由于实际生产环境需求,需要将LNMP环境中的openssl版本升级至目前最新版本openssl-1.1.0c,这玩意升级还真的不是一般的麻烦,由于它与系统各种服务都有相关的联系,比如ssh服务等,因此,升级非常的繁琐,所以今天将实际生产环境中升级的过程写出来,供大家参考(100%生产环境)
1、整体环境
系统环境
[root@webserver ~]# **cat /etc/redhat-release**
CentOS release 6.5 (Final)
[root@webserver ~]# **uname -r**
2.6.32-431.el6.x86_64LNMP版本
[root@webserver ~]# /application/nginx/sbin/nginx -v
nginx version: nginx/1.10.1
[root@webserver ~]# /application/mysql/bin/mysql -V
/application/mysql/bin/mysql Ver 14.14 Distrib 5.5.54, for Linux (x86_64) using EditLine wrapper
使用PHP 5.x 版本一直没有升级成功,后面会介绍更高版本
2、LNMP环境编译过程
nginx、mysql全部手工编译安装的,下面给出相关参数
nginx编译过程:
[root@centos6 nginx-1.10.1]# ./configure --user=nginx
--group=nginx --prefix=/application/nginx-1.10.1
--with-http_stub_status_module --with-http_ssl_module
--with-pcre=/download/pcre-8.38
[root@centos6 nginx-1.10.1]# make && make install
[root@centos6 nginx-1.10.1]# ln -s /application/nginx-1.10.1 /application/nginx
[root@centos6 nginx-1.10.1]# /application/nginx/sbin/nginx
[root@centos6 nginx-1.10.1]# lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 16237 root 6u IPv4 31404 0t0 TCP *:http (LISTEN)
nginx 16238 nginx 6u IPv4 31404 0t0 TCP *:http (LISTEN)
[root@centos6 nginx-1.10.1]# cd ../mysql编译过程:
[root@centos6 download]# tar zxf cmake-2.8.8.tar.gz
[root@centos6 download]# cd cmake-2.8.8
[root@centos6 cmake-2.8.8]# useradd -s /sbin/nologin -M mysql
[root@centos6 cmake-2.8.8]# ./configure
CMake has bootstrapped. Now run gmake.
[root@centos6 cmake-2.8.8]# gmake
[root@centos6 cmake-2.8.8]# gmake install
[root@centos6 cmake-2.8.8]# cd ../
[root@centos6 download]# tar zxf mysql-5.5.54.tar.gz
[root@centos6 download]# cd mysql-5.5.54
[root@centos6 mysql-5.5.54]# cmake
-DCMAKE_INSTALL_PREFIX=/application/mysql-5.5.54
-DNYSQL_DATADIR=/application/mysql-5.5.54/data
-DNYSQL_UNIX_ADDR=/application/mysql-5.5.54/tmp/mysql.sock
-DDEFAULT_CHARSET=gbk
-DDEFAULT_COLLATION=gbk_chinese_ci
-DENABLED_LOCAL_INFILE=ON
-DWITH_INNOBASE_STORAGE_ENGINE=1
-DWITH_FEDERATED_STORAGE_ENGINE=1
[root@centos6 mysql-5.5.54]# make
[root@centos6 mysql-5.5.54]# make install
[root@centos6 mysql-5.5.54]# ln -s /application/mysql-5.5.54 /application/mysql
[root@centos6 mysql-5.5.54]# cp support-files/my-small.cnf /etc/my.cnf
cp: overwrite `/etc/my.cnf'? y
[root@centos6 mysql-5.5.54]# echo 'export PATH=/application/mysql/bin:$PATH'>>/etc/profile
[root@centos6 mysql-5.5.54]# source /etc/profile
[root@centos6 mysql-5.5.54]# tail -1 /etc/profile
export PATH=/application/mysql/bin:$PATH
[root@centos6 mysql-5.5.54]# which mysql
/application/mysql/bin/mysql
[root@centos6 mysql-5.5.54]# mkdir -p /application/mysql/data
[root@centos6 mysql-5.5.54]# chown -R mysql.mysql /application/mysql/data
[root@centos6 mysql-5.5.54]# chmod -R 1777 /tmp
[root@centos6 mysql-5.5.54]# /application/mysql/scripts/mysql_install_db
--basedir=/application/mysql
--datadir=/application/mysql/data --user=mysql
[root@centos6 mysql-5.5.54]# cp support-files/mysql.server /etc/init.d/mysqld
[root@centos6 mysql-5.5.54]# chmod 700 /etc/init.d/mysqld
[root@centos6 mysql-5.5.54]# /etc/init.d/mysqld start
Starting MySQL.Logging to '/application/mysql-5.5.54/data/centos6.5.err'.
