LNAMP+CentOS 6.0(64位) 编译安装
一、系统约定
软件源代码包存放位置 /usr/local/src
二、系统环境初始化
01. 检查系统是否正常
# more /var/log/messages(检查有无系统级错误信息)
# dmesg (检查硬件设备是否有错误信息)
# cat /proc/cpuinfo (检查CPU频率是否正常)
# top (按1检测CPU核数是否正常,内存大小是否正常)
# ifconfig(检查网卡设置是否正确)
# ping www.163.com (检查网络是否正常)
02. 关闭不需要的服务
命令:
# ntsysv
以下仅列出需要启动的服务,未列出的服务一律推荐关闭:
atd
crond
irqbalance
microcode_ctl
network
sendmail
sshd
syslog
03.关闭SElinux
修改/etc/selinux/config文件中的SELINUX= 为 disabled
命令:
# vi /etc/selinux/config
:1,$s/SELINUX=enforcing/SELINUX=disabled/ge (vi的替换命令)
04.更换快速源:
# cd /etc/yum.repos.d/ (切换至yum.repos.d目录)
# mv CentOS-Base.repo CentOS-Base.repo.old (将原有CentOS-Base.repo文件备份并重命名)
# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo (下载对应版本的repo文件,注意区分64位和32位系统)
# mv CentOS6-Base-163.repo CentOS-Base.repo (将下载好的文件重命名为CentOS-Base.repo)
# yum update (更新)
05.安装 vi
# yum -y install vim-enhanced
06. 配置 vim
# vi /root/.bashrc
在 alias mv=’mv -i’ 下面添加一行:
alias vi='vim'
保存退出。
# echo 'syntax on' > /root/.vimrc
07.定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
# crontab –e
加入一行:(insertr命令)
*/30 * * * * ntpdate 210.72.145.44 > /dev/null 2>&1
08.删除Centos 多余组件,并更新及添加LNAMP所需组件:
# cd /etc/yum.repos.d/
# yum -y remove httpd mysql php
# yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake gd cpp gettext readline-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel bison
安装autoconf-2.61
cd /usr/local/src
autoconf-2.61
wget -c http://files.directadmin.com/services/custombuild/autoconf-2.61.tar.gz
tar -zxvf autoconf-2.61.tar.gz
cd autoconf-2.61
./configure --prefix=/usr
make
make install
export PHP_AUTOCONF=/usr/bin/autoconf
export PHP_AUTOHEADER=/usr/bin/autoheader
09.关闭selinux:
/usr/sbin/setenforce 0 //立刻关闭 SELINUX,1为开启
10.增加系统默认启动:
echo "/usr/sbin/setenforce 0" >> /etc/rc.local
11. 重新启动
# init 6
12. 下载程序包
请到各程序官方网站下载最新的稳定版本存放到/usr/local/src/目录
此次LNAMP包含了:
Apache2、PHP、MySQL、Nginx四个主要程序。
命令:
cd /usr/local/src
Apache-2.4.2:
wget -c https://lnamp-web-server.googlecode.com/files/httpd-2.4.2.tar.gz
wget -c https://lnamp-web-server.googlecode.com/files/httpd-2.4.2-deps.tar.gz
PHP-5.4.2:
wget -c https://lnamp-web-server.googlecode.com/files/php-5.4.2.tar.gz
MySQL-5.5.24:
wget -c https://lnamp-web-server.googlecode.com/files/mysql-5.5.24.tar.tar.gz
Nginx-1.2.0:
wget -c https://lnamp-web-server.googlecode.com/files/nginx-1.2.0.tar.gz
其他所需组件:
php5-mail-header.patch(php补丁,有助于防止邮件发送被滥用)
wget -c http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
ioncube_loaders_lin_x86-64
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.bz2
pcre
wget -c https://lnamp-web-server.googlecode.com/files/pcre-8.30.tar.gz
字符转换库libiconv
wget -c http://lnamp-web-server.googlecode.com/files/libiconv-1.14.tar.gz
libmcrypt
wget -c http://lnamp-web-server.googlecode.com/files/libmcrypt-2.5.8.tar.gz
wget -c http://lnamp-web-server.googlecode.com/files/mcrypt-2.6.8.tar.gz
mhash
wget -c http://lnamp-web-server.googlecode.com/files/mhash-0.9.9.9.tar.gz
phpMyAdmin
wget -c http://lnamp-web-server.googlecode.com/files/phpMyAdmin-3.4.2-all-languages.zip
gd
wget -c http://lnamp-web-server.googlecode.com/files/gd-2.0.35.tar.gz
将eaccelerator换成xcache(xcache 2.0支持php 5.4)
wget http://xcache.lighttpd.net/pub/Releases/2.0.0/xcache-2.0.0.tar.gz
suhosin
wget -c http://lnamp-web-server.googlecode.com/files/suhosin-0.9.32.1.tar.gz
ImageMagick
wget -c https://lnamp-web-server.googlecode.com/files/ImageMagick-6.7.7.tar.gz
imagick
