1.lamp简介
1.所谓lamp,其实就是由Linux+Apache+Mysql/MariaDB+Php/Python的一组动态网站或服务器的开源软件,除Linux外其他各部件本身都是各自独立的程序,但是因为经常被放在一起使用,拥有了越来越高的兼容度,共同组成了一个强大的Web应用程序平台。LAMP指的是Linux(操作系统)、Apache(HTTP服务器)、MySQL(也指MariaDB,数据库软件)和PHP(有时也是指Perl或Python)的第一个字母,一般用来建立web应用平台。
2.web服务器工作流程在说lamp架构平台的搭建前,我们先来了解下什么是CGI,什么是FastCGI,什么是....web服务器的资源分为两种,静态资源和动态资源
- 静态资源就是指静态内容,客户端从服务器获得的资源的表现形式与原文件相同。可以简单的理解为就是直接存储于文件系统的资源
- 动态资源则通常是程序文件,需要在服务器执行之后,将执行的结果返回给客户端
那么web服务器如何执行程序并将结果返回给客户端呢?下面通过一张图来说明一下web服务器如何处
如图所示:
阶段1显示的是httpd服务器(即apache)和php服务器通过FastCGI协议进行通信,且php为独立的服务进程运行
阶段2显示的是php程序和mysql数据库间通过mysql协议进行通信,php与mysql本没有什么联系,但是由Php语言写成的程序可以与mysql进行数据交互。同理perl和Python写的程序也可以与mysql数据库进行交互
2.1 cgi与fastcgi
上图阶段1中提到了FastCGl,下面我们来了解下CGI与FastCGI
CGI
CGI(Common Gateway Interface,通用网关接口),CGI是外部应用程序(CGI程序)与WEB服务器之间的接口标准,是在CGI程序与Web服务器之间传递信息的过程,CGI规范允许Web服务器执行外部程序,并将它们的输出发送给Web浏览器,CGI将web的一组简单的静态超媒体文档变成一个完整的新的交互式媒体。
FastCGI
FastCGI(Fast Common Gateway Interface)是CGI的改良版,CGI是通过启用一个解释器进程来处理每个请求,耗时且耗资源,而FastCGI则是通过master-worker形式来处理每个请求,即启动一个master主进程,然后根据配置启动几个worker进程,当请求进来时,master会从worker进程中选择一个去处理请求,这样就避免了重复的生成和杀死进程带来的频繁Cpu上下文切换而导致耗时。
2.2 httpd与php结合的方式
httpd与php结合的方式有以下三种:
modules :php将以httpd的扩展块形式存在,需要加载动态资源时,httpd可以直接通过php模块来加工资源并返回给客户端
* httpd prefork:libphp5.so(多进程模型的php)
* httpd event or worker :libphp-zts.so(线程模型的php)
CGI:httpd需要加载动态资源时,通过CGI与php解释器联系,获取php执行的结果,此时httpd负责与php连接的建立和断开等
FastCGI:利用php-fpm机制,启动为服务进程,php自行运行为一个服务,https通过socket与php通信较于CGI方式,FastCGI更为常用,很少有人使用CGI方式来加载动态资源
较于CGI方式,FastCGI更为常用,很少有人使用CGI方式来加载动态资源
2.3web工作流程
通过上面的图说明一下web的工作流程:
客户端通过http协议请求web服务器资源
web服务器收到请求后判断客户端请求的资源是静态资源或动态资源
* 若为静态资源则直接从本地文件系统取值返回给客户端。
* 否则若为动态资源则通过FastCGI协议与php服务器联系,通过CGI程序的master进程调度worker进程来执行程序以获得客户端请求的动态资源,并将执行的结果通过FastCGI协议返回给httpd服务器,http服务器收到php的执行结果后将其封装为http响应报文响应给客户端。在执行程序获取动态资源时若需要获取数据库中的资源时,由Php服务器通过mysql协议与MYSQL/MariaDB服务器交互,取值而后返回给httpd,httpd将从php服务器收到的执行结果封装成http响应报文响应给客户端。
3.lamp平台构建
环境说明
系统平台 centos7/redhat7
IP 192.168.56.11
需要安装的服务
http-2.4 mysql-5.7 php php-mysql
lamp平台软件安装次序
httpd->mysql->php
注意:php要求httpd使用prefork MPM
3.1 安装httpd
关闭防火墙和SELINUX
[root@guohui ~]# systemctl stop firewalld
[root@guohui ~]# systemctl disable firewalld
[root@guohui ~]# sed -ri 's/(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@guohui ~]# setenforce 0
安装开发工具包
[root@guohui ~]# yum groups mark install 'Development Tools'
[root@guohui ~]# yum grouplist
创建apache服务的用户和组
[root@guohui ~]# groupadd -r apache
[root@guohui ~]# useradd -r -M -s /sbin/nologin -g apache apache
安装依赖包
[root@guohui ~]# yum -y install openssl-devel pcre-devel expat-devel libtool
下载和安装apr以及apr-util
[root@guohui ~]# cd /usr/src/
[root@guohui src]# wget http://mirrors.shu.edu.cn/apache//apr/apr-1.6.3.tar.bz2
[root@guohui src]# wget http://mirrors.shu.edu.cn/apache//apr/apr-util-1.6.1.tar.bz2
[root@guohui src]# ls
apr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 debug kernels
[root@guohui src]# tar xf apr-1.6.3.tar.bz2
[root@guohui src]# tar xf apr-util-1.6.1.tar.bz2
[root@guohui src]# ls
apr-1.6.3 apr-1.6.3.tar.bz2 apr-util-1.6.1 apr-util-1.6.1.tar.bz2 debug kernels
[root@guohui src]# cd apr-1.6.3
[root@guohui apr-1.6.3]# vi configure
cfgfile=${ofile}T
trap "$RM \"$cfgfile\"; exit 1" 1 2 15
$RM "$cfgfile" //将此行加上注释或删除此行
root@guohui apr-1.6.3]# ./configure --prefix=/usr/local/apr
[root@guohui apr-1.6.3]# make -j && make install
[root@guohui apr-util-1.6.1]# cd /usr/src/apr-util-1.6.1
