1. LAMP LNMP安装优化
2. mysql多实例安装、
3. memcache安装使用
4. keepalived高可用
5. nagios搭建
企业真实场景面试题
1.请描述http协议原理
2.描述http://www.baidu.com请求及看到页面的过程?
用户访问网站流程
①用户访问网站流程框架
②DNS解析原理
③tcp/ip三次握手
④http协议原理(www服务的请求过程)请求细节,报文细节
⑤大规模网站集群架构细节
⑥http协议原理
⑦tcp/ip四次挥手
dns:
递归:重复调用模块自身实现循环
迭代:是函数内某段代码实现循环
http协议:
超文本协议,
www服务
默认端口80
URL---网页地址
URI---网址 、邮箱地址
URL是URI的子集
静态网页
HTML格式的网页(可以包含图片、视频、JS、css)通常被称为“静态网页”
特点:开发者写什么,显示就是什么,一旦编写完成,就不会改变。
特征:①每个页面都有一个URL地址,一般以html形式为后缀,不含问好“?”“&”等特殊符号。
②没有数据库,网站制作和维护困难。
③解析快,性能效率高
静态网页的架构思想
在高并发、高访问量的场景下做架构优化,涉及的关键环节就是把动态网页转成静态网页,而不是直接请求数据库和动态服务器,并且可以把静态内容推送到前端缓存cdn中提供服务,这样就可以提升用户体验,节约服务器和维护成本。
动态网页资源
网页扩展名:asp aspx php jsp do cgi 等。
网页一般以数据技术为基础,大大降低了网站维护工作量
伪静态网页
作用:①让搜索引擎收录网站内容
②提升用户访问体验
③访问性能没有提升,并且转换伪静态会消耗资源,因此性能反而下降
网站流量度量术语*****
1.IP
-----独立IP数是衡量一个网站标准
2.pv
----页面浏览,,是网站访问页面数量的一个指标
pv具体度量方法是从客户浏览器发出一个web服务器的请求,web服务器接到这个请求后,将请求对应的一个网页发送给浏览器,就产生一个pv。
3.uv
同一台客户端(pc或移动端)访问网站被计算为一个访客,一个只算一次。
企业面试题:
1.描述从浏览器打开http://www.baidu.com地址回车发送请求到看到页面的过程?
Nginx
web服务软件
反向代理负载均衡
特点:
①可针对静态资源高速高并发访问缓存
②可使用反向代理加速,并且可进行数据缓存
③具有简单负载均衡、节点健康检查和容错功能
④支持远程FastCGI服务的缓存加速
⑤支持FastCGI、Uwsgi 、SCGI、Memcached加速和缓存
⑥支持SSL TLS SNI
⑦具有模块化的架构:过滤器包括gzip压缩、ranges支持、chunked响应、XSLT SSI及图像缩放功能
⑧支持异步网络IO事件模型
搭建Nginx
mkdir /application -p
mkdir -p /home/hao/tools
yum -y install openssl openssl-devel pcre-devel
useradd nginx -s /sbin/nologin -M
cd /home/hao/tools
http://nginx.org/en/download.html #下载安装包
tar -xf nginx-1.6.3.tar.gz
cd nginx-1.6.3
./configure --user=nginx --group=nginx --prefix=/application/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
/application/nginx/sbin/nginx -t #检查语法,
nginx: the configuration file /application/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx/conf/nginx.conf test is successful
/application/nginx/sbin/nginx #启动Nginx
测试:
ss -lntup|grep 80
lsof -i:80
wget 127.0.0.1
curl -I 127.0.0.1 nginx启动脚本
[root@www ~]# cat /etc/init.d/nginxd
#!/bin/bash
# chkconfig: 2345 40 85
# descirption: Start/Stop Nginx server
Path=/application/nginx/sbin
pid=/application/nginx/logs/nginx.pid
RETVAL=0
. /etc/init.d/functions
start(){
if [ ! -f $pid ];then
$Path/nginx
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "nginx is started" /bin/true
return $RETVAL
else
action "nginx is started" /bin/flase
return $RETVAL
fi
else
echo "nginx is running"
return 0
fi
}
stop(){
if [ -f $pid ];then
$Path/nginx -s stop
RETVAL=$?
if [ $RETVAL -eq 0 ];then
action "nginx is stopped" /bin/true
else
action "nginx is stopped" /bin/false
return $RETVAL
fi
else
echo "nginx is no running"
return $RETVAL
fi
}
case "$1" in
start)
start
RETVAL=$?
;;
stop)
stop
RETVAL=$?
;;
restart)
stop
sleep 1
start
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $RETVAL
基于域名访问配置:
egrep -v "#|^$" /application/nginx/conf/nginx.conf.default >/application/nginx/conf/nginx.conf
for i in www bbs blog;do mkdir -p /applocation/nginx/html/$i;echo "http://$i.xiaoxue.com" >/applocation/nginx/html/$i/index.html;cat /applocation/nginx/html/$i/index.html;done
[root@web02 nginx]# cat conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.xiaoxue.com;
location / {
root html/www;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name bbs.xiaoxue.com;
location / {
root html/bbs;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name blog.xiaoxue.com;
location / {
root html/blog;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
/application/nginx/sbin/nginx -t #检查语法,
nginx: the configuration file /application/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx/conf/nginx.conf test is successful
/application/nginx/sbin/nginx -s reload #平滑重启 重启Nginx后检测策略:
[root@web02 nginx]# cat conf/check_url.sh
#!/bin/bash
#author:lihao 2018/12/8 QQ:592654815
#+++++function split++++++++
. /etc/init.d/functions
function checkURL()
{
checkUrl=$1
echo 'check url start....'
judge=($(curl -I -s --connect-timeout 2 ${checkUrl} |head -1|tr "\r" "\n"))
if [[ "${judge[1]}" == '200' && "${judge[2]}" == 'OK' ]]
then
action "$checkUrl" /bin/true
else
action "$checkUrl" /bin/false
echo -n "retrying again....";sleep 3;
judgeagain=($(curl -I -s --connect-timeout 2 ${checkUrl} |head -1|tr "\r" "\n"))
if [[ "${judgeagain[1]}" == '200' && "${judgeagain[2]}" == 'OK' ]]
then
action "$judgeagain,retried again" /bin/true
else
action "$judgeagain,retried again" /bin/false
fi
fi
sleep 1;
}
#usage method
checkURL http://www.xiaoxue.com include模块
[root@web02 conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 server {
11 listen 80;
12 server_name www.xiaoxue.com;
13 location / {
14 root html/www;
15 index index.html index.htm;
16 }
17 error_page 500 502 503 504 /50x.html;
18 location = /50x.html {
19 root html;
20 }
21 }
22
23 server {
24 listen 80;
25 server_name bbs.xiaoxue.com;
26 location / {
27 root html/bbs;
28 index index.html index.htm;
29 }
30 error_page 500 502 503 504 /50x.html;
31 location = /50x.html {
32 root html;
33 }
34 }
35 server {
36 listen 80;
37 server_name blog.xiaoxue.com;
38 location / {
39 root html/blog;
40 index index.html index.htm;
41 }
42 error_page 500 502 503 504 /50x.html;
43 location = /50x.html {
44 root html;
45 }
46 }
47 } [root@web02 conf]# sed -n '10,21p' nginx.conf >extra/www.conf
[root@web02 conf]# sed -n '23,34p' nginx.conf >extra/bbs.conf
[root@web02 conf]# sed -n '35,46p' nginx.conf >extra/blog.conf
[root@web02 conf]# sed -i '10,46d' nginx.conf
[root@web02 conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 }
[root@web02 conf]# sed -e '10i include extra/www.conf;\ninclude extra/bbs.conf;\ninclude extra/blog.conf;' nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/www.conf;
include extra/bbs.conf;
include extra/blog.conf;
}
[root@web02 conf]# sed -i '10i include extra/www.conf;\ninclude extra/bbs.conf;\ninclude extra/blog.conf;' nginx.conf
[root@web02 conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 include extra/www.conf;
11 include extra/bbs.conf;
12 include extra/blog.conf;
13 } [root@web02 conf]# /application/nginx/sbin/nginx -t
nginx: the configuration file /application/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx/conf/nginx.conf test is successful
[root@web02 conf]# /application/nginx/sbin/nginx -s reload
[root@web02 conf]# curl -I www.xiaoxue.com
HTTP/1.1 200 OK
Server: nginx/1.6.3
Date: Sat, 08 Dec 2018 08:54:16 GMT
Content-Type: text/html
Content-Length: 23
Last-Modified: Sat, 08 Dec 2018 06:36:37 GMT
Connection: keep-alive
ETag: "5c0b6675-17"
Accept-Ranges: bytes
[root@web02 conf]# curl -I bbs.xiaoxue.com
Date: Sat, 08 Dec 2018 08:54:26 GMT
Last-Modified: Sat, 08 Dec 2018 06:55:13 GMT
ETag: "5c0b6ad1-17"
[root@web02 conf]# curl -I blog.xiaoxue.com
Date: Sat, 08 Dec 2018 08:54:34 GMT
Content-Length: 24
st-Modified: Sat, 08 Dec 2018 06:55:41 GMT
ETag: "5c0b6aed-18"
### 创建多别名 [root@web02 conf]# curl blog.xiaoxue.com
http://blog.xiaoxue.com
[root@web02 conf]# vim extra/www.conf
1 server {
2 listen 80;
3 server_name www.xiaoxue.com xiaoxue.com;
4 location / {
5 root html/www;
6 index index.html index.htm;
7 }
8 error_page 500 502 503 504 /50x.html;
9 location = /50x.html {
10 root html;
1 }
12 }
"extra/www.conf" 12L, 310C 已写入
[root@web02 conf]# curl xiaoxue.com
curl: (7) couldn't connect to host
[root@web02 conf]# vim /etc/hosts
1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdom
ain4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdom
ain6
3 172.16.10.22 mba
4 172.16.10.10 backup
5 172.16.10.30 www.xiaoxue.com bbs.xiaoxue.com blog.xiaoxue.com xiaoxue.com
6 172.16.10.40 nfs
7
8
9
10
"/etc/hosts" 12L, 346C 已写入
[root@web02 conf]# ping xiaoxue.com
PING www.xiaoxue.com (172.16.10.30) 56(84) bytes of data.
