rhel8.0图形安装教程_在Rhel8教程上使用MPM编译Apache 2 4

rhel8.0图形安装教程

Disclaimer:

免责声明：

This tutorial is for educational purposes only. If the intention is to deploy this into a production environment please consult a professional before doing so. You can find details at the end of this article. This tutorial is intended to be run in a lab environment using a fresh operating system installation. Do not attempt to carry out these steps on a live system.

本教程仅用于教育目的。 如果打算将其部署到生产环境中，请先咨询专业人员。 您可以在本文末尾找到详细信息。 本教程旨在使用全新的操作系统安装在实验室环境中运行。 不要尝试在实时系统上执行这些步骤。

Pre-requisites:

先决条件：

1. Red Hat Enterprise Linux 8 (RHEL8)
   红帽企业版Linux 8(RHEL8)
2. Internet Connection
   网络连接

I usually use Amazon AWS for my tutorials as it is really quick and easy to deploy the necessary infrastructure. For the purpose of this tutorial I’m using a free-tier instance:

我通常在教程中使用Amazon AWS ，因为部署必要的基础架构确实非常快捷。 就本教程而言，我使用的是自由层实例：

• Red Hat Enterprise Linux 8 (HVM), SSD Volume Type — ami-08f4717d06813bf00 (64-bit x86) / ami-05dfcc21bfc7c9b02 (64-bit Arm) (x86)
  红帽企业Linux 8(HVM)，SSD卷类型-ami-08f4717d06813bf00(64位x86)/ ami-05dfcc21bfc7c9b02(64位Arm)(x86)
• Instance Type: t2.micro
  实例类型：t2.micro

If you want to benefit from the MPM (“Multi-Processing Modules”) functionality of Apache you will probably want to use an instance with at least 2 CPU’s. The smallest is a t2.medium.

如果您想从 Apache 的MPM(“多处理模块”) 功能中 受益， 您可能希望使用至少具有2个CPU的实例。 最小的是t2.medium。

Another fairly simple solution is to install Virtual Box or VMWare Fusion and install a virtual machine locally.

另一个相当简单的解决方案是安装Virtual Box或VMWare Fusion并在本地安装虚拟机。

Please note this tutorial is aimed at getting a web server up and running as soon as possible for development purposes. If you are planning on using this in a production environment it is recommended to carry out various security activities to secure the system. I will write a tutorial on this in future.

请注意，本教程旨在为开发目的尽快启动并运行Web服务器。 如果打算在生产环境中使用此功能，建议进行各种安全性活动以保护系统。 以后我会写一个教程。

The starting point for this tutorial is root access on a fresh install of RHEL8. This may vary depending on the operating system you are running or what platform you decided to use but assuming you decided to use an Amazon EC2 instance as well and using a Mac the steps are as follows:

本教程的起点是全新安装的RHEL8的root用户访问权限。 这可能会有所不同，具体取决于您所运行的操作系统或决定使用的平台，但是假设您决定同时使用Amazon EC2实例和Mac，则步骤如下：

% ssh -i <yourawskey.pem> ec2-user@<ec2_public_ip>
[ec2-user@ip-172–16–0–35 ~]$ sudo su -
[root@ip-172–16–0–35 ~]#

You will want to update the system next.

您接下来将要更新系统。

yum repolist all;
yum-config-manager --enable codeready-builder-for-rhel-8-rhui-rpms;yum update -y;

Please note this could take a while depending on the system you are using and your Internet connection.

请注意，这可能需要一段时间，具体取决于您使用的系统和Internet连接。

Complete![root@ip-172–16–0–35 ~]#

完成！[root @ ip-172–16–0–35〜]＃

You will want to configure a swap file.

