网站架构概述
网站架构是根据客户需求分析的结果,准确定位网站目标群体,设定网站的整体架构,规划、设计网站栏目及其内容,制定网站开发流程的顺序,最大限度地进行高效资源分配与管理的设计。
百万PV网站架构
案例设计
采用四层模式实现,主要分为前端反向代理层、Web层、数据库缓存层和数据库层。前端反向代理层层采用主备模式,Web层采用群集模式,数据库缓存层采用主备模式,数据库层采用主从模式。
为了更接近生产环境,采用两台实体机部署此次环境,将前端反向代理层、数据库缓存层、数据库层部署在实体机上,只将Web层部署在KVM虚拟机当中。同时将每一层都做了高可用架构,保证业务的稳定性。
拓扑架构如图所示,实线是正常情况下的数据流向连接,虚线是异常情况下的数据流向连接。
实验环境表:
实验步骤
Nginx反向代理和keepalived
1.前端两台反向代理服务器安装带有nginx rpm软件包的源---主从都要做
[root@localhost ~]#rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/\
nginx-release-centos-7-0.el7.ngx.noarch.rpm
1)使用centos默认仓库完成下面的安装
[root@localhost ~]#yum install -y keepalived nginx
2)配置前端反向代理主机的/etc/keepalived/keepalived.conf 配置文件如下:
[root@localhost ~]#vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_script nginx {
interval 2
}
global_defs {
notification_email {
}
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
! Configuration File for keepalived
vrrp_script nginx { #添加
script "/opt/shell/nginx.sh"
interval 2
}
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_HA
}
state MASTER
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_HA
}
vrrp_instance VI_1 {
state MASTER #主服务器
interface ens33
virtual_router_id 51
priority 100 #优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script { #添加
nginx
}
virtual_ipaddress {
192.168.126.188 #内网虚拟IP
192.168.100.188 #外网虚拟IP
}
}
3)在配置文件里面载入了一个nginx.sh脚本,脚本的含义是如果keepalived已启动,那么每两秒检查并启动一次nginx服务。
创建/opt/shell/nginx.sh文件,内容如下:
[root@localhost ~]# mkdir /opt/shell
[root@localhost ~]# cd /opt/shell/
[root@localhost shell]# vim nginx.sh
#!/bin/bash
k=`ps -ef | grep keepalived | grep -v grep | wc -l`
if [ $k -gt 0 ];then
/bin/systemctl start nginx.service
else
/bin/systemctl stop nginx.service
fi
[root@localhost shell]# chmod +x nginx.sh #脚本增加可执行权限
4)前端反向代理备机的配置与主服务器的配置基本上相同,唯一不同的是keepalived的配置,内容如下:
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_script nginx { #nginx触发脚本
script "/opt/shell/nginx.sh"
interval 2
}
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id NGINX_HB # 名称
}
vrrp_instance VI_1 {
state BACKUP #从服务器
interface ens33
virtual_router_id 52 #id号
priority 90 #优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script { #添加
nginx
}
virtual_ipaddress {
192.168.126.188 #虚拟IP
192.168.100.188
}
}
以下配置都一样,这里不再编译。
2.在主从服务器上配置nginx前端调度功能
[root@localhost PV]# vim /etc/nginx/nginx.conf
#gzip on;
upstream tomcat_pool {
server 192.168.126.193:8080; #两台节点服务器的IP
server 192.168.126.194:8080;
ip_hash; #会话稳固功能,否则无法通过vip地址登陆
}
server {
listen 80;
server_name 192.168.126.188; #虚拟出的IP
location / {
proxy_pass http://tomcat_pool; proxy_set_header X-Real-IP $remote_addr;
}
}
1)测试配置文件语法