. SUCCESS!
[root@centos6 mysql-5.5.54]# lsof -i :3306
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld 61589 mysql 10u IPv4 114206 0t0 TCP *:mysql (LISTEN)
[root@centos6 mysql-5.5.54]# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1
Server version: 5.5.54 Source distribution
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
mysql> quit
Bye
[root@centos6 mysql-5.5.54]# chkconfig mysqld
[root@centos6 mysql-5.5.54]# cd ../
3、升级OPENSSL
[root@centos6 download]# tar zxf openssl-1.1.0c.tar.gz
[root@centos6 download]# cd openssl-1.1.0c
[root@centos6 openssl-1.1.0c]# ./config --prefix=/usr/local/openssl shared zlib-dynamic
[root@centos6 openssl-1.1.0c]# make
[root@centos6 openssl-1.1.0c]# make install
[root@centos6 openssl-1.1.0c]# cd ../4、安装PHP所需库文件
[root@centos6 download]# wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.7.tar.gz
[root@centos6 download]# tar zxf libiconv-1.7.tar.gz
[root@centos6 download]# cd libiconv-1.7
[root@centos6 libiconv-1.7]# ./configure --prefix=/usr/local/libiconv
[root@centos6 libiconv-1.7]# make && make install
[root@centos6 libiconv-1.7]# cd ../[root@centos6 download]# wget ftp://mcrypt.hellug.gr/pub/crypto/mcrypt/libmcrypt/libmcrypt-2.5.7.tar.gz
[root@centos6 download]# tar zxf libmcrypt-2.5.7.tar.gz
[root@centos6 download]# cd libmcrypt-2.5.7
[root@centos6 libmcrypt-2.5.7]# ./configure
[root@centos6 libmcrypt-2.5.7]# make && make install
[root@centos6 libmcrypt-2.5.7]# /sbin/ldconfig
[root@centos6 libmcrypt-2.5.7]# cd libltdl/
[root@centos6 libltdl]# ./configure --enable-ltdl-install
[root@centos6 libltdl]# make
[root@centos6 libltdl]# make install
[root@centos6 libltdl]# cd ../../[root@centos6 download]# wget http://download.csdn.net/tag/mhash-0.9.9.9.tar.gz
[root@centos6 download]# tar zxf mhash-0.9.9.9.tar.gz
[root@centos6 download]# cd mhash-0.9.9.9
[root@centos6 mhash-0.9.9.9]# ./configure
[root@centos6 mhash-0.9.9.9]# make
[root@centos6 mhash-0.9.9.9]# make install
[root@centos6 mhash-0.9.9.9]# cd ../
[root@centos6 download]# rm -f /usr/lib/libmcrypt.*
[root@centos6 download]# rm -f /usr/lib/libmhash*
[root@centos6 download]# ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
[root@centos6 download]# ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
[root@centos6 download]# ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
[root@centos6 download]# ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
[root@centos6 download]# ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
[root@centos6 download]# ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
[root@centos6 download]# ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
[root@centos6 download]# ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
[root@centos6 download]# ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
[root@centos6 download]# ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config
[root@centos6 download]# rm -f /usr/lib64/libmcrypt.*
[root@centos6 download]# rm -f /usr/lib64/libmhash*
[root@centos6 download]# ln -s /usr/local/lib64/libmcrypt.so /usr/lib64/libmcrypt.so
[root@centos6 download]# ln -s /usr/local/lib64/libmcrypt.la /usr/lib64/libmcrypt.la
[root@centos6 download]# ln -s /usr/local/lib64/libmcrypt.so.4 /usr/lib64/libmcrypt.so.4
[root@centos6 download]# ln -s /usr/local/lib64/libmcrypt.so.4.4.8 /usr/lib64/libmcrypt.so.4.4.8
[root@centos6 download]# ln -s /usr/local/lib64/libmhash.a /usr/lib64/libmhash.a
