LAMP-手动架构部署

1. lamp简介

有了前面学习的知识的铺垫，今天可以来学习下第一个常用的web架构了。

所谓lamp，其实就是由Linux+Apache+Mysql/MariaDB+Php/Perl/Python的一组动态网站或者服务器的开源软件，除Linux外其它各部件本身都是各自独立的程序，但是因为经常被放在一起使用，拥有了越来越高的兼容度，共同组成了一个强大的Web应用程序平台。

LAMP指的是Linux（操作系统）、Apache（HTTP服务器）、MySQL（也指MariaDB，数据库软件）和PHP（有时也是指Perl或Python）的第一个字母，一般用来建立web应用平台。

2. web服务器工作流程

在说lamp架构平台的搭建前，我们先来了解下什么是CGI，什么是FastCGI，什么是…

web服务器的资源分为两种，静态资源和动态资源

• 静态资源就是指静态内容，客户端从服务器获得的资源的表现形式与原文件相同。可以简单的理解为就是直接存储于文件系统中的资源
• 动态资源则通常是程序文件，需要在服务器执行之后，将执行的结果返回给客户端

那么web服务器如何执行程序并将结果返回给客户端呢？下面通过一张图来说明一下web服务器如何处理客户端的请求

如上图所示

阶段①显示的是httpd服务器（即apache）和php服务器通过FastCGI协议进行通信，且php作为独立的服务进程运行

阶段②显示的是php程序和mysql数据库间通过mysql协议进行通信。php与mysql本没有什么联系，但是由Php语言写成的程序可以与mysql进行数据交互。同理perl和python写的程序也可以与mysql数据库进行交互

2.1 cgi与fastcgi

上图阶段①中提到了FastCGI，下面我们来了解下CGI与FastCGI。

CGI（Common Gateway Interface，通用网关接口），CGI是外部应用程序（CGI程序）与WEB服务器之间的接口标准，是在CGI程序和Web服务器之间传递信息的过程。CGI规范允许Web服务器执行外部程序，并将它们的输出发送给Web浏览器，CGI将web的一组简单的静态超媒体文档变成一个完整的新的交互式媒体。

FastCGI（Fast Common Gateway Interface）是CGI的改良版，CGI是通过启用一个解释器进程来处理每个请求，耗时且耗资源，而FastCGI则是通过master-worker形式来处理每个请求，即启动一个master主进程，然后根据配置启动几个worker进程，当请求进来时，master会从worker进程中选择一个去处理请求，这样就避免了重复的生成和杀死进程带来的频繁cpu上下文切换而导致耗时

2.2 httpd与php结合的方式

httpd与php结合的方式有以下三种：

• modules：php将以httpd的扩展模块形式存在，需要加载动态资源时，httpd可以直接通过php模块来加工资源并返回给客户端
  • httpd prefork：libphp5.so（多进程模型的php）
  • httpd event or worker：libphp5-zts.so（线程模型的php）
• CGI：httpd需要加载动态资源时，通过CGI与php解释器联系，获得php执行的结果，此时httpd负责与php连接的建立和断开等
• FastCGI：利用php-fpm机制，启动为服务进程，php自行运行为一个服务，https通过socket与php通信

较于CGI方式，FastCGI更为常用，很少有人使用CGI方式来加载动态资源

2.3 web工作流程

通过上面的图说明一下web的工作流程：

• 客户端通过http协议请求web服务器资源
• web服务器收到请求后判断客户端请求的资源是静态资源或是动态资源
  • 若是静态资源则直接从本地文件系统取之返回给客户端。
  • 否则若为动态资源则通过FastCGI协议与php服务器联系，通过CGI程序的master进程调度worker进程来执行程序以获得客户端请求的动态资源，并将执行的结果通过FastCGI协议返回给httpd服务器，httpd服务器收到php的执行结果后将其封装为http响应报文响应给客户端。在执行程序获取动态资源时若需要获得数据库中的资源时，由Php服务器通过mysql协议与MySQL/MariaDB服务器交互，取之而后返回给httpd，httpd将从php服务器收到的执行结果封装成http响应报文响应给客户端。

3. lamp平台构建

环境说明：

系统平台	IP	需要安装的服务
centos8 redhat8	192.168.152.135	httpd-2.4 mysql-5.7 php php-mysql

lamp平台软件安装次序：

httpd --> mysql --> php     安装过程省略...

