Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
2014-02-01 17:36
411 查看
不足之处,请指出~~~~~~~~~
先进行优化:
vi /etc/sysctl.conf # 编辑sysctl.conf文件添加以下内容
net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 65536 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 8192 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 786432 1048576 1572864 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65000
以上配置说明:
net.ipv4.tcp_rmem = 4096 87380 4194304:TCP读buffer,可参考的优化值: 32768 436600 873200
net.ipv4.tcp_wmem = 4096 65536 4194304:TCP写buffer,可参考的优化值: 8192 436600 873200
net.core.wmem_default:表示发送套接字缓冲区大小的缺省值(以字节为单位)
net.core.rmem_default:表示接收套接字缓冲区大小的缺省值(以字节为单位)
net.core.rmem_max :表示接收套接字缓冲区大小的最大值(以字节为单位)
net.core.wmem_max:表示发送套接字缓冲区大小的最大值(以字节为单位)
net.core.netdev_max_backlog = 262144:每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目。
net.core.somaxconn = 262144:web应用中listen函数的backlog默认会给我们内核参数的net.core.somaxconn限制到128,而nginx定义的NGX_LISTEN_BACKLOG默认为511,所以有必要调整这个值。
net.ipv4.tcp_max_orphans = 3276800:系统中最多有多少个TCP套接字不被关联到任何一个用户文件句柄上。
net.ipv4.tcp_max_syn_backlog = 8192:表示SYN队列的长度,默认为1024,加大队列长度为8192,可以容纳更多等待连接的网络连接数。
net.ipv4.tcp_max_tw_buckets = 5000:表示系统同时保持TIME_WAIT套接字的最大数量,如果超过这个数字,TIME_WAIT套接字将立刻被清除并打印警告信息。减少它的最大数量,避免Squid服务器被大量的TIME_WAIT套接字拖死。
net.ipv4.tcp_timestamps = 0:时间戳可以避免序列号的卷绕。一个1Gbps的链路肯定会遇到以前用过的序列号,时间戳能够让内核接受这种“异常”的数据包,这里需要将其关掉。
net.ipv4.tcp_tw_recycle = 1:表示开启TCP连接中TIME-WAIT sockets的快速回收。
net.ipv4.tcp_tw_reuse = 1:表示开启重用,允许将TIME-WAIT sockets重新用于新的TCP连接。
net.ipv4.tcp_mem = 786432 1048576 1572864:同样有3个值,net.ipv4.tcp_mem[0]:低于此值,TCP没有内存压力;net.ipv4.tcp_mem[1]:在此值下,进入内存压力阶段;net.ipv4.tcp_mem[2]:高于此值,TCP拒绝分配socket。可根据物理内存大小进行调整,如果内存足够大的话,可适当往上调。建议94500000 915000000 927000000。
net.ipv4.tcp_fin_timeout = 30:表示如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2状态的时间。
net.ipv4.tcp_keepalive_time = 1200:表示当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为20分钟。
net.ipv4.ip_local_port_range = 1024 65000:表示用于向外连接的端口范围。缺省情况下很小:32768到61000,改为1024到65000。
使配置立即生效:
/sbin/sysctl -p
LVS + keepalived 配置~~~~~
master的配置
mkdir /usr/local/src/lvs cd /usr/local/src/lvs wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz lsmod |grep ip_vs uname -r ln -s /usr/src/kernels/$(uname -r)/usr/src/linux #ln -s /usr/src/kernels/2.6.* /usr/src/linux tar zxvf ipvsadm-1.24.tar.gz cd ipvsadm-1.24 make && make install tar zxvf keepalived-1.1.15.tar.gz cd keepalived-1.1.15 ./configure&& make && make install cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/sbin/keepalived /usr/sbin/ #you can service keepalived start|stop cat >> /usr/local/etc/keepalived/keepalived.conf <<EOF ! Configuration File for keepalived global_defs { notification_email { rfyiamcool@163.com } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER # BACKUP interface eth0 virtual_router_id 51 priority 100 # 另一端 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.10.10.88 } } virtual_server 10.10.10.88 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 10.10.10.21 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 10.10.10.22 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } real_server 10.10.10.23 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF service keepalived start
backup主机的配置
mkdir /usr/local/src/lvs cd /usr/local/src/lvs wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz lsmod |grep ip_vs uname -r ln -s /usr/src/kernels/$(uname -r)/usr/src/linux #ln -s /usr/src/kernels/2.6.* /usr/src/linux tar zxvf ipvsadm-1.24.tar.gz cd ipvsadm-1.24 make && make install tar zxvf keepalived-1.1.15.tar.gz cd keepalived-1.1.15 ./configure&& make && make install cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/sbin/keepalived /usr/sbin/ #you can service keepalived start|stop cat >> /usr/local/etc/keepalived/keepalived.conf <<EOF ! Configuration File for keepalived global_defs { notification_email { rfyiamcool@163.com } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.10.10.88 } } virtual_server 10.10.10.88 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 10.10.10.21 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 10.10.10.22 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } real_server 10.10.10.23 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF service keepalived start
Squid缓存反向代理配置
#!/bin/bash wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE6.tar.bz2 tar jxvf squid-2.6.STABLE6.tar.bz2 ./configure --prefix=/usr/local/squid \ --enable-async-io=320 \ --enable-storeio="aufs,diskd,ufs" \ --enable-useragent-log \ --enable-referer-log \ --enable-kill-parent-hack \ --enable-forward-log \ --enable-snmp \ --enable-cache-digests \ --enable-default-err-language=Simplify_Chinese \ --enable-epoll \ --enable-removal-policies="heap,lru" \ --enable-large-cache-files \ --disable-internal-dns \ --enable-x-accelerator-vary \ --enable-follow-x-forwarded-for \ --disable-ident-lookups \ --with-large-files \ --with-filedescriptors=65536 cat >> /usr/local/squid/etc/squid.conf <<EOF visible_hostname cache1.taobao.com http_port 192.168.1.44:80 vhost vport icp_port 0 cache_mem 512 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 20000 KB maximum_object_size_in_memory 4096 KB cache_dir ufs /tmp1 3000 32 256 cache_store_log none emulate_httpd_log on efresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 negative_ttl 5 minutes positive_dns_ttl 6 hours negative_dns_ttl 1 minute connect_timeout 1 minute read_timeout 15 minutes request_timeout 5 minutes client_lifetime 1 day half_closed_clients on maximum_single_addr_tries 1 uri_whitespace strip ie_refresh off logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh pid_filename /var/log/squid/squid.pid cache_log /var/log/squid/cache.log access_log /var/log/squid/access.log combined acl all src 0.0.0.0/0.0.0.0 acl QUERY urlpath_regex cgi-bin .php .cgi .avi .wmv .rm .ram .mpg .mpeg .zip .exe cache deny QUERY acl picurl url_regex -i \.bmp$ \.png$ \.jpg$ \.gif$ \.jpeg$ acl mystie1 referer_regex -i aaa http_access allow mystie1 picurl acl mystie2 referer_regex -i bbb http_access allow mystie2 picurl acl nullref referer_regex -i ^$ http_access allow nullref acl hasref referer_regex -i .