【本文档所介绍的内容适用于公司测试/生产常见的php,HTML等web环境部署,即常见的LAMP/LNMP环境部署】
一:LAMP环境部署前准备:
1.1相关软件以及系统
系统要求:Centos 6.0以上 (64位)
相关中间件:Nginx: 1.6.0 以上 php:版本5.5 mysql-5.5 .25
1.2相关系统依赖包安装检查准备
1.2.1 检查系统自带httpd,mysql是否安装
# rpm -qa | grep httpd # rpm -qa | grep mysql # rpm -qa | grep nginx
如有安装,请使用以下命令卸载相关程序
# yum remove httpd mysql nginx
1.2.2 安装系统相关的编译环境,php扩展库支持,httpd,mysql编译需要的依赖包
[备注:大多数LAMP部署所用的相关扩展支持包可能都是用到官方下载的源码包.注意下:本篇所用的依赖包和扩展包都是都是基于系统自带的RPM包,比如安装httpd所用到的pcre;编译MySQL时用到cmake,用于支持PHP相关的功能扩展:gd,加密,压缩等PHP等等,都是基于RPM包安装,而并非利用源码包的形式支持相关的功能扩展,下一篇我们将讲到LAMP的另一个安装方式:即所有的需要用到包都是基于源码安装]
yum install wget gcc gcc-c++ make cmake bison bison-devel libaio-devel perl file patch mlocate flex diffutils readline-devel libcap-devel glibc-devel glib2-devel autoconf automake libgcrypt* libtool* openssl openssl-devel ncurses ncurses-devel libxml2 libxml2-devel libmcrypt* curl curl-devel zlib zlib-devel bzip2* gd gd-devel libjpeg libjpeg-devel libpng libpng-devel mcrypt freetype* gettext gettext-devel pcre pcre-devel
说明(以下只用于说明,不用于实际操作):
以下包是编译前必须要安装的依赖包
wget gcc gcc-c++ make cmake ncurses ncurses-devel bison bison-devel libaio-devel perl file patch mlocate flex diffutils readline-devel libcap-devel glibc-devel glib2-devel autoconf automake libgcrypt* libtool* pcre pcre-devel
下面说明是与php常见扩展相关的依赖包
openssl openssl-devel -用于编译php时添加 --with-openssl 选项; libxml2 libxml2-* -用于编译php时添加 --with-libxml-dir 选项; libmcrypt* -用于编译php时添加 --with-mcrypt 选项; curl curl-devel -用于编译php时添加 --with-curl 选项; zlib zlib-devel -用于编译php时添加 --with-zlib[-dir] 选项; bzip2* -用于编译php时添加 --with-bz2 选项; gd gd-devel -用于编译php时添加 --with-gd 选项; libjpeg libjpeg-devel -用于编译php时添加 --with-jpeg-dir 选项; libpng libpng-devel -用于编译php时添加 --with-png-dir 选项; libpng libpng-devel -用于编译php时添加 --with-zlib[-dir] 选项; libXpm libXpm-devel -用于编译php时添加 --with-xpm-dir 选项(可选); freetype* -用于编译php时添加 --with-freetype-dir 选项; gettext gettext-devel -用于编译php时添加 --with-gettext 选项; pcre pcre-devel -用于编译httpd时添加 --with-pcre 选项; perl -用于编译php时添加 --with-pear 选项; mcrypt -用于编译php时添加 --with-mhash 选项;
二:LAMP环境部署正式安装:
2.1编译安装Nginx
在正式编译httpd时,首先需要下载Nginx以及安装编译nginx需要的依赖包
这里版本以1.6.3为例
2.1.1安装编译nginx需要的依赖包(默认包放在/root目录下,包统一解压到/usr/local/src)
# yum install gcc openssl-devel pcre-devel zlib-devel -y
2.1.2下载nginx并添加运行nginx服务账号(默认包放在/root目录下,包统一解压到/usr/local/src)
# wget http://nginx.org/download/nginx-1.6.3.tar.gz # groupadd -r nginx # useradd -r -g nginx -s /bin/false -M nginx
2.1.3 编译安装nginx
# cd ~
# tar -zxf /root/nginx-1.6.3.tar.gz -C /usr/local/src
# cd /usr/local/src/nginx-1.6.3
# ./configure \
--prefix=/usr/local/nginx \
--sbin-path=/usr/local/nginx/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nignx \
--group=nginx \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi/ \
--http-scgi-temp-path=/var/tmp/nginx/scgi/ \
--with-pcre
# make && make install
备注:
安装完后nginx的相关路径如下:
nginx启动命令:/usr/local/nginx/sbin
默认网页文件存放路径:/usr/local/nginx/
相关配置文件路径:/etc/nginx
访问,错误日志文件路径:/var/log/nginx
2.1.4 使用sed修改nginx的配置文件,指定nginx的运行用户
# sed '3 iuser nginx;' -i /etc/nginx/nginx.conf
注意:不修改nginx的运行用户的话,会报如下错误,如下图所示,
2.1.5 启动nginx服务
# /usr/local/nginx/sbin/nginx
注意:启动nginx可能会报以下错误,如下图所示,
这时需要按照提示创建相关目录,如下:
# mkdir -p /var/tmp/nginx
这时重新执行nginx命令就可以正常启动nginx服务了,如图所示
不过为了方便nginx启动关闭,一般常常将其做成服务启动脚本,代码如下
