Centos 7部署Nginx网站服务、内网客户端、Haproxy云服务器等详情

下文给大家带来Centos 7部署Nginx网站服务、内网客户端、Haproxy云服务器等详情，希望能够给大家在实际运用中带来一定的帮助，负载均衡涉及的东西比较多，理论也不多，网上有很多书籍，今天我们就用在行业内累计的经验来做一个解答。

一、部署第一台Nginx网站

关于Nginx的原理概述及详细配置请参考博文：Centos 7部署Nginx网站服务

[root@centos01 ~]# yum -y install prce-devel zlib-devel [root@centos01 ~]# useradd -M -s /sbin/nologin nginx  [root@centos01 ~]# umount /mnt/      mount: /dev/sr0 写保护，将以只读方式挂载[root@centos01 ~]# scp /mnt/nginx-1.6.0.tar.gz root@192.168.100.20:/root           The authenticity of host '192.168.100.20 (192.168.100.20)' can't be established.ECDSA key fingerprint is SHA256:PUueT9fU9QbsyNB5NC5hbSXzaWxxQavBxXmfoknXl4I.ECDSA key fingerprint is MD5:6d:f7:95:0e:51:1a:d8:9e:7b:b6:3f:58:51:51:4b:3b.Are you sure you want to continue connecting (yes/no)? yes   Warning: Permanently added '192.168.100.20' (ECDSA) to the list of known hosts.root@192.168.100.20's password: nginx-1.6.0.tar.gz                                      100%  784KB  68.2MB/s   00:00[root@centos01 ~]# scp /mnt/haproxy-1.4.24.tar.gz root@192.168.100.30:/root             The authenticity of host '192.168.100.30 (192.168.100.30)' can't be established.ECDSA key fingerprint is SHA256:PUueT9fU9QbsyNB5NC5hbSXzaWxxQavBxXmfoknXl4I.ECDSA key fingerprint is MD5:6d:f7:95:0e:51:1a:d8:9e:7b:b6:3f:58:51:51:4b:3b.Are you sure you want to continue connecting (yes/no)? yes   Warning: Permanently added '192.168.100.30' (ECDSA) to the list of known hosts.root@192.168.100.30's password: haproxy-1.4.24.tar.gz                                                                               100%  817KB  31.1MB/s   00:00  00:00  [root@centos01 ~]# tar zxvf /mnt/nginx-1.6.0.tar.gz -C /usr/src/   [root@centos01 ~]# cd /usr/src/nginx-1.6.0/    [root@centos01 nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --user=nginx         [root@centos01 nginx-1.6.0]# make && make install  [root@centos01 ~]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/  [root@centos01 ~]# echo "192.168.100.10:nginx" > /usr/local/nginx/html/index.html       [root@centos01 ~]# nginx  [root@centos01 ~]# netstat -anptu | grep nginx tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3685/ngin: master  

二、部署第二台Nginx网站

[root@centos02 ~]# yum -y install pcre-devel zlib-devel  [root@centos02 ~]# lsanaconda-ks.cfg  initial-setup-ks.cfg  nginx-1.6.0.tar.gz[root@centos02 ~]# tar zxvf nginx-1.6.0.tar.gz -C /usr/src/   [root@centos02 ~]# useradd -M -s /sbin/nologin nginx   [root@centos02 ~]# cd /usr/src/nginx-1.6.0/ [root@centos02 nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --user=nginx            [root@centos02 nginx-1.6.0]# make && make install [root@centos02 ~]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/ [root@centos02 ~]# echo "192.168.100.20:nginx" > /usr/local/nginx/html/index.html           [root@centos02 ~]# nginx [root@centos02 ~]# netstat -anptu | grep nginxtcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      6059/ngin: master  

三、部署内网客户端

1、客户端添加VM1网卡，配置和服务器同网段IP地址

2、访问第一台nginx服务器

3、客户端更换IP地址访问第二台nginx服务器

四、部署Haproxy服务器

Haproxy概述及工作原理详细配置参考博文：Haproxy搭建Web群集概述
Centos 7基于Haproxy搭建高可用Web群集

1、安装haproxy

[root@centos03 ~]# yum -y install pcre-devel bzip2-devel  [root@centos03 ~]# lsanaconda-ks.cfg  haproxy-1.4.24.tar.gz  initial-setup-ks.cfg[root@centos03 ~]# tar zxvf haproxy-1.4.24.tar.gz -C /usr/src/  [root@centos03 ~]# cd /usr/src/haproxy-1.4.24/  [root@centos03 haproxy-1.4.24]# make TARGET=linux26 [root@centos03 haproxy-1.4.24]# make install  

2、生成haproxy配置文件

[root@centos03 ~]# mkdir /etc/haproxy  [root@centos03 ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/                 [root@centos03 ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy          [root@centos03 ~]# chmod +x /etc/init.d/haproxy [root@centos03 ~]# chkconfig --add haproxy  [root@centos03 ~]# chkconfig --level 35 haproxy on [root@centos03 ~]# cp /usr/src/haproxy-1.4.24/haproxy /usr/sbin/ [root@centos03 ~]# mkdir -p /usr/share/haproxy 

