LVS之-LAMP搭建wordpress
author:JevonWei
版权声明:原创作品
LVS搭建wordpress,涉及的知识点有DNS,LAMP,NFS及LVS
- 网络拓扑图

网络环境
NFS   192.168.198.130
mysql 192.168.198.132
RS1   192.168.198.138
RS2   192.168.198.120
LVS:
    DIP 192.168.198.128
    vip 172.16.253.105
DNS   172.16.252.248
Client 172.16.254.150
RS1,RS2的网关指向192.168.198.128,client的DNS指向DNS服务器172.16.252.248
VS
[root@VS ~]# iptables -F
添加路由转发选项
[root@VS ~]# vim /etc/sysctl.d/99-sysctl.conf
    net.ipv4.ip_forward=1
[root@VS ~]# sysctl -p /etc/sysctl.d/99-sysctl.conf \\刷新生效
net.ipv4.ip_forward = 1
配置LVS的调度算法为rr轮询
[root@VS ~]# yum -y install ipvsadm
[root@VS ~]# ipvsadm -A -t 172.16.253.105:80 -s rr \\-t指定TCP协议,-s指定调度算法为轮询
[root@VS ~]# ipvsadm -a -t 172.16.253.105:80 -r 192.168.198.138 -m \\添加192.168.198.138 RS1服务器到LVS调度,-m 为nat类型
[root@VS ~]# ipvsadm -a -t 172.16.253.105:80 -r 192.168.198.120 -m
[root@VS ~]# ipvsadm -Ln \\查看LVS调度信息
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:80 rr
  -> 192.168.198.120:80           Masq    1      0          0
  -> 192.168.198.138:80           Masq    1      0          0
[root@VS ~]# curl 192.168.198.120
welcome to RS2
[root@VS ~]# curl 192.168.198.138
welcome to RS1
修改LVS的调度模式为wrr
[root@VS ~]# ipvsadm -E -t 172.16.253.105:80 -s wrr
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:80 wrr
  -> 192.168.198.120:80           Masq    1      0          0
  -> 192.168.198.138:80           Masq    1      0          0
[root@VS ~]# ipvsadm -e -t 172.16.253.105:80 -r 192.168.198.138 -m -w 3 \\修改192.168.198.138 RS1主机的权重为3,-w 指定权重,-m为nat算法,192.168.198.120权重仍为1
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:80 wrr
  -> 192.168.198.120:80           Masq    1      0          0
  -> 192.168.198.138:80           Masq    3      0          0 
脚本实现lvs-wrr的配置
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=wrr
case $1 in
start)
    ipvsadm -A -t $vip -s $sch
    ipvsadm -a -t $vip -r $rip1 -m -w 3
    ipvsadm -a -t $vip -r $rip2 -m -w 1
    ;;
stop)
    ipvsadm -C
    ;;
*)
    echo "Usage:$(basename $0) start|stop"
    exit 1
    ;;
esac
RS1
[root@RS1 ~]# iptables -F
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# vim /var/www/html/index.html
    welcome to RS1
[root@RS1 ~]# service httpd start
RS2
[root@RS2 ~]# iptables -F
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# vim /var/www/html/index.html
    welcome to RS2
[root@RS2 ~]# service httpd start
查看LVS的信息
[root@VS ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
  -> RemoteAddress:Port
TCP  172.16.253.105:80                  29      158      139    10710    15609
  -> 192.168.198.120:80                 15       82       69     5554     7923
  -> 192.168.198.138:80                 14       76       70     5156     7686
[root@VS ~]# ipvsadm -Ln --connection \\查看网络连接数
[root@VS ~]# cut -d " " -f1 /var/log/httpd/access_log | sort -nr | uniq -c| sort -n \\查看网络连接
