平台搭建环境:
CentOS5.2 32/x86_64 GNU/Linux (32/64操作系统均通过,推荐使用64位操作系统)
目标:构建高性的LEMP环境提供WEB服务
一、系统安装
1. 系统分区建议
/boot 100M (大约100左右)
SWAP 物理内存的2倍(如果你的物理内存大于4G,分配4G即可)
/ 分区15~20G
/usr/local 20G (用于安装软件)
/data 剩余所有空间.
【注】具体分区请根据相关业务划分,具体安装本文不作介绍安装过程中选择最少的包,采用文本模式安装请不要安装图形。
2.系统初始化
系统初始化脚本(根据具体需求关闭不需要的服务)
# shinit_network.sh //下载本文提供的scripts.tar.gz包,即可找到此脚本.
二、编译安装基本环境
1. 安装准备
1.1系统软件包安装规范
系统约定
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
脚本以及维护程序存放位置 /usr/local/sbin
MySQL 数据库位置 /data/mysql/data(可按情况设置)
网站根目录 /data/www/wwwroot(可按情况设置)
虚拟主机日志根目录 /data/logs(可按情况设置)
Nginx运行账户 www:www
install_software_name.sh //存放编译参数脚本习惯将所有编译脚本存放在install_software_name.sh便于升级和更新软件.
创建网站账号及相关存放目录
#add_user.sh
1. /usr/sbin/groupadd www
2. /usr/sbin/useradd -g www www
3. mkdir -p /data/www/wwwroot
4. chmod +w /data/www/wwwroot
5. chown www:www /data/www/wwwroot -R
复制代码
1.2系统环境部署及调整
检查系统是否正常
#tail -n100 /var/log/messages(检查有无系统级错误信息)
#dmesg (检查硬件设备是否有错误信息)
#ifconfig(检查网卡设置是否正确)
#ping www.linuxtone.org (检查网络是否正常)
1.3使用 yum 程序安装所需开发包(以下为标准的 RPM 包名称)
添加国内镜像源加速软件安装下载速度请参照:http://bbs.linuxtone.org/thread-158-1-1.html
1. yum -y install ntp vim-enhanced gcc gcc-c++gcc-g77 flex bison autoconf automake bzip2-devel ncurses-devel openssl-devel libtool*zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-develgettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidnlibidn-devel
复制代码
1.4定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
#crontab -e
加入一行:
1. 15 3 * * * /usr/sbin/ntpdate 210.72.145.44> /dev/null 2>&1
复制代码
1.5下载编译相关的源码包.
#vi list 在list文件里填入以后下载地址列表.
官方下载软件包名:
1. #nginx
2. pcre-7.8.tar.gz
3. nginx-0.7.30.tar.gz
4. #PHP-GD-LIB
5. gd-2.0.35.tar.bz2
6. libiconv-1.12.tar.gz
7. libmcrypt-2.5.8.tar.bz2
8. mhash-0.9.9.9.tar.gz...
9. mcrypt-2.6.7.tar.gz
10. #MySQL
11mysql-5.1.30.tar.gz
12. #php
13. php-5.2.8.tar.bz2
14. php-5.2.8-fpm-0.5.10.diff.gz
15. #PHP-EXT
16. memcache-2.2.4.tgz
17. PDO_MYSQL-1.0.2.tgz
18. eaccelerator-0.9.5.3.tar.bz2
19.ImageMagick.tar.gz
20.imagick-2.3.0.tgz
2. 编译安装软件包
源码编译安装所需包(Source)
1.1 编译安装Nginx
1. tar zxvf pcre-7.8.tar.gz
2. cd pcre-7.8
3. ./configure && make && makeinstall
1. tar zxvf nginx-0.7.30.tar.gz
2. cd nginx-0.7.30
优化nginx的编译:
vim auto/cc/gcc
找到
# debug
CFLAGS="$CFLAGS -g"
然后在CFLAGS前面加上#号,得到:
# debug
#CFLAGS="$CFLAGS -g"
好了,保存退出。
为特定的CPU指定CPU类型编译优化
在编译Nginx时,默认的GCC编译参数是“-O”,要优化GCC编译,可以使用以下两个参数:
--with-cc-opt='-O3'
3. ./configure –user=www –group=www–prefix=/usr/local/nginx/ –with-http_stub_status_module
–with-openssl=/usr/lib --with-cc-opt='-O3'
4. make && make install
复制代码
1.2编译安装GD及相关的LIB.
