三台主机分离部署LNMP架构
一、什么是LNMP
LNMP代表的就是:Linux系统下Nginx+MySQL+PHP这种网站服务器架构。Nginx中的PHP是以fastcgi的方式结合Nginx的,可以理解为Nginx代理了PHP的fastcgi。
二、为什么要用LNMP
LNMP具有成本低廉、部署灵活、快速开发、安全稳定等特点,是 Web 网络应用和环境的优秀组合。若是服务器配置比较低的个人网站,当然首选 LNMP 架构。
三、LNMP的工作方式
首先Nginx服务是不能处理动态请求,那么当用户发起动态请求时, Nginx又是如何进行处理的。
1、静态请求:请求静态文件或者html页面,服务器上存在的html文件
静态文件:文件上传到服务器,永远不会改变的文件就是静态文件
html就是一个标准的静态文件
2、动态请求:请求的是动态内容,带参数的请求
动态页面不存在于服务器上,可能是取数据库或者redis等地方取值拼凑成的页面
当用户发起http请求,请求会被Nginx处理,如果是静态资源请求Nginx则直接返回,如果是动态请求Nginx则通过fastcgi协议转交给后端的PHP程序处理,具体如下图所示
访问流程
1.浏览器输入域名,浏览器会拿着域名取DNS服务器解析
2.DNS服务器会将域名解析成ip
3.浏览器会去与IP对应的服务器建立tcp/ip连接
4.连接建立完成后,后向服务器发请求,请求nginx
5.nginx会判断请求是动态的还是静态的
#静态请求
location .jpg$ {
root /code
}
#动态请求
location .php$ {
fastcgi_pass 127.0.0.1:9000;
}
6.如果是静态请求,nginx去code目录获取,直接返回
7.如果是动态请求,nginx通过fastcgi协议连接PHP服务的PHP-fpm管理进程
8.PHP-FPM管理进程会下发工作给wrapper工作进程
9.wrapper工作进程判断php内容是否可以直接返回内容;
10.如果只是php内容,wrapper工作进程直接解析,并返回结果;
11.如果还需要访问数据库,则wrapper会去请求数据库获取数据,再返回数据。
12.数据流转过程
请求:浏览器 ->负载均衡 ->nginx ->php-fpm ->wrapper ->mysql
响应:mysql -> wrapper -> php-fpm -> nginx -> 负载均衡 ->浏览器。
四、LNMP部署
环境说明:
| 主机名 | IP地址 | 应用版本 | 系统 |
|---|---|---|---|
| nginx | 192.168.183.135 | nginx-1.20.2 | centos8 |
| mysql | 192.168.183.136 | mysql-5.7.38 | centos8 |
| php | 192.168.183.137 | php-8.1.11 | centos8 |
1、安装nginx
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname nginx
[root@localhost ~]# bash
[root@nginx ~]# setenforce 0
[root@nginx ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@nginx ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//创建用户
[root@nginx ~]# useradd -rMs /sbin/nologin nginx
//安装依赖包
[root@nginx ~]# dnf -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make wget vim
//下载nginx软件包并解压
[root@nginx ~]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
--2022-10-11 13:47:12-- http://nginx.org/download/nginx-1.20.2.tar.gz
Resolving nginx.org (nginx.org)... 3.125.197.172, 52.58.199.22, 2a05:d014:edb:5704::6, ...
