CentOS 6.3 + nginx-1.2.5 + php-5.4.9 + MySQL-5.5.28

CentOS 6.3 + nginx-1.2.5 + php-5.4.9 + MySQL-5.5.28

redis-2.4.10

MrNeo Chen (netkiller)陈景峰(BG7NYT)


中国广东省深圳市龙华新区民之街道溪山美地
518109
+86 13113668890
+86 755 29812080

$Date: 2012-11-27 17:58:47 +0800 (Tue, 27 Nov 2012) $

摘要

在工作中,需要经常为新系统安装软件,重复而简单,但又不得不作,我将过去几年中工作中临时写的脚本这里了一下,能够实现半自动化安装标本,只需要Ctrl+C, Ctrl+V 快速粘贴复制,即可快速完成安装


1. CentOS 6.3 64bit Minior 安装后 新机初始化常用软件包安装

		
lokkit --disabled --selinux=disabled

yum update -y
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -K http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -i http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

yum install -y telnet wget rsync
yum install -y system-config-network-tui
yum install -y bind-utils
yum install -y vim-enhanced

yum install -y openssh-clients
yum remove dhclient -y
		
		

1.1. /etc/resolv.conf

配置DNS

			
echo -ne "
search example.com
nameserver 208.67.222.222
nameserver 202.67.220.220
nameserver 8.8.8.8
nameserver 4.4.4.4
" > /etc/resolv.conf
			
			

1.2. /etc/security/limits.conf

修改文件打开数

			
cat >> /etc/security/limits.conf <<EOF
root 	soft nofile 65536
root 	hard nofile 65536
www	soft nofile 65536
www 	hard nofile 65536
mysql	soft nofile 65536
mysql 	hard nofile 65536
EOF
			
			

下面更省事,但不建议使用*通配符,这样任何用户都不限制。

			
echo -ne "

* soft nofile 65536
* hard nofile 65536
" >> /etc/security/limits.conf
			
			

而上面我市针对www用户设置,也就是web服务器,其他用户是受限的。

1.3. /etc/sysctl.conf

内核参数调整

			
cat >> /etc/sysctl.conf <<EOF

net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 4096
EOF
			
			

1.4. /etc/fstab

我一般分区规划是,/系统根分区,swap交换分区,/www数据分区,同时 禁止写入atime时间,因为/www频繁请求会影响IO

临时mount

mount -o remount,noatime,nodiratime /dev/sda3 /mnt/your
			

LABEL 方式

LABEL=/www                 /www                       ext3    defaults,noatime,nodiratime        1 1
			

UUID 方式

UUID=eeff3e86-7964-4a48-ac02-51ea167ea6b2 /www        ext4    defaults        1 2
			

至此,Linux 的OS部分安装配置与优化完成。

2. 常用网络软件服务安装

2.1. ntp

ntp 服务同步服务器的时间,需要安装。

# redhat 5.6 cp /etc/ntp.conf.original /etc/ntp.conf
yum install ntp -y
			

指定ntp服务器,如果你没有ntp server,下面步骤不用执行

			
cp /etc/ntp.conf /etc/ntp.conf.original
vim /etc/ntp.conf <<VIM > /dev/null 2>&1
:22,24s/^/#/
:25,25s/^/\rserver 172.16.3.51\rserver 172.16.3.52\r/
:wq
VIM
			
			
service ntpd start
chkconfig ntpd on
			

2.2. net-snmp

用于服务器的状态监控

			
yum install net-snmp -y
vi /etc/snmp/snmpd.conf <<VIM > /dev/null 2>&1
:62,62s/systemview/all/
:85,85s/^#//
:wq
VIM
service snmpd start
chkconfig snmpd on
			
			

2.3. nagios

服务器故障警告

			
yum install -y nrpe nagios-plugins
vi /etc/nagios/nrpe.cfg <<VIM > /dev/null 2>&1
:%s/allowed_hosts=127.0.0.1/allowed_hosts=172.16.1.2/
:wq
VIM

cat >> /etc/nagios/nrpe.cfg <<EOF

#command[check_http]=/usr/lib64/nagios/plugins/check_http -I 127.0.0.1 -p 80 -u http://www.example.com/index.html
command[check_swap]=/usr/lib64/nagios/plugins/check_swap -w 20% -c 10%
command[check_all_disks]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -e
EOF

chkconfig nrpe on
service nrpe start

cat >> /etc/bashrc <<EOF

export HISTTIMEFORMAT="%Y-%m-%d-%H:%M:%S "
EOF
			
			

