[跟我学中小企业架构部署]之五:WEB服务器LNMP部署

WEB应用经验技巧

所需软件:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
eaccelerator-0.9.6.1.tar.bz2
mhash-0.9.9.9.tar.bz2
ImageMagick-6.6.1-10.tar.gz
mysql-5.0.56.tar.gz
imagick-2.3.0.tgz
nginx-0.8.46.tar.gz
libiconv-1.13.1.tar.gz
pcre-8.10.zip
libmcrypt-2.5.8.tar.gz
PDO_MYSQL-1.0.2.tgz
mcrypt-2.6.8.tar.gz
php-5.2.14-fpm-0.5.14.diff.gz
memcache-2.2.5.tgz
php-5.2.14.tar.gz

安装PHP环境所需软件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure --prefix=/usr/local
make
make install
cd ..
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ..
cd ..
tar jxvf mhash-0.9.9.9.tar.bz2
cd mhash-0.9.9.9/
./configure
make
make install
cd ..
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
LD_LIBRARY_PATH=/usr/local/lib ./configure
make
make install
cd ..

MYSQL安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

groupadd mysql
useradd -s /sbin/nologin -g mysql -M mysql
tar zxvf mysql-5.0.56.tar.gz
cd mysql-5.0.56
./configure 
--prefix=/usr/local/mysql 
--with-unix-socket-path=/usr/local/mysql/tmp/mysql.sock 
--localstatedir=/usr/local/mysql/data 
--enable-assembler 
--enable-thread-safe-client 
--with-mysqld-user=mysql 
--with-big-tables 
--without-debug 
--with-pthread 
--enable-assembler 
--with-extra-charsets=complex 
--with-readline 
--with-ssl 
--with-embedded-server 
--enable-local-infile 
--with-plugins=partition,innobase 
--with-plugin-PLUGIN 
--with-mysqld-ldflags=-all-static 
--with-client-ldflags=-all-static
make
make install
cp support-files/my-small.cnf /etc/my.cnf
mkdir -p /usr/local/mysql/data
/usr/local/mysql/bin/mysql_install_db --user=mysql
chgrp -R mysql /usr/local/mysql
/usr/local/mysql/bin/mysqld_safe --user=mysql&
ps -ef |grep mysql
echo "export PATH=$PATH:/usr/local/mysql/bin/" >>/etc/profile       //设置环境变量
source /etc/profile
cp support-files/mysql.server /etc/init.d/mysqld                  //设置为service启动方式
chmod 755 /etc/init.d/mysqld
chkconfig --add mysqld                                     //添加为开机自启动
service mysqld restart
cd ..
1
2
mysqladmin -uroot password elain                      //设置密码
mysql -uroot -p

安装PHP(FastCGI模式)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

tar zxvf php-5.2.14.tar.gz
gzip -cd php-5.2.14-fpm-0.5.14.diff.gz | patch -d php-5.2.14 -p1
cd php-5.2.14/
./configure 
--prefix=/usr/local/php 
--with-config-file-path=/usr/local/php/etc 
--with-mysql=/usr/local/mysql 
--with-mysqli=/usr/local/mysql/bin/mysql_config 
--with-iconv-dir=/usr/local 
--with-freetype-dir 
--with-jpeg-dir 
--with-png-dir 
--with-zlib 
--with-libxml-dir=/usr 
--enable-xml 
--disable-rpath 
--enable-discard-path 
--enable-safe-mode 
--enable-bcmath 
--enable-shmop 
--enable-sysvsem 
--enable-inline-optimization 
--with-curl 
--with-curlwrappers 
--enable-mbregex 
--enable-fastcgi 
--enable-fpm 
--enable-force-cgi-redirect 
--enable-mbstring 
--with-mcrypt 
--with-gd 
--enable-gd-native-ttf 
--with-openssl 
--with-mhash 
--enable-pcntl 
--enable-sockets 
--with-ldap 
--with-ldap-sasl 
--with-xmlrpc 
--enable-zip 
--enable-soap
make ZEND_EXTRA_LIBS=''''-liconv''''
make install
cp php.ini-dist /usr/local/php/etc/php.ini
cd ../

安装PHP扩展模块

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../
tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/php/bin/phpize
./configure 
--enable-eaccelerator=shared 
--with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure 
--with-php-config=/usr/local/php/bin/php-config 
--with-pdo-mysql=/usr/local/mysql
make
make install
cd ../
tar zxvf ImageMagick-6.6.1-10.tar.gz
cd ImageMagick-6.6.1-10
./configure
make
make install
cd ../
tar zxvf imagick-2.3.0.tgz
cd imagick-2.3.0/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../