您将要配置交换文件。

dd if=/dev/zero of=/swapfile bs=128M count=32;
chmod 600 /swapfile;
mkswap /swapfile;
swapon /swapfile;
swapon -s;
echo "/swapfile swap swap defaults 0 0" >> /etc/fstab;

I have two recommendations:

我有两个建议：

• Install your applications into /opt/SP
  将您的应用程序安装到/ opt / SP
• Deploy your data into /var/SP
  将数据部署到/ var / SP

The major advantage of this is it simplifies backups as your application and data are all in one place so can be easily restored or cloned onto additional systems if need be.

这样做的主要优点是可以简化备份，因为您的应用程序和数据都集中在一个地方，因此可以根据需要轻松地还原或克隆到其他系统上。

It is also strongly advisable to not have Apache running as root and administering your website as root. I will create a group called “www” and two users in that group. “wwwadm” will be created for administering the website and the Apache service will run as “wwwrun”.

强烈建议不要以root身份运行Apache并以root身份管理您的网站。 我将创建一个名为“ www ”的组，并在该组中创建两个用户。 将创建“ wwwadm ”来管理网站，而Apache服务将以“ wwwrun ”运行。

mkdir -p /opt/SP/home;groupadd www;
groupadd wwwadm;
groupadd wwwrun;useradd -c "WWW Run User" -d /opt/SP/home/wwwrun -s /sbin/nologin -g www wwwrun;
usermod -a -G www wwwrun;
usermod -a -G wwwrun wwwrun;useradd -c "WWW Admin User" -d /opt/SP/home/wwwadm -s /bin/bash -g www wwwadm;
usermod -a -G www wwwadm;
usermod -a -G wwwadm wwwadm; mkdir /var/httpd;
mkdir /var/SP;
ln -s /var/httpd/var/SP/httpd;
chown -R wwwadm:www /var/SP;
chmod +s /var/SP;
chmod g+s /var/SP;

In order to compile Apache 2.4 we will need to install some compilers and development libraries. You definitely would not want these on production systems. We will only use them to compile Apache and then remove them after.

为了编译Apache 2.4，我们将需要安装一些编译器和开发库。 您绝对不希望在生产系统上使用它们。 我们将仅使用它们来编译Apache，然后将其删除。

yum install wget gcc make -y;# https://libexpat.github.io
cd ~;
wget https://github.com/libexpat/libexpat/releases/download/R_2_2_9/expat-2.2.9.tar.gz;
tar -zxvf expat-2.2.9.tar.gz;
cd expat-2.2.9;
./configure --prefix=/opt/SP/expat-2.2.9;
make clean && make && make install;
echo "/opt/SP/expat-2.2.9/lib" >> /etc/ld.so.conf;
ldconfig;# https://github.com/nghttp2/nghttp2/releases
cd ~;
wget https://github.com/nghttp2/nghttp2/releases/download/v1.40.0/nghttp2-1.40.0.tar.gz;
tar -zxvf nghttp2-1.40.0.tar.gz;
cd nghttp2-1.40.0;
./configure --prefix=/opt/SP/nghttp2-1;
make clean && make && make install;
echo "/opt/SP/nghttp2-1/lib" >> /etc/ld.so.conf;
ldconfig;# https://apr.apache.org/download.cgi
cd ~;
wget http://mirror.vorboss.net/apache//apr/apr-1.7.0.tar.gz;
tar -zxvf apr-1.7.0.tar.gz;
cd apr-1.7.0;
./configure --prefix=/opt/SP/apr-1.7.0;
make clean && make && make install;
echo "/opt/SP/apr-1.7.0/lib" >> /etc/ld.so.conf;
ldconfig;yum install openldap-devel -y; # https://apr.apache.org/download.cgi
cd ~;
wget http://www.mirrorservice.org/sites/ftp.apache.org//apr/apr-util-1.6.1.tar.gz;
tar -zxvf apr-util-1.6.1.tar.gz;
cd apr-util-1.6.1;
./configure --prefix=/opt/SP/apr-util-1.6.1 \
--with-apr=/opt/SP/apr-1.7.0 \
--with-expat=/opt/SP/expat-2.2.9 \
--with-ldap \
--with-ldap-lib=/usr/lib64 \
--with-ldap-include=/etc/openldap;
make clean && make && make install;
echo "/opt/SP/apr-util-1.6.1/lib" >> /etc/ld.so.conf;
ldconfig;yum install openssl-devel pcre-devel zlib-devel -y;

