振兴杯华为云操作

小源博客 发表于 2022/03/21 21:30:08 2022/03/21
【摘要】 bei图1任务一:基础设施建设。(分值:145分)1、 创建三个VPC(名称自定义),并且将Database01和云计算redis分别更改到不同VPC下。【10分】2、按照2核CPU、4G内存、40G硬盘创建四台分别名为node1、node2、Database01和redis的云主机。【10分】 云主机规格:具体内容具体参数CPU架构x86计算规格s6.large.2镜像类型公共镜像镜像Ce...

bei

1

任务:基础设施建设。(分值:145分)

1、 创建三个VPC(名称自定义),并且将Database01云计算redis分别更改到不同VPC下。【10分】


2、按照2CPU4G内存、40G硬盘创建四台分别名为node1node2Database01redis的云主机。【10分】

云主机规格

具体内容

具体参数

CPU架构

x86计算

规格

s6.large.2

镜像类型

公共镜像

镜像

CentOS 7.6

系统盘

通用型SSD 40G

云服务器名称

自定义

VPC

使用上一步创建的VPC

其它参数

默认


2、 配置对等路由将Database01redisnode1node2所处的网络打通并保证四台主机之间网络可用。【25分】


互相建立对等连接即可不同网段互联

参考:《HCIA-Cloud Service V2.2 实验手册

3.网络类服务实践

方案

3.3.5 创建对等连接,使同区域不同 VPC 内的 ECS 进行通信 117

同网段内的IP地址可以互ping

不能互ping


解决方法:

1. 进入网络控制台找到《对等链接》



方案二:

bj四区域弹性IP配额不足时,可在其他区域购买弹性IPVPN专线连接使其可以互相通信:

步骤:


北京四区


北京一区:



如果改完之后状态栏显示“未连接”

解决办法:

刷新一下,状态栏就会变正常



3、 创建一个10G的云硬盘,并将其挂载到Database01的云主机上,并将其进行格式成ext4的格式。【20分】

[root@database1 ~]# fdisk -l


Disk /dev/vda: 42.9 GB, 42949672960 bytes, 83886080 sectors

Units = sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk label type: dos

Disk identifier: 0x000e3a31


Device Boot Start End Blocks Id System

/dev/vda1 * 2048 83886079 41942016 83 Linux


Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors

Units = sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes


[root@database1 ~]# mkf

mkfifo mkfs mkfs.btrfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.ext4 mkfs.minix mkfs.xfs

[root@database1 ~]# mkfs -t ext4 /dev/vd

vda vda1 vdb

[root@database1 ~]# mkfs -t ext4 /dev/vdb

mke2fs 1.42.9 (28-Dec-2013)

Filesystem label=

OS type: Linux

Block size=4096 (log=2)

Fragment size=4096 (log=2)

Stride=0 blocks, Stripe width=0 blocks

655360 inodes, 2621440 blocks

131072 blocks (5.00%) reserved for the super user

First data block=0

Maximum filesystem blocks=2151677952

80 block groups

32768 blocks per group, 32768 fragments per group

8192 inodes per group

Superblock backups stored on blocks:

