- 安装
1.1安装mysql
1.1.1下载
#cd /usr/local/src
//软件包都放在这里方便管理
#wget http://mirrors.sohu.com/mysql/MySQL-5.6/mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz
1.1.2解压
#tar zxf 源码包
#tar zxvf mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz
mv mysql-5.6.39-linux-glibc2.12-x86_64 /usr/local/mysql
1.1.3安装和配置
#useradd -s /sbin/nologin mysql
//建立MySQL用户,因为启动MySQL需要该用户
#mkdir -p /data/mysql
//创建datadir,数据库文件会放到这里面
#chown -R mysql:mysql /data/mysql
// 更改权限,不更改后续操作就会出问题
#yum install -y perl-Module-Install
#cd /usr/local/mysql
#./scripts/mysql_install_db --user=mysql --datadir=/data/mysql
//–user表示定义数据库的以哪个用户的身份运
//–datadir表示定义数据库的安装目录
#cp support-files/my-default.cnf /etc/my.cnf
#vim /etc/my.cnf
修改
basedir = /usr/local/mysql datadir = /data/mysql port = 3306 server_id = 131 socket = /tmp/mysql.sock
#cp support-files/mysql.server /etc/init.d/mysqld
//复制启动脚本文件
#chmod 777 /etc/init.d/mysqld
//修改启动脚本文件的属性
#vi /etc/init.d/mysqld
basedir=/usr/local/mysql
datadir=/data/mysql
//修改启动脚本
#chkconfig --add mysqld
//把mysql服务加到系统服务列表中
#chkconfig mysqld on
service mysqld start
//开机就启动
1.2 安装PHP
1.2.1下载
#cd /usr/local/src
//软件包都放在这里方便管理
#wget http://cn2.php.net/distributions/php-5.6.30.tar.gz
1.2.2解压
#tar zxf php-5.6.30.tar.gz
1.2.3安装与配置
#yum install -y install gcc libxml2 libxml2-devel openssl openssl-devel libcurl curl-devel libjpeg-devel libpng libpng-devel freetype-devel epel-release
#yum install -y php-mcrypt libmcrypt libmcrypt-devel
#useradd -s /sbin/nologin php-fpm
#cd php-5.6.30
#./configure --prefix=/usr/local/php-fpm --with-config-file-path=/usr/local/php-fpm/etc --enable-fpm --with-fpm-user=php-fpm --with-fpm-group=php-fpm --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-pdo-mysql=/usr/local/mysql --with-mysql-sock=/tmp/mysql.sock --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-ftp --enable-mbstring --enable-exif --with-pear --with-curl --with-openssl
#make && make install (安装时间会很久)
#cp /usr/local/src/php-5.6.30/php.ini-production /usr/local/php-fpm/etc/php.ini
#vim /usr/local/php-fpm/etc/php-fpm.conf
把以下内容写进文件(不用复制,直接写入):
[global] pid = /usr/local/php-fpm/var/run/php-fpm.pid error_log = /usr/local/php-fpm/var/log/php-fpm.log [www] user = php-fpm group = php-fpm listen = /tmp/php-fcgi.sock listen.mode = 666 pm = dynamic pm.max_children = 50 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 rlimit_files = 1024
#/usr/local/php-fpm/sbin/php-fpm -t
tset is successful //代表成功
#cd /usr/local/src/php-5.6.30
#cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
#chmod 755 /etc/init.d/php-fpm
#chkconfig --add php-fpm
#chkconfig php-fpm on
#cd /usr/local/php-fpm/
#sbin/php-fpm -t
#service php-fpm start
#ps -ef |grep php
#ll /tmp/php-fcgi.sock
1.2.4测试安装
#ps aux |grep php-fpm
//会显示大概20多个进程
1.3安装Nginx
1.3.1下载
#cd /usr/local/src/
1.3.2解压
#wget http://nginx.org/download/nginx-1.16.1.tar.gz
#tar zxf nginx-1.16.1.tar.gz
1.3.3配置安装
#cd nginx-1.16.1/
#./configure --prefix=/usr/local/nginx
#make && make install
#vi /etc/init.d/nginx
#!/bin/bash
#chkconfig: - 30 21
#description: http service.
#Source Function Library
. /etc/init.d/functions
#Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog=“Nginx”
start()
{
echo -n $ “Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL= $?
echo
return $ RETVAL
}
stop()
{
echo -n $“Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL= $?
echo
return $RETVAL
}
reload()
{
echo -n $“Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL= $?