64 bytes from www.xiaoxue.com (172.16.10.30): icmp_seq=1 ttl=64 time=0.067 ms
64 bytes from www.xiaoxue.com (172.16.10.30): icmp_seq=2 ttl=64 time=0.044 ms
^C
--- www.xiaoxue.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1928ms
rtt min/avg/max/mdev = 0.044/0.055/0.067/0.013 ms
[root@web02 conf]# curl xiaoxue.com
http://www.xiaoxue.com
### nginx状态信息功能 [root@bogon nginx]# cat conf/extra/status.conf
##status
server {
listen 80;
server_name status.xiaoxue.com;
location / {
stub_status on;
access_log off;
allow 172.16.10.0/24; #允许那个网段访问
deny all; #拒绝所有
}
}
sed -i '13i include extra/status.conf;' conf/nginx.conf ###插入
检查语法重启Nginx
日志
错误日志:/application/nginx/logs/error.log
[root@bogon logs]# cat ../conf/nginx.conf
worker_processes 1;
error_log logs/error.log;
events {
worker_connections 1024;
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'; #日志格式
sendfile on;
keepalive_timeout 65;
include extra/www.conf;
include extra/bbs.conf;
include extra/blog.conf;
include extra/status.conf;
access.log 测试
www.conf配置:
erver {
server_name www.xiaoxue.com xiaoxue.com;
root html/www;
index index.html index.htm;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
access_log logs/access_www.log main;
### 日志切割脚本:
实现切割Nginx日志的思想为将正在写入的Nginx日志(access_www.log)改名为带日期的格式文件,然后平滑重启,生成新的日志文件(access_www.log),
再通过定时任务每天00点执行一次 [root@bogon scripts]# cat cut_nginx_log.sh
#!/bin/bash
Dateformat=
date +%Y%m%d
Basedir="/application/nginx"
Nginxlogdir="$Basedir/logs"
Logname="accesswww"
[ -d $Nginxlogdir ] && cd $Nginxlogdir||exit 1
[ -f ${Logname}.log ] || exit 1
/bin/mv ${Logname}.log ${Dateformat}${Logname}.log ||exit 1
$Basedir/sbin/nginx -s reload
cat >>/vat/spool/cron/root <<EOF
#cut nginx access.log by hao
00 00 * /bin/sh /server/scripts/cut_nginx_log.sh >/dev/null 2>&1
EOF
Nginx location [root@bogon extra]# cat www.conf server { listen 80; server_name www.xiaoxue.com xiaoxue.com; root html/www; location / { return 401; }
location = / {
return 402;
}
location /documents/ {
return 403;
}
location ^~ /images/ {
return 404;
}
location ~* \.(gif|jpg|jpeg)$ {
return 500;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
access_log logs/access_www.log main; [root@bogon extra]# /application/nginx/sbin/nginx -t
[root@bogon extra]# /application/nginx/sbin/nginx
[root@bogon extra]# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 1261 root 7u IPv4 9695 0t0 TCP :http (LISTEN)
nginx 1262 nginx 7u IPv4 9695 0t0 TCP :http (LISTEN)
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com
402
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/index.html
401
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/documents/document.html
403
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/images/1.gif
404
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/images/1.jpg
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/documents/1.jpg
500
[root@bogon extra]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.xiaoxue.com/hao
Nginx rewrite
[root@bogon extra]# cat www.conf
###
server {
listen 80;
server_name xiaoxue.com;
rewrite ^/(.*) http://www.xiaoxue.com/$1 permanent;
}
server {
listen 80;
server_name www.xiaoxue.com xiaoxue.com;
location / {
root html/www;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
access_log logs/access_www.log main;
}
不同域名URL跳转
[root@bogon extra]# cat blog.conf
server {
listen 80;
server_name blog.xiaoxue.com;
location / {
root html/blog;
index index.html index.htm;
}
if ($http_host ~* "^(.*)\.xiaoxue\.com$") {
set $domain $1;
rewrite ^/(.*) http://www.xiaoxue.com/$domain/lihao.html break;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
创建访问账号密码
[root@www extra]# cat www.conf
###
server {
listen 80;
server_name xiaoxue.com;
rewrite ^/(.*) http://www.xiaoxue.com/$1 permanent;
}
server {
listen 80;
server_name www.xiaoxue.com xiaoxue.com;
location / {
root html/www;
index index.html index.htm;
auth_basic "xiaoxue training";
auth_basic_user_file /application/nginx/conf/htpasswd;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
access_log logs/access_www.log main;
}
[root@www ~]# htpasswd -bc /application/nginx/conf/htpasswd xiaoxue 123
Adding password for user xiaoxue
[root@www ~]# chmod 400 /application/nginx/conf/htpasswd
[root@www ~]# chown nginx /application/nginx/conf/htpasswd
[root@www ~]# ll /application/nginx/conf/htpasswd
-r-------- 1 nginx root 22 12月 13 20:13 /application/nginx/conf/htpasswd
[root@www ~]# cat /application/nginx/conf/htpasswd
xiaoxue:a4P8TcgI1Jzyo #密码加密的 安装LAMP脚本
https://www.zybuluo.com/q8517220/note/1366655
select user,host from mysql.user;
drop user "root"@"::1";
drop user ""@"localhost";
drop user ""@"www";
drop user "root"@"localhost";
drop user ""@"MySQL";
delete from mysql.user where user=' ' and host='MySQL';
drop database test;
初始数据库简单优化
PHP搭建
FastCGI:是一个可伸缩地、高速地在HTTP服务器和动态脚本语言通信的接口(Linux下fastcgi即为socket)。优点:把动态语言和HTTP服务器分离开来。
重要特点:
①HTTP服务器和动态脚本语言间通信的接口或工具。
②可把动态语言解析和http服务器分离开。
③Nginx、Apache、Lighttpd,以及多数动态语言都支持FastCGI.
