Nginx 0.8.x + PHP 5.2.13(FastCGI)搭建胜过Apache十倍的Web服务器

 Nginx 0.8.x + PHP 5.2.13FastCGI)搭建胜过Apache十倍的Web服务器(第6版)[原创]

  |  |  

[

 2010-3-4 20:10 | by 张宴 ]

[文章作者:张宴 本文版本:v6.3 最后修改:2010.07.26 转载请注明原文链接:http://blog.zyan.cc/nginx_php_v6/]

 

前言:本文是我撰写的关于搭建“Nginx + PHPFastCGI)”Web服务器的第6篇文章。本系列文章作为国内最早详细介绍 Nginx + PHP 安装、配置、使用的资料之一,为推动 Nginx 在国内的发展产生了积极的作用。本文可能不断更新小版本,请记住原文链接“http://blog.zyan.cc/nginx_php_v6/,获取最新内容。第6篇文章主要介绍了Nginx 0.8.x新的平滑重启方式,将PHP升级到了5.2.14,修正了PEAR问题。另将MySQL 5.1.x升级到了5.5.x系列,配置文件变更较大。

 

链接:《20079月的第1》、《200712月的第2》、《20086月的第3》、《20088月的第4》、《20095月的第5

 

点击在新窗口中浏览此图片

 

Nginx ("engine x") 是一个高性能的 HTTP 和反向代理服务器,也是一个 IMAP/POP3/SMTP 代理服务器。 Nginx 是由 Igor Sysoev 为俄罗斯访问量第二的 Rambler.ru 站点开发的,它已经在该站点运行超过三年了。Igor 将源代码以类BSD许可证的形式发布。

 

Nginx 超越 Apache 的高性能和稳定性,使得国内使用 Nginx 作为 Web 服务器的网站也越来越多,其中包括新浪博客新浪播客网易新闻腾讯网搜狐博客等门户网站频道,六间房56.com等视频分享网站,Discuz!官方论坛水木社区等知名论坛,盛大在线金山逍遥网等网络游戏网站,豆瓣人人网YUPOO相册金山爱词霸迅雷在线等新兴Web 2.0网站。

 

 

Nginx 的官方中文维基:http://wiki.nginx.org/NginxChs

 

 

在高并发连接的情况下,NginxApache服务器不错的替代品。Nginx同时也可以作为7层负载均衡服务器来使用。根据我的测试结果,Nginx 0.8.46 + PHP 5.2.14 (FastCGI) 可以承受3万以上的并发连接数,相当于同等环境下Apache10

 

根据我的经验,4GB内存的服务器+Apacheprefork模式)一般只能处理3000个并发连接,因为它们将占用3GB以上的内存,还得为系统预留1GB的内存。我曾经就有两台Apache服务器,因为在配置文件中设置的MaxClients4000,当Apache并发连接数达到3800时,导致服务器内存和Swap空间用满而崩溃。

 

而这台 Nginx 0.8.46 + PHP 5.2.14(FastCGI) 服务器在3万并发连接下,开启的10Nginx进程消耗150M内存(15M*10=150M),开启的64php-cgi进程消耗1280M内存(20M*64=1280M),加上系统自身消耗的内存,总共消耗不到2GB内存。如果服务器内存较小,完全可以只开启25php-cgi进程,这样php-cgi消耗的总内存数才500M

 

3万并发连接下,访问Nginx 0.8.46 + PHP5.2.14 (FastCGI) 服务器的PHP程序,仍然速度飞快。下图为Nginx的状态监控页面,显示的活动连接数为28457(关于Nginx的监控页配置,会在本文接下来所给出的Nginx配置文件中写明):

 

点击在新窗口中浏览此图片

 

我生产环境下的两台Nginx + PHP5FastCGI)服务器,跑多个一般复杂的纯PHP动态程序,单台Nginx +PHP5FastCGI)服务器跑PHP动态程序的处理能力已经超过“700次请求/”,相当于每天可以承受6000万(700*60*60*24=60480000)的访问量(更多信息见此),而服务器的系统负载也不高:

 

点击在新窗口中浏览此图片

 

200993日下午230,金山游戏《剑侠情缘网络版叁》临时维护1小时(http://kefu.xoyo.com/gonggao/jx3/2009-09-03/750438.shtml),大量玩家上官网,论坛、评论、客服等动态应用Nginx服务器集群,每台服务器的Nginx活动连接数达到2.8万,这是笔者遇到的Nginx生产环境最高并发值。

 

点击在新窗口中浏览此图片

 

 

下面是用100个并发连接分别去压生产环境中同一负载均衡器VIP下、提供相同服务的两台服务器,一台为Nginx,另一台为ApacheNginx每秒处理的请求数是Apache的两倍多,Nginx服务器的系统负载、CPU使用率远低于Apache

 