[root@localhost PV]# nginx -t -c /etc/nginx/nginx.conf
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
2)启动keepalived服务后,nginx服务也会启动。
[root@localhost PV]# systemctl stop firewalld.service
[root@localhost PV]# setenforce 0
[root@localhost PV]# systemctl start keepalived.service
3)测试keepalived的双机热备功能
关闭主机的Keepalived服务,查看虚拟IP是否可以自动漂移到备机上。
主服务器:
[root@localhost PV]# ip addr
inet 192.168.126.138/24 brd 192.168.126.255 scope global dynamic ens33
valid_lft 1697sec preferred_lft 1697sec
inet 192.168.126.188/32 scope global ens33
valid_lft forever preferred_lft forever
[root@localhost PV]# systemctl stop keepalived.service
link/ether 00:0c:29:15:68:5d brd ff:ff:ff:ff:ff:ff
inet 192.168.126.138/24 brd 192.168.126.255 scope global dynamic ens33
valid_lft 1625sec preferred_lft 1625sec
inet6 fe80::7f06:3732:bb38:c9e1/64 scope link
valid_lft forever preferred_lft forever
备份服务器:
[root@localhost ~]# ip addr
link/ether 00:0c:29:5b:03:86 brd ff:ff:ff:ff:ff:ff
inet 192.168.126.192/24 brd 192.168.126.255 scope global dynamic ens33
valid_lft 1180sec preferred_lft 1180sec
inet 192.168.126.188/32 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.100.188/32 scope global ens33 #虚拟IP自动漂移成功
注意:再次将主服务器的keepalived服务开启后,虚拟IP又会漂移到主服务器上。
在两台节点服务器上安装Tomcat(配置相同)
1.解压jdk-8u144-linux-x64.tar.gz和apache-tomcat-8.5.23.tar.gz安装包到/opt/目录下
[root@localhost PV]# tar zxvf jdk-8u144-linux-x64.tar.gz -C /opt/
[root@localhost PV]# tar zxvf apache-tomcat-8.5.23.tar.gz -C /opt/
2.把解压后的文件移动到/usr/local目录下并且创建新的目录,方便管理。
[root@localhost PV]# cd /opt/
[root@localhost opt]# ls
apache-tomcat-8.5.16 apache-tomcat-8.5.23 jdk1.8.0_144 jdk1.8.0_91 rh
[root@localhost opt]# mv jdk1.8.0_144/ /usr/local/java
[root@localhost opt]# mv apache-tomcat-8.5.23/ /usr/local/tomcat8
3.在/etc/profile配置文件行尾,添加以下内容:
[root@localhost opt]# vim /etc/profile
export JAVA_HOME=/usr/local/java
export JRE_HOME=/usr/local/java/jre
export PATH=$PATH:/usr/local/java/bin
export CLASSPATH=./:/usr/local/java/lib:/usr/local/java/jre/lib
[root@localhost opt]# source /etc/profile #启动
[root@localhost opt]# ln -s /usr/local/tomcat8/bin/startup.sh /usr/bin/tomcatup[root@localhost opt]# ln -s /usr/local/tomcat8/bin/shutdown.sh /usr/bin/tomcatdown
4.启动tomcat服务并查看其8080端口是否开启
[root@localhost opt]# systemctl stop firewalld.service
[root@localhost opt]# setenforce 0
[root@localhost opt]# tomcatup
[root@localhost opt]# netstat -ntap | grep 8080
tcp6 0 0 :::8080 :::* LISTEN 3255/java
5.打开浏览器测试默认测试页是否正常显示
6.修改默认网页内容
[root@localhost opt]# cd /usr/local/tomcat8/webapps/ROOT/
[root@localhost ROOT]# mv index.jsp index.jsp.bk
[root@localhost ROOT]# vim index.jsp
Server abc01!!
