LNMP配置文件及问题解决

1.        安装 mysql
mysql-5.0.41-linux-i686-glibc23.tar.gz 由于 mysql 是二进制包。所以还是比较方便的。
直接解压。然后移动。

mv mysql-5.0.41-linux-x86_64-glibc23 /usr/local/mysql
cd /usr/local/mysql
groupadd mysql
useradd -g mysql mysql
chown -R mysql .
chgrp -R mysql .
chown -R root .

./scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/var/www/mysql/data
cp /usr/local/mysql/support-files/my-huge.cnf /etc/my.cnf
cp /usr/local/mysql/support-files/mysql.server  /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig –add mysqld
chkconfig --level 3 mysqld on
mv /usr/local/mysql/data /var/www/mysql
chown -R mysql:mysql /var/www/mysql

 

编辑 /etc/my.cnf

在 [mysqld] 段增加

datadir = /var/www/mysql

skip-innodb

wait-timeout = 10

max_connections = 512

max_connect_errors = 10000000

在 [mysqld] 段修改

max_allowed_packet = 16M

thread_cache_size = CPU 个数 *2

将 log-bin 注释

service mysqld start

bin/mysqladmin -u root -p

如果启动 /opt/module/mysql/bin/mysqld_safe &

# 　注：这里可能会出现错误。
[root@localhost mysql]# Starting mysqld daemon with databases from /opt/module/mysql/data
STOPPING server from pid file /opt/module/mysql/data/localhost.localdomain.pid
101029 17:49:43  mysqld ended
这是因为 basedir 与 datadir 目录未设置的问题。那么在 /etc/my.cnf  [mysqld] 里和 /etc/rc.d/init.d/mysqld 里面都上
添加 basedir = /opt/module/mysql   datadir=/opt/data/mysql  （这都是我的目录，相应改成你的目录）

 

再次启动。就应该可以了。

 

 

2.        安装扩展库

安装 pcre

tar -zxvf pcre-7.8.tar.gz
cd pcre-7.8
./configure
make && make install clean

 

安装 GD 库

安装 zlib

tar zxvf zlib-1.2.5.tar.gz

cd zlib-1.2.5

./configure --prefix=/usr

make && make install clean

cd ..

安装 libpng

tar zxvf libpng-1.2.44.tar.gz

cd libpng-1.2.44

./configure

make && make install clean

cd ..

 

安装 jpeg

tar zxvf jpegsrc.v8b.tar.gz

cd jpeg-8b

./configure -enable-shared -enable-static

make && make install clean

cd ..

安装 freetype

tar zxvf freetype-2.4.4.tar.gz

cd freetype-2.4.4

./configure

make && make install clean

cd ..

安装 autoconf

tar zxvf autoconf-2.68.tar.gz

cd autoconf -2.68

./configure

make && make install clean

cd ..

安装 gd2.0.35

tar zxvf gd-2.0.35.tar.gz

cd gd-2.0.35

./configure --prefix=/usr/local/gd2 --with-zlib --with-freetype --with-jpeg --with-png

make && make install clean

cd ..

安装 libxml2

tar -zxvf libxml2-2.7.6.tar.gz

cd libxml2-2.7.6

./configure

make && make install clean

cd ..

安装 libiconv

tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure --prefix=/usr/local
make && make install clean
cd ..

安装 libmcrypt

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make && make install clean
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make && make install clean
cd ../../

 

安装 mhash

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make && make install clean
cd ../
ln 命令在某个地方建立一个同步的链接
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8

ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2

ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

 

安装 mcrypt

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make && make install clean
cd ../

 

 

3.        安装编译 PHP （ FASTCGI ）

tar zxvf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1
cd php-5.2.17/
./configure --prefix=/usr/local/php /
--with-config-file-path=/usr/local/php/etc /
--with-mysql=/usr/local/mysql /
--with-mysqli=/usr/local/mysql/bin/mysql_config /
--with-iconv-dir=/usr/local /