Now to compile Apache 2.4…

现在要编译Apache 2.4…

# https://httpd.apache.org/download.cgi#apache24
cd ~;
wget http://apache.mirror.anlx.net/httpd/httpd-2.4.46.tar.gz;
tar -zxvf httpd-2.4.46.tar.gz;
cd httpd-2.4.46;
./configure --prefix=/opt/apache-2.4 \
--with-apr=/opt/SP/apr-1.7.0 \
--with-apr-util=/opt/SP/apr-util-1.6.1 \
--libdir=/opt/apache-2.4/lib64 \
--enable-nonportable-atomics=yes \
--with-devrandom=/dev/urandom \
--with-ldap \
--enable-authnz-ldap \
--with-crypto \
--with-gdbm \
--with-ssl \
--enable-mods-shared=all \
--enable-mpms-shared=all \
--enable-authnz_fcgi \
--enable-cgi \
--enable-pie \
--enable-http2 \
--enable-proxy-http2 \
--with-nghttp2=/opt/SP/nghttp2-1 ac_cv_openssl_use_errno_threadid=yes;
make clean && make && make install;ln -s /opt/apache-2.4 /opt/SP/apache-2.4;
chown -R wwwadm:www /opt/apache-2.4;

These 3 commands will change the user and group that Apache will ran as too “wwwrun” and “www”, and will update the HTTP docs path.

这三个命令将同时更改Apache将同时运行的用户和组“ wwwrun ”和“ www ”，并将更新HTTP文档路径。

sed -i 's/^User daemon\s*$/User wwwrun/' /opt/SP/apache-2.4/conf/httpd.conf
sed -i 's/^Group daemon\s*$/Group wwwrun/' /opt/SP/apache-2.4/conf/httpd.conf
sed -i 's~/opt/apache-2.4/htdocs~/var/SP/httpd/htdocs~g' /opt/SP/apache-2.4/conf/httpd.conf

This will add the Apache “bin” directory to the PATH, finalise permissions on the Apache directory, and update the HTTP docs directory.

这会将Apache“ bin”目录添加到PATH ，最终确定Apache目录的权限，并更新HTTP docs目录。

chown -R wwwadm:www /opt/SP/apache-2.4
chmod +s /opt/SP/apache-2.4
cd ~ mkdir -p /var/SP/httpd
chown -R wwwadm:www /var/SP/httpd
mv /opt/SP/apache-2.4/htdocs /var/SP/httpd

You will now want to create a service to manage the Apache process.

您现在将要创建一个服务来管理Apache进程。

#!/bin/sh
### BEGIN INIT INFO
# Provides:          apache
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: apache
# Description: Start apache
### END INIT INFO case "$1" in
start)    
    echo "Starting Apache ..."
    /opt/SP/apache-2.4/bin/apachectl start
;;
stop)
    echo "Stopping Apache ..."
    /opt/SP/apache-2.4/bin/apachectl stop
;;
graceful)
    echo "Restarting Apache gracefully..."
    /opt/SP/apache-2.4/bin/apachectl graceful
;;
restart)
    echo "Restarting Apache ..."
    /opt/SP/apache-2.4/bin/apachectl restart
;;
*)
    echo "Usage: '$0' {start|stop|restart|graceful}"
    exit 64
;;
esac
exit 0

Download GIST

下载GIST

The installation of this service is as follows.

该服务的安装如下。

yum install git -y;cd ~;
git clone https://gist.github.com/whittlem/c264ad52eabca17e9f8d94ae2037f1fc;
mv -f c264ad52eabca17e9f8d94ae2037f1fc/rhel8-apache24-service /etc/init.d/apache;
chown root:root /etc/init.d/apache;
chmod 611 /etc/init.d/apache;
chkconfig apache on;
service apache start;

You can now verify that Apache is listening on HTTP port 80.