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632


Allocating group tables: done

Writing inode tables: done

Creating journal (32768 blocks): done

Writing superblocks and filesystem accounting information: done


4、 将上一步创建的云硬盘挂载到Database01/nfs/code下,保证可读写。【20分】

5、 [root@database1 ~]# mkdir /nfs

6、 [root@database1 ~]# cd /

7、 [root@database1 /]# ll

8、 total 72

9、 lrwxrwxrwx. 1 root root 7 Feb 26 2021 bin -> usr/bin

10、 dr-xr-xr-x. 5 root root 4096 Sep 30 14:37 boot

11、 drwxr-xr-x 7 root root 4096 Feb 26 2021 CloudResetPwdUpdateAgent

12、 drwxr-xr-x 6 root root 4096 Feb 26 2021 CloudrResetPwdAgent

13、 drwxr-xr-x 19 root root 3040 Sep 30 15:29 dev

14、 drwxr-xr-x. 76 root root 4096 Sep 30 14:36 etc

15、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 home

16、 lrwxrwxrwx. 1 root root 7 Feb 26 2021 lib -> usr/lib

17、 lrwxrwxrwx. 1 root root 9 Feb 26 2021 lib64 -> usr/lib64

18、 drwx------. 2 root root 16384 Feb 26 2021 lost+found

19、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 media

20、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 mnt

21、 drwxr-xr-x 2 root root 4096 Sep 30 15:35 nfs

22、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 opt

23、 dr-xr-xr-x 99 root root 0 Sep 30 14:36 proc

24、 dr-xr-x---. 4 root root 4096 Sep 30 14:36 root

25、 drwxr-xr-x 24 root root 640 Sep 30 14:36 run

26、 lrwxrwxrwx. 1 root root 8 Feb 26 2021 sbin -> usr/sbin

27、 drwxr-xr-x. 2 root root 4096 Apr 11 2018 srv

28、 dr-xr-xr-x 13 root root 0 Sep 30 14:36 sys

29、 drwxrwxrwt. 9 root root 4096 Sep 30 15:27 tmp

30、 drwxr-xr-x. 13 root root 4096 Feb 26 2021 usr

31、 drwxr-xr-x. 19 root root 4096 Feb 26 2021 var

32、 [root@database1 nfs]# mount /dev/vdb /nfs/code

33、 [root@database1 nfs]#

34、 [root@database1 nfs]# ll code/

35、 total 16

36、 drwx------ 2 root root 16384 Sep 30 15:31 lost+found


6、在Database01ECS上配置nfs服务并且将/nfs/code共享。【20分】

[root@database1 nfs]# uname -n

database1

[root@database1 nfs]# systemctl stop firewalld

[root@database1 nfs]# systemctl disable firewalld

[root@database1 nfs]# rpm -qa nfs-utils portmap rpcbind

[root@database1 nfs]# yum install nfs-utils rpcbind -y

Loaded plugins: fastestmirror

[root@database1 nfs]#

[root@database1 nfs]#

[root@database1 nfs]# yum install nfs-utils rpcbind -y

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

[root@database1 nfs]# service rpcbind status

Redirecting to /bin/systemctl status rpcbind.service

rpcbind.service - RPC bind service

Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled)

Active: inactive (dead)

[root@database1 nfs]# service rpcbind start

Redirecting to /bin/systemctl start rpcbind.service

[root@database1 nfs]# service rpcbind status

Redirecting to /bin/systemctl status rpcbind.service

rpcbind.service - RPC bind service

Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled)

Active: active (running) since Thu 2021-09-30 15:49:24 CST; 3s ago

Process: 18454 ExecStart=/sbin/rpcbind -w $RPCBIND_ARGS (code=exited, status=0/SUCCESS)

Main PID: 18455 (rpcbind)

CGroup: /system.slice/rpcbind.service

└─18455 /sbin/rpcbind -w


Sep 30 15:49:24 database1 systemd[1]: Starting RPC bind service...

Sep 30 15:49:24 database1 systemd[1]: Started RPC bind service.



[root@database1 nfs]# service nfs start

Redirecting to /bin/systemctl start nfs.service


[root@database1 nfs]# rpcinfo -p localhost

program vers proto port service

100000 4 tcp 111 portmapper

100000 3 tcp 111 portmapper

100000 2 tcp 111 portmapper

100000 4 udp 111 portmapper

100000 3 udp 111 portmapper

100000 2 udp 111 portmapper

100024 1 udp 39736 status

100024 1 tcp 37805 status

100005 1 udp 20048 mountd

100005 1 tcp 20048 mountd

100005 2 udp 20048 mountd

100005 2 tcp 20048 mountd

100005 3 udp 20048 mountd

100005 3 tcp 20048 mountd

100003 3 tcp 2049 nfs

100003 4 tcp 2049 nfs

100227 3 tcp 2049 nfs_acl

100003 3 udp 2049 nfs

100003 4 udp 2049 nfs

100227 3 udp 2049 nfs_acl

100021 1 udp 53044 nlockmgr

100021 3 udp 53044 nlockmgr

100021 4 udp 53044 nlockmgr

100021 1 tcp 37368 nlockmgr

100021 3 tcp 37368 nlockmgr

100021 4 tcp 37368 nlockmgr

[root@database1 nfs]#


[root@database1 nfs]# cat /etc/exports

# shared directory

/nfs/code 192.168.0.0/24(rw,sync)

26 2021-09-30 15:51:13 root vim /etc/exports

27 2021-09-30 15:54:02 root service nfs reload

28 2021-09-30 15:54:18 root showmount -e localhost


参考:https://www.cnblogs.com/shenjianping/p/14697278.html


7、创建一个负载均衡器,将node1node2加入负载均衡的后端。设置一个可用的服务IP,服务端口为80,并绑定一个可用的弹性公网IP,对弹性公网IP进行Web访问测试。【40分】

