CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
2010-06-01 23:38
666 查看
nginx+php+spawn-fcgi+mysql高性能php平台[/b]
一、安装准备
1.1平台环境:
CentOS 5.4 x86_64 GNU/Linux
nginx-0.8.21
php-5.2.9
spawn-fcgi-1.6.3
mysql-5.1.34
1.2系统安装及分区:
1.2.1操作系统安装:
安装过程中选择最少的包,采用文本模式安装,不安装图形。
1.2.3系统分区:
/boot 100M (大约100左右)
SWAP 4G 物理内存的2倍(如果你的物理内存大于4G,分配4G即可)
/ 50G
/data 剩余所有空间.
注:具体分区请根据相关业务划分
1.2.4系统软件包安装规范
系统约定:
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
脚本以及维护程序存放位置 /usr/local/sbin
MySQL 数据库位置 /data/mysql/data(可按情况设置)
网站根目录 /data/www/wwwroot(可按情况设置)
虚拟主机日志根目录 /data/logs(可按情况设置)
Nginx运行账户 www:www
install_software_name.sh //存放编译参数脚本习惯将所有编译脚本存放在install_software_name.sh便于升级和更新软件.
1.3.系统初始化
#vi init_network.sh
#welcome
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Centos System init === |
+--------------------------------------------------------------+
+----------------------Author:NetSeek--------------------------+
EOF
#disable ipv6
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Disable IPV6 === |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off
echo "ipv6 is disabled!"
#disable selinux
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
echo "selinux is disabled,you must reboot!"
#vim
sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
echo 'syntax on' > /root/.vimrc
#zh_cn
sed -i -e 's/^LANG=.*/LANG="en"/' /etc/sysconfig/i18n
#init_ssh
ssh_cf="/etc/ssh/sshd_config"
sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
#client
sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
echo "ssh is init is ok.............."
#chkser
#tunoff services
#--------------------------------------------------------------------------------
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Tunoff services === |
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sendmail | sshd | syslog | local | mysqld )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
1.4 系统环境部署及调整
检查系统是否正常
# tail -n100 /var/log/messages (检查有无系统级错误信息)
# dmesg (检查硬件设备是否有错误信息)
# ifconfig (检查网卡设置是否正确)
# ping www.linuxtone.org (检查网络是否正常)
1.5使用 yum 程序安装所需开发包
1.5.1 更换快源
#cd /etc/yum.repos.d/
#mv CentOS-Base.repo CentOS-Base.repo.linuxtone
#wget http://docs.linuxtone.org/soft/lemp/CentOS-Base.repo
1.5.2 yum安装相关软件包:
#yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libtool* zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-devel gettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
1.6 定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
# crontab -e
加入一行:
15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1
1.7下载相关软件包
#cd /usr/local/src
#vi list_tar.list
http://docs.linuxtone.org/soft/lemp/ImageMagick.tar.gz http://docs.linuxtone.org/soft/lemp/PDO_MYSQL-1.0.2.tgz http://docs.linuxtone.org/soft/lemp/eaccelerator-0.9.5.3.tar.bz2 http://docs.linuxtone.org/soft/lemp/imagick-2.2.2.tgz http://docs.linuxtone.org/soft/lemp/libiconv-1.13.tar.gz http://docs.linuxtone.org/soft/lemp/libmcrypt-2.5.8.tar.gz http://docs.linuxtone.org/soft/lemp/mcrypt-2.6.8.tar.gz http://docs.linuxtone.org/soft/lemp/memcache-2.2.5.tgz http://docs.linuxtone.org/soft/lemp/mhash-0.9.9.9.tar.gz http://docs.linuxtone.org/soft/lemp/mysql-5.1.34.tar.gz http://docs.linuxtone.org/soft/lemp/pcre-7.8.tar.gz http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz http://docs.linuxtone.org/soft/lemp/php-5.2.9.tar.bz2 http://sysoev.ru/nginx/nginx-0.8.21.tar.gz http://docs.linuxtone.org/soft/lemp/ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