④FastCGI接口方式采用C/S结构
⑤PHP动态语言服务器端可以启动多个FastCGI的守护进程(例如php-fpm mangement)
⑥http服务器通过(例如Nginx fastcgi_pass)FastCGI客户端和动态语言FastCGI服务器端通信(例如php-fpm)
安装lib软件包
[root@www ~]# rpm -qa freetype-devel linpng-devel gd-devel libcurl-devel libxslt-devel
[root@www ~]# rpm -qa zlib-devel libxm12-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel
安装libiconv庫
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
tar -xf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv
make && make install
安装libmcryt庫
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
yum -y install libmcrypt-devel
安装mhash #加密扩展库
yum -y install mhash
yum -y install mcrypt
安装PHP
http://cn.php.net/downloads.php
[root@www tools]# rz
rz waiting to receive.
zmodem trl+C ȡ
100% 16750 KB 16750 KB/s 00:00:01 0 Errors [root@www tools]# tar -xf php-5.5.20.tar.gz
[root@www tools]# cd php-5.5.20
[root@www php-5.5.20]#ln -s /application/mysql/lib/libmysqlclient.so.18 /usr/lib64/
[root@www php-5.5.20]#touch ext/phar/phar.phar
[root@www php-5.5.20]# ./configure --prefix=/application/php5.5.20 --with-mysql=/application/mysql --with-xmlrpc --with-openssl --with-zlib --with-freetype-dir --with-gd --with-jpeg-dir --with-png-dir --with-iconv=/usr/local/libiconv --enable-short-tags --enable-sockets --enable-zend-multibyte --enable-soap --enable-mbstring --enable-static --enable-gd-native-ttf --with-curl --with-xsl --enable-ftp --with-libxml-dir --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx
[root@www php-5.5.20]#make && make install
[root@www php-5.5.20]# ln -s /application/php5.5.20/ /application/php
[root@www php-5.5.20]# ls -l /application/php
lrwxrwxrwx 1 root root 23 12月 15 16:35 /application/php -> /application/php5.5.20/
[root@www php-5.5.20]# ls php.ini*
php.ini-development php.ini-production
[root@www php-5.5.20]# cp php.ini-production /application/php/lib/php.ini
[root@www php-5.5.20]# ll /application/php/lib/php.ini
-rw-r--r-- 1 root root 69266 12月 15 17:24 /application/php/lib/php.ini
[root@www php-5.5.20]# cd /application/php/etc/
[root@www etc]# ls
pear.conf php-fpm.conf.default
[root@www etc]# cp php-fpm.conf.default php-fpm.conf
[root@www etc]# /application/php/sbin/php-fpm
[root@www etc]# ps -ef|grep php-fpm
root 47187 1 0 17:25 ? 00:00:00 php-fpm: master process (/application/php5.5.20/etc/php-fpm.conf)
nobody 47188 47187 0 17:25 ? 00:00:00 php-fpm: pool www
nobody 47189 47187 0 17:25 ? 00:00:00 php-fpm: pool www
root 47193 1486 0 17:25 pts/0 00:00:00 grep php-fpm
[root@www etc]# lsof -i:9000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
php-fpm 47187 root 7u IPv4 212016 0t0 TCP localhost:cslistener (LISTEN)
php-fpm 47188 nobody 0u IPv4 212016 0t0 TCP localhost:cslistener (LISTEN)
php-fpm 47189 nobody 0u IPv4 212016 0t0 TCP localhost:cslistener (LISTEN)
[root@www conf]# cp nginx.conf nginx.conf.02
[root@www conf]# cat nginx.conf
'"$http_user_agent" "$http_x_forwarded_for"';
[root@www conf]# vim extra/blog.conf
server_name blog.xiaoxue.com;
root html/blog;
location ~ .*.(php|php5)?$ {
root html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
if ($http_host ~* "^(.*)\.xiaoxue\.com$") {
set $domain $1;
rewrite ^/(.*) http://www.xiaoxue.com/$domain/lihao.html break;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
} "extra/blog.conf" 23L, 574C 已写入
[root@www conf]# /application/nginx/sbin/nginx -t
nginx: [warn] conflicting server name "xiaoxue.com" on 0.0.0.0:80, ignored
[root@www conf]# /application/nginx/sbin/nginx -s reload
[root@www conf]# cd /application/nginx/html/blog/
[root@www blog]# ls
index.html
[root@www blog]# echo "<?php phpinfo(); ?>" >test_info.php
[root@www blog]# cat test_info.php
<?php phpinfo(); ?>
http://blog.xiaoxue.com/test_info.php #浏览器访问测试
## 创建一个WordPress
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
mysql> show databases like 'wordpress';
+----------------------+
| Database (wordpress) |
+----------------------+
| wordpress |
+----------------------+
1 row in set (0.00 sec)
mysql>grant all on wordpress.* to wordpress@'localhost' identified by '123456';
mysql> show grants for wordpress@'localhost';
+------------------------------------------------------------------------------------------------------------------+
| Grants for wordpress@localhost |
+------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'wordpress'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' |
| GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wordpress'@'localhost' |
+------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> select user,host from mysql.user
-> ;
+-----------+-----------+
| user | host |
+-----------+-----------+
| root | 127.0.0.1 |
| root | localhost |
| wordpress | localhost |
+-----------+-----------+
3 rows in set (0.01 sec)
mysql> quit
Bye
下载WordPress地址:www.wordpress.org
[root@www blog]# pwd
/application/nginx/html/blog
[root@www blog]#tar xf wordpress-4. #解压
[root@www blog]#mv wordpress/* .
[root@www blog]#chown -R nginx.nginx ../blog/
打开浏览器输入blog.xiaoxue.com ,回车(提前做好host或DNS解析)
[root@www blog]# cat /application/nginx/conf/extra/blog.conf
server {
listen 80;
server_name blog.xiaoxue.com;
location / {
root html/blog;
index index.php index.html index.htm;
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
}
location ~ .*\.(php|php5)?$ {
root html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
} if ($http_host ~ "^(.).xiaoxue.com$") {
set $domain $1;
rewrite ^/(.*) http://www.xiaoxue.com/$domain/lihao.html break;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
} [root@www blog]# /application/nginx/sbin/nginx -t
[root@www blog]# /application/nginx/sbin/nginx -s reload
## PHP缓存优化
在LNMP启动独立的FCGI即php-fpm进程
流程:
[root@www ~]# echo 'export LC_ALL=C'>>/etc/profile #配置变量
[root@www ~]# tail -1 /etc/profile
export LC_ALL=C
[root@www ~]# source /etc/profile
下载xcache软件
http://xcache.lighttpd.net/wiki/Release-3.2.0 #下载xcache软件
tar -xf xcache-3.2.0.tar.bz2
cd xcache-3.2.0
/application/php/bin/phpize
./configure --enable-xcache --with-php-config=/application/php/bin/php-config
make && make install && echo $?
