LAMP環境搭建實現網站動靜分離[轉]
目錄:php
一、環境概述html
二、動靜分離拓撲圖mysql
三、各服務器功能規劃linux
四、各服務器基礎環境配置web
五、httpd安裝配置sql
六、php安裝配置及啓用opcache加速功能數據庫
七、mysql安裝配置apache
八、wordpress論壇程序安裝測試vim
九、CA證書服務器及ssl配置windows
十、phpmyadmin安裝測試
十一、php的opcache加速功能測試
十二、總結
一、環境概述:
前幾篇博客已把httpd、mysql及php以模塊的方式與http進行了整合,這些服務都在一臺Linux主機上部署,這種簡單的架構在網站初期還能勝任,但隨着網站訪問量的增大,業務邏輯愈來愈複雜,這種架構已不能知足現實的需求,現急需優化架構。咱們須要一個可擴展的網站架構,因此此次來一個大手術,httpd、mysql、以及以FastCGI方式工做的php服務各自部署在單獨的服務器,三個服務各施其職,獨佔本身的硬件資源,這種架構隨着業務量增長後擴展方便,而這種架構還實現了網站的動靜分離。
全部軟件包這裏獲取:LAMP環境所涉及軟件包獲取地址
二、動靜分離拓撲圖:
三、各服務器功能規劃:
| 主機名 | IP地址 | 安裝服務 | 說明 |
|
http |
192.168.0.200 |
httpd、NFS服務端 | 經過nfs把php服務器的網站程序掛載到本地,避免上傳網站程序時在http和php服務器都要上傳 |
| php | 192.168.0.201 |
php、NFS客戶端、phpmyadmin、論壇程序 | php以php-fpm方式工做,經過nfs服務把網站程序共享 |
| mysql | 192.168.0.202 | mysql、配置成CA服務器 | 數據目錄存放在LVM捲上,兼任CA證書服務,爲實現安全的訪問phpmyadmin |
四、各服務器基礎環境配置:
4.一、http服務器基礎配置:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
[root@http ~]
# cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m
[root@http ~]
# hostname
http
[root@http ~]
# ifconfig | grep Bcast:
inet addr:192.168.0.200 Bcast:192.168.0.255 Mask:255.255.255.0
[root@http ~]
# echo "192.168.0.200 www" >> /etc/hosts
[root@http ~]
# echo "192.168.0.201 php" >> /etc/hosts
[root@http ~]
# echo "192.168.0.202 mysql" >> /etc/hosts
[root@http ~]
# chkconfig iptables off
[root@http ~]
# service iptables stop
[root@http ~]
# vim /etc/sysconfig/selinux
SELINUX=disabled
[root@http ~]
# shutdown -r now
|
4.二、php服務器基礎配置:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
[root@php ~]
# cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m
[root@php ~]
# hostname
php
[root@php ~]
# ifconfig | grep Bcast:
inet addr:192.168.0.201 Bcast:192.168.0.255 Mask:255.255.255.0
[root@php ~]
# echo "192.168.0.201 php" >> /etc/hosts
[root@php ~]
# echo "192.168.0.200 http" >> /etc/hosts
[root@php ~]
# echo "192.168.0.202 mysql" >> /etc/hosts
[root@php ~]
# chkconfig iptables off
[root@php ~]
# service iptables stop
[root@php ~]
# vim /etc/sysconfig/selinux
SELINUX=disabled
[root@php ~]
# shutdown -r now
|
4.三、mysql服務器基礎配置:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
[root@mysql ~]
# cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m
[root@php ~]
# hostname
mysql
[root@mysql ~]
# ifconfig | grep Bcast:
inet addr:192.168.0.202 Bcast:192.168.0.255 Mask:255.255.255.0
[root@mysql ~]
# echo "192.168.0.202 mysql" >> /etc/hosts
[root@mysql ~]
# echo "192.168.0.200 http" >> /etc/hosts
[root@mysql ~]
# echo "192.168.0.201 php" >> /etc/hosts
[root@mysql ~]
# chkconfig iptables off
[root@mysql ~]
# service iptables stop
[root@mysql ~]
# vim /etc/sysconfig/selinux
SELINUX=disabled
[root@mysql ~]
# shutdown -r now
|
4.四、配置各服務器間免密碼登錄:
4.4.一、配置http無密碼訪問php和mysql主機:
|
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@http ~]
# ssh-keygen -t rsa #連續回車
[root@http ~]
# ls /root/.ssh/
id_rsa id_rsa.pub
[root@http ~]
# ssh-copy-id root@php #在有提示處輸入「yes」,l並輸入php主機的密碼
[root@http ~]
# ls /root/.ssh/ #生成了know_hosts文件
id_rsa id_rsa.pub known_hosts
[root@http ~]
# ssh-copy-id root@mysql
測試http無密碼訪問php及mysql主機:
[root@http ~]
# ssh root@php
Last login: Sat Jan 31 16:41:46 2015 from http
[root@http ~]
# ssh root@mysql
Last login: Sat Jan 31 16:38:12 2015 from http
|
說明:在「[root@http ~]# ssh-copy-id root@php」時,若不是指定php主機的主機名,而是指定ip地址,就像這樣「[root@http ~]# ssh-copy-id root@192.168.0.201」那http登錄php時只能用指定ip的地址進行無密碼登錄,若是是這樣「[root@http ~]# ssh root@php」是不能無密碼登錄的,經過觀察「/root/.ssh/know_hosts」文件就可知道其中的道理。