#wget -i list_tar.list
1.8.添加nginx 运维账户:
#vi add_webuser.sh
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data/www/wwwroot
chmod +w /data/www/wwwroot
chown www:www /data/www/wwwroot -R
#sh add_webuser.sh
[/b]
二.编译安装
2.1 编译安装pcre
#tar zxvf pcre-7.8.tar.gz
#cd pcre-7.8
#./configure && make && make install
2.2 编译安装nginx
#tar zxvf nginx-0.8.21.tar.gz
#cd nginx-0.8.21
2.2.1 附加:修改nginx源代码,伪装nginx服务器(仅供参考,安全还得认真做起^.^):
(1).修改gcc
#vi auto/cc/gcc
NGX_GCC_OPT="-O"
修改为:
NGX_GCC_OPT="-O3"
(2).修改nginx.h
#vi nginx-0.8.21/src/core/nginx.h
#define NGINX_VERSION "0.7.58"
#define NGINX_VER "nginx/" NGINX_VERSION
修改为:
#define NGINX_VERSION "1.0"
#define NGINX_VER "LTWS/" NGINX_VERSION
(3).修改nginx_http_header_filter_module
#vi nginx-0.8.21/src/http/ngx_http_header_filter_module.c
static char ngx_http_server_string[] = "Server: nginx" CRLF;
修改为:
static char ngx_http_server_string[] = "Server: LTWS" CRLF;
(4).修改ngx_http_special_response.c
#vi nginx-0.8.21/src/http/ngx_http_special_response.c
将如下
static u_char ngx_http_error_full_tail[] =
"<hr><center>" NGINX_VER "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>nginx</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
修改为:
static u_char ngx_http_error_full_tail[] =
"<hr><center> "NGINX_VER" </center>" CRLF
"<hr><center>http://www.linuxtone.com</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>HMGWS</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
2.2.2 nginx 编译安装
./configure \
"--user=www" \
"--group=www" \
"--prefix=/usr/local/nginx/" \
"--with-http_stub_status_module" \
"--with-http_ssl_module" \
"--with-md5=/usr/lib" \
"--with-sha1=/usr/lib"
make
make install
2.3 编译安装配置mysql
./configure \
"--prefix=/usr/local/mysql" \
"--localstatedir=/data/mysql/data" \
"--with-comment=Source" \
"--with-server-suffix=-Linuxtone.Org" \
"--enable-assembler" \
"--with-charset=gbk" \
"--with-collation=gbk_chinese_ci" \
"--with-collation=gbk_chinese_ci" \
"--with-extra-charsets=complex" \
"--enable-thread-safe-client" \
"--with-big-tables" \
"--with-readline" \
"--with-ssl" \
"--with-embedded-server" \
"--enable-local-infile" \
"--with-plugins=innobase"
make
make install
useradd mysql -d /data/mysql -s /sbin/nologin
/usr/local/mysql/bin/mysql_install_db --user=mysql
cd /usr/local/mysql
chown -R root:mysql .
mkdir -p /data/mysql/data
chown -R mysql /data/mysql/data
cp share/mysql/my-huge.cnf /etc/my.cnf.bak
wget http://www.caifw.com/api/my.cnf
sed -i '50 s/^/#/' /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
/etc/rc.d/init.d/mysqld start
cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done
2.4 编译安装php
2.4.1安装php相应的lib
2.4.1.1 libiconv-1.13
#tar zxvf libiconv-1.13.tar.gz
#cd libiconv-1.13
#./configure --prefix=/usr && make && make install
2.4.1.2 libmcrypt-2.5.8
#tar zxvf libmcrypt-2.5.8.tar.gz
#cd libmcrypt-2.5.8/
#./configure --prefix=/usr && make && make install
#echo "/usr/lib" >> /etc/ld.so.conf
#ldconfig
#cd libltdl/
#./configure --enable-ltdl-install
#make && make install
2.4.1.3 mhash-0.9.9.9
#tar zxvf mhash-0.9.9.9.tar.gz
#cd mhash-0.9.9.9
#./configure --prefix=/usr && make && make install
#ldconfig
2.4.1.4 mcrypt-2.6.8
#tar zxvf mcrypt-2.6.8.tar.gz
#cd mcrypt-2.6.8
#./configure --prefix=/usr && make&& make install
2.4.2 安装spawn-fcgi
#tar zvxf spawn-fcgi-1.6.3.tar.gz
#cd spawn-fcgi-1.6.3
