振興杯華為云操作

bei

圖1

任務(wù)一：基礎(chǔ)設(shè)施建設(shè)。（分值：145分）

1、 創(chuàng)建三個(gè)VPC（名稱自定義），并且將Database01和云計(jì)算redis分別更改到不同VPC下。【10分】

2、按照2核CPU、4G內(nèi)存、40G硬盤創(chuàng)建四臺(tái)分別名為node1、node2、Database01和redis的云主機(jī)。【10分】

云主機(jī)規(guī)格：

具體內(nèi)容

具體參數(shù)

CPU架構(gòu)

x86計(jì)算

規(guī)格

s6.large.2

鏡像類型

公共鏡像

鏡像

CentOS 7.6

系統(tǒng)盤

通用型SSD 40G

云服務(wù)器名稱

自定義

VPC

使用上一步創(chuàng)建的VPC

其它參數(shù)

默認(rèn)

2、 配置對(duì)等路由將Database01、redis和node1、node2所處的網(wǎng)絡(luò)打通并保證四臺(tái)主機(jī)之間網(wǎng)絡(luò)可用。【25分】

互相建立對(duì)等連接即可不同網(wǎng)段互聯(lián)

參考：《HCIA-Cloud Service V2.2 實(shí)驗(yàn)手冊(cè)》

3.網(wǎng)絡(luò)類服務(wù)實(shí)踐

方案一：

3.3.5 創(chuàng)建對(duì)等連接，使同區(qū)域不同 VPC 內(nèi)的 ECS 進(jìn)行通信 117頁

同網(wǎng)段內(nèi)的IP地址可以互ping

不能互ping

解決方法：

1. 進(jìn)入網(wǎng)絡(luò)控制臺(tái)找到《對(duì)等鏈接》

方案二：

當(dāng)bj四區(qū)域彈性IP配額不足時(shí)，可在其他區(qū)域購買彈性IP用VPN專線連接使其可以互相通信：

步驟:

北京四區(qū)

北京一區(qū)：

如果改完之后狀態(tài)欄顯示“未連接”

解決辦法：

刷新一下，狀態(tài)欄就會(huì)變正常

3、 創(chuàng)建一個(gè)10G的云硬盤，并將其掛載到Database01的云主機(jī)上，并將其進(jìn)行格式成ext4的格式。【20分】

[root@database1 ~]# fdisk -l

Disk /dev/vda: 42.9 GB, 42949672960 bytes, 83886080 sectors

Units = sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk label type: dos

Disk identifier: 0x000e3a31

Device Boot Start End Blocks Id System

/dev/vda1 * 2048 83886079 41942016 83 Linux

Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors

Units = sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

[root@database1 ~]# mkf

mkfifo mkfs mkfs.btrfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.ext4 mkfs.minix mkfs.xfs

[root@database1 ~]# mkfs -t ext4 /dev/vd

vda vda1 vdb

[root@database1 ~]# mkfs -t ext4 /dev/vdb

mke2fs 1.42.9 (28-Dec-2013)

Filesystem label=

OS type: Linux

Block size=4096 (log=2)

Fragment size=4096 (log=2)

Stride=0 blocks, Stripe width=0 blocks

655360 inodes, 2621440 blocks

131072 blocks (5.00%) reserved for the super user

First data block=0

Maximum filesystem blocks=2151677952

80 block groups

32768 blocks per group, 32768 fragments per group

8192 inodes per group

Superblock backups stored on blocks:

