04-创建配置文件
本文档详细介绍如何创建所有配置文件。重要 :配置文件必须在docker compose up之前创建完成。
Node1配置文件
在Node1(192.168.64.128)上执行以下操作。
切换到部署目录
cd /opt/cluster-deploy创建nginx-lb配置
nginx.conf
cat > /opt/cluster-deploy/config/nginx-lb/nginx.conf << 'EOF'
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'upstream: $upstream_addr '
'upstream_status: $upstream_status '
'request_time: $request_time '
'upstream_response_time: $upstream_response_time';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript
application/json application/javascript application/xml+rss
application/rss+xml font/truetype font/opentype
application/vnd.ms-fontobject image/svg+xml;
upstream web_backend {
least_conn;
server 172.20.2.11:80 max_fails=3 fail_timeout=30s;
server 172.20.2.12:80 max_fails=3 fail_timeout=30s;
server 172.20.2.13:80 max_fails=3 fail_timeout=30s;
}
include /etc/nginx/conf.d/*.conf;
}
EOFupstream.conf
cat > /opt/cluster-deploy/config/nginx-lb/conf.d/upstream.conf << 'EOF'
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://web_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 10s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
}
location /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
}
EOFssl.conf
cat > /opt/cluster-deploy/config/nginx-lb/ssl.conf << 'EOF'
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
EOF创建keepalived配置
keepalived_master.conf
cat > /opt/cluster-deploy/config/keepalived/keepalived_master.conf << 'EOF'
global_defs {
router_id LVS_MASTER
script_user root
enable_script_security
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 3
weight -20
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
nopreempt
unicast_peer {
172.20.1.12
172.20.1.13
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.20.1.100/24 dev eth0
}
track_script {
check_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
EOFkeepalived_backup.conf
cat > /opt/cluster-deploy/config/keepalived/keepalived_backup.conf << 'EOF'
global_defs {
router_id LVS_BACKUP1
script_user root
enable_script_security
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 3
weight -20
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 90
advert_int 1
nopreempt
unicast_peer {
172.20.1.11
172.20.1.13
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.20.1.100/24 dev eth0
}
track_script {
check_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
EOFkeepalived_backup2.conf
cat > /opt/cluster-deploy/config/keepalived/keepalived_backup2.conf << 'EOF'
global_defs {
router_id LVS_BACKUP2
script_user root
enable_script_security
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 3
weight -20
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
advert_int 1
nopreempt
unicast_peer {
172.20.1.11
172.20.1.12
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.20.1.100/24 dev eth0
}
track_script {
check_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
EOFcheck_nginx.sh
cat > /opt/cluster-deploy/config/keepalived/check_nginx.sh << 'EOF'
#!/bin/bash
A=$(ps -C nginx --no-headers | wc -l)
if [ "$A" -eq 0 ];then
exit 1
fi
EOF
chmod +x /opt/cluster-deploy/config/keepalived/check_nginx.shnotify.sh
cat > /opt/cluster-deploy/config/keepalived/notify.sh << 'EOF'
#!/bin/bash
LOGFILE=/var/log/keepalived-notify.log
echo "[$(date '+%Y-%m-%d %H:%M:%S')] State changed to: $1" >> $LOGFILE
EOF
chmod +x /opt/cluster-deploy/config/keepalived/notify.sh创建php配置
php-node1.conf
cat > /opt/cluster-deploy/config/php/php-node1.conf << 'EOF'
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'request_time: $request_time';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript
application/json application/javascript application/xml+rss
application/rss+xml font/truetype font/opentype
application/vnd.ms-fontobject image/svg+xml;
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass 172.20.2.21:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
location /health {
access_log off;
return 200 "php-healthy\n";
add_header Content-Type text/plain;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
}
}
