网站架构是根据客户需求分析的结果,准确定位网站目标群体,设定网站的整体架构,规划、设计网站栏目及其内容,制定网站开发流程的顺序,最大限度地进行高效资源分配与管理的设计。
百万PV网站架构
案例设计
采用四层模式实现,主要分为前端反向代理层、Web层、数据库缓存层和数据库层。前端反向代理层层采用主备模式,Web层采用群集模式,数据库缓存层采用主备模式,数据库层采用主从模式。
为了更接近生产环境,采用两台实体机部署此次环境,将前端反向代理层、数据库缓存层、数据库层部署在实体机上,只将Web层部署在KVM虚拟机当中。同时将每一层都做了高可用架构,保证业务的稳定性。
拓扑架构如图所示,实线是正常情况下的数据流向连接,虚线是异常情况下的数据流向连接。
实验环境表:
实验步骤
Nginx反向代理和keepalived
1.前端两台反向代理服务器安装带有nginx rpm软件包的源---主从都要做
[root@localhost ~]#rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm1)使用centos默认仓库完成下面的安装
[root@localhost ~]#yum install -y keepalived nginx2)配置前端反向代理主机的/etc/keepalived/keepalived.conf 配置文件如下:
[root@localhost ~]#vi /etc/keepalived/keepalived.conf ! Configuration File for keepalivedvrrp_script nginx { ???????interval 2} ??????global_defs { ??notification_email {}global_defs { ??notification_email { ????acassen@firewall.loc ????failover@firewall.loc ???} ???notification_email_from Alexandre.Cassen@firewall.loc ??smtp_server 192.168.200.1 ??smtp_connect_timeout 30} ?vrrp_instance VI_1 { ???state MASTER ???interface ens33 ???virtual_router_id 51 ???priority 100! Configuration File for keepalivedvrrp_script nginx { ??????????????????????????#添加 ???????script "/opt/shell/nginx.sh" ???????interval 2}global_defs { ??notification_email { ????acassen@firewall.loc ????failover@firewall.loc ????sysadmin@firewall.loc ??} ??notification_email_from Alexandre.Cassen@firewall.loc ??smtp_server 192.168.200.1 ??smtp_connect_timeout 30 ??router_id NGINX_HA} ???state MASTER ????sysadmin@firewall.loc ??} ??notification_email_from Alexandre.Cassen@firewall.loc ??smtp_server 192.168.200.1 ??smtp_connect_timeout 30 ??router_id NGINX_HA}vrrp_instance VI_1 { ???state MASTER ???????#主服务器 ???interface ens33 ???virtual_router_id 51 ???priority 100 ??????#优先级 ???advert_int 1 ???authentication { ???????auth_type PASS ???????auth_pass 1111 ???}track_script { ??????????????#添加 ???????nginx} ???virtual_ipaddress { ???????192.168.126.188 ?????????#内网虚拟IP ???????192.168.100.188 ?????????#外网虚拟IP ???}}3)在配置文件里面载入了一个nginx.sh脚本,脚本的含义是如果keepalived已启动,那么每两秒检查并启动一次nginx服务。
创建/opt/shell/nginx.sh文件,内容如下:
[root@localhost ~]# mkdir /opt/shell[root@localhost ~]# cd /opt/shell/[root@localhost shell]# vim nginx.sh#!/bin/bashk=`ps -ef | grep keepalived | grep -v grep | wc -l`if [ $k -gt 0 ];then ???????/bin/systemctl start nginx.serviceelse/bin/systemctl stop nginx.servicefi[root@localhost shell]# chmod +x nginx.sh ????#脚本增加可执行权限4)前端反向代理备机的配置与主服务器的配置基本上相同,唯一不同的是keepalived的配置,内容如下:
[root@localhost ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalivedvrrp_script nginx { ?????????????????#nginx触发脚本 ???????script "/opt/shell/nginx.sh" ???????interval 2}global_defs { ??notification_email { ????acassen@firewall.loc ????failover@firewall.loc ????sysadmin@firewall.loc ??} ??notification_email_from Alexandre.Cassen@firewall.loc ??smtp_server 192.168.200.1 ??smtp_connect_timeout 30 ??router_id NGINX_HB ??????# 名称}vrrp_instance VI_1 { ???state BACKUP ?????#从服务器 ???interface ens33 ???virtual_router_id 52 ?????#id号 ???priority 90 ????#优先级 ???advert_int 1 ???authentication { ???????auth_type PASS ???????auth_pass 1111 ???}track_script { ????#添加 ???????nginx} ???virtual_ipaddress { ???????192.168.126.188 ????#虚拟IP ???????192.168.100.188 ???}}以下配置都一样,这里不再编译。