1. tar jxvf gd-2.0.35.tar.bz2
2. cd gd-2.0.35
3. ./configure –prefix=/usr/local/gd2&& make && make install
4. tar zxvf libiconv-1.12.tar.gz
复制代码
1. cd libiconv-1.12
2. ./configure –prefix=/usr && make&& make install
3. tar jxvf libmcrypt-2.5.8.tar.bz2
复制代码
1. cd libmcrypt-2.5.8
2. ./configure –prefix=/usr && make&& make install
3.
复制代码
1. tar zxvf mhash-0.9.9.tar.gz
2. cd mhash-0.9.9
3. ./configure –prefix=/usr && make&& make install
复制代码
# vi /etc/ld.so.conf
添加/usr/lib
1. include ld.so.conf.d/*.conf
2. /usr/lib
复制代码
# ldconfig
【注】ldconfig 命令的用途,主要是在默认搜寻目录(/lib和/usr/lib)以及动态库配置文件/etc/ld.so.conf内所列的目录, 而当用户安装了一个新的动态链接库时,就需要手工运行这个命令。
1. tar zxvf mcrypt-2.6.7.tar.gz
2. [code]
3. cd mcrypt-2.6.7
4. ./configure --prefix=/usr && make&& make install
复制代码
1.3 编译安装MySQL
#sh install_mysql.sh
//具体脚本如下:
1. CHOST="x86_64-pc-linux-gnu"
2. CFLAGS="-march=nocona -O3 -pipe"
3. CXXFLAGS="${CFLAGS}"
4. ./configure "
5. "--prefix=/usr/local/mysql" "
6. "--localstatedir=/data/mysql/data" "
7. "--with-comment=Source" "
8. "--with-server-suffix=-Linuxtone.Org" "
9. "--with-mysqld-user=mysql" "
10. "--without-debug" "
11. "--with-big-tables" "
12. "--with-charset=gbk" "
13. "--with-collation=gbk_chinese_ci" "
14. "--with-extra-charsets=all" "
15. "--with-pthread" "
16. "--enable-static" "
17. "--enable-thread-safe-client" "
18. "--with-client-ldflags=-all-static" "
19. "--with-mysqld-ldflags=-all-static" "
20. "--enable-assembler" "
21. "--with-plugins=all" "
22. "--without-ndb-debug"
23. make
24. make install
25. useradd mysql -d /data/mysql -s/sbin/nologin
26. /usr/local/mysql/bin/mysql_install_db--user=mysql
27. cd /usr/local/mysql
28. chown -R root:mysql .
29. mkdir -p /data/mysql/data
30. chown -R mysql /data/mysql/data
31. cp share/mysql/my-huge.cnf /etc/my.cnf
32. cp share/mysql/mysql.server/etc/rc.d/init.d/mysqld
33. chmod 755 /etc/rc.d/init.d/mysqld
34. chkconfig --add mysqld
35. /etc/rc.d/init.d/mysqld start
36.
37. cd /usr/local/mysql/bin
38. for i in *; do ln -s /usr/local/mysql/bin/$i/usr/bin/$i; done
复制代码
【注】编译mysql前请正确配置好主机名,否则不能正常启动.
例如:
[[email protected]]# cat /etc/hosts
1. # Do not remove the following line, or various programs
2. # that require network functionality will fail.
