LVS+keeplived+nginx+apache搭建高可用、高性能php集群
2013-12-13 16:12
691 查看
基于PHP的运行环境大家用的比较多的是以apache做中间件的LAMP(linux+apache+mysql+php)环境和以nginx做中间件的LNMP(linux+nginx+mysql+php)环境,apache是世界排名第一的web服务器,apache可以整合大多数应用,比如jsp,php,cgi,python等等,但是apache过于臃肿以及对静态文件响应过于缓慢是让人很不满意的;而nginx作为后起之秀,大有超越前辈的势头,从最近很多门户网站选用nginx就可见一斑,nginx速度快,占用资源少,高性能转发,很高的稳定性,支持热部署,杀手级的proxy和rewrite,但nginx对于php处理依托于fastcgi,fastcgi不够稳定,经常出现502错误,生成相对复杂的页面没有优势,反而会使php-cgi进程变为僵尸进程,多用户多站点的安全性不高,对于其它开发语言的整合,apache表现的更好;综上述对比,为了搭建高性能的php运行环境,就要考虑对apache、nginx进行整合,各取所长,nginx在处理静态内容上的效率较apache强很大,那么就用nginx在前端处理静态文件,把基于php的动态文件转发到后端的apache来处理,接下来我们就开始布署LNAMP(linux+nginx+apache+mysql+php)环境
一、网络拓扑:
lvs-master: 192.168.9.221
LVS-backup: 192.168.9.222
LVS-VIP: 192.168.9.220
web_server_1: 192.168.9.223
web_server_2: 192.168.9.224
nfs_server_1: 192.168.9.228
nfs_server_1: 192.168.9.229
nfs_vip: 192.168.9.230
mysql_master: 192.168.9.226
mysql_backup: 192.168.9.227
mysql_vip: 192.168.9.225
目的:搭建高可用、高性能的php集群
二、初始化系统
#init system
系统环境: CentOS 5.5 (最小化安装)
./init_system.sh #此脚本参见http://kerry.blog.51cto.com/172631/555535
#更新组件
sudo -s
LANG=C
yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \
libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \
glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap \
openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel bison
三、LVS+keeplived
#关于LVS+keeplived的配置请参考我的另一篇博文《CentOS5.5环境下布署LVS+keepalived 》http://kerry.blog.51cto.com/172631/401253
四、web_server安装配置(nginx、apache整合)
#download software
cd /opt
wget http://nginx.org/download/nginx-1.0.4.tar.gz
wget http://www.apache.org/dist/httpd/httpd-2.2.19.tar.gz
wget http://www.cmake.org/files/v2.8/cmake-2.8.4.tar.gz
wget http://mysql.he.net/Downloads/MySQL-5.5/mysql-5.5.13.tar.gz
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
#rpaf模块,该模块用于apache做后端时获取访客真实的IP
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
#字符转换库libiconv
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/download
wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download
wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/download
wget http://cn.php.net/distributions/php-5.2.17.tar.bz2
#php5-mail-header.patch为php被丁,有助于防止邮件发送被滥用
wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
#PHP的memcache扩展
wget http://pecl.php.net/get/memcache-2.2.6.tgz
#eaccelerator加速
wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2
wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.bz2
#PHP的imagick扩展
wget http://pecl.php.net/get/imagick-3.0.1.tgz
#Suhosin是一个PHP程序的保护系统
wget http://download.suhosin.org/suhosin-0.9.32.1.tar.gz
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.bz2
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz #32位
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz #64位
wget http://monkey.org/~provos/libevent-2.0.11-stable.tar.gz
wget http://sourceforge.net/projects/pcre/files/pcre/8.12/pcre-8.12.tar.bz2/download
wget http://memcached.googlecode.com/files/memcached-1.4.5.tar.gz
#PHP的PDO扩展
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
#Tcmalloc 优化nginx、mysql
wget http://google-perftools.googlecode.com/files/google-perftools-1.7.tar.gz
#---------------------------- 使用cmake编译安装mysql ----------------------------------
#使用Tcmalloc 优化nginx、mysql
cd /opt
tar -zxvf google-perftools-1.7.tar.gz
cd google-perftools-1.7/
./configure
make;make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig
cd ../
tar -zxvf cmake-2.8.4.tar.gz
cd cmake-2.8.4
./bootstrap
gmake
gmake install
cd ../
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql -s /sbin/nologin
mkdir -p /data/mysql/data
mkdir -p /data/mysql/binlog
mkdir -p /data/mysql/relaylog
mkdir -p /data/mysql/mysql
chown -R mysql:mysql /data/mysql
cd /opt
tar zxvf mysql-5.5.13.tar.gz
cd mysql-5.5.13/
rm -rf CMakeCache.txt
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DEXTRA_CHARSETS=all \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_READLINE=1 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_DATADIR=/data/mysql/data \
-DMYSQL_TCP_PORT=3306
make;make install
chmod +w /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/libmysqlclient.so.18
#编辑mysql配置文件
vi /etc/my.cnf
[client]
port = 3306
socket = /data/mysql/mysql.sock
[mysqld]
