环境:
192.168.92.183 7.3.1611192.168.92.184 7.3.1611192.168.92.185 7.3.1611yum -y install wget vim lrzsz unzip$ cd /usr/local/src$ wget http://182.138.101.48:51280/package/tar/nn_sys_init-20180605.tar.gzvim config.ini#[SYSTEM]NN_HOSTNAME='SZTW_CMS_node3' # 主机名,必须填写NTP_SERVER=0.pool.ntp.org # NTP服务器地址,默认为 cn.pool.ntp.orgNTP_CRON="*/30 * * * *" # NTP同步周期,规则同计划任务一致,默认30分钟同步一次TIMEZONE="Asia/Shanghai" # 时区注意大小写DATA_DIST_MOUNT_DIR="/data" # 数据存放目录,不建议修改YUM_REPO_FILE_PATH="http://182.138.101.48:21689/centos/7" # 自定义YUM源URL: http://192.168.95.51/centosSYSTEM_MANAGE_TOOLS="iotop lsof" # 需要安装的管理工具,用空格隔开#[ZABBIX]ZABBIX_SERVER_IP="" # zabbix服务器/代理服务器地址,留空将不安装zabbixSTARCOR_WORK_DIR_TREE="live m3u8 starcor/server store vod logs starcor/www"#[SSH]ENABLE_INIT_SSH_KEY="1" # 是否初始化密钥登录,1为初始化,0为不初始化3、执行脚本
bash nn_install.sh#!/bin/env bash## 系统初始化、主要功能包括:NTP、用户管理、时区、服务、zabbix、历史记录## FileName: nn_starcor_init# Author: zhongcheng.yang@starcor.cn# Date: 2015-10-19# Dependencies: Null# ChangeLog:# 2015-10-19: 新建# 2015-11-05: 调整执行逻辑,执行时询问初始化信息,增加zabbix初始化# 2016-02-19: 修改程序逻辑,所有配置信息改为配置文件# 版本:20160219#初始化默认配置信息. config.iniwhile getopts tfra:h:n:c:m:y:s:z: opt; do # h: NN_HOSTNAME # n: NTP_SERVER # c: NTP_CRON # t: TIMEZONE # y: YUM_REPO_FILE_PATH # s: SYSTEM_MANAGE_TOOLS # z: ZABBIX_SERVER_IP # i: INIT_STARCOR_WORK_TYPE case ${opt} in a) { ACTION=${OPTARG} };; h) { NN_HOSTNAME=${OPTARG} };; n) { NTP_SERVER=${OPTARG} };; c) { NTP_CRON=${OPTARG} };; m) { TIMEZONE=${OPTARG} };; y) { YUM_REPO_FILE_PATH=${OPTARG} };; s) { SYSTEM_MANAGE_TOOLS=${OPTARG-3306} };; z) { ZABBIX_SERVER_IP=${OPTARG} };; t) { EXEC_FROM_OPM=opm ACTION=install };; f) { FORCE_INSTALL=yes };; r) { NEED_REBOOT=yes };; esacdonesys_release=$(uname -r)echo ${sys_release} |grep "el6" |grep -v grep >/dev/null && sys_version="el6"echo ${sys_release} |grep "el7" |grep -v grep >/dev/null && sys_version="el7"[ -z "${sys_version}" ] && { echo "不支持的系统版本"; exit 1; }err_log_file=/tmp/stand_$$.logtouch ${err_log_file}#install_dir=/usr/local/redis# 设置错误和标准输出重定向set_redirect() { exec 3>&1 1>/dev/null exec 4>&2 2>${err_log_file}}# 恢复错误和标准输出重定向unset_redirect() { exec 1>&3 3>&- exec 2>&4 4>&-}# 设置提示颜色color_err(){ if [ "${EXEC_FROM_OPM}" = "opm" ];then unset_redirect echo '[WORK_RESULT]{"status":"failure", "message":"'"$1"'","errorDetail":"'"$(cat ${err_log_file})"'"}' rm -rf ${err_log_file} else echo -e "\033[1;31m$1\033[0m" fi}color_ok(){ if [ "${EXEC_FROM_OPM}" = "opm" ];then unset_redirect echo '[WORK_RESULT]{"status":"success", "message":"'"$1"'"}' else echo -e "\033[1;35m$1\033[0m" fi}color_start(){ [ "${EXEC_FROM_OPM}" = "opm" ] || { echo -e "\033[1;35m$1\033[0m"; }}#is_package_installed(){# [ "${FORCE_INSTALL}" != "yes" -a -d "${install_dir}" ] && color_err "目录${install_dir}已经存在,退出安装"#}exit_code_check(){ [ $? -ne 0 ] && color_err $1}# 基础判断,权限、参数[ $(id -u) -ne 0 ] && { color_err '请以root身份执行该脚本'; }[ "${EXEC_FROM_OPM}" = "opm" ] && set_redirect[ -z "${NN_HOSTNAME}" ] && { color_err "未指定主机名,退出初始化"; }# 清空现有历史记录> ~/.bash_historyreadonly WORK_DIR=$(pwd)readonly SERVER_VERSION=$(awk '{print $3}' /etc/redhat-release)BACKUP_DIR=${WORK_DIR}'/backup/'NOT_USED_SERVICE="auditd netfs postfix"NOT_USED_SERVICE_EL7="auditd postfix"REQUIRED_TOOLS_DEFAULT="dmidecode net-tools bc make libpcap-devel wget lrzsz rsync vim sysstat ntpdate openssh-clients net-snmp-devel openssl libselinux-python"TOOLS_DIR=${WORK_DIR}'/tools/'ZABBIX_DIR=${WORK_DIR}'/zabbix/'HOST_NAME=${NN_HOSTNAME}LOG_FILE="result.log"# 备份功能[ ! -d ${BACKUP_DIR} ] && mkdir ${BACKUP_DIR}function backup_file(){ cp $1 ${BACKUP_DIR}}# 系统基础初始化开始function sys_init(){ # 更新YUM源 if [ 'a'${YUM_REPO_FILE_PATH} != 'a' ];then BS_REPO="/etc/yum.repos.d/CentOS-Base.repo" backup_file ${BS_REPO}# cp -Rf ${YUM_REPO_FILE_PATH} ${BS_REPO} && log_echo "YUM源配置: 成功" ok || { log_echo "YUM源配置: 失败, 程序退出" err; exit 1; } echo "[base]" >${BS_REPO} echo "name=${HOST_NAME}" >>${BS_REPO} echo "baseurl=${YUM_REPO_FILE_PATH}" >>${BS_REPO} echo "gpgcheck=0" >>${BS_REPO} yum clean all fi # 安装基础包# color_start "安装基础工具包..." REQUIRED_TOOLS=${REQUIRED_TOOLS_DEFAULT}" "${SYSTEM_MANAGE_TOOLS} yum install ${REQUIRED_TOOLS} -y [ $? -eq 0 ] && log_echo "基础工具${REQUIRED_TOOLS}: 安装成功" ok || { log_echo "基础工具${REQUIRED_TOOLS}: 安装失败" err; exit; } cp ${TOOLS_DIR}'iftop' /usr/local/sbin/iftop && log_echo '工具iftop: 安装成功' ok || log_echo '工具iftop: 安装失败' err # 更新时区 [ 'a'${TIMEZONE} = 'a' ] && TIMEZONE='UTC' TZ="/usr/share/zoneinfo/${TIMEZONE}" [ ! -f "${TZ}" ] && log_echo '指定时区不存在: 失败' err# cp -Rf ${TZ} /etc/localtime && log_echo '初始化时区: 成功' ok || log_echo '初始化时区: 失败' err ln -sfT ${TZ} /etc/localtime && log_echo '初始化时区: 成功' ok || log_echo '初始化时区: 失败' err # 设置NTP任务 [ -z "${NTP_SERVER}" ] && NTP_SERVER='cn.pool.ntp.org' [ -z "${NTP_CRON}" ] && NTP_CRON='*/30 * * * *' CRON_TAB="${NTP_CRON} root /usr/sbin/ntpdate ${NTP_SERVER}" /usr/sbin/ntpdate ${NTP_SERVER} if [ $(grep '/usr/sbin/ntpdate' /etc/crontab |wc -l) -eq 0 ];then echo "${CRON_TAB}" >>/etc/crontab && log_echo 'NTP: 成功' ok || log_echo 'NTP: 失败'err else sed -i "s#.*/usr/sbin/ntpdate.*#${CRON_TAB}#g" /etc/crontab fi # 设备主机名 backup_file /etc/hosts echo "127.0.0.1 ${HOST_NAME}" >>/etc/hosts # 禁用selinux# backup_file /etc/selinux/config# sed -i "s/SELINUX.