网站安全架构设计方案
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
ip
#!/bin/bash #description : start realserver VIP=61.61.61.100 ./etc/rc.d/init.d/functions case "$1" in start) echo " start LVS of REALServer" /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce ;; stop) /sbin/ifconfig lo:0 down echo "close LVS Directorserver"
2 ),
(dell 2950), 1 nagios,web
centos 5( apache+php
ipvsadm keepalived, mysql proxy.
1 2 3 4 5 6 7
lvs web mysql web 1-2 2
2-3 2-3 1-3 1 2
keepalived.conf
! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state master interface eth0 virtual_router_id 59 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 61.61.61.100 #61.61.61.101 } }
virtual_server 61.61.61.100 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 61.61.61.102 80 { weight 100 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 61.61.61.103 80 { weight 100 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
:
1 2 3 4 5
1
bbs,blog 2 mysql mysql proxy web bbs,blog
2 3 4
1
2
linux
lvs, keepalived keepalived bbs
lvs 2 mysql web 3 nagios
mysql proxy
4
web crontab
web
GNU tar
mysqldump web
tar. NFS
5 web blog 6
apache
mysql proxy bbs
Apache bbs blog mysql
iptables
百度文库
: NAS(5T (dell1850).
2
(dell 1950),web ), 4u ) mysql,
2-3 (
(dell1950), 5T
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce ;; *) echo "Usage: $0 {start|stop}" exit 1 esac