character_set_server = utf8
collation-server = utf8_general_ci
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /data/mysql/mysql.sock
basedir = /usr/local/mysql
datadir = /data/mysql/data
log-error = /data/mysql/mysql_error.log
pid-file = /data/mysql/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 512
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 6M
join_buffer_size = 8M
thread_cache_size = 300
thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 256K
transaction_isolation = READ-COMMITTED
tmp_table_size = 256M
max_heap_table_size = 256M
long_query_time = 3
log-slave-updates
log-bin = /data/mysql/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 100M
relay-log-index = /data/mysql/relaylog/relaylog
relay-log-info-file = /data/mysql/relaylog/relaylog
relay-log = /data/mysql/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 384M
read_buffer_size = 4M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip_external_locking
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
skip-innodb
#log-slow-queries = /data/mysql/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
#初始化mysql
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --user=mysql
#利用TCMalloc提高mysql在高并发下的性能
vi /usr/local/mysql/bin/mysqld_safe
#在# executing mysqld_safe的下一行,加上:
export LD_PRELOAD=/usr/local/lib/libtcmalloc.so
#使用lsof命令查看tcmalloc是否起效
/usr/sbin/lsof -n | grep tcmalloc
#设置mysql启动文件
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
vi /etc/rc.d/init.d/mysqld
basedir=/usr/local/mysql
datadir=/data/mysql/data
chmod 700 /etc/rc.d/init.d/mysqld
/etc/rc.d/init.d/mysqld start
/sbin/chkconfig --add mysqld
/sbin/chkconfig --level 2345 mysqld on
ln -s /usr/local/mysql/bin/mysql /sbin/mysql
ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
#设置root密码(753951)
/sbin/mysqladmin -u root password 753951
#配置库文件搜索路径
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
/sbin/ldconfig
#添加/usr/local/mysql/bin到环境变量PATH中
export PATH=$PATH:/usr/local/mysql/bin
#添加mysql管理帐户
#mysql -h localhost -u root -p753951
#msqyl> use mysql;
#msqyl> grant all on *.* to 'kerry'@'192.168.9.100' identified by '852741';
#msqyl> flush privileges;
#msqyl> exit;
#----------------------------------- 编译安装apache -------------------------------------
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www -s /sbin/nologin
mkdir -p /data/www/kerry
mkdir -p /data/logs/kerry
mkdir -p /data/www/king
mkdir -p /data/logs/king
chown -R www:www /data/www
chown -R www:www /data/logs
cd /opt
tar -zxvf httpd-2.2.19.tar.gz
cd httpd-2.2.19
cd srclib/apr
./configure --prefix=/usr/local/apr --enable-threads --enable-other-child --enable-static
make;make install
cd ../apr-util
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make;make install
cd ../../
./configure --prefix=/usr/local/apache \
--enable-deflate \
--enable-headers \
--enable-mime-magic \
--enable-proxy \
--enable-ssl \
--enable-so \
--enable-rewrite \
--enable-suexec \
--with-suexec-bin=/usr/sbin/suexec \
--with-suexec-caller=www \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util \
--with-mpm=prefork \
--with-ssl=/usr
make;make install
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
vi /etc/init.d/httpd
#在首行#!/bin/sh下添加
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
#修改apache配置文件
cd /usr/local/apache/conf/
mv httpd.conf httpd.conf.bak
vi httpd.conf
PidFile logs/httpd.pid
LockFile logs/accept.lock
ServerRoot "/usr/local/apache"
Listen 0.0.0.0:81
User www
Group www
ServerAdmin king_819@163.com
ServerName www.kerry.com
Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off
# LoadModule perl_module modules/mod_perl.so
DocumentRoot "/usr/local/apache/htdocs"
<Directory "/">
Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AllowOverride All
</Directory>
<Directory "/usr/local/apache/htdocs">
Options Includes -Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain
RewriteEngine on
AddType text/html .shtml
AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/perl .pl .plx .ppl .perl
AddType application/x-img .img
AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
AddType application/x-httpd-php-source .phps
AddType application/cgi .cgi
AddType text/x-sql .sql
AddType text/x-log .log
AddType text/x-config .cnf conf