7.输入调度器地址,也就是虚拟地址,测试两台节点的调度情况。如图所示:
1)停止节点服务器1的tomcat服务,再次刷新浏览器,查看是否调度成功。如图所示:
[root@localhost ROOT]# tomcatdown
8.修改/usr/local/tomcat8/conf/server.xml在Host name下新增以下内容:
[root@localhost conf]# vim server.xml
<Context path="" docBase="SLSaleSystem" reloadable="true" debug="0"></Context> #日志调试信息debug为0表示信息越少,docBase指定访问目录。
在主从服务器安装Mysql数据库
1.安装mariadb服务
[root@localhost PV]# yum install mariadb-server mariadb -y
[root@localhost PV]# systemctl enable mariadb.service #开启自启动
[root@localhost PV]# systemctl start mariadb.service #开启服务
[root@localhost PV]# netstat -ntap | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 28285/mysqld
2.常规安全设置
[root@localhost PV]# mysql_secure_installation
Enter current password for root (enter for none): #Enter
Set root password? [Y/n] y 设置用户密码
New password: #abc123
Re-enter new password: #确认密码abc123
Remove anonymous users? 删除匿名用户 n
Disallow root login remotely? 不允许远程root登录吗? n
Remove test database and access to it? 删除测试数据库并访问它? n
Reload privilege tables now? 现在重新加载权限表吗? y
3.导入数据库slsaledb
[root@localhost PV]# mysql -u root -p < slsaledb-2014-4-10.sql
[root@localhost PV]# mysql -u root -p
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| slsaledb |
| test |
+--------------------+
5 rows in set (0.02 sec)
MariaDB [(none)]> GRANT all ON slsaledb.* TO 'root'@'%' IDENTIFIED BY 'abc123'; #授权
MariaDB [(none)]> flush privileges; #刷新
4.在两台tomcat节点修改数据库IP地址是VRRP的虚拟IP,以及授权的用户名root和密码abc123。
[root@localhost PV]# tar zxvf SLSaleSystem.tar.gz -C /usr/local/tomcat8/webapps/
[root@localhost PV]# cd /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/
classes/
[root@localhost classes]# vim jdbc.properties
driverClassName=com.mysql.jdbc.Driver
url=jdbc\:mysql\://192.168.126.188\:3306/slsaledb?useUnicode\=true&characterEncoding\=UTF-8
uname=root #用户名
password=abc123 #密码
minIdle=10
maxIdle=50
initialSize=5
maxActive=100
maxWait=100
removeAbandonedTimeout=180
removeAbandoned=true
5.打开浏览器进行测试网站
安装并配置redis主从缓存服务器
1.redis简介
redis是一个高性能的key-value数据库,和Memcached类似,但它支持的value类型更多。与Memcached一样,为了保证效率,数据都是缓存在内存中的。
区别是:redis会周期性地把更新的数据写入磁盘或者把修改操作写入追加的记录文件中,并且在此基础上实现了master-slave(主从)同步。
2.安装并配置redis主从
[root@localhost ~]# yum install -y epel-release
[root@localhost ~]#yum install redis -y
3.修改主从缓存服务器的redis主配置文件/etc/redis.conf中的监听端口,修改为bind 0.0.0.0。
[root@localhost ~]# vim /etc/redis.conf
bind 0.0.0.0 #61行
从服务器上多如下一行配置
slaveof 192.168.126.138 6379 #主服务器的IP不是虚拟IP(266行)
4.启动redis服务
[root@localhost ~]# systemctl start redis.service
[root@localhost ~]# netstat -anpt | grep 6379
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN 50475/redis-server
5.测试连接
主服务器:
[root@localhost ~]# redis-cli -h 192.168.126.138 -p 6379
192.168.126.138:6379> set name test #设置name 值是test
OK
192.168.126.138:6379> get name #获取name值
"test"
从服务器:
[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379 #登录从,获取值,成功说明主从同步成功。
192.168.126.192:6379> get name
"test"
192.168.126.192:6379>
6.在tomcat节点服务器上,配置商城项目中连接redis的参数。
[root@localhost classes]#cd /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/
[root@localhost classes]# vim applicationContext-mybatis.xml
<constructor-arg value="192.168.126.188"/> #47行
<constructor-arg value="6379"/> #48行
7.测试缓存效果
[root@localhost ~]# redis-cli -h 192.168.126.188 -p 6379
192.168.126.188:6379> info
.....//省略
evicted_keys:0
keyspace_hits:1 #keyspace_hits:1 或者 keyspace_misses:2//关注这个值,命中数和未命中数
keyspace_misses:0