4.4.二、配置php無密碼訪問http和mysql主機:
|
1
2
3
|
[root@php ~]
# ssh-keygen -t rsa
[root@php ~]
# ssh-copy-id root@http
[root@php ~]
# ssh-copy-id root@mysql
|
4.4.三、配置mysql無密碼訪問http和php主機:
|
1
2
3
|
[root@mysql ~]
# ssh-keygen -t rsa
[root@mysql ~]
# ssh-copy-id root@http
[root@mysql ~]
# ssh-copy-id root@php
|
4.五、基於NFS準備網站目錄結構:
|
1
2
3
4
5
6
7
|
[root@php ~]
# yum -y install nfs-utils
[root@php ~]
# vim /etc/exports
/web/vhosts
192.168.0.200(rw,
sync
,no_root_squash)
[root@php ~]
# mkdir -pv /web/vhosts/{bbs.linux.com,phpmyadmin.com}
[root@php ~]
# service rpcbind start
[root@php ~]
# service nfs start
[root@php ~]
# chkconfig nfs on
|
|
1
2
3
4
5
6
|
[root@http httpd-2.4.12]
# mkdir -pv /web/vhosts
[root@http httpd-2.4.12]
# vim /etc/fstab
192.168.0.201:
/web/vhosts
/web/vhosts
nfs defaults 0 0
#新增長此行
[root@http httpd-2.4.12]
# mount -a
[root@http httpd-2.4.12]
# ls /web/vhosts/
bbs.linux.com phpmyadmin.com
|
五、httpd安裝配置:
5.一、軟件包版本信息:
|
1
2
3
4
|
[root@http software]
# pwd
/root/software
[root@http software]
# ls
apr-1.5.1.
tar
.gz apr-util-1.5.2.
tar
.bz2 httpd-2.4.12.
tar
.bz2
|
5.二、處理httpd的依賴關係:
|
1
2
3
4
5
6
|
[root@http software]
# yum -y install pcre-devel
[root@http software]
# tar xf apr-1.5.1.tar.gz
[root@http software]
# cd apr-1.5.1
[root@http apr-1.5.1]
# ./configure --prefix=/usr/local/apr-1.5
[root@http apr-1.5.1]
# make && make install
|
說明:在編譯apr-1.5.1前請看這裏「安裝apr報錯rm: cannot remove `libtoolT': No such file or directory」
|
1
2
3
4
|
[root@http software]
# tar xf apr-util-1.5.2.tar.bz2
[root@http software]
# cd apr-util-1.5.2
[root@http apr-util-1.5.2]
# ./configure --prefix=/usr/local/apr-util-1.5 --with-apr=/usr/local/apr-1.5
[root@http apr-util-1.5.2]
# make && make install
|
5.三、httpd編譯安裝配置及配置:
5.3.一、編譯、配置、安裝http:
|
1
2
3
4
|
[root@http software]
# tar xf httpd-2.4.12.tar.bz2
[root@http software]
# cd httpd-2.4.12
[root@http httpd-2.4.12]
# ./configure --prefix=/usr/local/apache24 --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --enable-modules=most --enable-mpms-shared=all --with-zlib --with-pcre --with-mpm=event --with-apr=/usr/local/apr-1.5 --with-apr-util=/usr/local/apr-util-1.5
[root@http httpd-2.4.12]
# make && make install
|
5.3.二、源碼編譯安裝後的收尾工做:
導出二進制文件:
|
1
2
3
|
[root@http httpd-2.4.12]
# vim /etc/profile.d/http24.sh
export
PATH=
/usr/local/apache24/bin
:$PATH
[root@http httpd-2.4.12]
# source /etc/profile.d/http24.sh
|
導出頭文件:
|
1
|
[root@http httpd-2.4.12]
# ln -sv /usr/local/apache24/include /usr/include/http24
|
導出man文檔:
|
1
2
3
4
5
6
7
|
[root@http httpd-2.4.12]
# vim /etc/man.config
MANPATH
/usr/man
MANPATH
/usr/share/man
MANPATH
/usr/local/man
MANPATH
/usr/local/share/man
MANPATH
/usr/X11R6/man
MANPATH
/usr/local/apache24/man
#新增
|
配置http開機自動啓動(可參照前邊的博客爲http提供sysv風格的腳本):
|
1
|
[root@http httpd-2.4.12]
# echo "/usr/local/apache24/bin/apachectl -k start" >> /etc/rc.loacl
|
5.3.三、配置http、增長對php支持、啓用虛擬主機:
|
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@http httpd-2.4.12]
# cp /etc/httpd24/httpd.conf /etc/httpd24/httpd.conf.back
[root@http httpd-2.4.12]
# vim /etc/httpd24/httpd.conf
ServerName 192.168.0.200:80
#啓用ServerName
#DocumentRoot "/usr/local/apache24/htdocs" #註釋中心主機
<IfModule dir_module>
DirectoryIndex index.php index.html
#增長php的主頁文件
<
/IfModule
>
AddType application
/x-compress
.Z
AddType application
/x-gzip
.gz .tgz
AddType application
/x-httpd-php
.php
#增長對php的支持
AddType application
/x-httpd-php-source
.phps
#增長對php的支持
Include