[root@www xcache-3.2.0]# ls -l /application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/
total 2208
-rwxr-xr-x 1 root root 1022028 Dec 15 17:20 opcache.a
-rwxr-xr-x 1 root root 538243 Dec 15 17:20 opcache.so
-rwxr-xr-x 1 root root 694804 Dec 16 15:33 xcache.so
ZendOpcache下载地址
http://pecl.php.net/package/ZendOpcache ###ZendOpcache下载地址
wget -q http://pecl.php.net/get/zendopcache-7.0.5.tgz
[root@www tools]# tar -xf zendopcache-7.0.5.tgz
[root@www tools]# cd zendopcache-7.0.5
[root@www zendopcache-7.0.5]# /application/php/bin/phpize
Configuring for:
PHP Api Version: 20121113
Zend Module Api No: 20121212
Zend Extension Api No: 220121212
[root@www zendopcache-7.0.5]# ./configure --enable-opcache --with-php-config=/application/php/bin/php-config
Memcached 安装
http://pecl.php.net/package/memcache ###下载地址
[root@www tools]# wget -q http://pecl.php.net/get/memcache-2.2.7.tgz
[root@www tools]# tar -xf memcache-2.2.7.tgz
[root@www tools]# cd memcache-2.2.7
[root@www memcache-2.2.7]# /application/php/bin/phpize
[root@www memcache-2.2.7]# ./configure --enable-mencache --with-php-config=/application/php/bin/php-config
[root@www tools]# ls -l /application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/
total 2468
-rwxr-xr-x 1 root root 258080 Dec 16 16:16 memcache.so
-rwxr-xr-x 1 root root 543241 Dec 16 16:07 opcache.so
安装PDO_MYSQL扩展插件
[root@www tools]# wget -q http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
[root@www tools]# tar -xf PDO_MYSQL-1.0.2.tgz
[root@www tools]# cd PDO_MYSQL-1.0.2
[root@www PDO_MYSQL-1.0.2]# /application/php/bin/phpize
[root@www PDO_MYSQL-1.0.2]# ./configure --with-php-config=/application/php/bin/php-config --with-pdo-mysql=/application/mysql
make
make install
[root@www PDO_MYSQL-1.0.2]# ls -l /application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/
total 2624
-rwxr-xr-x 1 root root 156964 Dec 16 16:44 pdo_mysql.so
-rwxr-xr-x 1 root root 694804 Dec 16 15:33 xcache.so
make 报错
In file included from /home/hao/tools/PDO_MYSQL-1.0.2/pdo_mysql.c:31:
/home/hao/tools/PDO_MYSQL-1.0.2/php_pdo_mysql_int.h:25:19: error: mysql.h: No such file or directory
/home/hao/tools/PDO_MYSQL-1.0.2/php_pdo_mysql_int.h:36: error: expected specifier-qualifier-list before 'MYSQL'
/home/hao/tools/PDO_MYSQL-1.0.2/php_pdo_mysql_int.h:48: error: expected specifier-qualifier-list before 'MYSQL_FIELD'
/home/hao/tools/PDO_MYSQL-1.0.2/php_pdo_mysql_int.h:53: error: expected specifier-qualifier-list before 'MYSQL_RES'
make: ** [pdo_mysql.lo] Error 1
解决方法:
[root@www PDO_MYSQL-1.0.2]# ln -s /application/mysql-5.5.32/include/ /usr/local/include/
下载imagemagick :
https://www.imagemagick.org/download/releases/?C=M;O=A
tar 解压
make
下载imagick
http://pecl.php.net/package/imagick
PHP5.5版本要3.12版本额
上传,解压(套路同上)
[root@www imagick-3.1.2]# /application/php/bin/phpize
[root@www imagick-3.1.2]# ./configure --with-php-config=/application/php/bin/php-config
[root@www imagick-3.1.2]# ll /application/php/lib/php/extensions/no-debug-non-zts-20121212/
total 3696
-rwxr-xr-x 1 root root 1096728 Dec 16 17:39 imagick.so
-
with-config-file-path = / application / php5.5.20 / etc''
需要将lib/php.ini复制一份到 / application / php5.5.20/etc/php.ini
cat >>/application/php/lib/php.ini<<EOF
extension = memcache.so
extension = pdo_mysql.so
extension = imagick.so
检查是否存在:
[root@bogon ~]# tail -5 /application/php/lib/php.ini
; tab-width: 4
; End:
[root@bogon ~]# sed -i 's#; extension_dir = "./"#extension_dir = "/application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/"#g' /application/php/lib/php.ini
[root@bogon ~]# grep extension_dir /application/php/lib/php.ini
extension_dir = "/application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/
; extension_dir = "ext"
; Be sure to appropriately set the extension_dir directive.
;sqlite3.extension_dir =
pkill php-fpm
/application/php/sbin/php-fpm
xcache加速
修改:
[xcache-common]vim /home/hao/tools/xcache-3.2.0/xcache.ini
xcache.size = 256M
xcache.count = 2
xcache.ttl = 86400
xcache.gc_interval = 3600
xcache.var_size = 64M
cat /home/hao/tools/xcache-3.2.0/xcache.ini >>/application/php/lib/php.ini
extension = xcache.so
[xcache.admin]
xcache.admin.enable_auth = On
xcache.admin.user = "mOo"
xcache.admin.pass = "md5 encrypted password"
[xcache]
xcache.shm_scheme = "mmap"
xcache.slots = 8K
xcache.var_count = 1
xcache.var_slots = 8K
xcache.var_ttl = 0
xcache.var_maxttl = 0
[root@bogon lib]# echo -n "123456"|md5sum
e10adc3949ba59abbe56e057f20f883e -
修改php.ini文件
1953 xcache.admin.user = "lihao"
1954 xcache.admin.pass = "e10adc3949ba59abbe56e057f20f883e"
ngnix 优化
隐藏版本号:
在Nginx.cof文件中的http标签段内加入“server_tokens off;”
[root@www conf]# curl -I www.xiaoxue.com
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Sat, 22 Dec 2018 08:09:58 GMT
Content-Length: 188
WWW-Authenticate: Basic realm="xiaoxue training
隐藏web软件名:
修改第一个文件nginx-1.6.3/src/core/nginx.h
修改第二个文件nginx-1.6.3/src/http/ngx_http_header_filter_module.c
grep -n 'Server: nginx' ngx_http_header_filter_module.c
49行 Server: nginx改成Server: OWS
[root@www http]# sed -i 's#Server: nginx#Server: OWS#g' ngx_http_header_filter_module.c
[root@www http]# pwd
/home/hao/tools/nginx-1.6.3/src/http
修改第三个文件:
/nginx-1.6.3/src/http/ngx_http_special_response.c
static u_char ngx_http_error_full_tail[] =
22 "<hr><center>" NGINX_VER " (http:oldboy.blog.51cto.com) </center>" CRLF
23 "</body>" CRLF
24 "</html>" CRLF
25 ;
28 static u_char ngx_http_error_tail[] =
29 "<hr><center>OWS</center>" CRLF
修改完成后重新编译Nginx
搭建服务器时,worker进程数=CPU的核数,高并发时,可以worker进程提高CPU核数*2
[root@bogon ~]# grep processor /proc/cpuinfo |wc -l
1 #表示1颗CPU1核
[root@bogon ~]# grep 'physical id' /proc/cpuinfo |sort|uniq -c|wc -l
0 #对physical id去重计数
[root@bogon ~]# grep worker_processes /application/nginx/conf/nginx.conf
worker_processes 4; #可修改
[root@bogon ~]# ps -ef |grep nginx |grep -v grep
root 1407 1 0 21:46 ? 00:00:00 nginx: master process /application/nginx/sbin/nginx
nginx 1409 1407 0 21:46 ? 00:00:00 nginx: worker process
nginx 1410 1407 0 21:46 ? 00:00:00 nginx: worker process
nginx 1411 1407 0 21:46 ? 00:00:00 nginx: worker process
nginx 1412 1407 0 21:46 ? 00:00:00 nginx: worker process
Nginx事件处理模型优化
Nginx使用epoll的I/O多路复用模型
events{
use epoll;
worker_connections 20000; #调整单个进程允许的客户端最大连接数
client_header_buffer_size 4k;
open_file_cache max=2000 inactive=60s;
open_file_cache_valid 60s;
open_file_cache_min_uses 1;
worker_rlimit_nofile 65535; #最大打开文件数
}
server模块:
fastcgi_cache ngx_fcgi_cache;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_users 1;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_cache_key http://$host$request_uri;
server_tokens off;
tcp_nodelay on;
client_header_timenout 15;
client_body_timenout 15;
send_timeout 15;
client_max_body_size 8m;
tcp_nopush on;
fastcgi_connect_timeout 240;
fastcgi_send_timeout 240;
fastcgi_read_timeout 240;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#fastcgi_temp_path /data/ngx_fcgi_tmp;
fastcgi_cache_path /data/ngx_fcgi_cache levels=2:2 keys_zone=ngx_fcgi_cache:512m inactive=1d max_size=40g;
nginx gzip功能:
①提升网站用户体验
②节约网站带宽成本
③被压缩的纯文本必须大于1KB,图片、视频(流媒体)等文件尽量不要压缩
Apache服务的mod_defalte
Nginx服务的ngx_http_gzip_module
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/xml text/css application/javascript;
gzip_vary on; Nginx日志优化与安全
Nginx access日志轮询
[root@bogon scripts]# cat cut_nginx_log.sh
#!/bin/bash
Dateformat=`date +%Y%m%d`
Basedir="/application/nginx"
Nginxlogdir="$Basedir/logs"
Logname="access_www"
[ -d $Nginxlogdir ] && cd $Nginxlogdir||exit 1
[ -f ${Logname}.log ] || exit 1
/bin/mv ${Logname}.log ${Dateformat}_${Logname}.log ||exit 1
$Basedir/sbin/nginx -s reload 然后加入定时任务,每天0点执行。
cat >>/var/spool/cron/root<<EOF
不记录不需要的访问日志:
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 10y;
root html/www;
access_log off;
}
设置logs权限
chown -R root.root /application/nginx/logs/
chmod -R 700 /application/nginx/logs/
利用Nginx配置禁止访问上传资源目录下的PHP SHEEL PERL PYTHON程序文件,这样用户即使上传了***文件也无法执行,从而加强了网站的安全
location ~ ^/images/.*\.(php|php5|sh|pl|py)$
{
deny all;
}
限制网站来源IP访问
例:禁止某目录让外界访问,但允许某IP访问该目录,且支持PHP解析
location ~ ^/hao/ {
allow 202.111.12.211;
deny all;
} 企业问题案例:Nginx做反向代理的时候可以限制客户端IP吗?
