基于Nginx+mysql+php构建LNMP
Nginx采用了模块化、事件驱动、异步、单线程及非阻塞的架构,并大量采用了多路复用及事件通知机制,是一种轻量级的web服务器。
实验平台:RHCE5.8
一:
安装Nginx:
1、解决依赖关系:
先安装三个包组和pcre-devel:
- yum -y groupinstall "Development Libraries" "Development Tools" "X Software Development"
- yum -y install pcre-devel
2、若之前装有httpd,在编译安装Nginx之前确保httpd处于关闭状态
因为httpd和nginx都占用tcpde 80端口
3、安装nginx
首先添加用户nginx,实现用普通用户运行nginx服务进程:
- # groupadd -r nginx
- # useradd -r -g nginx nginx
下载nginx源码包至本地,这里使用的是nginx-1.2.3版本的
- tar xf nginx-1.2.3.tar.gz
- cd nginx-1.2.3
- 编译安装:
- ./configure \
- --prefix=/usr \
- --sbin-path=/usr/sbin/nginx \
- --conf-path=/etc/nginx/nginx.conf \
- --error-log-path=/var/log/nginx/error.log \
- --http-log-path=/var/log/nginx/access.log \
- --pid-path=/var/run/nginx/nginx.pid \
- --lock-path=/var/lock/nginx.lock \
- --user=nginx \
- --group=nginx \
- --with-http_ssl_module \
- --with-http_flv_module \
- --with-http_stub_status_module \
- --with-http_gzip_static_module \
- --http-client-body-temp-path=/var/tmp/nginx/client/ \
- --http-proxy-temp-path=/var/tmp/nginx/proxy/ \
- --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
- --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
- --http-scgi-temp-path=/var/tmp/nginx/scgi \
- --with-pcre
- make && make install
4、为脚本赋予执行权限:
新建文件/etc/rc.d/init.d/nginx,内容如下:
- #!/bin/sh
- #
- # nginx - this script starts and stops the nginx daemon
- #
- # chkconfig: - 85 15
- # description: Nginx is an HTTP(S) server, HTTP(S) reverse \
- # proxy and IMAP/POP3 proxy server
- # processname: nginx
- # config: /etc/nginx/nginx.conf
- # config: /etc/sysconfig/nginx
- # pidfile: /var/run/nginx.pid
- # Source function library.
- . /etc/rc.d/init.d/functions
- # Source networking configuration.
- . /etc/sysconfig/network
- # Check that networking is up.
- [ "$NETWORKING" = "no" ] && exit 0
- nginx="/usr/sbin/nginx"
- prog=$(basename $nginx)
- NGINX_CONF_FILE="/etc/nginx/nginx.conf"
- [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
- lockfile=/var/lock/subsys/nginx
- make_dirs() {
- # make required directories
- user=`nginx -V 2>&1 | grep "configure arguments:" | \
- sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
- options=`$nginx -V 2>&1 | grep 'configure arguments:'`
- for opt in $options; do
- if [ `echo $opt | grep '.*-temp-path'` ]; then
- value=`echo $opt | cut -d "=" -f 2`
- if [ ! -d "$value" ]; then
- # echo "creating" $value
- mkdir -p $value && chown -R $user $value
- fi
- fi
- done
- }
- start() {
- [ -x $nginx ] || exit 5
- [ -f $NGINX_CONF_FILE ] || exit 6
- make_dirs
- echo -n $"Starting $prog: "
- daemon $nginx -c $NGINX_CONF_FILE
- retval=$?
- echo
- [ $retval -eq 0 ] && touch $lockfile
- return $retval
- }
- stop() {
- echo -n $"Stopping $prog: "
- killproc $prog -QUIT
- retval=$?
- echo
- [ $retval -eq 0 ] && rm -f $lockfile
- return $retval
- }
- restart() {
- configtest || return $?
- stop
- sleep 1
- start
- }
- reload() {
- configtest || return $?
- echo -n $"Reloading $prog: "
- killproc $nginx -HUP
- RETVAL=$?