*$/SELINUX\=disabled/g" /etc/selinux/config && log_echo 'selinux: 禁用成功' ok || log_echo 'selinux: 禁用失败' err # 初始化工作目录 init_work_dir log_echo "\n基本功能初始化完成..." ok# color_start "开始系统优化..." [ ! -f /usr/sbin/scfg ] && cp -f scfg /usr/sbin/ chmod +x /usr/sbin/scfg bash /usr/sbin/scfg update [ $? -eq 0 ] && log_echo "系统优化: 成功" ok || log_echo "系统优化: 失败" err # 设置日志格式# backup_file /etc/profile [ ! -d '/var/tmp' ] && { mkdir /var/tmp;chmod 777 !$; } || chmod 777 /var/tmp \cp -f 'files/bash_history.sh' /etc/profile.d/bash_history_profile.sh && log_echo '格式化历史记录: 成功' ok || log_echo '格式化历史记录: 失败' err chmod +x /etc/profile.d/bash_history_profile.sh # 安装DELL工具 megacli_install # 安装zabbix [ -n "${ZABBIX_SERVER_IP}" ] && { zabbix_install; } # 初始化SSH KEY [ "${ENABLE_INIT_SSH_KEY}" -eq 1 ] && { cd ${WORK_DIR}; bash nn_ssh_install.sh; }}function sys_init_el6() { cd ${WORK_DIR} backup_file /etc/sysconfig/network sed -i "s/HOSTNAME.*$/HOSTNAME\=${HOST_NAME}/g" /etc/sysconfig/network # 关闭无用服务 for i in ${NOT_USED_SERVICE} do chkconfig ${i} off && log_echo "服务 ${i}: 关闭成功" ok || log_echo "服务 ${i}: 关闭失败" err done}function sys_init_el7() { cd ${WORK_DIR} hostnamectl set-hostname "${HOST_NAME}" # 关闭无用服务 for i in ${NOT_USED_SERVICE_EL7} do systemctl disable ${i} >/dev/null 2>&1 && log_echo "服务 ${i}: 关闭成功" ok || log_echo "服务 ${i}: 关闭失败" err done}function init_work_dir() { for x in ${STARCOR_WORK_DIR_TREE};do td=${DATA_DIST_MOUNT_DIR}/${x} mkdir -p ${td} done}# zabbix安装function zabbix_install() { cd ${ZABBIX_DIR}# color_start "开始安装zabbix-agent: " /bin/bash nn_install.sh ${ZABBIX_SERVER_IP} ${HOST_NAME} [ $? -eq 0 ] && log_echo "安装zabbix-agent: 成功" ok || log_echo "安装zabbix-agent: 失败" err /etc/init.d/zabbix_agentd restart}# 日志记录,并回显function log_echo() { [ $2 = 'ok' ] || color_err "$1" echo "$1" >> ${LOG_FILE}}# DELL工具安装function megacli_install() { dmidecode |grep -i dell |grep Vendor >/dev/null if [ $? -eq 0 ]; then cd ${TOOLS_DIR} rpm -ivh MegaCli-8.07.07-1.noarch.rpm ln -sfT /opt/MegaRAID/MegaCli/MegaCli64 /bin/MegaCli64 fi}function echo_help() { cat <<EOF$(basename $0): -a: 执行操作 help: 查看使用帮助 check: 检查初始化状态 install: 执行初始化EOF}function echo_check() { [ ! -f ${LOG_FILE} ] && { color_err "还未进行初始化!"; exit 1; } || cat ${LOG_FILE}}[ -z "${ACTION}" ] && ACTION=$1case ${ACTION} in 'help') { echo_help exit 0 };; 'check') { echo_check exit 0 };; 'install') { echo "----------------------------------start------------------------------------" >> ${LOG_FILE} now=$(date +"%Y-%m-%d %H:%M:%S") echo "操作时间:${now}" >>${LOG_FILE} sys_init ${HOST_NAME} case "${sys_version}" in 'el6') { sys_init_el6; };; 'el7') { sys_init_el7; };; esac echo "----------------------------------end------------------------------------" >> ${LOG_FILE} echo >>${LOG_FILE} color_ok "初始化成功" [ "${NEED_REBOOT}" = "yes" ] && reboot };; *) { echo_help exit 0 };;esac对于修改终端配色可注释