wget -c https://lnamp-web-server.googlecode.com/files/imagick-3.1.0RC1.tgz
PHP的memcache扩展
wget -c https://lnamp-web-server.googlecode.com/files/memcache-3.0.6.tgz
wget -c http://launchpad.net/libmemcached/1.0/1.0.2/+download/libmemcached-1.0.2.tar.gz
wget -c http://pecl.php.net/get/memcached-2.0.1.tgz
memcached缓存
wget http://memcached.googlecode.com/files/memcached-1.4.13.tar.gz
libevent
wget https://github.com/downloads/libevent/libevent/libevent-2.0.18-stable.tar.gz
PDO_MYSQL
wget https://lnamp-web-server.googlecode.com/files/PDO_MYSQL-1.0.2.tgz
cmake
wget -c http://www.cmake.org/files/v2.8/cmake-2.8.8.tar.gz
rpaf模块(该模块用于apache做后端时获取访客真实的IP)
wget -c http://lnamp-web-server.googlecode.com/files/mod_rpaf-0.6.tar.gz
Tcmalloc(优化nginx、mysql)
64位操作系统请先安装 libunwind库,32位操作系统不要安装。libunwind库为基于64位CPU和操作系统的程序提供了基本的堆栈辗转开解功能,其中包括用于输出堆栈跟踪的API、用于以编程方式辗转开解堆栈的API以及支持C++异常处理机制的API
wget http://mirror.yongbok.net/nongnu/libunwind/libunwind-1.0.1.tar.gz
wget http://gperftools.googlecode.com/files/gperftools-2.0.tar.gz
三、安装MySQL
01.安装
#使用Tcmalloc 优化nginx、mysql
#64位操作系统请先安装libunwind库,32位操作系统不要安装。libunwind库为基于64位CPU和操作系统的程序提供了基本的堆栈辗转开解功能,其中包括用于输出堆栈跟踪的API、用于以编程方式辗转开解堆栈的API以及支持C++异常处理机制的API
cd /usr/local/src
tar -zxvf libunwind-1.0.1.tar.gz
cd libunwind-1.0.1
./configure
make;make install
cd ../
tar -zxvf gperftools-2.0.tar.gz
cd gperftools-2.0
./configure
make;make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig
cd ../
tar -zxvf cmake-2.8.8.tar.gz
cd cmake-2.8.8
./bootstrap
gmake
gmake install
cd ../
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql -s /sbin/nologin
mkdir -p /data/mysql/{data,binlog,relaylog,mysql}
chown -R mysql:mysql /data/mysql
cd /usr/local/src
tar zxvf mysql-5.5.24.tar.tar.gz
cd mysql-5.5.24
rm -rf CMakeCache.txt
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DEXTRA_CHARSETS=all \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_READLINE=1 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_DATADIR=/data/mysql/data \
-DMYSQL_TCP_PORT=3306
make;make install
chmod +w /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/libmysqlclient.so.18
02.编辑mysql配置文件
cat >> /etc/my.cnf <
[client]
port = 3306
socket = /data/mysql/mysql.sock
[mysqld]
character_set_server = utf8
collation-server = utf8_general_ci
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /data/mysql/mysql.sock
basedir = /usr/local/mysql
datadir = /data/mysql/data
log-error = /data/mysql/mysql_error.log
pid-file = /data/mysql/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 512
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 6M
join_buffer_size = 8M
thread_cache_size = 300
thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 256K
transaction_isolation = READ-COMMITTED
tmp_table_size = 256M
max_heap_table_size = 256M
long_query_time = 3
log-slave-updates
log-bin = /data/mysql/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 100M
relay-log-index = /data/mysql/relaylog/relaylog
relay-log-info-file = /data/mysql/relaylog/relaylog
relay-log = /data/mysql/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 384M
read_buffer_size = 4M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip_external_locking
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
skip-innodb
#log-slow-queries = /data/mysql/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
EOF
03.初始化mysql
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --user=mysql
#利用TCMalloc提高mysql在高并发下的性能
vi /usr/local/mysql/bin/mysqld_safe