echo
return $ RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case “$1” in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $“Usage: $0 {start|stop|reload|restart|configtest}”
RETVAL=1
esac
exit $RETVAL
#chmod 755 /etc//init.d/nginx
#chkconfig --add nginx
#chkconfig nginx on
#> /usr/local/nginx/conf/nginx.conf
#vim /usr/local/nginx/conf/nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip ’ $ remote_addr $http_x_forwarded_for [ $time_local]’
’ $host " $ request_uri” $ status’
’ " $ http_referer” " $http_user_agent”’;
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ .php $
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html $fastcgi_script_name;
}
}
}
#/usr/local/nginx/sbin/nginx -t
#vim /usr/local/nginx/conf/nginx.conf
#/usr/local/nginx/sbin/nginx -t
#service nginx start
#ps aux |grep nginx
1.3.4测试是否正确解析
#vi /usr/local/nginx/html/2.php
#curl localhost/2.php
test php scripts //证明解析成功
- Nginx配置
2.1 默认虚拟主机
2.1.1配置
首先修改配置文件
#vi /usr/local/nginx/conf/nginx.conf
在最后一个结束符号}前加一行配置:
include vhost/*.conf;
意思就是/usr/local/nginx/conf/host下面的所有以.conf结尾的文件都会被加载
#mkdir /usr/local/nginx/conf/vhost
#cd /usr/local/nginx/conf/vhost
#vim default.conf
server { listen 80 default_server; server_name aaa.com; index index.html index.htm index.php; root /data/nginx/default; }
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx -s reload
mkdir -p /data/nginx/default
#echo “default_server” > /data/nginx/default/index.html
//创建索引页
2.1.2检验测试
#curl -x127.0.0.1:80 aaa.com
//访问aaa.com
default_server
#curl -x127.0.0.1:80 1212.com
//访问一个没有定义过的域名,也会访问aaa.com
default_server
2.1.3测试成功
2.2 用户认证
2.2.1配置
再来创建一个新的虚拟主机
#cd /usr/local/nginx/conf/vhost
#vi test.com.conf
server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/nginx/test.com; location / { auth_basic "Auth"; //打开认证 auth_basic_user_file /usr/local/nginx/conf/htpasswd; //指定用户密码文件 } }
#yum install -y httpd
//安装httpd,也可以使用之前编译安装的Apache2.4
下面创建和更新用于基本认证的用户认证密码文件
#htpasswd -c /usr/local/nginx/conf/htpasswd dongying
new password:
re-type new password:
Adding password for user dongying
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
#mkdir /data/nginx/test.com
#echo “test.com” > /data/nginx/test.com/index.html
2.2.2 测试检测
#curl -I -x127.0.0.1:80 test.com
状态码401
#curl -udongying:000000 -x127.0.0.1:80 test.com
2.2.3测试成功
[root@localhost vhost]# systemctl stop firewalld
[root@localhost vhost]# setenforce 0
编辑C:\Windows\System32\drivers\etc\hosts文件,添加映射
IP test.com
打开浏览器访问test.com
2.3 域名重定向
2.3.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test1.com test2.com; //是server_name后面可以跟多个域名 index index.html index.htm index.php; root /data/nginx/test.com; if ( $ host != 'test.com' ){ rewrite ^(.*)$ http://test.com/$1 permanent; //permanent为永久重定向,相当于httpd的R=301 } }
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx -s reload
2.3.2检验测试
#curl -x127.0.0.1:80 test1.com/123.txt -I
状态码301
2.3.3测试成功
2.4 Nginx的访问日志
2.4.1配置
先来看看Nginx的日志格式
#grep -A2 log_format /usr/local/nginx/conf/nginx.conf
log_format combined_realip ’ $ remote_addr $ http_x_forwarded_for [ $ time_local]’
’ $ host " $ request_uri" $ status’
’ " $ http_referer" " $ http_user_agent"’;
//combined_realip为日志格式名字,$ remote_addr为网站的用户的出口IP;
// $ http_x_forwarded_for 为代理服务器的IP,如果使用了代理,则会记录IP
// $ time_local为当前时间; $ host为主机名; $ request_uri为访问的URL地址
// $ status为状态码, $ http_referer为referer地址, $ http_user_agent为user_agent
修改配置文件
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/nginx/test.com; if ($host != 'test.com' ){ rewrite ^(.*)$ http://test.com/$1 permanent; } access_log /tmp/1.log combined_realip; }
//使用access_log来指定日志的存储路径,最后面为日志的格式名字
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx -s reload
2.4.2 检验测试
#curl -x127.0.0.1:80 test.com/111
状态码404
#cat /tmp/1.log
127.0.0.1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.4.3检验成功
2.5 配置静态文件不记录日志并添加过期时间
2.5.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/nginx/test.com; if ($host != 'test.com' ){ rewrite ^(.*)$ http://test.com/$1 permanent; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 7d; access_log off; } location ~ .*\.(js|css)$ { expires 12h; } access_log /tmp/1.log combined_realip; }
