabled, will be reported using setenforce 0 errors, do not ignore it.
10.7.4. Dns host settings Dns configuration

[root@centos-158 ~]# yum install bind bind-utils
[root@centos-158 ~]# vim /etc/named.conf
# Comment below 5 lines
//      listen-on port 53 {; };
//      listen-on-v6 port 53 { ::1; };
//      allow-query     { localhost; };
//      dnssec-enable yes;
//      dnssec-validation yes;
[root@centos-158 ~]# vim /etc/named.rfc1912.zones
Semicolon # add the following note after
zone "linuxpanda.tech" IN {
        type master;
        file "linuxpanda.tech.zone";
[root@centos-158 ~]# cd /var/named/
[root@centos-158 named]# cp -a named.localhost  linuxpanda.tech.zone
[root@centos-158 named]# vim linuxpanda.tech.zone
[root@centos-158 named]# cat linuxpanda.tech.zone
@   IN SOA  ns1 admin (
                    0       ; serial
                    1D      ; refresh
                    1H      ; retry
                    1W      ; expire
                    3H )    ; minimum
    NS      ns1
ns1     A
A web
A web
www     CNAME   web Dns test the machine

[root@centos-158 named]# dig www.linuxpanda.tech @localhost

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> www.linuxpanda.tech @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57957
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2

; EDNS: version: 0, flags:; udp: 4096
;www.linuxpanda.tech.               IN      A

www.linuxpanda.tech.        86400   IN      CNAME   web.linuxpanda.tech.
web.linuxpanda.tech.        86400   IN      A
web.linuxpanda.tech.        86400   IN      A

linuxpanda.tech. 86400 IN NS ns1.linuxpanda.tech.

ns1.linuxpanda.tech.        86400   IN      A

;; Query time: 0 msec
;; WHEN: Sun Feb 18 21:05:05 CST 2018
;; MSG SIZE  rcvd: 132

10.7.5. Client host test

# Modify the client's dns to point to our own dns host
[root@centos-159 ~]# nmcli con modify  ens33 ipv4.dns
# Restart the network, or reload
[root@centos-159 ~]# service network restart

# Ping at our web host to see if it can resolve the two ip 157,156
[root@centos-159 ~]# ping www.linuxpanda.tech
PING web.linuxpanda.tech ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=64 time=0.330 ms
64 bytes from ( icmp_seq=2 ttl=64 time=0.255 ms
64 bytes from ( icmp_seq=3 ttl=64 time=0.292 ms

[root@centos-159 ~]# ping www.linuxpanda.tech
PING web.linuxpanda.tech ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=64 time=0.421 ms


ping command to test a bit unprofessional, require multiple tests to two addresses appear, there is not installed dig tool, after all clients.
10.7.6. Nfs Host Configuration Adding users

[root@centos-154 ~]# groupadd -g 48 apache
[root@centos-154 ~]# useradd -u 48 -g 48 apache
[root@centos-154 ~]# id apache
uid=48(apache) gid=48(apache) groups=48(apache) Modify permission

[root@centos-154 ~]# chown -R apache.apache /data/html Sharing out

[root@centos-154 ~]# yum install nfs-utils
[root@centos-154 ~]# vim /etc/exports
[root@centos-154 ~]# cat /etc/exports
/ Data / html (PC all_squash, anonuid = apache, anongid = apache)
/ Data / html (PC all_squash, anonuid = apache, anongid = apache)
[root@centos-154 ~]# systemctl restart nfsd
[root@centos-154 ~]# exportfs -v

10.7.7. Mysql Host Configuration Installing the software

[root@centos-155 ~]# yum install mariadb-server mariadb Start Service

[root@centos-155 ~]# systemctl start mariadb
[root@centos-155 ~]# netstat -tunlp |grep 3306
tcp        0      0  *               LISTEN      13680/mysqld Adding application users

[root@centos-155 ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 5.5.56-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database web ;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on web.* to web@'192.168.46.%' identified by 'oracle';
Query OK, 0 rows affected (0.05 sec) Security Initialization

[root@centos-155 ~]# mysql_secure_installation

10.7.8. Web Host Configuration

Here are two hosts. Installing the software

# Installation
[root@centos-150 ~]# ansible web -m yum -a 'name=httpd,php-fpm,php-mysql,mod_fcgid state=installed'
# Start Service
[root@centos-150 ~]# ansible web -m service -a 'name=httpd state=started'
[root@centos-150 ~]# ansible web -m service -a 'name=php-fpm state=started' Mount directory

# Install the necessary mount related software
[root@centos-156 httpd]# yum install nfs-utils cifs-utils
# Start rpc service
[root@centos-156 httpd]# systemctl restart rpcbind
# View Export situation of remote
[root@centos-156 httpd]# showmount -e
Export list for
# Mount
[root@centos-156 httpd]# mount /var/www/html

# Automatically mount
[root@centos-156 httpd]# tail -n 1 /etc/mtab /var/www/html nfs4 rw,relatime,vers=4.1,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=,local_lock=none,addr= 0 0
[root@centos-156 httpd]# tail -n 1 /etc/mtab >> /etc/fstab
# View the sample pages
[root@centos-156 httpd]# cat /var/www/html/index.html
hellow world Configuration httpd

This section requires two machines have to do it again.

# Php download a sample of the page
[root@centos-156 httpd]# wget download.linuxpanda.tech/lamp/index.php.sample -O /var/www/html/index.php
# Edit the next page php sample database connection user and password
[root@centos-156 httpd]# vim /var/www/html/index.php
[root@centos-156 httpd]# cat /var/www/html/index.php
$mysqli=new mysqli("","web","oracle");
echo "fail";
echo "success";

# Fcgi editor
[root@centos-156 conf.d]# vim fcgid.conf
Add the following line # 3
DirectoryIndex index.php
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://$1
# Network Service Restart
[root@centos-156 conf.d]# service httpd restart The machine test

This section requires two machines have to do it again.

[root@centos-156 conf.d]# curl localhost/index.php

10.7.9. Client testing

[root@centos-159 ~]# curl http://www.linuxpanda.tech/index.php
# 156 of the web stopped
[root@centos-159 ~]# curl http://www.linuxpanda.tech/index.php
# 157 of web then stopped
[root@centos-159 ~]# curl http://www.linuxpanda.tech/index.php
curl: (7) Failed connect to www.linuxpanda.tech:80; Connection refused

10.7.10 Summary

This work looks very simple, but doing it is still encountered some trouble.

Areas for improvement:

    dns resolution too unstable, if web1 stopped, dns also possible to resolve this stopped the host, it will lead web can not access.
    Examples of mysql later learned from a master can consider perfect.
    lamp is not used under acceleration xcache
    This exercise is to use yum to install the lamp environment, consider using the compiler installation method.
    Nfs share data, in essence, is a disk of data, consider using rsync instead of nfs.
    Data files can be placed on the consideration raid, to provide file access performance


Guess you like

Origin www.cnblogs.com/tanxiaojun/p/12151739.html