Deploy wordpress (low configuration version) on load balancing cluster based on LNMP
Before explaining session persistence, let’s use the previous learning content to do a small experiment: deploy wordpress on a load balancing cluster.
Prepare three servers:
The first proxy server acts as a proxy server, load balancer, ip: 192.168.242.140 domain name: www.zcg666.com
The second and third serve as real servers that provide services:
web-1 ip: 192.168.242.137 domain name: www.zcy666.com
web-2 ip: 192.168.242.138 domain name: www.hjf777.com
Experimental requirements: Put the wordpress project on two web servers, act as a proxy for the two web servers through a proxy server, and finally access the wordpress project by accessing the proxy server through a browser.
Experiment idea: This is a simple LNMP-based WordPress deployment, first deploy two web servers. Download nginx, php, php-fpm, php-mysql, php-gd gd from web-1 and web-2. Install the mysql database (version 5.37) on any of the web servers, and create the database required for the wordpress project in mysql. Share the directory through nfs, put the wordpress project in the shared directory, and use the shared directory as the nginx website publishing directory. Then configure nginx to support php. After the web server is deployed, on the premise that wordpress can be accessed normally through the browser, deploy load balancing + proxy on the proxy server. The last time limit is to be able to access wordpress by accessing a proxy server.
experiment procedure:
(The nginx version I use is 1.20.2)
Before the experiment, do local domain name resolution on three servers and windows:
proxy server: 192.168.242.140 www.zcg666.com
web-1: 192.168.242.137 www.zcy666.com
web-2: 192.168.242.138 www.hjf777.com
First deploy the nfs shared directory on web-2 and web-1, upload the wordpress compressed package to the shared directory and decompress it.
web-2
[root@web2-server ~]# yum -y install nfs-utils
[root@web2-server ~]# systemctl start nfs
[root@web2-server ~]# mkdir /nfs-dir
[root@web2-server ~]# vim /etc/exports
/nfs-dir 192.168.242.137(rw,no_root_squash,sync) save and exit
[root@web2-server ~]# systemctl restart nfs
[root@web2-server ~]# exportfs -v #Ensure that the exports configuration file takes effect
[root@web2-server ~]# echo "ceshi" >>/nfs-dir/a.txt #Create a test file in the shared directory
web-1
[root@web1-server ~]# yum -y install nfs-utils
[root@web1-server ~]# mkdir /nfs-dir #Create a mount directory
[root@web1-server ~]# vim /etc/fstab #Set boot automount
.....
192.168.242.138/nfs-dir /nfs-dir nfs defaults 0 0
mount device mount point file type attribute
[root@web1-server ~]# systemctl restart nfs
[root@web1-server ~]# mount -a
[root@web1-server ~]# cat /nfs-dir/a.txt
ceshi
Upload the compressed package of the wordpress project to the shared directory, which can be downloaded through rpm -ivh, or uploaded to the shared directory from windows
[root@web1-server ~]# cd /nfs-dir
[root@web1-server nfs-dir]# ls
a.txt wordpress-4.9.1-zh_CN.tar.gz
[root@web1-server ~]# tar zxf wordpress-4.9.1-zh_CN.tar.gz
[root@web1-server nfs-dir]# ls
a.txt wordpress-4.9.1-zh_CN.tar.gz wordpress
Then download mysql5.7 on web-2, create a wordpress library in the mysql database, and create a corresponding database user
[root@web2-server ~]# yum -y install nginx php php-fpm php-mysql php-gd gd [root@web2-server ~]# rpm -ivh https://dev.mysql.com/get/mysql80-community-release-el7-5.noarch.rpm #Download the yum warehouse of mysql [root@web2-server ~]# cd /etc/yum.repos.d [root@web2-server ~]# vim mysql-community.repo [mysql57-community] #Open mysql5.7 close mysql8.0 ... enabled=1 .... [mysql80-community] ... enabled=0 .... [root@web2-server ~]# grep password /var/log/mysqld.log #View the initial password of the database [root@web2-server ~]# mysqladmin -uroot -p'S7ydsrRT6w_r' password 'HanJing@123' Change password [root@web2-server ~]# mysql -uroot -p'HanJing@123' enter the database mysql> create database wordpress; #Create the library required by the wordpress project mysql> grant all on wordpress.* to 'wordpress'@'%' identified by 'QianFeng@123'; mysql> exit
Next, edit the configuration files of nginx and php on web-2 to make nginx support php
[root@web2-server ~]# cd /etc/nginx/conf.d/
[root@web2-server conf.d]# mv default.conf default.conf.bak
[root@web2-server ~]# vim /etc/nginx/conf.d/wordpress.conf
server {
listen 80;
server_name www.hjf777.com;
access_log /var/log/nginx/nfs-dir_access_log;
location / {
root /nfs-dir/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /nfs-dir/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root $fastcgi_script_name;
