公有云 --- 華為云

云平臺部署管理架構(gòu)圖

graph LR
  subgraph L1[公有云平臺]
  style L1 fill:#ccccff
    P[(跳板機<br>公有云彈性IP)]
    style P fill:#00ff00,color:#fffaa0
    P ---> A1[(云主機)] & A2[(云主機)] & A3[(云主機)]
    M{{模板鏡像}}
    style M fill:#11aaff
  end
U((管理員)) -..-> P
style U fill:#ff99ff

公有云配置

區(qū)域： 同一個區(qū)域中的云主機是可以互相連通的，不通區(qū)域云主機是不能使用內(nèi)部網(wǎng)絡互相通信的

選擇離自己比較近的區(qū)域，可以減少網(wǎng)絡延時卡頓

華為云yum源配置 https://support.huaweicloud.com/ecs_faq/ecs_faq_1003.html

跳板機配置

配置yum源，安裝軟件包

[root@ecs-proxy ~]# rm -rf /etc/yum.repos.d/*.repo
[root@ecs-proxy ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo
[root@ecs-proxy ~]# yum clean all
[root@ecs-proxy ~]# yum makecache
[root@ecs-proxy ~]# yum install -y net-tools lftp rsync psmisc vim-enhanced tree vsftpd  bash-completion createrepo lrzsz iproute
[root@ecs-proxy ~]# mkdir /var/ftp/localrepo
[root@ecs-proxy ~]# cd /var/ftp/localrepo
[root@ecs-proxy ~]# createrepo  .
[root@ecs-proxy ~]# createrepo --update . # 更新
[root@ecs-proxy ~]# systemctl enable --now vsftpd

優(yōu)化系統(tǒng)服務

[root@ecs-proxy ~]# systemctl stop postfix atd tuned
[root@ecs-proxy ~]# yum remove -y postfix at audit tuned kexec-tools firewalld-*
[root@ecs-proxy ~]# vim /etc/cloud/cloud.cfg
# manage_etc_hosts: localhost 注釋掉這一行
[root@ecs-proxy ~]# reboot

安裝配置ansible管理主機

[root@ecs-proxy ~]# tar zxf ansible_centos7.tar.gz
[root@ecs-proxy ~]# yum install -y ansible_centos7/*.rpm
[root@ecs-proxy ~]# ssh-keygen -t rsa -b 2048 -N '' -f /root/.ssh/id_rsa
[root@ecs-proxy ~]# chmod 0400 /root/.ssh/id_rsa
[root@ecs-proxy ~]# ssh-copy-id -i /root/.ssh/id_rsa 模板主機IP

模板鏡像配置

配置yum源，安裝軟件包

[root@ecs-host ~]# rm -rf /etc/yum.repos.d/*.repo
[root@ecs-host ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo
[root@ecs-host ~]# vim /etc/yum.repos.d/local.repo 
[local_repo]
name=CentOS-$releasever – Localrepo
baseurl=ftp://192.168.1.252/localrepo
enabled=1
gpgcheck=0
[root@ecs-host ~]# yum clean all
[root@ecs-host ~]# yum makecache
[root@ecs-host ~]# yum repolist
[root@ecs-host ~]# yum install -y net-tools lftp rsync psmisc vim-enhanced tree lrzsz bash-completion iproute

優(yōu)化系統(tǒng)服務

[root@ecs-host ~]# systemctl stop postfix atd tuned
[root@ecs-host ~]# yum remove -y postfix at audit tuned kexec-tools firewalld-*
[root@ecs-host ~]# vim /etc/cloud/cloud.cfg
# manage_etc_hosts: localhost 注釋掉這一行
[root@ecs-host ~]# yum clean all 
[root@ecs-host ~]# poweroff

關機以后把主機系統(tǒng)盤制作為模板

網(wǎng)站云平臺部署實戰(zhàn)

網(wǎng)站架構(gòu)圖

graph LR
  subgraph L1[公有云平臺]
  style L1 fill:#ccffcc
    subgraph web集群
      style web集群 fill:#ccccff
      A1[(web-0001)];A2[(web-0002)];A3[(web-0003)]
    end
    P([跳板機<br>公有云彈性IP]) -.-> A1 & A2 & A3
    style P fill:#ffff00
    L((負載均衡<br>ELB)) --> A1 & A2 & A3
    style L fill:#ffaa44
  end
U1((管理員)) -.->|管理| P
U2((用戶)) -->|訪問| L
style U1 fill:#ff99ff
style U2 fill:#aa99ff
classDef VM color:#ff0000,fill:#99ff99
class A1,A2,A3 VM

實驗要求：購買3臺云主機，部署 apache + php 的網(wǎng)站

 軟件素材在云盤的 public/web_install 目錄下

[root@ecs-proxy ~]# mkdir -p web-site
[root@ecs-proxy ~]# cd web-site
[root@ecs-proxy ~]# vim ansible.cfg
[defaults]
inventory         = hostlist
host_key_checking = False
[root@ecs-proxy ~]# vim hostlist
[web]
192.168.1.[11:13]
[root@ecs-proxy ~]# vim web_install.yaml
---
- name: web 集群安裝
  hosts: web
  tasks:
  - name: 安裝 apache 服務 
    yum:
      name: httpd,php
      state: latest
      update_cache: yes
  - name: 配置 httpd 服務 
    service:
      name: httpd
      state: started
      enabled: yes
  - name: 部署網(wǎng)站網(wǎng)頁
    unarchive:
      src: files/webhome.tar.gz
      dest: /var/www/html/
      copy: yes
      owner: apache
      group: apache
[root@ecs-proxy ~]# mkdir files
# 上傳 webhome.tar.gz 到 files 目錄下
[root@ecs-proxy ~]# ansible-playbook web_install.yaml

通過華為云負載均衡部署訪問，通過瀏覽器查看結(jié)果