#!/bin/sh # # nginx - this script starts and stops the nginx daemin # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /usr/local/nginx/conf/nginx.conf # pidfile: /usr/local/nginx/logs/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" pidfile="/var/run/nginx/nginx.pid" prog=$(basename $nginx) NGINX_CONF_FILE="/etc/nginx/nginx.conf" lockfile=/var/lock/nginx.lock start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc -p ${pidfile} $prog retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force- reload|configtest}" exit 2 esac
脚本建立完成后,给到它执行的权限并添加到开机自启动即可,命令如下
# chmod 777 /etc/init.d/nginx # chkconfig --add nginx # chkconfig --level 2345 nginx on
这时就可以利用系统自带的服务命令启动nginx服务,如下
下面就可访问nginx的主页面了,如下:
至此,nginx安装就完成了!
2.2编译安装php
2.3.1 到php官网下载php相对应的版本,这里我上传的是php-5.5.25.tar.gz
(默认包放在/root目录下,包统一解压到/usr/local/src)
# tar -zxvf php-5.5.25.tar.gz -C /usr/local/src/ # cd /usr/local/src/php-5.5.25/ # ./configure \ --prefix=/usr/local/php \ --with-mysql=mysqlnd \ --with-pdo-mysql=mysqlnd \ --with-mysqli=mysqlnd \ --with-openssl \ --with-zlib \ --with-libxml-dir \ --enable-sockets \ --with-mcrypt \ --with-config-file-path=/etc \ --with-config-file-scan-dir=/etc/php.d \ --with-bz2 \ --with-gd \ --with-mhash \ --enable-gd-native-ttf \ --with-iconv \ --with-png-dir \ --with-jpeg-dir \ --with-gettext \ --with-curl \ --with-pear \ --with-freetype-dir \ --enable-bcmath \ --enable-xml \ --enable-mbstring \ --enable-shmop \ --enable-soap \ --enable-sysvsem \ --enable-calendar \ --enable-zip \ --enable-ftp \ --enable-maintainer-zts --enable-fpm # make && make install
2.3.2 进入到php源码解压目录,拷贝相关样例模板到/etc下命名为php.ini,并编辑样例模板优化php相关性能
<---拷贝php开发样例模板配置文件---->
# cd /usr/local/src/php-5.5.25/ # cp /usr/local/src/php-5.5.25/php.ini-development /etc/php.ini
<---编辑php.ini----->
# vim /etc/php.ini
找到如下内容,并修改
# ;default_charset = "UTF-8" //取消掉注释符号";"将值设为"utf-8"; # engine = On //将此选项的开关为 on ; # short_open_tag = on //将此选项的开关为 on ,表示支持php标语; # ;date.timezone = Asia/Shanghai //取消掉注释符号";",将值设为"Asia/Shanghai"或"PRC";
2.3.3 进入php的安装目录下的etc目录,新建一个php-fpm.conf文件,如下
# vim /usr/local/php/etc/php-fpm 内容如下: [global] rlimit_files = 51150 [www] user = daemon group = daemon listen = 127.0.0.1:9000 ;listen = /dev/shm/php-fpm.sock listen.backlog = 65535 listen.owner = daemon listen.group = daemon listen.mode = 0660 pm = static pm.max_children = 30 pm.start_servers = 6 pm.min_spare_servers = 12 pm.max_spare_servers = 24 pm.max_requests = 10000
2.3.4 在系统服务目录下创建一个php启动服务脚本,如下
vim /etc/init.d/php-fpm #! /bin/sh ### BEGIN INIT INFO # Provides: php-fpm # Required-Start: $remote_fs $network # Required-Stop: $remote_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: starts php-fpm # Description: starts the PHP FastCGI Process Manager daemon ### END INIT INFO prefix=/usr/local/php exec_prefix=${prefix} php_fpm_BIN=${exec_prefix}/sbin/php-fpm php_fpm_CONF=${prefix}/etc/php-fpm.conf php_fpm_PID=${prefix}/var/run/php-fpm.pid php_opts="--fpm-config $php_fpm_CONF --pid $php_fpm_PID" wait_for_pid () { try=0 while test $try -lt 35 ; do case "$1" in 'created') if [ -f "$2" ] ; then try='' break fi ;; 'removed') if [ ! -f "$2" ] ; then try='' break fi ;; esac echo -n . try=`expr $try + 1` sleep 1 done } case "$1" in start) echo -n "Starting php-fpm " $php_fpm_BIN --daemonize $php_opts if [ "$?" != 0 ] ; then echo " failed" exit 1 fi wait_for_pid created $php_fpm_PID if [ -n "$try" ] ; then echo " failed" exit 1 else echo " done" fi ;; stop) echo -n "Gracefully shutting down php-fpm " if [ ! -r $php_fpm_PID ] ; then echo "warning, no pid file found - php-fpm is not running ?" exit 