注意：php要求httpd使用prefork MPM

3.1 安装httpd

//创建apache服务的用户和组
[root@localhost ~]# useradd -r -M -s /sbin/nologin apache
[root@localhost ~]# id apache
uid=995(apache) gid=992(apache) groups=992(apache)

//安装依赖包
[root@localhost ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++

//安装开发工具包
[root@localhost ~]# yum groups mark install 'Development Tools'

//安装常用工具
[root@localhost ~]# yum -y install vim wget

//清空缓存，有利下载
[root@localhost ~]# yum clean all

• 按照顺序先安装apr，然后装apr-util，接着安装httpd，因为它们是依赖关系

//下载安装包
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-1.6.5.tar.bz2
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-util-1.6.1.tar.bz2
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.46.tar.bz2

//安装lbzip2包
[root@localhost ~]# yum -y install lbzip2

[root@localhost ~]# ls
anaconda-ks.cfg    apr-util-1.6.1.tar.bz2
apr-1.6.5.tar.bz2  httpd-2.4.46.tar.bz2

//解压安装包
[root@localhost ~]# tar xf apr-1.6.5.tar.bz2 
[root@localhost ~]# tar xf apr-util-1.6.1.tar.bz2 
[root@localhost ~]# tar xf httpd-2.4.46.tar.bz2 

[root@localhost ~]# ls
anaconda-ks.cfg    apr-util-1.6.1          httpd-2.4.46.tar.bz2
apr-1.6.5          apr-util-1.6.1.tar.bz2
apr-1.6.5.tar.bz2  httpd-2.4.46

//修改配置文件，指定安装位置，编译安装
[root@localhost ~]# cd apr-1.6.5
[root@localhost apr-1.6.5]# vim configure

    cfgfile=${ofile}T
    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
    $RM "$cfgfile"     //找到此行删除

[root@localhost apr-1.6.5]# ./configure --prefix=/usr/local/apr

[root@localhost apr-1.6.5]# make && make install

//apr-util修改配置文件，指定安装路径，编译安装
[root@localhost ~]# cd apr-util-1.6.1
[root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@localhost apr-util-1.6.1]# make && make install

//httpd修改配置文件，指定安装路径，编译安装
[root@localhost ~]# cd httpd-2.4.46
[root@localhost httpd-2.4.46]# ./configure --prefix=/usr/local/apache \
 --sysconfdir=/etc/httpd24 \
 --enable-so \
 --enable-ssl \
 --enable-cgi \
 --enable-rewrite \
 --with-zlib \
 --with-pcre \
 --with-apr=/usr/local/apr \
 --with-apr-util=/usr/local/apr-util/ \
 --enable-modules=most \
 --enable-mpms-shared=all \
 --with-mpm=prefork
[root@localhost httpd-2.4.46]# make && make install

//修改环境变量，读取变量
[root@localhost httpd-2.4.46]# ls /usr/local/apache/
bin    cgi-bin  htdocs  include  man     modules
build  error    icons   logs     manual
[root@localhost httpd-2.4.46]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@localhost httpd-2.4.46]# source /etc/profile.d/httpd.sh
[root@localhost httpd-2.4.46]# cd
[root@localhost ~]# which httpd
/usr/local/apache/bin/httpd
[root@localhost ~]# ln -s /usr/local/include/ /usr/include/apache
[root@localhost ~]# ll /usr/include/
total 1752
lrwxrwxrwx   1 root root     26 Oct 30 00:14 apache -> /usr/local/apache/include/

//取消ServerName前面的注释
[root@localhost ~]# sed -i '/#ServerName/s/#//g' /etc/httpd24/httpd.conf
ServerName www.example.com:80

//启动服务
[root@localhost ~]# apachectl start
[root@localhost ~]# ss -antl
State   Recv-Q   Send-Q      Local Address:Port      Peer Address:Port   
LISTEN  0        128               0.0.0.0:22             0.0.0.0:*      
LISTEN  0        128                     *:80                   *:*      
LISTEN  0        128                  [::]:22                [::]:*  

3.2 MySQL的安装

//安装依赖包
[root@localhost ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel

//创建用户和组
[root@localhost ~]# useradd -r -M -s /sbin/nologin mysql
[root@localhost ~]# id mysql
uid=994(mysql) gid=991(mysql) groups=991(mysql)

