LNMP简介
LNMP是指一组通常一起使用来运行动态网站或者服务器的自由软件名称首字母缩写。L指Linux,N指Nginx,M一般指MySQL,也可以指MariaDB,P一般指PHP,也可以指Perl或Python。
原理:浏览器发送http request请求到服务器(Nginx),服务器响应并处理web请求,将一些静态资源(CSS,图片,视频等)保存服务器上,然后将php脚本通过接口传输协议(网关协议)PHP-FCGI(fast-cgi)传输给PHP-FPM(进程管理程序),PHP-FPM不做处理,然后PHP-FPM调用PHP解析器进程,PHP解析器解析php脚本信息。PHP解析器进程可以启动多个,进行并发执行。然后将解析后的脚本返回到PHP-FPM,PHP-FPM再通过fast-cgi的形式将脚本信息传送给Nginx.服务器再通过Http response的形式传送给浏览器。浏览器再进行解析与渲染然后进行呈现。
流程图
lnmp平台构建
环境说明:
系统 | IP | 需要安装的服务 |
---|---|---|
centos7 redhat7 | 192.168.201.140 | nginx mysql5.7 php |
环境准备:
//关闭防火墙与SELINUX
[root@wnz ~]# systemctl stop firewalld
[root@wnz ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@wnz ~]# setenforce 0
[root@wnz ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//配置网络源
[root@wnz ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@wnz ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS-Base.repo
[root@wnz ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@wnz ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
安装nginx
//创建系统用户nginx
[root@wnz ~]# useradd -r -M -s /sbin/nologin nginx
//安装依赖环境
[root@wnz ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ epel-release
[root@wnz ~]# yum -y groups mark install 'Development Tools'
Loaded plugins: fastestmirror
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Loading mirror speeds from cached hostfile
Marked install: Development Tools
//创建日志存放目录
[root@wnz ~]# mkdir -p /var/log/nginx
[root@wnz ~]# chown -R nginx.nginx /var/log/nginx
//下载nginx
[root@wnz ~]# cd /usr/src/
[root@wnz src]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
//解压并编译安装
[root@wnz src]# tar xf nginx-1.18.0.tar.gz
[root@wnz src]# cd nginx-1.18.0
[root@wnz nginx-1.18.0]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-debug \
> --with-http_ssl_module \
> --with-http_realip_module \
> --with-http_image_filter_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module \
> --http-log-path=/var/log/nginx/access.log \
> --error-log-path=/var/log/nginx/error.log
[root@wnz nginx-1.18.0]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//nginx安装后配置
//配置环境变量
[root@wnz ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@wnz ~]# source /etc/profile.d/nginx.sh
//启动nginx
[root@wnz ~]# nginx
[root@wnz ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
安装mysql
//安装依赖包
[root@wnz ~]# yum -y install libaio ncurses-devel openssl-devel openssl cmake mariadb-devel
//创建用户和组
[root@wnz ~]# groupadd -r -g 306 mysql
[root@wnz ~]# useradd -r -M -s /sbin/nologin -g 306 -u 306 mysql
//下载二进制格式的mysql软件包
[root@wnz ~]# cd /usr/src/
[root@wnz src]# wget https://cdn.mysql.com//Downloads/MySQL-5.7/mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
//解压软件至/usr/local/
[root@wnz src]# tar xf mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@wnz src]# cd /usr/local/
[root@wnz local]# ln -sv mysql-5.7.30-linux-glibc2.12-x86_64/ mysql
‘mysql’ -> ‘mysql-5.7.30-linux-glibc2.12-x86_64/’
//修改目录/usr/local/mysql的属主属组
[root@wnz ~]# chown -R mysql.mysql /usr/local/mysql
[root@wnz ~]# ll -d /usr/local/mysql
lrwxrwxrwx 1 mysql mysql 36 Aug 8 12:34 /usr/local/mysql -> mysql-5.7.30-linux-glibc2.12-x86_64/
//添加环境变量
[root@wnz ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@wnz ~]# . /etc/profile.d/mysql.sh
[root@wnz ~]# echo $PATH
/usr/local/mysql/bin:/usr/local/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
//建立数据存放目录
[root@wnz ~]# mkdir /opt/data
[root@wnz ~]# chown -R mysql.mysql /opt/data/
[root@wnz ~]# ll /opt/
total 0
drwxr-xr-x 2 mysql mysql 6 Aug 8 12:37 data
//初始化数据库
[root@wnz ~]# /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data
//配置mysql
[root@wnz ~]# ln -sv /usr/local/mysql/include/ /usr/local/include/mysql
‘/usr/local/include/mysql’ -> ‘/usr/local/mysql/include/’
[root@wnz ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@wnz ~]# ldconfig
//生成配置文件
[root@wnz ~]# cat > /etc/my.cnf <<EOF
> [mysqld]
> basedir = /usr/local/mysql
> datadir = /opt/data
> socket = /tmp/mysql.sock
> port = 3306
> pid-file = /opt/data/mysql.pid
> user = mysql
> skip-name-resolve
> EOF
//配置服务启动脚本
[root@wnz ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@wnz ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@wnz ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
//启动mysql
[root@wnz ~]# service mysqld start
Starting MySQL SUCCESS!