+ http_access deny hasref picurl cache_peer 10.10.10.56 parent 80 0 no-query originserver name=web1 round-robin cache_peer 10.10.10.57 parent 80 0 no-query originserver name=web2 round-robin #请自己改域名 比如123.com www.123.com *.123.com cache_peer_domain all .123.com cache_effective_user nobody cache_effective_group nobody acl localhost src 127.0.0.1 acl my_other_proxy srcdomain .a.com follow_x_forwarded_for allow localhost follow_x_forwarded_for allow all #允许转发 head ip 头 acl_uses_indirect_client on #只有2.6才有这这个个参数 delay_pool_uses_indirect_client on #只有2.6才有这这个个参数 log_uses_indirect_client on # 只有2.6才有这这个个参数 #refresh_pattern ^ftp: 60 20% 10080 #refresh_pattern ^gopher: 60 0% 1440 #refresh_pattern ^gopher: 60 0% 1440 #refresh_pattern . 0 20% 1440 refresh_pattern -i \.css$ 360 50% 2880 refresh_pattern -i \.js$ 1440 50% 2880 refresh_pattern -i \.html$ 720 50% 1440 refresh_pattern -i \.jpg$ 1440 90% 2880 refresh_pattern -i \.gif$ 1440 90% 2880 refresh_pattern -i \.swf$ 1440 90% 2880 refresh_pattern -i \.jpg$ 1440 50% 2880 refresh_pattern -i \.png$ 1440 50% 2880 refresh_pattern -i \.bmp$ 1440 50% 2880 refresh_pattern -i \.doc$ 1440 50% 2880 refresh_pattern -i \.ppt$ 1440 50% 2880 refresh_pattern -i \.xls$ 1440 50% 2880 refresh_pattern -i \.pdf$ 1440 50% 2880 refresh_pattern -i \.rar$ 1440 50% 2880 refresh_pattern -i \.zip$ 1440 50% 2880 refresh_pattern -i \.txt$ 1440 50% 2880 EOF #建立缓存和日志目录,并改变权限使squid能写入 mkdir /tmp1 mkdir /var/log/squid chown -R nobody:nobody /tmp1 chmod 666 /tmp1 chown -R nobody:nobody /var/log/squid #首次运行squid要先建立缓存 /usr/local/squid/sbin/squid -z #启动squid echo "65535" > /proc/sys/fs/file-max ulimit -HSn 65535 /usr/local/squid/sbin/squid
*取得squid运行状态信息: squidclient -p 80 mgr:info
*取得squid内存使用情况: squidclient -p 80 mgr:mem
*取得squid已经缓存的列表: squidclient -p 80 mgr:objects. use it carefully,it may crash
*取得squid的磁盘使用情况: squidclient -p 80 mgr:diskd
缓存的清理脚本
格式:
qingli.sh www.xiuxiukan.com
qingli.sh jpg
qingli.sh xiuxiukan.com 123 bbb jpg
#!/bin/sh
squidcache_path="/squidcache"
squidclient_path="/home/local/squid/bin/squidclient"
#grep -a -r $1 $squidcache_path/* | grep "http:" | awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' > cache.txt
if [[ "$1" == "swf" || "$1" == "png" || "$1" == "jpg" || "$1" == "ico" || "$1" == "gif" || "$1" == "css" || "$1" == "js" || "$1" == "html" || "$1" == "shtml" || "$1" == "htm" ]]; then
grep -a -r .$1 $squidcache_path/* | strings | grep "http:" | awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' | grep "$1$" | uniq > cache.txt
else
grep -a -r $1 $squidcache_path/* | strings | grep "http:" |grep $2$ |grep $3$|grep $4$|grep $5$ |grep $6$| awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' | uniq > cache.txt
fi
sed -i "s/\";$//g" cache.txt
cat cache.txt | while read LINE
do
$squidclient_path -p 80 -m PURGE $LINE
done下面是3.1的安装,针对需要3.1部分模块的朋友,但是不推荐用3.1
tar -zxvf squid-3.1.20-20120610-r10455.tar.gz cd squid-3.1.20-20120610-r10455 ./configure --prefix=/usr/local/squid --enable-async-io=100 --disable-delay-pools --disable-mem-gen-trace --disable-useragent-log --enable-kill-parent-hack --disable-arp-acl --enable-epoll --disable-ident-lookups --enable-snmp --enable-large-cache-files --with-large-files make && make install groupadd squid #创建squid用户组 useradd -g squid -s /sbin/nologin squid #创建squid用户,并加入到squid组里,不允许登录系统 chown -R squid /usr/local/squid/ #修改squid的安装目录所属用户为squid用户 mkdir -p /var/cache #创建squid的第一个缓存目录 mkdir -p /var/squid #创建squid的第二个缓存目录 chown squid.squid -R /var/cache /var/squid #设置目录所有者 chmod -R 777 /var/cache /var/squid #设置目录权限 mv /usr/local/squid/etc/squid.conf /usr/local/squid/etc/squid.conf.bak vi /usr/local/squid/etc/squid.conf cache_effective_user squid #运行squid的用户 cache_effective_group squid #运行squid的用户所在的组 visible_hostname squid1.cache.cn #设定squid的主机名,如无此项squid将无法启动 http_port 80 accel vhost vport #代理端口 icp_port 3130 #icp端口 # 配置其他缓存服务器,当squid1在其缓存中没有找到请求的资源时,通过ICP查询去其邻居中取得缓存 cache_peer 10.10.10.21 sibling 80 3130 cache_peer 10.10.10.22 sibling 80 3130 cache_peer 10.10.10.23 sibling 80 3130 # 后端web服务器配置,round-robin表示通过轮询方式将请求分发到其中一台web节点 cache_peer 10.10.10.56 parent 80 0 no-query originserver round-robin name=webServer1 cache_peer 10.10.10.57 parent 80 0 no-query originserver round-robin name=webServer2 cache_peer_domain webServer1 webServer2 .123.com #根据通配域名xuad.com来进行转发 # 下面三行是配置访问控制的 http_access allow all #允许以上所有规则通过 # URL中包含cgi-bin和以https:\\开头的都不缓存,asp、cgi、php、jsp等动态页面也不缓存 hierarchy_stoplist cgi-bin ? hierarchy_stoplist -i ^https:\\ ? acl QueryString urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi acl denyssl urlpath_regex -i ^https:\\ no_cache deny QueryString no_cache deny denyssl # 日志和缓存目录的设置 cache_log /usr/local/squid/var/logs/cache.log #cache.log日志文件存放目录 access_log /usr/local/squid/var/logs/access.log squid #access.log日志文件存放目录 cache_dir aufs /var/cache 1024 16 256 #设定缓存目录cache,目录容量最大1024M,16*256级子目录 cache_dir aufs /var/squid 3072 16 256 #设定缓存目录squid,目录容量最大3072M,16*256级子目录 cache_mem 128 MB #squid用于缓存的内存容量 # 当缓存目录空间使用达到95%以上时,新的内容将取代旧的内容,直到空间又下降到90%才停止这一活动 