解答:可以,
方法2:
location / {
root html/www;
index index.html index.htm;
allow 172.16.10.30;
deny all;
auth_basic "xiaoxue training";
auth_basic_user_file /application/nginx/conf/htpasswd;
}
发现某域名恶意解析到公司的服务器IP,添加一下代码,若多个server则要多处添加
(header信息的host主机名字段非www.xiaoxue.com,就301跳转到www.xiaoxue.com)
server_name xiaoxue.com;
if ($host !~ ^www/.xiaoxue/.com$){
rewrite ^/(.*) http://www.xiaoxue.com/$1 permanent;
}
} 网站资源被盗链:
1.对IDC及cdn带宽做监控报警
2.每天上班重要任务,就是经常查看网站流量图,关注流量变化,关注异常流量。
3.对访问日志做分析,迅速丁文异常流量,并且和公司市场推广等保持较好的沟通,以便调度带宽和服务器资源,确保网站正常的访问体验。
利用referer针对扩展名rewrite,实现防盗链的Nginx配置nginx.conf
location ~* \.(gif|jpg|jpeg|png|bmp|swf|mp3|zip|rar|wmv)$
{
valid_referers none blocked *.xiaoxue.com xiaoxue.com;
if ($invalid_referer) {
rewrite ^/ http://www.xiaoxue.com/img/nolink.jpg;
}
}
nginx 站点目录文件和目录权限优化
防爬虫:
##Block download agents ##
阻止下载协议代理
if ($http_user_agent ~ LWP::Simple|BBBike|wget) {
return 403;
测试禁止不同的浏览器软件访问
if ($http_user_agent ~ "Firefox|MSIE") {
rewrite ^(.*) http://blog.xiaoxue.com/$1 permanent;
Nginx反向代理和负载均衡
为啥要集群?
1.高性能
2.价格有效性
3.可伸缩性
4.高可用性
5.透明性
6.可管理性
7.可编程
作用:
172.16.10.10---负载均衡器1
40---负载均衡器2
20--web01
30---web02
web1,2配置nginx.conf文件
[root@www conf]# cat nginx.conf
worker_processes 1;
error_log logs/error.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name bbs.xiaoxue.org;
location / {
root html/bbs;
index index.html index.htm;
}
access_log logs/access_bbs.log main;
}
server {
listen 80;
server_name www.xiaoxue.org;
location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
}
[root@www conf]# mkdir /application/nginx/html/{www,bbs}
[root@www conf]#for dir in www bbs;do echo "`ifconfig eth1|grep -o "172.16.10.[2030]."` $dir" >/application/nginx/html/$dir/index.html;done
[root@www conf]# for dir in www bbs;do cat /application/nginx/html/$dir/index.html;done
172.16.10.30 www #20的 IP这里就是20了
172.16.10.30 bbs 负载均衡器nginx.conf配置
[root@nfs conf]# cat nginx.conf
upstream www_server_pools {
server 172.16.10.20:80 weight=1;
server 172.16.10.30:80 weight=1;
}
server {
listen 80;
server_name www.xiaoxue.org;
location / {
proxy_pass http://www_server_pools; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
[root@nfs conf]# /application/nginx/sbin/nginx -t
[root@nfs conf]# /application/nginx/sbin/nginx -s reload
[root@nfs conf]# echo "172.16.10.40 www.xiaoxue.org" >>/etc/hosts
[root@nfs conf]# tail -1 /etc/hosts
172.16.10.40 www.xiaoxue.org
[root@nfs conf]# curl www.xiaoxue.org
172.16.10.20 bbs
172.16.10.30 bbs
upstream调度算法:
rr--轮询(静态调度算法)
wrr--权重轮询(静态调度算法)--weight
ip_hash--(静态调度算法)
fair--动态调度算法-----响应时间短优先分配
lease-conn---那个分发少就分配给谁
url-hash--根据请求URL分配
一致性hash--一般用于代理后端业务(squid,memcache),根据URI分配
根据URL的目录中来实现代理转发,实现动静分离
[root@www nginx]# cat conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream static_pools {
server 172.16.10.20:80 weight=1;
}
upstream upload_pools {
server 172.16.10.30:80 weight=1;
}
upstream default_pools {
server 172.16.10.50:80 weight=1;
}
server {
listen 80;
server_name www.xiaoxue.org;
location /static/ {
proxy_pass http://static_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /upload {
proxy_pass http://upload_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location / {
proxy_pass http://default_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
web01配置测试
[root@www ~]# cd /application/nginx/html/www/
[root@www www]# mkdir static
[root@www www]# echo static_pools >static/index.html
[root@www www]# curl www.xiaoxue.org/static/index.html
static_pools
web02 配置
root@www ~]# cd /application/nginx/html/www/
[root@www www]# mkdir upload
[root@www www]# echo upload_pools >upload/index.html
[root@www www]# curl www.xiaoxue.org/upload/index.html
upload_pools
web03 配置
[root@www www]# echo default_pools >index.html
[root@localhost www]# curl www.xiaoxue.org
default_pools
根据客户端设备(user-agent)来转发
upstream static_pools {
server 172.16.10.20:80 weight=1;
}
upstream upload_pools {
server 172.16.10.30:80 weight=1;
}
upstream default_pools {
server 172.16.10.50:80 weight=1;
}
server {
listen 80;
server_name www.xiaoxue.org;
location / {
if ($http_user_agent ~* "Edge") {
proxy_pass http://static_pools;
if ($http_user_agent ~* "Chrome")
{
proxy_pass http://upload_pools;
}
proxy_pass http://default_pools;
}
include proxy.conf;
} 根据文件扩展名实现代理转发
应用场景:如图片、视频访问静态地址池,PHP,JSP访问动态地址池
Nginx upstream_check_module模板
wget https://codeload.github.com/yaoweibin/nginx_upstream_check_module/zip/master
unzip master #unzip没有需要安装
patch -p1 < ../nginx_upstream_check_module-master/check_1.5.12+.patch
#patch 没有需要安装
./configure --user=nginx --group=nginx --prefix=/application/nginx --with-http_stub_status_module --with-http_ssl_module --add-module=../nginx_upstream_check_module-master/
make
mv /application/nginx/sbin/nginx{,.bak}
[root@www nginx-1.6.3]# cp ./objs/nginx /application/nginx/sbin/
/application/nginx/sbin/nginx -t #检查启动程序
#cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream static_pools {
server 172.16.10.20:80 weight=1;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
}
upstream upload_pools {
server 172.16.10.30:80 weight=1;
}
upstream default_pools {
server 172.16.10.50:80 weight=1;
}
server {
listen 80;
server_name www.xiaoxue.org;
location / {
if ($http_user_agent ~* "Edge")
{
proxy_pass http://static_pools;
}
if ($http_user_agent ~* "Chrome")
{
proxy_pass http://upload_pools;