/etc/httpd24/extra/httpd-vhosts
.conf
#啓用虛擬主機配置文件
|
配置虛擬主機:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
[root@http httpd-2.4.12]
# vim /etc/httpd24/extra/httpd-vhosts.conf
#註釋掉最後的VirtualHost容器,並新增如下兩個虛擬主機
<VirtualHost *:80>
DocumentRoot
"/web/vhosts/bbs.linux.com"
ServerName bbs.linux.com
ErrorLog
"logs/bbs.linux.com-error_log"
CustomLog
"logs/bbs.linux.com-access_log"
common
<Directory
"/web/vhosts/bbs.linux.com"
>
Options none
AllowOverride none
Require all granted
<
/Directory
>
<
/VirtualHost
>
<VirtualHost *:80>
DocumentRoot
"/web/vhosts/phpmyadmin.com"
ServerName phpmyadmin.com
ErrorLog
"logs/phpmyadmin.com-error_log"
CustomLog
"logs/phpmyadmin.com-access_log"
common
<Directory
"/web/vhosts/phpmyadmin.com"
>
Options none
AllowOverride none
Require all granted
<
/Directory
>
<
/VirtualHost
>
|
測試兩個虛擬主機:
|
1
2
3
4
5
|
[root@http httpd-2.4.12]
# vim /web/vhosts/bbs.linux.com/index.html
This is bbs.linux.com
[root@http httpd-2.4.12]
# vim /web/vhosts/phpmyadmin.com/index.html
This is phpmyadmin.com
[root@http httpd-2.4.12]
# /usr/local/apache24/bin/apachectl -k start
|
最後配置windows主機的hosts文件,增長http服務器的兩個域名解析,用瀏覽器進行測試兩個域名是否能正常工做。
六、php安裝配置及啓用opcache加速功能:
6.一、軟件版本信息:
|
1
2
3
4
|
[root@php software]
# pwd
/root/software
[root@php software]
# ls
php-5.6.5.
tar
.xz
|
6.二、處理php的依賴關係:
|
1
2
|
[root@php software]
# yum -y install libxml2-devel bzip2-devel libmcrypt-devel mhash-devel
#若默認的yum源中沒有這些依賴包請增長epel源後再安裝
|
6.三、php編譯安裝及相應配置:
6.3.一、編譯安裝php:
|
1
2
3
4
|
[root@php software]
# tar xf php-5.6.5.tar.xz
[root@php software]
# cd php-5.6.5
[root@php php-5.6.5]
# ./configure --prefix=/usr/local/php5.6 --enable-mbstring --enable-xml --enable-fpm --enable-sockets --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-openssl --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2
[root@php php-5.6.5]
# make && make install
|
6.3.二、提供php.ini、php-fpm.conf、啓動腳本文件及一些收尾工做:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@php php-5.6.5]
# cp php.ini-production /etc/php.ini
[root@php php-5.6.5]
# cp /usr/local/php5.6/etc/php-fpm.conf.default /usr/local/php5.6/etc/php-fpm.conf
[root@php php-5.6.5]
# vim /usr/local/php5.6/etc/php-fpm.conf #合理調整下邊的參數
listen = 192.168.0.201:9000
pm.max_children = 5
#容許的併發鏈接數,線上服務器確定大於5
pm.start_servers = 2
#php-fpm啓動時啓動的進程個數
pm.min_spare_servers = 1
#最小空閒進程數
pm.max_spare_servers = 3
#最大空閒進程數
[root@php php-5.6.5]
# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm
[root@php php-5.6.5]
# chmod +x /etc/rc.d/init.d/php-fpm
[root@php php-5.6.5]
# chkconfig --add php-fpm
[root@php php-5.6.5]
# chkconfig php-fpm on
#啓動php-fpm及測試:
[root@php php-5.6.5]
# service php-fpm start
[root@php php-5.6.5]
# netstat -tnulp | grep 9000
#導出二進制文件:
[root@php php-5.6.5]
# echo 'export PATH=/usr/local/php5.6/bin:$PATH' > /etc/profile.d/php.sh
[root@php php-5.6.5]
# source /etc/profile.d/php.sh
[root@php php-5.6.5]
# php -v
PHP 5.6.5 (cli) (built: Feb 1 2015 09:41:40)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2014 Zend Technologies
#導出頭文件:
[root@php php-5.6.5]
# ln -sv /usr/local/php5.6/include /usr/include/php5.6
#導出庫文件:
[root@php php-5.6.5]
# echo "/usr/local/php5.6/lib" > /etc/ld.so.conf.d/php56.conf
[root@php php-5.6.5]
# ldconfig
|
6.3.三、啓用opcache,加速php代碼:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@php ~]
# vim /etc/php.ini #啓用[opcache]裏的參數
[opcache]
zend_extension =
/usr/local/php5
.6
/lib/php/extensions/no-debug-non-zts-20131226/opcache
.so
opcache.