你可以将连接数开到1000030000,去压NginxApache上的phpinfo.php,这是用浏览器访问Nginx上的phpinfo.php一切正常,而访问Apache服务器的phpinfo.php,则是该页无法显示。4G内存的服务器,即使再优化,Apache也很难在“webbench-c 30000 -t 60 http://xxx.xxx.xxx.xxx/phpinfo.php的压力情况下正常访问,而调整参数优化后的Nginx可以。

 

webbench 下载地址:http://blog.zyan.cc/post/288/

 

注意:webbench 做压力测试时,该软件自身也会消耗CPU和内存资源,为了测试准确,请将webbench 安装在别的服务器上。

 

测试结果:##### Nginx + PHP #####

引用

[root@localhost webbench-1.5]# webbench -c 100 -t 30 http://192.168.1.21/phpinfo.php

Webbench -Simple Web Benchmark 1.5

Copyright(c) Radim Kolar 1997-2004, GPL Open Source Software.

 

Benchmarking: GET http://192.168.1.21/phpinfo.php

100clients, running 30 sec.

 

Speed=102450pages/min, 16490596 bytes/sec.

Requests:51225 susceed, 0 failed.

 

top - 14:06:13 up 27 days,  2:25,  2 users,  load average: 14.57, 9.89, 6.51

Tasks: 287 total,   4 running, 283 sleeping,   0stopped,   0 zombie

Cpu(s): 49.9% us,  6.7% sy,  0.0% ni, 41.4% id,  1.1% wa,  0.1%hi,  0.8% si

Mem:   6230016k total,  2959468k used,  3270548kfree,   635992k buffers

Swap:  2031608k total,     3696k used,  2027912k free,  1231444k cached

 

测试结果:#####  Apache+ PHP #####

引用

[root@localhost webbench-1.5]# webbench -c 100 -t 30 http://192.168.1.27/phpinfo.php

Webbench -Simple Web Benchmark 1.5

Copyright(c) Radim Kolar 1997-2004, GPL Open Source Software.

 

Benchmarking: GET http://192.168.1.27/phpinfo.php

100clients, running 30 sec.

 

Speed=42184pages/min, 31512914 bytes/sec.

Requests:21092 susceed, 0 failed.

 

top - 14:06:20 up 27 days,  2:13,  2 users,  load average: 62.15, 26.36, 13.42

Tasks: 318 total,   7 running, 310 sleeping,   0stopped,   1 zombie

Cpu(s): 80.4% us, 10.6% sy,  0.0% ni,  7.9% id,  0.1% wa,  0.1% hi,  0.9% si

Mem:   6230016k total,  3075948k used,  3154068kfree,   379896k buffers

Swap:  2031608k total,    12592k used,  2019016k free,  1117868k cached

 

 

为什么Nginx的性能要比Apache高得多?这得益于Nginx使用了最新的epollLinux 2.6内核)和kqueuefreebsd)网络I/O模型,而Apache则使用的是传统的select模型。目前Linux下能够承受高并发访问的SquidMemcached都采用的是epoll网络I/O模型。

 

处理大量的连接的读写,Apache所采用的select网络I/O模型非常低效。下面用一个比喻来解析Apache采用的select模型和Nginx采用的epoll模型进行之间的区别:

 

假设你在大学读书,住的宿舍楼有很多间房间,你的朋友要来找你。select版宿管大妈就会带着你的朋友挨个房间去找,直到找到你为止。而epoll版宿管大妈会先记下每位同学的房间号,你的朋友来时,只需告诉你的朋友你住在哪个房间即可,不用亲自带着你的朋友满大楼找人。如果来了10000个人,都要找自己住这栋楼的同学时,select版和epoll版宿管大妈,谁的效率更高,不言自明。同理,在高并发服务器中,轮询I/O是最耗时间的操作之一,selectepoll的性能谁的性能更高,同样十分明了。

 

 

安装步骤:

(系统要求:Linux 2.6+ 内核,本文中的Linux操作系统为CentOS5.3,另在RedHat AS4上也安装成功)

 

一、获取相关开源程序:

1、【适用CentOS操作系统】利用CentOS Linux系统自带的yum命令安装、升级所需的程序库(RedHat等其他Linux发行版可从安装光盘中找到这些程序库的RPM包,进行安装):

sudo -s

LANG=C

yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpnglibpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-develglibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-develcurl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-developenssl openssl-devel openldap openldap-devel nss_ldap openldap-clientsopenldap-servers

 

2、【适用RedHat操作系统】RedHat等其他Linux发行版可从安装光盘中找到这些程序库的RPM包(事先可通过类似“rpm -qa | grep libjpeg”的命令查看所需的RPM包是否存在,通常是“xxx-devel”不存在,需要安装)。RedHat可以直接利用CentOSRPM包安装,以下是RPM包下载网址:

①、RedHat AS4 & CentOS4

http://mirrors.163.com/centos/4/os/i386/CentOS/RPMS/

http://mirrors.163.com/centos/4/os/x86_64/CentOS/RPMS/

 