client
访问rr轮询算法
[root@client ~]# for i in {1..10};do curl 172.16.253.105;sleep 1;done
welcome to RS2
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS2
访问wrr权重算法
[root@client ~]# for i in {1..10};do curl 172.16.253.105;sleep 1;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
实现HTTPS加密
将VS服务端同时作为CA服务端,即VS同时作为CA服务端
搭建CA服务端环境
[root@VS ~]# cat /etc/pki/tls/openssl.cnf \\查看证书的相关路径
[root@VS ~]# (umask 077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 1024) \\生成私钥文件
Generating RSA private key, 1024 bit long modulus
.............++++++
.........++++++
e is 65537 (0x10001)
[root@VS ~]# cd /etc/pki/CA
[root@VS CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 1024 \\生成自签名证书
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:zhengzhou
Organization Name (eg, company) [Default Company Ltd]:danran.com
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:ca.danran.com
Email Address []:
[root@VS CA]# touch index.txt
[root@VS CA]# echo 00 > serial
RS1申请CA证书
[root@RS1 ~]# cd /etc/httpd/conf.d/
[root@RS1 conf.d]# (umask 077;openssl genrsa -out httpd.key 1024)
Generating RSA private key, 1024 bit long modulus
........++++++
...........++++++
e is 65537 (0x10001)
[[root@RS1 conf.d]# openssl req -new -key httpd.key -out httpd.csr -days 10
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:zhengzhou
Organization Name (eg, company) [Default Company Ltd]:danran.com
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server's hostname) []:ca.danran.com
Email Address []:
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@RS1 conf.d]# scp httpd.csr 192.168.198.128:/etc/pki/CA \\证书申请文件发送给CA服务端
CA服务端颁发证书
[root@VS CA]# openssl ca -in httpd.csr -out certs/httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
    Serial Number: 1 (0x1)
    Validity
        Not Before: Aug 19 13:00:12 2017 GMT
        Not After : Aug 19 13:00:12 2018 GMT
    Subject:
        countryName               = CN
        stateOrProvinceName       = henan
        organizationName          = danran.com
        organizationalUnitName    = it
        commonName                = ca.danran.com
    X509v3 extensions:
        X509v3 Basic Constraints:
            CA:FALSE
        Netscape Comment:
            OpenSSL Generated Certificate
        X509v3 Subject Key Identifier:
            BB:DC:5C:85:69:2B:0A:41:98:3B:7F:3E:15:69:1D:2B:C3:81:3E:EF
        X509v3 Authority Key Identifier:
            keyid:91:15:B3:DB:2D:94:91:2E:12:87:26:ED:05:5E:08:78:E0:10:7C:F8
[root@VS CA]# scp certs/httpd.crt 192.168.198.138:/etc/httpd/conf.d \\将证书文件颁发给RS1申请者
[root@VS CA]# scp cacert.pem 192.168.198.138:/etc/httpd/conf.d     \\将CA服务端证书发送给申请者
RS1
[root@RS1 conf.d]# scp cacert.pem httpd.crt httpd.key 192.168.198.120:/etc/httpd/conf.d \\将RS1的证书、私钥及CA证书文件发送给RS2