AddType text/x-registry .reg
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddType application/x-tar .tgz
AddType application/rar .rar
AddType application/x-compressed .rar
AddType application/x-rar .rar
AddType application/x-rar-compressed .rar
AddType text/vnd.wap.wml .wml
AddType image/vnd.wap.wbmp .wbmp
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlc .wmlc
AddType application/vnd.wap.wmlscriptc .wmlsc
</IfModule>
<IfModule dir_module>
DirectoryIndex index.html index.htm index.shtml index.php
</IfModule>
<Files ~ "^error_log$">
Order allow,deny
Deny from all
Satisfy All
</Files>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</IfModule>
<Directory "/usr/local/apache/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<IfModule mpm_prefork_module>
StartServers 3
MinSpareServers 3
MaxSpareServers 5
MaxClients 150
MaxRequestsPerChild 1024
</IfModule>
<IfModule mod_headers.c>
<FilesMatch "\.(html|htm|shtml)$">
Header set Cache-Control "max-age=3600, must-revalidate"
</FilesMatch>
</IfModule>
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
Include conf/extra/httpd-languages.conf
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
ExtendedStatus On
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<IfModule ssl_module>
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
#Vhosts
NameVirtualHost 127.0.0.1:81
<VirtualHost 127.0.0.1:81>
ServerAdmin king_819@163.com
DocumentRoot /data/www/kerry
ServerName www.kerry.com
ErrorLog logs/kerry-error_log
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/kerry/%y_%m_%d.access_log 86400" common
</VirtualHost>
<VirtualHost 127.0.0.1:81>
ServerAdmin king_819@163.com
DocumentRoot /data/www/king
ServerName www.king.com
ErrorLog logs/king-error_log
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/king/%y_%m_%d.access_log 86400" common
</VirtualHost>
chmod 700 /etc/init.d/httpd
/etc/init.d/httpd start
/sbin/chkconfig --add httpd
/sbin/chkconfig --level 2345 httpd on
#------------------------------------- 编译安装PHP -------------------------------------
#编译安装相关支持库
cd /opt
tar -zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure
make;make install
cd /opt
tar -jxvf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8/
./configure
make;make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make;make install
cd /opt
tar -jxvf mhash-0.9.9.9.tar.bz2
cd mhash-0.9.9.9/
./configure
make;make install
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
cd /opt
tar -zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make;make install
#编译php,这里我们为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请点击:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/
cd /opt
tar -jxvf php-5.2.17.tar.gz
patch -d php-5.2.17 -p1 < php5-mail-header.patch
cd php-5.2.17
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-apxs2=/usr/local/apache/bin/apxs \
--with-mysql=/usr/local/mysql \
--with-mysqli=/usr/local/mysql/bin/mysql_config \
--with-iconv-dir=/usr/local \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--disable-rpath \
--enable-discard-path \
--enable-safe-mode \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--with-curlwrappers \
--enable-mbregex \
--enable-force-cgi-redirect \
--enable-mbstring \
--with-mcrypt \
--with-gd \
--enable-gd-native-ttf \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-ldap \
--with-ldap-sasl \
--with-xmlrpc \
-enable-zip \
--enable-soap
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/php/etc/php.ini
#安装php扩展模块
cd /opt
tar -zxvf memcache-2.2.6.tgz
cd memcache-2.2.6/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-zlib-dir --enable-memcache
make;make install
cd /opt
tar -jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make;make install
cd /opt
tar -jxvf ImageMagick.tar.bz2
cd ImageMagick-6.6.9-8
./configure
make;make install
cd /opt
tar -zxf imagick-3.0.1.tgz
cd imagick-3.0.1/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -zxf suhosin-0.9.32.1.tgz
cd suhosin-0.9.32.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -jxf ioncube_loaders_lin_x86.tar.bz2
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_5.2.so /usr/local/ioncube/
cd /opt
tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so
#修改php.ini.