cache_swap_low 90 cache_swap_high 95 # 设置存储策略 maximum_object_size 4096 KB #能缓存的最大对象为4M maximum_object_size_in_memory 80 KB #内存中缓存的最大对象80K ipcache_size 1024 #缓存DNS解析得到的IP,最大单个对象为1024K ipcache_low 90 ipcache_high 95 cache_replacement_policy lru #缓存替换策略 memory_replacement_policy lru #内存替换策略 memory_pools on #开启内存池 memory_pools_limit 32 MB #限制内存池大小为32MB forwarded_for on #开启转发 log_icp_queries off #关闭icp查询日志 forward_timeout 20 seconds #允许转发超时20秒 connect_timeout 30 seconds #连接到其他机器的最大尝试时间 read_timeout 3 minutes #允许读取超时3分钟 request_timeout 1 minutes #允许返回超时1分钟 persistent_request_timeout 30 seconds #允许持续连接超时30秒 client_lifetime 15 minutes #客户端会话保持 shutdown_lifetime 5 seconds negative_ttl 30 seconds #设置错误信息的生存时间 # 允许一个IP最大并发数为50 acl OverConnLimit maxconn 50 http_access deny OverConnLimit client_persistent_connections off #对客户端长连接KeepAlive这个参数的支持 server_persistent_connections on # 开启服务端的KeepAlive,web端要开启KeepAlive,不然这里打开是没用的 tcp_recv_bufsize 65535 bytes #TCP套接字接收缓冲区大小 half_closed_clients off #当客户与squid的连接处于半关闭状态时,允许squid立即关闭连接 via on #开启转发循环的检测 request_header_access via deny all #避免由于两台squid的主机名一样而返回403错误 httpd_suppress_version_string off #错误页面不显示squid的版本信息 ie_refresh off #是否允许对旧版本的IE浏览器强制刷新页面
/usr/local/squid/sbin/squid -N –z
/usr/local/squid/sbin/squid
配置lvs客户端模式~
#!/bin/bash
SNS_VIP=10.10.10.88
source /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0lnmp自动安装脚本,含有eaccelerator memcache组件
这个是完整的配置脚本,可以把mysql部分取消~
版本我选择的是
pcre-8.01.tar.gz, nginx-1.0.2.tar.gz, mysql-5.1.41.tar.gz, php-5.3.3.tar.bz2, memcache-2.2.5.tgz
#!/bin/sh
srcpath=/usr/src
apppath=/usr/local
sleep 5
if
[ $UID -ne 0 ];then
echo “This script must use administrator or root user ,please exit …….”
sleep 2
exit 1
fi
Download ()
{
cd $srcpath && wget http://blog.mgcrazy.com/download/{pcre-8.01.tar.gz,nginx-1.0.2.tar.gz,mysql-5.1.41.tar.gz,php-5.3.3.tar.bz2,memcache-2.2.5.tgz,php-fpm.conf,php.ini,nginx.conf,fcgi.conf,eaccelerator-0.9.6.1.tar.bz2} echo “THIS IS STARTING SHELL MAKE INSTALL SHELL ,PLEASE WAITING ………………………..”
sleep 2s
if [ $? -eq 0 ];then
echo -n “DownLoad Linux source packages End ,Please Waiting Install………………”
else
echo -n “Download Linux source packages Failed ,Please Check………………”
fi
}
Nginx_install ()
{
cd $srcpath && tar xzf pcre-8.01.tar.gz && cd pcre-8.01 && ./configure –prefix=$apppath/pcre && make &&make install
if
[ $? -eq 0 ];then
echo “This pcre make install end ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
else
echo “Pcre install failed ,please check install shell or system gcc configuration ,exiting ……….”
sleep 1s
exit 1
fi
echo “pcre install end ………..,please install nginx …………………”
useradd www ; cd $srcpath && tar xzf nginx-1.0.2.tar.gz && cd nginx-1.0.2 && ./configure –prefix=$apppath/nginx –with-http_stub_status_module –with-cc-opt=’-O3′ –with-cpu-opt=opteron –with-openssl=/usr/ –with-pcre=/usr/src/pcre-8.01 –user=www –group=www ; make ; make install
cp -r $srcpath/{nginx.conf,fcgi.conf} $apppath/nginx/conf/
if [ $? -eq 0 ];then
echo -n “Nginx Install success ………………”
else
echo -n “Nginx Install Failed ,Please Check………………”
exit 1
fi
echo “nginx install end …………………..,Next install mysql …………………………..”
}
Mysql_install ()
{
cd $srcpath && tar xzf mysql-5.1.41.tar.gz && cd mysql-5.1.41 && ./configure –prefix=$apppath/mysql/ –enable-assembler –with-extra-charsets=complex –enable-thread-safe-client –with-big-tables –with-readline –with-ssl –with-embedded-server –enable-local-infile –with-plugins=innobase && make &&make install
if [ $? -eq 0 ];then
echo -n “Mysql Install success ………………”
else
echo -n “Mysql Install Failed ,Please Check………………”
exit 1
fi
echo “init mysql server , ……….please waiting ………………………………….”
cd /usr/local/mysql && useradd mysql ; chown -R mysql:mysql /usr/local/mysql && /usr/local/mysql/bin/mysql_install_db –user=mysql && chown -R mysql:mysql var/
echo “Now install php ,please waiting………………………………….”
}
Php_install ()
{
yum clean all && yum install -y libevent* &&cd $srcpath &&tar jxvf php-5.3.3.tar.bz2 && cd php-5.3.3 && ./configure –prefix=$apppath/php5 –with-config-file-path=$apppath/php5/etc –with-mysql=$apppath/mysql –with-mysqli=$apppath/mysql/bin/mysql_config –with-iconv-dir=/usr/local –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-libxml-dir=/usr –enable-xml –disable-rpath –enable-discard-path –enable-safe-mode –enable-bcmath –enable-shmop –enable-sysvsem –enable-inline-optimization –with-curl –with-curlwrappers –enable-mbregex –enable-fpm –enable-sockets && make &&make install
if
[ $? -eq 0 ];then
echo “This PHP make install end ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
else
echo “This PHP failed ,please check install shell ,exiting ……….”
sleep 2s
echo “This PHP failed ,please check install shell ,exiting ……….” |mail -s “PHP make install failed” wgkgood@139.com
exit 2
fi
cp -r $srcpath/php.ini $apppath/php5/etc/
cp $srcpath/php-5.3.3/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm ;chmod o+x /etc/init.d/php-fpm
}
Eacce_install ()
{
echo “Now install eaccelerator …………….,please waiting……………………..”
cd /usr/src && tar jxvf eaccelerator-0.9.6.1.tar.bz2 && cd eaccelerator-0.9.6.1 && $apppath/php5/bin/phpize && ./configure –enable-eaccelerator=shared –with-php-config=$apppath/php5/bin/php-config &&make &&make test &&make install &&mkdir -p /tmp/eaccelerator && chmod 777 -R /tmp/eaccelerator
if
[ $? -eq 0 ];then
echo “Install eaccelerator success ”
else
echo “Install eaccelerator failed ,please check ………………………”
fi
}
Mem_install ()
{
###########now install memcached #######################
echo “next install memcached……………………………………..”