#./configure && make && make install
2.4.3 安装php
#tar jvxf php-5.2.9.tar.bz2
#vi install_php.sh
./configure \
"--prefix=/usr/local/php" \
"--enable-fastcgi" \
"--enable-fpm" \
"--enable-discard-path" \
"--enable-force-cgi-redirect" \
"--with-config-file-path=/usr/local/php/etc" \
"--with-mysql=/usr/local/mysql" \
"--with-mysqli=/usr/local/mysql/bin/mysql_config" \
"--with-iconv-dir" \
"--with-freetype-dir" \
"--with-jpeg-dir" \
"--with-png-dir" \
"--with-gd" \
"--with-zlib" \
"--with-libxml-dir" \
"--with-curl" \
"--with-curlwrappers" \
"--with-openssl" \
"--with-mhash" \
"--with-xmlrpc" \
"--with-mcrypt" \
"--with-ldap" \
"--with-ldap-sasl" \
"--enable-xml" \
"--disable-rpath" \
"--enable-discard-path" \
"--enable-safe-mode" \
"--enable-bcmath" \
"--enable-shmop" \
"--enable-sysvsem" \
"--enable-inline-optimization" \
"--enable-mbregex" \
"--enable-mbstring" \
"--enable-gd-native-ttf" \
"--enable-ftp" \
"--enable-pcntl" \
"--enable-sockets" \
"--enable-zip" \
"--disable-debug" \
"--disable-ipv6"
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/php/etc/php.ini
#sh install_php.sh
2.4.4安装PHP扩展模块
2.4.4.1 memcache-2.2.5
#tar zvxf memcache-2.2.5.tgz
#cd memcache-2.2.5
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.2 eaccelerator-0.9.5.3
#tar jvxf eaccelerator-0.9.5.3.tar.bz2
#cd eaccelerator-0.9.5.3
#/usr/local/php/bin/phpize
#./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.3 PDO_MYSQL-1.0.2
#tar zxvf PDO_MYSQL-1.0.2.tgz
#cd PDO_MYSQL-1.0.2
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
#make && make install
2.4.4.4 ImageMagick
#tar zxvf ImageMagick.tar.gz
#cd ImageMagick-6.5.1-2/
#./configure --enable-shared --with-modules --without-x --with-gs-font-dir=default --with-perl=yes --with-xml=yes --with-zlib=yes --with-jpeg=yes
# make && make install
2.4.4.5 imagick-2.2.2
#tar zxvf imagick-2.2.2.tgz
#cd imagick-2.2.2/
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make
#make install
2.4.5脚本配置php.ini
# vi init_php.ini
#!/bin/bash
fcgi_cf="/usr/local/php/etc/php.ini"
ea(){
cat << EOF
[eAccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/data/cache/ea"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
EOF
}
#mkdir
mkdir -p /data/cache/ea
ea >> $fcgi_cf
#config for php.ini
sed -i '205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g' $fcgi_cf
sed -i '210 s#disable_functions =#;disable_functions = phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server#g' $fcgi_cf
sed -i '/expose_php/s/On/Off/' $fcgi_cf
sed -i '/display_errors/s/On/Off/' $fcgi_cf
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' $fcgi_cf
sed -i 's#output_buffering = Off#output_buffering = On#' $fcgi_cf
2.5安装Zend
#tar zvxf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
# cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
# ./install
注:php.ini的位置为/usr/local/php/etc 服务器不选用apache
[/b]
三、配置整合
3.1 配置nginx
注:本文spawn-fcgi开启9000跟9001两个端口,利用nginx的upstream负载均衡php程序到不同的fcgi端口上面,解决502 gateway错误
#cd /usr/local/nginx/conf
#cp nginx.conf nginx.conf.linuxtone
#vi nginx.conf
user www www;
worker_processes 10;
pid /var/run/nginx.pid;
# [ debug | info | notice | warn | error | crit ]
error_log /dev/null;
#error_log /data/logs/nginxerror.log;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}
http
{
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
#charset gb2312;
charset gbk;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /data/www/logs/access.log main;