[root@guohui apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@guohui apr-util-1.6.1]# make -j && make install
编译安装httpd
[root@guohui ~]# wget http://mirror.bit.edu.cn/apache//httpd/httpd-2.4.34.tar.bz2
[root@guohui ~]# ls
[root@guohui ~]# tar xf httpd-2.4.34.tar.bz2
[root@guohui ~]# cd httpd-2.4.34
[root@guohui httpd-2.4.34]# ./configure --prefix=/usr/local/apache \ //网站发布存放的目录
--sysconfdir=/etc/httpd24 \ //httpd编译安装的主配置文件
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork
[root@guohui ~]# make -j && make install
安装后配置
[root@guohui ~]# echo 'PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@guohui ~]# source /etc/profile.d/httpd.sh
[root@guohui ~]# ln -s /usr/local/apache/include/ /usr/include/httpd
[root@guohui ~]# echo 'MANPATH /usr/local/apache/man' >> /etc/man.config
取消 ServerName前面的注释
[root@guohui ~]# sed -i '/#ServerName/s/#//g' /etc/httpd24/httpd.conf
启动apache
[root@guohui ~]# apachectl start
[root@guohui ~]# ss -antlState
3.2 安装mysql
安装依赖包
[root@guohui ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel
创建用户和组
[root@guohui ~]# groupadd -r -g 306 mysql
[root@guohui ~]# useradd -M -s /sbin/nologin -g 306 -u 306 mysql
下载二进制格式的mysql软件包
[root@guohui ~]# cd /usr/src/
[root@guohui src]# wget https://downloads.mysql.com/archives/get/file/mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz
解压软件至/usr/local/
[root@guohui src]# ls
apr-1.6.3 apr-util-1.6.1 debug mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz
apr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 kernels
[root@guohui src]# tar xf mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@guohui src]# ls /usr/local/
apache apr-util etc include lib64 mysql-5.7.22-linux-glibc2.12-x86_64 share
apr bin games lib libexec sbin src
[root@guohui src]# cd /usr/local/
[root@guohui local]# ln -sv mysql-5.7.22-linux-glibc2.12-x86_64/ mysql
‘mysql’ -> ‘mysql-5.7.22-linux-glibc2.12-x86_64/’
修改目录/usr/locaal/mysql的属主属组
[root@guohui ~]# chown -R mysql.mysql /usr/local/mysql
[root@guohui ~]# ll /usr/local/mysql -d
lrwxrwxrwx. 1 mysql mysql 36 Aug 17 13:54 /usr/local/mysql -> mysql-5.7.22-linux-glibc2.12-x86_64/
添加环境变量
[root@guohui ~]# ls /usr/local/mysql
bin COPYING docs include lib man README share support-files
[root@guohui ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@guohui ~]# . /etc/profile.d/mysql.sh
[root@guohui ~]# echo $PATH
/usr/local/mysql/bin:/usr/local/apache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
建立数据存放目录
[root@guohui ~]# cd /usr/local/mysql
[root@guohui mysql]# mkdir /opt/data
[root@guohui mysql]# chown -R mysql.mysql /opt/data/
[root@guohui mysql]# ll /opt/
total 0
drwxr-xr-x. 2 mysql mysql 6 Aug 17 14:05 data
drwxr-xr-x. 8 root root 220 Jul 18 17:09 lin.d
初始化数据库
[root@guohui mysql]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/
2018-08-17T06:08:33.347313Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2018-08-17T06:08:33.873415Z 0 [Warning] InnoDB: New log files created, LSN=457902018-08-17T06:08:33.953310Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2018-08-17T06:08:34.016549Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: f8e46285-a1e3-11e8-b6bf-000c29c9d4ed.
2018-08-17T06:08:34.019542Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2018-08-17T06:08:34.023380Z 1 [Note] A temporary password is generated for root@localhost: B
配置mysql