EOFphp-node2.conf
cat > /opt/cluster-deploy/config/php/php-node2.conf << 'EOF'
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'request_time: $request_time';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript
application/json application/javascript application/xml+rss
application/rss+xml font/truetype font/opentype
application/vnd.ms-fontobject image/svg+xml;
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass 172.20.2.22:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
location /health {
access_log off;
return 200 "php-healthy\n";
add_header Content-Type text/plain;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
}
}
EOFphp-node3.conf
cat > /opt/cluster-deploy/config/php/php-node3.conf << 'EOF'
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'request_time: $request_time';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript
application/json application/javascript application/xml+rss
application/rss+xml font/truetype font/opentype
application/vnd.ms-fontobject image/svg+xml;
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass 172.20.2.23:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
location /health {
access_log off;
return 200 "php-healthy\n";
add_header Content-Type text/plain;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
}
}
EOFphp.ini
cat > /opt/cluster-deploy/config/php/php.ini << 'EOF'
[PHP]
upload_max_filesize = 50M
post_max_size = 50M
max_execution_time = 60
memory_limit = 256M
display_errors = Off
log_errors = On
error_log = /var/log/php/error.log
date.timezone = Asia/Shanghai
[Session]
session.save_handler = redis
session.save_path = "tcp://172.20.3.11:6379?auth=YourStr0ng!Pass"
[opcache]
opcache.enable = 1
opcache.memory_consumption = 128
opcache.interned_strings_buffer = 8
opcache.max_accelerated_files = 4000
EOF创建redis配置
redis-master.conf
cat > /opt/cluster-deploy/config/redis/redis-master.conf << 'EOF'
bind 0.0.0.0
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis/redis-server.pid
loglevel notice
logfile ""
databases 16
always-show-logo no
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
replica-priority 100
maxmemory 256mb
maxmemory-policy allkeys-lru
maxmemory-samples 5
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes
EOFredis-slave.conf
cat > /opt/cluster-deploy/config/redis/redis-slave.conf << 'EOF'
bind 0.0.0.0
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis/redis-server.pid
loglevel notice
logfile ""
databases 16
always-show-logo no
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
replica-priority 100
maxmemory 256mb
maxmemory-policy allkeys-lru
maxmemory-samples 5
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes
EOFsentinel.conf
cat > /opt/cluster-deploy/config/redis/sentinel.conf << 'EOF'
bind 0.0.0.0
port 26379
daemonize no
supervised no
pidfile /var/run/redis-sentinel.pid
logfile ""
loglevel notice
sentinel monitor mymaster 172.20.3.11 6379 2
sentinel down-after-milliseconds mymaster 5000
sentinel parallel-syncs mymaster 1
sentinel failover-timeout mymaster 180000
sentinel deny-scripts-reconfig yes
sentinel auth-pass mymaster 'YourStr0ng!Pass'
EOF创建mysql配置
my-node1.cnf
cat > /opt/cluster-deploy/config/mysql/my-node1.cnf << 'EOF'
[mysqld]
server-id=1
bind-address=0.0.0.0
port=3306
basedir=/usr
datadir=/var/lib/mysql
socket=/var/run/mysqld/mysqld.sock
pid-file=/var/run/mysqld/mysqld.pid
log-error=/var/log/mysql/error.log
report_host=172.20.4.11
gtid_mode=ON
enforce_gtid_consistency=ON
log_slave_updates=ON
binlog_checksum=NONE
skip-name-resolve
loose-group_replication_group_name="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="172.20.4.11:33061"
loose-group_replication_group_seeds="172.20.4.11:33061,172.20.4.12:33061,172.20.4.13:33061"
loose-group_replication_ip_allowlist="172.20.4.0/24"
loose-group_replication_single_primary_mode=ON
loose-group_replication_enforce_update_everywhere_checks=OFF
loose-group_replication_poll_spin_loops=100
loose-group_replication_recovery_reconnect_interval=10
loose-group_replication_member_weight=70
