|
前言
LAMP网站架构是目前国际流行的Web框架,该框架包括:Linux操作系统,Apache网站服务器,MySQL数据库,Perl、PHP或者Python编程语言,所有组成产品均是开源软件,是国际上成熟的架构框架,很多流行的商业应用都是采取这个架构,和Java/J2EE架构相比,LAMP具有Web资源丰富、轻量、快速开发等特点,与微软的.NET架构相比,LAMP具有通用、跨平台、高性能、低价格的优势,因此LAMP无论是性能、质量还是价格都是企业搭建网站的首选平台。但由于MySQL作为SUN公司的附属品已被Oracle收购,以后是否还会继续开源,这个鬼才知道,所以CentOS7上开始采用MySQL的分支MariaDB,估计以后在LAMP中MariaDB也会取代MySQL。 工作原理
编译安装LAMP
编译安装httpd 系统环境:CentOS6.6 作为web服务器:172.16.10.100
所需软件包:apr-1.5.0.tar.bz2、apr-util-1.5.3.tar.bz2、httpd-2.4.9.tar.bz2 注意:httpd2.4需要依赖apr和arp-util 1.4以上版本 解决依赖关系 1
2
| [iyunv@scholar ~]# yum groupinstall Development tools Server Platform Development -y
[iyunv@scholar ~]# yum -y install pcre-devel
|
编译安装apr和apr-util 1
2
3
4
5
6
7
8
9
10
| [iyunv@scholar ~]# tar xf apr-1.5.0.tar.bz2
[iyunv@scholar ~]# cd apr-1.5.0
[iyunv@scholar apr-1.5.0]# ./configure --prefix=/usr/local/apr
[iyunv@scholar apr-1.5.0]# make && make install
[iyunv@scholar apr-1.5.0]# cd ..
[iyunv@scholar ~]# tar xf apr-util-1.5.3.tar.bz2
[iyunv@scholar ~]# cd apr-util-1.5.3
[iyunv@scholar apr-util-1.5.3]# ./configure --prefix=/usr/local/apr-util
--with-apr=/usr/local/apr/
[iyunv@scholar apr-util-1.5.3]# make && make install
|
编译安装httpd 1
2
3
4
5
6
7
8
9
| [iyunv@scholar apr-util-1.5.3]# cd ..
[iyunv@scholar ~]# tar xf httpd-2.4.9.tar.bz2
[iyunv@scholar ~]# cd httpd-2.4.9
[iyunv@scholar httpd-2.4.9]# ./configure --prefix=/usr/local/apache
--sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi
--enable-rewrite --enable-deflate --with-zlib --with-pcre
--with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/
--enable-mpms-shared=all --with-mpm=event --enable-modules=most
[iyunv@scholar httpd-2.4.9]# make && make install
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| 编译参数详解:
--prefix:#安装路径
--sysconfdir:#指定配置文件路径
--enable-so:#DSO兼容,DSO=Dynamic Shared Object,动态共享对象,可实现模块动态生效
--enable-ssl:#支持SSL/TLS,可实现https访问 需已安装openssl-devel
--enable-cgi:#支持CGI脚本(默认对非线程的MPM模式开启)