[root@guohui ~]# ln -sv /usr/local/mysql/include/ /usr/local/include/mysql
‘/usr/local/include/mysql’ -> ‘/usr/local/mysql/include/’
[root@guohui ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@guohui ~]# ldconfig -v
生成配置文件
[root@guohui ~]# cat > /etc/my.cnf <
配置服务启动脚本
[root@guohui ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@guohui ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@guohui ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
启动mysql
[root@guohui ~]# service mysqld start
Starting MySQL.Logging to '/opt/data/guohui.err'.
SUCCESS!
[root@guohui ~]# ps -ef|grep mysql
root 52200 1 0 14:25 pts/1 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/opt/data --pid-file=/opt/data/mysql.pid
mysql 52378 52200 4 14:25 pts/1 00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/opt/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=guohui.err --pid-file=/opt/data/mysql.pid --socket=/tmp/mysql.sock --port=3306
root 52408 2998 0 14:25 pts/1 00:00:00 grep --color=auto mysql
[root@guohui ~]# ss -antl
修改密码
使用临时密码修改
[root@guohui ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.22
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('guohui123');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
3.3 安装php
配置yum源
[root@guohui ~]# cd /etc/yum.repos.d/
[root@guohui yum.repos.d]# wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
[root@guohui yum.repos.d]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@guohui yum.repos.d]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@guohui yum.repos.d]# yum -y install epel-release
安装依赖包
[root@guohui ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel
下载php
[root@guohui ~]# cd /usr/src/
[root@guohui src]# wget http://cn.php.net/distributions/php-7.2.8.tar.xz
编译安装php
[root@guohui ~]# ls
[root@guohui ~]# tar xf php-7.2.8.tar.xz
[root@guohui ~]# cd php-7.2.8
[root@guohui php-7.2.8]# ./configure --prefix=/usr/local/php7 --with-curl --with-freetype-dir --with-gd --with-gettext --with-iconv-dir --with-kerberos --with-libdir=lib64 --with-libxml-dir=/usr --with-mysqli=/usr/local/mysql/bin/mysql_config --with-openssl --with-pcre-regex --with-pdo-mysql --with-pdo-sqlite --with-pear --with-jpeg-dir --with-png-dir --with-xmlrpc --with-xsl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-fpm --enable-bcmath --enable-libxml --enable-inline-optimization --enable-mbregex --enable-mbstring --enable-mbstring --enable-opcache --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvsem --enable-xml --enable-zip
[root@guohui php-7.2.8]# make -j $(cat /proc/cpuinfo |grep processor|wc -l)
[root@guohui php-7.2.8]# make install
安装后配置
[root@guohui ~]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh
[root@guohui ~]# source /etc/profile.d/php7.sh
[root@guohui ~]# which php
/usr/local/php7/bin/php
[root@guohui ~]# php -v
PHP 7.2.8 (cli) (built: Aug 17 2018 16:27:08) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
配置php-fpm
[root@guohui php-7.2.8]# cp php.ini-production /etc/php.ini
[root@guohui php-7.2.8]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@guohui php-7.2.8]# chmod +x /etc/rc.d/init.d/php-fpm
[root@guohui php-7.2.8]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf
[root@guohui php-7.2.8]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf
编辑php-fpm的配置文件(/usr/local/php7/etc/php-fpm.conf)
配置fpm的相关选项为你所需要的值:
[root@guohui ~]# vim /usr/local/php7/etc/php-fpm.conf
...