[root@RS1 ~]# yum -y install mod_ssl
[root@RS1 ~]# vim /etc/httpd/conf.d/ssl.conf  \\修改如下证书私钥、证书文件及CA证书文件的存放路径
    SSLCertificateFile /etc/httpd/conf.d/httpd.crt
    SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
    SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
    修改后如下所示
    #   Server Certificate:
    # Point SSLCertificateFile at a PEM encoded certificate.  If
    # the certificate is encrypted, then you will be prompted for a
    # pass phrase.  Note that a kill -HUP will prompt again.  A new
    # certificate can be generated using the genkey(1) command.
    SSLCertificateFile /etc/httpd/conf.d/httpd.crt
    #   Server Private Key:
    #   If the key is not combined with the certificate, use this
    #   directive to point at the key file.  Keep in mind that if
    #   you've both a RSA and a DSA private key you can configure
    #   both in parallel (to also allow the use of DSA ciphers, etc.)
    SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
    #   Server Certificate Chain:
    #   Point SSLCertificateChainFile at a file containing the
    #   concatenation of PEM encoded CA certificates which form the
    #   certificate chain for the server certificate. Alternatively
    #   the referenced file can be the same as SSLCertificateFile
    #   when the CA certificates are directly appended to the server
    #   certificate for convinience.
    #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
    #   Certificate Authority (CA):
    #   Set the CA certificate verification path where to find CA
    #   certificates for client authentication or alternatively one
    #   huge file containing all of them (file must be PEM encoded)
    SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
[root@RS1 conf.d]# service httpd restart
RS2
[root@RS2 ~]# cd /etc/httpd/conf.d/
[root@RS2 conf.d]# ls
cacert.pem  httpd.key       php.conf  welcome.conf
httpd.crt   mod_dnssd.conf  README
[root@RS2 conf.d]# yum -y install mod_ssl \\安装软件包
[root@RS2 conf.d]# vim ssl.conf \\修改如下证书私钥、证书文件及CA证书文件的存放路径
    SSLCertificateFile /etc/httpd/conf.d/httpd.crt
    SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
    SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
    修改后如下所示
    #   Server Certificate:
    # Point SSLCertificateFile at a PEM encoded certificate.  If
    # the certificate is encrypted, then you will be prompted for a
    # pass phrase.  Note that a kill -HUP will prompt again.  A new
    # certificate can be generated using the genkey(1) command.
    SSLCertificateFile /etc/httpd/conf.d/httpd.crt
    #   Server Private Key:
    #   If the key is not combined with the certificate, use this
    #   directive to point at the key file.  Keep in mind that if
    #   you've both a RSA and a DSA private key you can configure
    #   both in parallel (to also allow the use of DSA ciphers, etc.)
    SSLCertificateKeyFile /etc/httpd/conf.d/httpd.key
    #   Server Certificate Chain:
    #   Point SSLCertificateChainFile at a file containing the
    #   concatenation of PEM encoded CA certificates which form the
    #   certificate chain for the server certificate. Alternatively
    #   the referenced file can be the same as SSLCertificateFile
    #   when the CA certificates are directly appended to the server
    #   certificate for convinience.
    #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
    #   Certificate Authority (CA):
    #   Set the CA certificate verification path where to find CA
    #   certificates for client authentication or alternatively one
    #   huge file containing all of them (file must be PEM encoded)
    SSLCACertificateFile /etc/httpd/conf.d/cacert.pem
[root@RS2 conf.d]# service httpd restart
VS
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:443
rip1=192.168.198.138
rip2=192.168.198.120
sch=wrr
case $1 in
start)
    ipvsadm -A -t $vip -s $sch
    ipvsadm -a -t $vip -r $rip1 -m -w 3
    ipvsadm -a -t $vip -r $rip2 -m -w 1
    ;;
stop)
    ipvsadm -C
    ;;
*)
    echo "Usage:$(basename $0) start|stop"
    exit 1
    ;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:443 wrr
  -> 192.168.198.120:443          Masq    1      0          0
  -> 192.168.198.138:443          Masq    3      0          0
client客户端
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done  \\-k跳过证书
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
LAMP搭建wordpress,并通过NFS共享
搭建DNS服务端
[root@DNS ~]# yum -y install bind
[root@DNS ~]# systemctl restart named
[root@DNS ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@DNS ~]# iptables -F
配置DNS
[root@DNS ~]# vim /etc/named.conf
    options {
        listen-on port 53 { localhost; };
        allow-query     { any; };
    }
[root@DNS ~]# vim /etc/named.rfc1912.zones
    zone "danran.com" IN {
        type master;
        file "danran.zone";
        allow-update { none; };
    };
[root@DNS ~]# cd /var/named/
[root@DNS named]# vim danran.zone
    $TTL 1D
    @   IN SOA  dns.danran.com. admin (
                                    0       ; serial
                                    1D      ; refresh
                                    1H      ; retry
                                    1W      ; expire
                                    3H )    ; minimum
            NS      dns.danran.com.