}
proxy_pass http://default_pools;
}
include proxy.conf;
location /status {
check_status;
}
#location /upload {
# proxy_pass http://upload_pools;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
# location / {
# proxy_pass http://default_pools;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
}
}
keepalived高可用
VRRP---虚拟路由冗余协议,为了解决静态路由的单点故障问题,通过竞选机制来将路由的任务交给某台vrrp路由器
主节点配置:
yum -y install keepalived
[root@www ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 10
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.10.100/24 dev eth1 label eth1:1
}
}
[root@www~]#ip add|grep 172.16.10.100
inet 172.16.10.100/24 scope global eth1:1
备节点配置:
[root@www ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.10.100/24 dev eth1 label eth1:1
}
}
[root@nfs ~]# ip add |grep 172.16.10.100
##是没有内容的,如果有,那就恭喜你出现脑裂了。
可能情况:①是否防火墙阻挡,网络是否同
②keepalived.conf配置错误,例如:virtual_router_id 这个和主要一样额
检测:
[root@www ~]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@www ~]# ip add|grep 172.16.10.100
[root@www ~]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@www ~]# ip add|grep 172.16.10.100
inet 172.16.10.100/24 scope global eth1:1
脑裂---两台主机抢占资源,造成数据不统一
脑裂解决方案:
①如果开启防火墙,一定要心跳消息通过,一般通过允许IP段的形式解决。
②可以拉一条以太网网线或者串口线作为主备节点心跳线路的冗余。
③开发监控程序通过监控软件检测脑裂。
双实例双主模式:
172.16.10.101为主,172.16.10.100为备 [root@nfs ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {br/>[email protected]
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
virtual_ipaddress {
172.16.10.100/24 dev eth1 label eth1:1
vrrp_instance VI_2 {
state MASTER
virtual_router_id 40
priority 150
172.16.10.101/24 dev eth1 label eth1:1
172.16.10.100为主,172.16.10.101为备
[root@www ~]# cat /etc/keepalived/keepalived.conf
router_id lb01
Nginx+keepalived
两台Nginx负载均衡器统一配置
[root@www ~]# vim /application/nginx/conf/nginx.conf
只是换个server ip换成VIP地址
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# upstream static_pools {
# server 172.16.10.20:80 weight=1;
# check interval=3000 rise=2 fall=5 timeout=1000 type=http;
# }
# upstream upload_pools {
# server 172.16.10.30:80 weight=1;
# }
upstream default_pools {
server 172.16.10.50:80 weight=1;
server 172.16.10.20:80 weight=1;
server 172.16.10.30:80 weight=1;
}
server {
listen 172.16.10.100:80;
server_name www.xiaoxue.org;
location / {
proxy_pass http://default_pools;
}
include proxy.conf;
location /status {
check_status;
}
#location /upload {
# proxy_pass http://upload_pools;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
# location / {
# proxy_pass http://default_pools;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
}
}
keepalived配置同上keepalived高可用 [root@nfs ~]# /application/nginx/sbin/nginx
nginx: [emerg] bind() to 172.16.10.100:80 failed (99: Cannot assign requested address) #报错
[root@nfs ~]#echo 'net.ipv4.ip_nonlocal_bind = 1' >> /etc/sysctl.conf
[root@nfs ~]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.ip_nonlocal_bind = 1
解决高可用服务只针对物理服务器的问题
[root@bogon ~]# cat /home/hao/scripts/check.nginx.shbr/>#!/bin/bash
#++++++++++++++++++++++++++
#author=lihao
#QQ=592654815
CONMAND=
ss -lntup|grep 80|wc -l
while true
do
if [ $CONMAND -eq 0 ];then
/etc/init.d/keepalived stop
fi
sleep 5
done
Nginx和keepalived都运行的时候再运行脚本
[root@bogon ~]# chmod +x /home/hao/scripts/check.nginx.sh
[root@bogon ~]# sh /home/hao/scripts/check.nginx.sh &
[1] 1101
[root@bogon ~]# ps -ef|grep check|grep -v grep
ot 1101 1056 0 21:19 pts/0 00:00:00 sh /home/hao/scripts/check.nginx.sh
解决多组keepalived组在同一局域网冲突问题
vim/etc/keepalived/keepalived.conf
router_id LVS_19
vrrp_mcast_group4 224.0.0.19
配置指定文件接收keepalived日志
[root@bogon ~]# sed -i 's#KEEPALIVED_OPTIONS="-D"#KEEPALIVED_OPTIONS="-D -d -S 0"#g' /etc/sysconfig/keepalived
vim /etc/rsyslog.conf #编辑这个文件
42行 .info;mail.none;authpriv.none;cron.none;local0.none /var/log
/messages
最后一行添加:
#keepalived
local0. /var/log/keepalived.log
[root@bogon ~]# /etc/init.d/rsyslog restart
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
[root@bogon ~]# /etc/init.d/keepalived restart
Stopping keepalived: [ OK ]
Starting keepalived: [ OK ]
[root@bogon ~]# tail /var/log/keepalived.log
Feb 5 22:23:35 bogon Keepalived_vrrp[1780]: Netlink reflector reports IP fe80::20c:29ff:fecf:7b7 added
Feb 5 22:23:35 bogon Keepalived_vrrp[1780]: Netlink reflector reports IP fe80::20c:29ff:fecf:7c1 added
Feb 5 22:23:35 bogon Keepalived_vrrp[1780]: Registering Kernel netlink reflector
Feb 5 22:23:35 bogon Keepalived_vrrp[1780]: Registering Kernel netlink command channel
Feb 5 22:23:35 bogon Keepalived_vrrp[1780]: Registering gratuitous ARP shared channel
Feb 5 22:23:35 bogon Keepalived_healthcheckers[1779]: Netlink reflector reports IP 172.16.10.40 added
Feb 5 22:23:35 bogon Keepalived_healthcheckers[1779]: Netlink reflector reports IP fe80::20c:29ff:fecf:7b7 added
Feb 5 22:23:35 bogon Keepalived_healthcheckers[1779]: Netlink reflector reports IP fe80::20c:29ff:fecf:7c1 added
Feb 5 22:23:35 bogon Keepalived_healthcheckers[1779]: Registering Kernel netlink reflector
Feb 5 22:23:35 bogon Keepalived_healthcheckers[1779]: Registering Kernel netlink command channel
检测脑裂脚本:备节点运行
[root@bogon scripts]# cat check_split_brain.sh
lb01_vip=172.16.10.100
lb01_ip=172.16.10.10
ping -c 2 -w 3 $lb01_ip &>/dev/null
if [ $? -eq 0 -a
ip add|grep "$lb01_vip"|wc -l
-eq 1 ]
then
echo "ha is split brain.warning."
else
echo "ha is ok."