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: done

Writing inode tables: done

Creating journal (32768 blocks): done

Writing superblocks and filesystem accounting information: done

4、 將上一步創(chuàng)建的云硬盤掛載到Database01的/nfs/code下，保證可讀寫。【20分】

5、 [root@database1 ~]# mkdir /nfs

6、 [root@database1 ~]# cd /

7、 [root@database1 /]# ll

8、 total 72

9、 lrwxrwxrwx. 1 root root 7 Feb 26 2021 bin -> usr/bin

10、 dr-xr-xr-x. 5 root root 4096 Sep 30 14:37 boot

11、 drwxr-xr-x 7 root root 4096 Feb 26 2021 CloudResetPwdUpdateAgent

12、 drwxr-xr-x 6 root root 4096 Feb 26 2021 CloudrResetPwdAgent

13、 drwxr-xr-x 19 root root 3040 Sep 30 15:29 dev

14、 drwxr-xr-x. 76 root root 4096 Sep 30 14:36 etc

15、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 home

16、 lrwxrwxrwx. 1 root root 7 Feb 26 2021 lib -> usr/lib

17、 lrwxrwxrwx. 1 root root 9 Feb 26 2021 lib64 -> usr/lib64

18、 drwx------. 2 root root 16384 Feb 26 2021 lost+found

19、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 media

20、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 mnt

21、 drwxr-xr-x 2 root root 4096 Sep 30 15:35 nfs

22、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 opt

23、 dr-xr-xr-x 99 root root 0 Sep 30 14:36 proc

24、 dr-xr-x---. 4 root root 4096 Sep 30 14:36 root

25、 drwxr-xr-x 24 root root 640 Sep 30 14:36 run

26、 lrwxrwxrwx. 1 root root 8 Feb 26 2021 sbin -> usr/sbin

27、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 srv

28、 dr-xr-xr-x 13 root root 0 Sep 30 14:36 sys

29、 drwxrwxrwt. 9 root root 4096 Sep 30 15:27 tmp

30、 drwxr-xr-x. 13 root root 4096 Feb 26 2021 usr

31、 drwxr-xr-x. 19 root root 4096 Feb 26 2021 var

32、 [root@database1 nfs]# mount /dev/vdb /nfs/code

33、 [root@database1 nfs]#

34、 [root@database1 nfs]# ll code/

35、 total 16

36、 drwx------ 2 root root 16384 Sep 30 15:31 lost+found

6、在Database01的ECS上配置nfs服務(wù)并且將/nfs/code共享。【20分】

[root@database1 nfs]# uname -n

database1

[root@database1 nfs]# systemctl stop firewalld

[root@database1 nfs]# systemctl disable firewalld

[root@database1 nfs]# rpm -qa nfs-utils portmap rpcbind

[root@database1 nfs]# yum install nfs-utils rpcbind -y

Loaded plugins: fastestmirror

[root@database1 nfs]#

[root@database1 nfs]#

[root@database1 nfs]# yum install nfs-utils rpcbind -y

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

[root@database1 nfs]# service rpcbind status

Redirecting to /bin/systemctl status rpcbind.service

● rpcbind.service - RPC bind service

Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled)

Active: inactive (dead)

[root@database1 nfs]# service rpcbind start

Redirecting to /bin/systemctl start rpcbind.service

[root@database1 nfs]# service rpcbind status

Redirecting to /bin/systemctl status rpcbind.service

● rpcbind.service - RPC bind service

Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled)

Active: active (running) since Thu 2021-09-30 15:49:24 CST; 3s ago

Process: 18454 ExecStart=/sbin/rpcbind -w $RPCBIND_ARGS (code=exited, status=0/SUCCESS)

Main PID: 18455 (rpcbind)

CGroup: /system.slice/rpcbind.service

└─18455 /sbin/rpcbind -w

Sep 30 15:49:24 database1 systemd[1]: Starting RPC bind service...

Sep 30 15:49:24 database1 systemd[1]: Started RPC bind service.

