您好,登錄后才能下訂單哦!
一、總體簡介
Lnmp架構(Linux+nginx+mysql+php)是目前網站的主流架構,這個架構包含了一個網站的最基本要求:運行環境+web容器+動態頁面處理+存儲。當然同樣主流的架構還有lamp,但是個人認為nginx的性能在現在的趨勢下更勝一籌。
二、Nginx優勢
Nginx是一款高性能的web服務器、反向代理服務器、負載均衡服務器,它的高性能主要體現在它引入了基于事件驅動的I/O模型,支持高并發,并且占用內存資源少。作為web服務器,nginx比apache使用更少的資源,支持更多的并發連接,nginx處理靜態文件、索引文件,自動索引的效率非常高。作為反向代理服務器,nginx可以實現無緩存的反向代理,提高網站運行速度。作為負載均衡服務器,nginx既可以在內部支持Rails和PHP,也可以支持HTTP代理服務器,對外進行服務。同時支持簡單的容錯和利用算法進行負載均衡。
三、安裝配置
1. 安裝配置nginx
在官網下載nginx的源碼包:http://nginx.org/en/download.html
這里我選擇的是nginx-1.12.0.tar.gz
1) 解壓源碼包
[root@server1 ~]# tar zxf nginx-1.12.0.tar.gz
2) 安裝源碼包
[root@server1 nginx-1.12.0]# cd auto/cc [root@server1 cc]# vim gcc # debug #CFLAGS="$CFLAGS -g" ###注釋掉這一行,編譯后沒有debug信息,nginx文件就會縮減很多 [root@server1 nginx-1.12.0]# cd src/core #define NGINX_VER "nginx" ###一般處于安全考慮會更改或隱藏nginx版本號 [root@server1 nginx-1.12.0]# yum install pcre-devel -y ###安裝依賴性 [root@server1 nginx-1.12.0]# ./configure --prefix=/usr/local/lnmp/nginx --with-threads --with-file-aio --with-http_ssl_module --with-http_stub_status_module ###可以根據自己的需要添加參數,我添加的參數依次是:設定安裝目錄、允許多線程、l允許系統啟用異步io、允許ngx_http_stub_status_module模塊(這個模塊可以取得一些nginx的運行狀態,如果是工業狀況,可以直接取消)、允許ngx_http_ssl_module模塊 [root@server1 nginx-1.12.0]# make&&make install [root@server1 nginx-1.12.0]# cd /usr/local/lnmp/nginx/ [root@server1 nginx]# ln -s /usr/local/lnmp/nginx/sbin/nginx /usr/local/sbin/ ###做軟鏈接,方便啟動
3) 配置nginx
nginx的配置目錄為/usr/local/lnmp/nginx/conf/nginx.conf
[root@server1 nginx]# cd conf [root@server1 conf]# useradd -u 800 nginx ###創建nginx用戶 [root@server1 conf]# vim nginx.conf user nginx nginx; ###更改nginx用戶 worker_processes 2;###更改進程數,最好是和cpu數一致 worker_cpu_affinity 01 10;###將進程綁定cpu,兩個cpu就是 01 10 四個cpu就是0001 0010 0100 1000 #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 4096; ###更改最大連接數,不能超過內核最大文件個數sysctl -a | grep file可以查看 } [root@server1 conf]# vim /etc/security/limits.conf ###更改nginx用戶的內核限制 最大用戶進程數和文件打開個數,如果上面設置的最大連接比這里的數字大也沒用最大只能到這里設置的4096, ulimit -a可以查看內核限制 nginx - nproc 4096 nginx - nofile 4096 [root@server1 conf]# su nginx [nginx@server1 conf]$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 14868 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 4096 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 4096 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [root@server1 conf]# nginx -t [root@server1 conf]# nginx ###添加虛擬server [root@server1 conf]# vim nginx.conf server { listen 80; server_name www.westos.com; location / { root /web1; ###發布目錄 index index.html; } } server { listen 80; server_name www.linux.com; location / { root /web2; index index.html; } } [root@server1 conf]# mkdir /web1 [root@server1 conf]# mkdir /web2 [root@server1 conf]# echo 'westos' > /web1/index.html [root@server1 conf]# echo 'linux' > /web2/index.html [root@server1 conf]# nginx -t [root@server1 conf]# nginx -s reload ###測試以下 [root@server1 conf]# curl -I www.westos.com ###用url訪問 HTTP/1.1 200 OK Server: nginx Date: Sun, 14 May 2017 06:00:25 GMT Content-Type: text/html Content-Length: 7 Last-Modified: Sun, 14 May 2017 05:40:05 GMT Connection: keep-alive ETag: "5917edb5-7" Accept-Ranges: bytes ###添加https [root@server1 conf]# vim nginx.conf # HTTPS server server { listen 443 ssl; server_name localhost; ssl_certificate cert.pem; ssl_certificate_key cert.pem; ###我這里為了測試方便把key和證書設置一樣的了 ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } } [root@server1 conf]# cd /etc/pki/tls/certs/ [root@server1 certs]# ls ca-bundle.crt make-dummy-cert renew-dummy-cert ca-bundle.trust.crt Makefile [root@server1 certs]# make cert.pem ###生成一個臨時的證書 umask 77 ; \ PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ /usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \ cat $PEM1 > cert.pem ; \ echo "" >> cert.pem ; \ cat $PEM2 >> cert.pem ; \ rm -f $PEM1 $PEM2 Generating a 2048 bit RSA private key ...............................................................................................................