--with-freetype-dir /
--with-jpeg-dir /
--with-png-dir /
--with-zlib /
--with-libxml-dir=/usr /
--enable-xml /
--disable-rpath /
--enable-discard-path /
--enable-safe-mode /
--enable-bcmath /
--enable-shmop /
--enable-sysvsem /
--enable-inline-optimization /
--with-curl /
--with-curlwrappers /
--enable-mbregex /
--enable-fastcgi /
--enable-fpm /
--enable-force-cgi-redirect /
--enable-mbstring /
--with-mcrypt /
--with-gd=/usr/local/gd2/ /
--enable-gd-native-ttf /
--with-openssl /
--with-mhash /
--enable-pcntl /
--enable-sockets /
--with-ldap /
--with-ldap-sasl

 

make ZEND_EXTRA_LIBS='-liconv'
make install clean

 

# 　注：这里可能会出现错误。
Installing PEAR environment:      /usr/local/php/lib/php/

/usr/local/src/php-5.2.17/sapi/cli/php: error while loading shared libraries: libmysqlclient.so.15: cannot open shared object file: No such file or directory
make[1]: *** [install-pear-installer] Error 127
make: *** [install-pear] Error 2
说没找到 libmysqlclient.so.15 那么解决方法。
cp /usr/local/mysql/lib/libmysqlclient.so.15 /usr/lib
再次 make install 搞定！

 

cp php.ini-dist /usr/local/php/etc/php.ini

mv -f /usr/local/src/conf/php-fpm.conf /usr/local/php/etc/php-fpm.conf

echo 'ulimit -SHn 65535' >> /etc/rc.local

echo '/usr/local/php/sbin/php-fpm start' >> /etc/rc.local

cd ../

 

4.          编译安装 PHP5 扩展模块

memcache

tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install clean
cd ../

 

eaccelerator

tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make && make install clean
cd ../

 

配置 eAccelerator 加速 PHP ：

mkdir -p /usr/local/eaccelerator_cache
vi /usr/local/php/etc/php.ini

[eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/usr/local/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

　　修改配置文件：

vi /etc/sysctl.conf

# Controls the maximum size of a message, in bytes

kernel.msgmnb = 65536

 

# Controls the default maxmimum size of a mesage queue

kernel.msgmax = 65536

 

# Controls the maximum shared segment size, in bytes

# kernel.shmmax = 4294967295

kernel.shmmax = 134217728

 

# Controls the maximum number of shared memory segments, in pages

kernel.shmall = 268435456

　　然后执行以下命令使配置生效：

/sbin/sysctl -p

 

PDO_MYSQL

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make && make install clean
cd ../

 

ImageMagick

tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure
make && make install clean
cd ../

 

imagick

tar zxvf imagick-2.2.2.tgz
cd imagick-2.2.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install clean
cd ../

 

Memcached

tar zxvf libevent-1.4.13-stable.tar.gz

cd libevent-1.4.13-stable

./configure --prefix=/usr/lib

make && make install clean

cd ../

tar zxvf memcached-1.4.5.tar.gz

cd memcached-1.4.5

./configure --prefix=/usr/local --with-libevent=/usr/lib/lib

make && make install clean

 

/usr/local/bin/memcached -d -u www -m 128

-p

监听的 TCP 端口 ( 缺省 : 11211)

-d

以守护进程方式运行 以守护进程方式运行 Memcached Memcached

-u

运行运行 Memcached 的账户 非 root 用户

-m

最大的内存使用单位是 MB 缺省是 64MB

-c

软连接数量缺省是 1024

-v

输出警告和错误信息

-vv

打印客户端的请求和返回信息

-h
打印帮助信息
-i
打印 memcached 和 libevent 的版权信息

 

# 　注：这里可能会出现错误。
error while loading shared libraries: libevent-1.4.so.2: cannot open shared object file: No such file or directory 这样的问题是在安装 memcached 的时候遇到的。

我按别人的攻略安装了 libevent 和 memcached 之后却发现在执行的时候出现了。 error while loading shared libraries: libevent-1.4.so.2: cannot open shared object file: No such file or directory 这个错误提示。

解决类似问题的步骤我相信我的做法可以通用。

1. 首先 find / -name libevent-1.4.so.2 找到缺少的链接文件到底在那儿。

2. LD_DEBUG=libs /usr/local/bin/memcached -v

3. 从 Debug 信息中就知道程序去哪里找链接库了。我这边程序去 trying file=/usr/lib/libevent-1.4.so.2 而我的链接库的实际存储位置是 /usr/local/lib/libevent-1.4.so.2