2.4. rsync

我使用rsync来实现应用的部署。

			
yum install xinetd rsync -y

vim /etc/xinetd.d/rsync <<VIM > /dev/null 2>&1
:%s/yes/no/
:wq
VIM

cat > /etc/rsyncd.conf <<EOD
uid = root
gid = root
use chroot = no
max connections = 8
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

hosts deny=*
hosts allow=192.168.2.0/255.255.255.0

[www]
    uid = www
    gid = www
    path = /www
    ignore errors
    read only = no
    list = no
    auth users = www
    secrets file = /etc/rsyncd.passwd
EOD

cat >> /etc/rsyncd.passwd <<EOF
www:xxxxxxxxxxxxxxxx
EOF

chmod 600 /etc/rsyncd.*
chmod 600 /etc/rsyncd.passwd

service xinetd restart
			
			

2.5. vsftpd

根据你的需要,选装。

			
yum install -y vsftpd
adduser --home-dir /www/target/logs/ --shell /sbin/nologin --password logs.xiu.com logs
echo logs >> /etc/vsftpd/chroot_list

vim /etc/vsftpd/vsftpd.conf <<VIM > /dev/null 2>&1
:%s/#chroot_list_enable=YES/chroot_list_enable=YES/
:%s/#chroot_list_file/chroot_list_file/
VIM

chkconfig vsftpd on
service vsftpd start
			
			

3. MySQL-5.5.28

写在旧的包,然后准备好rpm文件

rpm -e --nodeps mysql-libs
yum localinstall MySQL-*
		

安装后查看如下

# rpm -qa | grep MySQL
MySQL-client-5.5.28-1.el6.x86_64
MySQL-shared-5.5.28-1.el6.x86_64
MySQL-devel-5.5.28-1.el6.x86_64
MySQL-shared-compat-5.5.28-1.el6.x86_64
MySQL-server-5.5.28-1.el6.x86_64
		

4. php-5.4.9

由于redhat与centosYUM源中尚未提供php-fpm所以我采用编译安装,网上有一些爱好者制作过php-fpm的rpm包。是否使用你自己那注意。

安装fedora的YUM源,我们需要一些devel包。

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
		

安装编译器与开发包

yum install gcc gcc-c++ make automake autoconf -y
yum install curl-devel libmcrypt-devel gd-devel libjpeg-devel libpng-devel libXpm-devel libxml2-devel libxslt-devel mhash-devel recode-devel openssl-devel -y
		

安装下面三个rpm包,编译php不需要server与client两个包

MySQL-shared-5.5.28-1.el6.x86_64
MySQL-devel-5.5.28-1.el6.x86_64
MySQL-shared-compat-5.5.28-1.el6.x86_64
		

将其放置在一个目录中,使用下面命令即可安装

yum localinstall MySQL-*
		

前面的准备工作就绪后,便可以进入到php的安装阶段

		
tar zxvf php-5.4.9.tar.gz
cd php-5.4.9

./configure --prefix=/srv/php-5.4.9 \
--with-config-file-path=/srv/php-5.4.9/etc \
--with-config-file-scan-dir=/srv/php-5.4.9/etc/conf.d \
--enable-fpm \
--with-fpm-user=www \
--with-fpm-group=www \
--with-curl \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-freetype-dir \
--with-zlib-dir \
--with-iconv \
--with-mcrypt \
--with-mysql \
--with-mysqli=/usr/bin/mysql_config \
--with-pdo-mysql \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-openssl=shared \
--with-mhash=shared \
--with-xsl=shared \
--with-recode=shared \
--with-pear \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--enable-gd-native-ttf \
--enable-zip \
--enable-xml \
--enable-bcmath \
--enable-calendar \
--enable-shmop \
--enable-dba \
--enable-wddx \
--disable-debug


make && make install
		
		

4.1. 配置php.ini

备份配置文件,防止不小心改错而又找不出问题出在哪里。

mkdir -p /srv/php-5.4.9/etc/conf.d
cp php.ini-* /srv/php-5.4.9/etc/
cp /srv/php-5.4.9/etc/php.ini-development /srv/php-5.4.9/etc/php.ini
cp /srv/php-5.4.9/etc/pear.conf{,.original}
ln -s /srv/php-5.4.9/ /srv/php
			

php默认提供两个配置文件模板php.ini-development用于开发和测试环境;php.ini-production用于生产环境。他们差异是php.ini-development会显示调试信息,即 error_display = On.

# ls php.ini-*
php.ini-development  php.ini-production
			

下面更改仅供参考,需要根据你的具体情况配置,不要照搬。

			
vim /srv/php-5.4.9/etc/php.ini <<EOF > /dev/null 2>&1
:%s$;open_basedir = $open_basedir = /www/:/tmp/:/srv/php-5.4.9/lib/php/:/srv/php-5.4.9/bin/$
:%s/memory_limit = 128M/memory_limit = 16M/
:%s!;include_path = ".:/php/includes"!include_path = ".:/srv/php-5.4.9/lib/php:/srv/php-5.4.9/share"!
:%s:extension_dir = "./":extension_dir = "/srv/php-5.4.9/lib/php/extensions":
:%s/upload_max_filesize = 2M/upload_max_filesize = 8M/
:%s/;cgi.fix_pathinfo=0/cgi.fix_pathinfo=1/
:%s$;date.timezone =$date.timezone = Asia/Hong_Kong$
:1367,1367s/session.save_handler = files/session.save_handler = redis/
:1368,1368s#^#session.save_path = "tcp://127.0.0.1:6379"\r#
:1415,1368s/session.name = PHPSESSID/session.name = JSESSIONID/
:wq
EOF
			
