基于LNMP架构的分布式个人博客搭建

1.运行环境

|--------------------|--------------------|-----------|-------------|
| 主机 | 主机名 | 系统 | 服务 |
| 192.168.75.154 | Server-Web | Linux | Web |
| 192.168.75.155 | Server-NFS-DNS | Linux | NFS/DNS |

2.基础配置

配置主机名,静态IP地址

开启防火墙并配置

部分开启SElinux并配置

服务器之间使用同ntp.aliyun.com进行时间同步

服务器之间使用用ntp.aliyun.com进行时间同步

服务器之间实现SSH免密登录

3.业务需求

Server-NFS-DNS主机配置NFS服务器,将博客网站资源文件共享给Server-Web主机,Server-NFS-DNS主机配置DNS

Server-Web主机配置web服务,通过域名www.wp.com可以访问到自建的博客网站

4.准备工作

4.1配置静态IP

master端:

bash 复制代码
[root@master ~]# nmcli c modify ens32 ipv4.method manual  ipv4.addresses '192.168.75.154/24'  ipv4.gateway '192.168.75.2'  ipv4.dns  '114.114.114.114'
[root@master ~]# nmcli c reload
[root@master ~]# nmcli c up  ens32

node1端:

bash 复制代码
[root@node1 ~]# nmcli c modify ens32 ipv4.method manual  ipv4.addresses '192.168.75.155/24'  ipv4.gateway '192.168.75.2'  ipv4.dns  '114.114.114.114'
[root@node1 ~]# nmcli c reload
[root@node1 ~]# nmcli c up  ens32

4.2修改主机名及hosts映射

Server-Web端:

bash 复制代码
[root@master ~]# hostnamectl set-hostname Server-Web
[root@master ~]# bash
[root@Server-Web ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.75.154   Server-Web
192.168.75.155   Server-NFS-DNS

Server-NFS-DNS端:

bash 复制代码
[root@node1 ~]# hostnamectl set-hostname Server-NFS-DNS
[root@node1 ~]# bash
[root@Server-NFS-DNS ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.75.154  Server-Web
192.168.75.155  Server-NFS-DNS

4.3开启防火墙

Server-Web端:

bash 复制代码
[root@Server-Web ~]# systemctl enable --now firewalld
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

Server-NFS-DNS端:

bash 复制代码
[root@Server-NFS-DNS ~]# systemctl enable --now firewalld
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

4.4时间同步

Server-Web端:

bash 复制代码
[root@Server-Web ~]# vim /etc/chrony.conf    #修改第三行
server ntp.aliyun.com iburst
[root@Server-Web ~]# systemctl restart chronyd
[root@Server-Web ~]# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17     5  -5090us[-4621us] +/-   37ms
[root@Server-Web ~]# date
2025年 07月 27日 星期日 18:08:35 CST

Server-NFS-DNS端:

bash 复制代码
[root@Server-NFS-DNS ~]# vim /etc/chrony.conf 
server ntp.aliyun.com iburst
[root@Server-NFS-DNS ~]# systemctl restart chronyd
[root@Server-NFS-DNS ~]# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17     8    +16us[ +486us] +/-   31ms
[root@Server-NFS-DNS ~]# date
2025年 07月 27日 星期日 18:09:51 CST

4.5配置免密ssh登录

Server-Web端:

bash 复制代码
[root@Server-Web ~]# ssh-keygen -t rsa     #生成公钥私钥,一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:BmrsJaPrUhQnHAaRgjFFJA9Sg5Bpq3TtYBP1FSMaGQI root@Server-Web
The key's randomart image is:
+---[RSA 3072]----+
|%EXo.+o. +.      |
|OB+oo.+ o .      |
|o o+o...         |
| o.* o .         |
|o.o X . S        |
|. .+ = .         |
| .. .            |
|.  .             |
| oo              |
+----[SHA256]-----+
[root@Server-Web ~]# ssh-copy-id 192.168.75.155
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.75.155 (192.168.75.155)' can't be established.
ED25519 key fingerprint is SHA256:C956Oy13qc7K4u0BsOU0sFnkMCIITeWu/OG37KN/g8M.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes    #输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.75.155's password:                     #输入密码123

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.75.155'"
and check to make sure that only the key(s) you wanted were added.