--enable-rewrite:#启用Rewrite功能,URL重写
--enable-deflate:#支持压缩功能
--with-zlib:#使用指定的zlib库,不指定路径会自动寻找
--with-pcre:#使用指定的PCRE库,不指定路径会自动寻找 需已安装pcre-devel
--with-apr:#指定apr安装路径
--with-apr-util:#指定apr-util安装路径
--enable-mpms-shared:#支持动态加载的MPM模块,可选参数:all
--with-mpm:#设置默认启用的MPM模式,{prefork|worker|event}
--enable-modules:#支持动态启用的模块,可选参数:all,most,few,reallyall
#编译之前可使用./configure --help查看各项参数
|
添加环境变量 为了方便命令使用需要添加环境变量 1
2
3
4
5
| [iyunv@scholar ~]# vim /etc/profile.d/httpd24.sh #名字自定义
export PATH=/usr/local/apache/bin:$PATH
[iyunv@scholar ~]# source /etc/profile.d/httpd24.sh #重读环境变量
|
导出头文件 1
| [iyunv@scholar ~]# ln -sv /usr/local/apache/include/ /usr/include/httpd24
|
导出man手册 1
2
3
| [iyunv@scholar ~]# vim /etc/man.config
MANPATH /usr/local/apache/man #添加编译安装的man位置
|
提供脚本 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
| #!/bin/bash
#
# httpd Startup script for the Apache HTTP Server
#
# chkconfig: - 85 15
# description: The Apache HTTP Server is an efficient and extensible
# server implementing the current HTTP standards.
# processname: httpd
# config: /etc/httpd/conf/httpd.conf
# config: /etc/sysconfig/httpd
# pidfile: /var/run/httpd/httpd.pid
#
### BEGIN INIT INFO
# Provides: httpd
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Should-Start: distcache
#!/bin/bash
#
# httpd Startup script for the Apache HTTP Server
#
# chkconfig: - 85 15
# description: The Apache HTTP Server is an efficient and extensible
# server implementing the current HTTP standards.
# processname: httpd
# config: /etc/httpd/conf/httpd.conf
# config: /etc/sysconfig/httpd
# pidfile: /var/run/httpd/httpd.pid
#
### BEGIN INIT INFO
# Provides: httpd
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Should-Start: distcache
# Short-Description: start and stop Apache HTTP Server
# Description: The Apache HTTP Server is an extensible server
# implementing the current HTTP standards.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
#if [ -f /etc/sysconfig/httpd ]; then
# . /etc/sysconfig/httpd
#fi
# Start httpd in the C locale by default.
HTTPD_LANG=${HTTPD_LANG-"C"}
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Set HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server
# with the thread-based "worker" MPM; BE WARNED that some modules may not
# work correctly with a thread-based MPM; notably PHP will refuse to start.
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/apache/bin/apachectl
httpd=${HTTPD-/usr/local/apache/bin/httpd}
prog=httpd
pidfile=${PIDFILE-/usr/local/apache/logs/httpd.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd}
RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $"Starting $prog: "
LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
# When stopping httpd, a delay (of default 10 second) is required
# before SIGKILLing the httpd parent; this gives enough time for the
# httpd parent to SIGKILL any errant children.
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
RETVAL=6
echo $"not reloading due to configuration syntax error"
failure $"not reloading $httpd due to configuration syntax error"
else
# Force LSB behaviour from killproc
LSB=1 killproc -p ${pidfile} $httpd -HUP
RETVAL=$?
if [ $RETVAL -eq 7 ]; then
failure $"httpd shutdown"
fi
fi
echo
}
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart|try-restart)
if status -p ${pidfile} $httpd >&/dev/null; then
stop
start
fi
;;
force-reload|reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|
force-reload|reload|status|fullstatus|graceful|help|configtest}"
RETVAL=2
esac
exit $RETVAL
|
加入服务列表,测试脚本启动服务,查看80端口是否被监听
访问测试,查看是否正常工作
