CentOS 6默认提供的是httpd 2.2,现尝试在CentOS 6上编译安装httpd 2.4
1、编译安装apr和apr-util
httpd程序依赖于apr和apr-util。apr(Apache portable Run-time libraries,Apache可移植运行库)旨在为上层的httpd应用程序提供一个可以跨越多种操作系统平台使用的底层支持接口库,给httpd程序提供了一个虚拟机环境,由此实现了httpd的跨平台性
httpd 2.4依赖apr 1.4以上的版本,因此若arp包的版本不满足要求且无法直接升级,则需要先编译安装更高版本的apr。
[root@node2 ~]# rpm -q apr apr-1.3.9-5.el6_2.x86_64 [root@node2 ~]# ls #预先下载的几个源码包 apr-1.5.0.tar.bz2 bind-9.9.5 Documents httpd-2.4.9.tar.bz2 Music Templates Videos anaconda-ks.cfg bind-9.9.5.tar.gz Downloads install.log Pictures test vmware-tools-distrib apr-util-1.5.3.tar.bz2 Desktop install.log.syslog Public testdns.txt [root@node2 ~]# tar xf apr-1.5.0.tar.bz2 [root@node2 ~]# tar xf apr-util-1.5.3.tar.bz2 [root@node2 ~]# cd apr-1.5.0 [root@node2 apr-1.5.0]# ls apr-config.in apr.mak build CHANGES configure.in encoding libapr.dep LICENSE memory NOTICE random strings threadproc apr.dep apr.pc.in buildconf CMakeLists.txt docs file_io libapr.dsp locks misc NWGNUmakefile README support time apr.dsp apr.spec build.conf config.layout dso helpers libapr.mak Makefile.in mmap passwd README.cmake tables tools apr.dsw atomic build-outputs.mk configure emacs-mode include libapr.rc Makefile.win network_io poll shmem test user [root@node2 apr-1.5.0]# ./configure --help | less `configure' configures this package to adapt to many kinds of systems. Usage: ./configure [OPTION]... [VAR=VALUE]... ... Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [/usr/local] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] ... [root@node2 apr-1.5.0]# ./configure --prefix=/usr/local/apr ... [root@node2 apr-1.5.0]# make && make install ... [root@node2 apr-1.5.0]# ls /usr/local/apr bin build-1 include lib [root@node2 apr-1.5.0]# cd /root/apr-util-1.5.3 [root@node2 apr-util-1.5.3]# ls aprutil.dep apr-util.spec build.conf configure docs ldap LICENSE NOTICE strmatch aprutil.dsp apu-config.in build-outputs.mk configure.in encoding libaprutil.dep Makefile.in NWGNUmakefile test aprutil.dsw buckets CHANGES crypto export_vars.sh.in libaprutil.dsp Makefile.win README uri aprutil.mak build CMakeLists.txt dbd hooks libaprutil.mak memcache README.cmake xlate apr-util.pc.in buildconf config.layout dbm include libaprutil.rc misc renames_pending xml [root@node2 apr-util-1.5.3]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr ... [root@node2 apr-util-1.5.3]# make && make install ... [root@node2 apr-util-1.5.3]# ls /usr/local/apr-util/ bin include lib
2、编译安装httpd-2.4
# ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib [--with-pcre] --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-mpms-shared=all --with-mpm=event --enable-modules=most|all
说明:
--enable-so:使支持DSO机制,默认就是enable的
--enable-ssl:使支持ssl,若编译此模块,需确保已安装openssl-devel
--with-zlib:zlib是一个用于压缩网络数据的压缩库;需确保已安装zlib-devel
--with-pcre:需确保已安装pcre-devel
PCRE(Perl Compatible Regular Expressions,perl语言兼容正则表达式)是一个用C语言编写的正则表达式函数库。apache不依赖此库,但nginx依赖
# make && make install
安装后的配置:
①输出二进制程序
vim /etc/profile.d/http24.sh
export PATH=/usr/local/apache/bin:$PATH
source /etc/profile.d/http24.sh
②导出man手册
vim /etc/man.config
MANPATH /usr/local/apache/man
④导出头文件
ln -s /usr/local/apache/include/ /usr/include/httpd24