access_log /dev/null;
#General Options
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
ignore_invalid_headers on;
recursive_error_pages on;
server_name_in_redirect off;
sendfile on;
#timeouts
keepalive_timeout 60;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
#fastcgi options
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
#size limits
client_max_body_size 50m;
client_body_buffer_size 256k;
#gzip compression
gzip on;
gzip_min_length 0;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_comp_level 9;
gzip_types text/plain text/css image/x-icon image/png;
gzip_vary on;
#temp files
proxy_temp_path /dev/shm/proxy_temp;
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;
#client_body_temp_path /usr/local/nginx/client_body_temp 1 2;
#proxy_temp_path /usr/local/nginx/proxy_temp 1 2;
#fastcgi_temp_path /usr/local/nginx/fastcgi_temp 1 2;
#upstream
upstream spawn {
# ip_hash;
server 127.0.0.1:9000 max_fails=0 fail_timeout=30s;
server 127.0.0.1:9001 max_fails=0 fail_timeout=30s;
}
# The following includes are specified for virtual hosts
#www.linuxtone.org
include /usr/local/nginx/conf/vhosts/www.linuxtone.org.conf;
}
#mkdir vhosts
#vi vhosts/www.linuxtone.org.conf
server
{
listen 80;
server_name www.linuxtone.org .linuxtone.org;
index index.html index.htm index.php;
root /data/www/wwwroot/linuxtone;
error_page 404 http://www.linuxtone.org;
#rewrite ^/bbs/(.*) http://bbs.linuxtone.org/$1;
location ~ .*\.php?$
{
fastcgi_pass spawn;
include /usr/local/nginx/conf/spawn_php5.conf;
fastcgi_index index.php;
}
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
access_log off;
expires 1d;
break;
}
}
}
#vi /usr/local/nginx/conf/spawn_php5.conf
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
#fastcgi_param REDIRECT_STATUS 200;
3.2 配置spawn-fcgi启动脚本
#mkdir /usr/local/php/sbin
# vi /usr/local/php/sbin/spawn-fcgi
#! /bin/sh
set -e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="spawn-fcgi daemon"
NAME=spawn-fcgi
DAEMON=/usr/local/bin/$NAME
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
d_start() {
$DAEMON -a 127.0.0.1 -p 9000 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1
$DAEMON -a 127.0.0.1 -p 9001 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1 || echo -n " already running"
}
d_stop() {
/usr/bin/killall -9 php-cgi > /dev/null 2>&1 || echo -n " not running"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
d_stop
sleep 1
d_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2
exit 3
;;
esac
exit 0
#chmod 755 /usr/local/php/sbin/spawn-fcgi
[/b]
四、启动WEB服务
4.1.启动spawn-fcgi
#/usr/local/php/sbin/spawn-fcgi start
4.2.启动nginx
4.2.1检查nginx配置:
# /usr/local/nginx/sbin/nginx –t //返回如下信息说明配置正确
the configuration file /usr/local/nginx//conf/nginx.conf syntax is ok
configuration file /usr/local/nginx//conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx //启动nginx
4.3.加入开机启动
#vi /etc/rc.local
在最后加入:
ulimit -SHn 51200
/usr/local/nginx/sbin/nginx
/usr/local/php/sbin/spawn-fcgi start
[/b]
五、测试
#mkdir /data/www/wwwroot/linuxtone
#vi phpinfo.php
<?php
Phpinfo();
?>
打开浏览器输入:http://www.linuxtone.org/phpinfo.php
即可查看当前配置环境. 查看完成后出于安全考虑请再将此函数禁掉.[/b]
一、安装准备
1.1平台环境:
CentOS 5.4 x86_64 GNU/Linux
nginx-0.8.21
php-5.2.9
spawn-fcgi-1.6.3
mysql-5.1.34
1.2系统安装及分区:
1.2.1操作系统安装:
安装过程中选择最少的包,采用文本模式安装,不安装图形。
1.2.3系统分区:
/boot 100M (大约100左右)
SWAP 4G 物理内存的2倍(如果你的物理内存大于4G,分配4G即可)
/ 50G
/data 剩余所有空间.