    dns     A       172.16.252.248
    websrv  A       172.16.253.105
    www     CNAME   websrv
[root@DNS named]# systemctl restart named
MYSQL
[root@mysql ~]# yum -y install mariadb-server
[root@mysql ~]# systemctl start mariadb
[root@mysql ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@mysql ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# systemctl stop firewalld
[root@mysql ~]# iptables -F 关闭防火墙
创建数据库账号
[root@mysql ~]# mysql_secure_installation   \\数据库安全初始化
MariaDB [(none)]> create database blogdb; \\创建数据库blogdb表
MariaDB [(none)]> grant all on blogdb.* to wpuser@'192.168.198.%' identified by 'danran';  \\创建wpuser用户,并授予blogdb表的所有权限
登录测试
[root@mysql ~]# mysql -uwpuser -h192.168.198.132 -p
添加防火墙,仅允许RS1和RS2及自己本身连接数据库
[root@mysql ~]# iptables -A INPUT -s 192.168.198.138 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -s 192.168.198.120 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -s 192.168.198.1 -p tcp --dport 3306 -j ACCEPT
[root@mysql ~]# iptables -A INPUT -j REJECT
NFS
[root@NFS app]# setenforce 0
[root@NFS ~]# iptables -F
[root@mysql ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# systemctl stop firewalld
[root@NFS ~]# rpm -q nfs-utils
nfs-utils-1.3.0-0.33.el7.x86_64
将wordpress上传到服务器,并配置wordpress
[root@NFS app]# tar xvf wordpress-4.8-zh_CN.tar.gz \\解压wordpress
[root@NFS app]# mv wordpress blog
[root@NFS app]# cd blog/
[root@NFS blog]# cp wp-config-sample.php wp-config.php
[root@NFS blog]# vim wp-config.php
    // ** MySQL 设置 - 具体信息来自您正在使用的主机 ** //
    /** WordPress数据库的名称 */
    define('DB_NAME', 'blogdb');
    /** MySQL数据库用户名 */
    define('DB_USER', 'wpuser');
    /** MySQL数据库密码 */
    define('DB_PASSWORD', 'danran');
    /** MySQL主机 */
    define('DB_HOST', '192.168.198.132');
创建与RS1和RS2主机上相同UID的apache用户
    [root@NFS blog]# useradd -u 48 -r -s /sbin/nologin apache    \\RS1和RS2的apache用户UID为48
修改blog目录的属组,从而使apache用户对blog有读写权限
[root@NFS app]# chown -R apache.apache blog/
[root@NFS app]# ll -d blog/
drwxr-xr-x. 5 apache apache 4096 Aug 20 13:03 blog/
配置NFS
[root@NFS app]# vim /etc/exports
    /app/blog  192.168.198.0/24(rw,all_squash,anonuid=48,anongid=48) \\all_squash为压缩所有用户名,anonuid意为压缩为UID为48的用户,anongid组压缩为GID为48的组
[root@NFS app]# systemctl restart nfs-server
RS1挂载NFS共享目录
[root@RS1 html]# setenforce 0
[root@RS1 ~]# cd /var/www/html/
[root@RS1 html]# mkdir blog
[root@RS1 html]# chmod o+w blog/
[root@RS1 html]# vim /etc/fstab
    192.168.198.130:/app/blog       /var/www/html/blog      nfs     defaults 0 0
[root@RS1 html]# yum -y install nfs-utils \\使RS1支持NFS格式的文件
[root@RS1 html]# mount -a
[root@RS1 html]# df | grep /blog
192.168.198.130:/app/blog   30705024   62208  30642816   1% /var/www/html/blog
RS2挂载NFS共享目录
[root@RS2 html]# setenforce 0
[root@RS2 ~]# cd /var/www/html/
[root@RS2 html]# mkdir blog
[root@RS2 html]# chmod o+w blog/
[root@RS2 html]# vim /etc/fstab
    192.168.198.130:/app/blog       /var/www/html/blog      nfs     defaults 0 0
[root@RS2 html]# yum -y install nfs-utils \\使RS1支持NFS格式的文件
[root@RS2 html]# mount -a
[root@RS2 html]# df | grep /blog
192.168.198.130:/app/blog   30705024   62208  30642816   1% /var/www/html/blog
RS1安装PHP
[root@RS1 html]# yum -y install php php-mysql
[root@RS1 html]# service httpd restart
RS2安装PHP
[root@RS2 html]# yum -y install php php-mysql
[root@RS2 html]# service httpd restart
VS使用sh调度算法
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=sh
case $1 in
start)
    ipvsadm -A -t $vip -s $sch
    ipvsadm -a -t $vip -r $rip1 -m -w 3