3. 127.0.0.1 localhost.localdomainlocalhost
4. 192.168.1.104 lemp.linuxtone.org
复制代码
【注】将本文提供下载的scripts.tar.gz包中的my.cnf替换你的/etc/my.cnf,并根据你的硬件参数做相关调整,并可以利用包中的tuning-primer.sh 做初步性能调优。
1.4 编译安装PHP-FastCGI
1. tar jxvf php-5.2.8.tar.bz2
2. gzip -cd php-5.2.8-fpm-0.5.10.diff.gz| patch -d php-5.2.8 -p1
3. cd php-5.2.8
复制代码
#sh install_php.sh
//具体脚本如下
1. CHOST="i686-pc-linux-gnu"
2. CFLAGS="-march=prescott-O3 -pipe -fomit-frame-pointer"
3. CXXFLAGS="${CFLAGS}"
4. ./configure "
5. "--prefix=/usr/local/php-fcgi" "
6. "--enable-fastcgi" "
7. "--enable-fpm" "
8. "--enable-discard-path" "
9. "--enable-force-cgi-redirect""
10. "--with-config-file-path=/usr/local/php-fcgi/etc" "
11. "--enable-zend-multibyte" "
12. "--with-mysql=/usr/local/mysql" "
13. "--with-libxml-dir" "
14. "--with-xmlrpc" "
15. "--with-gd=/usr/local/gd2" "
16. "--with-jpeg-dir" "
17. "--with-png-dir" "
18. "--with-bz2" "
19. "--with-freetype-dir" "
20. "--with-iconv-dir" "
21. "--with-zlib-dir" "
22. "--with-curl" "
23. "--with-curlwrappers" "
24. "--with-openssl" "
25. "--with-mcrypt" "
26. "--with-mhash" "
27. "--enable-pcntl" "
28. "--enable-sockets" "
29. "--enable-sysvsem" "
30. "--enable-inline-optimization" "
31. "--enable-soap" "
32. "--enable-gd-native-ttf" "
33. "--enable-ftp" "
34. "--enable-mbstring" "
35. "--enable-exif" "
36. "--disable-debug" "
37. "--disable-ipv6"
38. #sed -i 's#-lz -lm -lxml2-lz -lm -lxml2 -lz -lm -lcrypt#& -liconv#' Makefile
39. makeZEND_EXTRA_LIBS='-liconv' 注:为免得发生liconv报错,所以带上ZEND参数,这个问题要是经常编译PHP的朋友非常熟悉的。
40. make install
41. cp php.ini-dist/usr/local/php-fcgi/etc/php.ini
复制代码
1.5 编译安装PHP扩展
1. tar zxvf memcache-2.2.4.tgz
2. cd memcache-2.2.4
3. /usr/local/php-fcgi/bin/phpize
4. ./configure--with-php-config=/usr/local/php-fcgi/bin/php-config
5. make && make install
6.
复制代码
1. tar jxvf eaccelerator-0.9.5.3.tar.bz2
2. cd eaccelerator-0.9.5.3
3. /usr/local/php-fcgi/bin/phpize
4. ./configure --enable-eaccelerator=shared--with-php-config=/usr/local/php-fcgi/bin/php-config
5. make && make install
6.
