1.所有服务器的防火墙服务和 SELinux 服务必须开启。
2.所有服务器提供的网络服务必须在系统重启后仍然可以正常提供服务。
3.项目配置
1.配置网络
[root@server ~]# nmcli connection modify ens32 ipv4.addresses 172.25.250.101/24 ipv4.method manual ipv4.gateway 172.25.250.2 ipv4.dns 172.25.250.105 connection.autoconnect yes
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.102/24
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.103/24
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.104/24
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.105/24
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.106/24
[root@server ~]# nmcli connection modify ens32 +ipv4.addresses 172.25.250.107/24
[root@server ~]# nmcli connection up ens32
[root@server ~]# ip ad
2.配置DNS服务
1.安装DNS
[root@server ~]# dnf install bind -y
2.放行防火墙规则
[root@server ~]# firewall-cmd --permanent --add-service=dns
success
[root@server ~]# firewall-cmd --reload
success
3.配置DNS
[root@server ~]# vim /etc/named.conf
options {
listen-on port 53 { 172.25.250.105; };
directory "/var/named";
};
zone "exam.com" IN {
type master;
file "named.exam";
};
[root@server ~]# cp /var/named/named.empty /var/named/named.exam
cp:是否覆盖'/var/named/named.exam'? y
[root@server ~]# vim /var/named/named.exam
$TTL 3H
@ IN SOA @ admin.exam.com. (
0
5
3
10
15 )
IN NS dns.exam.com
dns IN A 172.25.250.105
content IN A 172.25.250.101
www IN A 172.25.250.101
ntp IN A 172.25.250.102
mysql IN A 172.25.250.103
nfs IN A 172.25.250.104
pxe IN A 172.25.250.106
bbs IN A 172.25.250.107
workstation IN A 172.25.250.108
3.配置Web服务
[root@server ~]# dnf install httpd -y
[root@server ~]# vim /etc/httpd/conf/httpd.conf
ServerName www.exam.com:80
[root@server ~]# systemctl restart httpd
[root@server ~]# echo "Hello,Welcome to www.exam.com !" >/var/www/html/index.html
[root@server ~]# firewall-cmd --permanent --add-service=http
[root@server ~]# firewall-cmd --reload
[root@server ~]# curl www.exam.com
4.配置YUM仓库
[root@server ~]# mkdir /var/www/html/yum
[root@server ~]# mount /dev/sr0 /var/www/html/yum
mount: /var/www/html/yum: WARNING: source write-protected, mounted read-only.
[root@server ~]# vim /etc/yum.repos.d/rpm.repo
[root@server ~]# cat /etc/yum.repos.d/rpm.repo
[baseos]
name=baseos
baseurl=http://content.exam.com/yum/baseos
gpgcheck=0
[baseos2]
name=baseos2
baseurl=http://content.exam.com/yum/baseos
gpgcheck=0
5.配置时间服务器
1.配置服务器端
[root@server ~]# vim /etc/chrony.conf
...
# Allow NTP client access from local network.
allow 172.25.250.0/24
...
# Serve time even if not synchronized to a time source.
local stratum 3
...
# Select which information is logged.
log measurements statistics tracking
[root@server ~]# systemctl enable chronyd
[root@server ~]# firewall-cmd --permanent --add-service=ntp
[root@server ~]# firewall-cmd --reload
[root@server ~]# systemctl restart chronyd
2.配置客户端
[root@server ~]# vim /etc/chrony.conf
...
server ntp.exam.com iburst
...