注:具体分区请根据相关业务划分
1.2.4系统软件包安装规范
系统约定:
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
脚本以及维护程序存放位置 /usr/local/sbin
MySQL 数据库位置 /data/mysql/data(可按情况设置)
网站根目录 /data/www/wwwroot(可按情况设置)
虚拟主机日志根目录 /data/logs(可按情况设置)
Nginx运行账户 www:www
install_software_name.sh //存放编译参数脚本习惯将所有编译脚本存放在install_software_name.sh便于升级和更新软件.
1.3.系统初始化
#vi init_network.sh
#welcome
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Centos System init === |
+--------------------------------------------------------------+
+----------------------Author:NetSeek--------------------------+
EOF
#disable ipv6
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Disable IPV6 === |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off
echo "ipv6 is disabled!"
#disable selinux
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
echo "selinux is disabled,you must reboot!"
#vim
sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
echo 'syntax on' > /root/.vimrc
#zh_cn
sed -i -e 's/^LANG=.*/LANG="en"/' /etc/sysconfig/i18n
#init_ssh
ssh_cf="/etc/ssh/sshd_config"
sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
#client
sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
echo "ssh is init is ok.............."
#chkser
#tunoff services
#--------------------------------------------------------------------------------
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Tunoff services === |
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sendmail | sshd | syslog | local | mysqld )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
1.4 系统环境部署及调整
检查系统是否正常
# tail -n100 /var/log/messages (检查有无系统级错误信息)
# dmesg (检查硬件设备是否有错误信息)
# ifconfig (检查网卡设置是否正确)
# ping www.linuxtone.org (检查网络是否正常)
1.5使用 yum 程序安装所需开发包
1.5.1 更换快源
#cd /etc/yum.repos.d/
#mv CentOS-Base.repo CentOS-Base.repo.linuxtone
#wget http://docs.linuxtone.org/soft/lemp/CentOS-Base.repo
1.5.2 yum安装相关软件包:
#yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libtool* zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-devel gettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
1.6 定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
# crontab -e
加入一行:
15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1
1.7下载相关软件包
#cd /usr/local/src
#vi list_tar.list
http://docs.linuxtone.org/soft/lemp/ImageMagick.tar.gz http://docs.linuxtone.org/soft/lemp/PDO_MYSQL-1.0.2.tgz http://docs.linuxtone.org/soft/lemp/eaccelerator-0.9.5.3.tar.bz2 http://docs.linuxtone.org/soft/lemp/imagick-2.2.2.tgz http://docs.linuxtone.org/soft/lemp/libiconv-1.13.tar.gz http://docs.linuxtone.org/soft/lemp/libmcrypt-2.5.8.tar.gz http://docs.linuxtone.org/soft/lemp/mcrypt-2.6.8.tar.gz http://docs.linuxtone.org/soft/lemp/memcache-2.2.5.tgz http://docs.linuxtone.org/soft/lemp/mhash-0.9.9.9.tar.gz http://docs.linuxtone.org/soft/lemp/mysql-5.1.34.tar.gz http://docs.linuxtone.org/soft/lemp/pcre-7.8.tar.gz http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz http://docs.linuxtone.org/soft/lemp/php-5.2.9.tar.bz2 http://sysoev.ru/nginx/nginx-0.8.21.tar.gz http://docs.linuxtone.org/soft/lemp/ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
#wget -i list_tar.list
1.8.添加nginx 运维账户:
#vi add_webuser.sh
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data/www/wwwroot
chmod +w /data/www/wwwroot
chown www:www /data/www/wwwroot -R
#sh add_webuser.sh
[/b]
二.编译安装
2.1 编译安装pcre
#tar zxvf pcre-7.8.tar.gz
#cd pcre-7.8
#./configure && make && make install
2.2 编译安装nginx
#tar zxvf nginx-0.8.21.tar.gz
#cd nginx-0.8.21
2.2.1 附加:修改nginx源代码,伪装nginx服务器(仅供参考,安全还得认真做起^.^):