③设置其Pid文件的路径
vim /etc/httpd24/httpd.conf
PidFile "/var/run/httpd24.pid"
⑤添加服务脚本:
vim /etc/rc.d/init.d/httpd24
[root@node2 ~]# tar xf httpd-2.4.9.tar.bz2 [root@node2 ~]# cd httpd-2.4.9 [root@node2 httpd-2.4.9]# ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-mpms-shared=all --enable-mpm=event --enable-modules=most ... [root@node2 httpd-2.4.9]# make && make install ... [root@node2 httpd-2.4.9]# cd /usr/local/apache/ [root@node2 apache]# ls bin build cgi-bin error htdocs icons include logs man manual modules [root@node2 apache]# ls bin ab apachectl apxs checkgid dbmmanage envvars envvars-std fcgistarter htcacheclean htdbm htdigest htpasswd httpd httxt2dbm logresolve rotatelogs [root@node2 apache]# ls htdocs #编译安装的httpd 2.4的默认站点根目录 index.html #默认主页 [root@node2 apache]# cat htdocs/index.html <html><body><h1>It works!</h1></body></html> [root@node2 apache]# vim /etc/profile.d/httpd24.sh export PATH=/usr/local/apache/bin:$PATH [root@node2 apache]# source !$ source /etc/profile.d/httpd24.sh [root@node2 apache]# vim /etc/man.config ... MANPATH /usr/local/apache/man ... [root@node2 apache]# cd /etc/httpd24 [root@node2 httpd24]# ls extra httpd.conf magic mime.types original [root@node2 httpd24]# ls extra #此目录下都是些额外的配置文件 httpd-autoindex.conf httpd-default.conf httpd-languages.conf httpd-mpm.conf httpd-ssl.conf httpd-vhosts.conf httpd-dav.conf httpd-info.conf httpd-manual.conf httpd-multilang-errordoc.conf httpd-userdir.conf proxy-html.conf [root@node2 httpd24]# less httpd.conf ... DocumentRoot "/usr/local/apache/htdocs" #编译安装的httpd 2.4默认站点根目录 ... # Server-pool management (MPM specific) #Include /etc/httpd24/extra/httpd-mpm.conf #extra目录下的配置文件默认是没有被include进主配置文件的 # Multi-language error messages #Include /etc/httpd24/extra/httpd-multilang-errordoc.conf # Fancy directory listings #Include /etc/httpd24/extra/httpd-autoindex.conf # Language settings #Include /etc/httpd24/extra/httpd-languages.conf ... [root@node2 httpd24]# apachectl start #没有服务脚本的情况下可使用apachectl命令控制 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.30.20. Set the 'ServerName' directive globally to suppress this message [root@node2 httpd24]# netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 192.168.30.20:53 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:53535 0.0.0.0:* LISTEN tcp 0 0 :::111 :::* LISTEN tcp 0 0 :::80 :::* LISTEN tcp 0 0 :::53264 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 ::1:631 :::* LISTEN tcp 0 0 ::1:6010 :::* LISTEN tcp 0 0 ::1:6011 :::* LISTEN [root@node2 httpd24]# ps -aux | grep 'httpd' Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ root 35494 0.0 0.2 72748 2260 ? Ss 07:42 0:00 /usr/local/apache/bin/httpd -k start daemon 35495 0.0 0.4 417008 4080 ? Sl 07:42 0:00 /usr/local/apache/bin/httpd -k start daemon 35496 0.0 0.4 417008 4088 ? Sl 07:42 0:00 /usr/local/apache/bin/httpd -k start daemon 35498 0.0 0.4 417008 4092 ? Sl 07:42 0:00 /usr/local/apache/bin/httpd -k start root 35601 0.0 0.0 103256 840 pts/0 S+ 07:50 0:00 grep httpd [root@node2 httpd24]# httpd -M | grep 'mpm' #装载的是event模块 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.30.20. Set the 'ServerName' directive