#在# executing mysqld_safe的下一行,加上:
export LD_PRELOAD=/usr/local/lib/libtcmalloc.so
#或者通sed添加
sed -i '/# executing mysqld_safe/a\export LD_PRELOAD=/usr/local/lib/libtcmalloc.so' /usr/local/mysql/bin/mysqld_safe
04.设置mysql启动文件
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
vi /etc/rc.d/init.d/mysqld
basedir=/usr/local/mysql
datadir=/data/mysql/data
#或者通sed修改
sed -i '46 s#basedir=#basedir=/usr/local/mysql#' /etc/rc.d/init.d/mysqld
sed -i '47 s#datadir=#datadir=/data/mysql/data#' /etc/rc.d/init.d/mysqld
chmod 700 /etc/rc.d/init.d/mysqld
/etc/rc.d/init.d/mysqld start
#使用lsof命令查看tcmalloc是否起效(64位线没有效果,需要研究一下)
/usr/sbin/lsof -n | grep tcmalloc
#设置mysql开机启动
/sbin/chkconfig --add mysqld
/sbin/chkconfig --level 2345 mysqld on
ln -s /usr/local/mysql/bin/mysql /sbin/mysql
ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
#设置root密码(753951)
/sbin/mysqladmin -u root password 753951
#配置库文件搜索路径
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
/sbin/ldconfig
#添加/usr/local/mysql/bin到环境变量PATH中
echo "export PATH=$PATH:/usr/local/mysql/bin" >> /etc/profile
source /etc/profile
#添加mysql管理帐户 (参看这里)
mysql -h localhost -u root -p
#msqyl> use mysql;
#msqyl> grant all on *.* to 'lilei'@'localhost' identified by 'hanmeimei2';
#msqyl> flush privileges;
#msqyl> exit;
四.安装apache 2.4.2:
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www -s /sbin/nologin
mkdir -p /data/www/{kerry,king}
mkdir -p /data/logs/{kerry,king}
chown -R www:www /data/www
chown -R www:www /data/logs
cd /usr/local/src
wget http://ftp.gnu.org/gnu/libtool/libtool-2.4.2.tar.gz
rpm -e libtool-1.5.22-7.el5_4 (卸载旧版本)
tar -zxvf libtool-2.4.2.tar.gz
cd libtool-2.4.2
./configure
make;make install
cd /usr/local/src
tar -zxvf pcre-8.30.tar.gz
cd pcre-8.30
./configure --prefix=/usr/local/pcre
make;make install
cd ../
tar -zxvf httpd-2.4.2.tar.gz
tar -zxvf httpd-2.4.2-deps.tar.gz
cd httpd-2.4.2
#隐藏apache版本信息
sed -i 's/#define AP_SERVER_BASEPRODUCT "Apache"/#define AP_SERVER_BASEPRODUCT "Microsoft-IIS 5.0"/' include/ap_release.h
sed -i 's/#define PLATFORM "Unix"/#define PLATFORM "win32"/' os/unix/os.h
./configure --prefix=/usr/local/apache \
--enable-deflate \
--enable-headers \
--enable-mime-magic \
--enable-proxy \
--enable-ssl \
--enable-so \
--enable-rewrite \
--enable-suexec \
--with-suexec-bin=/usr/sbin/suexec \
--with-suexec-caller=www \
--with-pcre=/usr/local/pcre/bin/pcre-config \
--with-mpm=prefork \
--with-ssl=/usr
make;make install
#make的时候报错,“/usr/lib/libexpat.so: could not read symbols: File in wrong format”
#解决方法:
\cp /usr/lib64/libexpat.* /usr/lib/
#配置自启动文件
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
vi /etc/init.d/httpd
#在首行#!/bin/sh下添加
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
#或者直接使用sed添加
sed -i '/#!\/bin\/sh/a\# chkconfig: - 85 15\n# description: web server\n# processname: httpd\n# pidfile: /usr/local/apache/logs/httpd.pid\n# config: /usr/local/apache/conf/httpd.conf' /etc/init.d/httpd
#修改apache配置文件
cd /usr/local/apache/conf/
mv httpd.conf httpd.conf.bak
cat >> httpd.conf < ServerRoot "/usr/local/apache"
Listen 80
Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off
# LoadModule foo_module modules/mod_foo.so
#
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
#LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule deflate_module modules/mod_deflate.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule ssl_module modules/mod_ssl.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