enable
=1
opcache.enable_cli=1
opcache.memory_consumption=64
opcache.interned_strings_buffer=4
opcache.max_accelerated_files=2000
opcache.revalidate_freq=2
opcache.fast_shutdown=1
[root@php ~]
# service php-fpm restart
[root@php ~]
# php -m #查看opcache模塊是否加載
|
6.四、配置http虛擬主機成爲fastcgi的客戶端,實現用戶請求php文件時能轉交給php服務器:
6.4.一、啓用兩個模塊,使用http成爲fastcgi客戶:
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@http ~]
# vim /etc/httpd24/httpd.conf
……
LoadModule proxy_module modules
/mod_proxy
.so
LoadModule proxy_fcgi_module modules
/mod_proxy_fcgi
.so
……
[root@http ~]
# /usr/local/apache24/bin/apachectl -k stop
[root@http ~]
# /usr/local/apache24/bin/apachectl -k start
[root@http ~]
# /usr/local/apache24/bin/apachectl -t -D DUMP_MODULES | grep proxy
proxy_module (shared)
proxy_fcgi_module (shared)
|
6.4.二、修改虛擬主機配置文件:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
[root@http ~]
# vim /etc/httpd24/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot
"/web/vhosts/bbs.linux.com"
ServerName bbs.linux.com
ErrorLog
"logs/bbs.linux.com-error_log"
CustomLog
"logs/bbs.linux.com-access_log"
common
ProxyRequests Off
#新增
ProxyPassMatch ^/(.*\.php)$ fcgi:
//192
.168.0.201:9000
/web/vhosts/bbs
.linux.com/$1
#新增
<Directory
"/web/vhosts/bbs.linux.com"
>
Options none
AllowOverride none
Require all granted
<
/Directory
>
<
/VirtualHost
>
<VirtualHost *:80>
DocumentRoot
"/web/vhosts/phpmyadmin.com"
ServerName phpmyadmin.com
ErrorLog
"logs/phpmyadmin.com-error_log"
CustomLog
"logs/phpmyadmin.com-access_log"
common
ProxyRequests Off
#新增
ProxyPassMatch ^/(.*\.php)$ fcgi:
//192
.168.0.201:9000
/web/vhosts/phpmyadmin
.com/$1
#新增
<Directory
"/web/vhosts/phpmyadmin.com"
>
Options none
AllowOverride none
Require all granted
<
/Directory
>
<
/VirtualHost
>
[root@http ~]
# /usr/local/apache24/bin/apachectl -t
Syntax OK
[root@http ~]
# /usr/local/apache24/bin/apachectl -k stop
[root@http ~]
# /usr/local/apache24/bin/apachectl -k start
|
6.4.三、測試http與fastcgi整合是否工做正常:
|
1
2
3
4
5
6
|
[root@http ~]
# vim /web/vhosts/bbs.linux.com/index.php
<?php
phpinfo();
?>
[root@http ~]
# cp /web/vhosts/bbs.linux.com/index.php /web/vhosts/phpmyadmin.com/
|
七、mysql安裝配置:
7.一、基於LVM(邏輯卷管理器)準備分區,mysql的數據目錄放在此設備上:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
[root@mysql ~]
# fdisk -l | grep Disk
Disk
/dev/sdb
: 1073 MB, 1073741824 bytes
Disk identifier: 0x00000000
Disk
/dev/sda
: 53.7 GB, 53687091200 bytes
Disk identifier: 0x000bf287
Disk
/dev/sdc
: 1073 MB, 1073741824 bytes
Disk identifier: 0x00000000
#用fdisk分區工具把sdb與sdc兩個塊設備進行分區,並把分區類型修改爲「8e Linux LVM 」類型
[root@mysql ~]
# fdisk -l | grep "Device Boot" -A 1
Device Boot Start End Blocks Id System
/dev/sdb1
1 130 1044193+ 8e Linux LVM
--
Device Boot Start End Blocks Id System
/dev/sda1
* 1 13 102400 83 Linux
--
Device Boot Start End Blocks Id System
/dev/sdc1
1 130 1044193+ 8e Linux LVM
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[root@mysql ~]
# yum -y install lvm2 #安裝lvm管理器
[root@mysql ~]
# pvcreate /dev/sdb1 /dev/sdc1 #把兩設備轉化成pv設備
[root@mysql ~]
# vgcreate MysqlData /dev/sdb1 /dev/sdc1 #建立vg
[root@mysql ~]
# vgs
VG
#PV #LV #SN Attr VSize VFree
MysqlData 2 0 0 wz--n- 1.98g 1.98g
[root@mysql ~]
# lvcreate -L 500M -n DB_Data MysqlData
Logical volume
"DB_Data"
created
[root@mysql ~]
# lvdisplay
--- Logical volume ---
LV Path
/dev/MysqlData/DB_Data
LV Name DB_Data
VG Name MysqlData