//下载二进制格式的mysql软件包，把mysqld的解压包传到/下
[root@localhost ~]# ls
anaconda-ks.cfg         httpd-2.4.46
apr-1.6.5               httpd-2.4.46.tar.bz2
apr-1.6.5.tar.bz2       mysql.22
apr-util-1.6.1          mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
apr-util-1.6.1.tar.bz2

//解压软件至/usr/local/
[root@localhost ~]# tar -xf mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@localhost ~]# cd /usr/local/
[root@localhost local]# ls
apache    bin    include  libexec                              share
apr       etc    lib      mysql-5.7.31-linux-glibc2.12-x86_64  src
apr-util  games  lib64    sbin

//加软链接，修改mysql的属主和组
[root@localhost local]# ln -s mysql-5.7.31-linux-glibc2.12-x86_64 mysql
[root@localhost local]# chown -R mysql.mysql mysql*
[root@localhost local]# ll
total 0
drwxr-xr-x  13 root  root  152 Oct 30 00:08 apache
drwxr-xr-x   6 root  root   58 Oct 29 23:56 apr
drwxr-xr-x   5 root  root   43 Oct 29 23:58 apr-util
drwxr-xr-x.  2 root  root    6 Aug 12  2018 bin
drwxr-xr-x.  2 root  root    6 Aug 12  2018 etc
drwxr-xr-x.  2 root  root    6 Aug 12  2018 games
drwxr-xr-x.  2 root  root    6 Aug 12  2018 include
drwxr-xr-x.  2 root  root    6 Aug 12  2018 lib
drwxr-xr-x.  2 root  root    6 Aug 12  2018 lib64
drwxr-xr-x.  2 root  root    6 Aug 12  2018 libexec
lrwxrwxrwx   1 mysql mysql  35 Oct 30 14:10 mysql -> mysql-5.7.31-linux-glibc2.12-x86_64
drwxr-xr-x   9 mysql mysql 129 Jun  2 21:11 mysql-5.7.31-linux-glibc2.12-x86_64
drwxr-xr-x.  2 root  root    6 Aug 12  2018 sbin
drwxr-xr-x.  5 root  root   49 Oct 27 23:14 share
drwxr-xr-x.  2 root  root    6 Aug 12  2018 src

//添加环境变量
[root@localhost ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@localhost ~]# source /etc/profile.d/mysql.sh 
[root@localhost ~]# which mysql
/usr/local/mysql/bin/mysql

//建立数据存放目录
[root@localhost ~]# mkdir /opt/data/
[root@localhost ~]# chown -R mysql.mysql /opt/data/
[root@localhost ~]# ll /opt/
total 0
drwxr-xr-x 2 mysql mysql 6 Oct 30 14:20 data

//初始化数据库，不要密码
[root@localhost ~]# mysqld --initialize-insecure --datadir=/opt/data/ --user=mysql
2020-10-30T06:24:41.441442Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2020-10-30T06:24:41.792853Z 0 [Warning] InnoDB: New log files created, LSN=45790
2020-10-30T06:24:41.852408Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2020-10-30T06:24:41.943018Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 985afe34-1a78-11eb-a2a5-000c295cc318.
2020-10-30T06:24:41.944924Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2020-10-30T06:24:42.725220Z 0 [Warning] CA certificate ca.pem is self signed.
2020-10-30T06:24:43.232690Z 1 [Warning] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.

//把原有的my.cnf文件备份
[root@localhost ~]# mv /etc/my.cnf{,-bak}
[root@localhost ~]# ls /etc/my.cnf*
/etc/my.cnf-bak

/etc/my.cnf.d:
client.cnf

//编写配置文件
[root@localhost ~]# vim /etc/my.cnf
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve

//加软连接，添加配置并重新读取配置
[root@localhost ~]# ls /usr/local/mysql
bin  docs  include  lib  LICENSE  man  README  share  support-files
[root@localhost ~]# ln -s /usr/local/mysql/include/ /usr/include/mysql
[root@localhost ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@localhost ~]# ldconfig

//配置服务
[root@localhost ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@localhost ~]# vim /etc/init.d/mysqld   //找到以下两行加上路径
basedir=/usr/local/mysql
datadir=/opt/data