[root@database1 nfs]# service nfs start

Redirecting to /bin/systemctl start nfs.service

[root@database1 nfs]# rpcinfo -p localhost

program vers proto port service

100000 4 tcp 111 portmapper

100000 3 tcp 111 portmapper

100000 2 tcp 111 portmapper

100000 4 udp 111 portmapper

100000 3 udp 111 portmapper

100000 2 udp 111 portmapper

100024 1 udp 39736 status

100024 1 tcp 37805 status

100005 1 udp 20048 mountd

100005 1 tcp 20048 mountd

100005 2 udp 20048 mountd

100005 2 tcp 20048 mountd

100005 3 udp 20048 mountd

100005 3 tcp 20048 mountd

100003 3 tcp 2049 nfs

100003 4 tcp 2049 nfs

100227 3 tcp 2049 nfs_acl

100003 3 udp 2049 nfs

100003 4 udp 2049 nfs

100227 3 udp 2049 nfs_acl

100021 1 udp 53044 nlockmgr

100021 3 udp 53044 nlockmgr

100021 4 udp 53044 nlockmgr

100021 1 tcp 37368 nlockmgr

100021 3 tcp 37368 nlockmgr

100021 4 tcp 37368 nlockmgr

[root@database1 nfs]#

[root@database1 nfs]# cat /etc/exports

# shared directory

/nfs/code 192.168.0.0/24(rw,sync)

26 2021-09-30 15:51:13 root vim /etc/exports

27 2021-09-30 15:54:02 root service nfs reload

28 2021-09-30 15:54:18 root showmount -e localhost

參考：https://www.cnblogs.com/shenjianping/p/14697278.html

7、創(chuàng)建一個(gè)負(fù)載均衡器，將node1和node2加入負(fù)載均衡的后端。設(shè)置一個(gè)可用的服務(wù)IP，服務(wù)端口為80，并綁定一個(gè)可用的彈性公網(wǎng)IP，對(duì)彈性公網(wǎng)IP進(jìn)行Web訪問測(cè)試。【40分】

具體內(nèi)容

具體參數(shù)

實(shí)例規(guī)格類型

共享型

網(wǎng)絡(luò)類型

公網(wǎng)

所屬VPC

VPC-01

彈性公網(wǎng)IP

新創(chuàng)建

名稱

自定義

-具體內(nèi)容

具體參數(shù)

名稱

自定

前端協(xié)議;端口

HTTP（七層）;80

后端服務(wù)器組具體內(nèi)容

具體參數(shù)

后端服務(wù)器組

新創(chuàng)建

名稱

自定

分配策略類型

加權(quán)輪詢算法

健康檢查

開啟

添加服務(wù)器

具體情況

端口

80

權(quán)重

1

（暫時(shí)還沒找到解決辦法）

這里異常可能是安全組沒有開放80端口，開放之后再去刷新一下

任務(wù)二：業(yè)務(wù)部署和遷移。（分值655分）

1、 使用node1，node2安裝部署apache，PHP服務(wù)，并確保能對(duì)外提供業(yè)務(wù)。【50分】

（注意彈性公網(wǎng)IP配額）

[root@ecs-node-0001 ~]# yum -y install httpd php php-fpm php-server php-mysql

Loaded plugins: fastestmirror

Determining fastest mirrors

[root@ecs-node-0001 ~]# systemctl restart httpd

[root@ecs-node-0001 ~]# systemctl enable httpd

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@ecs-node-0001 ~]# systemctl restart php-fpm

[root@ecs-node-0001 ~]# systemctl enable php-fpm

Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.

[root@ecs-node-0002 ~]# yum -y install httpd php php-fpm php-server php-mysql

Loaded plugins: fastestmirror

[root@ecs-node-0002 ~]# systemctl restart httpd

[root@ecs-node-0002 ~]# systemctl enable httpd

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@ecs-node-0002 ~]# systemctl restart php-fpm

[root@ecs-node-0002 ~]# systemctl enable php-fpm

Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.

