LNMP工作模式
工作平台为红帽6.6 64位
nginx的优点:
1、Nginx是一个小巧而高效的Linux下的Web服务器软件,是由 Igor Sysoev 为俄罗斯访问量第二的 Rambler.ru 站点开发的,已经在一些俄罗斯的大型网站上运行多年,相当的稳定
2、Nginx是解决C10K问题的服务器之一。不同于传统的服务器,Nginx的不依赖于线程处理请求。相反,它使用一个更可扩展的事件驱动(event-driven)(异步)架构
编译安装Nginx
1、解决依赖关系
# yum groupinstall "DevelopmentTools" "Server Platform Deveopment"
# yum install openssl-devel pcre-devel
2、安装
首先添加用户nginx,实现以之运行nginx服务进程:
# groupadd -r -g 108 nginx
# useradd -r -g 108 -u 108 nginx
# date 时间同步
# ntpdate 172.16.0.1
# tar xf nginx-1.4.1.tar.gz
接着开始编译和安装:
# cd nginx-1.4.1/
# ./configure \
--prefix=/usr \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--http-scgi-temp-path=/var/tmp/nginx/scgi \
--with-pcre \
--with-file-aio
# make && make install
3、为nginx提供SysV init脚本:
新建文件/etc/rc.d/init.d/nginx,内容如下:
# vim /etc/rc.d/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops thenginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no"] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f/etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
#make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating"$value
mkdir -p $value && chown-R $user $value
fi
fi
done
}
start() {
[-x $nginx ] || exit 5
[-f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[$retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0{start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
而后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
添加至服务管理列表,并让其开机自动启动:
# chkconfig --add nginx
# chkconfig nginx on
而后就可以启动服务并测试了:
# service nginx start
访问测试页 172.16.50.200
Mysql的准备
准备数据存放的文件系统
1、新建一个逻辑卷,并将其挂载至特定目录即可。这里假设其逻辑卷的挂载目录为/mydata,而后需要创建/mydata/data目录做为mysql数据的存放目录。
# mkdir/mydata/data -pv
2、新建用户以安全方式运行进程:
# groupadd -rmysql
# useradd -g mysql-r -s /sbin/nologin -M -d /mydata/data mysql
# chown -Rmysql:mysql /mydata/data
3、安装并初始化mysql-5.6.10
首先下载平台对应的mysql版本至本地,这里是64位平台,因此,选择的为mysql-5.6.10-linux-glibc2.5-x86_64.tar.gz
# tar xf mysql-5.6.10-linux-glibc2.5-x86_64.tar.gz-C /usr/local
# cd /usr/local/
# ln -sv mysql-5.6.10-linux-glibc2.5-x86_64mysql
# cd mysql
# chown -Rmysql:mysql .
初始化数据库
#scripts/mysql_install_db --user=mysql --datadir=/mydata/data
# chown -Rroot . 为安全起见,需要将属主改为root
4、为mysql提供主配置文件:
# cd/usr/local/mysql
[root@slavemysql]# vim my.cnf
需要添加如下行指定mysql数据文件的存放位置:
datadir =/mydata/data
innodb_file_per_table= on
log-bin =master-bin
socket =/tmp/mysql.sock
5、为mysql提供sysv服务脚本:
# cd/usr/local/mysql
# cpsupport-files/mysql.server /etc/rc.d/init.d/mysqld
添加至服务列表:
# chkconfig --addmysqld
# chkconfig mysqldon
而后就可以启动服务测试使用了。
为了使用mysql的安装符合系统使用规范,并将其开发组件导出给系统使用,这里还需要进行如下步骤:
6、输出mysql的man手册至man命令的查找路径:
编辑/etc/man.config,添加如下行即可:
MANPATH /usr/local/mysql/man
7、输出mysql的头文件至系统头文件路径/usr/include:
这可以通过简单的创建链接实现:
# ln -sv/usr/local/mysql/include /usr/include/mysql
8、输出mysql的库文件给系统库查找路径:
# echo '/usr/local/mysql/lib'> /etc/ld.so.conf.d/mysql.conf
而后让系统重新载入系统库:
# ldconfig
9、修改PATH环境变量,让系统可以直接使用mysql的相关命令。
# vim /etc/profile.d/mysql.d ---添加内容如下
export PATH=$PATH:/usr/local/mysql/bin
# . /etc/profile.d/mysql.d
安装PHP
安装一下安装包
libmcrypt-2.5.7-5.el5.i386.rpm
libmcrypt-devel-2.5.7-5.el5.i386.rpm
mhash-0.9.2-6.el5.i386.rpm
mhash-devel-0.9.2-6.el5.i386.rpm
# yum install libmcrypt-2.5.7-5.el5.i386.rpmlibmcrypt-devel-2.5.7-5.el5.i386.rpm mhash-0.9.2-6.el5.i386.rpmmhash-devel-0.9.2-6.el5.i386.rpm -y
# yum install libxml2-devel libcurl-devel bzip2-devel openssl-devel –y
编译安装PHP