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "suhosin.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/php/etc/php.ini
sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/php/etc/php.ini
#配置eAccelerator加速PHP
mkdir -p /data/eaccelerator_cache
chmod -R 777 /data/eaccelerator_cache
cat >>/usr/local/php/etc/php.ini<<EOF
[eaccelerator]
zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so"
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/data/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
eaccelerator.keys = shm
eaccelerator.sessions = shm
eaccelerator.content = shm
EOF
#安装Memcached(可选)
cd /opt
tar -xzf libevent-2.0.11-stable.tar.gz
cd libevent-2.0.11-stable
./configure
make;make install
ln -s /usr/local/lib/libevent-1.4.so.2 /usr/lib
cd /opt
tar -xzf memcached-1.4.5.tar.gz
cd memcached-1.4.5
./configure --prefix=/usr/local/memcached --with-libevent=/usr
make;make install
#基本使用方法:
启动:
/usr/local/memcached/bin/memcached -d -m 64 -p 11211 -u www -l localhost
关闭:
killall -9 memcached
#---------------------------------- 安装配置nginx ----------------------------------------
#安装pcre
/opt
tar -jxvf pcre-8.12.tar.gz
cd pcre-8.12/
./configure
make;make install
#安装nginx
cd /opt
tar -zxvf nginx-1.0.4.tar.gz
cd nginx-1.0.4/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --with-google_perftools_module
make;make install
cd ../
#添加nginx启动脚本
vi /etc/init.d/nginx
#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0
#添加nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
vi /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 8;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/nginx.pid;
#使用Tcmalloc优化nginx性能
google_perftools_profiles /var/tmp/tcmalloc;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
#工作模式及连接数上限
events
{
use epoll;
worker_connections 65535;
}
#设定http服务器,利用它的反向代理功能提供负载均衡支持
http
{
#设定mime类型
include mime.types;
default_type application/octet-stream;
#charset gb2312;
#设定请求缓冲
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 30m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_send_timeout 60;
proxy_read_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
# fastcgi_connect_timeout 300;
# fastcgi_send_timeout 300;
# fastcgi_read_timeout 300;
# fastcgi_buffer_size 64k;
# fastcgi_buffers 4 64k;
# fastcgi_busy_buffers_size 128k;
# fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
###禁止通过ip访问站点
server{
server_name _;
return 404;
}
server
{
listen 80;
server_name www.kerry.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/kerry;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#定义访问日志的写入格式
log_format wwwlog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data/logs/kerry/kerry_nginx.log wwwlog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name www.king.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/king;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#定义访问日志的写入格式
log_format bbslog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data/logs/king/king_nginx.log bbslog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name status.www.kerry.com;
location / {
stub_status on;
access_log off;
}
}
}
#将nginx添加到启动服务中
chmod 700 /etc/init.d/nginx
/etc/init.d/nginx start
/sbin/chkconfig --add nginx
/sbin/chkconfig --level 2345 nginx on
#每天定时切割Nginx日志
vi /usr/local/nginx/sbin/cut_nginx_log.sh
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path_kerry="/data/logs/kerry/"
logs_path_kerry="/data/logs/king/"
mv ${logs_path_kerry}kerry_nginx.log ${logs_path_kerry}$kerry_nginx_$(date -d "yesterday" +"%Y%m%d").log
mv ${logs_path_king}king_nginx.log ${logs_path_king}king_nginx_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/nginx.pid`
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh
#添加计划任务,每天凌晨00:00切割nginx访问日志
crontab -e
00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh
#为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP
#使用apxs安装模块.这里要使用此前apache编译安装后的apxs
cd /opt
tar -zxf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
#编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:
LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