具体内容

具体参数

实例规格类型

共享型

网络类型

公网

所属VPC

VPC-01

弹性公网IP

新创建

名称

自定义

监听器具体内容

具体参数

名称

自定

前端协议;端口

HTTP(七层);80

后端服务器组具体内容

具体参数

后端服务器组

新创建

名称

自定

分配策略类型

加权轮询算法

健康检查

开启

添加服务器

具体情况

端口

80

权重

1



(暂时还没找到解决办法)

这里异常可能是安全组没有开放80端口,开放之后再去刷新一下


任务二:业务部署和迁移。(分值655分)


1、 使用node1node2安装部署apachePHP服务,并确保能对外提供业务。【50分】

(注意弹性公网IP配额)


[root@ecs-node-0001 ~]# yum -y install httpd php php-fpm php-server php-mysql

Loaded plugins: fastestmirror

Determining fastest mirrors


[root@ecs-node-0001 ~]# systemctl restart httpd

[root@ecs-node-0001 ~]# systemctl enable httpd

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@ecs-node-0001 ~]# systemctl restart php-fpm

[root@ecs-node-0001 ~]# systemctl enable php-fpm

Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.


[root@ecs-node-0002 ~]# yum -y install httpd php php-fpm php-server php-mysql

Loaded plugins: fastestmirror


[root@ecs-node-0002 ~]# systemctl restart httpd

[root@ecs-node-0002 ~]# systemctl enable httpd

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@ecs-node-0002 ~]# systemctl restart php-fpm

[root@ecs-node-0002 ~]# systemctl enable php-fpm

Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.

两个公网IPweb界面查看能否访问http

如果不能就去安全组添加tcp80端口



2、 Database01云主机上部署MySQL服务,并且保证node1node2能够访问mysql服务,并且使用SQL语句创建后续需要使用得数据库(数据库名自定义)。【100分】


在这一步之前千万不要直接安装MySQL,不然会找不到密码

[root@database1 ]# wget http://dev.mysql.com /get/mysql57-community-release-el7-8.noarch.rpm


[root@database1 ~]# ll

total 12

-rw-r--r-- 1 root root 9116 Apr 11 2016 mysql57-community-release-el7-8.noarch.rpm

[root@database1 ~]# yum localinstall mysql57-community-release-el7-8.noarch.rpm ##在线安装MySQL

Loaded plugins: fastestmirror


[root@database1 ~]# yum repolist |grep "mysql.*-community.*"

mysql-connectors-community/x86_64 MySQL Connectors Community 212

mysql-tools-community/x86_64 MySQL Tools Community 132

mysql57-community/x86_64 MySQL 5.7 Community Server 524


[root@database1 ~]# yum -y install mysql-community-server

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile


[root@database1 ~]# systemctl start mysqld

[root@database1 ~]# systemctl status mysqld

[root@database1 ~]# systemctl enable mysqld

[root@database1 ~]# systemctl daemon-reload

[root@database1 ~]#

[root@database1 ~]# grep 'temporary password' /var/log/mysqld.log

##查找MySQL初始密码

2021-10-02T12:53:03.313070Z 1 [Note] A temporary password is generated for root@localhost: #t=fop5h>)wS ## MySQL初始密码


[root@database1 ~]# mysql -u root -p


Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql>


#########################################################

Node1 node2

通过内网连接

该昨天的错误:

[root@database1 ~]# yum -y install mariadb-server ##安装mariadb

Loaded plugins: fastestmirror

Determining fastest mirrors

base


[root@database1 ~]# systemctl start mariadb

[root@database1 ~]# systemctl enaable mariadb ##重启mariadb并自启

[root@database1 ~]# mysql_secure_installation ##重置密码


NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!


In order to log into MariaDB to secure it, we'll need the current

password for the root user. If you've just installed MariaDB, and

you haven't set the root password yet, the password will be blank,

so you should just press enter here.


Enter current password for root (enter for none):

OK, successfully used password, moving on...


Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.


Set root password? [Y/n] y

New password:

Re-enter new password:

Password updated successfully!


