企業實戰項目Linux+nginx+php+mysql+redis部署web服務

第一部分，服務器優化（操做用戶：root）
一、hostnamectl set-hostname SYT-test-001
二、yum -y install lrzsz
三、cp sysctl.conf sysctl.conf.bak
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 65536
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096        87380   4194304
net.ipv4.tcp_wmem = 4096        16384   4194304
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 819200
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_sack = 0
net.ipv4.ip_local_port_range = 1024    65000
net.ipv4.conf.default.rp_filter = 0
net.core.optmem_max = 65535
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_reordering = 5
net.ipv4.tcp_retrans_collapse = 0
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
fs.file-max = 2000000
四、passwd root
groupadd -r nginx
useradd -r -g nginx -s /sbin/nologin nginx
passwd nginx
五、yum -y install openssl openssl-devel gcc-c++
六、vi /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft noproc 65535
* hard noproc 65535
reboot
第二部分，安裝nginx（操做用戶：root）
mkdir /opt/syt
[安裝包nginx-1.16.1.tar.gz  pcre-8.39.tar.gz  zlib-1.2.8.tar.gz上傳到/opt/syt]
cd /opt/syt
tar zxf zlib-1.2.8.tar.gz
tar zxf pcre-8.39.tar.gz
tar zxf nginx-1.16.1.tar.gz
cd nginx-1.16.1/
./configure --prefix=/opt/syt --with-http_dav_module --with-http_stub_status_module --with-http_addition_module --with-http_sub_module --with-http_flv_module --with-http_mp4_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre=/opt/syt/pcre-8.39 --with-zlib=/opt/syt/zlib-1.2.8 --user=nginx --group=nginx
make
make install
/opt/syt/sbin/nginx -t
(nginx -t用於測試是否完成安裝)
cp /opt/syt/conf/nginx.conf /opt/syt/conf/nginx.conf.bak
vi /opt/syt/conf/nginx.conf
生產服務器工做線程數、親和力須要修改
user nginx;
worker_processes 2;
worker_cpu_affinity 01 10;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;pid logs/nginx.pid;
events {
	use epoll;
	worker_connections 65535;
	multi_accept on;
}
http {
	include mime.types;
	default_type application/octet-stream;
	#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	# '$status $body_bytes_sent "$http_referer" '
	# '"$http_user_agent" "$http_x_forwarded_for"';
	#access_log logs/access.log main;
	sendfile on;
	tcp_nopush on;
	keepalive_timeout 65;
	tcp_nodelay on;
	client_header_buffer_size 4k;
	open_file_cache max=102400 inactive=20s;
	open_file_cache_valid 30s;
	open_file_cache_min_uses 1;
	client_header_timeout 15;
	client_body_timeout 15;
	reset_timedout_connection on;
	send_timeout 15;
	server_tokens off;
	client_max_body_size 10m;
	fastcgi_connect_timeout 600;
	fastcgi_send_timeout 600;
	fastcgi_read_timeout 600;
	fastcgi_buffer_size 64k;
	fastcgi_buffers 4 64k;
	fastcgi_busy_buffers_size 128k;
	fastcgi_temp_file_write_size 128k;
	fastcgi_temp_path /opt/syt/nginx_tmp;
	fastcgi_intercept_errors on;
	fastcgi_cache_path /opt/syt/fastcgi_cache levels=1:2 keys_zone=cache_fastcgi:128m inactive=1d max_size=10g;
	gzip on;
	gzip_min_length 2k;
	gzip_buffers 4 32k;
	gzip_http_version 1.1;
	gzip_comp_level 6;
	gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascript application/xml;
	gzip_vary on;
	gzip_proxied any;
	server {
        listen       80;
		server_name localhost;	
		rewrite ^ https://$http_host$request_uri? permanent;   	
    	}
	server {
		listen 443 ssl;
		server_name localhost;
		#ssl on;
		ssl_certificate /opt/syt/certs/1_www.fysyt.com_bundle.crt;
        	ssl_certificate_key /opt/syt/certs/2_www.fysyt.com.key;
        	ssl_session_timeout  5m;
        	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
        	ssl_ciphers  HIGH:!aNULL:!MD5;
        	ssl_prefer_server_ciphers   on;
		charset utf-8;
		#access_log logs/host.access.log main;
	#	location ~* ^.+\.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$ {
	#		valid_referers none blocked 192.168.154.132;
	#			if ($invalid_referer) {
	#			return 404;
	#			break;
	#		}
	#		access_log off;
	#	}
		location / {
			root html;
			index index.php index.html index.htm;
		}
		location ~* \.(ico|jpe?g|gif|png|bmp|swf|flv)$ {
			expires 30d;
			#log_not_found off;
			access_log off;
		}
		location ~* \.(js|css)$ {
			expires 7d;
			log_not_found off;
			access_log off;
		}
		location = /(favicon.ico|roboots.txt) {
			access_log off;
		log_not_found off;
		}
		location /status {
			stub_status on;
		}
		location ~ .*\.(php|php5)?$ {
			root html;
			fastcgi_pass 172.17.0.6:9000;
			fastcgi_index index.php;
			include fastcgi.conf;
#關閉fastcgi的緩存			fastcgi_cache cache_fastcgi;
			fastcgi_cache_valid 200 302 1h;
			fastcgi_cache_valid 301 1d;
			fastcgi_cache_valid any 1m;
			fastcgi_cache_min_uses 1;
			fastcgi_cache_use_stale error timeout invalid_header http_500;