#上面出现的192.168.9.9请修改为你本机所监听web服务的ip.多个IP用空格空开
RPAFproxy_ips 127.0.0.1 192.168.9.9
RPAFsethostname On
RPAFheader X-Forwarded-For http://kerry.blog.51cto.com/172631/600590
一、网络拓扑:
lvs-master: 192.168.9.221
LVS-backup: 192.168.9.222
LVS-VIP: 192.168.9.220
web_server_1: 192.168.9.223
web_server_2: 192.168.9.224
nfs_server_1: 192.168.9.228
nfs_server_1: 192.168.9.229
nfs_vip: 192.168.9.230
mysql_master: 192.168.9.226
mysql_backup: 192.168.9.227
mysql_vip: 192.168.9.225
目的:搭建高可用、高性能的php集群
二、初始化系统
#init system
系统环境: CentOS 5.5 (最小化安装)
./init_system.sh #此脚本参见http://kerry.blog.51cto.com/172631/555535
#更新组件
sudo -s
LANG=C
yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \
libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \
glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap \
openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel bison
三、LVS+keeplived
#关于LVS+keeplived的配置请参考我的另一篇博文《CentOS5.5环境下布署LVS+keepalived 》http://kerry.blog.51cto.com/172631/401253
四、web_server安装配置(nginx、apache整合)
#download software
cd /opt
wget http://nginx.org/download/nginx-1.0.4.tar.gz
wget http://www.apache.org/dist/httpd/httpd-2.2.19.tar.gz
wget http://www.cmake.org/files/v2.8/cmake-2.8.4.tar.gz
wget http://mysql.he.net/Downloads/MySQL-5.5/mysql-5.5.13.tar.gz
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
#rpaf模块,该模块用于apache做后端时获取访客真实的IP
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
#字符转换库libiconv
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/download
wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download
wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/download
wget http://cn.php.net/distributions/php-5.2.17.tar.bz2
#php5-mail-header.patch为php被丁,有助于防止邮件发送被滥用
wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
#PHP的memcache扩展
wget http://pecl.php.net/get/memcache-2.2.6.tgz
#eaccelerator加速
wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2
wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.bz2
#PHP的imagick扩展
wget http://pecl.php.net/get/imagick-3.0.1.tgz
#Suhosin是一个PHP程序的保护系统
wget http://download.suhosin.org/suhosin-0.9.32.1.tar.gz
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.bz2
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz #32位
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-x86_64.tar.gz #64位
wget http://monkey.org/~provos/libevent-2.0.11-stable.tar.gz
wget http://sourceforge.net/projects/pcre/files/pcre/8.12/pcre-8.12.tar.bz2/download
wget http://memcached.googlecode.com/files/memcached-1.4.5.tar.gz
#PHP的PDO扩展
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
#Tcmalloc 优化nginx、mysql
wget http://google-perftools.googlecode.com/files/google-perftools-1.7.tar.gz
#---------------------------- 使用cmake编译安装mysql ----------------------------------
#使用Tcmalloc 优化nginx、mysql
cd /opt
tar -zxvf google-perftools-1.7.tar.gz
cd google-perftools-1.7/
./configure
make;make install
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig
cd ../
tar -zxvf cmake-2.8.4.tar.gz
cd cmake-2.8.4
./bootstrap
gmake
gmake install
cd ../
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql -s /sbin/nologin
mkdir -p /data/mysql/data
mkdir -p /data/mysql/binlog
mkdir -p /data/mysql/relaylog
mkdir -p /data/mysql/mysql
chown -R mysql:mysql /data/mysql
cd /opt
tar zxvf mysql-5.5.13.tar.gz
cd mysql-5.5.13/
rm -rf CMakeCache.txt
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DEXTRA_CHARSETS=all \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_READLINE=1 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_DATADIR=/data/mysql/data \
-DMYSQL_TCP_PORT=3306
make;make install
chmod +w /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/libmysqlclient.so.18
#编辑mysql配置文件
vi /etc/my.cnf
[client]
port = 3306
socket = /data/mysql/mysql.sock
[mysqld]
character_set_server = utf8
collation-server = utf8_general_ci
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /data/mysql/mysql.sock
basedir = /usr/local/mysql
datadir = /data/mysql/data
log-error = /data/mysql/mysql_error.log
pid-file = /data/mysql/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 512