OK,没问题,httpd编译安装完成 安装MariaDB
系统环境:CentOS6.6 作为数据库服务器:172.16.10.211 所需软件包:mariadb-5.5.36-linux-x86_64.tar.gz(二进制格式包) 装备数据存放文件系统
为了安全起见,一般数据库数据是被放在其他磁盘上的,这里我们新建一个逻辑卷,并将其挂载至特定目录即可。 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| [iyunv@MariaDB ~]# fdisk /dev/sdb
n
p
1
+20G
t
8e
w
[iyunv@MariaDB ~]# partx -a /dev/sdb
[iyunv@MariaDB ~]# pvcreate /dev/sdb1
[iyunv@MariaDB ~]# vgcreate myvg /dev/sdb1
[iyunv@MariaDB ~]# lvcreate -L 10G -n mydata myvg
[iyunv@MariaDB ~]# mke2fs -t ext4 -L MYDATA -b 4096 -m 3 /dev/myvg/mydata
[iyunv@MariaDB ~]# mkdir /mydata
[iyunv@MariaDB ~]# vim /etc/fstab
LABEL=MYDATA /mydata ext4 defaults,noatime 0 0
[iyunv@MariaDB ~]# mount -a
[iyunv@MariaDB ~]# mkdir /mydata/data
|
为了安全,新建用户及组,以普通用户运行
解压安装MariaDB,权限修改
提供配置文件,初始化数据库 1
2
3
4
5
6
7
8
9
| [iyunv@MariaDB local]# mkdir /etc/mysql
[iyunv@MariaDB local]# cp ./mysql/support-files/my-large.cnf /etc/mysql/my.cnf
[iyunv@MariaDB local]# vim /etc/mysql/my.cnf
thread_concurrency = 4 #运行CPU数量乘2
datadir = /mydata/data #添加行,指明数据文件存放位置
[iyunv@MariaDB local]# cd mysql/
[iyunv@MariaDB mysql]# scripts/mysql_install_db --user=mysql --datadir=/mydata/data
|
提供脚本
加入服务列表,启动服务,查看3306端口是否被监听
添加环境变量 1
2
3
4
5
| [iyunv@MariaDB mysql]# vim /etc/profile.d/mysql.sh
export PATH=/usr/local/mysql/bin:$PATH
[iyunv@MariaDB mysql]# source /etc/profile.d/mysql.sh
|
导出man手册
1
2
3
| [iyunv@MariaDB mysql]# vim /etc/man.config
MANPATH /usr/local/mysql/man
|
导出头文件 1
| [iyunv@MariaDB ~]# ln -sv /usr/local/mysql/include /usr/include/mysql
|
输出库文件给系统库查找路径 1
| [iyunv@MariaDB ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
|
测试MariaDB
OK,MariaDB安装完成 编译安装php 系统环境:CentOS6.6
作为php服务器:172.16.10.110 所需安装包:php-5.4.26.tar.bz2、xcache-3.1.0.tar.bz2(非必须,加速软件) 解决依赖关系
1
2
3
| [iyunv@scholar ~]# yum groupinstall Development tools Server Platform Development -y
[iyunv@scholar ~]# yum -y groupinstall Desktop Platform Development
[iyunv@scholar ~]# yum -y install bzip2-devel libmcrypt-devel
|
解压编译
1
2
3
4
5
6
7
8
| [iyunv@scholar ~]# tar xf php-5.4.26.tar.bz2
[iyunv@scholar ~]# cd php-5.4.26
[iyunv@scholar php-5.4.26]# ./configure --prefix=/usr/local/php --with-mysql=mysqlnd
--with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --enable-mbstring --with-freetype-dir
--with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml
--enable-sockets --enable-fpm --with-mcrypt --with-config-file-path=/etc
--with-config-file-scan-dir=/etc/php.d --with-bz2 --with-openssl
[iyunv@scholar php-5.4.26]# make && make install
|
提供配置文件
1
| [iyunv@scholar php-5.4.26]# cp php.ini-production /etc/php.ini
|
为php-fpm提供脚本
为php-fpm提供配置文件
编辑配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
| [iyunv@scholar php]# vim etc/php-fpm.conf #注意文件位置/usr/local/php/etc/
pid =/usr/local/php/var/run/php-fpm.pid
listen = 172.16.10.110:9000
pm.max_children = 25 #最大子进程数
pm.start_servers = 5 #开机预启动子进程数
pm.min_spare_servers = 2 #最小空闲子进程数
pm.max_spare_servers = 6 #最大空闲子进程数
|
启动服务,检查9000端口是否被监听
到此为止,各软件算是编译安装完了,我们通过一个实例让他们工作起来
启动LAMP 案例要求:
DNS服务器:172.16.10.10 web服务器:172.16.10.100(已编译安装httpd-2.4.9) php服务器:172.16.10.110(已编译安装php-5.4.26) 数据库服务器:172.16.10.211(已安装MariaDB-5.5.36) 要求web服务器提供3个站点:www.scholar.com(静态)、admin.scholar.com(动态,phpMyAdmin)、blog.scholar.com(动态、wordpress),站点文件目录分别为:/web/www、/web/pma、/web/blog,其中admin.scholar.com由于是管理数据库的站点,所以必须基于https进行通信。 DNS服务器配置 修改DNS正反向区域文件 正向解析
反向解析
检查语法,重启服务
web服务器配置
启用相关模块
1
2
3
4
| [iyunv@scholar ~]# vim /etc/httpd24/httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
启用虚拟主机 1
2
3
| #DocumentRoot "/usr/local/apache/htdocs" #关闭中心主机
Include /etc/httpd24/extra/httpd-vhosts.conf #启用虚拟主机