现在，您可以验证Apache是​​否正在HTTP端口80上侦听。

[root@ip-172-16-0-115 ~]# netstat -antup | grep :80
tcp6    0    0    :::80    :::*    LISTEN    136820/httpd[root@ip-172-16-0-115 ~]# curl http://localhost
<html><body><h1>It works!</h1></body></html>

This is an optional step but I want the “www” group to be able to start, stop and restart Apache. Now ideally you should never edit the “/etc/sudoers” file directly or risk making a mistake and locking yourself out. You should use ‘visudo’ instead. But for the purpose of this tutorial I’m going to script it. Please note this allows the “www” group to manage all services so if this is not what you want either don’t do this step or adjust it yourself.

这是一个可选步骤，但是我希望“ www ”组能够启动，停止和重新启动Apache。 现在，理想情况下，您永远不要直接编辑“ / etc / sudoers ”文件，否则将有犯错误并锁定自己的风险。 您应该使用“ visudo ”代替。 但是出于本教程的目的，我将编写脚本。 请注意，这允许“ www ”组管理所有服务，因此如果您不希望这样做，请不要执行此步骤或自行调整。

echo "" >> /etc/sudoers;
echo "%www    ALL=(ALL)       NOPASSWD:/usr/sbin/service" >> /etc/sudoers;

It’s not good practice to leave compilers and development libraries on a system as they could be exploited. I’m going to remove them now but if you plan on using them again later then leave this step out.

将编译器和开发库留在系统上不是一个好习惯，因为它们可能会被利用。 我现在将其删除，但是如果您打算稍后再使用它们，则请不要执行此步骤。

yum remove gcc make openldap-devel openssl-devel pcre-devel zlib-devel -y;rm -f /root/apr-1.7.0.tar.gz;
rm -f /root/apr-util-1.6.1.tar.gz;
rm -f /root/expat-2.2.9.tar.gz;
rm -f /root/httpd-2.4.46.tar.gz;
rm -f /root/nghttp2-1.40.0.tar.gz;
rm -rf /root/c264ad52eabca17e9f8d94ae2037f1fc;
rm -rf /root/apr-1.7.0;
rm -rf /root/apr-util-1.6.1;
rm -rf /root/expat-2.2.9;
rm -rf /root/httpd-2.4.46;
rm -rf /root/nghttp2-1.40.0;

One of the most underrated features of EC2 is the “User data” section under “Advanced Details” in the EC2 “Launch instance”. This allows you to run bash script automatically straight after the EC2 instance is provisioned. If you paste in my GIST script like I have done below, you can completely automate the provision of an EC2 instance end-to-end with Apache 2.4 up and running at the end. Please be patient as the script runs in the background after you are able to access the instance for the first time.

EC2最被低估的功能之一是EC2“启动实例”中“高级详细信息”下的“用户数据”部分。 这使您可以在配置EC2实例后立即自动运行bash脚本。 如果像下面所做的那样粘贴我的GIST脚本 ，则可以完全自动地端对端地提供EC2实例，并最终运行Apache 2.4。 首次访问实例后，脚本将在后台运行，请耐心等待。

I’m the Head of the Networks Practice at Net Reply. My team specialises in networks, security and process automation including self-service dashboards. If you would like more information on this please contact me on m.whittle@reply.com. Alternatively you can learn more about us on LinkedIn and Twitter.

我是Net Reply网络部门的负责人。 我的团队专门研究网络，安全性和流程自动化，包括自助服务仪表板。 如果您想了解更多信息，请通过m.whittle@reply.com与我联系。 另外，您可以在LinkedIn和Twitter上了解有关我们的更多信息。

翻译自: https://medium.com/@michael_31310/compiling-apache-2-4-with-mpm-on-rhel8-tutorial-578281de7ccb

rhel8.0图形安装教程