复制代码
1. tar zxvf PDO_MYSQL-1.0.2.tgz
2. cd PDO_MYSQL-1.0.2
3. /usr/local/php-fcgi/bin/phpize
4. ./configure --with-php-config=/usr/local/php-fcgi/bin/php-config--with-pdo-mysql=/usr/local/mysql
5. make && make install
复制代码
-
tar zxvf ImageMagick.tar.gz
- cd ImageMagick-6.5.1-2/
- ./configure
- make
- make install
- cd ../
-
- tar zxvf imagick-2.3.0.tgz
- cd imagick-2.3.0/
- /usr/local/php-fcgi/bin/phpize
./configure--with-php-config=/usr/local/php-fcgi/bin/php-config
- make
- make install
1.6 配置php.ini
修改php.ini文件,加载动态模块,让PHP5.2.8能顺利启动。
手动修改,查找:
- /usr/local/webserver/php/etc/php.ini中的extension_dir = "./"
将其修改如下:
- extension_dir =
- "/usr/local/php-fcgi/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行后增加以下几行内容,然后保存:
- extension = "memcache.so"
- extension = "imagick.so"
- extension = "pdo_mysql.so"
再查找以下内容:
- output_buffering = Off
然后将其修改如下:
- output_buffering = On
再查找以下内容:
- ; cgi.fix_pathinfo=0
然后将其修改如下:
cgi.fix_pathinfo=0此处代码的作用是防止Nginx文件类型错误解析漏洞。
#vi /usr/local/php-fcgi/etc/php.ini //在最后加上
1. [eAccelerator]
2. extension="="/usr/local/php-fcgi/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
3. eaccelerator.shm_size="32"
4. eaccelerator.cache_dir="/cache_tmpfs/eaccelerator"
5. eaccelerator.enable="1"
6. eaccelerator.optimizer="1"
7. eaccelerator.check_mtime="1"
8. eaccelerator.debug="0"
9. eaccelerator.filter=""
10. eaccelerator.shm_max="0"
11. eaccelerator.shm_ttl="0"
12. eaccelerator.shm_prune_period="0"
13. eaccelerator.shm_only="0"
14. eaccelerator.compress="1"
15. eaccelerator.compress_level="9"
复制代码
1.7 安装ZendOptimizer-3.3.3
1. tar zxvf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
2. cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
3. ./install
复制代码
解压后进入目录./install,安提示选择相关的目录及配置文件存放目录即可.
1.8 配置php-fpm.conf
修改php-fpm配置文件:
vi /usr/local/php/etc/php-fpm.conf
找到58-66行里注释去掉,或删除改为下面几行
此为注释,需去掉
然后把里面的用户 nobody 改为 www
找113行,把
启动php-cgi进程,监听127.0.0.1的9000端口,进程数为300(生产环境下的服务器为300~500个均可),用户为www,如下所示:
ulimit-SHn 65535
/usr/local/php-fcgi/sbin/php-fpm start //启动服务查看是否报错,不报错继续。
1.9 配置nginx/conf
1. #cd /usr/local/nginx/conf
2.#rm -fr nginx.conf
3.#touch nginx.conf然后在里面添加:
user www www;
worker_processes 8;
error_log /data/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopushon;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
include vhost.conf;
#limit_zone crawler $binary_remote_addr 10m;
}
4.然后在创建一个vhost.conf的文件,在里面添加:
#--------- fantefei.com ------------------------------------------------
server {
listen 80;
server_name aa.fantefei.com;
root /home/ftp/newssite_news/wwwroot;
charset utf-8;
location /{
index index.php index.htm index.html;
charset utf-8;
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php/$1 last;
break;
}
}
location ~ .+\.php($|/) {
set $script $uri;
set $path_info "/";
if ($uri ~ "^(.+\.php)(/.+)") {
set $script $1;
set $path_info $2;
}
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php?IF_REWRITE=1;
include fcgi.conf;
fastcgi_param PATH_INFO $path_info;
fastcgi_param SCRIPT_FILENAME /home/ftp/newssite_news/wwwroot$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $script;
}
access_log /var/log/nginx_log_club combined;
error_page 404 /;
if (-d $request_filename) {
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
}
#-------------------------------------------------------------------------------------
上面的写法还让nginx支持了thinkphp的pathinfo和url重写的功能,其他的只需要在thinkphp的url_mod等于3就可以了。
5.在/usr/local/nginx/conf/下建立一个fcgi.conf的文件,在里面添加一下内容:
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWAREnginx;
fastcgi_param QUERY_STRING$query_string;
fastcgi_param REQUEST_METHOD$request_method;
fastcgi_param CONTENT_TYPE$content_type;
fastcgi_param CONTENT_LENGTH$content_length;
fastcgi_param SCRIPT_FILENAME$document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME$fastcgi_script_name;
fastcgi_param REQUEST_URI$request_uri;
fastcgi_param DOCUMENT_URI$document_uri;
fastcgi_param DOCUMENT_ROOT$document_root;
fastcgi_param SERVER_PROTOCOL$server_protocol;
fastcgi_param REMOTE_ADDR$remote_addr;
fastcgi_param REMOTE_PORT$remote_port;
fastcgi_param SERVER_ADDR$server_addr;
fastcgi_param SERVER_PORT$server_port;
fastcgi_param SERVER_NAME$server_name;
fastcgi_param REDIRECT_STATUS200;
[[email protected]]# /usr/local/nginx/sbin/nginx –t //验证是否有配置语法错误.