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 6M
join_buffer_size = 8M
thread_cache_size = 300
thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 256K
transaction_isolation = READ-COMMITTED
tmp_table_size = 256M
max_heap_table_size = 256M
long_query_time = 3
log-slave-updates
log-bin = /data/mysql/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 100M
relay-log-index = /data/mysql/relaylog/relaylog
relay-log-info-file = /data/mysql/relaylog/relaylog
relay-log = /data/mysql/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 384M
read_buffer_size = 4M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip_external_locking
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
skip-innodb
#log-slow-queries = /data/mysql/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
#初始化mysql
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --user=mysql
#利用TCMalloc提高mysql在高并发下的性能
vi /usr/local/mysql/bin/mysqld_safe
#在# executing mysqld_safe的下一行,加上:
export LD_PRELOAD=/usr/local/lib/libtcmalloc.so
#使用lsof命令查看tcmalloc是否起效
/usr/sbin/lsof -n | grep tcmalloc
#设置mysql启动文件
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
vi /etc/rc.d/init.d/mysqld
basedir=/usr/local/mysql
datadir=/data/mysql/data
chmod 700 /etc/rc.d/init.d/mysqld
/etc/rc.d/init.d/mysqld start
/sbin/chkconfig --add mysqld
/sbin/chkconfig --level 2345 mysqld on
ln -s /usr/local/mysql/bin/mysql /sbin/mysql
ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin
#设置root密码(753951)
/sbin/mysqladmin -u root password 753951
#配置库文件搜索路径
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf
/sbin/ldconfig
#添加/usr/local/mysql/bin到环境变量PATH中
export PATH=$PATH:/usr/local/mysql/bin
#添加mysql管理帐户
#mysql -h localhost -u root -p753951
#msqyl> use mysql;
#msqyl> grant all on *.* to 'kerry'@'192.168.9.100' identified by '852741';
#msqyl> flush privileges;
#msqyl> exit;
#----------------------------------- 编译安装apache -------------------------------------
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www -s /sbin/nologin
mkdir -p /data/www/kerry
mkdir -p /data/logs/kerry
mkdir -p /data/www/king
mkdir -p /data/logs/king
chown -R www:www /data/www
chown -R www:www /data/logs
cd /opt
tar -zxvf httpd-2.2.19.tar.gz
cd httpd-2.2.19
cd srclib/apr
./configure --prefix=/usr/local/apr --enable-threads --enable-other-child --enable-static
make;make install
cd ../apr-util
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make;make install
cd ../../
./configure --prefix=/usr/local/apache \
--enable-deflate \
--enable-headers \
--enable-mime-magic \
--enable-proxy \
--enable-ssl \
--enable-so \
--enable-rewrite \
--enable-suexec \
--with-suexec-bin=/usr/sbin/suexec \
--with-suexec-caller=www \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util \
--with-mpm=prefork \
--with-ssl=/usr
make;make install
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
vi /etc/init.d/httpd
#在首行#!/bin/sh下添加
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
#修改apache配置文件
cd /usr/local/apache/conf/
mv httpd.conf httpd.conf.bak
vi httpd.conf
PidFile logs/httpd.pid
LockFile logs/accept.lock
ServerRoot "/usr/local/apache"
Listen 0.0.0.0:81
User www
Group www
ServerAdmin king_819@163.com
ServerName www.kerry.com
Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off
# LoadModule perl_module modules/mod_perl.so
DocumentRoot "/usr/local/apache/htdocs"
<Directory "/">
Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AllowOverride All
</Directory>
<Directory "/usr/local/apache/htdocs">
Options Includes -Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain
RewriteEngine on
AddType text/html .shtml
AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/perl .pl .plx .ppl .perl
AddType application/x-img .img
AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
AddType application/x-httpd-php-source .phps
AddType application/cgi .cgi
AddType text/x-sql .sql
AddType text/x-log .log
AddType text/x-config .cnf conf
AddType text/x-registry .reg
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddType application/x-tar .tgz
AddType application/rar .rar
AddType application/x-compressed .rar