1 fi kill -QUIT `cat $php_fpm_PID` wait_for_pid removed $php_fpm_PID if [ -n "$try" ] ; then echo " failed. Use force-quit" exit 1 else echo " done" fi ;; status) if [ ! -r $php_fpm_PID ] ; then echo "php-fpm is stopped" exit 0 fi PID=`cat $php_fpm_PID` if ps -p $PID | grep -q $PID; then echo "php-fpm (pid $PID) is running..." else echo "php-fpm dead but pid file exists" fi ;; force-quit) echo -n "Terminating php-fpm " if [ ! -r $php_fpm_PID ] ; then echo "warning, no pid file found - php-fpm is not running ?" exit 1 fi kill -TERM `cat $php_fpm_PID` wait_for_pid removed $php_fpm_PID if [ -n "$try" ] ; then echo " failed" exit 1 else echo " done" fi ;; restart) $0 stop $0 start ;; reload) echo -n "Reload service php-fpm " if [ ! -r $php_fpm_PID ] ; then echo "warning, no pid file found - php-fpm is not running ?" exit 1 fi kill -USR2 `cat $php_fpm_PID` echo " done" ;; *) echo "Usage: $0 {start|stop|force-quit|restart|reload|status}" exit 1 ;; esac
脚本建立完成后,给到它执行的权限并添加到开机自启动即可,命令如下
# chmod 777 /etc/init.d/php-fpm # chkconfig --add php-fpm # chkconfig --level 2345 php-fpm on
2.3.5 启动相关的服务,并查看端口侦听状态
# service php-fpm start # netstat -ntl | grep php-fpm
2.3编译安装mysql
2.3.1 mysql安装前准备(安装mysql前先需要添加相关的mysql运行账号及相关安装目录和权限)
<--添加mysql运行账号-->
# groupadd -r mysql //添加mysql服务组账号; # useradd -r -g mysql -s -M /sbin/nologin mysql //添加mysql服务服务账号,设置不登陆系统;
<--添加mysql程序相关目录-->
# mkdir -p /usr/local/mysql //创建mysql安装目录; # mkdir -p /usr/local/mysql/data //创建mysql数据存放目录;
2.3.2编译安装mysql(默认包放在/root目录下,包统一解压到/usr/local/src)
# tar -zxvf mysql-5.5.25.tar.gz -C /usr/local/src/ # cd /usr/local/src/mysql-5.5.25/ # cmake \ -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \ -DMYSQL_UNIX_ADDR=/tmp/mysql.sock \ -DDEFAULT_CHARSET=utf8 \ -DDEFAULT_COLLATION=utf8_general_ci \ -DEXTRA_CHARSETS=all \ -DWITH_MYISAM_STORAGE_ENGINE=1 \ -DWITH_INNOBASE_STORAGE_ENGINE=1 \ -DWITH_ARCHIVE_STORAGE_ENGINE=1 \ -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ -DWITH_MEMORY_STORAGE_ENGINE=1 \ -DWITH_FEDERATED_STORAGE_ENGINE=1 \ -DWITH_READLINE=1 \ -DENABLED_LOCAL_INFILE=1 \ -DMYSQL_DATADIR=/usr/local/mysql/data \ -DMYSQL_USER=mysql \ -DMYSQL_TCP_PORT=3306 \ -DSYSCONFDIR=/etc \ -DWITH_SSL=yes # make && make install
2.3.3 给mysql相关目录设置属主权限
# chown -R mysql:mysql /usr/local/mysql //设置mysql安装目录的属主; # chown -R mysql:mysql /usr/local/mysql/data //设置mysql数据存放目录的属主;
注意:后面如果在初始化数据库的时候,出现权限问题,需要重新设置下属主权限
2.3.4 初始化mysql数据库准备
# cd /usr/local/mysql/ //设置mysql安装目录的属主; # scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql //初始化mysql数据库;
2.3.5 添加mysql数据库配置文件模板
# cd /usr/local/mysql/ //进入到安装目录拷贝数据库样例模板; # cp support-files/my-medium.cnf /etc/my.cnf //这里样例模板可以是生产也可以是开发;
2.3.6 添加mysql服务启动到系统服务里,并优化mysql命令调用
<--添加mysql服务启动到系统服务,并开机自启动-->
# cd /usr/local/mysql/ # cp support-files/mysql.server /etc/init.d/mysqld //拷贝mysql服务脚本到系统; # vim /etc/init.d/mysqld 找到如下内容并添加相关路径 basedir=/usr/local/mysql //mysql安装目录; datadir=/usr/lcoal/mysql/data //mysql数据存放目录; # chkconfig -add mysqld //添加mysql服务到系统服务; # chkconfig --level 235 mysqld on //设置mysql开机自启动;
<--优化mysql命令调用-->
修改/etc/profile文件,在文件末尾添加
# PATH=/usr/local/mysql/bin:$PATH # export PATH # wq! //保存 # source /etc/profile
2.3.7 启动mysql服务,并设置管理员账号密码