+++ ............................+++ writing new private key to '/tmp/openssl.f7Dpjt' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Shaanxi Locality Name (eg, city) [Default City]:xi'an Organization Name (eg, company) [Default Company Ltd]:westos Organizational Unit Name (eg, section) []:linux Common Name (eg, your name or your server's hostname) []:server1 Email Address []:root@localhost [root@server1 certs]# mv cert.pem /usr/local/lnmp/nginx/conf/ ###將證書放在nginx的配置目錄下 [root@server1 certs]# nginx -t ###檢測是否正常 [root@server1 certs]# nginx -s reload ###重新加載nginx ###重定向 [root@server1 conf]# vim nginx.conf server { listen 80; server_name www.princekin.com; ###將所有訪問以www.princekin.com開頭的都重寫到https://www.prince.com rewrite ^(.*) https://www.prince.com; } [root@server1 conf]# nginx -t [root@server1 conf]# nginx -s reload ###負載均衡和反向代理 [root@server1 conf]# vim nginx.conf ###引入upstream模塊作負載均衡 http { upstream westos { server 172.25.45.2:80; server 172.25.45.3:80; server 172.25.45.1:8080 backup; ###當2和3都掛了就訪問1,1做備份 } ###引入proxy_pass 作反向代理 server { listen 80; server_name www.westos.com; rewrite ^(.*) http://www.linux.com; } server { listen 80; server_name www.linux.com; location / { proxy_pass http://westos; } } ###開啟http8080端口 http作為nginx的維護界面 [root@server1 conf]# yum install httpd -y [root@server1 conf]# vim /etc/httpd/conf/httpd.conf ServerName 172.25.45.1 Listen 8080 [root@server1 conf]# vim /var/www/html/index.html 隨便寫 [root@server1 conf]# /etc/init.d/httpd start 再開兩臺虛擬機作server2和server3 配置好服務nginx或者httpd都行 ###測試結果 [root@server1 conf]# for i in {1..10}; do curl www.linux.com;done <h2>server3<h2> <h2>server2<h2> <h2>server3<h2> <h2>server2<h2> <h2>server3<h2> <h2>server2<h2> <h2>server3<h2> <h2>server2<h2> <h2>server3<h2> <h2>server2<h2>
2. 安裝配置mysql
在官網下載:https://www.mysql.com/downloads/
mysql-boost-5.7.17.tar.gz(也可以下不帶boost的,包會小一點,但是編譯的時候需要單獨下載boost包)
編譯源碼包時有依賴性需要安裝:
gcc gcc-c++ ncurses-devel bison openssl-devel zlib-devel cmake(系統自帶的版本過低,須從官網下在最新版本)
[root@server1 mysql-5.7.17]# yum install -y gcc gcc-c++ make ncurses-devel bison openssl-devel zlib-devel cmake [root@server1 mysql-5.7.17]# tar zxvf mysql-boost-5.7.12.tar.gz [root@server1 mysql-5.7.17]# cd mysql-5.7.17 [root@server1mysql-5.7.17]# cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \ #安裝目錄 -DMYSQL_DATADIR=/usr/local/mysql/data \ #數據庫存放目錄 -DMYSQL_UNIX_ADDR=/usr/local/mysql/data/mysql.sock \ #Unix socket 文件路徑 -DWITH_MYISAM_STORAGE_ENGINE=1 \ #安裝 myisam 存儲引擎 -DWITH_INNOBASE_STORAGE_ENGINE=1 \ #安裝 innodb 存儲引擎 -DWITH_ARCHIVE_STORAGE_ENGINE=1 \ #安裝 archive 存儲引擎 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ #安裝 blackhole 存儲引擎 -DWITH_PARTITION_STORAGE_ENGINE=1 \ #安裝數據庫分區 -DENABLED_LOCAL_INFILE=1 \ #允許從本地導入數據 -DWITH_READLINE=1 \ #快捷鍵功能 -DWITH_SSL=yes \ #支持 SSL -DDEFAULT_CHARSET=utf8 \ #使用 utf8 字符 -DDEFAULT_COLLATION=utf8_general_ci \ #校驗字符 -DEXTRA_CHARSETS=all \ #安裝所有擴展字符集 -DMYSQL_TCP_PORT=3306 \ #MySQL 監聽端口 默認的可以不寫 -DWITH-BOOST=boost/boost_1_59_0/ [root@server1 mysql-5.7.17]# make && make install ###重新編譯時,需要清除舊的對象文件和緩存信息 make clean rm -f CmakeCache.txt [root@server1 mysql-5.7.17]# cd /usr/local/lnmp/mysql [root@server1 mysql]# cd