4. 做一个软连接 ln -s /usr/lib/lib/libevent-1.4.so.2 /usr/lib/libevent-1.4.so.2

5.          安装 ZendOptimizer

 

tar zxvf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz

cd ZendOptimizer-3.3.9-linux-glibc23-i386

cp data/5_2_x_comp/ZendOptimizer.so /usr/local/php/include/

 

编辑 php.ini

vi /usr/local/php/etc/ php.ini

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension=pdo_mysql.so

extension=memcache.so

extension=imagick.so

 

[zend]

zend_optimizer.optimization_level=15

zend_extension="/usr/local/php/include/ZendOptimizer.so"

 

再查找 output_buffering = Off

修改为 output_buffering = On

 

重启 PHP FCGI

/usr/local/php/sbin/php-fpm restart

 

6.          安装 nginx

 

groupadd www
useradd -g www www

tar zxvf nginx..gz
cd nginx
./configure --prefix=/usr/local/nginx /
--conf-path=/usr/local/nginx/conf/nginx.conf /
--with-http_realip_module /
--with-http_addition_module /
--with-http_gzip_static_module /
--with-http_random_index_module /
--with-http_stub_status_module /
--with-http_sub_module /
--with-http_dav_module

 

make && make install

 

Nginx 日志目录

mkdir -p /var/log/nginx

chmod +w /var/log/nginx

chown -R www:www /var/log/nginx

 

创建 Nginx 配置文件

① 、在 /usr/local/nginx/conf/ 目录中创建 nginx.conf 文件：

rm -f /usr/local//nginx/conf/nginx.conf
vim /usr/local/nginx/conf/nginx.conf

 

user  www www;

 

worker_processes 4;

 

error_log  /var/log/nginx/error.log;

pid        /var/log/nginx/nginx.pid;

 

worker_rlimit_nofile 65535;

 

events

{

  use epoll;

  worker_connections 65535;

}

 

http

{

  include       mime.types;

  default_type  application/octet-stream;

 

  #charset  gb2312;

  charset  utf-8;

     

  server_names_hash_bucket_size 128;

  client_header_buffer_size 32k;

  large_client_header_buffers 4 32k;

  client_max_body_size 8m;

     

  sendfile on;

  tcp_nopush     on;

 

  keepalive_timeout 60;

 

  tcp_nodelay on;

 

  fastcgi_connect_timeout 300;

  fastcgi_send_timeout 300;

  fastcgi_read_timeout 300;

  fastcgi_buffer_size 64k;

  fastcgi_buffers 4 64k;

  fastcgi_busy_buffers_size 128k;

  fastcgi_temp_file_write_size 128k;

 

  gzip on;

  gzip_min_length  1k;

  gzip_buffers     4 16k;

  gzip_http_version 1.0;

  gzip_comp_level 2;

  gzip_types       text/plain application/x-javascript text/css application/xml;

  gzip_vary on;

 

  server

  {

listen       10.0.0.61:80;

server_name  10.0.0.61;

index index.html index.htm index.php;

root  /home/www/wwwroot;

                            

    location ~ .*/.php?$

    {     

      fastcgi_pass  127.0.0.1:9000;

      fastcgi_index index.php;

      include fcgi.conf;

    }

   

    location ~ .*/.(gif|jpg|jpeg|png|bmp|swf)$

    {

      expires      30d;

     }

 

    location ~ .*/.(js|css)?$

    {

      expires      1h;

}

 

location /NginxStatus

{

  stub_status    on;

  access_log    off;

}

 

    access_log  off;

   }

}

 

② 、在 /usr/local/webserver/nginx/conf/ 目录中创建 fcgi.conf 文件：

vi /usr/local/nginx/conf/fcgi.conf

 

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

 

建立 nginx 启动脚本

vi /etc/init.d/nginx

#!/bin/bash

# nginx Startup script for the Nginx HTTP Server

# this script create it by jackbillow at 2007.10.15.

# it is v.0.0.2 version.

# if you find any errors on this scripts,please contact jackbillow.

# and send mail to jackbillow at gmail dot com.

#

# chkconfig: - 85 15

# description: Nginx is a high-performance web and proxy server.

#              It has a lot of features, but it's not for everyone.

# processname: nginx

# pidfile: /usr/local/nginx/logs/nginx.pid

# config: /usr/local/nginx/conf/nginx.conf

 

nginxd=/usr/local/nginx/sbin/nginx

nginx_config=/usr/local/nginx/conf/nginx.conf

nginx_pid=/var/log/nginx/nginx.pid

 