LV UUID SrY3K8-TtB6-KARr-gkNc-IZjb-B21M-UZsmQB
LV Write Access
read
/write
LV Creation host,
time
mysql, 2015-02-01 11:36:35 +0800
LV Status available
# open 0
LV Size 500.00 MiB
Current LE 125
Segments 1
Allocation inherit
Read ahead sectors auto
- currently
set
to 256
Block device 253:0
[root@mysql ~]
# mkfs.ext4 /dev/MysqlData/DB_Data #格式化
[root@mysql ~]
# mkdir /mydata #建立掛載目錄
[root@mysql ~]
# vim /etc/fstab
/dev/MysqlData/DB_Data
/mydata
ext4 defaults 0 0
#新增
[root@mysql ~]
# mount -a
[root@mysql ~]
# ls /mydata/
lost+found
|
7.二、mysql二進制包安裝及相應庫的準備工做:
7.2.一、mysql安裝配置:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
[root@mysql software]
# pwd
/root/software
[root@mysql software]
# ls
mysql-advanced-5.6.22-linux-glibc2.5-x86_64.
tar
.gz
[root@mysql software]
# yum -y install libaio-devel #處理依賴關係
[root@mysql software]
# useradd -r -s /sbin/nologin mysql -M #建立mysql運行時的用戶
[root@mysql software]
# mkdir /mydata/data
[root@mysql software]
# chown -R mysql.mysql /mydata/data #修改數據目錄的屬性
[root@mysql software]
# ls -ld /mydata/data
drwxr-xr-x 2 mysql mysql 1024 Feb 1 12:46
/mydata/data
[root@mysql software]
# mv /etc/my.cnf /etc/my.cnf.back #備份原有的配置文件
[root@mysql software]
# tar xf mysql-advanced-5.6.22-linux-glibc2.5-x86_64.tar.gz -C /usr/local/
[root@mysql software]
# ln -sv /usr/local/mysql-advanced-5.6.22-linux-glibc2.5-x86_64 /usr/local/mysql
[root@mysql software]
# chown -R root.mysql /usr/local/mysql/*
[root@mysql software]
# cp /usr/local/mysql/support-files/my-default.cnf /etc/my.cnf
[root@mysql software]
# vim /etc/my.cnf #保留下邊的參數mysql就可啓動,詳細參數請查看其餘文檔
basedir =
/usr/local/mysql
datadir =
/mydata/data
port = 3306
# server_id = .....
socket =
/tmp/mysql
.sock
user = mysql
innodb_file_per_table = 1
innodb_thread_concurrency = 0
#不限制併發數
[root@mysql software]
# cd /usr/local/mysql
[root@mysql mysql]
# cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld
[root@mysql mysql]
# chkconfig --add mysqld
[root@mysql mysql]
# chkconfig mysqld on
[root@mysql mysql]
# scripts/mysql_install_db --user=mysql --datadir=/mydata/data
[root@mysql mysql]
# service mysqld start
Starting MySQL.. SUCCESS!
#導出二進制文件:
[root@mysql mysql]
# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@mysql mysql]
# source /etc/profile.d/mysql.sh
#導出頭文件:
[root@mysql mysql]
# ln -sv /usr/local/mysql/include /usr/include/mysql
#導出庫文件:
[root@mysql mysql]
# echo "/usr/local/mysql/lib" > /etc/ld.so.conf.d/mysql.conf
[root@mysql mysql]
# ldconfig -v | grep mysql
#測試:
[root@mysql mysql]
# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection
id
is 2
Server version: 5.6.22-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2014, Oracle and
/or
its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and
/or
its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to
clear
the current input statement.
mysql>
[root@mysql mysql]
# mysqladmin -u root password #爲root用戶設置密碼
New password:
Confirm new password:
|
7.2.二、建立論壇程序wordpress所使用數據庫:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[root@mysql mysql]
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection
id
is 3
Server version: 5.6.22-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2014, Oracle and
/or
its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and
/or
its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to
clear
the current input statement.