②、RedHat AS5 & CentOS5

http://mirrors.163.com/centos/5/os/i386/CentOS/

http://mirrors.163.com/centos/5/os/x86_64/CentOS/

 

③、RPM包搜索网站

http://rpm.pbone.net/

http://www.rpmfind.net/

 

④、RedHat AS4 系统环境,通常情况下缺少的支持包安装:

Ⅰ、i386 系统

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/libjpeg-devel-6b-33.i386.rpm

rpm -ivh libjpeg-devel-6b-33.i386.rpm

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/freetype-devel-2.1.9-1.i386.rpm

rpm -ivh freetype-devel-2.1.9-1.i386.rpm

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/libpng-devel-1.2.7-1.i386.rpm

rpm -ivh libpng-devel-1.2.7-1.i386.rpm

Ⅱ、x86_64 系统

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/libjpeg-devel-6b-33.x86_64.rpm

rpm -ivh libjpeg-devel-6b-33.x86_64.rpm

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/freetype-devel-2.1.9-1.x86_64.rpm

rpm -ivh freetype-devel-2.1.9-1.x86_64.rpm

wget http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/libpng-devel-1.2.7-1.x86_64.rpm

rpm -ivh libpng-devel-1.2.7-1.x86_64.rpm

 

3、【适用CentOSRedHat及其它Linux操作系统】下载程序源码包:

本文中提到的所有开源软件为截止到20100726的最新稳定版。

①、从软件的官方网站下载:

mkdir -p /data0/software

cd /data0/software

wget http://sysoev.ru/nginx/nginx-0.8.46.tar.gz

wget http://www.php.net/get/php-5.2.14.tar.gz/from/this/mirror

wget http://php-fpm.org/downloads/php-5.2.14-fpm-0.5.14.diff.gz

wget http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.3-m3.tar.gz/from/http://mysql.he.net/

wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz

wget "http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0"

wget "http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0"

wget http://pecl.php.net/get/memcache-2.2.5.tgz

wget "http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0"

wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz

wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2

wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz

wget http://blog.zyan.cc/soft/linux/nginx_php/imagick/ImageMagick.tar.gz

wget http://pecl.php.net/get/imagick-2.3.0.tgz

②、blog.zyan.cc下载(比较稳定,只允许在本站,或者在Linux/Unix下通过WgetCurl等命令下载以下软件):

mkdir -p /data0/software

cd /data0/software

wget http://blog.zyan.cc/soft/linux/nginx_php/nginx/nginx-0.8.46.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/php/php-5.2.14.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/phpfpm/php-5.2.14-fpm-0.5.14.diff.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/mysql/mysql-5.5.3-m3.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/libiconv/libiconv-1.13.1.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/mcrypt/libmcrypt-2.5.8.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/mcrypt/mcrypt-2.6.8.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/memcache/memcache-2.2.5.tgz

wget http://blog.zyan.cc/soft/linux/nginx_php/mhash/mhash-0.9.9.9.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/eaccelerator/eaccelerator-0.9.6.1.tar.bz2

wget http://blog.zyan.cc/soft/linux/nginx_php/pdo/PDO_MYSQL-1.0.2.tgz

wget http://blog.zyan.cc/soft/linux/nginx_php/imagick/ImageMagick.tar.gz

wget http://blog.zyan.cc/soft/linux/nginx_php/imagick/imagick-2.3.0.tgz

 

 

二、安装PHP 5.2.14FastCGI模式)

1、编译安装PHP 5.2.14所需的支持库:

tar zxvf libiconv-1.13.1.tar.gz

cd libiconv-1.13.1/

./configure --prefix=/usr/local

make

make install

cd ../

 

tar zxvf libmcrypt-2.5.8.tar.gz 

cd libmcrypt-2.5.8/

./configure

make

make install

/sbin/ldconfig

cd libltdl/

./configure --enable-ltdl-install

make

make install

cd ../../

 

tar zxvf mhash-0.9.9.9.tar.gz

cd mhash-0.9.9.9/

./configure

make

make install

cd ../

 

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la

ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so

ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4

ln -s /usr/local/lib/libmcrypt.so.4.4.8/usr/lib/libmcrypt.so.4.4.8

ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a

ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la

ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so

ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2

ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

 

tar zxvf mcrypt-2.6.8.tar.gz

cd mcrypt-2.6.8/

/sbin/ldconfig

./configure

make

make install

cd ../

 

2、编译安装MySQL 5.5.3-m3

/usr/sbin/groupadd mysql

/usr/sbin/useradd -g mysql mysql

tar zxvf mysql-5.5.3-m3.tar.gz

cd mysql-5.5.3-m3/

./configure --prefix=/usr/local/webserver/mysql/--enable-assembler --with-extra-charsets=complex --enable-thread-safe-client--with-big-tables --with-readline --with-ssl --with-embedded-server--enable-local-infile --with-plugins=partition,innobase,myisammrg

make && make install

chmod +w /usr/local/webserver/mysql

chown -R mysql:mysql /usr/local/webserver/mysql

cd ../

 