(1).修改gcc
#vi auto/cc/gcc
NGX_GCC_OPT="-O"
修改为:
NGX_GCC_OPT="-O3"
(2).修改nginx.h
#vi nginx-0.8.21/src/core/nginx.h
#define NGINX_VERSION "0.7.58"
#define NGINX_VER "nginx/" NGINX_VERSION
修改为:
#define NGINX_VERSION "1.0"
#define NGINX_VER "LTWS/" NGINX_VERSION
(3).修改nginx_http_header_filter_module
#vi nginx-0.8.21/src/http/ngx_http_header_filter_module.c
static char ngx_http_server_string[] = "Server: nginx" CRLF;
修改为:
static char ngx_http_server_string[] = "Server: LTWS" CRLF;
(4).修改ngx_http_special_response.c
#vi nginx-0.8.21/src/http/ngx_http_special_response.c
将如下
static u_char ngx_http_error_full_tail[] =
"<hr><center>" NGINX_VER "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>nginx</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
修改为:
static u_char ngx_http_error_full_tail[] =
"<hr><center> "NGINX_VER" </center>" CRLF
"<hr><center>http://www.linuxtone.com</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>HMGWS</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
2.2.2 nginx 编译安装
./configure \
"--user=www" \
"--group=www" \
"--prefix=/usr/local/nginx/" \
"--with-http_stub_status_module" \
"--with-http_ssl_module" \
"--with-md5=/usr/lib" \
"--with-sha1=/usr/lib"
make
make install
2.3 编译安装配置mysql
./configure \
"--prefix=/usr/local/mysql" \
"--localstatedir=/data/mysql/data" \
"--with-comment=Source" \
"--with-server-suffix=-Linuxtone.Org" \
"--enable-assembler" \
"--with-charset=gbk" \
"--with-collation=gbk_chinese_ci" \
"--with-collation=gbk_chinese_ci" \
"--with-extra-charsets=complex" \
"--enable-thread-safe-client" \
"--with-big-tables" \
"--with-readline" \
"--with-ssl" \
"--with-embedded-server" \
"--enable-local-infile" \
"--with-plugins=innobase"
make
make install
useradd mysql -d /data/mysql -s /sbin/nologin
/usr/local/mysql/bin/mysql_install_db --user=mysql
cd /usr/local/mysql
chown -R root:mysql .
mkdir -p /data/mysql/data
chown -R mysql /data/mysql/data
cp share/mysql/my-huge.cnf /etc/my.cnf.bak
wget http://www.caifw.com/api/my.cnf
sed -i '50 s/^/#/' /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
/etc/rc.d/init.d/mysqld start
cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done
2.4 编译安装php
2.4.1安装php相应的lib
2.4.1.1 libiconv-1.13
#tar zxvf libiconv-1.13.tar.gz
#cd libiconv-1.13
#./configure --prefix=/usr && make && make install
2.4.1.2 libmcrypt-2.5.8
#tar zxvf libmcrypt-2.5.8.tar.gz
#cd libmcrypt-2.5.8/
#./configure --prefix=/usr && make && make install
#echo "/usr/lib" >> /etc/ld.so.conf
#ldconfig
#cd libltdl/
#./configure --enable-ltdl-install
#make && make install
2.4.1.3 mhash-0.9.9.9
#tar zxvf mhash-0.9.9.9.tar.gz
#cd mhash-0.9.9.9
#./configure --prefix=/usr && make && make install
#ldconfig
2.4.1.4 mcrypt-2.6.8
#tar zxvf mcrypt-2.6.8.tar.gz
#cd mcrypt-2.6.8
#./configure --prefix=/usr && make&& make install
2.4.2 安装spawn-fcgi
#tar zvxf spawn-fcgi-1.6.3.tar.gz
#cd spawn-fcgi-1.6.3
#./configure && make && make install
2.4.3 安装php
#tar jvxf php-5.2.9.tar.bz2
#vi install_php.sh
./configure \
"--prefix=/usr/local/php" \
"--enable-fastcgi" \
"--enable-fpm" \
"--enable-discard-path" \
"--enable-force-cgi-redirect" \
"--with-config-file-path=/usr/local/php/etc" \
"--with-mysql=/usr/local/mysql" \
"--with-mysqli=/usr/local/mysql/bin/mysql_config" \
"--with-iconv-dir" \
"--with-freetype-dir" \
"--with-jpeg-dir" \
"--with-png-dir" \
"--with-gd" \
"--with-zlib" \
"--with-libxml-dir" \
"--with-curl" \
"--with-curlwrappers" \
"--with-openssl" \
"--with-mhash" \
"--with-xmlrpc" \
"--with-mcrypt" \
"--with-ldap" \