# service mysqld start //启动MySQL数据库服务 # mysql_secure_installation //对MySQL进行安全设置(包括数据库密码以及相关的库权限设置) <-------此处省略---------> //这里是运行后相关的提示信息 Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MySQL root user without the proper authorisation. You already have a root password set, so you can safely answer 'n'. Change the root password? [Y/n] y (设置MySQL管理员root密码) New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! Remove anonymous users? [Y/n] y (移除匿名用户,选择Y) ... Success! <-------此处省略---------> Disallow root login remotely? [Y/n] y (移除管理员远程访问权限,选择Y) ... Success! <-------此处省略---------> Remove test database and access to it? [Y/n] y (移除test测试数据库,选择Y) <-------此处省略---------> Reload privilege tables now? [Y/n] y (刷新数据库权限,选择Y) ... Success! Cleaning up...
2.4修改nginx主配置文件以实现LNMP
编辑nginx的主配置文件nginx.conf,这里为了防止配置完整性,我们使用include增加第三方web配置如下所示:
#user nobody; user nginx nginx; worker_processes 8; #worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000; worker_rlimit_nofile 204800; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { use epoll; worker_connections 204800; multi_accept on; } http { include mime.types; include /etc/nginx/extra/web.conf //引用第三方web配置; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; error_log /var/log/nginx/error.log crit; charset utf-8; server_names_hash_bucket_size 128; client_header_buffer_size 1k; # client_body_timeout 15; # client_header_timeout 15; # send_timeout 15; large_client_header_buffers 4 32k; client_max_body_size 2000m; sendfile on; tcp_nopush on; keepalive_timeout 60; fastcgi_cache_path /var/tmp/nginx/fastcgi_cache levels=1:2 keys_zone=TEST:10m inactive=5m; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 4k; fastcgi_buffers 8 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; reset_timedout_connection on; open_file_cache max=204800 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; open_file_cache_errors on; tcp_nodelay on; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_min_length 1100; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; # gzip_min_length 1k; # gzip_buffers 4 16k; # gzip_http_version 1.0; # gzip_comp_level 2; # gzip_types text/plain application/x-javascript text/css application/xml; #access_log logs/access.log main; #sendfile on; #tcp_nopush on; #keepalive_timeout 0; #keepalive_timeout 65; #gzip on; # server { # listen 80; # server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; # location / { # root html; # index index.html index.htm; # } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # root html; # } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} # } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
编辑第三方web配置,以实现webserver对php的支持
# mkdir -p /etc/nginx/extra # vim /etc/nginx/extra/web.cof 内容如下: server { listen 80 default backlog=65535; server_name localhost; root /usr/local/www; index index.php index.html ; location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # location / { # proxy_pass http://apache-pool; # proxy_redirect off; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; # proxy_max_temp_file_size 0; # proxy_connect_timeout 90; # proxy_send_timeout 200; # proxy_read_timeout 200; # proxy_buffer_size 4k; # proxy_buffers 4 32k; # proxy_busy_buffers_size 64k; # proxy_temp_file_write_size 64k; # } location /status { stub_status on; access_log off; } } # service nginx restart
2.5 编辑一个个测试页面(测试php环境)
# vim /usr/local/www/info.php 内容如下
$conn=mysqli_connect('localhost','root','Bluemobi@2014');
if ($conn)
echo "成功...
";
else
echo "Failure...
";
?>
phpinfo();
?>
输入http://ip/info.php 访问,出现如下页面说明LAMP环境ok了,
关于LNMP的部署安装就介绍到这里,下一小结我们将会将到关于nginx的主配置模板中参数配置说明及意义说明。