网站会话保持项目:
①概述:
1、cookie:用于存放用户登录信息,基本信息
2、session:用于存放用户登录信息,基本信息
3、会话保持:会话保持/会话共享:无论用户通过那台web登录,登录状态保持不变
②会话保持方案:
1、使用ip_hash轮训算法即可,这样用户就会只访问1台
2、搭建一个存放会话的服务{redis/mem,把所有的会话信息存放到这个服务中}
③环境规划:
1、web01:nginx+php 9001
2、web2复制
3、slb接入
4、db1:安装redis,配置会话保持
④web站点的配置:
1、web的站点配置:{是指向了9001不是9000因为9001要存会话}
[root@bd-web1 /]# cat /etc/nginx/conf.d/phpadmin.conf
server {
listen 80;
server_name www.ipran.com;
root /www/web/phpadmin;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9001;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@bd-web1 /]#
2、站点文件:{修改权限和conf的地址,这个地址是redis的地址}{下载phpamdin-5.13版本,高版本有问题}
[root@bd-web1 web]# ls -l
drwxr-xr-x 12 nginx nginx 4096 Jun 21 22:17 phpadmin
[root@bd-web1 web]# pwd
/www/web
[root@bd-web1 web]# grep 'host' phpadmin/config.inc.php
$cfg['Servers'][$i]['host'] = '192.168.0.8';
// $cfg['Servers'][$i]['controlhost'] = '';
[root@bd-web1 web]#
3、配置php的配置和php-session的配置:{要chown-nginx的配置}
[root@bd-web1 /]#
[root@bd-web1 php-fpm.d]# ll -l
total 8
-rw-r--r-- 1 nginx nginx 484 Jun 21 22:14 session.conf
-rw-r--r-- 1 nginx nginx 479 Jun 3 19:42 www.conf
[root@bd-web1 php-fpm.d]# pwd
/etc/php-fpm.d
[root@bd-web1 php-fpm.d]#
[root@bd-web1 php-fpm.d]# cat www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
[root@bd-web1 php-fpm.d]#
[root@bd-web1 php-fpm.d]# cat session.conf {配置标题的名字和redis的头,还有redis的地址其余的和php的配置一样}
[session]
user = www
group = www
listen = 127.0.0.1:9001
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = redis
php_value[session.save_path] = tcp://192.168.0.8:6379
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
[root@bd-web1 php-fpm.d]#
4、重启:
1.重启nginx
2.重启php
3.重启slb
5、将web1的全部配置复制一份到web2即可:{web2执行和web1同样的操作}
⑤配置redis:
1、安装redis
[root@bd-db1 ~]# yum -y install redis
2、更改redisbind的地址为自身网卡的内网地址
[root@bd-db1 ~]# grep '^bind' /etc/redis.conf
bind 192.168.0.8
[root@bd-db1 ~]
3、重启redis:
[root@bd-db1 ~]# systemctl start redis
[root@bd-db1 ~]#
[root@bd-db1 ~]# systemctl enable redis
[root@bd-db1 ~]#
[root@bd-db1 ~]# ps -ef |grep redis
redis 5167 1 0 Jun06 ? 00:23:46 /usr/bin/redis-sentinel *:26379 [sentinel]
redis 56327 1 0 22:13 ? 00:00:01 /usr/bin/redis-server 192.168.0.8:6379
root 59817 55642 0 23:02 pts/0 00:00:00 grep --color=auto redis
[root@bd-db1 ~]# netstat -tupnl|grep redis
tcp 0 0 192.168.0.8:6379 0.0.0.0:* LISTEN 56327/redis-server
tcp 0 0 0.0.0.0:26379 0.0.0.0:* LISTEN 5167/redis-sentinel
tcp6 0 0 :::26379 :::* LISTEN 5167/redis-sentinel
[root@bd-db1 ~]#
⑥slb的配置:
1、slb的配置:
[root@bd-slb1 /]# cat /etc/nginx/conf.d/phpadmin.conf
upstream phpadmin_pools {
server 192.168.0.6:80;
server 192.168.0.10:80;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://phpadmin_pools;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
[root@bd-slb1 /]#
⑥访问测试:{公网slb的地址}
1、120.48.15.242
2、登入redis的操作:
[root@bd-db1 ~]# redis-cli -h 192.168.0.8
192.168.0.8:6379> keys *
1) "backup4"
2) "backup3"
3) "PHPREDIS_SESSION:08f2f00cb6a620bc9a7eb71453d36c2e"
4) "backup2"
5) "PHPREDIS_SESSION:9a93a6b7860c318ddc58e67f73fe19f5"
6) "backup1"
192.168.0.8:6379>
⑦错误展示:
1、错误1:{看是否使能slb进入管理}这个报错就说明没做会话保持
http://120.48.15.242/index.php?route=/
2、错误2:登录出现:{权限不够,授权}
1.提示:
session_start():open(SESSION_FILE,O_RDWR)失败:权限被拒绝(13)
session_start():无法读取会话数据:文件(路径:/var/lib/php/session)
2.解决:
[root@web1 php]# ls -ld /var/lib/php/session/
drwxrwx--- 2 root apache 4096 Oct 1 2020 session
drwxrwx--- 2 root apache 4096 Oct 1 2020 wsdlcache
[root@web1 php]# chown nginx.nginx session/
[root@web1 php]# ll
drwxrwx--- 2 nginx nginx 4096 Oct 1 2020 session
drwxrwx--- 2 root apache 4096 Oct 1 2020 wsdlcache
[root@web1 php]#
3、错误3:登录phpamdin使用root登录提示(HY000/2002):
1.将文件复制一份:
[root@web1 phpadmin]# cp config.sample.inc.php config.inc.php
2.修改localhost为数据库的地址:
[root@web1 phpadmin]# vi config.inc.php
30 $cfg['Servers'][$i]['host'] = '192.168.0.8';
4、错误4:登入php-admin显示:(HY000/1045): Access denied
因为数据库的用户可能没让外网访问的权限,要在mysql或者数据库里面授予外网访问权限,因为phpamdin在外网,所以要权限