//启动服务
[root@localhost ~]# service mysqld start
Starting MySQL. SUCCESS! 
[root@localhost ~]# ss -antl
State   Recv-Q   Send-Q      Local Address:Port      Peer Address:Port   
LISTEN  0        128               0.0.0.0:22             0.0.0.0:*      
LISTEN  0        128                     *:80                   *:*      
LISTEN  0        128                  [::]:22                [::]:*      
LISTEN  0        80                      *:3306                 *:*      

//下载安装包，进入数据库修改密码
[root@localhost ~]# yum -y install ncurses-compat-libs

[root@localhost ~]# mysql
mysql> set password=password("123456");
Query OK, 0 rows affected, 1 warning (0.01 sec)

mysql> quit
Bye

//新密码登录验证
[root@localhost ~]# mysql -uroot -p123456

mysql> 

3.3 安装php

//下载依赖包
[root@localhost ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel  pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd

//下载php
[root@localhost ~]# wget http://cn.php.net/distributions/php-7.2.8.tar.xz
[root@localhost ~]# ls
anaconda-ks.cfg         httpd-2.4.46
apr-1.6.5               httpd-2.4.46.tar.bz2
apr-1.6.5.tar.bz2       mysql.22
apr-util-1.6.1          mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
apr-util-1.6.1.tar.bz2  php-7.2.8.tar.xz
[root@localhost ~]# 

//安装编译软件
[root@localhost ~]# yum -y install gcc gcc-c++ make

//解压并编译安装php
[root@localhost ~]# tar xf php-7.2.8.tar.xz 
[root@localhost ~]# cd php-7.2.8
[root@localhost php-7.2.8]#  ./configure --prefix=/usr/local/php7  \
 --with-config-file-path=/etc \
 --enable-fpm \
 --enable-inline-optimization \
 --disable-debug \
 --disable-rpath \
 --enable-shared \
 --enable-soap \
 --with-openssl \
 --enable-bcmath \
 --with-iconv \
 --with-bz2 \
 --enable-calendar \
 --with-curl \
 --enable-exif  \
 --enable-ftp \
 --with-gd \
 --with-jpeg-dir \
 --with-png-dir \
 --with-zlib-dir \
 --with-freetype-dir \
 --with-gettext \
 --enable-json \
 --enable-mbstring \
 --enable-pdo \
 --with-mysqli=mysqlnd \
 --with-pdo-mysql=mysqlnd \
 --with-readline \
 --enable-shmop \
 --enable-simplexml \
 --enable-sockets \
 --enable-zip \
 --enable-mysqlnd-compression-support \
 --with-pear \
 --enable-pcntl \
 --enable-posix

[root@localhost php-7.2.8]# make && make install
略...
Wrote PEAR system config file at: /usr/local/php7/etc/pear.conf
You may want to add: /usr/local/php7/lib/php to your php.ini include_path
/root/php-7.2.8/build/shtool install -c ext/phar/phar.phar /usr/local/php7/bin
ln -s -f phar.phar /usr/local/php7/bin/phar
Installing PDO headers:           /usr/local/php7/include/php/ext/pdo/

//安装后配置
[root@localhost php-7.2.8]# ls /usr/local/php7/
bin  etc  include  lib  php  sbin  var
[root@localhost php-7.2.8]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh
[root@localhost php-7.2.8]# source /etc/profile.d/php7.sh
[root@localhost php-7.2.8]# which php
/usr/local/php7/bin/php

//配置php-fpm
[root@localhost php-7.2.8]# cp php.ini-production /etc/php.ini   //生产环境
cp: overwrite '/etc/php.ini'? y
[root@localhost php-7.2.8]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@localhost php-7.2.8]# chmod +x /etc/rc.d/init.d/php-fpm
[root@localhost php-7.2.8]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf
[root@localhost php-7.2.8]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf

//编辑php-fpm的配置文件，配置fpm的相关选项为你所需要的值：
[root@localhost ~]# vim /usr/local/php7/etc/php-fpm.conf

文件最后加上这四行
pm.max_children = 50        //最多同时提供50个进程提供50个并发服务
pm.start_servers = 5        //启动时启动5个进程
pm.min_spare_servers = 2    //最小空闲进程数
pm.max_spare_servers = 8    //最大空闲进程数