Memcached
可支持分布式集群
工作原理:
memcached是一套类似C/S模式架构的软件,在服务器端启动Memcached服务守护进程,可以监听本地的IP地址、端口号、并发访问连接数,以及分配了多少内存来处理客户端的请求。
Socket事件处理机制---采用是异步epoll/kqueue非阻塞I/O网络模型,实现方式基于异步的libevent事件单进程、单线程模式。使用libevent作为事件通知机制,应用程序端通过指定服务器的IP地址及端口,就可以连接Memcached服务进行通信。
memcached服务安装:
yum -y install libevent libevent-devel nc
rpm -qa libevent libevent-devel nc
yum -y install memcached
rpm -qa memcached
memcached-1.4.4-5.el6.x86_64
[root@bogon ~]# memcached -m 16m -p 11211 -d -u root -c 8192 #启动命令
[root@bogon ~]# lsof -i:11211
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
memcached 1239 root 26u IPv4 10174 0t0 TCP *:memcache (LISTEN)
memcached 1239 root 27u IPv6 10175 0t0 TCP *:memcache (LISTEN)
memcached 1239 root 28u IPv4 10178 0t0 UDP *:memcache
memcached 1239 root 29u IPv6 10179 0t0 UDP *:memcache
[root@bogon ~]# ps -ef|grep memcached|grep -v grep
root 1239 1 0 07:23 ? 00:00:00 memcached -m 16m -p 11211 -d -u root -c 8192
[root@bogon ~]# memcached -m 16m -p 11212 -d -u root -c 8192 #启动2个,支持多实例
[root@bogon ~]# ps -ef|grep memcached|grep -v grep
root 1239 1 0 07:23 ? 00:00:00 memcached -m 16m -p 11211 -d -u root -c 8192
root 1264 1 0 07:24 ? 00:00:00 memcached -m 16m -p 11212 -d -u root -c 8192
#加入开机启动
[root@bogon ~]# echo "/usr/bin/memcached -m 16m -p 11212 -d -u root -c 8192" >>/etc/rc.local
[root@bogon ~]# echo "/usr/bin/memcached -m 16m -p 11211 -d -u root -c 8192" >>/etc/rc.local
[root@bogon ~]# tail -2 /etc/rc.local
tail: 无法使用 inotify 机制,回归为 polling 机制
/usr/bin/memcached -m 16m -p 11212 -d -u root -c 8192
/usr/bin/memcached -m 16m -p 11211 -d -u root -c 8192
向memcached中写入数据
[root@bogon ~]# printf "set key1 0 0 6\r\noldboy\r\n"|nc 127.0.0.1 11211
STORED
向memcached中读取数据
root@bogon ~]# printf "get key1\r\n"|nc 127.0.0.1 11211
VALUE key1 0 6
oldboy #读取到的key1数据
END
memcached中删除数据
[root@bogon ~]# printf "delete key1\r\n"|nc 127.0.0.1 11211
DELETED
[root@bogon ~]# printf "get key1\r\n"|nc 127.0.0.1 11211
END
另一种方法
[root@bogon ~]# telnet 127.0.0.1 11211
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
set user01 0 0 7
oldgirl
STORED
get user01
VALUE user01 0 7
oldgirl
END
delete user01
DELETED
get user01
END
quit
Connection closed by foreign host.
关闭memcached: killall 或pkill memcached
多实例的话会被全部干掉,so指定pid,kill pid
[root@bogon ~]# memcached -m 16m -p 11211 -d -u root -c 8192 -P /var/run/11211.pid
[root@bogon ~]# memcached -m 16m -p 11212 -d -u root -c 8192 -P /var/run/11212.pid
[root@bogon ~]# ps -ef |grep memcached|grep -v grep root 1363 1 0 07:54 ? 00:00:00 memcached -m 16m -p 11211 -d -u root -c 8192 -P /var/run/11211.pid
root 1385 1 0 07:55 ? 00:00:00 memcached -m 16m -p 11212 -d -u root -c 8192 -P /var/run/11212.pid
memcached客户端
Memcached 安装
[root@web02 lib]# tail -2 /application/php/lib/php.ini
extension_dir = "/application/php5.5.20/lib/php/extensions/no-debug-non-zts-20121212/"
extension=memcache.so
[root@web03 lib]# pkill php-fpm
[root@web03 lib]# ps -ef |grep php-fpm|grep -v grep
[root@web03 lib]# /application/php/sbin/php-fpm
[root@web03 lib]# ps -ef |grep php-fpm|grep -v grep
root 1685 1 0 09:35 ? 00:00:00 php-fpm: master process (/application/php5.5.20/etc/php-fpm.conf)
nobody 1686 1685 0 09:35 ? 00:00:00 php-fpm: pool www
nobody 1687 1685 0 09:35 ? 00:00:00 php-fpm: pool www
[root@web02 www]# cat op_mem.php
<?php
$memcache = new Memcache;
$memcache->connect('172.16.10.10',11211) or die ("Could not connect Mc server");
$memcache->set('key','oldboy book');
$get = $memcache->get('key');
echo $get;
?>
[root@web02 www]# /application/php/bin/php op_mem.php
oldboy book #表示连接成功 服务端监控脚本:
[root@web02 scripts]# cat mem_mc.sh
#!/bin/bash
export MemcachedIp=$1
export MemcachedPort=$2
export NcCmd="nc $MemcachedIp $MemcachedPort"
export MD5=68b329da9893e34099c7d8ad5cb9c940
USAGE() {
echo "$0 MemcachedIp $MemcachedPort"
exit 3
}
[ $# -ne 2 ] && USAGE
printf "set $MD5 0 0 3\r\nhao\r\n"|$NcCmd >/dev/null 2>&1
if [ $? -eq 0 ];then
if [ `printf "get $MD5\r\n|$NcCmd|grep hao|wc -l"` -eq 1 ];then
echo "Memcached status is ok"
printf "delete $MD5\r\n"|$NcCmd >/dev/null 2>&1
exit 0
else
echo "Memcached status is error."
exit 2
fi
else
echo "Could not connect Mc server"
exit 2
fi [root@www html]# sh /home/hao/scripts/mem_mc.sh 127.0.0.1 11211
Memcached status is ok
[root@www html]# pkill memcached
Could not connect Mc server
[root@www html]# printf "stats\r\n"|nc 127.0.0.1 11211 #查看信息
STAT pid 1207
STAT uptime 341
STAT time 1549504583
STAT version 1.4.4
STAT pointer_size 64
STAT rusage_user 0.000000
STAT rusage_system 0.027995
STAT curr_connections 10
STAT total_connections 15
STAT connection_structures 11
STAT cmd_get 2
STAT cmd_set 1
STAT cmd_flush 0
STAT get_hits 1
STAT get_misses 1
STAT delete_misses 0
STAT delete_hits 1
STAT incr_misses 0
STAT incr_hits 0
STAT decr_misses 0
STAT decr_hits 0
STAT cas_misses 0
STAT cas_hits 0
STAT cas_badval 0
STAT auth_cmds 0
STAT auth_errors 0
STAT bytes_read 59
STAT bytes_written 49
STAT limit_maxbytes 16777216
STAT accepting_conns 1
STAT listen_disabled_num 0
STAT threads 4
STAT conn_yields 0
STAT bytes 0
STAT curr_items 0
STAT total_items 1
STAT evictions 0
END
部署memadmin-1.0.12.tar.gz php工具
tar xf memadmin-1.0.12.tar.gz
mv memadmin /application/nginx/html/
网页浏览:http://172.16.10.10/memadmin
集群中session共享存储
nagios监控
服务端安装
echo 'export LC_ALL=C' >>/etc/profile
tail -1 /etc/profile
source /etc/profile
echo $LC_ALL
关闭iptables 和SElinux
做时间同步:
echo "*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1" >>/var/spool/cron/root
需要的软件包:
yum -y install gcc glibc glibc-common
yum -y install gd gd-devel
yum -y install httpd php php-gd mysql
#添加nagios,Apache用户,加入nagcmd用户组
/usr/sbin/useradd nagios
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache
cd /home/hao/tools/
wget https://sourceforge.net/projects/nagios/files/nagios-3.x/nagios-3.5.1/
tar xf nagios-3.5.1
cd nagios
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
htpasswd -bc /usr/local/nagios/etc/htpasswd.users lihao 123456 #设置登录nagios的账号密码
/etc/init.d/httpd reload
重启httpd服务
浏览http://172.16.10.60/nagios
#安装基础依赖包,插件
http://nagios-plugins.org/download/ #下载地址
yum -y install perl-devel openssl-devel
[root@localhost tools]# wget http://nagios-plugins.org/download/nagios-plugins-1.4.16.tar.gz
--2019-02-07 11:09:03-- http://nagios-plugins.org/download/nagios-plugins-1.4.16.tar.gz
Resolving nagios-plugins.org... 72.14.186.43
Connecting to nagios-plugins.org|72.14.186.43|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2087089 (2.0M) [application/x-gzip]
Saving to: `nagios-plugins-1.4.16.tar.gz'
100%[======================================>] 2,087,089 777K/s in 2.6s
2019-02-07 11:09:06 (777 KB/s) - `nagios-plugins-1.4.16.tar.gz' saved [2087089/2087089]
[root@localhost tools]# ls
nagios nagios-plugins-1.4.16.tar.gz
[root@localhost tools]# tar xf nagios-plugins-1.4.16.tar.gz
[root@localhost tools]# cd nagios-plugins-1.4.16
[root@localhost nagios-plugins-1.4.16]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules --with-mysql
make && make install
[root@localhost nagios-plugins-1.4.16]# ll /usr/local/nagios/libexec/|wc -l
58
安装nrpe软件
wget
https://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz
tar -xf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
ls /usr/local/nagios/libexec/check_nrpe
验证nagios配置文件语法:
[root@localhost ~]# /etc/init.d/nagios checkconfig
Running configuration check... OK.