support-files [root@server1 support-files]# cp my-default.cnf /etc/my.cnf [root@server1 support-files]# cp mysql.server /etc/init.d/mysqld [root@server1 mysql]# useradd -u 27 -s /sbin/nologin mysql [root@server1 mysql]# groupmod -g 27 mysql [root@server1 mysql]# chown mysql.mysql -R . [root@server1 bin]# vim ~/.bash_profile PATH=$PATH:$HOME/bin:/usr/local/lnmp/mysql/bin ###添加環境變量 [root@server1 bin]# source ~/.bash_profile [root@server1 mysql]# mysqld --initialize --user=mysql ###初始化 2017-05-14T05:22:13.918714Z 1 [Note] A temporary password is generated for root@localhost: XUpjk0SNh5+C ###會提供root初始化密碼 [root@server1 mysql]# /etc/init.d/mysqld start ###啟動服務 [root@server1 mysql]# mysql -p Enter password: ###復制上面提供的密碼,進入mysql mysql> show databases; ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement. ###報錯是因為要先改密碼 mysql> alter user root@localhost identified by 'Lee+88888'; Query OK, 0 rows affected (0.00 sec) ###更改密碼必須有大寫字母,特殊字符,數字超過8位 mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec) ###做安全初始化 [root@server1 mysql]# mysql_secure_installation -p Enter password: Securing the MySQL server deployment. VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin? Press y|Y for Yes, any other key for No: Using existing password for root. Change the password for root ? ((Press y|Y for Yes, any other key for No) : ... skipping. By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y Success. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done!
3.安裝配置php
php 官網下載:http://php.net/downloads.php
[root@server1 ~]# tar jxf php-5.6.20.tar.bz2
需要下載的依賴包:
libmcrypt-2.5.8-9.el6.x86_64.rpm libmcrypt-devel-2.5.8-9.el6.x86_64.rpm re2c-0.13.5-1.el6.x86_64.rpm gd-devel-2.0.35-11.el6.x86_64.rpm
[root@server1 ~]# yum install libmcrypt-2.5.8-9.el6.x86_64.rpm libmcrypt-devel-2.5.8-9.el6.x86_64.rpm re2c-0.13.5-1.el6.x86_64.rpm gd-devel-2.0.35-11.el6.x86_64.rpm [root@server1 php-5.6.20]# yum install net-snmp-devel gmp-devel curl-devel libxml2-devel -y [root@server1 php-5.6.20]# ./configure --prefix=/usr/local/lnmp/php --with-config-file-path=/usr/local/lnmp/php/etc --with-mysql --with-mysqli --with-pdo-mysql --enable-mysqlnd --with-openssl --with-snmp --with-gd --with-zlib --with-curl --with-libxml-dir --with-png-dir --with-jpeg-dir --with-freetype-dir --with-pear --with-gettext --with-gmp --enable-inline-optimization --enable-soap --enable-ftp --enable-sockets --enable-mbstring --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --with-mcrypt --with-mhash [root@server1 php-5.6.20]# make && make install [root@server1 php-5.6.20]# cd /usr/local/lnmp/php [root@server1 php]# cd etc/ [root@server1 etc]# cp php-fpm.conf.default php-fpm.conf [root@server1 php-5.6.20]# cp php.ini-production /usr/local/lnmp/php/etc/php.ini [root@server1 php-5.6.20]# cd /usr/local/lnmp/php/etc/ [root@server1 etc]# vim php.ini date.timezone = Asia/Shanghai ###更改時區 pdo_mysql.default_socket=/usr/local/lnmp/mysql/data/mysql.sock mysqli.default_socket = /usr/local/lnmp/mysql/data/mysql.sock mysql.default_socket = /usr/local/lnmp/mysql/data/mysql.sock ###添加mysql.sock [root@server1 etc]# vim php-fpm.conf [global] ; Pid file ; Note: the default prefix is /usr/local/lnmp/php/var ; Default Value: none pid = run/php-fpm.pid ###去掉注釋 [root@server1 etc]# cd ~/php-5.6.20/sapi/fpm/ [root@server1 fpm]# cp init.d.php-fpm /etc/init.d/php-fpm ###添加php-fpm啟動項到/etc/init.d [root@server1 fpm]# chmod +x /etc/init.d/php-fpm ###給執行權限 [root@server1 fpm]# /etc/init.d/php-fpm start
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。