[root@wnz ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
//登录mysql,设置密码
[root@wnz ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.30 MySQL Community Server (GPL)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('wang123!');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
安装php
//配置yum源
[root@wnz ~]# wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@wnz ~]# rpm -Uvh remi-release-7.rpm
[root@wnz ~]# yum makecache --enablerepo=remi-php74
//安装依赖包
[root@wnz ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel libsqlite3x-devel oniguruma-devel php74-php-mysqlnd
//下载php
[root@wnz ~]# cd /usr/src/
[root@wnz src]# wget https://www.php.net/distributions/php-7.4.7.tar.xz
//解压并编译安装php
[root@wnz src]# tar xf php-7.4.7.tar.xz
[root@wnz src]# cd php-7.4.7
[root@wnz php-7.4.7]# ./configure --prefix=/usr/local/php7 \
> --with-config-file-path=/etc \
> --enable-fpm \
> --enable-inline-optimization \
> --disable-debug \
> --disable-rpath \
> --enable-shared \
> --enable-soap \
> --with-openssl \
> --enable-bcmath \
> --with-iconv \
> --with-bz2 \
> --enable-calendar \
> --with-curl \
> --enable-exif \
> --enable-ftp \
> --enable-gd \
> --with-jpeg \
> --with-png-dir \
> --with-zlib-dir \
> --with-freetype \
> --with-gettext \
> --enable-json \
> --enable-mbstring \
> --enable-pdo \
> --with-mysqli=mysqlnd \
> --with-pdo-mysql=mysqlnd \
> --with-readline \
> --enable-shmop \
> --enable-simplexml \
> --enable-sockets \
> --enable-zip \
> --enable-mysqlnd-compression-support \
> --with-pear \
> --enable-pcntl \
> --enable-posix
[root@wnz php-7.4.7]# make -j $(cat /proc/cpuinfo |grep processor|wc -l)
[root@wnz php-7.4.7]# make install
//安装后配置
[root@wnz php-7.4.7]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh
[root@wnz php-7.4.7]# source /etc/profile.d/php7.sh
[root@wnz php-7.4.7]# which php
/usr/local/php7/bin/php
[root@wnz php-7.4.7]# php -v
PHP 7.4.7 (cli) (built: Aug 8 2020 13:23:15) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
//配置php-fpm
[root@wnz php-7.4.7]# cp php.ini-production /etc/php.ini
[root@wnz php-7.4.7]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@wnz php-7.4.7]# chmod +x /etc/rc.d/init.d/php-fpm
[root@wnz php-7.4.7]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf
[root@wnz php-7.4.7]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf
//编辑php-fpm的配置文件(/usr/local/php7/etc/php-fpm.conf):
//配置fpm的相关选项为你所需要的值:
[root@wnz ~]# vim /usr/local/php7/etc/php-fpm.conf
.....
.....