...
pm.max_children = 50 //最多同时50个进程提供50个并发服务
pm.start_servers = 5 //启动时启动5个进程
pm.min_spare_servers = 2 //最小空闲进程数
pm.max_spare_servers = 8 //最大空闲进程数
[root@guohui ~]# tail /usr/local/php7/etc/php-fpm.conf
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it's been set (-p argument)
; - /usr/local/php7 otherwise
include=/usr/local/php7/etc/php-fpm.d/*.conf
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
启动php-fpm
[root@guohui ~]# service php-fpm start
Starting php-fpm done
[root@guohui ~]# ss -antl
3.4配置apache
3.4.1 启用代理模块
在apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现,此模块为mod_proxy_fcgi.so,它其实是作为mod_proxy.so模块的扩展,因此,这两个模块都要加载,编辑httpd.conf文件,取消一下两行的注释:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
启用httpd的相关模块
[root@guohui ~]# sed -i '/proxy_module/s/#//g' /etc/httpd24/httpd.conf
[root@guohui ~]# sed -i '/proxy_fcgi_module/s/#//g' /etc/httpd24/httpd.conf
3.4.2配置虚拟主机
在需要使用fcgi的虚拟主机中添加类似如下两行
ProxyRequests Off //关闭正向代理
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/PATH/TO/DOCUMENT_ROOT/$1
例如
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/var/www/html/idfsoft.com
$1
在配置文件的最后加入以下内容
[root@guohui ~]# vim /etc/httpd24/httpd.conf
DocumentRoot "/usr/local/apache/htdocs/guohui.com"
ServerName www.guohui.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/www.guohui.com/$1
Options none
AllowOverride none
Require all granted
搜索AddType,添加以下内容
[root@guohui ~]# vim /etc/httpd24/httpd.conf
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php //添加此行
AddType application/x-httpd-php-source .phps //添加此行
[root@guohui ~]# sed -i '/ DirectoryIndex/s/index.html/index.php index.html/g' /etc/httpd24/httpd.conf
创建虚拟主机目录并生成php测试页面
[root@guohui ~]# mkdir /usr/local/apache/htdocs/guohui.com
[root@guohui ~]# cat > /usr/local/apache/htdocs/guohui.com/index.php <
EOF
[root@guohui ~]# chown -R apache.apache /usr/local/apache/htdocs/
[root@guohui ~]# ll /usr/local/apache/htdocs/ -d
drwxr-xr-x. 3 apache apache 42 Aug 17 17:35 /usr/local/apache/htdocs/
重启apache服务
[root@guohui ~]# apachectl stop
[root@guohui ~]# apachectl start
3.5 验证
1.修改/etc/hosts文件,添加域名与IP的映射
路径
windows C:\Windows\System32\drivers\etc
linux etc/host
2.在浏览器上使用域名访问,如图所示,实验成功
想设置其他地址
user = nobody
group = nobody
[root@localhost ~]# vim /usr/local/php7/etc/php-fpm.d/www.conf
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 192.168.56.11:9000 //这里添加