mysql> create database wpdb;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
|
test
|
| wpdb |
+--------------------+
5 rows
in
set
(0.00 sec)
mysql> grant all on wpdb.* to
'wpadmin'
@
'192.168.%.%'
identified by
'111111'
;
Query OK, 0 rows affected (0.03 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.03 sec)
mysql> \q
Bye
|
八、wordpress論壇程序安裝測試
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
[root@php software]
# pwd
/root/software
[root@php software]
# ls
php-5.6.5 php-5.6.5.
tar
.xz wordpress-4.1-zh_CN.
tar
.gz
[root@php software]
# tar xf wordpress-4.1-zh_CN.tar.gz
[root@php software]
# mv wordpress/* /web/vhosts/bbs.linux.com/
[root@php software]
# cd /web/vhosts/bbs.linux.com/
[root@php bbs.linux.com]
# cp wp-config-sample.php wp-config.php
[root@php bbs.linux.com]
# vim wp-config.php
/** WordPress數據庫的名稱 */
define(
'DB_NAME'
,
'wpdb'
);
/** MySQL數據庫用戶名 */
define(
'DB_USER'
,
'wpadmin'
);
/** MySQL數據庫密碼 */
define(
'DB_PASSWORD'
,
'111111'
);
/** MySQL主機 */
define(
'DB_HOST'
,
'192.168.0.202'
);
|
在windows主機上用IE瀏覽器直接訪問「http://bbs.linux.com」就可打開wordpress的安裝界面,
經測試,workpress運行正常。
九、CA證書服務器及ssl配置
9.一、在mysql服務器中生成密鑰文件:
|
1
2
3
4
5
6
7
8
|
[root@mysql ~]
# cd /etc/pki/CA
[root@mysql CA]
# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
..+++
....................+++
e is 65537 (0x10001)
[root@mysql CA]
# ls private/
cakey.pem
|
9.二、生成自簽證書:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@mysql CA]
# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter
'.'
, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:ChongQing
Locality Name (eg, city) [Default City]:YuBei
Organization Name (eg, company) [Default Company Ltd]:Learing
Organizational Unit Name (eg, section) []:Tech
Common Name (eg, your name or your server's
hostname
) []:ca.mysql.com
Email Address []:admin@mysql.com
[root@mysql CA]
# ls
cacert.pem certs crl newcerts private
[root@mysql CA]
# touch index.txt
[root@mysql CA]
# echo 01 > serial
|
CA創建完成,接下來要爲phpmyadmin.com這個虛擬主機提交證書申請,併爲其配置成https。
9.三、回到http服務器爲phpmyadmin.com虛擬主機生成私鑰,生成證書籤署請求,並把證書請求發給CA,:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
[root@http httpd24]
# pwd
/etc/httpd24
[root@http httpd24]
# mkdir ssl
[root@http httpd24]
# cd ssl
[root@http ssl]
# (umask 077;openssl genrsa -out httpd.key 1024) #生成私鑰
Generating RSA private key, 1024 bit long modulus
.................++++++
..................++++++
e is 65537 (0x10001)
[root@http ssl]
# openssl req -new -key httpd.key -out httpd.csr #生成證書籤署請求
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter
'.'
, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:ChongQing
Locality Name (eg, city) [Default City]:YuBei
Organization Name (eg, company) [Default Company Ltd]:Learing
Organizational Unit Name (eg, section) []:Tech
Common Name (eg, your name or your server's
hostname
) []:phpmyadmin.com
Email Address []:admin@phpmyadmin.com
Please enter the following
'extra'
attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@http ssl]
# scp httpd.csr mysql:/tmp #把證書籤署請求發送到CA
httpd.csr 100% 708 0.7KB
/s
00:00
|
9.四、回到CA服務器簽署http發送過來的證書籤署請求,處理後獲得一證書文件,把它回傳給http服務器:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
[root@mysql ~]
# openssl ca -in /tmp/httpd.csr -out httpd.crt -days 365 #處理http的證書籤署請求
Using configuration from
/etc/pki/tls/openssl
.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Feb 1 07:05:52 2015 GMT
Not After : Feb 1 07:05:52 2016 GMT
Subject:
countryName = CN
stateOrProvinceName = ChongQing
organizationName = Learing
organizationalUnitName = Tech
commonName = phpmyadmin.com
emailAddress = admin@phpmyadmin.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
B3:3B:7C:FC:A2:4B:35:C1:20:23:3E:FD:47:DA:13:61:38:45:8C:E6
X509v3 Authority Key Identifier:
keyid:45:B3:8D:A7:16:89:C6:50:D4:87:02:82:7B:80:4B:C8:25:23:2C:50
Certificate is to be certified
until
Feb 1 07:05:52 2016 GMT (365 days)
Sign the certificate? [y
/n
]:y
1 out of 1 certificate requests certified, commit? [y
/n
]y
Write out database with 1 new entries
Data Base Updated
[root@mysql ~]
# ls
anaconda-ks.cfg httpd.crt
install
.log
install
.log.syslog software
[root@mysql ~]
# scp httpd.crt http:/etc/httpd24/ssl #把證書回傳給http服務器
httpd.crt 100% 3861 3.8KB
/s
00:00
|
9.五、回到http服務器,配置虛擬主機對ssl的支持:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@http httpd24]
# pwd
/etc/httpd24
[root@http httpd24]
# vim httpd.conf
LoadModule socache_shmcb_module modules
/mod_socache_shmcb
.so
#此模塊在httpd-ssl.conf所須要
LoadModule ssl_module modules
/mod_ssl
.so
#啓用ssl模塊
Include
/etc/httpd24/extra/httpd-ssl
.conf
#啓用ssl配置文件包含
[root@http httpd24]
# vim extra/httpd-ssl.conf
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot
"/web/vhosts/phpmyadmin.com"
ServerName phpmyadmin.com:443
ServerAdmin admin@phpmyadmin.com
ErrorLog
"/web/vhosts/phpmyadmin.com/logs/error_log"
TransferLog
"/web/vhosts/phpmyadmin.com/logs/access_log"
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi:
//192
.168.0.201:9000
/web/vhosts/phpmyadmin
.com/$1
<Directory
"/web/vhosts/phpmyadmin.com"
>
Options none
AllowOverride none
Require all granted
<
/Directory
>
SSLCertificateFile
"/etc/httpd24/ssl/httpd.crt"
SSLCertificateKeyFile
"/etc/httpd24/ssl/httpd.key"
[root@http httpd24]
# mkdir /web/vhosts/phpmyadmin.com/logs #建立日誌目錄
[root@http httpd24]
# /usr/local/apache24/bin/apachectl -t
Syntax OK
[root@http httpd24]
# /usr/local/apache24/bin/apachectl -k graceful
|
9.六、下載CA服務器須要對外公開的證書文件(cacert.pem),導入系統後進行測試。在windows系統下須要把cacert.pem證書文件從新命令爲以「crt」爲後綴的文件,即更名後爲「cacert.crt」,導入證書後就能夠訪問「https://phpmyadmin.com」進行測試。
上圖是以前建的測試文件,如今用https來訪問也是正常的。
十、phpmyadmin安裝測試
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@php software]
# pwd
/root/software
[root@php software]
# ls | grep phpMyAdmin
phpMyAdmin-4.3.8-all-languages.zip
[root@php software]
# unzip phpMyAdmin-4.3.8-all-languages.zip
[root@php software]
# rm -rf /web/vhosts/phpmyadmin.com/index* #刪除以前創建的測試文件
[root@php software]
# mv phpMyAdmin-4.3.8-all-languages/* /web/vhosts/phpmyadmin.com/
[root@php phpmyadmin.com]
# cd /web/vhosts/phpmyadmin.com/
[root@php phpmyadmin.com]
# cp config.sample.inc.php config.inc.php
[root@php phpmyadmin.com]
# openssl rand -hex 8 #生成隨機數
949b17bdabd31977
[root@php phpmyadmin.com]
# vim config.inc.php
$cfg[
'blowfish_secret'
] =
'949b17bdabd31977'
; /*把上邊的隨機數填入*/
$cfg[
'Servers'
][$i][
'host'
] =
'192.168.0.202'
; /*填入mysql的IP地址*/
|
如今只能用wpammin用戶測試,由於root用戶默認拒絕遠程登錄:
回到mysql服務去設置讓root用戶也能夠遠程登錄:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
[root@mysql ~]
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection
id
is 63
Server version: 5.6.22-enterprise-commercial-advanced MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2014, Oracle and
/or
its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and
/or
its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to
clear
the current input statement.