兩個(gè)公網(wǎng)IP區(qū)web界面查看能否訪問http

如果不能就去安全組添加tcp：80端口

2、 在Database01云主機(jī)上部署MySQL服務(wù)，并且保證node1、node2能夠訪問mysql服務(wù)，并且使用SQL語句創(chuàng)建后續(xù)需要使用得數(shù)據(jù)庫(數(shù)據(jù)庫名自定義)。【100分】

在這一步之前千萬不要直接安裝MySQL，不然會(huì)找不到密碼

[root@database1 ]# wget http://dev.mysql.com /get/mysql57-community-release-el7-8.noarch.rpm

[root@database1 ~]# ll

total 12

-rw-r--r-- 1 root root 9116 Apr 11 2016 mysql57-community-release-el7-8.noarch.rpm

[root@database1 ~]# yum localinstall mysql57-community-release-el7-8.noarch.rpm ##在線安裝MySQL

Loaded plugins: fastestmirror

[root@database1 ~]# yum repolist |grep "mysql.*-community.*"

mysql-connectors-community/x86_64 MySQL Connectors Community 212

mysql-tools-community/x86_64 MySQL Tools Community 132

mysql57-community/x86_64 MySQL 5.7 Community Server 524

[root@database1 ~]# yum -y install mysql-community-server

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

[root@database1 ~]# systemctl start mysqld

[root@database1 ~]# systemctl status mysqld

[root@database1 ~]# systemctl enable mysqld

[root@database1 ~]# systemctl daemon-reload

[root@database1 ~]#

[root@database1 ~]# grep 'temporary password' /var/log/mysqld.log

##查找MySQL初始密碼

2021-10-02T12:53:03.313070Z 1 [Note] A temporary password is generated for root@localhost: #t=fop5h>)wS ## MySQL初始密碼

[root@database1 ~]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

#########################################################

Node1 node2

通過內(nèi)網(wǎng)連接

該昨天的錯(cuò)誤：

[root@database1 ~]# yum -y install mariadb-server ##安裝mariadb

Loaded plugins: fastestmirror

Determining fastest mirrors

base

[root@database1 ~]# systemctl start mariadb

[root@database1 ~]# systemctl enaable mariadb ##重啟mariadb并自啟

[root@database1 ~]# mysql_secure_installation ##重置密碼

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current

password for the root user. If you've just installed MariaDB, and

you haven't set the root password yet, the password will be blank,

so you should just press enter here.

Enter current password for root (enter for none):

OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.

Set root password? [Y/n] y

New password:

Re-enter new password:

Password updated successfully!

[root@database1 ~]# mysql -u root -p ##登入數(shù)據(jù)庫

Enter password:

MariaDB [(none)]> create user 'user'@'%' identified by 'pass'; ##新建用戶并賦予密碼：pass

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all privileges on *.* to 'user'@'%'; ##賦予遠(yuǎn)程登陸權(quán)限

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges; ##刷新權(quán)限

Query OK, 0 rows affected (0.00 sec)

[root@database1 ~]# mysql -h 192.168.20.158 -u user -p

##實(shí)現(xiàn)遠(yuǎn)程登陸成功安全組一定要開放3306端口

Enter password:

Welcome to the MariaDB monitor. Commands end with ; or \g.

Your MariaDB connection id is 23

Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

[root@database1 ~]# mysql -h 192.168.20.158 -u user -p

Enter password:

Welcome to the MariaDB monitor. Commands end with ; or \g.

Your MariaDB connection id is 26

Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database Discuz; #新建一個(gè)數(shù)據(jù)庫

Query OK, 1 row affected (0.00 sec)

參考：https://blog.star-chen.com/2017/03/11/MariaDB-Create-Remote/

3、 使用現(xiàn)有軟件包在node1、node2安裝Discuz網(wǎng)站。【100分】

Node1 node2同等操作

wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip

ll

unzip Discuz_X3.2_SC_UTF8.zip

ll

cp -rf upload/* /var/www/html/

chmod 777 /var/www/html/

chmod -R 777 /var/www/html

systemctl restart httpd

systemctl enable httpd

訪問網(wǎng)站

4、在云主機(jī)redis上部署docker容器服務(wù)，在容器當(dāng)中部署redis服務(wù)，并且配置node-1、node-2能夠訪問redis服務(wù)。《redis遠(yuǎn)程訪問》（在網(wǎng)站配置文件【config/config_global.php】當(dāng)中進(jìn)行配置redis連接，部署docker采用shell腳本的方式部署，如果不是，則部署docker項(xiàng)不得分）【250分】