    ipvsadm -a -t $vip -r $rip2 -m -w 1
    ;;
stop)
    ipvsadm -C
    ;;
*)
    echo "Usage:$(basename $0) start|stop"
    exit 1
    ;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
client
修改DNS
[root@client ~]# vim /etc/resolv.conf
    # Generated by NetworkManager
    search danran.com
    nameserver 172.16.252.248
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done        welcome to RS1
welcome to RS1
welcome to RS2
[root@client ~]# for i in {1..10};do curl -k https://www.danran.com;done
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
客户端图形化或浏览器
firefox www.danran.com/blog \\安装wordpress
实现一个LVS调用一组不同服务
即一个LVS同时调用http和https两种不同的服务
VS
搭建https的LVS_nat
[root@VS ~]# vim lvs_nat.sh
#! /bin/bash
vip=172.16.253.105:443
rip1=192.168.198.138
rip2=192.168.198.120
sch=wrr
case $1 in
start)
    ipvsadm -A -t $vip -s $sch
    ipvsadm -a -t $vip -r $rip1 -m -w 3
    ipvsadm -a -t $vip -r $rip2 -m -w 1
    ;;
stop)
    ipvsadm -C
    ;;
*)
    echo "Usage:$(basename $0) start|stop"
    exit 1
    ;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:443 wrr
  -> 192.168.198.120:443          Masq    1      0          0
  -> 192.168.198.138:443          Masq    3      0          0
[root@VS ~]# bash lvs_nat.sh start
搭建http的LVS_nat
[root@VS ~]# vim lvs_nat2.sh
#! /bin/bash
vip=172.16.253.105:80
rip1=192.168.198.138
rip2=192.168.198.120:8080
sch=wrr
case $1 in
start)
    ipvsadm -A -t $vip -s $sch
    ipvsadm -a -t $vip -r $rip1 -m -w 3
    ipvsadm -a -t $vip -r $rip2 -m -w 1
    ;;
stop)
    ipvsadm -C
    ;;
*)
    echo "Usage:$(basename $0) start|stop"
    exit 1
    ;;
esac
[root@VS ~]# bash lvs_nat.sh stop
[root@VS ~]# bash lvs_nat.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.253.105:443 wrr
  -> 192.168.198.120:443          Masq    1      0          0
  -> 192.168.198.138:443          Masq    3      0          0
[root@VS ~]# bash lvs_nat2.sh start
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
  TCP  172.16.253.105:80 wrr
  -> 192.168.198.120:8080         Masq    1      0          0
  -> 192.168.198.138:80           Masq    3      0          0
  TCP  172.16.253.105:443 wrr
  -> 192.168.198.120:443          Masq    1      0          0
  -> 192.168.198.138:443          Masq    3      0          0
client
[root@client ~]# for i in {1..10};do curl -k https://172.16.253.105;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS2
[root@client ~]# for i in {1..10};do curl -k http://172.16.253.105;done
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
welcome to RS1
welcome to RS1
welcome to RS2
welcome to RS1
ipvsadm策略的保存
[root@VS ~]# ipvsadm-save > lvs
[root@VS ~]# ipvsadm -C
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
[root@VS ~]# ipvsadm-restore < lvs
[root@VS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  185.53.178.7:443 sh
  -> 192.168.198.120:443          Masq    1      0          0
  -> 192.168.198.138:443          Masq    2      0          0   
将ipvsadm保存在/etc/sysconfig/ipvsadm文件中,将会开机自启动
[root@VS ~]# ipvsadm-save > /etc/sysconfig/ipvsadmLVS之-LAMP搭建wordpress的更多相关文章
- LAMP 搭建wordpress部署教程贴.
		LAMP 搭建wordpress部署教程贴.这是一篇主要将LAMP,并且通过wordpress来进行验证,演示.如何去部署PHP CMS很多新手看到LAMP就很很头大,觉得很难搞,编译安装,搞了好几天 ... 
- Centos 7使用docker部署LAMP搭建wordpress博客系统
		0.简要概述 LAMP是目前比较流行的web框架,即Linux+Apache+Mysql+PHP的网站架构方案.docker是目前非常流行的虚拟化应用容器,可以为任何应用创建一个轻量级.可移植的容器. ... 
- LAMP搭建wordpress
		centos7安装Apache centos7安装mysql8 centos7安装php7 先登录mysql创建一个wordpress的数据库 create database wordpress 下载 ... 