User www
Group www
ServerAdmin [email protected]
AllowOverride none
Require all denied
DocumentRoot "/usr/local/apache/htdocs"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
DirectoryIndex index.html index.php
Require all denied
ErrorLog "logs/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
CustomLog "logs/access_log" common
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
#Scriptsock logs/cgisock
AllowOverride None
Options None
Require all granted
RewriteEngine on
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
AddType application/x-httpd-php-source .phps
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
Include conf/extra/proxy-html.conf
# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
EOF
#配置mpm_prefork_module
mv extra/httpd-mpm.conf extra/httpd-mpm.conf.bak
cat >> extra/httpd-mpm.conf <
ServerLimit 10000
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxRequestWorkers 10000
MaxConnectionsPerChild 10000
EOF
#配置虚拟主机(apache虚拟主机,通过IP访问默认会访问到第一个虚拟主机上,那么就第一个虚拟主机定义为127.0.0.1,目录指到/usr/local/apache/htdocs)
mv extra/httpd-vhosts.conf extra/httpd-vhosts.conf.bak
cat >> extra/httpd-vhosts.conf < #Vhosts
ServerAdmin [email protected]
DocumentRoot "/usr/local/apache/htdocs"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
ServerName 127.0.0.1
ServerAdmin [email protected]
DocumentRoot "/data/www/kerry"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
ServerName www.kerry.com
ErrorLog "logs/kerry-error_log"
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/kerry/%y_%m_%d.access_log 86400" common
ServerAdmin [email protected]
DocumentRoot "/data/www/king"
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
ServerName www.king.com
ErrorLog "logs/king-error_log"
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/king/%y_%m_%d.access_log 86400" common
EOF
#设置apache自启动
chmod 700 /etc/init.d/httpd
/etc/init.d/httpd start
/sbin/chkconfig --add httpd
/sbin/chkconfig --level 2345 httpd on
cd ../
五、安装PHP 5.4.2
#编译安装相关支持库
libiconv
cd /usr/local/src
tar -zxvf libiconv-1.14.tar.gz
cd libiconv-1.14/
./configure
make;make install
cd ../
libmcrypt
tar -zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make;make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make;make install
mhash
cd /usr/local/src
tar -zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make;make install
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
mcrypt
cd /usr/local/src
tar -zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make;make install
编译php
这里我们为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请点击: http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/
cd /usr/local/src/
tar -zxvf php-5.4.2.tar.gz
patch -d php-5.4.2 -p1 < php5-mail-header.patch
cd php-5.4.2
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-apxs2=/usr/local/apache/bin/apxs \
--with-mysql=/usr/local/mysql \
--with-mysqli=/usr/local/mysql/bin/mysql_config \
--with-iconv-dir=/usr/local \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--disable-rpath \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--with-curlwrappers \
--enable-mbregex \
--enable-mbstring \
--with-mcrypt \
--with-gd \
--enable-gd-native-ttf \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-ldap \
--with-ldap-sasl \
--with-xmlrpc \
--enable-zip \
--enable-soap
#如果报错误:configure: error: Cannot find ldap libraries in /usr/lib
先执行:
cp -frp /usr/lib64/libldap* /usr/lib/
再继续./configure…… …..
