当前位置：首页 > java >正文

基于LNMP架构的分布式个人博客搭建

java 2025/7/28 8:09:42

1.运行环境

主机	主机名	系统	服务
192.168.75.154	Server-Web	Linux	Web
192.168.75.155	Server-NFS-DNS	Linux	NFS/DNS

2.基础配置

配置主机名，静态IP地址

开启防火墙并配置

部分开启SElinux并配置

服务器之间使用同ntp.aliyun.com进行时间同步

服务器之间使用用ntp.aliyun.com进行时间同步

服务器之间实现SSH免密登录

3.业务需求

Server-NFS-DNS主机配置NFS服务器，将博客网站资源文件共享给Server-Web主机，Server-NFS-DNS主机配置DNS

Server-Web主机配置web服务，通过域名www.wp.com可以访问到自建的博客网站

4.准备工作

4.1配置静态IP

master端：

[root@master ~]# nmcli c modify ens32 ipv4.method manual  ipv4.addresses '192.168.75.154/24'  ipv4.gateway '192.168.75.2'  ipv4.dns  '114.114.114.114'
[root@master ~]# nmcli c reload
[root@master ~]# nmcli c up  ens32

node1端：

[root@node1 ~]# nmcli c modify ens32 ipv4.method manual  ipv4.addresses '192.168.75.155/24'  ipv4.gateway '192.168.75.2'  ipv4.dns  '114.114.114.114'
[root@node1 ~]# nmcli c reload
[root@node1 ~]# nmcli c up  ens32

4.2修改主机名及hosts映射

Server-Web端：

[root@master ~]# hostnamectl set-hostname Server-Web
[root@master ~]# bash
[root@Server-Web ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.75.154   Server-Web
192.168.75.155   Server-NFS-DNS

Server-NFS-DNS端：

[root@node1 ~]# hostnamectl set-hostname Server-NFS-DNS
[root@node1 ~]# bash
[root@Server-NFS-DNS ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.75.154  Server-Web
192.168.75.155  Server-NFS-DNS

4.3开启防火墙

Server-Web端：

[root@Server-Web ~]# systemctl enable --now firewalld
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

Server-NFS-DNS端：

[root@Server-NFS-DNS ~]# systemctl enable --now firewalld
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

4.4时间同步

Server-Web端：

[root@Server-Web ~]# vim /etc/chrony.conf    #修改第三行
server ntp.aliyun.com iburst
[root@Server-Web ~]# systemctl restart chronyd
[root@Server-Web ~]# chronyc sources -v.-- Source mode  '^' = server, '=' = peer, '#' = local clock./ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17     5  -5090us[-4621us] +/-   37ms
[root@Server-Web ~]# date
2025年 07月 27日 星期日 18:08:35 CST

Server-NFS-DNS端：

[root@Server-NFS-DNS ~]# vim /etc/chrony.conf 
server ntp.aliyun.com iburst
[root@Server-NFS-DNS ~]# systemctl restart chronyd
[root@Server-NFS-DNS ~]# chronyc sources -v.-- Source mode  '^' = server, '=' = peer, '#' = local clock./ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17     8    +16us[ +486us] +/-   31ms
[root@Server-NFS-DNS ~]# date
2025年 07月 27日 星期日 18:09:51 CST

4.5配置免密ssh登录

Server-Web端：

[root@Server-Web ~]# ssh-keygen -t rsa     #生成公钥私钥，一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:BmrsJaPrUhQnHAaRgjFFJA9Sg5Bpq3TtYBP1FSMaGQI root@Server-Web
The key's randomart image is:
+---[RSA 3072]----+
|%EXo.+o. +.      |
|OB+oo.+ o .      |
|o o+o...         |
| o.* o .         |
|o.o X . S        |
|. .+ = .         |
| .. .            |
|.  .             |
| oo              |
+----[SHA256]-----+
[root@Server-Web ~]# ssh-copy-id 192.168.75.155
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.75.155 (192.168.75.155)' can't be established.
ED25519 key fingerprint is SHA256:C956Oy13qc7K4u0BsOU0sFnkMCIITeWu/OG37KN/g8M.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes    #输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysAuthorized users only. All activities may be monitored and reported.
root@192.168.75.155's password:                     #输入密码123Number of key(s) added: 1Now try logging into the machine, with:   "ssh '192.168.75.155'"
and check to make sure that only the key(s) you wanted were added.[root@Server-Web ~]# ssh root@192.168.75.155
[root@Server-NFS-DNS ~]# 注销
Connection to 192.168.75.155 closed.
[root@Server-Web ~]#