cd $srcpath && tar xzf memcache-2.2.5.tgz && cd memcache-2.2.5 && /usr/local/php5/bin/phpize && ./configure –prefix=$apppath/memcached –with-php-config=$apppath/php5/bin/php-config &&make &&make install
if
[ $? -eq 0 ];then
echo “Install Memcache success ”
else
echo “Install Memcache failed ,please check ………………………”
fi
}
EXIT ()
{
echo “Now not Install ,Please exit …………………..”
exit 0
}
PS3=”Please Select Install Linux Packages: ”
select option in Download Nginx_install Mysql_install Php_install Eacce_install Mem_install EXIT
do
$option
donememcached 缓存安装配置
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# Check if user is root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use root to install lnmp"
exit 1
fi
clear
cur_dir=$(pwd)
get_char()
{
SAVEDSTTY=`stty -g`
stty -echo
stty cbreak
dd if=/dev/tty bs=1count=1 2> /dev/null
stty -raw
stty echo
stty $SAVEDSTTY
}
echo ""
echo "Press any key to start install Memcached..."
char=`get_char`
printf "=========================== install memcached ======================\n"
wget -c http://soft.vpser.net/lib/libevent/libevent-2.0.13-stable.tar.gz tar zxvf libevent-2.0.13-stable.tar.gz
cd libevent-2.0.13-stable/
./configure --prefix=/usr/local/libevent
make&& make install
cd ../
ln -s /usr/local/libevent/lib/libevent-2.0.so.5 /lib/libevent-2.0.so.5
wget -c http://soft.vpser.net/web/memcached/memcached-1.4.7.tar.gz tar zxvf memcached-1.4.7.tar.gz
cd memcached-1.4.7/
./configure --prefix=/usr/local/memcached
make &&make install
cd ../
ln /usr/local/memcached/bin/memcached /usr/bin/memcached
cp conf/memcached-init /etc/init.d/memcached
chmod +x /etc/init.d/memcached
useradd -s /sbin/nologin nobody
if [ -s /etc/debian_version ]; then
update-rc.d -f memcached defaults
elif [ -s /etc/redhat-release ]; then
chkconfig --level 345 memcached on
fi
echo "Starting Memcached..."
/etc/init.d/memcached startmysql安装配置,已开启了indodb的支持
read mima wget -c http://soft.vpser.net/datebase/mysql/mysql-5.1.60.tar.gz tar -zxvf mysql-5.1.60.tar.gz cd mysql-5.1.60/ ./configure --prefix=/usr/local/mysql --with-extra-charsets=all --enable-thread-safe-client --enable-assembler --with-charset=utf8--with-plugins=max --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-innodb make && make install cd ../ groupadd mysql useradd -s /sbin/nologin -M -g mysql mysql cp -f /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf sed -i 's/skip-locking/skip-external-locking/g' /etc/my.cnf /usr/local/mysql/bin/mysql_install_db --user=mysql chown -R mysql /usr/local/mysql/var chgrp -R mysql /usr/local/mysql/. cp -f /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql chmod 755 /etc/init.d/mysql cat > /etc/ld.so.conf.d/mysql.conf<<EOF /usr/local/mysql/lib/mysql /usr/local/lib EOF ldconfig ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql ln -s /usr/local/mysql/include/mysql /usr/include/mysql /etc/init.d/mysql start ln -s /usr/local/mysql/bin/mysql /usr/bin/mysql ln -s /usr/local/mysql/bin/mysqldump /usr/bin/mysqldump ln -s /usr/local/mysql/bin/myisamchk /usr/bin/myisamchk /usr/local/mysql/bin/mysqladmin -u root password $mima /etc/init.d/mysql restart
mysql主从设置~~~~
(1)首先确保主从服务器上的Mysql版本相同 (2)在主服务器上,设置一个从数据库的账户,使用REPLICATION SLAVE赋予权限,如: mysql> GRANT REPLICATION SLAVE ON *.* TO 'slave001'@'10.10.10.59' IDENTIFIED BY '123123'; Query OK, 0 rows affected (0.13 sec) (3)修改主数据库的配置文件my.cnf,开启BINLOG,并设置server-id的值,修改之后必须重启Mysql服务 [mysqld] log-bin=mysql-bin binlog-ignore-db= mysql server-id=1 (4)之后可以得到主服务器当前二进制日志名和偏移量,这个操作的目的是为了在从数据库启动后,从这个点开始进行数据的恢复 mysql> show master status\G; *************************** 1. row *************************** File: mysql-bin.000003 Position: 243 Binlog_Do_DB: Binlog_Ignore_DB: 1 row in set (0.00 sec) (5)好了,现在可以停止主数据的的更新操作,并生成主数据库的备份,我们可以通过mysqldump到处数据到从数据库,当然了,你也可以直接用cp命令将数据文件复制到从数据库去 注意在导出数据之前先对主数据库进行READ LOCK,以保证数据的一致性 mysql> flush tables with read lock; Query OK, 0 rows affected (0.19 sec) 之后是mysqldump mysqldump -h127.0.0.1 -p3306 -uroot -p test > /home/chenyz/test.sql 最好在主数据库备份完毕,恢复写操作 mysql> unlock tables; Query OK, 0 rows affected (0.28 sec) (6)将刚才主数据备份的test.sql复制到从数据库,进行导入 (7)接着修改从数据库的my.cnf,增加server-id参数,指定复制使用的用户,主数据库服务器的ip,端口以及开始执行复制日志的文件和位置 [mysqld] server-id=2 log-bin=mysql-bin master-host =10.10.10.58 master-user=test master-pass=123123 master-port =3306 master-connect-retry=60 replicate-do-db =test (8)在从服务器上,启动slave进程 mysql> start slave; (9)在从服务器进行show salve status验证 mysql> SHOW SLAVE STATUS\G *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: localhost Master_User: root Master_Port: 3306 Connect_Retry: 3 Master_Log_File: mysql-bin.003 Read_Master_Log_Pos: 79 Relay_Log_File: gbichot-relay-bin.003 Relay_Log_Pos: 548 Relay_Master_Log_File: mysql-bin .003 Slave_IO_Running: Yes Slave_SQL_Running: Yes (10)好了,现在可以在我们的主服务器做一些更新的操作,然后在从服务器查看是否已经更新
本文出自 “峰云,就她了。” 博客,请务必保留此出处/article/4257226.html
不足之处,请指出~~~~~~~~~
先进行优化:
vi /etc/sysctl.conf # 编辑sysctl.conf文件添加以下内容
net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 65536 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 8192 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 786432 1048576 1572864 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65000
以上配置说明:
net.ipv4.tcp_rmem = 4096 87380 4194304:TCP读buffer,可参考的优化值: 32768 436600 873200
net.ipv4.tcp_wmem = 4096 65536 4194304:TCP写buffer,可参考的优化值: 8192 436600 873200
net.core.wmem_default:表示发送套接字缓冲区大小的缺省值(以字节为单位)
net.core.rmem_default:表示接收套接字缓冲区大小的缺省值(以字节为单位)
net.core.rmem_max :表示接收套接字缓冲区大小的最大值(以字节为单位)
net.core.wmem_max:表示发送套接字缓冲区大小的最大值(以字节为单位)
net.core.netdev_max_backlog = 262144:每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目。
net.core.somaxconn = 262144:web应用中listen函数的backlog默认会给我们内核参数的net.core.somaxconn限制到128,而nginx定义的NGX_LISTEN_BACKLOG默认为511,所以有必要调整这个值。
net.ipv4.tcp_max_orphans = 3276800:系统中最多有多少个TCP套接字不被关联到任何一个用户文件句柄上。
net.ipv4.tcp_max_syn_backlog = 8192:表示SYN队列的长度,默认为1024,加大队列长度为8192,可以容纳更多等待连接的网络连接数。
