[CentOS7] Nginx proxy + glusterfs + wordpress

본문서는 작성중인 문서 입니다.  간단하게 nginx-proxy 와 공유디렉토리를 이용하여 wordpress 를 테스트 할수 있습니다.

Test 환경 kvm 에서 Centos7 Version vm 을 3대 준비 합니다.

Nginx-proxy 1대 / LEMP Stack 2대를 구성 합니다.

도메인은 임시로 test.com 도메인을 준비 하였습니다.

구성은 nginx-proxy + LEMP Stack + glusterfs 이며 app 는 WP 가 올라 갑니다.

  • Nginx-proxy 구성도

nginx-proxy

epel-release 패키지 설치 및 nginx 설치

[root@nginx-proxy ~]# yum install epel-release -y

[root@nginx-proxy ~]# vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
[root@nginx-proxy ~]# yum install -y nginx

 

VM nginx-proxy

nginx 설정

[root@nginx-proxy ~]# cd /etc/nginx/conf.d/
[root@nginx-proxy conf.d]# cp default.conf default.conf.org


[root@nginx-proxy conf.d]# cat default.conf
server {
    listen       80;
    server_name  test.com;
    location / {
        rewrite ^/(/.*)$ $1 break; 
        proxy_pass http://test.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_redirect off;
    }
}
upstream test.com {
    server 10.10.10.11:80;
    server 10.10.10.22:80;
}

[root@nginx-proxy conf.d]# systemctl enable nginx ; systemctl start nginx

 

VM nginx-www1 / nginx-www2 에서 작업

NGINX , PHP 7.1 을 설치 합니다.

[root@nginx-www1 ~]# vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

[root@nginx-www1 ~]# yum install -y nginx
[root@nginx-www1 ~]# yum install -y epel-release yum-utils
[root@nginx-www1 ~]# rpm -Uvh http://ftp.riken.jp/Linux/remi/enterprise/remi-release-7.rpm
[root@nginx-www1 ~]# yum clean all && yum list
[root@nginx-www1 ~]# yum-config-manager --enable remi-php71
[root@nginx-www1 ~]# yum -y install php php-mysql php-fpm php-opcache php-gd php-ldap \
php-odbc php-pear php-xml php-xmlrpc php-mbstring php-soap curl curl-devel

 

nginx 설정 및 php-fpm 설정

테스트 도메인은 내부 dns 를 구성하여 test.com 으로 생성 하였습니다.

test.com 은 도메인 아이피를 nginx-proxy 로 설정 합니다.

[root@nginx-www1 ~]# mkdir /etc/nginx/sites-enabled
[root@nginx-www1 ~]# vi /etc/nginx/nginx.conf
user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*.conf;
}


[root@nginx-www1 ~]# vi /etc/php-fpm.d/www.conf

user = nginx
group = nginx

listen.owner = nginx
listen.group = nginx
listen.mode = 0660
[root@nginx-www1 ~]# systemctl enable nginx ; systemctl start nginx
[root@nginx-www1 ~]# systemctl enable php-fpm ; systemctl start php-fpm

 

glusterfs 설치

VM nginx-www1 / nginx-www2 에서 작업

/etc/hosts 파일 수정

[root@nginx-www1 ~]# vi /etc/hosts
10.10.10.11     www1
10.10.10.22     www2
10.10.10.33     db01

 

glusterfs 설치

[root@nginx-www1 ~]# yum install centos-release-gluster -y
[root@nginx-www1 ~]# yum install glusterfs-server -y
[root@nginx-www1 ~]# systemctl enable glusterd ; systemctl start glusterd

 

gluster 공유 디렉토리 생성

[root@nginx-www1 ~]# gluster peer probe www2
peer probe: success.
[root@nginx-www2 ~]# gluster peer probe www1



[root@nginx-www1 ~]# mkdir /gluster-storage
[root@nginx-www2 ~]# mkdir /gluster-storage


[root@nginx-www1 ~]# gluster volume create volume01 replica 2 transport tcp www1:/gluster-storage www2:/gluster-storage force
volume create: volume01: success: please start the volume to access data

[root@nginx-www1 ~]# gluster volume start volume01
volume start: volume01: success
[root@nginx-www1 ~]# gluster volume info

Volume Name: volume01
Type: Replicate
Volume ID: b24c3e2b-f458-4733-9bc0-38d9bd441bb6
Status: Started
Snapshot Count: 0
Number of Bricks: 1 x 2 = 2
Transport-type: tcp
Bricks:
Brick1: www1:/gluster-storage
Brick2: www2:/gluster-storage
Options Reconfigured:
transport.address-family: inet
nfs.disable: on
performance.client-io-threads: off
[root@nginx-www1 ~]#

[root@nginx-www1 ~]# mkdir -p /var/www/html/test.com/{public_html,logs}

[root@nginx-www1 ~]# vi /etc/fstab

~중략
www1:/volume01  /var/www/html/test.com/public_html glusterfs defaults,_netdev,x-systemd.automount 0 0