1. 2009/01/06 09:36:12 [info] 23353#0: the configuration file/usr/local/nginx//conf/nginx.conf syntax is ok
2. 2009/01/06 09:36:12 [info] 23353#0: the configuration file/usr/local/nginx//conf/nginx.conf was tested successfully
复制代码
#chmod a+x /etc/init.d/nginx //将文本提供的nginx脚本上传至/etc/init.d/目录下
【注】此脚本已经含有php-fpm的管理.直接利用此脚本即可管理所有服务.
1. # /etc/init.d/nginx stop //停止nginx服务
2. # /etc/init.d/nginx start //启动nginx服务
复制代码
2.0 验证服务环境
配置完成虚拟主机以后,编辑php.ini把disable_functions里的phpinfo去掉,仍后重启服务,利用Phpinfo函数查看环环配置。
编写phpinfo.php
1. 2. phpinfo();
3. ?>
复制代码
http://ip/phpinfo.php
即可查看当前配置环境. 查看完成后出于安全考虑请再将此函数禁掉.
三、服务器简单优化
1.简单优化磁盘I/O
# vi /etc/fstab //加入notaime
1. LABEL=/data /data ext3 defaults,noatime 0 2
复制代码
#mount -oremount /data //重新挂载/data分区.
2.简单优化Linux内核参数(更多的请根据服务器状况做相关调整)
#vi/etc/sysctl.conf,新增添内容如下:
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
使配置立即生效,命令如下:
1. #sysctl –p
将相关软件都配置成自启动模式
我们将一些内容添加进/etc/rc.local文件中,如下所示:
ulimit-SHn 65535
/usr/local/php-fcgi/sbin/php-fpm start
/usr/local/nginx/sbin/nginx
/usr/local/mysql/bin/mysqld_safe
六、常见错误(疑问)解答 [守住每一天] 补充:
1、eaccelerator 与xcache 差在那?
当缓存的PHP二进制文件太多,以至于超过shm_size后,eAccelerator在性能方面要高于Xcache
2、按文档安装完成了结果出502Bad Gateway ?
请查看http://www.linuxtone.org 相关版块
3、nginxstatus 解释
active connections -- 对后端发起的活动连接数
server accepts handled requests -- nginx 总共处理了555-55553 个连接, 成功创建555-55553 次握手
(证明中间没有失败的), 总共处理了555-5555 个请求
reading -- nginx 读取到客户端的Header信息数
writing -- nginx 返回给客户端的Header信息数
waiting -- 开启 keep-alive 的情况下,这个值等于 active - (reading +writing),意思就是Nginx已经处理完成,
正在等候下一次请求指令的驻留连接。在访问效率高,请求很快被处理完毕的情况下,Waiting数比较多是正常的。
如果reading + writing数较多,则说明并发访问量非常大,正在处理过程中。
4、EA 或xcache和zend 能一起使用?
可以
5、按脚本执行sed -i -e 's/^LANG=.*/LANG="en"/' /etc/sysconfig/i18n 后。
可能会遇到如下错误:
perl: warning: Please checkthat your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG ="en_US.UTF-8:en_US:en_US.ISO-8859-1"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
解决办法:
LC_ALL=C;exportLC_ALL ; LC_CTYPE=C ; export LC_CTYPE;