配置PHP

修改php.ini文件
vi /usr/local/php/etc/php.ini
手工修改:
查找/usr/local/php/etc/php.ini中的
extension_dir = “./“ (约491行)
修改为

1
extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"

并在此行后增加以下几行

1
2
3
extension = "memcache.so"
extension = "pdo_mysql.so"
extension = "imagick.so"

再查找 output_buffering = Off (约101行)
修改为 output_buffering = On
再查找 ;cgi.fix_pathinfo=0 (约523行)

修改为 cgi.fix_pathinfo=0, //即取消注释,使生效,防止Nginx文件类型错误解析漏洞。

配置eAccelerator加速PHP:

1
2
mkdir -p /usr/local/eaccelerator_cache
vi /usr/local/php/etc/php.ini

末尾添加以下配置信息:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

[eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

创建www用户和组,以及供blog.cgzg.net使用的目录:

1
2
3
4
5
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /www/htdocs
chmod +w /www/htdocs
chown -R www:www /www

修改php-fpm配置文件:
vi /usr/local/php/etc/php-fpm.conf
找到58-66行里注释去掉,或删除改为下面几行
此为注释,需去掉
然后把里面的用户 nobody 改为 www
找113行,把1024里的数字改成 65535
/usr/local/php/sbin/php-fpm start //启动PHP
ps -ef |grep php

注:默认启动6个进程,可根据自己服务器配置自行调整。

注:/usr/local/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload。

安装Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

unzip pcre-8.10.zip
cd pcre-8.10/
./configure
make && make install
cd ../

tar zxvf nginx-0.8.46.tar.gz
cd nginx-0.8.46/
./configure --user=www --group=www 
--prefix=/usr/local/nginx 
--with-http_stub_status_module 
--with-http_ssl_module
make && make install
cd ../

创建Nginx日志目录

1
2
3
mkdir -p /www/logs
chmod +w /www/logs
chown -R www:www /www/logs

创建Nginx配置文件

1
2
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.ori   //备份原始配置文件
vi /usr/local/nginx/conf/nginx.conf

输入以下内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

user  www www;
worker_processes 8;
error_log  /www/logs/nginx_error.log  crit;
pid        /usr/local/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include       mime.types;
default_type  application/octet-stream;
#charset  gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush     on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length  1k;
gzip_buffers     4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types       text/plain application/x-javascript text/css application/xml;
gzip_vary on;

#limit_zone  crawler  $binary_remote_addr  10m;
server
{
listen       80;
server_name  www.tmding.com;
index index.html index.htm index.php;
root  /www/htdocs;
#limit_conn   crawler  20;
location ~ .*.(php|php5)?$
{
#fastcgi_pass  unix:/tmp/php-cgi.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires      30d;
}
location ~ .*.(js|css)?$
{
expires      1h;
}
log_format  access  ''''$remote_addr - $remote_user [$time_local] "$request" ''''
''''$status $body_bytes_sent "$http_referer" ''''
''''"$http_user_agent" $http_x_forwarded_for'''';
access_log  /www/logs/access.log  access;
}
server
{
listen  80;
server_name  status.blog.cgzg.net;

location / {
stub_status on;
access_log   off;
}
}
}

创建fcgi.conf文件:

1
vi /usr/local/nginx/conf/fcgi.conf

输入以下内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

启动Nginx

1
2
3
ulimit -SHn 65535
/usr/local/nginx/sbin/nginx
ps -ef |grep nginx     //检查启动情况

注:这里默认开启8个进程,可根据自己服务器配置自行调整。

配置开机自动启动Nginx + PHP
vi /etc/rc.local
在末尾增加以下内容:

1
2
3
ulimit -SHn 65535
/usr/local/php/sbin/php-fpm start
/usr/local/nginx/sbin/nginx

创建PHP测试文件

1
vi /www/htdocs/info.php
1
2


访问 http://10.0.0.84/info.php

看到上图说明LNMP环境架设成功!!!

虚拟主机配置
vi /usr/local/nginx/conf/nginx.conf 在最后一个server前添加下面红色部分内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