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#echo “11111” > /data/nginx/test.com/1.js
//创建js文件
#echo “22222” > /data/nginx/test.com/2.jpg
//创建jpg文件
#touch /data/nginx/test.com/1.jss
//创建一个对比的文件
2.5.2检验测试
#curl -I -x127.0.0.1:80 test.com/1.js
状态码200
#curl -I -x127.0.0.1:80 test.com/2.jpg
状态码200
#curl -I -x127.0.0.1:80 test.com/1.jss
状态码200
#cat /tmp/1.log
查看日志
2.5.3测试成功
2.6 Nginx防盗链
2.6.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/nginx/test.com; if ($host != 'test.com' ){ rewrite ^(.*)$ http://test.com/$1 permanent; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 7d; valid_referers none blocked server_names *.test.com ; if ($invalid_referer) { return 403; //如果来源网址的不是test.com的域名,则返回403 } access_log /tmp/1.log combined_realip; } }
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx -s reload
#service nginx stop
#service nginx start
2.6.2检验测试
#curl -x127.0.0.1:80 -e “http://test.com/1.txt” test.com/2.jpg -I
状态码200
#curl -x127.0.0.1:80 -e “http://aaa.com/1.txt” test.com/2.jpg -I
状态码403
2.6.3测试成功
2.7 访问控制
2.7.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/nginx/test.com; location /admin/ { allow 192.168.63.139; allow 127.0.0.1; deny all; } }
//使访问admin目录下只允许192.168.63.139和127.0.0.1访问
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
#mkdir /data/nginx/test.com/admin
#echo “123” > /data/nginx/test.com/admin/1.html
2.7.2检验测试
#curl -x127.0.0.1:80 test.com/admin/1.html
123
在vmware中给虚拟机添加一块网卡,设置为仅主机模式,查看IP,使用IP为请求代理,访问test.com/admin/1.html
#curl -x192.168.188.128:80 test.com/admin/1.html
状态码403
2.7.3测试成功
2.8 Nginx解析PHP
2.8.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server { listen 80; server_name test.com test1.com test2.com; index index.html index.htm index.php; root /data/nginx/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent; } location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/nginx/test.com$fastcgi_script_name; } access_log /tmp/1.log combined_realip; }
//fastcgi_pass用来指定php-fpm的地址
#vim /data/nginx/test.com/3.php
<?Php phpinfo(); ?>#curl -x192.168.63.139:80 test.com/3.php
<?php phpinfo(); ?>重新加载nginx
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
#curl -x192.168.63.139:80 test.com/3.php
- php-fpm
php-fpm 的配置文件都放在/usr/local/php-fpm/etc/php-fpm php-fpm.conf内
3.1 php-fpm的pool
php-fpm pool是 php-fpm 的进程池,这个进程池中运行了多个子进程,用来并发处理所有连接的动态请求。为什么要配置多个 pool ?Nginx 接收到 php 动态请求会传给 php-fpm 处理,php-fpm 调用 pool 中的子进程来处理动态请求,如果这个 pool 资源耗尽,会导致其他站点无法访问资源,报 502 错误,因此有必要设置多个 php-fpm pool。
Nginx可以配置多个主机,php-fpm也可以配置多个pool。
首先对php-fpm.conf做一个修改
#vim /usr/local/php-fpm/etc/php-fpm.conf
include = etc/php-fpm.d/*.conf
include这行比较特殊,后面路径必须写上etc目录
然后创建配置文件目录和子配置文件:
#mkdir /usr/local/php-fpm/etc/php-fpm.d
#cd /usr/local/php-fpm/etc/php-fpm.d
#vim www.conf
[www] listen = /tmp/php-fcgi.sock listen.mode = 666 user = php-fpm group = php-fpm pm = dynamic pm.max_children = 50 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 rlimit_files = 1024
//第一行定义php-fpm的子进程启动模式,dynamic为动态模式
//第二行定义动态增加或减少的量不会超过设定的值
//第三行是针对dynamic模式,他定义php-fpm服务在启动服务时产生的子进程数量
//第四行是针对dynamic模式,他定义空闲时子进程数最少数量,若达到数值会派生新的子进程
//第五行是针对dynamic模式,他定义空闲时子进程数最多数量,若高于数值会开始清理空闲的子进程
//第六行是针对dynamic模式,他定义一个子进程最多处理的请求数,若达到数额会自动退出
保存后再编辑另外的配置文件:
#vim aming.conf
//写下如下内容
[aming] listen = /tmp/aming.sock listen.mode = 666 user = php-fpm group = php-fpm pm = dynamic pm.max_children = 50 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 500 rlimit_files = 1024
下面验证配置是否有问题
#/usr/local/php-fpm/sbin/php-fpm -t
然后来重启一下php-fpm服务
#/etc/init.d/php-fpm restart
再来查看一下/tmp/.sock
#ls /tmp/.sock
#ps aux |grep php
3.2 php-fpm的慢执行日志
通过慢执行日志,我们可以清晰地了解PHP脚本在哪里执行时间长,可以定位到行
下面介绍如何开启和查看慢执行日志
#vim /usr/local/php-fpm/etc/php-fpm.d/www.conf
request_slowlog_timeout = 1
slowlog = /usr/local/php-fpm/var/log/www-slow.log
//第一行定义超时时间,即超过一秒就会被记录日志
//第二行定义慢执行日志的路径和名字
#/etc/init.d/php-fpm reload
#ls /usr/local/php-fpm/var/log/
模拟一个慢执行脚本
#vim /data/nginx/test.com/sleep.php
#curl -x127.0.0.1:80 test.com/sleep.php
#cat /usr/local/php-fpm/var/log/www-slow.log
2835
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