附:以下为附加步骤,如果你想在这台服务器上运行MySQL数据库,则执行以下几步。如果你只是希望让PHP支持MySQL扩展库,能够连接其他服务器上的MySQL数据库,那么,以下两步无需执行。

 

①、创建MySQL数据库存放目录

mkdir -p /data0/mysql/3306/data/

mkdir -p /data0/mysql/3306/binlog/

mkdir -p /data0/mysql/3306/relaylog/

chown -R mysql:mysql /data0/mysql/

 

②、mysql用户帐号的身份建立数据表:

/usr/local/webserver/mysql/bin/mysql_install_db--basedir=/usr/local/webserver/mysql --datadir=/data0/mysql/3306/data--user=mysql

 

③、创建my.cnf配置文件:

vi /data0/mysql/3306/my.cnf

输入以下内容:

引用

[client]

character-set-server= utf8

port    = 3306

socket  = /tmp/mysql.sock

 

[mysqld]

character-set-server= utf8

replicate-ignore-db= mysql

replicate-ignore-db= test

replicate-ignore-db= information_schema

user    = mysql

port    = 3306

socket  = /tmp/mysql.sock

basedir =/usr/local/webserver/mysql

datadir =/data0/mysql/3306/data

log-error= /data0/mysql/3306/mysql_error.log

pid-file =/data0/mysql/3306/mysql.pid

open_files_limit    = 10240

back_log =600

max_connections= 5000

max_connect_errors= 6000

table_cache= 614

external-locking= FALSE

max_allowed_packet= 32M

sort_buffer_size= 1M

join_buffer_size= 1M

thread_cache_size= 300

#thread_concurrency= 8

query_cache_size= 512M

query_cache_limit= 2M

query_cache_min_res_unit= 2k

default-storage-engine= MyISAM

thread_stack= 192K

transaction_isolation= READ-COMMITTED

tmp_table_size= 246M

max_heap_table_size= 246M

long_query_time= 3

log-slave-updates

log-bin =/data0/mysql/3306/binlog/binlog

binlog_cache_size= 4M

binlog_format= MIXED

max_binlog_cache_size= 8M

max_binlog_size= 1G

relay-log-index= /data0/mysql/3306/relaylog/relaylog

relay-log-info-file= /data0/mysql/3306/relaylog/relaylog

relay-log= /data0/mysql/3306/relaylog/relaylog

expire_logs_days= 30

key_buffer_size= 256M

read_buffer_size= 1M

read_rnd_buffer_size= 16M

bulk_insert_buffer_size= 64M

myisam_sort_buffer_size= 128M

myisam_max_sort_file_size= 10G

myisam_repair_threads= 1

myisam_recover

 

interactive_timeout= 120

wait_timeout= 120

 

skip-name-resolve

#master-connect-retry= 10

slave-skip-errors= 1032,1062,126,1114,1146,1048,1396

 

#master-host     =   192.168.1.2

#master-user     =   username

#master-password =   password

#master-port     =  3306

 

server-id= 1

 

innodb_additional_mem_pool_size= 16M

innodb_buffer_pool_size= 512M

innodb_data_file_path= ibdata1:256M:autoextend

innodb_file_io_threads= 4

innodb_thread_concurrency= 8

innodb_flush_log_at_trx_commit= 2

innodb_log_buffer_size= 16M

innodb_log_file_size= 128M

innodb_log_files_in_group= 3

innodb_max_dirty_pages_pct= 90

innodb_lock_wait_timeout= 120

innodb_file_per_table= 0

 

#log-slow-queries= /data0/mysql/3306/slow.log

#long_query_time= 10

 

[mysqldump]

quick

max_allowed_packet= 32M

 

④、创建管理MySQL数据库的shell脚本:

vi /data0/mysql/3306/mysql

输入以下内容(这里的用户名admin和密码12345678接下来的步骤会创建):

#!/bin/sh

 

mysql_port=3306

mysql_username="admin"

mysql_password="12345678"

 

function_start_mysql()

{

    printf "Starting MySQL...\n"

    /bin/sh /usr/local/webserver/mysql/bin/mysqld_safe--defaults-file=/data0/mysql/${mysql_port}/my.cnf 2>&1 > /dev/null&

}

 

function_stop_mysql()

{

    printf "Stoping MySQL...\n"

    /usr/local/webserver/mysql/bin/mysqladmin -u ${mysql_username}-p${mysql_password} -S /tmp/mysql.sock shutdown

}

 

function_restart_mysql()

{

    printf "Restarting MySQL...\n"

    function_stop_mysql

    sleep 5

    function_start_mysql

}

 

function_kill_mysql()