net.ipv4.tcp_max_tw_buckets = 5000:表示系统同时保持TIME_WAIT套接字的最大数量,如果超过这个数字,TIME_WAIT套接字将立刻被清除并打印警告信息。减少它的最大数量,避免Squid服务器被大量的TIME_WAIT套接字拖死。
net.ipv4.tcp_timestamps = 0:时间戳可以避免序列号的卷绕。一个1Gbps的链路肯定会遇到以前用过的序列号,时间戳能够让内核接受这种“异常”的数据包,这里需要将其关掉。
net.ipv4.tcp_tw_recycle = 1:表示开启TCP连接中TIME-WAIT sockets的快速回收。
net.ipv4.tcp_tw_reuse = 1:表示开启重用,允许将TIME-WAIT sockets重新用于新的TCP连接。
net.ipv4.tcp_mem = 786432 1048576 1572864:同样有3个值,net.ipv4.tcp_mem[0]:低于此值,TCP没有内存压力;net.ipv4.tcp_mem[1]:在此值下,进入内存压力阶段;net.ipv4.tcp_mem[2]:高于此值,TCP拒绝分配socket。可根据物理内存大小进行调整,如果内存足够大的话,可适当往上调。建议94500000 915000000 927000000。
net.ipv4.tcp_fin_timeout = 30:表示如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2状态的时间。
net.ipv4.tcp_keepalive_time = 1200:表示当keepalive起用的时候,TCP发送keepalive消息的频度。缺省是2小时,改为20分钟。
net.ipv4.ip_local_port_range = 1024 65000:表示用于向外连接的端口范围。缺省情况下很小:32768到61000,改为1024到65000。
使配置立即生效:
/sbin/sysctl -p
LVS + keepalived 配置~~~~~
master的配置
mkdir /usr/local/src/lvs cd /usr/local/src/lvs wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz lsmod |grep ip_vs uname -r ln -s /usr/src/kernels/$(uname -r)/usr/src/linux #ln -s /usr/src/kernels/2.6.* /usr/src/linux tar zxvf ipvsadm-1.24.tar.gz cd ipvsadm-1.24 make && make install tar zxvf keepalived-1.1.15.tar.gz cd keepalived-1.1.15 ./configure&& make && make install cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/sbin/keepalived /usr/sbin/ #you can service keepalived start|stop cat >> /usr/local/etc/keepalived/keepalived.conf <<EOF ! Configuration File for keepalived global_defs { notification_email { rfyiamcool@163.com } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER # BACKUP interface eth0 virtual_router_id 51 priority 100 # 另一端 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.10.10.88 } } virtual_server 10.10.10.88 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 10.10.10.21 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 10.10.10.22 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } real_server 10.10.10.23 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF service keepalived start
backup主机的配置
mkdir /usr/local/src/lvs cd /usr/local/src/lvs wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz lsmod |grep ip_vs uname -r ln -s /usr/src/kernels/$(uname -r)/usr/src/linux #ln -s /usr/src/kernels/2.6.* /usr/src/linux tar zxvf ipvsadm-1.24.tar.gz cd ipvsadm-1.24 make && make install tar zxvf keepalived-1.1.15.tar.gz cd keepalived-1.1.15 ./configure&& make && make install cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/sbin/keepalived /usr/sbin/ #you can service keepalived start|stop cat >> /usr/local/etc/keepalived/keepalived.conf <<EOF ! Configuration File for keepalived global_defs { notification_email { rfyiamcool@163.com } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.10.10.88 } } virtual_server 10.10.10.88 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 10.10.10.21 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 10.10.10.22 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } real_server 10.10.10.23 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF service keepalived start
Squid缓存反向代理配置
#!/bin/bash wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE6.tar.bz2 tar jxvf squid-2.6.STABLE6.tar.bz2 ./configure --prefix=/usr/local/squid \ --enable-async-io=320 \ --enable-storeio="aufs,diskd,ufs" \ --enable-useragent-log \ --enable-referer-log \ --enable-kill-parent-hack \ --enable-forward-log \ --enable-snmp \ --enable-cache-digests \ --enable-default-err-language=Simplify_Chinese \ --enable-epoll \ --enable-removal-policies="heap,lru" \ --enable-large-cache-files \ --disable-internal-dns \ --enable-x-accelerator-vary \ --enable-follow-x-forwarded-for \ --disable-ident-lookups \ --with-large-files \ --with-filedescriptors=65536 cat >> /usr/local/squid/etc/squid.conf <<EOF visible_hostname cache1.taobao.com http_port 192.168.1.44:80 vhost vport icp_port 0 cache_mem 512 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 20000 KB maximum_object_size_in_memory 4096 KB cache_dir ufs /tmp1 3000 32 256 cache_store_log none emulate_httpd_log on efresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 negative_ttl 5 minutes positive_dns_ttl 6 hours negative_dns_ttl 1 minute connect_timeout 1 minute read_timeout 15 minutes request_timeout 5 minutes client_lifetime 1 day half_closed_clients on maximum_single_addr_tries 1 uri_whitespace strip ie_refresh off logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh pid_filename /var/log/squid/squid.pid cache_log /var/log/squid/cache.log access_log /var/log/squid/access.log combined acl all src 0.0.0.0/0.0.0.0 acl QUERY urlpath_regex cgi-bin .php .cgi .avi .wmv .rm .ram .mpg .mpeg .zip .exe cache deny QUERY acl picurl url_regex -i \.bmp$ \.png$ \.jpg$ \.gif$ \.jpeg$ acl mystie1 referer_regex -i aaa http_access allow mystie1 picurl acl mystie2 referer_regex -i bbb http_access allow mystie2 picurl acl nullref referer_regex -i ^$ http_access allow nullref acl hasref referer_regex -i .+ http_access deny hasref picurl cache_peer 10.10.10.56 parent 80 0 no-query originserver name=web1 round-robin cache_peer 10.10.10.57 parent 80 0 no-query originserver name=web2 round-robin #请自己改域名 比如123.com www.123.com *.123.com cache_peer_domain all .123.com cache_effective_user nobody cache_effective_group nobody acl localhost src 127.0.0.1 acl my_other_proxy srcdomain .a.com follow_x_forwarded_for allow localhost follow_x_forwarded_for allow all #允许转发 head ip 头 acl_uses_indirect_client on #只有2.6才有这这个个参数 delay_pool_uses_indirect_client on #只有2.6才有这这个个参数 log_uses_indirect_client on # 只有2.6才有这这个个参数 #refresh_pattern ^ftp: 60 20% 10080 #refresh_pattern ^gopher: 60 0% 1440 #refresh_pattern ^gopher: 60 0% 1440 #refresh_pattern . 0 20% 1440 refresh_pattern -i \.css$ 360 50% 2880 refresh_pattern -i \.js$ 1440 50% 2880 refresh_pattern -i \.html$ 720 50% 1440 refresh_pattern -i \.jpg$ 1440 90% 2880 refresh_pattern -i \.gif$ 1440 90% 2880 refresh_pattern -i \.swf$ 1440 90% 2880 refresh_pattern -i \.jpg$ 1440 50% 2880 refresh_pattern -i \.png$ 1440 50% 2880 refresh_pattern -i \.bmp$ 1440 50% 2880 refresh_pattern -i \.doc$ 1440 50% 2880 refresh_pattern -i \.ppt$ 1440 50% 2880 refresh_pattern -i \.xls$ 1440 50% 2880 refresh_pattern -i \.pdf$ 1440 50% 2880 refresh_pattern -i \.rar$ 1440 50% 2880 refresh_pattern -i \.zip$ 1440 50% 2880 refresh_pattern -i \.txt$ 1440 50% 2880 EOF #建立缓存和日志目录,并改变权限使squid能写入 mkdir /tmp1 mkdir /var/log/squid chown -R nobody:nobody /tmp1 chmod 666 /tmp1 chown -R nobody:nobody /var/log/squid #首次运行squid要先建立缓存 /usr/local/squid/sbin/squid -z #启动squid echo "65535" > /proc/sys/fs/file-max ulimit -HSn 65535 /usr/local/squid/sbin/squid