- echo
- }
- force_reload() {
- restart
- }
- configtest() {
- $nginx -t -c $NGINX_CONF_FILE
- }
- rh_status() {
- status $prog
- }
- rh_status_q() {
- rh_status >/dev/null 2>&1
- }
- case "$1" in
- start)
- rh_status_q && exit 0
- $1
- ;;
- stop)
- rh_status_q || exit 0
- $1
- ;;
- restart|configtest)
- $1
- ;;
- reload)
- rh_status_q || exit 7
- $1
- ;;
- force-reload)
- force_reload
- ;;
- status)
- rh_status
- ;;
- condrestart|try-restart)
- rh_status_q || exit 0
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|restart|condrestart| \
- try-restart|reload|force-reload|configtest}"
- exit 2
- esac
然后为此脚本赋予执行权限:
# chmod +x /etc/rc.d/init.d/nginx
添加至服务管理列表,并让其开机自动启动:
- chkconfig --add nginx
- chkconfig nginx on
启动nginx,并查看监听窗口:
- service nginx start
- netstat -tnlp
在本地浏览器访问,出现还有页面说明安装成功
二、安装mysql-5.5.28:
1、创建逻辑卷用于存放数据
1.1创建一个大小为10G的分区/dev/sda5
- # partprobe /dev/sda
- 创建物理卷:
- # pvcreate /dev/sda5
- 创建卷组:
- # vgcreate myvg /dev/sda5
- 创建大小为5G的逻辑卷,命名为data:
- # lvcreate -L 5G -n data myvg
- 格式化:
- # mke2fs -j /dev/myvg/data
1.2、指定逻辑卷的挂载目录为/mydata
- # mkdir /mydata
- # vim /etc/fstab 添加如下行:
- /dev/myvg/data /mydata ext3 defaults 0 0
- # mount -a ##自动挂载
- # mount
- /dev/mapper/myvg-data on /mydata type ext3 (rw)
- #mkdir /mydata/data
2、创建系统用户mysql和组mysql:
- # groupadd -r mysql
- # useradd -g mysql -r -s /sbin/nologin -M -d /mydata/data mysql
- # chown -R mysql.mysql /mydata/data
3、安装mysql-5.5.28
3.1、首先下载平台对应的mysql版本至本地,这里是32位平台,选择mysql-5.5.28-linux2.6-i686.tar.gz,
首先检查系统是否安装过mysql;有的话先卸载
3.2、下载mysql-5.5.28-linux2.6-i386.tar.gz至本地,并解压后放在/usr/local:
- # tar xf mysql-5.5.28-linux2.6-i686.tar.gz -C /usr/local
- # cd /usr/local
- # ln -sv mysql-5.5.28-linux2.6-i686 mysql ##创建连接
- # cd mysql
4、初始化mysql
- # scripts/mysql_install_db --datadir=/mydata/data --user=mysql
- # ls /mydata/data ##生成了三个文件
- mysql performance_schema test
5修改配置文件:
- # cd support-files/
- # cp support-files/my-large.cnf /etc/my.cnf ##内存超过512M的话,建议使用my-large.cnf
- # vim /etc/my.cnf
- thread_concurrency = 4 ##根据你的cpu的个数适当修改这个参数
- 另外还需要添加如下行指定mysql数据文件的存放位置:
- datadir = /mydata/data
6.使用mysql自身提供的服务脚本:
# cp mysql.server /etc/rc.d/init.d/mysqld
加入服务列表:
# chkconfig --add mysqld
# chkconfig mysqld on
启动mysql,查看mysqld的端口3306是否监听:
# netstat -tnlp |grep mysqld
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 22953/mysqld
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 22953/mysqld
7、导出mysql的PATH路径
- # echo $PATH
- # vim /etc/profile.d/mysql.sh
- 添加如下:
- PATH=$PATH:/usr/local/mysql/bin
- export PATH
-
- 重新登录:
8、输出mysql的man手册至man命令的查找路径:
- vim /etc/man.config
- 在MANPATH处添加:MANPATH /usr/local/mysql/man
9、输出mysql的库文件给系统库查找路径:
- # vim /etc/ld.so.conf.d/mysql.conf
- 写入:/usr/local/mysql/lib
让系统重新载入系统库
# ldconfig -v
10、输出mysql的头文件至系统头文件路径/usr/include:
- 这可以通过简单的创建链接实现:
- # ln -sv /usr/local/mysql/include /usr/include/mysql
重新启动mysql
三:安装php
1.解决依赖关系:
- 如果想让编译的php支持mcrypt、mhash扩展和libevent,此处还需要下载录如下几个rpm包并安装之:
- libmcrypt-2.5.8-4.el5.centos.i386.rpm
- libmcrypt-devel-2.5.8-4.el5.centos.i386.rpm
- mhash-0.9.9-1.el5.centos.i386.rpm
- mhash-devel-0.9.9-1.el5.centos.i386.rpm
- mcrypt-2.6.8-1.el5.i386.rpm
最好使用升级的方式安装上面的rpm包,命令格式如下:
# rpm -Uvh *.rpm
# rpm -Uvh *.rpm
2、编译安装php-5.4.8
- # tar xf php-5.4.8.tar.bz2
- # cd php-5.4.8
- # ./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql \
- --with-openssl --enable-fpm --enable-sockets --enable-sysvshm \
- --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring \
- --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib-dir \
- --with-libxml-dir=/usr --enable-xml --with-mhash --with-mcrypt \
- --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d \
- --with-bz2 --with-curl
-
- # make && make intall
3、配置php
- 3.1:为php提供配置文件:
- # cp php.ini-production /etc/php.ini
-
- 3.2、为php-fpm提供Sysv init脚本,并将其添加至服务列表:
- # cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
- # chmod +x /etc/rc.d/init.d/php-fpm
- # chkconfig --add php-fpm
- # chkconfig php-fpm on
-
- 3.3为php-fpm提供配置文件:
- # cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
-
- 3.4、编辑php-fpm的配置文件:
- # vim /usr/local/php/etc/php-fpm.conf
- 配置fpm的相关选项为你所需要的值,并启用pid文件(如下最后一行):
- pm.max_children = 50
- pm.start_servers = 5
- pm.min_spare_servers = 2
- pm.max_spare_servers = 8
- pid = /usr/local/php/var/run/php-fpm.pid
接下来就可以启动php-fpm了:
# service php-fpm start
使用如下命令来验正(如果此命令输出有中几个php-fpm进程就说明启动成功了):
# ps aux | grep php-fpm
# service php-fpm start
使用如下命令来验正(如果此命令输出有中几个php-fpm进程就说明启动成功了):
# ps aux | grep php-fpm
四、整合nginx和php5
1、编辑/etc/nginx/nginx.conf,启用如下选项:
- location ~ \.php$ {
- root /web/htdocs;
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
- include fastcgi_params;
- }
2、编辑/etc/nginx/fastcgi_params,将其内容更改为如下内容:
- fastcgi_param GATEWAY_INTERFACE CGI/1.1;
- fastcgi_param SERVER_SOFTWARE nginx;
- fastcgi_param QUERY_STRING $query_string;
- fastcgi_param REQUEST_METHOD $request_method;
- fastcgi_param CONTENT_TYPE $content_type;
- fastcgi_param CONTENT_LENGTH $content_length;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param SCRIPT_NAME $fastcgi_script_name;
- fastcgi_param REQUEST_URI $request_uri;
- fastcgi_param DOCUMENT_URI $document_uri;
- fastcgi_param DOCUMENT_ROOT $document_root;
- fastcgi_param SERVER_PROTOCOL $server_protocol;
- fastcgi_param REMOTE_ADDR $remote_addr;
- fastcgi_param REMOTE_PORT $remote_port;
- fastcgi_param SERVER_ADDR $server_addr;
- fastcgi_param SERVER_PORT $server_port;
- fastcgi_param SERVER_NAME $server_name;
并在所支持的主页面格式中添加php格式的主页,类似如下:
将index.php加到index行:如下
将index.php加到index行:如下
- ocation / {
- root html;
- index index.php index.html index.htm;