			fastcgi_cache_key http://$host$request_uri;
		}
		#error_page 404 /404.html;
		# redirect server error pages to the static page /50x.html
		#
		error_page 500 502 503 504 /50x.html;
		location = /50x.html {
			root html;
		}
	}
}
/opt/syt/sbin/nginx -s reload
第三部分，安裝php
mkdir /opt/php
[安裝包php-7.3.16.tar.gz上傳至/opt/php]
安裝php所需
yum -y install libxml2 libxml2-devel openssl openssl-devel curl-devel libjpeg-devel libpng-devel freetype-devel libmcrypt-devel libzip-devel pcre-devel
cd /opt/php
tar -zxf php-7.3.16.tar.gz
cd /opt/php/php-7.3.16
./configure --prefix=/opt/php \
--with-config-file-path=/opt/php/etc \
--with-config-file-scan-dir=/opt/php/etc/php.d \
--enable-mysqlnd \
--with-mysqli \
--with-pdo-mysql \
--enable-fpm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--with-gd \
--with-iconv \
--with-zlib \
--enable-xml \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--enable-mbregex \
--enable-mbstring \
--enable-ftp \
--with-openssl \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-soap \
--without-pear \
--with-gettext \
--enable-session \
--with-curl \
--with-jpeg-dir \
--with-freetype-dir \
--enable-opcache \
--enable-redis
make test
make
make install
cp /opt/php/php-7.3.16/php.ini-production /opt/php/etc/php.ini
cp /opt/php/php-7.3.16/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
cp /opt/php/etc/php-fpm.conf.default /opt/php/etc/php-fpm.conf
cp /opt/php/etc/php-fpm.d/www.conf.default /opt/php/etc/php-fpm.d/www.conf
chmod +x /etc/init.d/php-fpm
chkconfig --add php-fpm
chkconfig php-fpm on
(查看狀態)
chkconfig --list php-fpm
sed -i 's#;pid = run/php-fpm.pid#pid = run/php-fpm.pid#g' /opt/php/etc/php-fpm.conf
sed -i 's/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.max_children = 5/pm.max_children = 300/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.start_servers = 2/pm.start_servers = 10/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.min_spare_servers = 1/pm.min_spare_servers = 10/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.max_spare_servers = 3/pm.max_spare_servers = 50/g' /opt/php/etc/php-fpm.conf
service php-fpm start
netstat -anpt | grep 9000
(查看狀態)
第四部分，安裝redis
[將安裝包redis-5.0.8.tar.gz上傳至/opt]
cd /opt
tar zxf redis-5.0.8.tar.gz
cd /opt/redis-5.0.8
make
cp /opt/redis-5.0.8/redis.conf /opt/redis-5.0.8/redis.conf.bak
vi /opt/redis-5.0.8/redis.conf
修改daemonize no爲daemonize yes
複製一行，在原有的配置前加「#」，以後修改
啓動redis
/opt/redis-5.0.8/src/redis-server /opt/redis-5.0.8/redis.conf
netstat -anpt|grep 6379
(查看6379是否打開)
添加redis擴展
wget https://codeload.github.com/phpredis/phpredis/zip/develop
unzip phpredis-develop.zip
cd phpredis-develop
yum -y install autoconf
/opt/php/bin/phpize
./configure  --with-php-config=/opt/php/bin/php-config
make && make install
vi /usr/local/php7/etc/php.ini
extension=redis.so
service restart php-fpm
/opt/php/bin/php -m | grep redis
(驗證)
第五部分，安裝mysql
groupadd -r mysql
useradd -r -g mysql -s /bin/false -M mysql
mkdir /opt/mysql
[上傳安裝包mysql-5.7.29-el7-x86_64.tar.gz到/opt/mysql]
cd /opt/mysql
tar zxf mysql-5.7.29-el7-x86_64.tar.gz
mv mysql-5.7.29-el7-x86_64 mysql
rpm -e mariadb-libs --nodeps
卸載mariadb-libs
mkdir /opt/mysql/mysql/data
chown -R mysql:mysql /opt/mysql/mysql/
cat >> /etc/my.cnf << EOF
[client]
socket=/opt/mysql/mysql/data/mysql.sock
[mysqld]
basedir=/opt/mysql/mysql
datadir=/opt/mysql/mysql/data
port=3306
pid-file=/opt/mysql/mysql/data/mysql.pid
server_id=1
socket=/opt/mysql/mysql/data/mysql.sock
log-error=/opt/mysql/mysql/data/mysql.err
slow_query_log = 1
slow_query_log_file=/opt/mysql/mysql/data/slow-query.log
long_query_time = 1
log-queries-not-using-indexes
max_connections = 1024
back_log = 128
wait_timeout = 60
interactive_timeout = 7200
key_buffer_size = 256M
query_cache_size = 256M
query_cache_type = 1
query_cache_limit = 50M 
max_connect_errors = 20
sort_buffer_size = 2M
max_allowed_packet = 32M
join_buffer_size = 2M
thread_cache_size = 200
innodb_buffer_pool_size = 2048M
innodb_flush_log_at_trx_commit = 1
innodb_log_buffer_size = 32M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
log-bin=/opt/mysql/mysql/data/mysqlbin
binlog_cache_size = 2M 
max_binlog_cache_size = 8M
max_binlog_size = 512M
expire_logs_days = 7
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
EOF
yum -y install numactl
ln -s /opt/mysql/mysql/bin/* /usr/local/bin
mysqld --initialize --user=mysql --basedir=/opt/mysql/mysql/ --datadir=/opt/mysql/mysql/data
cat /opt/mysql/mysql/data/mysql.err  | grep localhost | awk -F"localhost: " {'print $2'}
取密碼
cp /opt/mysql/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld on
systemctl daemon-reload
systemctl start mysqld
mysqladmin -uroot -p password '123456'
在彈出的輸入框輸出剛剛用cat等命令截取的密碼