{

    kill -9 $(ps -ef | grep 'bin/mysqld_safe' | grep${mysql_port} | awk '{printf $2}')

    kill -9 $(ps -ef | grep 'libexec/mysqld' | grep${mysql_port} | awk '{printf $2}')

}

 

if [ "$1" = "start" ]; then

    function_start_mysql

elif [ "$1" = "stop" ]; then

    function_stop_mysql

elif [ "$1" = "restart" ]; then

function_restart_mysql

elif [ "$1" = "kill" ]; then

function_kill_mysql

else

    printf "Usage: /data0/mysql/${mysql_port}/mysql{start|stop|restart|kill}\n"

fi

⑤、赋予shell脚本可执行权限:

chmod +x /data0/mysql/3306/mysql

 

⑥、启动MySQL

/data0/mysql/3306/mysql start

 

⑦、通过命令行登录管理MySQL服务器(提示输入密码时直接回车):

/usr/local/webserver/mysql/bin/mysql -u root -p -S /tmp/mysql.sock

 

⑧、输入以下SQL语句,创建一个具有root权限的用户(admin)和密码(12345678):

GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' IDENTIFIED BY'12345678';

GRANT ALL PRIVILEGES ON *.* TO 'admin'@'127.0.0.1' IDENTIFIED BY'12345678';

 

⑨、(可选)停止MySQL

/data0/mysql/3306/mysql stop

 

3、编译安装PHPFastCGI模式)

tar zxvf php-5.2.14.tar.gz

gzip -cd php-5.2.14-fpm-0.5.14.diff.gz | patch -d php-5.2.14 -p1

cd php-5.2.14/

./configure --prefix=/usr/local/webserver/php--with-config-file-path=/usr/local/webserver/php/etc--with-mysql=/usr/local/webserver/mysql--with-mysqli=/usr/local/webserver/mysql/bin/mysql_config--with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir--with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath--enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop--enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers--enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect--enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl--with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl--with-xmlrpc --enable-zip --enable-soap

make ZEND_EXTRA_LIBS='-liconv'

make install

cp php.ini-dist /usr/local/webserver/php/etc/php.ini

cd ../

 

4、编译安装PHP5扩展模块

tar zxvf memcache-2.2.5.tgz

cd memcache-2.2.5/

/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config

make

make install

cd ../

 

tar jxvf eaccelerator-0.9.6.1.tar.bz2

cd eaccelerator-0.9.6.1/

/usr/local/webserver/php/bin/phpize

./configure --enable-eaccelerator=shared--with-php-config=/usr/local/webserver/php/bin/php-config

make

make install

cd ../

 

tar zxvf PDO_MYSQL-1.0.2.tgz

cd PDO_MYSQL-1.0.2/

/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config--with-pdo-mysql=/usr/local/webserver/mysql

make

make install

cd ../

 

tar zxvf ImageMagick.tar.gz

cd ImageMagick-6.5.1-2/

./configure

make

make install

cd ../

 

tar zxvf imagick-2.3.0.tgz

cd imagick-2.3.0/

/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config

make

make install

cd ../

 

 

5、修改php.ini文件

手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir= "./"

修改为extension_dir ="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"

并在此行后增加以下几行,然后保存:

extension= "memcache.so"

extension= "pdo_mysql.so"

extension= "imagick.so"

 

再查找output_buffering = Off

修改为output_buffering = On

 

再查找; cgi.fix_pathinfo=0

修改为cgi.fix_pathinfo=0,防止Nginx文件类型错误解析漏洞。

 

自动修改:若嫌手工修改麻烦,可执行以下shell命令,自动完成对php.ini文件的修改:

sed -i 's#extension_dir = "./"#extension_dir ="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension= "memcache.so"\nextension = "pdo_mysql.so"\nextension ="imagick.so"\n#' /usr/local/webserver/php/etc/php.ini

sed -i 's#output_buffering = Off#output_buffering = On#'/usr/local/webserver/php/etc/php.ini

sed -i "s#; always_populate_raw_post_data =On#always_populate_raw_post_data = On#g"/usr/local/webserver/php/etc/php.ini

sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g"/usr/local/webserver/php/etc/php.ini

 

6、配置eAccelerator加速PHP

mkdir -p /usr/local/webserver/eaccelerator_cache

vi /usr/local/webserver/php/etc/php.ini

shift+g键跳到配置文件的最末尾,加上以下配置信息:

引用

[eaccelerator]

zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"

eaccelerator.shm_size="64"

eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"

eaccelerator.enable="1"

eaccelerator.optimizer="1"

eaccelerator.check_mtime="1"

eaccelerator.debug="0"

eaccelerator.filter=""

eaccelerator.shm_max="0"

eaccelerator.shm_ttl="3600"

eaccelerator.shm_prune_period="3600"

eaccelerator.shm_only="0"

eaccelerator.compress="1"

eaccelerator.compress_level="9"