//启动php-fpm
//默认情况下，fpm监听在127.0.0.1的9000端口，也可以使用如下命令验证其是否已经监听在相应的套接字
[root@localhost ~]# service php-fpm start
Starting php-fpm  done
[root@localhost ~]# ss -antl
State   Recv-Q   Send-Q      Local Address:Port      Peer Address:Port   
LISTEN  0        128               0.0.0.0:22             0.0.0.0:*      
LISTEN  0        128             127.0.0.1:9000           0.0.0.0:*      
LISTEN  0        128                     *:80                   *:*      
LISTEN  0        128                  [::]:22                [::]:*      
LISTEN  0        80                      *:3306                 *:*   

3.4 配置apache

3.4.1 启用代理模块

在apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现，此模块为mod_proxy_fcgi.so，它其实是作为mod_proxy.so模块的扩展，因此，这两个模块都要加载，编辑httpd.conf文件，取消以下两行内容的注释:

• LoadModule proxy_module modules/mod_proxy.so
• LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so

//启用httpd的相关模块
//删除/etc/httpd24/httpd.conf文件里，此两行的注释
[root@localhost ~]# sed -i '/proxy_module/s/#//g' /etc/httpd24/httpd.conf
[root@localhost ~]# sed -i '/proxy_fcgi_module/s/#//g' /etc/httpd24/httpd.conf

3.4.2配置虚拟主机

//编辑配置文件，去掉此行注释
[root@localhost ~]# vim /etc/httpd24/httpd.conf
# Virtual hosts
Include /etc/httpd24/extra/httpd-vhosts.conf

[root@localhost ~]# vim /etc/httpd24/extra/httpd-vhosts.conf
#
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs"
    ServerName www.example.com
    ErrorLog "logs/www.example.com-error_log"
    CustomLog "logs/www.example.com-access_log" common
    ProxyRequests Off
    ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/$1
    <Directory "/usr/local/apache/htdocs">
        Require all granted
    </Directory>
</VirtualHost>

//生成php测试页面，修改权限
[root@localhost ~]# cd /usr/local/apache/htdocs/
[root@localhost htdocs]# ls
index.html
[root@localhost htdocs]# vim index.php
<?php
    phpinfo();
?>
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# chown -R apache.apache htdocs/
[root@localhost apache]# ll
total 36
drwxr-xr-x  2 root   root    262 Oct 30 00:08 bin
drwxr-xr-x  2 root   root    167 Oct 30 00:08 build
drwxr-xr-x  2 root   root     78 Oct 30 00:08 cgi-bin
drwxr-xr-x  3 root   root   4096 Oct 30 00:08 error
drwxr-xr-x  2 apache apache   24 Oct 30 17:04 htdocs
drwxr-xr-x  3 root   root   8192 Oct 30 00:08 icons
drwxr-xr-x  2 root   root   4096 Oct 30 00:08 include
drwxr-xr-x  2 root   root     58 Oct 30 00:20 logs
drwxr-xr-x  4 root   root     30 Oct 30 00:08 man
drwxr-xr-x 14 root   root   8192 Oct 30 00:08 manual
drwxr-xr-x  2 root   root   4096 Oct 30 00:08 modules

[root@localhost ~]# vim /etc/httpd24/httpd.conf
//搜索AddType，添加以下内容
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType application/x-httpd-php .php          //添加此行
    AddType application/x-httpd-php-source .phps  //添加此行
//找到此行，加上index.php 
    <IfModule dir_module>
        DirectoryIndex index.html
    </IfModule>

<IfModule dir_module>
    DirectoryIndex index.php index.html   //修改以后
</IfModule>

//重启apache服务
[root@localhost ~]# apachectl stop
[root@localhost ~]# apachectl start 
[root@localhost ~]# ss -antl
State               Recv-Q               Send-Q                              Local Address:Port                              Peer Address:Port               
LISTEN              0                    128                                       0.0.0.0:22                                     0.0.0.0:*                  
LISTEN              0                    128                                     127.0.0.1:9000                                   0.0.0.0:*                  
LISTEN              0                    128                                             *:80                                           *:*                  
LISTEN              0                    128                                          [::]:22                                        [::]:*                  
LISTEN              0                    80                                              *:3306