Connecting to nginx.org (nginx.org)|3.125.197.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1062124 (1.0M) [application/octet-stream]
Saving to: ‘nginx-1.20.2.tar.gz’
nginx-1.20.2.tar.gz 100%[================>] 1.01M 658KB/s in 1.6s
2022-10-11 13:47:14 (658 KB/s) - ‘nginx-1.20.2.tar.gz’ saved [1062124/1062124]
[root@nginx ~]# tar -xf nginx-1.20.2.tar.gz
//进入目录配置编译安装
[root@nginx ~]# cd nginx-1.20.2
[root@nginx nginx-1.20.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-debug \
> --with-http_ssl_module \
> --with-http_realip_module \
> --with-http_image_filter_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module \
> --http-log-path=/var/log/nginx/access.log \
> --error-log-path=/var/log/nginx/error.log
[root@nginx nginx-1.20.2]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//安装完成
[root@nginx nginx-1.20.2]# cd /usr/local/nginx/
[root@nginx nginx]# ls
conf html logs sbin
//配置环境变量
[root@nginx nginx]# echo "export PATH=$PATH:/usr/local/nginx/sbin" > /etc/profile.d/nginx.sh
[root@nginx nginx]# source /etc/profile.d/nginx.sh
//编写service文件启动服务
[root@nginx nginx]# cd
[root@nginx ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
> [Unit]
> Description=nginx server daemon
> After=network.target
>
> [Service]
> Type=forking
> ExecStart=/usr/local/nginx/sbin/nginx
> ExecStop=/usr/local/nginx/sbin/nginx -s stop
> ExecReload=/bin/kill -HUP \$MAINPID
>
> [Install]
> WantedBy=multi-user.target
> EOF
[root@nginx ~]# systemctl daemon-reload
[root@nginx ~]# systemctl enable --now nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
[root@nginx ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
2、安装mysql
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname mysql
[root@localhost ~]# bash
[root@mysql ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# setenforce 0
[root@mysql ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//安装依赖包
[root@mysql ~]# dnf -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
//创建用户
[root@mysql ~]# useradd -rMs /sbin/nologin mysql
//下载mysql软件包
[root@mysql ~]# ls
anaconda-ks.cfg mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz //此处为节约时间是将提前下载好的进行上传
//解压重命名
[root@mysql ~]# tar xf mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@mysql ~]# cd /usr/local/
[root@mysql local]# ls
bin games lib libexec sbin src
etc include lib64 mysql-5.7.38-linux-glibc2.12-x86_64 share
[root@mysql local]# mv mysql-5.7.38-linux-glibc2.12-x86_64 mysql
[root@mysql local]# ls
bin etc games include lib lib64 libexec mysql sbin share src
//修改属主属组
[root@mysql local]# chown -R mysql.mysql mysql
//配置include、man及环境变量
[root@mysql local]# ln -s /usr/local/mysql/include /usr/include/mysql
[root@mysql local]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@mysql local]# vi /etc/man_db.conf
MANDATORY_MANPATH /usr/local/mysql/man
[root@mysql local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@mysql local]# source /etc/profile.d/mysql.sh
[root@mysql local]# which mysql
/usr/local/mysql/bin/mysql
//建立数据存放目录
[root@mysql ~]# mkdir -p /opt/data
[root@mysql ~]# chown -R mysql.mysql /opt/data/
//初始化数据库
[root@mysql ~]# mysqld --initialize --user mysql --datadir /opt/data
2022-10-11T06:12:47.976658Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2022-10-11T06:12:48.115799Z 0 [Warning] InnoDB: New log files created, LSN=45790
2022-10-11T06:12:48.152163Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2022-10-11T06:12:48.163911Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: ba9d3275-492b-11ed-bad6-000c2907de9b.
2022-10-11T06:12:48.165296Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2022-10-11T06:12:48.355412Z 0 [Warning] A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355437Z 0 [Warning] A deprecated TLS version TLSv1.1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355796Z 0 [Warning] CA certificate ca.pem is self signed.