 

 

7、创建www用户和组,以及供blog.zyan.ccwww.zyan.cc两个虚拟主机使用的目录:

/usr/sbin/groupadd www

/usr/sbin/useradd -g www www

mkdir -p /data0/htdocs/blog

chmod +w /data0/htdocs/blog

chown -R www:www /data0/htdocs/blog

mkdir -p /data0/htdocs/www

chmod +w /data0/htdocs/www

chown -R www:www /data0/htdocs/www

 

8、创建php-fpm配置文件(php-fpm是为PHP打的一个FastCGI管理补丁,可以平滑变更php.ini配置而无需重启php-cgi):

/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件:

rm -f /usr/local/webserver/php/etc/php-fpm.conf

vi /usr/local/webserver/php/etc/php-fpm.conf

输入以下内容(如果您安装 Nginx + PHP 用于程序调试,请将以下的0改为1,以便显示PHP错误信息,否则,Nginx 会报状态为500的空白错误页):

 

  Allrelative paths in this config are relative to php's install prefix

 

  

 

    Pid file

    /usr/local/webserver/php/logs/php-fpm.pid

 

    Error log file

    /usr/local/webserver/php/logs/php-fpm.log

 

    Log level

    notice

 

    When this amount of php processes exited with SIGSEGV or SIGBUS ...

    10

 

    ... in a less than this interval of time, a graceful restart will beinitiated.

    Useful to work around accidental curruptions in accelerator's sharedmemory.

    1m

 

    Time limit on waiting child's reaction on signals from master

    5s

 

    Set to 'no' to debug fpm

    yes

 

  

 

  

 

    

 

      Name of pool. Used in logs and stats.

      default

 

      Address to accept fastcgi requests on.

      Valid syntax is 'ip.ad.re.ss:port' or just 'port' or'/path/to/unix/socket'

      127.0.0.1:9000

 

      

 

        Set listen(2) backlog

        -1

 

        Set permissions for unix socket, if one used.

        In Linux read/write permissions must be set in orderto allow connections from web server.

        Many BSD-derrived systems allow connectionsregardless of permissions.

        

        

        0666

      

 

      Additional php.ini defines, specific to this pool ofworkers.

      

        /usr/sbin/sendmail -t -i

        0

      

 

      Unix user of processes

      www

 

      Unix group of processes

      www

 

      Process manager settings

      

 

        Sets style of controling worker process count.

        Valid values are 'static' and 'apache-like'

        static

 

        Sets the limit on the number of simultaneousrequests that will be served.

        Equivalent to Apache MaxClients directive.

        Equivalent to PHP_FCGI_CHILDREN environment inoriginal php.fcgi

        Used with any pm_style.

        128

 

        Settings group for 'apache-like' pm style

        

 

          Sets the number of server processes created onstartup.

          Used only when 'apache-like' pm_style is selected

          20

 

          Sets the desired minimum number of idle serverprocesses.

          Used only when 'apache-like' pm_style is selected

          5

 

          Sets the desired maximum number of idle serverprocesses.

          Used only when 'apache-like' pm_style is selected

          35

 

        

 

      

 

      The timeout (in seconds) for serving a singlerequest after which the worker process will be terminated

      Should be used when 'max_execution_time' ini optiondoes not stop script execution for some reason

      '0s' means 'off'

      0s

 

      The timeout (in seconds) for serving of singlerequest after which a php backtrace will be dumped to slow.log file

      '0s' means 'off'

      0s

 

      The log file for slow requests

      logs/slow.log

 

      Set open file desc rlimit

      65535

 

      Set max core size rlimit

      0

 

      Chroot to this directory at the start, absolute path

      

 

      Chdir to this directory at the start, absolute path

      

 

      Redirect workers' stdout and stderr into main errorlog.

      If not set, they will be redirected to /dev/null,according to FastCGI specs

      yes

 

      How much requests each process should execute beforerespawn.

      Useful to work around memory leaks in 3rd partylibraries.

      For endless request processing please specify 0

      Equivalent to PHP_FCGI_MAX_REQUESTS

      1024

 

      Comma separated list of ipv4 addresses of FastCGIclients that allowed to connect.

      Equivalent to FCGI_WEB_SERVER_ADDRS environment inoriginal php.fcgi (5.2.2+)

      Makes sense only with AF_INET listening socket.