[root@server ~]# systemctl restart chronyd
[root@server ~]# systemctl enable chronyd
[root@server ~]# chronyc sources
6.配置数据库服务器
1.服务器端
[root@server ~]# groupadd mysql
[root@server ~]# useradd -r -g mysql -s /bin/false mysql
[root@server ~]# tar xvf mysql-8.4.0.tar.gz
[root@server ~]# dnf install mysql-server
[root@server ~]# mkdir bld
[root@server ~]# cd /usr/local/mysql/
[root@server ~]# mkdir mysql-files
[root@server ~]# chown mysql:mysql mysql-files/
[root@server ~]# chmod 750 mysql-files/
[root@server ~]# mysqld --initialize --user=mysql
[root@server ~]# cp /root/mysql-8.4.0/support-files/mysql.server.sh /etc/init.d/mysql.server
[root@server ~]# bin/mysqld_safe --user=mysql &
[root@server ~]# mkdir /var/log/mysql
[root@server ~]# chown mysql:mysql /var/log/mysql/
[root@server ~]# mkdir /var/lib/mysql
[root@server ~]# chown mysql:mysql /var/lib/mysql/
[root@server ~]# cat /etc/my.cnf.d/mysql-server.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid
[root@server ~]# ps -ef | grep mysql
mysql 18115 1 0 18:38 ? 00:00:08 /us
[root@server ~]# kill 18115
[root@server ~]# systemctl start mysql.server
[root@server ~]# mysql -uroot -p
[root@server bbs]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 8.0.37 Source distribution
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
mysql> alter user root@localhost identified by 'redhat'; /*修改 root 用户在本地主机的密码为 redhat*/
mysql> update mysql.user set host='%' where user='root';/*将 root 用户的主机权限设置为 %,表示允许该用户从任何主机连接到 MySQL 数据库。*/
mysql> flush privileges;/*刷新权限表,使之前对用户权限的修改生效*/
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.01 sec)
mysql> create database bbs;
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| bbs |
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
[root@server ~]# firewall-cmd --permanent --add-service=mysql
[root@server ~]# firewall-cmd --reload
2.客户端
[root@node1 ~]# mysql -uroot -h mysql.exam.com -P 3306 -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 8.0.37 Source distribution
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| bbs |
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.01 sec)
7.配置NFS
1.服务器端
[root@server ~]# mkdir /bbs
[root@server ~]# chmod 777 /bbs/
[root@server ~]# vim /etc/exports
/bbs bbs.exam.com(rw)
[root@server ~]# systemctl start nfs-server
[root@server ~]# showmount -e nfs.exam.com
Export list for nfs.exam.com:
/bbs bbs.exam.com
[root@server ~]# firewall-cmd --permanent --add-service=nfs
success
[root@server ~]# firewall-cmd --permanent --add-service=mountd
success
[root@server ~]# firewall-cmd --permanent --add-service=rpc-bind
success
[root@server ~]# firewall-cmd --reload
success
2.客户端
[root@node1 ~]# showmount -e nfs.exam.com
Export list for nfs.exam.com:
/bbs bbs.exam.com
[root@node1 ~]# mount nfs.exam.com:/bbs /var/www/html/
[root@node1 ~]# df -h /var/www/html/
文件系统 容量 已用 可用 已用% 挂载点
nfs.exam.com:/bbs 27G 7.5G 18G 30% /var/www/html
[root@node1 ~]# tail -1 /etc/fstab
[root@node1 ~]# reboot
[root@node1 ~]# Connection closing...Socket close.
8.配置论坛服务器
[root@node1 ~]# dnf install httpd php php-mysqlnd -y
[root@node1 ~]# cp Discuz_X3.5_SC_UTF8_20230520.zip /var/www/html/
[root@node1 ~]# cd /var/www/html/
[root@node1 ~]# unzip Discuz_X3.5_SC_UTF8_20230520.zip
[root@node1 ~]# cd upload/
[root@node1 ~]# chmod 777 data/ uc_server/ uc_client/ config/ -R
[root@node1 ~]# setsebool -P httpd_use_nfs 1
[root@node1 ~]# systemctl start --now httpd
[root@node1 ~]# firewall-cmd --permanent --add-service=http
success
[root@node1 ~]# firewall-cmd --reload
success
[root@node1 ~]# setsebool -P httpd_can_network_connect_db 1
浏览器打开172.25.250.107