pm.max_children = 50 ;最多同时提供50个进程提供50个并发服务
pm.start_servers = 5 ;启动时启动5个进程
pm.min_spare_servers = 2 ;最小空闲进程数
pm.max_spare_servers = 8 ;最大空闲进程数
//启动php-fpm
[root@wnz ~]# service php-fpm start
Starting php-fpm done
[root@wnz ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
配置nginx
//生成php测试页面
[root@wnz ~]# cat > /usr/local/nginx/html/index.php <<EOF
> <?php
> phpinfo();
> ?>
> EOF
//修改nginx主配置文件
[root@wnz ~]# vim /usr/local/nginx/conf/nginx.conf
......此处内容省略
location / {
root html;
index index.php index.html index.htm; //添加index.php,表示有限访问php页面
}
......此处内容省略
//将以下内容取消注释并修改
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php; //修改如下:$document_root站点根目录
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
......此处内容省略
//重读配置文件
[root@wnz ~]# nginx -s reload
访问测试页面验证:
zabbix监控nginx状态
zabbix安装请看:zabbix安装
lnmp结构下zabbix配置:
//修改/etc/php.ini的配置并重启php-fpm
[root@wnz ~]# sed -ri 's/(post_max_size =).*/\1 16M/g' /etc/php.ini
[root@wnz ~]# sed -ri 's/(max_execution_time =).*/\1 300/g' /etc/php.ini
[root@wnz ~]# sed -ri 's/(max_input_time =).*/\1 300/g' /etc/php.ini
[root@wnz ~]# sed -i '/;date.timezone/a date.timezone = Asia/Shanghai' /etc/php.ini
[root@wnz ~]# service php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@wnz ~]# cd /usr/src/zabbix-5.0.2
[root@wnz zabbix-5.0.2]# mkdir /usr/local/nginx/html/zabbix
[root@wnz zabbix-5.0.2]# cp -a ui/* /usr/local/nginx/html/zabbix/
[root@wnz zabbix-5.0.2]# chown -R nginx.nginx /usr/local/nginx/html/zabbix/
//修改nginx配置文件
[root@wnz ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html/zabbix; //添加zabbix
index index.php index.html index.htm;
......
location ~ \.php$ {
root html/zabbix; //添加zabbix
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
......
//设置zabbix/conf目录的权限,让zabbix有权限生成配置文件zabbix.conf.php
[root@wnz ~]# chmod 777 /usr/local/nginx/html/zabbix/conf
[root@wnz ~]# ll -d /usr/local/nginx/html/zabbix/conf
drwxrwxrwx 3 nginx nginx 94 Jul 6 05:54 /usr/local/nginx/html/zabbix/conf
//重读nginx配置文件
[root@wnz ~]# nginx -s reload
web界面配置完成后恢复zabbix/conf目录的权限为755
[root@wnz ~]# chmod 755 /usr/local/nginx/html/zabbix/conf
[root@wnz ~]# ll -d /usr/local/nginx/html/zabbix/conf
drwxr-xr-x 3 nginx nginx 117 Aug 11 09:05 /usr/local/nginx/html/zabbix/conf
开启状态界面
[root@wnz ~]# vim /usr/local/nginx/conf/nginx.conf
//修改配置文件,添加如下
......
location /status {
stub_status on;
allow 192.168.201.0/24; //201网段可以访问
deny all;
}
......
//检查语法,重读
[root@wnz ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@wnz ~]# nginx -s reload
访问验证
编写监控脚本取出需要监控的数据
[root@wnz ~]# mkdir /scripts
[root@wnz ~]# cd /scripts/
[root@wnz scripts]# vim handled.sh
#!/bin/bash
status=$(curl -s http://192.168.201.140/status |awk 'NR==3{print $3}')
echo $status
[root@wnz scripts]# chmod +x handled.sh
[root@wnz scripts]# vim Reading.sh
#!/bin/bash
status=$(curl -s http://192.168.201.140/status |awk 'NR==4{print $2}')
echo $status
[root@wnz scripts]# chmod +x Reading.sh
[root@wnz scripts]# vim Writing.sh
#!/bin/bash
status=$(curl -s http://192.168.201.140/status |awk 'NR==4{print $4}')
echo $status
[root@wnz scripts]# chmod +x Writing.sh
[root@wnz scripts]# ll
total 12
-rwxr-xr-x 1 root root 99 Aug 11 09:48 handled.sh
-rwxr-xr-x 1 root root 98 Aug 11 09:50 Reading.sh
-rwxr-xr-x 1 root root 98 Aug 11 09:52 Writing.sh
编辑zabbix_agent配置文件
[root@wnz ~]# vim /usr/local/etc/zabbix_agentd.conf
UnsafeUserParameters=1 //将此行取消注释,并将0改为1
UserParameter=check_handled,/bin/bash /scripts/handled.sh
UserParameter=check_Reading,/bin/bash /scripts/Reading.sh
UserParameter=check_Writing,/bin/bash /scripts/Writing.sh
//重启zabbix
[root@wnz ~]# pkill zabbix
[root@wnz ~]# zabbix_server
[root@wnz ~]# zabbix_agentd
[root@wnz ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:10050 *:*
LISTEN 0 128 *:10051 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
检测key是否能取到值
[root@wnz ~]# zabbix_get -s 127.0.0.1 -k check_handled
636
[root@wnz ~]# zabbix_get -s 127.0.0.1 -k check_Reading
0
[root@wnz ~]# zabbix_get -s 127.0.0.1 -k check_Writing
1
zabbix监控界面配置
验证:查看最新数据