master_info_repository=TABLE
relay_log_info_repository=TABLE
transaction_write_set_extraction=XXHASH64
binlog_format=ROW
[client]
socket=/var/run/mysqld/mysqld.sock
[mysql]
socket=/var/run/mysqld/mysqld.sock
EOFmy-node2.cnf
cat > /opt/cluster-deploy/config/mysql/my-node2.cnf << 'EOF'
[mysqld]
server-id=2
bind-address=0.0.0.0
port=3306
basedir=/usr
datadir=/var/lib/mysql
socket=/var/run/mysqld/mysqld.sock
pid-file=/var/run/mysqld/mysqld.pid
log-error=/var/log/mysql/error.log
report_host=172.20.4.12
gtid_mode=ON
enforce_gtid_consistency=ON
log_slave_updates=ON
binlog_checksum=NONE
skip-name-resolve
loose-group_replication_group_name="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="172.20.4.12:33061"
loose-group_replication_group_seeds="172.20.4.11:33061,172.20.4.12:33061,172.20.4.13:33061"
loose-group_replication_ip_allowlist="172.20.4.0/24"
loose-group_replication_single_primary_mode=ON
loose-group_replication_enforce_update_everywhere_checks=OFF
loose-group_replication_poll_spin_loops=100
loose-group_replication_recovery_reconnect_interval=10
loose-group_replication_member_weight=60
master_info_repository=TABLE
relay_log_info_repository=TABLE
transaction_write_set_extraction=XXHASH64
binlog_format=ROW
[client]
socket=/var/run/mysqld/mysqld.sock
[mysql]
socket=/var/run/mysqld/mysqld.sock
EOFmy-node3.cnf
cat > /opt/cluster-deploy/config/mysql/my-node3.cnf << 'EOF'
[mysqld]
server-id=3
bind-address=0.0.0.0
port=3306
basedir=/usr
datadir=/var/lib/mysql
socket=/var/run/mysqld/mysqld.sock
pid-file=/var/run/mysqld/mysqld.pid
log-error=/var/log/mysql/error.log
report_host=172.20.4.13
gtid_mode=ON
enforce_gtid_consistency=ON
log_slave_updates=ON
binlog_checksum=NONE
skip-name-resolve
loose-group_replication_group_name="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="172.20.4.13:33061"
loose-group_replication_group_seeds="172.20.4.11:33061,172.20.4.12:33061,172.20.4.13:33061"
loose-group_replication_ip_allowlist="172.20.4.0/24"
loose-group_replication_single_primary_mode=ON
loose-group_replication_enforce_update_everywhere_checks=OFF
loose-group_replication_poll_spin_loops=100
loose-group_replication_recovery_reconnect_interval=10
loose-group_replication_member_weight=50
master_info_repository=TABLE
relay_log_info_repository=TABLE
transaction_write_set_extraction=XXHASH64
binlog_format=ROW
[client]
socket=/var/run/mysqld/mysqld.sock
[mysql]
socket=/var/run/mysqld/mysqld.sock
EOFinit.sql
cat > /opt/cluster-deploy/config/mysql/init.sql << 'EOF'
-- 初始化数据库脚本
CREATE DATABASE IF NOT EXISTS app_db DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
USE app_db;
-- 示例表
CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 插入测试数据
INSERT INTO users (username, email) VALUES
('admin', 'admin@example.com'),
('user1', 'user1@example.com'),
('user2', 'user2@example.com');
EOF创建备份脚本
cat > /opt/cluster-deploy/scripts/backup.sh << 'EOF'
#!/bin/bash
# MySQL备份脚本
BACKUP_DIR="/backup/mysql"
DATE=$(date +%Y%m%d_%H%M%S)
MYSQL_HOST="172.20.4.11"
MYSQL_USER="root"
MYSQL_PASS="YourStr0ng!Pass"
# 创建备份目录
mkdir -p ${BACKUP_DIR}
# 备份所有数据库
echo "Starting MySQL backup at ${DATE}"
docker exec mysql-01 mysqldump -h${MYSQL_HOST} -u${MYSQL_USER} -p${MYSQL_PASS} --all-databases --single-transaction --routines --triggers --events > ${BACKUP_DIR}/all_databases_${DATE}.sql
if [ $? -eq 0 ]; then
echo "Backup completed successfully: ${BACKUP_DIR}/all_databases_${DATE}.sql"
# 保留最近7天的备份
find ${BACKUP_DIR} -name "*.sql" -mtime +7 -delete
else
echo "Backup failed!"
exit 1
fi
EOF
chmod +x /opt/cluster-deploy/scripts/backup.sh配置文件验证
创建完所有配置文件后,验证文件内容:
# 查看所有配置文件
ls -la /opt/cluster-deploy/config/*/
# 验证关键配置文件
head -20 /opt/cluster-deploy/config/nginx-lb/nginx.conf
head -20 /opt/cluster-deploy/config/keepalived/keepalived_master.conf
head -20 /opt/cluster-deploy/config/php/php-node1.conf
head -20 /opt/cluster-deploy/config/redis/redis-master.conf
head -20 /opt/cluster-deploy/config/mysql/my-node1.cnf下一步
完成配置文件创建后,请继续:
-
13-快速部署.md - 执行完整部署
-
12-验证测试.md - 验证部署结果