*取得squid运行状态信息: squidclient -p 80 mgr:info
*取得squid内存使用情况: squidclient -p 80 mgr:mem
*取得squid已经缓存的列表: squidclient -p 80 mgr:objects. use it carefully,it may crash
*取得squid的磁盘使用情况: squidclient -p 80 mgr:diskd
缓存的清理脚本
格式:
qingli.sh www.xiuxiukan.com
qingli.sh jpg
qingli.sh xiuxiukan.com 123 bbb jpg
#!/bin/sh
squidcache_path="/squidcache"
squidclient_path="/home/local/squid/bin/squidclient"
#grep -a -r $1 $squidcache_path/* | grep "http:" | awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' > cache.txt
if [[ "$1" == "swf" || "$1" == "png" || "$1" == "jpg" || "$1" == "ico" || "$1" == "gif" || "$1" == "css" || "$1" == "js" || "$1" == "html" || "$1" == "shtml" || "$1" == "htm" ]]; then
grep -a -r .$1 $squidcache_path/* | strings | grep "http:" | awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' | grep "$1$" | uniq > cache.txt
else
grep -a -r $1 $squidcache_path/* | strings | grep "http:" |grep $2$ |grep $3$|grep $4$|grep $5$ |grep $6$| awk -F 'http:' '{print "http:"$2;}' | awk -F\' '{print $1}' | uniq > cache.txt
fi
sed -i "s/\";$//g" cache.txt
cat cache.txt | while read LINE
do
$squidclient_path -p 80 -m PURGE $LINE
done下面是3.1的安装,针对需要3.1部分模块的朋友,但是不推荐用3.1
tar -zxvf squid-3.1.20-20120610-r10455.tar.gz cd squid-3.1.20-20120610-r10455 ./configure --prefix=/usr/local/squid --enable-async-io=100 --disable-delay-pools --disable-mem-gen-trace --disable-useragent-log --enable-kill-parent-hack --disable-arp-acl --enable-epoll --disable-ident-lookups --enable-snmp --enable-large-cache-files --with-large-files make && make install groupadd squid #创建squid用户组 useradd -g squid -s /sbin/nologin squid #创建squid用户,并加入到squid组里,不允许登录系统 chown -R squid /usr/local/squid/ #修改squid的安装目录所属用户为squid用户 mkdir -p /var/cache #创建squid的第一个缓存目录 mkdir -p /var/squid #创建squid的第二个缓存目录 chown squid.squid -R /var/cache /var/squid #设置目录所有者 chmod -R 777 /var/cache /var/squid #设置目录权限 mv /usr/local/squid/etc/squid.conf /usr/local/squid/etc/squid.conf.bak vi /usr/local/squid/etc/squid.conf cache_effective_user squid #运行squid的用户 cache_effective_group squid #运行squid的用户所在的组 visible_hostname squid1.cache.cn #设定squid的主机名,如无此项squid将无法启动 http_port 80 accel vhost vport #代理端口 icp_port 3130 #icp端口 # 配置其他缓存服务器,当squid1在其缓存中没有找到请求的资源时,通过ICP查询去其邻居中取得缓存 cache_peer 10.10.10.21 sibling 80 3130 cache_peer 10.10.10.22 sibling 80 3130 cache_peer 10.10.10.23 sibling 80 3130 # 后端web服务器配置,round-robin表示通过轮询方式将请求分发到其中一台web节点 cache_peer 10.10.10.56 parent 80 0 no-query originserver round-robin name=webServer1 cache_peer 10.10.10.57 parent 80 0 no-query originserver round-robin name=webServer2 cache_peer_domain webServer1 webServer2 .123.com #根据通配域名xuad.com来进行转发 # 下面三行是配置访问控制的 http_access allow all #允许以上所有规则通过 # URL中包含cgi-bin和以https:\\开头的都不缓存,asp、cgi、php、jsp等动态页面也不缓存 hierarchy_stoplist cgi-bin ? hierarchy_stoplist -i ^https:\\ ? acl QueryString urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi acl denyssl urlpath_regex -i ^https:\\ no_cache deny QueryString no_cache deny denyssl # 日志和缓存目录的设置 cache_log /usr/local/squid/var/logs/cache.log #cache.log日志文件存放目录 access_log /usr/local/squid/var/logs/access.log squid #access.log日志文件存放目录 cache_dir aufs /var/cache 1024 16 256 #设定缓存目录cache,目录容量最大1024M,16*256级子目录 cache_dir aufs /var/squid 3072 16 256 #设定缓存目录squid,目录容量最大3072M,16*256级子目录 cache_mem 128 MB #squid用于缓存的内存容量 # 当缓存目录空间使用达到95%以上时,新的内容将取代旧的内容,直到空间又下降到90%才停止这一活动 cache_swap_low 90 cache_swap_high 95 # 设置存储策略 maximum_object_size 4096 KB #能缓存的最大对象为4M maximum_object_size_in_memory 80 KB #内存中缓存的最大对象80K ipcache_size 1024 #缓存DNS解析得到的IP,最大单个对象为1024K ipcache_low 90 ipcache_high 95 cache_replacement_policy lru #缓存替换策略 memory_replacement_policy lru #内存替换策略 memory_pools on #开启内存池 memory_pools_limit 32 MB #限制内存池大小为32MB forwarded_for on #开启转发 log_icp_queries off #关闭icp查询日志 forward_timeout 20 seconds #允许转发超时20秒 connect_timeout 30 seconds #连接到其他机器的最大尝试时间 read_timeout 3 minutes #允许读取超时3分钟 request_timeout 1 minutes #允许返回超时1分钟 persistent_request_timeout 30 seconds #允许持续连接超时30秒 client_lifetime 15 minutes #客户端会话保持 shutdown_lifetime 5 seconds negative_ttl 30 seconds #设置错误信息的生存时间 # 允许一个IP最大并发数为50 acl OverConnLimit maxconn 50 http_access deny OverConnLimit client_persistent_connections off #对客户端长连接KeepAlive这个参数的支持 server_persistent_connections on # 开启服务端的KeepAlive,web端要开启KeepAlive,不然这里打开是没用的 tcp_recv_bufsize 65535 bytes #TCP套接字接收缓冲区大小 half_closed_clients off #当客户与squid的连接处于半关闭状态时,允许squid立即关闭连接 via on #开启转发循环的检测 request_header_access via deny all #避免由于两台squid的主机名一样而返回403错误 httpd_suppress_version_string off #错误页面不显示squid的版本信息 ie_refresh off #是否允许对旧版本的IE浏览器强制刷新页面
/usr/local/squid/sbin/squid -N –z
/usr/local/squid/sbin/squid
配置lvs客户端模式~
#!/bin/bash
SNS_VIP=10.10.10.88
source /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0lnmp自动安装脚本,含有eaccelerator memcache组件
这个是完整的配置脚本,可以把mysql部分取消~
版本我选择的是
pcre-8.01.tar.gz, nginx-1.0.2.tar.gz, mysql-5.1.41.tar.gz, php-5.3.3.tar.bz2, memcache-2.2.5.tgz
#!/bin/sh
srcpath=/usr/src
apppath=/usr/local
sleep 5
if
[ $UID -ne 0 ];then
echo “This script must use administrator or root user ,please exit …….”