2022-10-11T06:12:48.392081Z 1 [Note] A temporary password is generated for root@localhost: M.81jgNZ9DKR
[root@mysql ~]# echo 'M.81jgNZ9DKR' > pass
//生成配置文件
[root@mysql ~]# cat >> /etc/my.cnf <<EOF
> [mysqld]
> basedir = /usr/local/mysql
> datadir = /opt/data
> socket = /tmp/mysql.sock
> port = 3306
> pid-file = /opt/data/mysql.pid
> user = mysql
> skip-name-resolve
> EOF
//配置服务启动脚本
[root@mysql ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
[root@mysql ~]# chmod +x /etc/init.d/mysqld
//编写service文件启动服务并设置开机自启
[root@mysql ~]# cat > /usr/lib/systemd/system/mysqld.service <<EOF
[Unit]
Description=mysqld server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/mysqld start
ExecStop=/etc/init.d/mysqld stop
ExecReload=/bin/kill -HUP \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@mysql ~]# systemctl daemon-reload
[root@mysql ~]# systemctl enable --now mysqld
[root@mysql ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
//登录mysql修改密码
[root@mysql ~]# cat pass
M.81jgNZ9DKR
[root@mysql ~]# mysql -uroot -pM.81jgNZ9DKR
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.38
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('123com');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
[root@mysql ~]# mysql -uroot -p123com
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.38 MySQL Community Server (GPL)
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
3、安装php
//修改主机名关闭防火墙selinux
[root@localhost ~]# hostnamectl set-hostname php
[root@localhost ~]# bash
[root@php ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@php ~]# setenforce 0
[root@php ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//配置yum源
[root@php ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
[root@php ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
//安装依赖包
[root@php ~]# yum -y install epel-release
[root@php ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ wget make ncurses-devel openssl cmake libxm12 libxm12-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel php-mysqlnd libsqlite3x-devel libzip-devel https://dl.rockylinux.org/pub/rocky/9/CRB/x86_64/os/Packages/o/oniguruma-devel-6.9.6-1.el9.5.x86_64.rpm http://mirror.stream.centos.org/9-stream/CRB/x86_64/os/Packages/libzip-devel-1.7.3-7.el9.x86_64.rpm http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm --allowerasing --skip-broken --nobest
//下载php软件包
[root@php ~]# wget https://www.php.net/distributions/php-8.1.11.tar.gz
//解压软件包编译安装
[root@php ~]# tar xf php-8.1.11.tar.gz
[root@php ~]# cd php-8.1.11
[root@php php-8.1.11]# ./configure --prefix=/usr/local/php8 --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix
[root@php php-8.1.11]# make
[root@php php-8.1.11]# make install
//配置环境变量查看版本
[root@php php-8.1.11]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php8.sh
[root@php php-8.1.11]# source /etc/profile.d/php8.sh
[root@php php-8.1.11]# which php
/usr/local/php8/bin/php
[root@php php-8.1.11]# php -v
PHP 8.1.11 (cli) (built: Oct 11 2022 15:39:15) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.11, Copyright (c) Zend Technologies
//配置php-fpm
[root@php php-8.1.11]# cp php.ini-production /etc/php.ini
cp: overwrite '/etc/php.ini'? y
[root@php php-8.1.11]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@php php-8.1.11]# chmod +x /etc/init.d/php-fpm
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf
//编写service文件启动服务并设为开机自启
[root@php php-8.1.11]# cat > /usr/lib/systemd/system/php.service <<EOF
[Unit]
Description=php server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/php-fpm start
ExecStop=/etc/init.d/php-fpm stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@php php-8.1.11]# systemctl daemon-reload
[root@php php-8.1.11]# systemctl enable --now php
Created symlink /etc/systemd/system/multi-user.target.wants/php.service → /usr/lib/systemd/system/php.service.
[root@php php-8.1.11]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
4、安装后配置
nginx服务端
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
······
location / {
root html;
index index.php index.html index.htm; //添加index.php
}
······
location ~ \.php$ {
root html;
fastcgi_pass 192.168.183.137:9000; //改为php端ip
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; //将$/scripts修改为根目录
include fastcgi_params;
}
//检查配置文件是否有错误
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
//重启服务
[root@nginx ~]# systemctl restart nginx
//创建index.php文件
[root@nginx ~]# cd /usr/local/nginx/html/
[root@nginx html]# vim index.php
[root@nginx html]# cat index.php
<?php
phpinfo();
?>
php服务端
[root@php ~]# vim /usr/local/php8/etc/php-fpm.d/www.conf
listen = 192.168.183.137:9000 //监听php服务器的ip端口号为9000
;listen.allowed_clients = 192.168.183.135 //允许nginx服务器进行访问
//创建index.php文件
[root@php ~]# mkdir /var/www
[root@php ~]# cat > /var/www/index.php <<EOF
> <?php
> phpinfo();
> ?>
> EOF
//重启服务
[root@php ~]# systemctl restart php
[root@php ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 192.168.183.137:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
访问验证
1727
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