include fastcgi_params;
}
}
Then modify the php configuration file and open short_open_tag=Off in the /etc/php.ini file
[root@web2-server ~]# sed -i '/short_open_tag=Off/c short_open_tag=On' /etc/php.ini
Then restart nginx and php
[root@web2-server ~]# systemctl restart nginx php-fpm.service
web-1 does the same
[root@web1-server ~]# cd /etc/nginx/conf.d/
[root@web1-server conf.d]# mv default.conf default.conf.bak
[root@web1-server ~]# vim /etc/nginx/conf.d/wordpress.conf
server {
listen 80;
server_name www.hjf777.com;
access_log /var/log/nginx/nfs-dir_access_log;
location / {
root /nfs-dir/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /nfs-dir/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root $fastcgi_script_name;
include fastcgi_params;
}
}
Then modify the php configuration file and open short_open_tag=Off in the /etc/php.ini file
[root@web1-server ~]# sed -i '/short_open_tag=Off/c short_open_tag=On' /etc/php.ini
Then restart nginx and php
[root@web1-server ~]# systemctl restart nginx php-fpm.service
Then access the web-1 and web-2 servers through the browser to verify whether wordpress can be accessed. Enter www.zcy666.com www.hjf777.com respectively in the browser. See the following interface is considered successful.
Next, you need to deploy load balancing + proxy on the proxy server.
[root@proxy-server ~]# yum -y install nginx
[root@proxy-server ~]# systemctl start nginx
[root@proxy-server ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request"'
'$status $body_bytes_sent "$http_referer"'
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
upstream web{ #Create a load balancing address pool upstream is followed by the name of the address pool
server www.zcy666.com; #web-1 The domain name of the server
server www.hjf777.com; #web-2 The domain name of the server
}
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@proxy-server ~]# vim /etc/nginx/conf.d/proxy.conf
server {
listen 80;
server_name www.zcg666.com; #local domain name
location / {
proxy_pass http://web; #address pool
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
[root@proxy-server ~]# systemctl restart nginx
Well, finally, visit the domain name of the proxy server on the browser to verify whether wordpress can be accessed.
Go to the web-2 server and create the wp-config.php file in the /nfs-dir/wordpress directory
[root@web2-server ~]# vim /nfs-dir/wordpress/wp-config.php
<?php
/**
* WordPress base configuration file.
*
* This file is used by the installer to automatically generate the wp-config.php configuration file,
* You can not use the website, you need to copy this file manually,
* And rename it to "wp-config.php", and fill in the relevant information.
*
* This file contains the following configuration options:
*
* * MySQL settings
* * key
* * Database table name prefix
* * ABSPATH
*
* @link https://codex.wordpress.org/zh-cn:edit_wp-config.php
*
* @packageWordPress
*/
// ** MySQL settings - specific information from the host you are using ** //
/** The name of the WordPress database */
define('DB_NAME', 'wordpress');
/** MySQL database user name */
define('DB_USER', 'wordpress');
/** MySQL database password */
define('DB_PASSWORD', 'HanJing@123');
/** MySQL host */
define('DB_HOST', '192.168.242.138');
/** The default text encoding when creating a data table */
define('DB_CHARSET', 'utf8mb4');
/** The database collation type. Do not change if unsure */
define('DB_COLLATE', '');
/**#@ +
* Authentication key and salt.
*
* Modify to any unique string!
* Or directly visit {@link https://api.wordpress.org/secret-key/1.1/salt/
* WordPress.org Key Generation Service}
* Any modification will invalidate all cookies and all users will have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', '>$OYl?CV>.zZ>LekR}iDn[. + & amp;7ssW |}?9[E/,-f06IOoI8@l%0T_~c}f.|?G My' );
define('SECURE_AUTH_KEY', '7ko & amp;V6CI:_o|fRrJSLrR:y9QB,>yrK~ & amp;(.?b_XsmGI=$3s6nFI<HDP + D|b,g8!</');
define('LOGGED_IN_KEY', 'Zbk/@w2>`gt-9nI>ws@$!;~-L;R:m;`?9kLLpGZ_:@,wwzf3Q & amp;PMCZ8)o1#n(Iu8');
define('NONCE_KEY', '7y`e^p8$E}{Eq;M]k.LI,qz],3Zv?,iIlO}P}Y[-La;f]j%5X}af4vFl;)1Xk% }G');
define('AUTH_SALT', 'xE7OwR!}x9FqJzw{C & amp;pHd<1p9z_zc*MiTZ[9895KeMu.dbse?;9D3`w}GfvNbP & amp;/');
define('SECURE_AUTH_SALT', '5rexQ, & amp;|XfRoaG`^=x$ x@<E~V + -{1lXAKa4Fv3~26n:J & amp;U=us6rlo(zmm.6rn22');
define('LOGGED_IN_SALT', '#m?@!hA^5^2tQeJxFr So: & amp;$X<!-}Kq@f#=cxD]fLkY/S;jGm ,b@V3jN{o@ & amp;{ ~]');
define('NONCE_SALT', 'h0Q%sNl[N <9$xPPPDnR3#33RU[!f + m5elZIB}Oag,owp=Zr~vvC0INz]D$ljk05');
/**#@-*/
/**
* WordPress data table prefix.