"--with-ldap-sasl" \
"--enable-xml" \
"--disable-rpath" \
"--enable-discard-path" \
"--enable-safe-mode" \
"--enable-bcmath" \
"--enable-shmop" \
"--enable-sysvsem" \
"--enable-inline-optimization" \
"--enable-mbregex" \
"--enable-mbstring" \
"--enable-gd-native-ttf" \
"--enable-ftp" \
"--enable-pcntl" \
"--enable-sockets" \
"--enable-zip" \
"--disable-debug" \
"--disable-ipv6"
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/php/etc/php.ini
#sh install_php.sh
2.4.4安装PHP扩展模块
2.4.4.1 memcache-2.2.5
#tar zvxf memcache-2.2.5.tgz
#cd memcache-2.2.5
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.2 eaccelerator-0.9.5.3
#tar jvxf eaccelerator-0.9.5.3.tar.bz2
#cd eaccelerator-0.9.5.3
#/usr/local/php/bin/phpize
#./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.3 PDO_MYSQL-1.0.2
#tar zxvf PDO_MYSQL-1.0.2.tgz
#cd PDO_MYSQL-1.0.2
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
#make && make install
2.4.4.4 ImageMagick
#tar zxvf ImageMagick.tar.gz
#cd ImageMagick-6.5.1-2/
#./configure --enable-shared --with-modules --without-x --with-gs-font-dir=default --with-perl=yes --with-xml=yes --with-zlib=yes --with-jpeg=yes
# make && make install
2.4.4.5 imagick-2.2.2
#tar zxvf imagick-2.2.2.tgz
#cd imagick-2.2.2/
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make
#make install
2.4.5脚本配置php.ini
# vi init_php.ini
#!/bin/bash
fcgi_cf="/usr/local/php/etc/php.ini"
ea(){
cat << EOF
[eAccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/data/cache/ea"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
EOF
}
#mkdir
mkdir -p /data/cache/ea
ea >> $fcgi_cf
#config for php.ini
sed -i '205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g' $fcgi_cf
sed -i '210 s#disable_functions =#;disable_functions = phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server#g' $fcgi_cf
sed -i '/expose_php/s/On/Off/' $fcgi_cf
sed -i '/display_errors/s/On/Off/' $fcgi_cf
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' $fcgi_cf
sed -i 's#output_buffering = Off#output_buffering = On#' $fcgi_cf
2.5安装Zend
#tar zvxf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
# cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
# ./install
注:php.ini的位置为/usr/local/php/etc 服务器不选用apache
[/b]
三、配置整合
3.1 配置nginx
注:本文spawn-fcgi开启9000跟9001两个端口,利用nginx的upstream负载均衡php程序到不同的fcgi端口上面,解决502 gateway错误
#cd /usr/local/nginx/conf
#cp nginx.conf nginx.conf.linuxtone
#vi nginx.conf
user www www;
worker_processes 10;
pid /var/run/nginx.pid;
# [ debug | info | notice | warn | error | crit ]
error_log /dev/null;
#error_log /data/logs/nginxerror.log;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}
http
{
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
#charset gb2312;
charset gbk;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /data/www/logs/access.log main;
access_log /dev/null;
#General Options
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
ignore_invalid_headers on;
recursive_error_pages on;
server_name_in_redirect off;
sendfile on;
#timeouts
keepalive_timeout 60;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
#fastcgi options
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
#size limits
client_max_body_size 50m;
client_body_buffer_size 256k;
#gzip compression
gzip on;
gzip_min_length 0;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_comp_level 9;
gzip_types text/plain text/css image/x-icon image/png;
gzip_vary on;
#temp files
proxy_temp_path /dev/shm/proxy_temp;
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;
#client_body_temp_path /usr/local/nginx/client_body_temp 1 2;