sleep 2
exit 1
fi
Download ()
{
cd $srcpath && wget http://blog.mgcrazy.com/download/{pcre-8.01.tar.gz,nginx-1.0.2.tar.gz,mysql-5.1.41.tar.gz,php-5.3.3.tar.bz2,memcache-2.2.5.tgz,php-fpm.conf,php.ini,nginx.conf,fcgi.conf,eaccelerator-0.9.6.1.tar.bz2} echo “THIS IS STARTING SHELL MAKE INSTALL SHELL ,PLEASE WAITING ………………………..”
sleep 2s
if [ $? -eq 0 ];then
echo -n “DownLoad Linux source packages End ,Please Waiting Install………………”
else
echo -n “Download Linux source packages Failed ,Please Check………………”
fi
}
Nginx_install ()
{
cd $srcpath && tar xzf pcre-8.01.tar.gz && cd pcre-8.01 && ./configure –prefix=$apppath/pcre && make &&make install
if
[ $? -eq 0 ];then
echo “This pcre make install end ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
else
echo “Pcre install failed ,please check install shell or system gcc configuration ,exiting ……….”
sleep 1s
exit 1
fi
echo “pcre install end ………..,please install nginx …………………”
useradd www ; cd $srcpath && tar xzf nginx-1.0.2.tar.gz && cd nginx-1.0.2 && ./configure –prefix=$apppath/nginx –with-http_stub_status_module –with-cc-opt=’-O3′ –with-cpu-opt=opteron –with-openssl=/usr/ –with-pcre=/usr/src/pcre-8.01 –user=www –group=www ; make ; make install
cp -r $srcpath/{nginx.conf,fcgi.conf} $apppath/nginx/conf/
if [ $? -eq 0 ];then
echo -n “Nginx Install success ………………”
else
echo -n “Nginx Install Failed ,Please Check………………”
exit 1
fi
echo “nginx install end …………………..,Next install mysql …………………………..”
}
Mysql_install ()
{
cd $srcpath && tar xzf mysql-5.1.41.tar.gz && cd mysql-5.1.41 && ./configure –prefix=$apppath/mysql/ –enable-assembler –with-extra-charsets=complex –enable-thread-safe-client –with-big-tables –with-readline –with-ssl –with-embedded-server –enable-local-infile –with-plugins=innobase && make &&make install
if [ $? -eq 0 ];then
echo -n “Mysql Install success ………………”
else
echo -n “Mysql Install Failed ,Please Check………………”
exit 1
fi
echo “init mysql server , ……….please waiting ………………………………….”
cd /usr/local/mysql && useradd mysql ; chown -R mysql:mysql /usr/local/mysql && /usr/local/mysql/bin/mysql_install_db –user=mysql && chown -R mysql:mysql var/
echo “Now install php ,please waiting………………………………….”
}
Php_install ()
{
yum clean all && yum install -y libevent* &&cd $srcpath &&tar jxvf php-5.3.3.tar.bz2 && cd php-5.3.3 && ./configure –prefix=$apppath/php5 –with-config-file-path=$apppath/php5/etc –with-mysql=$apppath/mysql –with-mysqli=$apppath/mysql/bin/mysql_config –with-iconv-dir=/usr/local –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-libxml-dir=/usr –enable-xml –disable-rpath –enable-discard-path –enable-safe-mode –enable-bcmath –enable-shmop –enable-sysvsem –enable-inline-optimization –with-curl –with-curlwrappers –enable-mbregex –enable-fpm –enable-sockets && make &&make install
if
[ $? -eq 0 ];then
echo “This PHP make install end ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
else
echo “This PHP failed ,please check install shell ,exiting ……….”
sleep 2s
echo “This PHP failed ,please check install shell ,exiting ……….” |mail -s “PHP make install failed” wgkgood@139.com
exit 2
fi
cp -r $srcpath/php.ini $apppath/php5/etc/
cp $srcpath/php-5.3.3/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm ;chmod o+x /etc/init.d/php-fpm
}
Eacce_install ()
{
echo “Now install eaccelerator …………….,please waiting……………………..”
cd /usr/src && tar jxvf eaccelerator-0.9.6.1.tar.bz2 && cd eaccelerator-0.9.6.1 && $apppath/php5/bin/phpize && ./configure –enable-eaccelerator=shared –with-php-config=$apppath/php5/bin/php-config &&make &&make test &&make install &&mkdir -p /tmp/eaccelerator && chmod 777 -R /tmp/eaccelerator
if
[ $? -eq 0 ];then
echo “Install eaccelerator success ”
else
echo “Install eaccelerator failed ,please check ………………………”
fi
}
Mem_install ()
{
###########now install memcached #######################
echo “next install memcached……………………………………..”
cd $srcpath && tar xzf memcache-2.2.5.tgz && cd memcache-2.2.5 && /usr/local/php5/bin/phpize && ./configure –prefix=$apppath/memcached –with-php-config=$apppath/php5/bin/php-config &&make &&make install
if
[ $? -eq 0 ];then
echo “Install Memcache success ”
else
echo “Install Memcache failed ,please check ………………………”
fi
}
EXIT ()
{
echo “Now not Install ,Please exit …………………..”