- }
而后重新载入nginx的配置文件:
# service nginx reload
# service nginx reload
3、在/usr/html新建index.php的测试页面,测试php是否能正常工作:
- # cat > /usr/html/index.php << EOF
- <?php
- phpinfo();
- ?>
接着就可以通过浏览器访问此测试页面了。
五、安装xcache,为php加速:
1、安装
xcache
- # tar xf xcache-2.0.0.tar.gz
- # cd xcache-2.0.0
- # /usr/local/php/bin/phpize
- # ./configure --enable-xcache --with-php-config=/usr/local/php/bin/php-config
- # make && make install
-
- 安装结束时,会出现类似如下行:
- Installing shared extensions: /usr/local/php/lib/php/extensions/no \
- -debug-non-zts-20100525/
2、编辑php.ini,整合php和xcache:
- 首先将xcache提供的样例配置导入php.ini
- # mkdir /etc/php.d
- # cp xcache.ini /etc/php.d
- 说明:xcache.ini文件在xcache的源码目录中。
- 接下来编辑/etc/php.d/xcache.ini,找到zend_extension开头的行,修改为如下行:
- zend_extension = /usr/local/php/lib/php/extensions/no-debug-non-zts-20100525/xcache.so
- 注意:如果php.ini文件中有多条zend_extension指令行,要确保此新增的行排在第一位。
3、重新启动php-fpm
# service php-fpm restart
# service php-fpm restart
六、安装phpMyadmin:
- # tar xf phpMyAdmin-3.5.1-all-languages.tar.bz2
- # cd phpMyAdmin-3.5.1-all-languages
将当前目录下文件移到/web/htdocs:
- # mv * /web/htdocs/
-
- # cd /web/htdocs/
- # cp config.sample.inc.php config.inc.php
启动浏览页面: (发现是这样)
##图像无法正常显示;说是cookie没有启用,希望有人给予指点
为了安全考虑,在Mysql数据库中设置密码;便于对Myadin进行管理:
- mysql> set password for root@localhost=password('nongda');
- Query OK, 0 rows affected (0.07 sec)
- mysql> flush privileges;
- Query OK, 0 rows affected (0.01 sec)
输入账号和密码;登陆 Myadmin就可以进行管理操作了:(登陆后是在这样)
下图是操作正常的情况下显示的页面:
七、基于ssl为nginx创建CA证书:
- 7.1、修改主配置文件/etc/pki/tls/openssl.conf
- 将目录设置为/etc/pki/CA
- dir = /etc/pki/CA ##45行
- 7.2 生成私钥,并放置于/etc/pki/CA/pravate下,命名为cakey.pem
- # cd /etc/pki/CA
- # (umask 077;openssl genrsa 2048 > private/cakey.pem)
- 7.3:基于私钥生成自签证书
- # openssl req -new -x509 -key private/catey.pem -out cacert.pem -days 3650
- Country Name (2 letter code) [GB]:cn
- State or Province Name (full name) [Berkshire]:henan
- Locality Name (eg, city) [Newbury]:zz
- Organization Name (eg, company) [My Company Ltd]:nongda
- Organizational Unit Name (eg, section) []:yuanlin
- Common Name (eg, your name or your server's hostname) []:ca.xiangbo.com
- 7.5:创建相关目录文件:
- # mkdir certs newcerts crl
- # touch index.txt serial
- # echo 01 > serial
- 7.6:生成一个证书颁发请求
- # cd /etc/nginx
- # mkdir ssl
- # cd ssl
- # (umask 077;openssl genrsa 1024 > nginx.key)
- 7.7生成证书签发请求:
- # openssl req -new -key nginx.key -out nginx.csr
- Country Name (2 letter code) [GB]:cn
- State or Province Name (full name) [Berkshire]:henan
- Locality Name (eg, city) [Newbury]:zz
- Organization Name (eg, company) [My Company Ltd]:nongda
- Organizational Unit Name (eg, section) []:yuanlin
- Common Name (eg, your name or your server's hostname) []:www.xiangbo.com
- //www.xiangbo.com 要与被访问的主机名保持一致
- 6.8签发私有证书:
- # openssl ca -in nginx.csr -out nginx.crt
- 查看生成文件