2.在主从服务器上配置nginx前端调度功能
[root@localhost PV]# vim /etc/nginx/nginx.conf #gzip ?on; ???????????upstream tomcat_pool { ???????????????server 192.168.126.193:8080; ????????#两台节点服务器的IP ??????????????????????????????????????????server 192.168.126.194:8080; ???????????????ip_hash; ??????????#会话稳固功能,否则无法通过vip地址登陆 ???????} ???????server { ???????????????listen 80; ???????????????server_name 192.168.126.188; ??????#虚拟出的IP ??????????????????????location / { ???????????????????????proxy_pass http://tomcat_pool; ????????????????????????????????????????????????proxy_set_header X-Real-IP $remote_addr; ???????????????} ???????} ??????1)测试配置文件语法
[root@localhost PV]# nginx -t -c /etc/nginx/nginx.confnginx: the configuration file /etc/nginx/nginx.conf syntax is oknginx: configuration file /etc/nginx/nginx.conf test is successful2)启动keepalived服务后,nginx服务也会启动。
[root@localhost PV]# systemctl stop firewalld.service ?[root@localhost PV]# setenforce 0[root@localhost PV]# systemctl start keepalived.service3)测试keepalived的双机热备功能
关闭主机的Keepalived服务,查看虚拟IP是否可以自动漂移到备机上。
主服务器:[root@localhost PV]# ip addrinet 192.168.126.138/24 brd 192.168.126.255 scope global dynamic ens33 ??????valid_lft 1697sec preferred_lft 1697sec ???inet 192.168.126.188/32 scope global ens33 ??????valid_lft forever preferred_lft forever[root@localhost PV]# systemctl stop keepalived.service link/ether 00:0c:29:15:68:5d brd ff:ff:ff:ff:ff:ff ???inet 192.168.126.138/24 brd 192.168.126.255 scope global dynamic ens33 ??????valid_lft 1625sec preferred_lft 1625sec ???inet6 fe80::7f06:3732:bb38:c9e1/64 scope link ???????valid_lft forever preferred_lft forever备份服务器:[root@localhost ~]# ip addrlink/ether 00:0c:29:5b:03:86 brd ff:ff:ff:ff:ff:ff ???inet 192.168.126.192/24 brd 192.168.126.255 scope global dynamic ens33 ??????valid_lft 1180sec preferred_lft 1180sec ???inet 192.168.126.188/32 scope global ens33 ??????????valid_lft forever preferred_lft forever ???inet 192.168.100.188/32 scope global ens33 ???#虚拟IP自动漂移成功注意:再次将主服务器的keepalived服务开启后,虚拟IP又会漂移到主服务器上。在两台节点服务器上安装Tomcat(配置相同)
1.解压jdk-8u144-linux-x64.tar.gz和apache-tomcat-8.5.23.tar.gz安装包到/opt/目录下
[root@localhost PV]# tar zxvf jdk-8u144-linux-x64.tar.gz -C /opt/[root@localhost PV]# tar zxvf apache-tomcat-8.5.23.tar.gz -C /opt/2.把解压后的文件移动到/usr/local目录下并且创建新的目录,方便管理。
[root@localhost PV]# cd /opt/[root@localhost opt]# lsapache-tomcat-8.5.16 ?apache-tomcat-8.5.23 ?jdk1.8.0_144 ?jdk1.8.0_91 ?rh[root@localhost opt]# mv jdk1.8.0_144/ /usr/local/java[root@localhost opt]# mv apache-tomcat-8.5.23/ /usr/local/tomcat83.在/etc/profile配置文件行尾,添加以下内容:
[root@localhost opt]# vim /etc/profileexport JAVA_HOME=/usr/local/javaexport JRE_HOME=/usr/local/java/jreexport PATH=$PATH:/usr/local/java/binexport CLASSPATH=./:/usr/local/java/lib:/usr/local/java/jre/lib[root@localhost opt]# source /etc/profile ???#启动[root@localhost opt]# ln -s /usr/local/tomcat8/bin/startup.sh /usr/bin/tomcatup[root@localhost opt]# ln -s /usr/local/tomcat8/bin/shutdown.sh /usr/bin/tomcatdown4.启动tomcat服务并查看其8080端口是否开启
[root@localhost opt]# systemctl stop firewalld.service [root@localhost opt]# setenforce 0[root@localhost opt]# tomcatup [root@localhost opt]# netstat -ntap | grep 8080tcp6 ??????0 ?????0 :::8080 ????????????????:::* ???????????????????LISTEN ?????3255/java 5.打开浏览器测试默认测试页是否正常显示
6.修改默认网页内容
[root@localhost opt]# cd /usr/local/tomcat8/webapps/ROOT/[root@localhost ROOT]# mv index.jsp index.jsp.bk[root@localhost ROOT]# vim index.jsp<h1>Server abc01!!</h1>7.输入调度器地址,也就是虚拟地址,测试两台节点的调度情况。如图所示:
1)停止节点服务器1的tomcat服务,再次刷新浏览器,查看是否调度成功。如图所示:
[root@localhost ROOT]# tomcatdown
8.修改/usr/local/tomcat8/conf/server.xml在Host name下新增以下内容:
[root@localhost conf]# vim server.xml <Context path="" docBase="SLSaleSystem" reloadable="true" debug="0"></Context> ?#日志调试信息debug为0表示信息越少,docBase指定访问目录。在主从服务器安装Mysql数据库
1.安装mariadb服务
[root@localhost PV]# yum install mariadb-server mariadb -y[root@localhost PV]# systemctl enable mariadb.service ?#开启自启动[root@localhost PV]# systemctl start mariadb.service ??#开启服务[root@localhost PV]# netstat -ntap | grep 3306tcp ???????0 ?????0 0.0.0.0:3306 ???????????0.0.0.0:* ??????????????LISTEN ?????28285/mysqld 2.常规安全设置
[root@localhost PV]# mysql_secure_installation ??Enter current password for root (enter for none): ??#EnterSet root password? [Y/n] y 设置用户密码New password: ????#abc123Re-enter new password: ??#确认密码abc123 Remove anonymous users? 删除匿名用户 ?nDisallow root login remotely? 不允许远程root登录吗? nRemove test database and access to it? ?删除测试数据库并访问它? nReload privilege tables now? 现在重新加载权限表吗? y3.导入数据库slsaledb
[root@localhost PV]# mysql -u root -p < slsaledb-2014-4-10.sql [root@localhost PV]# mysql -u root -pMariaDB [(none)]> show databases;+--------------------+| Database ??????????|+--------------------+| information_schema || mysql ?????????????|| performance_schema || slsaledb ??????????|| test ??????????????|+--------------------+5 rows in set (0.02 sec)MariaDB [(none)]> GRANT all ON slsaledb.* TO ‘root‘@‘%‘ IDENTIFIED BY ‘abc123‘; #授权MariaDB [(none)]> flush privileges; ?#刷新4.在两台tomcat节点修改数据库IP地址是VRRP的虚拟IP,以及授权的用户名root和密码abc123。
[root@localhost PV]# tar zxvf SLSaleSystem.tar.gz -C /usr/local/tomcat8/webapps/[root@localhost PV]# cd /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/[root@localhost classes]# vim jdbc.properties driverClassName=com.mysql.jdbc.Driverurl=jdbc\:mysql\://192.168.126.188\:3306/slsaledb?useUnicode\=true&characterEncoding\=UTF-8uname=root ?????????#用户名password=abc123 ????#密码minIdle=10maxIdle=50initialSize=5maxActive=100maxWait=100removeAbandonedTimeout=180removeAbandoned=true5.打开浏览器进行测试网站