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-production /usr/local/php/etc/php.ini
cd ../
安装php扩展模块
cd /usr/local/src
tar -zxvf memcache-3.0.6.tgz
cd memcache-3.0.6/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-zlib-dir --enable-memcache
make;make install
make test
cd ../
memcached扩展
#php的扩展memcache,不支持cas,所以我们要装memcached扩展,memcached扩展是基于libmemcached,所以要先安装libmemcached
#安装memcached的服务端支持库
cd /usr/local/src
tar -zxvf libevent-2.0.18-stable.tar.gz
cd libevent-2.0.18-stable
./configure
make;make install
ln -s /usr/local/lib/libevent-2.0.so.5 /usr/lib
#安装Memcached服务端
cd /usr/local/src
tar -zxvf memcached-1.4.13.tar.gz
cd memcached-1.4.13
./configure --prefix=/usr/local/memcached --with-libevent=/usr
make;make install
cd /usr/local/src
tar -zxvf libmemcached-1.0.2.tar.gz
cd libmemcached-1.0.2
./configure --prefix=/usr/local/libmemcached --with-memcached
make;make install
#安装php的memcached扩展库
cd /usr/local/src
tar -zxvf memcached-2.0.1.tgz
cd memcached-2.0.1
/usr/local/php/bin/phpize
./configure --enable-memcached --with-php-config=/usr/local/php/bin/php-config --with-libmemcached-dir=/usr/local/libmemcached --with-memcached --with-zlib
make;make install
#因eaccelerator-0.9.6.1不支持php 5.4.0,所以就改用XCache 2.0.0
cd /usr/local/src
tar -zxvf xcache-2.0.0.tar.gz
cd xcache-2.0.0
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install
#安装pdo扩展
cd /usr/local/src/php-5.4.2/ext/pdo_mysql/
pdo_mysql.c
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make;make install
cd /usr/local/src
tar -zxvf ImageMagick-6.7.7.tar.gz
cd ImageMagick-6.7.7-0
./configure --prefix=/usr/local/imagemagick
make;make install
#imagick最新正式版为imagick-3.0.1.tgz,但imagick-3.0.1.tgz在make的时候会出现大量的报错信息,所以就改用imagick-3.1.0RC1.tgz
cd /usr/local/src
tar -zxvf imagick-3.1.0RC1.tgz
cd imagick-3.1.0RC1/
export PKG_CONFIG_PATH=/usr/local/imagemagick/lib/pkgconfig
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-imagick=/usr/local/imagemagick
cd /usr/local/src
tar -jxf ioncube_loaders_lin_x86-64.tar.bz2
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_5.2.so /usr/local/ioncube/
#修改php.ini添加php扩展
sed -i 's#; extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-zts-20100525/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "memcached.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini
cat >> /usr/local/php/etc/php.ini < [xcache-common]
extension = xcache.so
[xcache]
xcache.shm_scheme = "mmap"
xcache.size = 256M
xcache.count = 8
xcache.slots = 8K
xcache.ttl = 0
xcache.gc_interval = 0
xcache.var_size = 8M
xcache.var_count = 8
xcache.var_slots = 8K
xcache.var_ttl = 0
xcache.var_maxttl = 0
xcache.var_gc_interval = 300
xcache.test = Off
xcache.readonly_protection = Off
xcache.mmap_path = "/dev/zero"
xcache.coredump_directory = ""
xcache.cacher = On
xcache.stat = On
xcache.optimizer = Off
[xcache.coverager]
xcache.coverager = Off
xcache.coveragedump_directory = ""
EOF
#隐藏php版本
sed -i 's#expose_php = On#expose_php = Off#' /usr/local/php/etc/php.ini
#php安全设置,禁用函数
sed -i 's#disable_functions =#disable_functions =phpinfo,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source#' /usr/local/php/etc/php.ini
#重启apache,查看php扩展加载的情况
/etc/init.d/httpd restart
安装 Nginx
cd /usr/local/src
tar -zxvf nginx-1.2.0.tar.gz
cd nginx-1.2.0
./configure --user=www --group=www --prefix=/usr/local/nginx --with-pcre=/usr/local/src/pcre-8.30 --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --with-google_perftools_module
make;make install
cd ../
#添加nginx启动脚本
cat >> /etc/init.d/nginx < #! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0
EOF
#添加nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
cat >> /usr/local/nginx/conf/nginx.conf < user www www;
worker_processes 8;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#使用Tcmalloc优化nginx性能