[root@database1 ~]# mysql -u root -p ##登入数据库

Enter password:


MariaDB [(none)]> create user 'user'@'%' identified by 'pass'; ##新建用户并赋予密码:pass

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]> grant all privileges on *.* to 'user'@'%'; ##赋予远程登陆权限

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]> flush privileges; ##刷新权限

Query OK, 0 rows affected (0.00 sec)

[root@database1 ~]# mysql -h 192.168.20.158 -u user -p

##实现远程登陆成功安全组一定要开放3306端口

Enter password:

Welcome to the MariaDB monitor. Commands end with ; or \g.

Your MariaDB connection id is 23

Server version: 5.5.68-MariaDB MariaDB Server


Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


MariaDB [(none)]>


[root@database1 ~]# mysql -h 192.168.20.158 -u user -p

Enter password:

Welcome to the MariaDB monitor. Commands end with ; or \g.

Your MariaDB connection id is 26

Server version: 5.5.68-MariaDB MariaDB Server


Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


MariaDB [(none)]> create database Discuz; #新建一个数据库

Query OK, 1 row affected (0.00 sec)

参考:https://blog.star-chen.com/2017/03/11/MariaDB-Create-Remote/

3、 使用现有软件包在node1node2安装Discuz网站。【100分】

Node1 node2同等操作


wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip

ll

unzip Discuz_X3.2_SC_UTF8.zip

ll

cp -rf upload/* /var/www/html/

chmod 777 /var/www/html/

chmod -R 777 /var/www/html

systemctl restart httpd

systemctl enable httpd



访问网站

4、在云主机redis上部署docker容器服务,在容器当中部署redis服务,并且配置node-1node-2能够访问redis服务。《redis远程访问》(在网站配置文件【config/config_global.php】当中进行配置redis连接,部署docker采用shell脚本的方式部署,如果不是,则部署docker项不得分)【250分】

安装docker脚本:

[root@shiyan ~]# cat docker.sh

#!/bin/bash

yum update -y

yum-config-manager \--add-repo \https://download.docker.com/linux/centos/docker-ce.repo

sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+'/etc/yum.repos.d/docker-ce.repo


yum install -y yum-utils device-mapper-persistent-data lvm2

yum list docker-ce --showduplicates | sort -r

yum install docker-ce -y


systemctl start docker

systemctl enable docker

Docker里面部署redis脚本: (没问题的)也可命令配置

[root@shiyan ~]# cat redis.sh

#!/bin/bash


docker search redis


docker pull redis

docker images


mkdir /usr/local/docker

cd /usr/local/docker

yum -y install wget

wget http://download.redis.io/redis-stable/redis.conf


sed -i 's/bind127.0.0.1/#bind127.0.0.1/g' /usr/local/docker/redis.conf

sed -i 's/protected-mode yes/protected-mode no/g' /usr/local/docker/redis.conf


docker run -itd --name redis-test -p 6379:6379 redis


docker run -itd -p 192.168.100.10:6379:6379 --name redis -v /usr/local/docker/redis.conf:/etc/redis/redis.conf -v /usr/local/docker/data:/data redis redis-server /etc/redis/redis.conf

docker start redis

docker ps -a

docker exec -it redis-test bash

Node1 node2主机同操作

命令:

yum -y install redis

vim /etc/redis.conf

systemctl restart redis

systemctl enable redis


Database1

root@e8b956d37721:/data# redis-cli -h 192.168.73.182 -p 6379

192.168.73.182:6379>

192.168.73.182:6379> ping

PONG

192.168.73.182:6379> ##localhost



root@e8b956d37721:/data# redis-cli -h 192.168.73.132 -p 6379

192.168.73.132:6379>

192.168.73.132:6379> ##reds就可远程连接


[root@liuchuntian redis]# redis-cli -h 192.168.73.182 -p 6379

192.168.73.182:6379>

192.168.73.182:6379> ##主机2连接redis主机


4、 node1node2配置负载均衡服务并验证负载均衡和弹性伸缩服务。【85分】

负载均衡服务:

弹性伸缩服务:

弹性 伸缩组


访问伸缩IP

Ok

5、 云监控服务界面,也可以查看主机监控、云服务监控信息,需要注意的是在进行主机监控时需提前安装插件,要求在云服务监控当中设置磁盘读带宽监控指标。【50分】

6、 在安全组上配置阻止445端口的流量。【20分】

【版权声明】本文为华为云社区用户原创内容,未经允许不得转载,如需转载请发送邮件至:cloudbbs@huaweicloud.com;如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容。
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。