server
{
listen       80;
server_name  blog.cgzg.net;
index index.html index.htm index.php;
root  /www/htdocs/blog;
#limit_conn   crawler  20;
location ~ .*.(php|php5)?$
{
#fastcgi_pass  unix:/tmp/php-cgi.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires      30d;
}
location ~ .*.(js|css)?$
{
expires      1h;
}
log_format  access  ''''$remote_addr - $remote_user [$time_local] "$request" ''''
''''$status $body_bytes_sent "$http_referer" ''''
''''"$http_user_agent" $http_x_forwarded_for'''';
access_log  /www/logs/access.log  access;
}
server
{
listen       80;
server_name  wiki.cgzg.net;
index index.html index.htm index.php;
root  /www/htdocs/wiki;
location ~ .*.(php|php5)?$
{
#fastcgi_pass  unix:/tmp/php-cgi.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
log_format  wwwlogs  ''''$remote_addr - $remote_user [$time_local] "$request" ''''
''''$status $body_bytes_sent "$http_referer" ''''
''''"$http_user_agent" $http_x_forwarded_for'''';
access_log  /www/logs/access.log  wwwlogs;
}
server
{
listen  80;
server_name  status.cgzg.net;
location / {
stub_status on;
access_log   off;
}
}
}
1
2
3
4
mkdir -p /www/htdocs/wiki
mkdir -p /www/htdocs/blog                       //建立网站程序目录
检查是否正确:
/usr/local/nginx/sbin/nginx -t

看到上图,表示配置成功!!
平滑重启:

1
/usr/local/nginx/sbin/nginx -s reload

编写每天定时切割Nginx日志的脚本

创建脚本cut_nginx_log.sh

1
vi /usr/local/nginx/sbin/cut_nginx_log.sh

输入以下内容:

1
2
3
4
5
6
7
8

#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/www/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/nginx.pid`
1
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh        //赋予此脚本执行权限

设置crontab,每天凌晨00:00切割nginx访问日志
crontab -e
输入以下内容:

1
00 00 * * * /bin/bash  /usr/local/nginx/sbin/cut_nginx_log.sh

安装Blog程序:
Blog 网站程序地址 http://cn.wordpress.org/wordpress-3.0.1-zh_CN.tar.gz
cd /www/htdocs/blog/
上传网站程序

1
2
3
4
5
6
7
unzip wordpress-3.0.1.zip
cd wordpress
mv * ../
cd ..
rm -Rf wordpress
cp wp-config-sample.php  wp-config.php
vi wp-config.php

根据上图填写

1
2
3
chmod 777 wp-config.php
/usr/local/php/sbin/php-fpm restart
kill -HUP `cat /usr/local/nginx/nginx.pid

`

在DB2 3307数据库里为blog 创建一个数据库

1
2
3
mysql -uroot -p -S /data/3307/mysql.sock             //登录mysql 输入密码elain
create database blog;          //建立数据库
grant all privileges on blog.* to ''''elain''''@''''10.0.10.%'''' identified by ''''elain'''';

//建立 blog 的帐号elain,密码elain,并授权管理 blog 这个库
注:’’’’10.0.10.%’ 这里的“%”表示10.0.10这个网段都可访问
访问:http://blog.cgzg.net 安装

安装后效果访问:

到此LNMP安装完成!!!
接下来,在LAMP主机上打包wiki站点
在LNMP主机上打包blog站点
LAMP

1
2
cd /application/apache2.2.15/htdocs/
tar zcvf wiki.tar.gz  wiki/

LNMP

1
2
3
4
5
cd /www/htdocs/
tar zcvf blog.tar.gz  blog/
rm -Rf wiki/
scp 10.0.10.83:/application/apache2.2.15/htdocs/wiki.tar.gz  ./  //注意是 ./ 表示当前目录
tar zxvf wiki.tar.gz

LAMP

1
2
scp 10.0.10.84:/www/htdocs/blog.tar.gz  ./
tar zxvf blog.tar.gz

做下测试,首先把LNMP的WEB服务关闭,访问
http://wiki.cgzg.net
http://blog.cgzg.net
发现都可以访问,且可以写入数据
再把LAMP的WEB服务关闭,启动LNMP的WEB服务,访问
http://wiki.cgzg.net
http://blog.cgzg.net
发现都可以访问,且看到刚才在LAMP上写入的数据,这样就保障了两WEB服务器任意一台宕机,都不会影响网站的正常访问,当然还可以这层上扩展更多的WEB主机,来实现高可用,无单点服务。
到此为至,LAMP、LNMP服务器架设完毕。

本文标题:[跟我学中小企业架构部署]之五:WEB服务器LNMP部署

文章作者:elain

发布时间:2011年10月25日 - 13时38分

最后更新:2016年02月03日 - 13时53分

原始链接:http://www.elain.org/2011/10/25/'[跟我学中小企业架构部署]之五:WEB服务器LNMP部署'/

许可协议: "署名-非商用-相同方式共享 3.0" 转载请保留原文链接及作者。

文章目录
  1. 1. 安装PHP环境所需软件
  2. 2. 配置PHP
  3. 3. 修改为 cgi.fix_pathinfo=0, //即取消注释,使生效,防止Nginx文件类型错误解析漏洞。
  4. 4. 注:/usr/local/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload。
  5. 5. 编写每天定时切割Nginx日志的脚本
,