安装并配置redis主从缓存服务器
1.redis简介
redis是一个高性能的key-value数据库,和Memcached类似,但它支持的value类型更多。与Memcached一样,为了保证效率,数据都是缓存在内存中的。
区别是:redis会周期性地把更新的数据写入磁盘或者把修改操作写入追加的记录文件中,并且在此基础上实现了master-slave(主从)同步。
2.安装并配置redis主从
[root@localhost ~]# yum install -y epel-release[root@localhost ~]#yum install redis -y3.修改主从缓存服务器的redis主配置文件/etc/redis.conf中的监听端口,修改为bind 0.0.0.0。
[root@localhost ~]# vim /etc/redis.confbind 0.0.0.0 ???#61行从服务器上多如下一行配置slaveof 192.168.126.138 ?6379 ?#主服务器的IP不是虚拟IP(266行)4.启动redis服务
[root@localhost ~]# systemctl start redis.service[root@localhost ~]# netstat -anpt | grep 6379tcp ???????0 ?????0 0.0.0.0:6379 ???????????0.0.0.0:* ??????????????LISTEN ?????50475/redis-server ?5.测试连接
主服务器:[root@localhost ~]# redis-cli -h 192.168.126.138 -p 6379 192.168.126.138:6379> set name test ??#设置name 值是testOK192.168.126.138:6379> get name ???#获取name值"test"从服务器:[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379 ?#登录从,获取值,成功说明主从同步成功。192.168.126.192:6379> get name ??"test"192.168.126.192:6379> 6.在tomcat节点服务器上,配置商城项目中连接redis的参数。
[root@localhost classes]#cd /usr/local/tomcat8/webapps/SLSaleSystem/WEB-INF/classes/[root@localhost classes]# vim applicationContext-mybatis.xml <constructor-arg value="192.168.126.188"/> ????????#47行 ???????????????<constructor-arg value="6379"/> ???#48行7.测试缓存效果
[root@localhost ~]# redis-cli -h 192.168.126.188 -p 6379192.168.126.188:6379> info.....//省略evicted_keys:0keyspace_hits:1 ?????#keyspace_hits:1 ?或者 keyspace_misses:2//关注这个值,命中数和未命中数keyspace_misses:0pubsub_channels:0登录商城,然后反复点击需要数据库参与的操作页面,再回来检查keyspace_hits或者keyspace_misses: 值变化。如果keyspace_hits:1 值变为2,说明redis在正常工作。
8.配置redis集群主从切换---只在主服务器是操作
[root@localhost ~]# vi /etc/redis-sentinel.conf protected-mode no ??#17行 ?开启 sentinel monitor mymaster 192.168.126.138 6379 1 #1表示1台从 注意:修改为主IP sentinel down-after-milliseconds mymaster 3000 ??#故障切换时间单位是毫秒9.启动集群
[root@localhost ~]# service redis-sentinel start[root@localhost ~]# netstat -anpt | grep 26379tcp ???????0 ?????0 0.0.0.0:26379 ??????????0.0.0.0:* ??????????????LISTEN ?????57151/redis-sentine tcp6 ??????0 ?????0 :::26379 ???????????????:::* ???????????????????LISTEN ?????57151/redis-sentine [root@localhost ~]# redis-cli -h 192.168.126.138 -p 26379 infoSentinel #查看集群信息# Sentinelsentinel_masters:1sentinel_tilt:0sentinel_running_scripts:0sentinel_scripts_queue_length:0sentinel_simulate_failure_flags:0master0:name=mymaster,status=ok,address=192.168.126.138:6379,slaves=1,sentinels=110.验证主从切换
主服务器:root@localhost ~]# systemctl stop redis.service ??#关闭主服务器的redis服务[root@localhost ~]# redis-cli -h 192.168.126.138 -p 26379 info Sentinel # Sentinel #发现主切换成从服务器的IPsentinel_masters:1sentinel_tilt:0sentinel_running_scripts:0sentinel_scripts_queue_length:0sentinel_simulate_failure_flags:0master0:name=mymaster,status=ok,address=192.168.126.192:6379,slaves=1,sentinels=111.验证数据同步情况