AddType application/x-rar .rar
AddType application/x-rar-compressed .rar
AddType text/vnd.wap.wml .wml
AddType image/vnd.wap.wbmp .wbmp
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlc .wmlc
AddType application/vnd.wap.wmlscriptc .wmlsc
</IfModule>
<IfModule dir_module>
DirectoryIndex index.html index.htm index.shtml index.php
</IfModule>
<Files ~ "^error_log$">
Order allow,deny
Deny from all
Satisfy All
</Files>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</IfModule>
<Directory "/usr/local/apache/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<IfModule mpm_prefork_module>
StartServers 3
MinSpareServers 3
MaxSpareServers 5
MaxClients 150
MaxRequestsPerChild 1024
</IfModule>
<IfModule mod_headers.c>
<FilesMatch "\.(html|htm|shtml)$">
Header set Cache-Control "max-age=3600, must-revalidate"
</FilesMatch>
</IfModule>
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
Include conf/extra/httpd-languages.conf
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
ExtendedStatus On
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<IfModule ssl_module>
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
#Vhosts
NameVirtualHost 127.0.0.1:81
<VirtualHost 127.0.0.1:81>
ServerAdmin king_819@163.com
DocumentRoot /data/www/kerry
ServerName www.kerry.com
ErrorLog logs/kerry-error_log
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/kerry/%y_%m_%d.access_log 86400" common
</VirtualHost>
<VirtualHost 127.0.0.1:81>
ServerAdmin king_819@163.com
DocumentRoot /data/www/king
ServerName www.king.com
ErrorLog logs/king-error_log
CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/king/%y_%m_%d.access_log 86400" common
</VirtualHost>
chmod 700 /etc/init.d/httpd
/etc/init.d/httpd start
/sbin/chkconfig --add httpd
/sbin/chkconfig --level 2345 httpd on
#------------------------------------- 编译安装PHP -------------------------------------
#编译安装相关支持库
cd /opt
tar -zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure
make;make install
cd /opt
tar -jxvf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8/
./configure
make;make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make;make install
cd /opt
tar -jxvf mhash-0.9.9.9.tar.bz2
cd mhash-0.9.9.9/
./configure
make;make install
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
cd /opt
tar -zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make;make install
#编译php,这里我们为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请点击:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/
cd /opt
tar -jxvf php-5.2.17.tar.gz
patch -d php-5.2.17 -p1 < php5-mail-header.patch
cd php-5.2.17
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-apxs2=/usr/local/apache/bin/apxs \
--with-mysql=/usr/local/mysql \
--with-mysqli=/usr/local/mysql/bin/mysql_config \
--with-iconv-dir=/usr/local \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--disable-rpath \
--enable-discard-path \
--enable-safe-mode \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--with-curlwrappers \
--enable-mbregex \
--enable-force-cgi-redirect \
--enable-mbstring \
--with-mcrypt \
--with-gd \
--enable-gd-native-ttf \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-ldap \
--with-ldap-sasl \
--with-xmlrpc \
-enable-zip \
--enable-soap
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/php/etc/php.ini
#安装php扩展模块
cd /opt
tar -zxvf memcache-2.2.6.tgz
cd memcache-2.2.6/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-zlib-dir --enable-memcache
make;make install
cd /opt
tar -jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make;make install
cd /opt
tar -jxvf ImageMagick.tar.bz2
cd ImageMagick-6.6.9-8
./configure
make;make install
cd /opt
tar -zxf imagick-3.0.1.tgz
cd imagick-3.0.1/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -zxf suhosin-0.9.32.1.tgz
cd suhosin-0.9.32.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make;make install
cd /opt
tar -jxf ioncube_loaders_lin_x86.tar.bz2
cd ioncube
mkdir /usr/local/ioncube
mv ioncube_loader_lin_5.2.so /usr/local/ioncube/
cd /opt
tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so
#修改php.ini.