$ vim bashrc
$ reboot检查配置
$ bash nn_install.sh check$ date$ cat /etc/crontab185、184端
$ cd /usr/local/src$ wget http://182.138.101.48:51280/package/rpm/centos7/lnmp/lnmp-el7-20180515.tar.gz$ tar zxf lnmp-el7-20180515.tar.gz$ cd lnmp-el7-20180515$ bash nn_install.sh 确定80、3306.9000端口是否启动
1、验证
ip/index.html
echo "192.168.92.184" > /data/starcor/www/index.htmlecho "192.168.92.183" > /data/starcor/www/index.html1、下载lvs安装包
$ cd /usr/local/src$ wget http://182.138.101.48:51280/package/lvs_realserver.tar.gz$ tar zxf lvs_realserver.tar.gz$ lvs_realserver /etc/init.d/$ chmod +x /etc/init.d/lvs_realserver2、修改vip
vim /etc/init.d/lva_relserver[root@sztw_cms_node3 keepalived-el7-20180525]# cat /etc/init.d/lvs_realserver #!/usr/bin/env bash#real_server#chkconfig 235 26 26VIP=192.168.92.248. /etc/rc.d/init.d/functionscase "$1" in"start"){ echo " start LVS of REALServer" /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce };;"stop"){ /sbin/ifconfig lo:0 down echo "close LVS Directorserver" echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce };;*){ echo "Usage: $0 {start|stop}" exit 1 };;esac3、启动服务
$ /etc/init.d/lva_relserver start 4、验证
5、下载keepalive安装包
wget http://182.138.101.48:51280/package/rpm/centos7/keepalived/keepalived-el7-20180525.tar.gztar zxf keepalived-el7-20180525.tar.gzcd keepalived-el7-20180525bash nn_install.sh6、修改keepalive配置文件
vim /etc/keepalive/keepalive.confglobal_defs { notification_email { zhongcheng.yang@starcor.cn congqin.li@starcor.cn } notification_email_from starcor_bug@starcor.cn smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_MASTER}vrrp_instance VI_185 { interface ens160 virtual_router_id 185 priority 100 nopreempt advert_int 1 authentication { auth_type PASS auth_pass starcor_keepalived } virtual_ipaddress { 192.168.92.248 }}virtual_server 192.168.92.248 80 { delay_loop 1 lb_algo wrr lb_kind DR persistence_timeout 3 protocol TCP# real_server 192.168.92.183 80 {# weight 1# HTTP_GET {# url {# path /health_check.php# digest 4845f01eaa8068384625e302e9a4eb05# }# connect_timeout 5# nb_get_retry 3# delay_before_retry 1# }# } real_server 192.168.92.184 80 { weight 2 TCP_CHECK { connect_timeout 5 nb_get_retry 3 delay_before_retry 1 connect_port 80 } } real_server 192.168.92.183 80 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 1 connect_port 80 } }}7、启动服务
$ /etc/init.d/keepalived start8、验证
9、在183、184也分别部署lvs_reaserver并启动服务(注意要给执行权限x)
scp /etc/init.d/lvs_realserver 192.168.92.184:/etc/init.d/scp /etc/init.d/lvs_realserver 192.168.92.183:/etc/init.d/10、验证
关闭其中任意依然看是否会切到另外主机内容上
关闭184上的nginx服务
$ pkill ngin
关闭183上nginx服务