RETVAL=0

prog="nginx"

 

# Source function library.

. /etc/rc.d/init.d/functions

"/etc/init.d/nginx" [dos] 101L, 1996C

#!/bin/bash

# nginx Startup script for the Nginx HTTP Server

# this script create it by jackbillow at 2007.10.15.

# it is v.0.0.2 version.

# if you find any errors on this scripts,please contact jackbillow.

# and send mail to jackbillow at gmail dot com.

#

# chkconfig: - 85 15

# description: Nginx is a high-performance web and proxy server.

#              It has a lot of features, but it's not for everyone.

# processname: nginx

# pidfile: /usr/local/nginx/logs/nginx.pid

# config: /usr/local/nginx/conf/nginx.conf

 

nginxd=/usr/local/nginx/sbin/nginx

nginx_config=/usr/local/nginx/conf/nginx.conf

nginx_pid=/var/log/nginx/nginx.pid

 

RETVAL=0

prog="nginx"

 

# Source function library.

. /etc/rc.d/init.d/functions

 

# Source networking configuration.

. /etc/sysconfig/network

 

# Check that networking is up.

[ ${NETWORKING} = "no" ] && exit 0

 

[ -x $nginxd ] || exit 0

 

 

# Start nginx daemons functions.

start() {

 

if [ -e $nginx_pid ];then

   echo "nginx already running...."

   exit 1

fi

 

   echo -n $"Starting $prog: "

   daemon $nginxd -c ${nginx_config}

   RETVAL=$?

   echo

   [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx

   return $RETVAL

 

}

 

 

# Stop nginx daemons functions.

stop() {

        echo -n $"Stopping $prog: "

        killproc $nginxd

        RETVAL=$?

        echo

        [ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid

}

 

 

# reload nginx service functions.

reload() {

 

    echo -n $"Reloading $prog: "

    #kill -HUP `cat ${nginx_pid}`

    killproc $nginxd -HUP

    RETVAL=$?

    echo

 

}

 

# See how we were called.

case "$1" in

start)

        start

        ;;

 

stop)

        stop

        ;;

 

reload)

        reload

        ;;

 

restart)

        stop

        start

        ;;

 

status)

        status $prog

        RETVAL=$?

        ;;

*)

        echo $"Usage: $prog {start|stop|restart|reload|status|help}"

        exit 1

esac

 

exit $RETVAL

 

chmod 755 /etc/init.d/nginx

chkconfig --add nginx

chkconfig nginx on

 

7.        启动 Nginx 和 PHP

 

ulimit -SHn 65535

/usr/local/php/sbin/php-fpm start

service nginx start

 

 

8.          优化 Linux 内核参数

vi /etc/sysctl.conf

 

在末尾增加以下内容：

net.core.netdev_max_backlog =  32768

net.core.somaxconn = 32768

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

 

net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 65536

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_max_orphans = 3276800

net.ipv4.ip_local_port_range = 1024  65535

使配置立即生效：

/sbin/sysctl -p

 

9.          防 ddos 攻击

Sysctl 修改

vi /etc/rc.local

加入如下文本

sysctl kern.ipc.maxsockets=100000  ## 增加并发的 socket ，对于 ddos 很有用

sysctl kern.ipc.somaxconn=65535  ## 打开文件数

sysctl net.inet.tcp.msl=2500   ##timeout 时间

 

 

 

10.      编写每天定时切割 Nginx 日志的脚本
1 、创建脚本 /usr/local/webserver/nginx/sbin/cut_nginx_log.sh

vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh

　　输入以下内容：

#!/bin/bash
# This script run at 00:00

# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"

mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`

　　 2 、设置 crontab ，每天凌晨 00:00 切割 nginx 访问日志

crontab -e

　　输入以下内容：

00 00 * * * /bin/bash  /usr/local/nginx/sbin/cut_nginx_log.sh