      127.0.0.1

 

      Pass environment variables like LD_LIBRARY_PATH

      All $VARIABLEs are taken from current environment

      

        $HOSTNAME

        /usr/local/bin:/usr/bin:/bin

        /tmp

        /tmp

        /tmp

        $OSTYPE

        $MACHTYPE

        2

      

 

    

 

  

 

9、启动php-cgi进程,监听127.0.0.19000端口,进程数为128(如果服务器内存小于3GB,可以只开启64个进程),用户为www

ulimit -SHn 65535

/usr/local/webserver/php/sbin/php-fpm start

注:/usr/local/webserver/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload

 

 

三、安装Nginx 0.8.46

1、安装Nginx所需的pcre库:

tar zxvf pcre-8.10.tar.gz

cd pcre-8.10/

./configure

make && make install

cd ../

 

2、安装Nginx

tar zxvf nginx-0.8.46.tar.gz

cd nginx-0.8.46/

./configure --user=www --group=www--prefix=/usr/local/webserver/nginx --with-http_stub_status_module--with-http_ssl_module

make && make install

cd ../

 

3、创建Nginx日志目录

mkdir -p /data1/logs

chmod +w /data1/logs

chown -R www:www /data1/logs

 

4、创建Nginx配置文件

①、/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件:

rm -f /usr/local/webserver/nginx/conf/nginx.conf

vi /usr/local/webserver/nginx/conf/nginx.conf

输入以下内容:

引用

user  www www;

 

worker_processes8;

 

error_log  /data1/logs/nginx_error.log  crit;

 

pid        /usr/local/webserver/nginx/nginx.pid;

 

#Specifiesthe value for maximum file descriptors that can be opened by thisprocess. 

worker_rlimit_nofile65535;

 

events 

{

  use epoll;

  worker_connections65535;

}

 

http 

{

  include       mime.types;

  default_type  application/octet-stream;

 

  #charset  gb2312;

      

  server_names_hash_bucket_size128;

  client_header_buffer_size32k;

  large_client_header_buffers4 32k;

  client_max_body_size8m;

      

  sendfile on;

  tcp_nopush     on;

 

  keepalive_timeout 60;

 

  tcp_nodelay on;

 

  fastcgi_connect_timeout300;

  fastcgi_send_timeout300;

  fastcgi_read_timeout300;

  fastcgi_buffer_size64k;

  fastcgi_buffers 464k;

  fastcgi_busy_buffers_size128k;

  fastcgi_temp_file_write_size128k;

 

  gzip on;

  gzip_min_length  1k;

  gzip_buffers     4 16k;

  gzip_http_version1.0;

  gzip_comp_level 2;

  gzip_types       text/plain application/x-javascript text/cssapplication/xml;

  gzip_vary on;

 

  #limit_zone  crawler  $binary_remote_addr  10m;

 

  server

  {

    listen       80;

    server_name  blog.zyan.cc;

    indexindex.html index.htm index.php;

    root  /data0/htdocs/blog;

 

    #limit_conn  crawler  20;    

                             

    location~ .*\.(php|php5)?$

    {      

      #fastcgi_pass  unix:/tmp/php-cgi.sock;

      fastcgi_pass  127.0.0.1:9000;

      fastcgi_indexindex.php;

      includefcgi.conf;

    }

    

    location~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

    {

      expires      30d;

    }

 

    location~ .*\.(js|css)?$

    {

      expires      1h;

    }    

 

    log_format  access  '$remote_addr- $remote_user [$time_local] "$request" '

              '$status $body_bytes_sent "$http_referer"'

              '"$http_user_agent"$http_x_forwarded_for';

    access_log  /data1/logs/access.log  access;

      }

 

  server

  {

    listen       80;

    server_name  www.zyan.cc;

    indexindex.html index.htm index.php;

    root  /data0/htdocs/www;

 

    location~ .*\.(php|php5)?$

    {      

      #fastcgi_pass  unix:/tmp/php-cgi.sock;

      fastcgi_pass  127.0.0.1:9000;

      fastcgi_indexindex.php;

      includefcgi.conf;

    }

 

    log_format  wwwlogs  '$remote_addr- $remote_user [$time_local] "$request" '

               '$status $body_bytes_sent "$http_referer"'

               '"$http_user_agent"$http_x_forwarded_for';

    access_log  /data1/logs/wwwlogs.log  wwwlogs;

  }

 

  server

  {

    listen  80;

    server_name  status.blog.zyan.cc;

 

    location/ {

    stub_statuson;

    access_log  off;

    }

  }

}

 

②、/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件:

vi /usr/local/webserver/nginx/conf/fcgi.conf

输入以下内容:

引用

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;

fastcgi_param  SERVER_SOFTWARE    nginx;

 

fastcgi_param  QUERY_STRING       $query_string;

fastcgi_param  REQUEST_METHOD     $request_method;

fastcgi_param  CONTENT_TYPE       $content_type;

fastcgi_param  CONTENT_LENGTH     $content_length;

 

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;

fastcgi_param  REQUEST_URI        $request_uri;

fastcgi_param  DOCUMENT_URI       $document_uri;

fastcgi_param  DOCUMENT_ROOT      $document_root;

fastcgi_param  SERVER_PROTOCOL    $server_protocol;