pkill nginx 
主库配置
1、修改配置文件
修改如下配置、并重启
server-id = 10 //数据库ID号log-slave-updates //把更新的记录写到二进制文件中[root@sztw_cms_node1 lnmp-el7-20180515]# vim /usr/local/mysql/my.cnf #-------------------- client ---------------------------[client]server-id=183log-slave-updateport = 3306socket = /data/mysql/data/mysql.sockuser = root#-------------------- client end ---------------------------[mysqld]#---------------------- paths -----------------------bind_address = 0.0.0.0port = 3306socket = /data/mysql/data/mysql.sockpid-file = /data/mysql/data/mysql3306.piddatadir = /data/mysql/datatmpdir = /data/mysql/datacharacter-set-server = utf8skip-host-cacheskip-name-resolveserver-id = 4515replicate-same-server-id = 0auto-increment-increment = 1auto-increment-offset = 1log-slave-updateslog-bin = /data/mysql/data/mysql-bin.logrelay_log_purge = 1relay-log = /data/mysql/data/slave-relay.logrelay-log-index = /data/mysql/data/slave-relay-log.indexexpire_logs_days = 3 2、 登入mysql,查看master状态
$ mysql -uroot -pstarcor -h127.0.0.1mysql> show master status\G;
3、创建授权同步账号
grant replication slave on *.* to 'replication'@'192.168.92.184' identified by 'starcor';flsh privieges;4、重启
/etc/init.d/mysqld restat 从库配置
1、修改配置文件
server-id = 20 //数据库ID号,一定不要和主ID相同
log-slave-updates //把更新的记录写到二进制文件中
2、重启数据库
3、更改Slave连接信息
mysql> CHANGE MASTER TO -> MASTER_HOST='192.168.92.183', -> MASTER_USER='replication', -> MASTER_PASSWORD='starcor', -> MASTER_PORT=3306, -> MASTER_LOG_FILE='mysql-bin.000005', -> MASTER_LOG_POS=120;Query OK, 0 rows affected, 2 warnings (0.00 sec)mysql> start slave4、状态检查
? 执行:show slave status\G;
? 检查:IO threading和SQL Threading 是否为running, 如果是即主从同步正常
? 如其它某一个不为running,请根据相应错误信息进行排查
1、下载文件
$ wget http://182.138.101.48:51280/package/rpm/centos7/redis/redis-el7-20180523.tar.gz.$tar zxf redis-el7-20180523.tar.gz $ cd redis-el7-20180523$bash nn_install.sh $ /usr/local/redis/bin/redis-server2、配置文件
? 配置文件: /data/redis/conf/redis.conf
| 参数 | 值 | 说明 |
|---|---|---|
| daemonize | yes | 启用守护进程 |
| pidfile | /var/run/redis.pid | pid文件 |
| port | 6379 | 监听端口 |
| timeout | 0 | 客户端闲置不关闭连接 |
| loglevel | notice | 日志记录级别 |
| logfile | /data/redis/log/redis.log | 日志目录 |
| databases | 16 | 数据库的数量 |
| rdbcompression | yes | 存储至本地数据库时压缩数据 |
| dbfilename | dump.rdb | 指定本地数据库文件名,默认值为dump.rdb |
| dir | /data/redis/dump | 本地数据库存放目录 |
3、配置多实例
多实例简单,直接在配置后加端口号即可
$ cp /usr/local/redis/conf/redis.conf /usr/local/redis/conf/redis6380.conf4、修改配置文件
pidfile /var/run/redis/redis6380.pidport 6380logfile /data/logs/redis/redis6380.logslaveof 192.168.92.185 63796、启动程序
ln -s /usr/local/redis/bin/* /usr/bin/redis-server /usr/local/redis/conf/redis6380.conf7、验证主从
redis-cli -p 6380