			

4.2. 配置 php-fpm

安装启动脚本

cp ./sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm

chkconfig --add php-fpm
chkconfig php-fpm on
chkconfig --list php-fpm
			

修改配置文件

			
cp /srv/php-5.4.9/etc/php-fpm.conf.default /srv/php-5.4.9/etc/php-fpm.conf

vim /srv/php-5.4.9/etc/php-fpm.conf <<end > /dev/null 2>&1
:25,25s/;//
:32,32s/;//
:wq
end
			
			

察看配置项

# grep -v '^;' /srv/php-5.4.9/etc/php-fpm.conf | grep -v '^$'
[global]
pid = run/php-fpm.pid


[www]
user = www
group = www
listen = 127.0.0.1:9000

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
			

4.3. PHP Extension - APC

Apc

			
pecl install apc

cat > /srv/php-5.4.9/etc/conf.d/apc.ini <<EOF
extension=apc.so
EOF
			
			

查看安装情况

# /srv/php/bin/php -m | grep apc
apc
			

4.4. 将php加入PATH环境变量

			
vim  ~/.bash_profile <<END > /dev/null 2>&1
:%s#bin#bin:/srv/php/bin#
:wq
END
			
			

4.5. phpredis

安装git版本控制客户端

yum install git
			

从github仓库中克隆一份代码到本地

git clone git://github.com/nicolasff/phpredis.git
			

编译安装phpredis; 我暂时没有找到 pecl的phpredis源

			
cd phpredis
phpize
./configure --with-php-config=/srv/php-5.4.9/bin/php-config
make && make install
			
			

创建配置文件

			
cat > /srv/php-5.4.9/etc/conf.d/redis.ini <<EOF
extension=redis.so
EOF
			
			

查看安装情况

# php -m | grep redis
redis
			

4.6. 编译中遇到问题如何处理?

下面我们来模拟一个场景,例如 configure的时候出现下面提示

configure: error: Can not find recode.h anywhere under yes /usr/local /usr /opt.
			

提示找不到recode。h文件,很好办,首先搜索recode包

[root@haproxy php-5.4.9]# yum search recode                                                                                                                                                                                                                        |  327 B     00:00
============================ N/S Matched: recode ====================================
php-recode.x86_64 : A module for PHP applications for using the recode library
recode-devel.i686 : Header files and static libraries for development using recode
recode-devel.x86_64 : Header files and static libraries for development using recode
recode.i686 : Conversion between character sets and surfaces
recode.x86_64 : Conversion between character sets and surfaces

  Name and summary matches only, use "search all" for everything.
			

然后安装devel包,记住之需要安装devel包即可,其他都是多余。

[root@haproxy php-5.4.9]# yum install recode-devel -y
			

然后重新运行configure

5. nginx-1.2.5

为web服务器创建一个用户,我喜欢使用www,id为80更容易记,同时将一个单独分区挂在/www上用户存放web应用程序。

groupadd -g 80 www
adduser -o --home /www --uid 80 --gid 80 -c "Web Application" www
		

添加nginx的YUM源

		
cat > /etc/yum.repos.d/nginx.repo <<EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/x86_64/
gpgcheck=0
enabled=1
EOF
		
		

开始安装nginx

		
yum search nginx

yum install -y nginx
chkconfig nginx on
service nginx start
		
		

如果你不懂编译器优化,建议你使用rpm方案。在不优化的情况下编译出来程序很臃肿。

 

# rpm -qa | grep nginx
nginx-1.2.5-1.el6.ngx.x86_64
		

5.1. host 配置

mkdir -p /www/www.mydomain.com/htdocs

cd /etc/nginx/conf.d
cp default.conf www.mydomain.com.conf
vim www.mydomain.com.conf
			
server {
    listen       80;
    server_name  www.mydomain.com;

    charset utf-8;
    access_log  /var/log/nginx/www.mydomain.com.access.log  main;

    location / {
        root   /www/www.mydomain.com/htdocs;
        index  index.html index.php;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        root           html;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /www/www.mydomain.com/htdocs$fastcgi_script_name;
        include        fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}
			

创建测试页面

			
cat >> /www/www.mydomain.com/htdocs/index.php <<PHP
<?php
phpinfo();
PHP
			
			

启动服务器

service php-fpm start
service nginx start
			

检查index.php输出

# curl -H HOST:www.mydomain.com http://127.0.0.1/index.php
			

6. redis-2.4.10

安装fedora的YUM源,

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
		

安装redis

# yum install redis

# chkconfig redis on

# service redis start

你可能感兴趣的:(nginx,PHP,mysql,centos,netkiller)