在主服务器上:[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379 192.168.126.192:6379> set name2 test2OK192.168.126.192:6379> get name2"test2"192.168.126.192:6379>在从服务器上查看:[root@localhost ~]# redis-cli -h 192.168.126.192 -p 6379 192.168.126.192:6379> get name2"test2"启动主服务器的redis服务:[root@localhost ~]# systemctl start redis.service[root@localhost ~]# redis-cli -h 192.168.126.138 -p 6379192.168.126.138:6379> get name2"test2" ????????????????#同步成功在主从服务器上配置Mysql主从复制
1.首选主库需要开启binlog日志,在打开主库的/etc/my.cnf文件里面增加以下内容:
[mysqld]datadir=/var/lib/mysqlsocket=/var/lib/mysql/mysql.sockbinlog-ignore-db=mysql,information_schema ?#日志character_set_server=utf8 ???#字符集log_bin=mysql_bin ???#二进制日志server_id=1 ???????#从服务器的id号不能相同log_slave_updates=true ??sync_binlog=12.重启数据库
[root@localhost ~]# systemctl restart mariadb.service [root@localhost ~]# netstat -ntap | grep 3306tcp ???????0 ?????0 0.0.0.0:3306 ???????????0.0.0.0:* ??????????????LISTEN ?????65321/mysqld ???3.登录主库并授权,允许从库的指定用户从主库读取日志。
[root@localhost ~]# mysql -u root -pMariaDB [(none)]> show master status; ??#记录日志文件名称和 位置值+------------------+----------+--------------+--------------------------+| File ????????????| Position | Binlog_Do_DB | Binlog_Ignore_DB ????????|+------------------+----------+--------------+--------------------------+| mysql_bin.000001 | ?????245 | ?????????????| mysql,information_schema |+------------------+----------+--------------+--------------------------+1 row in set (0.00 sec)MariaDB [(none)]> grant replication slave on *.* to ‘rep‘@‘192.168.126.%‘ identified by ‘123456‘; ?#授权MariaDB [(none)]> flush privileges;3.Mysql从数据库配置
[root@localhost ~]# mysql -u root -p MariaDB [(none)]> change master to master_host=‘192.168.126.138‘,master_user=‘rep‘,master_password=‘123456‘,master_log_file=‘mysql_bin.000001‘,master_log_pos=245;MariaDB [(none)]> start slave;MariaDB [(none)]> show slave status\G;.....//省略 ???????????Slave_IO_Running: Yes ???????????Slave_SQL_Running: Yes4.测试主从同步
在Mysql主服务器上创建一个库,看从服务器上是否能够同步主服务器的新数据库。
主服务器:MariaDB [(none)]> flush privileges;MariaDB [(none)]> show databases;+--------------------+| Database ??????????|+--------------------+| information_schema || mysql ?????????????|| performance_schema || school ????????????|| slsaledb ??????????|| test ??????????????|+--------------------+6 rows in set (0.28 sec)从服务器:MariaDB [(none)]> show databases;+--------------------+| Database ??????????|+--------------------+| information_schema || mysql ?????????????|| performance_schema || school ????????????| ????????#| slsaledb ??????????|| test ??????????????|+--------------------+6 rows in set (0.19 sec)同步成功,实验成功。
在CentOS7上部署百万PV网站架构
原文地址:http://blog.51cto.com/13642258/2152448