[root@Server-Web ~]# ssh root@192.168.75.155
[root@Server-NFS-DNS ~]# 注销
Connection to 192.168.75.155 closed.
[root@Server-Web ~]# 

Server-NFS-DNS端:

bash 复制代码
[root@Server-NFS-DNS ~]# ssh-keygen -t rsa     #生成公钥私钥,一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:cEu+8trkEH2wKG3RRCVw7pKwfy2BTZopPTQdlZZdq/4 root@Server-NFS-DNS
The key's randomart image is:
+---[RSA 3072]----+
|      .o*oo+ ..  |
|       * o+ .  . |
|    . = O.    .  |
|     * ^ +   .   |
|    + # S . .    |
|     = + = .     |
|      + = . .    |
|       O .   .   |
|      ..+     E  |
+----[SHA256]-----+
[root@Server-NFS-DNS ~]# ssh-copy-id 192.168.75.154
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.75.154 (192.168.75.154)' can't be established.
ED25519 key fingerprint is SHA256:v5NN8DUNHZVB+SwY/sB92f4DQshbsJAV58mz9TMbCb4.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes   #输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.75.154's password:             #输入密码123

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.75.154'"
and check to make sure that only the key(s) you wanted were added.

[root@Server-NFS-DNS ~]# ssh root@192.168.75.154
[root@Server-Web ~]# 注销
Connection to 192.168.75.154 closed.
[root@Server-NFS-DNS ~]# 

5.环境搭建

5.1Server-Web端安装LNMP环境软件

bash 复制代码
[root@Server-Web ~]# yum install nginx php* mariadb-server -y

5.2Server-NFS-DNS端上传博客软件

网址:https://cn.wordpress.org/,下载后为zip压缩文件

将wordpress上传到192.168.75.155(Server-NFS-DNS)端的/目录下

解压缩:

bash 复制代码
[root@Server-NFS-DNS /]# unzip wordpress-6.1-zh_CN.zip 

5.3Server-NFS-DNS端设置NFS共享

目的:将Server-NFS-DNS端的/wordpress目录共享给192.168.75.154(Server-Web)

bash 复制代码
[root@Server-NFS-DNS wordpress]# yum install rpcbind  -y
[root@Server-NFS-DNS wordpress]# yum install nfs-utils  -y
[root@Server-NFS-DNS /]# vim /etc/exports        #编辑配置文件
/wordpress	192.168.75.154(rw,all_squash,sync)   #添加
[root@Server-NFS-DNS /]# chmod -R  777 /wordpress #设置权限
#防火墙添加服务放行        
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=mountd
success
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=rpc-bind
success
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=nfssuccess
[root@Server-NFS-DNS /]# firewall-cmd --reload
success
[root@Server-NFS-DNS /]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens32
  sources: 
  services: dhcpv6-client mdns mountd nfs rpc-bind ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
#启动服务
[root@Server-NFS-DNS /]# systemctl restart rpcbind
[root@Server-NFS-DNS /]# systemctl start nfs-server

5.4Server-Web设置

5.4.1挂载远程共享目录

bash 复制代码
[root@Server-Web ~]# yum install rpcbind  -y
[root@Server-Web ~]# yum install nfs-utils  -y
[root@Server-Web ~]# showmount -e 192.168.75.155  #查看 
Export list for 192.168.75.155:
/wordpress 192.168.75.154
[root@Server-Web ~]# mkdir /wp              #新建本地挂载目录
[root@Server-Web ~]# mount -t nfs 192.168.75.155:/wordpress  /wp    #挂载
[root@Server-Web ~]# cd /wp
[root@Server-Web wp]# ls
index.php             wp-config-sample.php  wp-mail.php
license.txt           wp-content            wp-settings.php
readme.html           wp-cron.php           wp-signup.php
wp-activate.php       wp-includes           wp-trackback.php
wp-admin              wp-links-opml.php     xmlrpc.php
wp-blog-header.php    wp-load.php
wp-comments-post.php  wp-login.php

5.4.2nginx设置

bash 复制代码
[root@Server-Web wp]# cd ~
[root@Server-Web ~]# firewall-cmd --permanent --zone public --add-service=http  # 放行
[root@Server-Web ~]# firewall-cmd --reload
[root@Server-Web ~]# vim  /etc/nginx/nginx.conf    # 编辑nginx配置文件
		root         /wp;

5.4.3修改wordpress配置文件

bash 复制代码
[root@Server-Web ~]# cd  /wp
[root@Server-Web wp]# cp  wp-config-sample.php  wp-config.php   # 根据模板拷贝配置文件

# 编辑wp-config.php配置文件
[root@Server-Web wp]# vim  wp-config.php
# 定位23行修改后半部分
define('DB_NAME', 'wordpress'); # WordPress数据库的名称

define('DB_USER', 'jeams');     # MySQL数据库用户名

define('DB_PASSWORD', '123456');  # MySQL数据库密码 

5.4.5启动数据库

bash 复制代码
[root@Server-Web ~]# systemctl start mariadb

5.4.6在数据库中创建数据库和用户

bash 复制代码
[root@Server-Web ~]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 10.5.29-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database wordpress;    # 创建数据库,尾部有分号
Query OK, 1 row affected (0.000 sec)