#proxy_temp_path /usr/local/nginx/proxy_temp 1 2;
#fastcgi_temp_path /usr/local/nginx/fastcgi_temp 1 2;
#upstream
upstream spawn {
# ip_hash;
server 127.0.0.1:9000 max_fails=0 fail_timeout=30s;
server 127.0.0.1:9001 max_fails=0 fail_timeout=30s;
}
# The following includes are specified for virtual hosts
#www.linuxtone.org
include /usr/local/nginx/conf/vhosts/www.linuxtone.org.conf;
}
#mkdir vhosts
#vi vhosts/www.linuxtone.org.conf
server
{
listen 80;
server_name www.linuxtone.org .linuxtone.org;
index index.html index.htm index.php;
root /data/www/wwwroot/linuxtone;
error_page 404 http://www.linuxtone.org;
#rewrite ^/bbs/(.*) http://bbs.linuxtone.org/$1;
location ~ .*\.php?$
{
fastcgi_pass spawn;
include /usr/local/nginx/conf/spawn_php5.conf;
fastcgi_index index.php;
}
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
access_log off;
expires 1d;
break;
}
}
}
#vi /usr/local/nginx/conf/spawn_php5.conf
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
#fastcgi_param REDIRECT_STATUS 200;
3.2 配置spawn-fcgi启动脚本
#mkdir /usr/local/php/sbin
# vi /usr/local/php/sbin/spawn-fcgi
#! /bin/sh
set -e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="spawn-fcgi daemon"
NAME=spawn-fcgi
DAEMON=/usr/local/bin/$NAME
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
d_start() {
$DAEMON -a 127.0.0.1 -p 9000 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1
$DAEMON -a 127.0.0.1 -p 9001 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1 || echo -n " already running"
}
d_stop() {
/usr/bin/killall -9 php-cgi > /dev/null 2>&1 || echo -n " not running"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
d_stop
sleep 1
d_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2
exit 3
;;
esac
exit 0
#chmod 755 /usr/local/php/sbin/spawn-fcgi
[/b]
四、启动WEB服务
4.1.启动spawn-fcgi
#/usr/local/php/sbin/spawn-fcgi start
4.2.启动nginx
4.2.1检查nginx配置:
# /usr/local/nginx/sbin/nginx –t //返回如下信息说明配置正确
the configuration file /usr/local/nginx//conf/nginx.conf syntax is ok
configuration file /usr/local/nginx//conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx //启动nginx
4.3.加入开机启动
#vi /etc/rc.local
在最后加入:
ulimit -SHn 51200
/usr/local/nginx/sbin/nginx
/usr/local/php/sbin/spawn-fcgi start
[/b]
五、测试
#mkdir /data/www/wwwroot/linuxtone
#vi phpinfo.php
<?php
Phpinfo();
?>
打开浏览器输入:http://www.linuxtone.org/phpinfo.php
即可查看当前配置环境. 查看完成后出于安全考虑请再将此函数禁掉.[/b]
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 基于CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
- 基于CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
- 基于CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
- 基于CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
- 基于CentOS 5.5 搭建nginx +php +php-fpm+mysql高性能php平台
- **Nginx+mysql+php-fpm搭建高性能Nginx平台[阮胜昌]
- 基于CentOS 6.8平台最新源代码包编译安装LNMP环境搭建(Nginx+MySQL+PHP)
- CentOS+Nginx+PHP+MySQL 搭建高性能的web服务器
- CentOS+Nginx+PHP+MySQL 搭建高性能的web服务器
- Centos6.3 编译源码搭建 PHP(fast-cgi)+Nginx+Mysql+Memcached+Redis高性能服务器
- Nginx+mysql+php-fpm搭建高性能Nginx平台
- [shell]CentOS 5.6安装web服务及相关软件(php 5.3, MySQL Server, memcache, spawn-fcgi, nginx, coreseek)
- [shell]CentOS 5.6安装web服务及相关软件(php 5.3, MySQL Server, memcache, spawn-fcgi, nginx, coreseek)
- CentOS+Nginx+PHP+MySQL 搭建高性能的web服务器
- 用APMServ一键快速搭建Apache+PHP+MySQL+Nginx+Memcached+ASP运行平台
- LEMP构建高性能WEB服务器(CentOS+Nginx+PHP+MySQL) (v3)
- Cacti监控服务器配置教程(基于CentOS+Nginx+MySQL+PHP环境搭建)
- centos linux 下LNMP 环境快速yum搭建(nginx+mysql+memcached+iptables+php)
- 高性能LNMP搭建(linux/nginx/mysql/php-fastcgi)
- linux+nginx+mysql+php高性能服务器搭建