- 实战!基于lamp安装wordpress详解-技术流ken
		简介 LAMP 是Linux Apache MySQL PHP的简写,其实就是把Apache, MySQL以及PHP安装在Linux系统上,组成一个环境来运行动态的脚本文件.现在基于lamp搭建wor ... 
- LAMP模拟搭建wordpress,phpmyadmin环境
		1.安装需要的环境,centos7的mysql叫mariadb,所有的配置文件默认就可以 [root@test ~]# yum install httpd php mariadb mariadb-se ... 
- 阿里云centos7搭建wordpress环境
		阿里云搭建wordpress系统 一.购买阿里云 二.安装php开发环境 1. https://www.apachefriends.org/zh_cn/index.html网站下载linux下的xam ... 
- 生产环境LAMP搭建 - 基于 fastcgi
		生产环境LAMP搭建 - 基于 fastcgi 由于在module模式,php只是已http的模块形式存在,无形中加重了http的服务负载,通常在企业架构中,使用fastcgi的模式,将所有的服务都设 ... 
- LAMP 搭建练习
		目录 LAMP 搭建 1:CentOS 7, lamp (module): http + php + phpMyAdmin + wordpress 192.168.1.7 配置虚拟主机 xcache ... 
- AWS之EC2搭建WordPress博客
		AWS之搭建WordPress博客 注意:请确定您已经成功完成LAMP架构的搭建; 1.下载并解压WordPress安装包: ①使用wget命令在WordPress官网获取最新安装包: [ec2-us ... 
随机推荐
- 聊聊synchronized的锁问题
			本文不会特别深入细致地讨论synchronized,只是做一个通俗易懂的说明,以及看清一类问题的本质,希望能给大家一点启发. 问题描述 有一个类A,提供了三个方法.分别是静态同步方法,非静态同步方法, ... 
- 蓝桥杯比赛javaB组练习《牌型种数》
			牌型种数 小明被劫持到X赌城,被迫与其他3人玩牌.一副扑克牌(去掉大小王牌,共52张),均匀发给4个人,每个人13张.这时,小明脑子里突然冒出一个问题:如果不考虑花色,只考虑点数,也不考虑自己得到的牌 ... 
- 6步就能搞出个react网站哈,玩一把!
			1.安装mk-tools命令行工具 $ npm i -g mk-tools 2.创建空website $ mk website myDemo $ cd myDemo 3.clone应 ... 
- java_AWT常用组件
			Button:按钮,可接受单击操作. Canvas:用于绘图的画布. Checkbox:复选框组件(也可以变成单选框组件). CheckboxGroup:用于将多个Checkbox组件合成一组,一组C ... 
- R读取excel文件乱码   read.xlsx()  解决方法
			1. 参考[R语言]R读取含中文excel文件,read.xlsx乱码问题 该文章总结得很好,可以直接跳到最后看博主的总结. 2. 如果依旧是乱码那么用read.xlsx2()去读取excel文件, ... 
- [补档]暑假集训D8总结
			%dalao 今天有两位大佬来讲课,meaty来讲了Catalan(本来说好的莫比乌斯反演呢),聪聪来讲Splay呢 至于听课笔记= =,没来得及记= = 不过好不想上树啊,上了树就下不来了 考试 仍 ... 
- cve-2017-0199&metasploit复现过程
			CVE-2017-0199 WORD/RTF嵌入OLE调用远程文件执行的一个漏洞.不需要用户交互.打开文档即中招 首先更新msf到最新,据说最新版简化了利用过程,不需要开启hta这一步.但没测成功 还 ... 
- Mybatis  调用存储过程,使用Map进行输入输出参数的传递
			做个记录,以备后用 java代码: public String texuChange() throws Exception { try { ... 
- NYOJ--714--Card Trick
			/* Name: NYOJ--714--Card Trick Author: shen_渊 Date: 19/04/17 19:35 Description: 早上训练的第六届河南省程序设计大赛的题, ... 
- webService 客户端调用及异常信息First Element must contain the local name, Envelope , but found definitions
			报错:“First Element must contain the local name, Envelope , but found definitions”: 原因:EndpointReferen ... 