mysql> use mysql
Reading table information
for
completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql>
select
host,user,password from user;
#只有wpadmin能夠在192.168.0.0網絡中遠程登錄
+-------------+---------+-------------------------------------------+
| host | user | password |
+-------------+---------+-------------------------------------------+
| localhost | root | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| mysql | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| localhost | | |
| mysql | | |
| 192.168.%.% | wpadmin | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
+-------------+---------+-------------------------------------------+
7 rows
in
set
(0.00 sec)
mysql> grant all privileges on *.* to
'root'
@
'192.168.0.201'
identified by
'111111'
with grant option;
Query OK, 0 rows affected (0.03 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql>
select
host,user,password from user;
+---------------+---------+-------------------------------------------+
| host | user | password |
+---------------+---------+-------------------------------------------+
| localhost | root | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| mysql | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| localhost | | |
| mysql | | |
| 192.168.%.% | wpadmin | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
| 192.168.0.201 | root | *FD571203974BA9AFE270FE62151AE967ECA5E0AA |
+---------------+---------+-------------------------------------------+
8 rows
in
set
(0.00 sec)
|
用root用戶來登錄phpmyadmin測試:
十一、php的opcache加速功能測試:
先關閉php的opcache功能:
|
1
2
3
4
5
6
|
[root@php ~]
# vim /etc/php.ini
;zend_extension =
/usr/local/php5
.6
/lib/php/extensions/no-debug-non-zts-20131226/opcache
.so
;註釋掉上邊一行
[root@php ~]
# service php-fpm restart
[root@php ~]
# php -m
|
在mysql服務器上用ab命令進行測試:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
[root@mysql ~]
# yum -y install httpd-tools #安裝ab測試工具,是在httpd-tools這個包裏的
[root@mysql ~]
# vim /etc/hosts #增長bbs.linux.com的本地解析
192.168.0.202 mysql
192.168.0.200 http bbs.linux.com
192.168.0.201 php
[root@mysql ~]
# ab -c 100 -n 1000 http://bbs.linux.com/index.php
……省略
Non-2xx responses: 1000
Total transferred: 301205 bytes
HTML transferred: 299 bytes
Requests per second: 8.40 [
#/sec] (mean) #每秒請求個數
Time per request: 11902.085 [ms] (mean)
Time per request: 119.021 [ms] (mean, across all concurrent requests)
Transfer rate: 2.47 [Kbytes
/sec
] received
……省略
啓用opcache功能後再作測試:
[root@php ~]
# vim /etc/php.ini
zend_extension =
/usr/local/php5
.6
/lib/php/extensions/no-debug-non-zts-20131226/opcache
.so
[root@php ~]
# service php-fpm restart
[root@php ~]
# php -m
[root@mysql ~]
# ab -c 100 -n 1000 http://bbs.linux.com/index.php
……省略
Write errors: 0
Non-2xx responses: 1000
Total transferred: 301000 bytes
HTML transferred: 0 bytes
Requests per second: 31.26 [
#/sec] (mean) #每秒請求個數
Time per request: 3199.462 [ms] (mean)
Time per request: 31.995 [ms] (mean, across all concurrent requests)
Transfer rate: 9.19 [Kbytes
/sec
] received
……省略
經過兩次對比,能夠看出啓用opcache功能後網站的訪問速度有明顯提高。
|
十二、總結:
此次環境搭建比較順利,當出現錯誤時都能經過程序所給出的錯誤提示和日誌文件快速的定位到故障處在,但仍是有一些地址值得注意或優化:
一、在類linux環境下對編譯安裝的軟件包約定俗成是安裝在「/usr/local/」下,這裏的usr是「uinx software resource」這個目錄在系統安裝好後自己就會有許多文件存在,若是把咱們自定義編譯安裝的軟件都放在這個目錄中,對軟件的管理上仍是有一些不便,這個目錄有點像windows下的「Program Files」這個目錄。因此建議在安裝系統之初,在進行分區時可單獨劃出一個分區專門成爲編譯軟件的安裝目錄;
二、httpd的虛擬主機的日誌文件應該集中在一個地方進行集中存儲管理,此次環境搭建是分散的放在各個虛擬主機主目錄下,這樣也不便於日誌的管理;
三、因http主機上的「/web/vhosts」目錄是從php主機經過nfs發佈後掛載過來的,因此簡化了兩次上傳網站程序的動做,但也在管理上帶了必定的影響,當要從新啓動http、php主機時要注意開關機的順序,開機時先開php主機,再開http主機,關機時先關http主機,後關php主機。
四、這樣一個LAMP環境中涉及到了「http.conf、http-ssl.conf、http-vhost.conf、my.cnf、php.ini、my-fpm.conf」等配置文件,這些配置中各個參數的具體意義得好好總結;
五、最後就是mysql這個軟件,已被oracle收購,在下載mysql5.6版本包時粗略看了一下許可協議,好像不像原生的mysql了,若是是公司線上產品,用其餘數據庫來替代吧,mariadb是一個不錯的選擇(沒看過它的許可)。
本文出自 「專一Linx,與Linux共舞」 博客,請務必保留此出處http://zhaochj.blog.51cto.com/368705/1609777
相關文章
- 1. 網站的動靜分離實踐(動靜分離)
- 2. CenOS下搭建LAMP建站環境
- 3. LAMP環境搭建
- 4. 搭建LAMP環境
- 5. LAMP 環境搭建
- 6. 搭建 LAMP 環境
- 7. Lamp環境搭建
- 更多相關文章...
- • Swift 環境搭建 - Swift 教程
- • Rust 環境搭建 - RUST 教程
- • ☆基於Java Instrument的Agent實現
- • Docker容器實戰(六) - 容器的隔離與限制
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 網站的動靜分離實踐(動靜分離)
- 2. CenOS下搭建LAMP建站環境
- 3. LAMP環境搭建
- 4. 搭建LAMP環境
- 5. LAMP 環境搭建
- 6. 搭建 LAMP 環境
- 7. Lamp環境搭建