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "suhosin.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/php/etc/php.ini
sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/php/etc/php.ini
#配置eAccelerator加速PHP
mkdir -p /data/eaccelerator_cache
chmod -R 777 /data/eaccelerator_cache
cat >>/usr/local/php/etc/php.ini<<EOF
[eaccelerator]
zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so"
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/data/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
eaccelerator.keys = shm
eaccelerator.sessions = shm
eaccelerator.content = shm
EOF
#安装Memcached(可选)
cd /opt
tar -xzf libevent-2.0.11-stable.tar.gz
cd libevent-2.0.11-stable
./configure
make;make install
ln -s /usr/local/lib/libevent-1.4.so.2 /usr/lib
cd /opt
tar -xzf memcached-1.4.5.tar.gz
cd memcached-1.4.5
./configure --prefix=/usr/local/memcached --with-libevent=/usr
make;make install
#基本使用方法:
启动:
/usr/local/memcached/bin/memcached -d -m 64 -p 11211 -u www -l localhost
关闭:
killall -9 memcached
#---------------------------------- 安装配置nginx ----------------------------------------
#安装pcre
/opt
tar -jxvf pcre-8.12.tar.gz
cd pcre-8.12/
./configure
make;make install
#安装nginx
cd /opt
tar -zxvf nginx-1.0.4.tar.gz
cd nginx-1.0.4/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --with-google_perftools_module
make;make install
cd ../
#添加nginx启动脚本
vi /etc/init.d/nginx
#! /bin/sh
ulimit -n 65535
# Description: Startup script for nginx
# chkconfig: 2345 55 25
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="nginx daemon"
NAME=nginx
DAEMON=/usr/local/nginx/sbin/$NAME
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/usr/local/nginx/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
}
do_reload() {
kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
/etc/init.d/httpd start
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
/etc/init.d/httpd stop
;;
reload)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
/etc/init.d/httpd restart
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
sleep 1
do_start
echo "."
/etc/init.d/httpd restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0
#添加nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
vi /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 8;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/nginx.pid;
#使用Tcmalloc优化nginx性能
google_perftools_profiles /var/tmp/tcmalloc;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
#工作模式及连接数上限
events
{
use epoll;
worker_connections 65535;
}
#设定http服务器,利用它的反向代理功能提供负载均衡支持
http
{
#设定mime类型
include mime.types;
default_type application/octet-stream;
#charset gb2312;
#设定请求缓冲
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 30m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_send_timeout 60;
proxy_read_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
# fastcgi_connect_timeout 300;
# fastcgi_send_timeout 300;
# fastcgi_read_timeout 300;
# fastcgi_buffer_size 64k;
# fastcgi_buffers 4 64k;
# fastcgi_busy_buffers_size 128k;
# fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
###禁止通过ip访问站点
server{
server_name _;
return 404;
}
server
{
listen 80;
server_name www.kerry.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/kerry;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#定义访问日志的写入格式
log_format wwwlog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data/logs/kerry/kerry_nginx.log wwwlog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name www.king.com;
index index.html index.htm index.php;#设定访问的默认首页地址
root /data/www/king;#设定网站的资源存放路径
#limit_conn crawler 20;
if (-d $request_filename)
{
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
#所有php的页面均交由apache处理
location ~ \.(php)?$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:81;#转向apache处理
}
location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
#定义访问日志的写入格式
log_format bbslog '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data/logs/king/king_nginx.log bbslog;#设定访问日志的存放路径
}
server
{
listen 80;
server_name status.www.kerry.com;
location / {
stub_status on;
access_log off;
}
}
}
#将nginx添加到启动服务中
chmod 700 /etc/init.d/nginx
/etc/init.d/nginx start
/sbin/chkconfig --add nginx
/sbin/chkconfig --level 2345 nginx on
#每天定时切割Nginx日志
vi /usr/local/nginx/sbin/cut_nginx_log.sh
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path_kerry="/data/logs/kerry/"
logs_path_kerry="/data/logs/king/"
mv ${logs_path_kerry}kerry_nginx.log ${logs_path_kerry}$kerry_nginx_$(date -d "yesterday" +"%Y%m%d").log
mv ${logs_path_king}king_nginx.log ${logs_path_king}king_nginx_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/nginx.pid`
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh
#添加计划任务,每天凌晨00:00切割nginx访问日志
crontab -e
00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh
#为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP
#使用apxs安装模块.这里要使用此前apache编译安装后的apxs
cd /opt
tar -zxf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
#编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:
LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings
RPAFenable On
#上面出现的192.168.9.9请修改为你本机所监听web服务的ip.多个IP用空格空开
RPAFproxy_ips 127.0.0.1 192.168.9.9
RPAFsethostname On
RPAFheader X-Forwarded-For http://kerry.blog.51cto.com/172631/600590
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群 推荐
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+apache搭建高可用、高性能php集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群 推荐
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- LVS+keeplived+nginx+tomcat高可用、高性能jsp集群
- 搭建一套LVS-DR模型的高性能集群(LVS-DR+Nginx+Mariadb+Nfs+php-fpm+wordpress) 推荐