*
* If you need to install multiple WordPress in the same database, please set it for each WordPress
* Different data table prefix. The prefix name can only be underlined for numbers and letters.
*/
$table_prefix = 'wp_';
/**
* For developers only: WordPress debug mode.
*
* Change this value to true and WordPress will display all prompts for development.
* Plugin developers are strongly recommended to enable WP_DEBUG in the development environment.
*
* For other information that can be used for debugging, please visit the Codex.
*
* @link https://codex.wordpress.org/Debugging_in_WordPress
*/
define('WP_DEBUG', false);
/**
* zh_CN localization settings: enable ICP record number display
*
* Can be modified in Settings → General.
* To disable, remove or comment out this line.
*/
define('WP_ZH_CN_ICP_NUM', true);
/* alright! Please do not continue editing. Please save this document. Have fun! */
/** Absolute path to WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
/** Set WordPress variables and include files. */
require_once(ABSPATH . 'wp-settings.php');
[root@web2-server ~]# systemctl restart nginx php-fpm.service
Then click Install Now on the browser page just now. Then follow the prompts to create an account.
nginx session persistence
There are mainly the following implementation methods for nginx session persistence.
ip_hash
ip_hash uses the source address hash algorithm to always send requests from the same client to the same backend server unless the server is unavailable.
ip_hash syntax:
upstream web {
ip_hash;
server www.zcy666.com;
server www.hjf777.com;
}
Notice:
ip_hash is easy to use, but has the following problems:
- When the backend server goes down, the session will be lost;
- Clients from the same LAN will be forwarded to the same backend server, which may cause load imbalance;
sticky_cookie_insert
Use sticky_cookie_insert to enable session affinity, which causes requests from the same client to be delivered to the same server of a set of servers. The difference with ip_hash is that it does not judge the client based on IP, but judges based on cookie. Therefore, the load imbalance caused by the client and the front-end agent from the same LAN in the above ip_hash can be avoided. (Need to introduce third-party modules to achieve sticky)
sticky syntax:
upstream web{
server www.zcy666.com;
server www.hjf777.com;
sticky expires=1h domain=3evip.cn path=/;
}
illustrate:
expires: Set the time to keep cookies in the browser
domain: defines the domain of the cookie
path: define the path for the cookie
Experimental case: This experiment is based on the experimental environment of the wordpress project above.
Sticky machine:
Add the sticky module on the original basis, first prepare a yum-installed server with nginx
Download nginx source package and sticky source package
[root@proxy-server ~]# wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/08a395c66e42.zip
[root@proxy-server ~]# yum -y install unzip
[root@proxy-server ~]# unzip 08a395c66e42.zip
[root@proxy-server ~]# mv nginx-goodies-nginx-sticky-module-ng-08a395c66e42/ nginx-sticky-module-ng
[root@proxy-server ~]# yum install -y pcre* openssl* gcc gcc-c ++ make
[root@proxy-server ~]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
[root@proxy-server ~]# tar zxf nginx-1.20.2.tar.gz
[root@proxy-server ~]# cd nginx-1.20.2/
[root@proxy-server nginx-1.20.2]# ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp -- http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx /uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with -http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with -http_slice_module --with-http_ssl_module --with-http_stub_status_mod ule --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt=' -O2 -g -pipe -Wall -Wp, -D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' - -with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' --add-module=/root/nginx-sticky-module-ng
[root@proxy-server nginx-1.20.2]# make & amp; & amp; make install
[root@proxy-server ~]# vim /etc/nginx/nginx.conf Add sticky parameter in upstream block
...
upstream web{
server www.zcy666.com;
server www.hjf777.com;
sticky expires=1h domain=3evip.cn path=/;
}
.....
Reload the nginx configuration after saving and exiting
[root@proxy-server ~]# nginx -s reload
The browser accesses the domain name of the proxy server. After entering the domain name in the URL bar, do not press Enter to enter, press F12 to open the developer tool, then press Enter in the address bar to enter the page, and you will see the following interface
After clicking, you can see the cache format we defined