安裝docker腳本：

[root@shiyan ~]# cat docker.sh

#!/bin/bash

yum update -y

yum-config-manager \--add-repo \https://download.docker.com/linux/centos/docker-ce.repo

sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+'/etc/yum.repos.d/docker-ce.repo

yum install -y yum-utils device-mapper-persistent-data lvm2

yum list docker-ce --showduplicates | sort -r

yum install docker-ce -y

systemctl start docker

systemctl enable docker

Docker里面部署redis腳本： （沒問題的）也可命令配置

[root@shiyan ~]# cat redis.sh

#!/bin/bash

docker search redis

docker pull redis

docker images

mkdir /usr/local/docker

cd /usr/local/docker

yum -y install wget

wget http://download.redis.io/redis-stable/redis.conf

sed -i 's/bind127.0.0.1/#bind127.0.0.1/g' /usr/local/docker/redis.conf

sed -i 's/protected-mode yes/protected-mode no/g' /usr/local/docker/redis.conf

docker run -itd --name redis-test -p 6379:6379 redis

docker run -itd -p 192.168.100.10:6379:6379 --name redis -v /usr/local/docker/redis.conf:/etc/redis/redis.conf -v /usr/local/docker/data:/data redis redis-server /etc/redis/redis.conf

docker start redis

docker ps -a

docker exec -it redis-test bash

Node1 node2主機(jī)同操作

命令：

yum -y install redis

vim /etc/redis.conf

systemctl restart redis

systemctl enable redis

Database1：

root@e8b956d37721:/data# redis-cli -h 192.168.73.182 -p 6379

192.168.73.182:6379>

192.168.73.182:6379> ping

PONG

192.168.73.182:6379> ##localhost端

root@e8b956d37721:/data# redis-cli -h 192.168.73.132 -p 6379

192.168.73.132:6379>

192.168.73.132:6379> ##reds就可遠(yuǎn)程連接

[root@liuchuntian redis]# redis-cli -h 192.168.73.182 -p 6379

192.168.73.182:6379>

192.168.73.182:6379> ##主機(jī)2連接redis主機(jī)

4、 將node1、node2配置負(fù)載均衡服務(wù)并驗(yàn)證負(fù)載均衡和彈性伸縮服務(wù)。【85分】

負(fù)載均衡服務(wù)：

彈性伸縮服務(wù)：

彈性 伸縮組

訪問伸縮IP

Ok

5、 云監(jiān)控服務(wù)界面，也可以查看主機(jī)監(jiān)控、云服務(wù)監(jiān)控信息，需要注意的是在進(jìn)行主機(jī)監(jiān)控時(shí)需提前安裝插件，要求在云服務(wù)監(jiān)控當(dāng)中設(shè)置磁盤讀帶寬監(jiān)控指標(biāo)。【50分】

6、 在安全組上配置阻止445端口的流量。【20分】

Redis 容器

版權(quán)聲明：本文內(nèi)容由網(wǎng)絡(luò)用戶投稿，版權(quán)歸原作者所有，本站不擁有其著作權(quán)，亦不承擔(dān)相應(yīng)法律責(zé)任。如果您發(fā)現(xiàn)本站中有涉嫌抄襲或描述失實(shí)的內(nèi)容，請(qǐng)聯(lián)系我們jiasou666@gmail.com 處理，核實(shí)后本網(wǎng)站將在24小時(shí)內(nèi)刪除侵權(quán)內(nèi)容。

版權(quán)聲明：本文內(nèi)容由網(wǎng)絡(luò)用戶投稿，版權(quán)歸原作者所有，本站不擁有其著作權(quán)，亦不承擔(dān)相應(yīng)法律責(zé)任。如果您發(fā)現(xiàn)本站中有涉嫌抄襲或描述失實(shí)的內(nèi)容，請(qǐng)聯(lián)系我們jiasou666@gmail.com 處理，核實(shí)后本網(wǎng)站將在24小時(shí)內(nèi)刪除侵權(quán)內(nèi)容。