 

fastcgi_param  REMOTE_ADDR        $remote_addr;

fastcgi_param  REMOTE_PORT        $remote_port;

fastcgi_param  SERVER_ADDR        $server_addr;

fastcgi_param  SERVER_PORT        $server_port;

fastcgi_param  SERVER_NAME        $server_name;

 

# PHPonly, required if PHP was built with --enable-force-cgi-redirect

fastcgi_param  REDIRECT_STATUS    200;

 

5、启动Nginx

ulimit -SHn 65535

/usr/local/webserver/nginx/sbin/nginx

 

四、配置开机自动启动Nginx + PHP

vi /etc/rc.local

在末尾增加以下内容:

引用

ulimit-SHn 65535

/usr/local/webserver/php/sbin/php-fpmstart

/usr/local/webserver/nginx/sbin/nginx

 

五、优化Linux内核参数

vi /etc/sysctl.conf

在末尾增加以下内容:

引用

# Add

net.ipv4.tcp_max_syn_backlog= 65536

net.core.netdev_max_backlog =  32768

net.core.somaxconn= 32768

 

net.core.wmem_default= 8388608

net.core.rmem_default= 8388608

net.core.rmem_max= 16777216

net.core.wmem_max= 16777216

 

net.ipv4.tcp_timestamps= 0

net.ipv4.tcp_synack_retries= 2

net.ipv4.tcp_syn_retries= 2

 

net.ipv4.tcp_tw_recycle= 1

#net.ipv4.tcp_tw_len= 1

net.ipv4.tcp_tw_reuse= 1

 

net.ipv4.tcp_mem= 94500000 915000000 927000000

net.ipv4.tcp_max_orphans= 3276800

 

#net.ipv4.tcp_fin_timeout= 30

#net.ipv4.tcp_keepalive_time= 120

net.ipv4.ip_local_port_range = 1024  65535

 

使配置立即生效:

/sbin/sysctl -p

 

六、在不停止Nginx服务的情况下平滑变更Nginx配置

1、修改/usr/local/webserver/nginx/conf/nginx.conf配置文件后,请执行以下命令检查配置文件是否正确:

/usr/local/webserver/nginx/sbin/nginx -t

如果屏幕显示以下两行信息,说明配置文件正确:

theconfiguration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok

theconfiguration file /usr/local/webserver/nginx/conf/nginx.conf was testedsuccessfully

 

2、平滑重启:

①、对于Nginx 0.8.x版本,现在平滑重启Nginx配置非常简单,执行以下命令即可:

/usr/local/webserver/nginx/sbin/nginx -s reload

 

②、对于Nginx 0.8.x之前的版本,平滑重启稍微麻烦一些,按照以下步骤进行即可。输入以下命令查看Nginx主进程号:

ps -ef | grep "nginx: master process" | grep -v"grep" | awk -F ' ' '{print $2}'

屏幕显示的即为Nginx主进程号,例如:

6302

这时,执行以下命令即可使修改过的Nginx配置文件生效:

kill -HUP 6302

或者无需这么麻烦,找到NginxPid文件:

kill -HUP `cat /usr/local/webserver/nginx/nginx.pid`

 

七、编写每天定时切割Nginx日志的脚本

1、创建脚本/usr/local/webserver/nginx/sbin/cut_nginx_log.sh

vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh

输入以下内容:

引用

#!/bin/bash

# Thisscript run at 00:00

 

# TheNginx logs path

logs_path="/usr/local/webserver/nginx/logs/"

 

mkdir -p${logs_path}$(date -d "yesterday" +"%Y")/$(date -d"yesterday" +"%m")/

mv${logs_path}access.log ${logs_path}$(date -d "yesterday"+"%Y")/$(date -d "yesterday" +"%m")/access_$(date-d "yesterday" +"%Y%m%d").log

kill -USR1`cat /usr/local/webserver/nginx/nginx.pid`

 

2、设置crontab,每天凌晨00:00切割nginx访问日志

crontab -e

输入以下内容:

引用

00 00 * * * /bin/bash  /usr/local/webserver/nginx/sbin/cut_nginx_log.sh

 

 

本文若有小的修改,会第一时间在以下网址发布:

http://blog.zyan.cc/nginx_php_v6/

 

 

附:文章修改历史

 

[20100304] [Version6.0] 新建

 

[20100416] [Version6.1] Nginx版本升级到0.8.35

 

[20100514] [Version6.2] Nginx版本升级到0.8.36MySQL版本升级到5.5.3-m3my.cnf配置文件中的thread_concurrencymaster-connect-retry参数在新版本中不支持,已经注释掉。

 

[20100726] [Version6.3] Nginx版本升级到0.8.46PHP版本升级到5.2.14。其他软件也做了相应的升级。开启php.ini中的cgi.fix_pathinfo=0,防止Nginx文件类型错误解析漏洞。

 

来自 <http://zyan.cc/nginx_php_v6/


你可能感兴趣的:(linux)