[root@nginx-www1 ~]# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda3        18G  1.6G   17G   9% /
devtmpfs        1.9G     0  1.9G   0% /dev
tmpfs           1.9G     0  1.9G   0% /dev/shm
tmpfs           1.9G  8.6M  1.9G   1% /run
tmpfs           1.9G     0  1.9G   0% /sys/fs/cgroup
/dev/vda1      1014M  215M  800M  22% /boot
tmpfs           379M     0  379M   0% /run/user/0
www1:/volume01   18G  1.8G   17G  10% /var/www/html/test.com/public_html
[root@nginx-www1 ~]#

 

test.com nginx 설정

[root@nginx-www1 ~]# vi /etc/nginx/sites-enabled/test_com.conf
server {
    listen       80;
    server_name  www.test.com test.com;
    root   /var/www/html/test.com/public_html;
    index  index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
        autoindex on;
    }

    access_log  /var/www/html/test.com/logs/access.log;
    error_log  /var/www/html/test.com/logs/error.log warn;

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

 

nginx 데몬 재시작 및 phpinfo 확인

[root@nginx-www1 ~]# systemctl restart nginx
[root@nginx-www1 ~]# vi /var/www/html/test.com/public_html/info.php
<?php phpinfo(); ?>

 

www2 시스템 에서 test.com public_html 디렉토리 확인시 정상적으로 info.php 를 확인 할수 있습니다.

[root@nginx-www2 ~]# ls -al /var/www/html/test.com/public_html/
total 1
drwxr-xr-x 3 nginx nginx 40 Jul 26 14:37 .
drwxr-xr-x 4 nginx nginx 37 Jul 26 14:33 ..
-rw-r--r-- 1 root  root  20 Jul 26 14:37 info.php
[root@nginx-www2 ~]#

 

phpinfo 확인

 

Mariadb 10.1 설치

별도의 vm 에 db 를 설치 합니다.

[root@nginx-mariadb01 ~]# vi /etc/yum.repos.d/mariadb.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1


[root@nginx-mariadb01 ~]# yum install -y mariadb mariadb-server
[root@nginx-mariadb01 ~]# systemctl start mariadb ; systemctl enable mariadb

 

mysql_secure_installation 을 실행 합니다.

[root@nginx-mariadb01 ~]# /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
[root@nginx-mariadb01 ~]#

 

character set 설정

[root@nginx-mariadb01 ~]# vi /etc/my.cnf.d/server.cnf
[mysqld]
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci

[root@nginx-mariadb01 ~]# vi /etc/my.cnf.d/client.cnf
[client]
default-character-set = utf8mb4

 

character set 확인

[root@nginx-mariadb01 ~]#  systemctl restart mariadb
[root@nginx-mariadb01 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 10.1.40-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 10.1.40-MariaDB, for Linux (x86_64) using readline 5.1

Connection id:          2
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          stdout
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.1.40-MariaDB MariaDB Server
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    utf8mb4
Db     characterset:    utf8mb4
Client characterset:    utf8mb4
Conn.  characterset:    utf8mb4
UNIX socket:            /var/lib/mysql/mysql.sock
Uptime:                 21 sec

Threads: 1  Questions: 4  Slow queries: 0  Opens: 17  Flush tables: 1  Open tables: 11  Queries per second avg: 0.190
--------------

MariaDB [(none)]> quit;
Bye
[root@nginx-mariadb01 ~]#

 

WordPress  에서 사용할 DB 를 생성 합니다.

[root@nginx-mariadb01 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 10.1.40-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database wp;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL ON wp.* TO 'wp'@'%' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit;
Bye
[root@nginx-mariadb01 ~]#

 

www1 / www2 에 hosts 파일을 수정 합니다.

wordpress 설치 파일은 www1 에서만 작업 합니다.

[root@nginx-www1 ~]# vi /etc/hosts

10.10.10.11     www1
10.10.10.22     www2
10.10.10.33     db01

 

WordPress 설치

[root@nginx-www1 ~]# cd /var/www/html/test.com/public_html/
[root@nginx-www1 public_html]# wget https://wordpress.org/latest.tar.gz
[root@nginx-www1 public_html]# tar xvf latest.tar.gz
[root@nginx-www1 public_html]# cd wordpress/
[root@nginx-www1 wordpress]# mv * ../
[root@nginx-www1 public_html]# rm -rf wordpress/

 

test.com 사이트에 접속하여 워드프레스를 설치 합니다.

 

database 정보 입력

 

Run installation

 

test.com site 정보 입력

 

워드프레스 설치가 완료 되었습니다.

 

test.com 으로 접속시 nginx-proxy 를 통하여 www1 / www2 로 접속을 합니다.

 

로그 확인시 www1 / www2 에 한번씩 접속 로그가 생성 됩니다.

댓글 남기기