# 第一个''为数据库账号,@后面的''内容为数据库可以登录的地址,localhost意为只能本机登录。用户和密码与wordpress配置文件一样 
MariaDB [(none)]> create user 'jeams'@'localhost' identified by '123456';
Query OK, 0 rows affected (0.001 sec)

# 给用户授权
MariaDB [(none)]> grant all on wordpress.* to 'jeams'@'localhost';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> exit
Bye

5.4.7重启数据库和http

bash 复制代码
[root@Server-Web ~]# systemctl restart mariadb
[root@Server-Web ~]# systemctl restart nginx

5.5测试

在windows端输入192.168.75.154继续完成wordpress配置(邮箱必须设置)

成功界面:

5.6在Server-NFS-DNS端配置DNS

5.6.1原则:www.wp.com正向解析为192.168.75.154

安装:

bash 复制代码
[root@Server-NFS-DNS ~]# yum install bind -y
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=dns  # 防火墙放行
success
[root@Server-NFS-DNS /]# firewall-cmd --reload
success
[root@Server-NFS-DNS /]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens32
  sources: 
  services: dhcpv6-client dns mdns mountd nfs rpc-bind ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

5.6.3编辑主配置文件

bash 复制代码
[root@Server-NFS-DNS ~]# vim  /etc/named.conf

# 第11  19行修改为any任意主机 
11         listen-on port 53 { any; };

19         allow-query     { any; };

5.6.4修改区域配置文件

bash 复制代码
[root@Server-NFS-DNS ~]# vim /etc/named.rfc1912.zones

zone "jeams.com" IN {
        type master;
        file "jeams.com.zone";
        allow-update { none; };
};

5.6.5新建区域数据文件并配置解析

bash 复制代码
[root@Server-NFS-DNS /]# cd /var/named/
[root@Server-NFS-DNS named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@Server-NFS-DNS named]# cp -a named.localhost jeams.com.zone
[root@Server-NFS-DNS named]# vim jeams.com.zone
$TTL 1D
jeams.com.	IN SOA	ns.jeams.com. jeams.163.com. (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
jeams.com.		IN	NS	ns.jeams.com.
ns.jeams.com.	IN	A	192.168.75.155
www.jeams.com.	IN	A	192.168.75.154

5.6.5启动服务

bash 复制代码
[root@Server-NFS-DNS named]# systemctl restart named

5.6.6测试

将Server-Web端的DNS改为192.168.75.155后并输入www.wp.com域名访问

bash 复制代码
[root@Server-Web ~]# curl www.jeams.com
<!DOCTYPE html>
<html lang="zh-CN">
<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name='robots' content='max-image-preview:large' />
<title>hello,lebronjeams</title>
<link rel='dns-prefetch' href='//192.168.75.154' />
<link rel="alternate" type="application/rss+xml" title="hello,lebronjeams >> Feed" href="http://192.168.75.154/index.php/feed/" />
<link rel="alternate" type="application/rss+xml" title="hello,lebronjeams >> 评论Feed" href="http://192.168.75.154/index.php/comments/feed/" />
相关推荐
晨曦夜月12 分钟前
vim及其模式的操作
linux·编辑器·vim
せいしゅん青春之我15 分钟前
[JavaEE初阶] 传输层协议---UDP 相关笔记
网络·网络协议·java-ee
zl_dfq16 分钟前
Linux基础开发工具 之 【yum、vim、gcc/g++】
linux·1024程序员节
泷羽Sec-静安30 分钟前
Less-1 GET-Error based-Single quotes-String GET-基于错误-单引号-字符串
前端·css·网络·sql·安全·web安全·less
TG_yunshuguoji1 小时前
亚马逊云渠道商:如何通过配置自动替换构建故障自愈的云架构?
运维·服务器·架构·云计算·aws
守望时空331 小时前
使用virt-manager图形化创建和管理KVM虚拟机
linux·kvm
tuokuac1 小时前
虚拟机挂起,重启后主机连接不上虚拟机docker中的mysql?(docker网络状态假死)
网络·mysql·docker
期待着20131 小时前
StarRocks 集群安装部署文档
linux·服务器
凤凰战士芭比Q1 小时前
部署PHP8.4(KylinV10SP3、Ubuntu2204、Rocky9.3)
linux
2301_772093562 小时前
高并发webserver_interview
运维·服务器·数据库·后端·网络协议·mysql·wireshark