[root@centos6 download]# ln -s /usr/local/lib64/libmhash.la /usr/lib64/libmhash.la
[root@centos6 download]# ln -s /usr/local/lib64/libmhash.so /usr/lib64/libmhash.so
[root@centos6 download]# ln -s /usr/local/lib64/libmhash.so.2 /usr/lib64/libmhash.so.2
[root@centos6 download]# ln -s /usr/local/lib64/libmhash.so.2.0.1 /usr/lib64/libmhash.so.2.0.1
[root@centos6 download]# ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config[root@centos6 download]# wget http://download.csdn.net/tag/mcrypt-2.6.8.tar.gz
[root@centos6 download]# tar zxf mcrypt-2.6.8.tar.gz
[root@centos6 download]# cd mcrypt-2.6.8
[root@centos6 mcrypt-2.6.8]# /sbin/ldconfig
[root@centos6 mcrypt-2.6.8]# ./configure
[root@centos6 mcrypt-2.6.8]# make
[root@centos6 mcrypt-2.6.8]# make install
[root@centos6 mcrypt-2.6.8]# cd ../5、编译PHP
[root@centos6 download]# wget http://mirrors.sohu.com/php/php-7.1.0.tar.gz
[root@centos6 download]# tar zxf php-7.1.0.tar.gz
[root@centos6 php-7.1.0]# ./configure --prefix=/application/php-7.1.0
--with-config-file-path=/application/php-7.1.0/etc
--enable-fpm --enable-mbstring --enable-zip
--enable-bcmath --enable-pcntl --enable-ftp
--enable-intl --enable-exif --enable-calendar
--enable-sysvmsg --enable-sysvsem
--enable-sysvshm --enable-wddx --with-curl
--with-mcrypt --with-iconv --with-gd
--with-jpeg-dir=/usr --with-png-dir=/usr
--with-zlib-dir=/usr --with-xpm-dir=/usr
--with-freetype-dir=/usr --enable-gd-native-ttf
--enable-gd-jis-conv --with-gettext=/usr
--with-zlib=/usr --with-bz2=/usr
--with-recode=/usr --with-mysql
--with-mysqli --with-pdo-mysql**
--enable-sockets --disable-ipv6**
--with-fpm-user=nginx --with-fpm-group=nginx
--with-openssl=/usr/local/openssl
[root@centos6 php-7.1.0]# make
[root@centos6 php-7.1.0]# make install
[root@centos6 php-7.1.0]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@centos6 php-7.1.0]# chmod 700 /etc/init.d/php-fpm
[root@centos6 php-7.1.0]# cp /application/php-7.1.0/etc/php-fpm.conf.default /application/php-7.1.0/etc/php-fpm.conf
[root@centos6 php-7.1.0]# cp /application/php-7.1.0/etc/php-fpm.d/www.conf.default /application/php-7.1.0/etc/php-fpm.d/www.conf.defau
[root@centos6 php-7.1.0]# cp /application/php-7.1.0/etc/php-fpm.d/www.conf.default /application/php-7.1.0/etc/php-fpm.d/www.conf.defa
[root@centos6 php-7.1.0]# cp /application/php-7.1.0/etc/php-fpm.d/www.conf.default /application/php-7.1.0/etc/php-fpm.d/www.conf
[root@centos6 php-7.1.0]# /etc/init.d/php-fpm start
[root@centos6 php-7.1.0]# ps -ef|grep php
root 98304 1 0 00:04 ? 00:00:00 php-fpm: master process (/application/php-7.1.0/etc/php-fpm.conf)
nginx 98305 98304 0 00:04 ? 00:00:00 php-fpm: pool www
nginx 98306 98304 0 00:04 ? 00:00:00 php-fpm: pool www
root 98308 1265 0 00:04 pts/0 00:00:00 grep php6、查看phpinfo信息
没升级这前openssl 的版本是
openssl-1.0.1e-48.el6_8.3.x86_64
升级之后查看下phpinfo的信息
目前官网最新版本,升级成功
之前一直升级不成功就是因为php无法识别这个最新版本,phpinfo信息里仍然是旧版本,后面采用升级PHP 版本,才升级成功.
文章虽然是一篇旧文,现在的版本肯定用的比这个新了,但是,只是给大家提供一个思路,这里还建议大家慎重升级openssl版本,除非有必要,我们当时升级是因为与某厂有个视频类的合作,必须升级它,否则无法对接API。
- 分享一份阿里云内部超全K8s实战手册,免费下载!
- 这里给大家再分享一些技术资料,建议收藏!
- 超全96页!《阿里云ECS运维:linux系统诊断》手册开放免费下载
- 升职加薪必备!运维工程师打怪升级进阶成神之路
- 我没有开挂的人生!自律和坚持,是我走IT之路的唯一捷径
- 全网最新、最全Linux面试题(2020版)!
- 史上最全、最新的Redis面试题(2020最新版)!
- 赞!7000 字学习笔记,MySQL 从入门到放弃
- 12800字!SQL 语法速成手册(干货满满,建议收藏!)
如有错误或其它问题,欢迎小伙伴留言评论、指正。如有帮助,欢迎点赞+转发分享。
更多相关开源技术文章,请持续关注民工哥知乎技术专栏。
我是民工哥,一个爱折腾的IT技术老司机,欢迎关注我,我们一起学习,共同成长!!
143
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