globally to suppress this message mpm_event_module (shared) [root@node2 httpd24]# vim httpd.conf #可动态换成prefork模块 ... #LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule mpm_prefork_module modules/mod_mpm_prefork.so ... Include /etc/httpd24/extra/httpd-mpm.conf ... [root@node2 httpd24]# apachectl restart ... [root@node2 httpd24]# httpd -M | grep 'mpm' mpm_prefork_module (shared) [root@node2 httpd24]# cp /etc/rc.d/init.d/httpd /etc/rc.d/init.d/httpd24 #给httpd 2.4提供一个服务脚本,可以以现有的httpd 2.2的服务脚本为模板做适当修改 [root@node2 httpd24]# vim /etc/rc.d/init.d/httpd24 #if [ -f /etc/sysconfig/httpd ]; then # . /etc/sysconfig/httpd #fi ... apachectl=/usr/local/apache/bin/apachectl httpd=${HTTPD-/usr/local/apache/bin/httpd} prog=httpd pidfile=${PIDFILE-/usr/local/apache/logs/httpd.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd} RETVAL=0 STOP_TIMEOUT=${STOP_TIMEOUT-10} ... [root@node2 httpd24]# service httpd24 restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@node2 httpd24]# service httpd24 status httpd (pid 540) is running... [root@node2 httpd24]# chkconfig --add httpd24 [root@node2 httpd24]# chkconfig httpd24 on [root@node2 httpd24]# chkconfig --list httpd24 httpd24 0:off 1:off 2:on 3:on 4:on 5:on 6:off
3、httpd-2.4的新特性:
⑴MPM支持在运行时装载;
--enable-mpms-shared=all --with-mpm={prefork|worker|event}
⑵支持event mpm
⑶异步读写
⑷在每模块及每目录分别使用不同的日志级别
⑸每请求的配置;<If>,<Elseif>
⑹增强版的表达式分析器
⑺毫秒级的keep alive的timeout
⑻基于FQDN的虚拟主机不再需要NameVirtualHost指令;
⑼支持用户使用自定义变量
⑽新增了一些模块:mod_proxy_fcgi, mode_ratelimit, mod_request, mod_remoteip
⑾修改了一些配置机制:不再支持使用order, allow, deny定义基于ip的访问控制,而改为require
基于IP做访问控制:
允许所有主机访问:Require all granted
拒绝所有主机访问:Require all deny
控制某特定主机的访问:
Require ip IPADDR
Require not ip IPADDR
IPADDR:
单个ip
Network/Netmask,如172.16.0.0 255.255.0.0
Network/Length,如172.16.0.0/16
Net,172.16
Require host HOSTNAME
Require not host HOSTNAME
HOSTNAME:
FQDN:具体的主机
DOMAIN: 域内的所有主机
测试1:访问控制
[root@node2 httpd24]# mkdir /web/htdocs [root@node2 httpd24]# vim /web/htdocs/index.html hello,how are you [root@node2 httpd24]# vim httpd.conf ... DocumentRoot "/web/htdocs" <Directory "/web/htdocs"> #httpd2.4上必须显式的指定访问权限 ... [root@node2 httpd24]# apache restart ...
[root@node1 ~]# elinks -dump http://192.168.30.20 hello,how are you
[root@node2 httpd24]# vim httpd.conf ... <Directory "/web/htdocs"> ... <RequireAll> Require not ip 192.168.30.10 Require all granted </RequireAll> </Directory> ... [root@node1 httpd24]# apachectl restart ...
[root@node2 ~]# elinks -dump http://192.168.30.20 Forbidden You don't have permission to access / on this server.
测试2:配置虚拟主机
[root@node2 httpd24]# vim httpd.conf ... #DocumentRoot "/usr/local/apache/htdocs" #将中心主机注释掉 Include /etc/httpd24/extra/httpd-vhosts.conf #把虚拟主机配置文件包含进来 ... [root@node2 httpd24]# vim extra/httpd-vhosts.conf ... <VirtualHost *:80> ServerName www.inception.com DocumentRoot /web/hosta <Directory "/web/hosta"> Require all granted </Directory> </VirtualHost> <VirtualHost *:80> ServerName web.inception.com DocumentRoot /web/hostd <Directory "/web/hostd"> Require all granted </Directory> </VirtualHost> [root@node2 httpd24]# httpd -t Syntax OK [root@node2 httpd24]# apachectl restart