google_perftools_profiles /var/tmp/tcmalloc;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
#工作模式及连接数上限
events
{
use epoll;
worker_connections 65535;
}
#设定http服务器,利用它的反向代理功能提供负载均衡支持
http
{
#设定mime类型
include mime.types;
default_type application/octet-stream;
#charset gb2312;
#设定请求缓冲
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 30m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_send_timeout 60;
proxy_read_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
# fastcgi_connect_timeout 300;
# fastcgi_send_timeout 300;
# fastcgi_read_timeout 300;
# fastcgi_buffer_size 64k;
# fastcgi_buffers 4 64k;
# fastcgi_busy_buffers_size 128k;
# fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
#定义访问日志的写入格式
log_format wwwlog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
log_format bbslog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
###禁止通过ip访问站点
server{
server_name _;
return 404;
}
server
{
listen 81;
server_name www.kerry.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/kerry;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有jsp的页面均交由tomcat处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向tomcat处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
access_log /data/logs/kerry/kerry_nginx.log wwwlog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name www.king.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/king;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有jsp的页面均交由tomcat处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向tomcat处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
access_log /data/logs/king/king_nginx.log bbslog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name status. www.kerry.com;
location / {
stub_status on;
access_log off;
}
}
}
EOF
#将nginx添加到启动服务中
chmod 700 /etc/init.d/nginx
/etc/init.d/nginx start
/sbin/chkconfig --add nginx
/sbin/chkconfig --level 2345 nginx on
#每天定时切割Nginx日志
cat >>/usr/local/nginx/sbin/cut_nginx_log.sh<< EOF
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path_kerry="/data/logs/kerry/"
logs_path_kerry="/data/logs/king/"
mv ${logs_path_kerry}kerry_nginx.log ${logs_path_kerry}$kerry_nginx_$(date -d "yesterday" +"%Y%m%d").log
mv ${logs_path_king}king_nginx.log ${logs_path_king}king_nginx_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/nginx.pid`
EOF
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh
#添加计划任务,每天凌晨00:00切割nginx访问日志
crontab -e
00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh
#为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP
#使用apxs安装模块.这里要使用此前apache编译安装后的apxs
cd /usr/local/src
tar -zxf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
#错误提示:
mod_rpaf-2.0.c: In function 'rpaf_cleanup':
mod_rpaf-2.0.c:150: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:151: error: 'conn_rec' has no member named 'remote_addr'
mod_rpaf-2.0.c:151: warning: implicit declaration of function 'inet_addr'
mod_rpaf-2.0.c:151: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c: In function 'change_remote_ip':
mod_rpaf-2.0.c:164: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:183: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:186: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:187: error: 'conn_rec' has no member named 'remote_addr'
mod_rpaf-2.0.c:187: error: 'conn_rec' has no member named 'remote_ip'
apxs:Error: Command failed with rc=65536
#解决办法:
# http://httpd.apache.org/docs/trunk/developer/new_api_2_4.html
#将150、151、164、183、186、187这几行的remote_ip修改成client_ip,remote_addr修改成client_addr
#编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:
LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
#上面出现的192.168.9.9请修改为你本机所监听web服务的ip.多个IP用空格空开
RPAFproxy_ips 127.0.0.1 192.168.9.9
RPAFsethostname On
RPAFheader X-Forwarded-For