|
使之支持php 1
2
3
4
5
6
|
DirectoryIndex index.html index.php
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
|
配置虚拟主机
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
| [iyunv@scholar ~]# vim /etc/httpd24/extra/httpd-vhosts.conf
DocumentRoot "/web/www"
ServerName www.scholar.com
Options none
AllowOverride none
Require all granted
DocumentRoot "/web/pma"
ServerName admin.scholar.com
ProxyRequests Off #关闭正向代理
ProxyPassMatch ^/(.*.php)$ fcgi://172.16.10.110:9000/web/pma/$1 #代理至php服务器
Options none
AllowOverride none
Require all granted
DocumentRoot "/web/blog"
ServerName blog.scholar.com
ProxyRequests Off
ProxyPassMatch ^/(.*.php)$ fcgi://172.16.10.110:9000/web/blog/$1
Options none
AllowOverride none
Require all granted
|
站点文件准备 web服务器:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| [iyunv@scholar php]# mkdir /web/{pma,blog} -pv #此为php服务器,不要混淆
mkdir: created directory `/web/pma'
mkdir: created directory `/web/blog'
[iyunv@scholar php]# scp 172.16.10.100:/web/pma/* /web/pma/
[iyunv@scholar php]# scp 172.16.10.100:/web/blog/* /web/blog/
[iyunv@scholar php]# cd /web/pma
[iyunv@scholar pma]# cp config.sample.inc.php config.inc.php
[iyunv@scholar pma]# vim config.inc.php
$cfg['blowfish_secret'] = 'a8b7c6dhfgs';
$cfg['Servers'][$i]['host'] = '172.16.10.211';
[iyunv@scholar pma]# cd ../blog/
[iyunv@scholar blog]# cp wp-config-sample.php wp-config.php
[iyunv@scholar blog]# vim wp-config.php
/** WordPress 数据库的名称 */
define('DB_NAME', 'wpdb');
/** MySQL 数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL 数据库密码 */
define('DB_PASSWORD', 'wppass');
/** MySQL 主机 */
define('DB_HOST', '172.16.10.211');
|
数据库准备
检查语法,重启服务
测试各站点,访问是否正常
至此,分离式的LAMP就可以统一正常工作了,接下来我们为admin.scholar.com提供https。 生成私钥,提供证书
签署证书,我这里本机就是CA就自签了,CA配置详见博客
启用ssl功能 1
2
3
4
5
6
| [iyunv@scholar ssl]# vim /etc/httpd24/httpd.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
Include /etc/httpd24/extra/httpd-ssl.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| [iyunv@scholar ssl]# vim /etc/httpd24/extra/httpd-ssl.conf
DocumentRoot "/web/pma" #站点目录
ServerName admin.scholar.com:443 #启用ssl的站点
ProxyRequests Off #同样关闭正向向代理
ProxyPassMatch ^/(.*.php)$ fcgi://172.16.10.110:9000/web/pma/$1 #反向代理至php服务器
Options none
AllowOverride none
Require all granted
SSLCertificateFile "/etc/httpd24/ssl/httpd.crt" #证书位置
SSLCertificateKeyFile "/etc/httpd24/ssl/httpd.key" #私钥位置
|
测试语法,重启服务,查看443端口是否被监听
将CA证书导出,重命名为*.crt格式,安装在受信任的根证书颁发机构中,测试https
成功了,我们登陆数据库看一下
OK,登陆成功,可以管理数据库啦,至此,基于https的加密通信部署完成 xcache加速 最后,我们补充讲解一下xcache,xcache是一个开源的 opcode 缓存器/优化器,它可以提高php的性能,加快页面生成速率,从而降低服务器负载。 为了比较加速前后的效果,在安装xcache之前,我们来对现在的服务器进行压力测试
编译安装xcache 1
2
3
4
5
6
| [iyunv@scholar ~]# tar xf xcache-3.1.0.tar.bz2
[iyunv@scholar ~]# cd xcache-3.1.0
[iyunv@scholar xcache-3.1.0]# /usr/local/php/bin/phpize
[iyunv@scholar xcache-3.1.0]# ./configure --enable-xcache --with-php-config=
/usr/local/php/bin/php-config
[iyunv@scholar xcache-3.1.0]# make && make install
|
配置xcache
1
2
3
4
5
6
7
| [iyunv@scholar xcache-3.1.0]# mkdir /etc/php.d
[iyunv@scholar xcache-3.1.0]# cp xcache.ini /etc/php.d/
[iyunv@scholar xcache-3.1.0]# vim /etc/php.d/xcache.ini
[xcache-common]
;; non-Windows example:
extension = /usr/local/php/lib/php/extensions/no-debug-non-zts-20100525/xcache.so
|
安装成功,重启服务,再次测试
经过xcache加速,响应和传输速度快了好多倍,由此可见,xcache还是很实用的。 The end
好了,LAMP就先讲解到这里啦,搭建LAMP平台还是挺费时间的,希望本文可以对你有所帮助,部署过程中遇到问题可留言,欲了解更多功能的LAMP,请关注后续文章。以上仅为个人学习整理,如有错漏,大神勿喷~~~
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2015-4-20 11:08:56
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