Server-NFS-DNS端：

[root@Server-NFS-DNS ~]# ssh-keygen -t rsa     #生成公钥私钥，一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:cEu+8trkEH2wKG3RRCVw7pKwfy2BTZopPTQdlZZdq/4 root@Server-NFS-DNS
The key's randomart image is:
+---[RSA 3072]----+
|      .o*oo+ ..  |
|       * o+ .  . |
|    . = O.    .  |
|     * ^ +   .   |
|    + # S . .    |
|     = + = .     |
|      + = . .    |
|       O .   .   |
|      ..+     E  |
+----[SHA256]-----+
[root@Server-NFS-DNS ~]# ssh-copy-id 192.168.75.154
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.75.154 (192.168.75.154)' can't be established.
ED25519 key fingerprint is SHA256:v5NN8DUNHZVB+SwY/sB92f4DQshbsJAV58mz9TMbCb4.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes   #输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysAuthorized users only. All activities may be monitored and reported.
root@192.168.75.154's password:             #输入密码123Number of key(s) added: 1Now try logging into the machine, with:   "ssh '192.168.75.154'"
and check to make sure that only the key(s) you wanted were added.[root@Server-NFS-DNS ~]# ssh root@192.168.75.154
[root@Server-Web ~]# 注销
Connection to 192.168.75.154 closed.
[root@Server-NFS-DNS ~]#

5.环境搭建

5.1Server-Web端安装LNMP环境软件

[root@Server-Web ~]# yum install nginx php* mariadb-server -y

5.2Server-NFS-DNS端上传博客软件

网址：https://cn.wordpress.org/,下载后为zip压缩文件

将wordpress上传到192.168.75.155（Server-NFS-DNS）端的/目录下

解压缩：

[root@Server-NFS-DNS /]# unzip wordpress-6.1-zh_CN.zip

5.3Server-NFS-DNS端设置NFS共享

目的：将Server-NFS-DNS端的/wordpress目录共享给192.168.75.154（Server-Web）

[root@Server-NFS-DNS wordpress]# yum install rpcbind  -y
[root@Server-NFS-DNS wordpress]# yum install nfs-utils  -y
[root@Server-NFS-DNS /]# vim /etc/exports        #编辑配置文件
/wordpress	192.168.75.154(rw,all_squash,sync)   #添加
[root@Server-NFS-DNS /]# chmod -R  777 /wordpress #设置权限
#防火墙添加服务放行        
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=mountd
success
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=rpc-bind
success
[root@Server-NFS-DNS /]# firewall-cmd --permanent --zone=public --add-service=nfssuccess
[root@Server-NFS-DNS /]# firewall-cmd --reload
success
[root@Server-NFS-DNS /]# firewall-cmd --list-all
public (active)target: defaulticmp-block-inversion: nointerfaces: ens32sources: services: dhcpv6-client mdns mountd nfs rpc-bind sshports: protocols: forward: yesmasquerade: noforward-ports: source-ports: icmp-blocks: rich rules: 
#启动服务
[root@Server-NFS-DNS /]# systemctl restart rpcbind
[root@Server-NFS-DNS /]# systemctl start nfs-server

5.4Server-Web设置

5.4.1挂载远程共享目录

[root@Server-Web ~]# yum install rpcbind  -y
[root@Server-Web ~]# yum install nfs-utils  -y
[root@Server-Web ~]# showmount -e 192.168.75.155  #查看 
Export list for 192.168.75.155:
/wordpress 192.168.75.154
[root@Server-Web ~]# mkdir /wp              #新建本地挂载目录
[root@Server-Web ~]# mount -t nfs 192.168.75.155:/wordpress  /wp    #挂载
[root@Server-Web ~]# cd /wp
[root@Server-Web wp]# ls
index.php             wp-config-sample.php  wp-mail.php
license.txt           wp-content            wp-settings.php
readme.html           wp-cron.php           wp-signup.php
wp-activate.php       wp-includes           wp-trackback.php
wp-admin              wp-links-opml.php     xmlrpc.php
wp-blog-header.php    wp-load.php
wp-comments-post.php  wp-login.php