pubsub_channels:0
登录商城,然后反复点击需要数据库参与的操作页面,再回来检查keyspace_hits或者keyspace_misses: 值变化。如果keyspace_hits:1 值变为2,说明redis在正常工作。
8.配置redis集群主从切换---只在主服务器是操作
[root@localhost ~]# vi /etc/redis-sentinel.conf
protected-mode no #17行 开启
sentinel monitor mymaster 192.168.126.138 6379 1 #1表示1台从 注意:修改为主IP
sentinel down-after-milliseconds mymaster 3000 #故障切换时间单位是毫秒
9.启动集群
[root@localhost ~]# service redis-sentinel start
[root@localhost ~]# netstat -anpt | grep 26379
tcp 0 0 0.0.0.0:26379 0.0.0.0:* LISTEN 57151/redis-sentine
tcp6 0 0 :::26379 :::* LISTEN 57151/redis-sentine
[root@localhost ~]# redis-cli -h 192.168.126.138 -p 26379 infoSentinel #查看集群信息
# Sentinel
sentinel_masters:1
sentinel_tilt:0
sentinel_running_scripts:0
sentinel_scripts_queue_length:0
sentinel_simulate_failure_flags:0
master0:name=mymaster,status=ok,address=192.168.126.138:6379,slaves=1,sentinels=1
10.验证主从切换
主服务器:
root@localhost ~]# systemctl stop redis.service #关闭主服务器的redis服务
[root@localhost ~]# redis-cli -h 192.168.126.138 -p 26379 info Sentinel # Sentinel #发现主切换成从服务器的IP
sentinel_masters:1
sentinel_tilt:0
sentinel_running_scripts:0
sentinel_scripts_queue_length:0
sentinel_simulate_failure_flags:0
master0:name=mymaster,status=ok,address=192.168.126.192:6379,slaves=1,sentinels=1
11.验证数据同步情况
在主服务器上:
[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379
192.168.126.192:6379> set name2 test2
OK
192.168.126.192:6379> get name2
"test2"
192.168.126.192:6379>
在从服务器上查看:
[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379
192.168.126.192:6379> get name2
"test2"
启动主服务器的redis服务:
[root@localhost ~]# systemctl start redis.service
[root@localhost ~]# redis-cli -h 192.168.126.138 -p 6379
192.168.126.138:6379> get name2
"test2" #同步成功
在主从服务器上配置Mysql主从复制
1.首选主库需要开启binlog日志,在打开主库的/etc/my.cnf文件里面增加以下内容:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
binlog-ignore-db=mysql,information_schema #日志
character_set_server=utf8 #字符集
log_bin=mysql_bin #二进制日志
server_id=1 #从服务器的id号不能相同
log_slave_updates=true
sync_binlog=1
2.重启数据库
[root@localhost ~]# systemctl restart mariadb.service
[root@localhost ~]# netstat -ntap | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 65321/mysqld
3.登录主库并授权,允许从库的指定用户从主库读取日志。
[root@localhost ~]# mysql -u root -p
MariaDB [(none)]> show master status; #记录日志文件名称和 位置值
+------------------+----------+--------------+--------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+--------------------------+
| mysql_bin.000001 | 245 | | mysql,information_schema |
+------------------+----------+--------------+--------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> grant replication slave on *.* to 'rep'@'192.168.126.%' identified by '123456'; #授权
MariaDB [(none)]> flush privileges;
3.Mysql从数据库配置
[root@localhost ~]# mysql -u root -p
MariaDB [(none)]> change master to master_host='192.168.126.138',master_user='rep',master_password='123456',master_log_file='mysql_bin.000001',master_log_pos=245;
MariaDB [(none)]> start slave;
Ma
riaDB [(none)]> show slave status\G;
.....//省略
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
4.测试主从同步
在Mysql主服务器上创建一个库,看从服务器上是否能够同步主服务器的新数据库。
主服务器:
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| school |
| slsaledb |
| test |
+--------------------+
6 rows in set (0.28 sec)
从服务器:
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| school | #
| slsaledb |
| test |
+--------------------+
6 rows in set (0.19 sec)
同步成功,实验成功。