3、配置haproxy群集

[root@centos03 ~]# vim /etc/haproxy/haproxy.cfg   listen  nginx 192.168.100.30:80           balance roundrobin        server  web01 192.168.100.10:80 check inter 2000 fall 3           server  web02 192.168.100.20:80 check inter 2000 fall 3  [root@centos03 ~]# /etc/init.d/haproxy start  Starting haproxy (via systemctl):                          [  确定  ]

1）客户端访问192.168.100.30

2）客户端更换IP地址重新访问

五、配置Firewalld防火墙（双网卡）

关于Firewalld防火墙的概述及详细配置请参考博文：Centos 7的Firewalld防火墙基础
Centos 7的firewalld防火墙地址伪装和端口转发原理
centos 7之firewalld防火墙配置IP伪装和端口转发案例详解

[root@centos04 ~]# cp /etc/sysconfig/network-scripts/ifcfg-ens32 /etc/sysconfig/network-scripts/ifcfg-ens34   [root@centos04 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens34                   TYPE=EthernetPROXY_METHOD=noneBROWSER_ONLY=noBOOTPROTO=staticDEFROUTE=yesNAME=ens34DEVICE=ens34ONBOOT=yesIPADDR=192.168.200.254  NATEMASK=255.255.255.0DNS1=192.168.200.254   [root@centos04 ~]# systemctl restart network   [root@centos04 ~]# vim /etc/sysctl.conf   net.ipv4.ip_forward = 1[root@centos04 ~]# sysctl -p  [root@centos01 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32                   GATEWAY=192.168.100.40       [root@centos01 ~]# systemctl restart network  [root@centos04 ~]# systemctl start firewalld.service   [root@centos04 ~]# systemctl enable firewalld.service  [root@centos04 ~]# firewall-cmd --add-interface=ens34 --zone=external           The interface is under control of NetworkManager, setting zone to 'external'.success[root@centos04 ~]# firewall-cmd --add-interface=ens32 --zone=trusted              The interface is under control of NetworkManager, setting zone to 'trusted'.success[root@centos04 ~]# firewall-cmd --get-active-zones   external  interfaces: ens34trusted  interfaces: ens32[root@centos04 ~]# firewall-cmd --remove-masquerade --zone=external              success[root@centos04 ~]# firewall-cmd --add-rich-rule='rule family=ipv4 source address=192.168.100.0/24 masquerade' success[root@centos04 ~]# firewall-cmd --add-rich-rule='rule family=ipv4 destination address=192.168.200.254/32 forward-port port=80 protocol=tcp to-addr=192.168.100.30'success[root@centos04 ~]# firewall-cmd --zone=external --add-service=http            success[root@centos04 ~]# firewall-cmd --zone=external --add-service=dns           success[root@centos04 ~]# firewall-cmd --zone=external --list-allexternal (active)  target: default  icmp-block-inversion: no  interfaces: ens34  sources:   services: ssh http dns  ports:   protocols:   masquerade: no  forward-ports:   source-ports:   icmp-blocks:   rich rules:     rule family="ipv4" source address="192.168.100.0/24" masquerade    rule family="ipv4" destination address="192.168.200.254/32" forward-port port="80" protocol="tcp" to-addr="192.168.100.30"

六、部署DNS

关于DNS详细配置及概述请参考博文：CentOS7简单搭建DNS服务

[root@centos04 ~]# yum -y install bind bind-chroot bind-utils [root@centos04 ~]# echo "" > /etc/named.conf   [root@centos04 ~]# vim /etc/named.conf   options {        listen-on       port    53      { any; };        directory       "/var/named";};zone    benet.com        IN      {        type    master;        file    "benet.com.zone";};[root@centos04 ~]# named-checkconf -z /etc/named.conf          [root@centos04 ~]# vim /var/named/benet.com.zone           $TTL    86400@       SOA     benet.com.       root.benet.com.(        2020021801        1H        15M        1W        1D)@       NS      centos04.benet.com.centos04 A      192.168.200.254www      A      192.168.200.254[root@centos04 ~]# named-checkzone benet.com /var/named/benet.com.zone            zone benet.com/IN: loaded serial 2020021801OK[root@centos04 ~]# chmod +x /var/named/benet.com.zone           [root@centos04 ~]# chown named:named /var/named/benet.com.zone[root@centos04 ~]# systemctl start named  [root@centos04 ~]# systemctl enable named  

七、部署外网客户端

1、客户端配置IP地址、添加DNS地址

2、客户端使用域名访问

3、客户端更换IP地址重新访问

看了以上关于Centos 7部署Nginx网站服务、内网客户端、Haproxy服务器等详情，如果大家还有什么地方需要了解的可以在行业资讯里查找自己感兴趣的或者找我们的专业技术工程师解答的，技术工程师在行业内拥有十几年的经验了。