exit 0
}
PS3=”Please Select Install Linux Packages: ”
select option in Download Nginx_install Mysql_install Php_install Eacce_install Mem_install EXIT
do
$option
donememcached 缓存安装配置
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# Check if user is root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use root to install lnmp"
exit 1
fi
clear
cur_dir=$(pwd)
get_char()
{
SAVEDSTTY=`stty -g`
stty -echo
stty cbreak
dd if=/dev/tty bs=1count=1 2> /dev/null
stty -raw
stty echo
stty $SAVEDSTTY
}
echo ""
echo "Press any key to start install Memcached..."
char=`get_char`
printf "=========================== install memcached ======================\n"
wget -c http://soft.vpser.net/lib/libevent/libevent-2.0.13-stable.tar.gz tar zxvf libevent-2.0.13-stable.tar.gz
cd libevent-2.0.13-stable/
./configure --prefix=/usr/local/libevent
make&& make install
cd ../
ln -s /usr/local/libevent/lib/libevent-2.0.so.5 /lib/libevent-2.0.so.5
wget -c http://soft.vpser.net/web/memcached/memcached-1.4.7.tar.gz tar zxvf memcached-1.4.7.tar.gz
cd memcached-1.4.7/
./configure --prefix=/usr/local/memcached
make &&make install
cd ../
ln /usr/local/memcached/bin/memcached /usr/bin/memcached
cp conf/memcached-init /etc/init.d/memcached
chmod +x /etc/init.d/memcached
useradd -s /sbin/nologin nobody
if [ -s /etc/debian_version ]; then
update-rc.d -f memcached defaults
elif [ -s /etc/redhat-release ]; then
chkconfig --level 345 memcached on
fi
echo "Starting Memcached..."
/etc/init.d/memcached startmysql安装配置,已开启了indodb的支持
read mima wget -c http://soft.vpser.net/datebase/mysql/mysql-5.1.60.tar.gz tar -zxvf mysql-5.1.60.tar.gz cd mysql-5.1.60/ ./configure --prefix=/usr/local/mysql --with-extra-charsets=all --enable-thread-safe-client --enable-assembler --with-charset=utf8--with-plugins=max --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-innodb make && make install cd ../ groupadd mysql useradd -s /sbin/nologin -M -g mysql mysql cp -f /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf sed -i 's/skip-locking/skip-external-locking/g' /etc/my.cnf /usr/local/mysql/bin/mysql_install_db --user=mysql chown -R mysql /usr/local/mysql/var chgrp -R mysql /usr/local/mysql/. cp -f /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql chmod 755 /etc/init.d/mysql cat > /etc/ld.so.conf.d/mysql.conf<<EOF /usr/local/mysql/lib/mysql /usr/local/lib EOF ldconfig ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql ln -s /usr/local/mysql/include/mysql /usr/include/mysql /etc/init.d/mysql start ln -s /usr/local/mysql/bin/mysql /usr/bin/mysql ln -s /usr/local/mysql/bin/mysqldump /usr/bin/mysqldump ln -s /usr/local/mysql/bin/myisamchk /usr/bin/myisamchk /usr/local/mysql/bin/mysqladmin -u root password $mima /etc/init.d/mysql restart
mysql主从设置~~~~
(1)首先确保主从服务器上的Mysql版本相同 (2)在主服务器上,设置一个从数据库的账户,使用REPLICATION SLAVE赋予权限,如: mysql> GRANT REPLICATION SLAVE ON *.* TO 'slave001'@'10.10.10.59' IDENTIFIED BY '123123'; Query OK, 0 rows affected (0.13 sec) (3)修改主数据库的配置文件my.cnf,开启BINLOG,并设置server-id的值,修改之后必须重启Mysql服务 [mysqld] log-bin=mysql-bin binlog-ignore-db= mysql server-id=1 (4)之后可以得到主服务器当前二进制日志名和偏移量,这个操作的目的是为了在从数据库启动后,从这个点开始进行数据的恢复 mysql> show master status\G; *************************** 1. row *************************** File: mysql-bin.000003 Position: 243 Binlog_Do_DB: Binlog_Ignore_DB: 1 row in set (0.00 sec) (5)好了,现在可以停止主数据的的更新操作,并生成主数据库的备份,我们可以通过mysqldump到处数据到从数据库,当然了,你也可以直接用cp命令将数据文件复制到从数据库去 注意在导出数据之前先对主数据库进行READ LOCK,以保证数据的一致性 mysql> flush tables with read lock; Query OK, 0 rows affected (0.19 sec) 之后是mysqldump mysqldump -h127.0.0.1 -p3306 -uroot -p test > /home/chenyz/test.sql 最好在主数据库备份完毕,恢复写操作 mysql> unlock tables; Query OK, 0 rows affected (0.28 sec) (6)将刚才主数据备份的test.sql复制到从数据库,进行导入 (7)接着修改从数据库的my.cnf,增加server-id参数,指定复制使用的用户,主数据库服务器的ip,端口以及开始执行复制日志的文件和位置 [mysqld] server-id=2 log-bin=mysql-bin master-host =10.10.10.58 master-user=test master-pass=123123 master-port =3306 master-connect-retry=60 replicate-do-db =test (8)在从服务器上,启动slave进程 mysql> start slave; (9)在从服务器进行show salve status验证 mysql> SHOW SLAVE STATUS\G *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: localhost Master_User: root Master_Port: 3306 Connect_Retry: 3 Master_Log_File: mysql-bin.003 Read_Master_Log_Pos: 79 Relay_Log_File: gbichot-relay-bin.003 Relay_Log_Pos: 548 Relay_Master_Log_File: mysql-bin .003 Slave_IO_Running: Yes Slave_SQL_Running: Yes (10)好了,现在可以在我们的主服务器做一些更新的操作,然后在从服务器查看是否已经更新
本文出自 “峰云,就她了。” 博客,请务必保留此出处/article/4257226.html
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
- LVS+Keepalived+Squid+Nginx+MySQL主从 高性能集群架构配置
- Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
- [java] 微服务架构连载No2 搭建高性能集群Eureka配置中心
- Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
- LVS+Keepalived+Squid+Nginx+MySQL主从 高性能集群架构配置
- Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
- Lvs+Keepalived+Squid+Nginx+Mysql主从 高性能集群架构配置
- LVS+Keepalived+Squid+Nginx+MySQL主从 高性能集群架构配置
- mysql cluster 集群架构配置
- 高性能网站架构缓存——redis集群
- MySQL集群架构篇:MHA+MySQL-PROXY+LVS实现MySQL集群架构高可用/高性能-技术流ken
- 高性能缓存服务器Squid架构配置
- 高性能网站架构之负载均衡 Nginx+tomcat实现tomcat集群
- 从腾讯QQgame高性能服务器集群架构看“分而治之”与“自治”等分布式架构设计原则
- LVS+Keepalived+Squid+Nginx+MySQL主从高性能集群架构部署方案
- 基于IA架构高性能集群系统技术
- Linux系统架构(LB—HA集群)-HA集群配置
- Ubuntu下Mysql+drbd+heartbeat高性能服务集群配置