# tar xf php-5.4.4.tar.bz2
# cd php-5.4.4
./configure --prefix=/usr/local/php--with-mysql=/usr/local/mysql --with-openssl --enable-fpm --with-mysqli=/usr/local/mysql/bin/mysql_config--enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir--with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-mcrypt --with-config-file-path=/etc--with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts --with-curl
#make
# make install
准备PHP的配置文件
# cd php-5.4.4
# cpphp.ini-production /etc/php.ini
为php-fpm提供Sysv init脚本,并将其添加至服务列表:
# cd php-5.4.4
# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
# cp sapi/fpm/init.d.php-fpm/etc/init.d/php-fpm
# chmod +x/etc/init.d/php-fpm
# chkconfig --add php-fpm
# chkconfig php-fpm on
准备php_fpm的配置文件
# cp php.ini-production/etc/php.ini
# cd/usr/local/php/etc/
# cpphp-fpm.conf.default php-fpm.conf
# vimphp-fpm.conf
修改内容为:
pm.max_children =150
pm.start_servers= 5
pm.min_spare_servers= 2
pm.max_spare_servers= 8
pid = /usr/local/php/var/run/php-fpm.pid
启动php-fpm
# service php-fpm start
Starting php-fpm done
编辑nginx,启用定义的php页面的上下文
# vim /etc/nginx/nginx.conf
location ~ \.php$ {
root /web/slave;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
并且添加默认页面
index index.php index.htmlindex.htm;
编辑fastcgi_params文件
# vim /etc/nginx/fastcgi_params
fastcgi_param GATEWAY_INTERFACE CGI/1.1; 服务器接口
fastcgi_param SERVER_SOFTWARE nginx; 服务器
fastcgi_param QUERY_STRING $query_string; 查询字符串
fastcgi_param REQUEST_METHOD $request_method; 请求方法
fastcgi_param CONTENT_TYPE $content_type; 内容类型
fastcgi_param CONTENT_LENGTH $content_length;内容长度
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 网页文件根目录
fastcgi_param SCRIPT_NAME $fastcgi_script_name;脚本名称
fastcgi_param REQUEST_URI $request_uri; 请求哪个URI
fastcgi_param DOCUMENT_URI $document_uri;网页路径URI
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;服务协议
fastcgi_param REMOTE_ADDR $remote_addr;客户端地址
fastcgi_param REMOTE_PORT $remote_port;客户端端口
fastcgi_param SERVER_ADDR $server_addr;服务器端地址
fastcgi_param SERVER_PORT $server_port;服务器端端口
fastcgi_param SERVER_NAME $server_name;服务器名称
重新启动nginx
# service nginx restart
# vim /web/htdocs/index.php 提供测试页面
test Page
phpinfo()
?>
添加加速器Xcache
# tar xf xcache-3.0.1.tar.bz2
# cd xcache-3.0.1
# /usr/local/php/bin/phpize
# ./configure --enable-xcache--with-php-config=/usr/local/php/bin/php-config
# make && make install
安装完成,会显示图中所示路径
编辑php.ini,整合php和xcache:
# mkdir/etc/php.d
# cp xcache.ini/etc/php.d/
# vim/etc/php.d/xcache.ini
更改内容为
extension =/usr/local/php/lib/php/extensions/no-debug-zts-20100525/xcache.so
重新启动php-fpm
# service php-fpm restart
SSL的加密连接
[root@www CA]# (umask 077; openssl genrsa2048 > private/cakey.pem)
[root@www CA]# openssl req -new -x509 -keyprivate/cakey.pem -out cacert.pem
[root@www CA]# echo 01 > serial
[root@slave CA]# cat serial
01 序列号为01
[root@www CA]# cd/etc/nginx/ssl/
[root@www ssl]#ls
[root@www ssl]#(umask 077; openssl genrsa 2048 > nginx.key)
[root@www ssl]# openssl req -new -keynginx.key -out nginx.csr
[root@www ssl]# openssl ca -in nginx.csr-out nginx.crt -days 3665
配置文件定义
# vim /etc/nginx/nginx.conf
#HTTPS server
#
server {
listen 443;
server_name www.test.com;
ssl on;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
root /web/bbs;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
location / {
root /web/bbs;
index index.php index.htmlindex.htm;
}
}
到此LNMP就完成了