5.4.2nginx设置

[root@Server-Web wp]# cd ~
[root@Server-Web ~]# firewall-cmd --permanent --zone public --add-service=http  # 放行
[root@Server-Web ~]# firewall-cmd --reload
[root@Server-Web ~]# vim  /etc/nginx/nginx.conf    # 编辑nginx配置文件root         /wp;

5.4.3修改wordpress配置文件

[root@Server-Web ~]# cd  /wp
[root@Server-Web wp]# cp  wp-config-sample.php  wp-config.php   # 根据模板拷贝配置文件# 编辑wp-config.php配置文件
[root@Server-Web wp]# vim  wp-config.php
# 定位23行修改后半部分
define('DB_NAME', 'wordpress'); # WordPress数据库的名称define('DB_USER', 'jeams');     # MySQL数据库用户名define('DB_PASSWORD', '123456');  # MySQL数据库密码

5.4.5启动数据库

[root@Server-Web ~]# systemctl start mariadb

5.4.6在数据库中创建数据库和用户

[root@Server-Web ~]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 10.5.29-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> create database wordpress;    # 创建数据库，尾部有分号
Query OK, 1 row affected (0.000 sec)# 第一个''为数据库账号，@后面的''内容为数据库可以登录的地址，localhost意为只能本机登录。用户和密码与wordpress配置文件一样 
MariaDB [(none)]> create user 'jeams'@'localhost' identified by '123456';
Query OK, 0 rows affected (0.001 sec)# 给用户授权
MariaDB [(none)]> grant all on wordpress.* to 'jeams'@'localhost';
Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> exit
Bye

5.4.7重启数据库和http

[root@Server-Web ~]# systemctl restart mariadb
[root@Server-Web ~]# systemctl restart nginx

5.5测试

在windows端输入192.168.75.154继续完成wordpress配置（邮箱必须设置）

成功界面：

5.6在Server-NFS-DNS端配置DNS

5.6.1原则：www.wp.com正向解析为192.168.75.154

安装：

[root@Server-NFS-DNS ~]# yum install bind -y
[root@Server-NFS-DNS ~]# firewall-cmd --permanent --zone public --add-service=dns  # 防火墙放行
success
[root@Server-NFS-DNS /]# firewall-cmd --reload
success
[root@Server-NFS-DNS /]# firewall-cmd --list-all
public (active)target: defaulticmp-block-inversion: nointerfaces: ens32sources: services: dhcpv6-client dns mdns mountd nfs rpc-bind sshports: protocols: forward: yesmasquerade: noforward-ports: source-ports: icmp-blocks: rich rules:

5.6.3编辑主配置文件

[root@Server-NFS-DNS ~]# vim  /etc/named.conf# 第11  19行修改为any任意主机 
11         listen-on port 53 { any; };19         allow-query     { any; };

5.6.4修改区域配置文件

[root@Server-NFS-DNS ~]# vim /etc/named.rfc1912.zoneszone "jeams.com" IN {type master;file "jeams.com.zone";allow-update { none; };
};

5.6.5新建区域数据文件并配置解析

[root@Server-NFS-DNS /]# cd /var/named/
[root@Server-NFS-DNS named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@Server-NFS-DNS named]# cp -a named.localhost jeams.com.zone
[root@Server-NFS-DNS named]# vim jeams.com.zone
$TTL 1D
jeams.com.	IN SOA	ns.jeams.com. jeams.163.com. (0	; serial1D	; refresh1H	; retry1W	; expire3H )	; minimum
jeams.com.		IN	NS	ns.jeams.com.
ns.jeams.com.	IN	A	192.168.75.155
www.jeams.com.	IN	A	192.168.75.154

5.6.5启动服务

[root@Server-NFS-DNS named]# systemctl restart named

5.6.6测试

将Server-Web端的DNS改为192.168.75.155后并输入www.wp.com域名访问

[root@Server-Web ~]# curl www.jeams.com
<!DOCTYPE html>
<html lang="zh-CN">
<head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name='robots' content='max-image-preview:large' />
<title>hello，lebronjeams</title>
<link rel='dns-prefetch' href='//192.168.75.154' />
<link rel="alternate" type="application/rss+xml" title="hello，lebronjeams &raquo; Feed" href="http://192.168.75.154/index.php/feed/" />
<link rel="alternate" type="application/rss+xml" title="hello，lebronjeams &raquo; 评论Feed" href="http://192.168.75.154/index.php/comments/feed/" />

查看全文

http://www.xdnf.cn/news/16459.html