Practical tutorial on online project configuration of Linux system cluster architecture (I): linux practice

Source: Internet
Author: User
Tags nginx reverse proxy

Practical tutorial on online project configuration of Linux system cluster architecture (I): linux practice

Project Overview

The entire project includes the following application projects:

1. User APP

2. Merchant APP

3. Business Platform management background

4. Business Management Background

5. Official Website

The overall project planning and design are as follows:

1. the user's APP is deployed in a JAVA environment and two servers are deployed in the initial environment to achieve load balancing and high availability. The front-end load uses nginx for load balancing.

2. The Merchant APP is deployed in a JAVA environment and two servers are deployed in the initial environment to achieve load balancing and high availability. The front-end load uses nginx for load balancing.

3. The business platform management background is deployed in a JAVA environment. A server is deployed in the initial environment, and nginx reverse proxy is used in the front end. The business traffic will expand in the future and the architecture will be expanded again.

4. The management background of the merchant platform is deployed in the JAVA environment. A server is deployed in the initial environment, and nginx reverse proxy is used in the front end. The business traffic will expand in the future and the architecture will be expanded again.

5. The official website uses some static pages and nginx deployment. The WEB Service also installs the FTP server and uploads some static Resources in the business management background.

6. The database uses the Mysql master-slave replication architecture, implements read/write sharing on the program, and enables binlog from the database for backup.

7. All backup data of the entire network is synchronized to the professional Intranet backup server, and all business backup data is retained for 30 days.

8. All server monitoring (basic monitoring and service monitoring) across the network adopts zabbix monitoring

The server IP address is planned as follows:

Server environment and application software version

Server Environment

[root@centos ~]# cat /etc/redhat-releaseCentOS release 6.8 (Final)[root@centos ~]# uname -r2.6.32-642.el6.x86_64

Application version

Nginx 1.12.1

Mysql 5.7.17

Jdk 1.8

Tomcat 8.5.9

Zabbian 3.0

Yum source 163, Alibaba Cloud, sohu domestic sources are available, choose your own

Redis 4.0.1

Server logic architecture

Configure the YUM source in China. Take 163 as an example.

[root@centos ~]# cd /etc/yum.repos.d/[root@centos yum.repos.d]# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo[root@centos yum.repos.d]# mv CentOS-Base.repo CentOS-Base.repo.bak[root@centos yum.repos.d]# mv CentOS6-Base-163.repo CentOS-Base.repo

Install required software packages

[root@centos ~]# yum install lsof vim telnet dos2unix lrzsz tree –y

Disable services that do not need to be started

[root@centos ~]#for service in chkconfig --list|grep 3:on|awk '{print $1}';do chkconfig —level 3 $service off;done[root@centos ~]#for service in crond network sshd rsyslog;do chkconfig —level 3 $service on;done[root@centos ~]# chkconfig —list|grep 3:on

Modify the default configuration of the SSH service

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.baksed -i ‘s%#Port 22%Port 2233%g’ /etc/ssh/sshd_configsed -i ‘s%#PermitRootLogin yes%PermitRootLogin no%g’ /etc/ssh/sshd_configsed -i ‘s%#PermitEmptyPasswors no%PermitEmptyPasswors no%g’ /etc/ssh/sshd_configsed -i ‘s%#UseDNS yes%UseDNS no%g’ /etc/ssh/sshd_configegrep “UseDNS|2233|RootLogin|EmptyPass” /etc/ssh/sshd_config/etc/init.d/sshd reload

Disable selinux

Configuration file/etc/selinux/config

sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g’ /etc/selinux/configegrep “SELINUX=” /etc/selinux/config

Disable Firewall

If the firewall is not directly disabled for an internet server, it is recommended that you enable the firewall if you have an Internet address and allow the relevant service ports. For a high-concurrency server, you do not need to enable the firewall, which may affect the performance.

/etc/invited/pintables stop/etc/invited/pintables statuspintables: Firewall is not running.

Lock key system files

for file in /etc/passed /etc/shadow /etc/services /etc/initial /etc/rc.localdochattr +i $filedone

Configure full-network server time synchronization

/usr/sbin/ntpdate time.windows.comcat>>/var/spool/cron/root<#this cron is for ntpdate/5 * /usr/sbin/ntpdate time.windows.com >/dev/null 2>&1#cron config endEOF

Configure the hosts file of the whole network server

Cat>>/etc/hosts<10.0.0.1 nginx-lb10.0.0.2 nginx-proxy10.0.0.3 nginx10.0.0.4 userapp10.0.0.5 sjapp10.0.0.6 admin10.0.0.7 shangjia10.0.0.8 web10.0.0.9 mysql-m10.0.0.10 mysql-s10.0.0.11 ftp-backup10.0.0.12 redis10.0.0.13 backup-server10.0.0.14 zabbixEOF

Standardize all server directories (the actual production environment is important)

[root@centos ~]# mkdir /download/tools/ -p[root@centos ~]# mkdir /app/logs -p[root@centos ~]# mkdir /app -p[root@centos ~]# mkdir /server/{scripts,backup} –p

Now the basic server Optimization Configuration is complete, and the next step is to install various services.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.