[root@localhost ~]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Total Warnings: 0
Total Errors: 0 #表示正常
Things look okay - No serious problems were detected during the pre-flight check nagios客户端安装
安装依赖包: yum -y install gcc glibc glibc-common
yum -y install perl-devel perl-CPAN openssl-devel
[root@web03 nagios]# ls
nagios-plugins-1.4.16.tar.gz nrpe-2.12.tar.gz
添加用户
[root@web03 lib]# mkdir -p /home/hao/tools/nagios
[root@web03 lib]# cd /home/hao/tools/nagios
[root@web03 nagios]# useradd nagios -M -s /sbin/nologin
[root@web03 nagios]# id nagios
uid=894(nagios) gid=894(nagios) groups=894(nagios)
tar xf nagios-plugins-1.4.16.tar.gz
cd nagios-plugins-1.4.16
./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules --with-mysql
make && make install
[root@web03 nagios-plugins-1.4.16]# ll /usr/local/nagios/libexec/|wc -l
60
安装nrpe
ar xf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
yum -y install dos2unix*
[root@web03 ~]# sed -i 's#allowed_hosts=127.0.0.1#allowed_hosts=127.0.0.1,172.16.10.60#g' /usr/local/nagios/etc/nrpe.cfg
[root@web03 ~]# sed -n '79p' /usr/local/nagios/etc/nrpe.cfg allowed_hosts=127.0.0.1,172.16.10.60
[root@web03 ~]# /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
[root@web03 ~]# netstat -lntup|grep nrpe
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 16964/nrpe
#加入开机启动
root@web03 ~]# echo "/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d" >> /etc/rc.local
服务端配置
增加三行,注释一行
vim /usr/local/nagios/etc/nagios.cfg +34
34 cfg_file=/usr/local/nagios/etc/objects/hosts.cfg
35 cfg_file=/usr/local/nagios/etc/objects/services.cfg
36 cfg_dir=/usr/local/nagios/etc/objects/services
37 # Definitions for monitoring the local (Linux) host
38 #cfg_file=/usr/local/nagios/etc/objects/localhost.cfg
[root@localhost etc]# cd objects/
[root@localhost objects]# head -51 localhost.cfg >hosts.cfg
[root@localhost objects]# chown nagios.nagios /usr/local/nagios/etc/objects/hosts.cfg
[root@localhost objects]# touch services.cfg
[root@localhost objects]# chown nagios.nagios /usr/local/nagios/etc/objects/services.cfg
[root@localhost objects]# mkdir services
[root@localhost objects]# chown -R nagios.nagios services
[root@localhost objects]# ls -lrt
total 56
-rw-rw-r-- 1 nagios nagios 10812 Feb 6 17:12 templates.cfg
-rw-rw-r-- 1 nagios nagios 7716 Feb 6 17:12 commands.cfg
-rw-rw-r-- 1 nagios nagios 3208 Feb 6 17:12 timeperiods.cfg
-rw-rw-r-- 1 nagios nagios 5403 Feb 6 17:12 localhost.cfg
-rw-rw-r-- 1 nagios nagios 4019 Feb 6 17:12 windows.cfg
-rw-rw-r-- 1 nagios nagios 3124 Feb 6 17:12 printer.cfg
-rw-rw-r-- 1 nagios nagios 3293 Feb 6 17:12 switch.cfg
-rw-rw-r-- 1 nagios nagios 2169 Feb 6 17:28 contacts.cfg
-rw-r--r-- 1 nagios nagios 1870 Feb 7 13:56 hosts.cfg
-rw-r--r-- 1 nagios nagios 0 Feb 7 13:57 services.cfg
drwxr-xr-x 2 nagios nagios 4096 Feb 7 13:59 services
监控定义
max_check_attempts 3
normal_check_interval 2
retry_check_interval 2 check_period 24X7
notification_interval 300 notification_period 24X7
notification_options d,u,r
contact_groups admins
} PNP
yum -y install cairo pango zlib zlib-devel freetype freetype-devel gd gd-devel
yum -y install libart_lgpl libart_lgpl-devel
yum -y install rrdtool rrdtool-devel
yum install perl-Time-HiRes per-devel
wget https://sourceforge.net/projects/pnp4nagios/files/PNP/pnp-0.4.14/pnp-0.4.14.tar.gz
tar xf pnp-0.4.14.tar.gz
cd pnp-0.4.14
./configure --with-rrdtool --with-perfdata-dir=/usr/local/nagios/share/perfdata/
make all
make install
浏览172.16.10.60/nagios/pnp
修改配置nagios.cfg
vim /usr/local/nagios/etc/nagios.cfg
833 process_performance_data=1 #0改1
845 host_perfdata_command=process-host-perfdata #注释去掉
846 service_perfdata_command=process-service-perfdata #注释去掉
修改commands.cfg
[root@localhost pnp-0.4.14]# vim /usr/local/nagios/etc/objects/commands.cfg +227
229 command_name process-host-perfdata
230 command_line /usr/local/nagios/libexec/process_perfdata.pl
231 }
234 # 'process-service-perfdata' command definition
235 define command{
236 command_name process-service-perfdata
237 command_line /usr/local/nagios/libexec/process_perfdata.pl
238 }
239
240 #check_nrpe command definition
<r/local/nagios/etc/objects/commands.cfg" 244L, 7503C written
[root@localhost pnp-0.4.14]# /etc/init.d/nagios reload
Running configuration check...done.
Reloading nagios configuration...done
#添加两行
[root@localhost objects]# sed -n '154,177p' templates.cfg
name generic-service ; The 'name' of this service template
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
process_perf_data 1
parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
is_volatile 0 ; The service is not volatile
check_period 24x7 ; The service can be checked at any time of the day
max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state
normal_check_interval 10 ; Check the service every 10 minutes under normal conditions
retry_check_interval 2 ; Re-check the service every two minutes until a hard state can be determined
contact_groups admins ; Notifications get sent out to everyone in the 'admins' group
notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events
notification_interval 60 ; Re-notify about service problems every hour
notification_period 24x7 ; Notifications can be sent out at any time
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
action_url /nagios/pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$
[root@localhost objects]# /etc/init.d/nagios reload
Running configuration check...done.
Reloading nagios configuration...done
实现报警:
[root@localhost objects]# sed -n '28,37p' templates.cfg |sed -r 's#(.*);.*$#\1#g'
define contact{
name generic-contact
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r,f,s
host_notification_options d,u,r,f,s
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
register 0
}
配置报警邮箱
sed -n '35p' /usr/local/nagios/etc/objects/contacts.cfg
email [email protected] ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
[root@localhost nagios]# lsof -i:25
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
master 1140 root 12u IPv4 8976 0t0 TCP localhost:smtp (LISTEN)
master 1140 root 13u IPv6 8977 0t0 TCP localhost:smtp (LISTEN)
邮箱添加: [root@localhost nagios]# tail /etc/mail.rc
ignore mime-version content-transfer-encoding
#Only include selected header fields when forwarding messages.
fwdretain subject date from to
#For Linux and BSD, this should be set.
set bsdcompat
set [email protected] smtp="smtp.163.com"
set [email protected] smtp-auth-password=lihao520
set smtp-auth=login Apache安装优化
![Caffe训练MobileNet(一)前言1.Caffe的编译2.训练MobileNet[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)