LNMP基礎架構

環境

## 一、關閉防火牆
[root@localhost ~]# systemctl disable --now firewalld

二、關閉selinux
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config && reboot

#開啓ip轉發
echo "net.ipv4.ip_forward  = 1" >> /etc/sysctl.conf 
#開啓不容許綁定本地覺得的ip
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
#關閉ipv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
#關閉ipv6網絡
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network

[root@localhost ~]# yum -y install lrzsz

#設置主機名
主機名:應用+ip
例:nginx-php_41

安裝nginx

[root@localhost ~]# mkdir -p /data/{tools,soft}
[root@localhost ~]# cd /data/soft/

[root@localhost soft]# ll
total 992
-rw-r--r-- 1 root root 1015384 May  2 01:32 nginx-1.14.2.tar.gz
[root@localhost soft]# tar -zxvf nginx-1.14.2.tar.gz
[root@localhost soft]# cd nginx-1.14.2
[root@localhost nginx-1.14.2]# yum install -y vim lrzsz tree screen psmisc lsof tcpdump wget ntpdate \
gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel \
net-tools iotop bc zip unzip zlib-devel bash-completion nfs-utils automake libxml2 \
libxml2-devel libxslt libxslt-devel perl perl-ExtUtils-Embed

[root@localhost nginx-1.14.2]# ./configure --prefix=/data/tools/nginx-1.14.2 \
--user=www \
--group=www \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-pcre \
--with-stream \
--with-stream_ssl_module \
--with-stream_realip_module
[root@localhost nginx-1.14.2]# make -j 2 && make install

[root@localhost nginx-1.14.2]# ln -sv /data/tools/nginx-1.14.2 /data/tools/nginx
‘/data/tools/nginx’ -> ‘/data/tools/nginx-1.14.2’

[root@localhost nginx-1.14.2]# useradd www -s /sbin/nologin -u 1000
[root@localhost ~]# cd /data/tools/nginx/conf/

準備php配置

[root@localhost conf]# cat nginx.conf
user www www;
worker_processes auto;

error_log /data/wwwlogs/error_nginx.log error;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65536;

events {
    worker_connections  65536;
    use epoll;
    accept_mutex on;
    multi_accept on;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_requests 3;
    keepalive_timeout  65 60;

    client_max_body_size 10m;
    client_body_buffer_size 16k;
    client_body_temp_path /data/tools/nginx/temp;
    keepalive_disable msie6;
    tcp_nodelay on;
    server_tokens off;

    gzip on;
    gzip_buffers 16 8k;
    gzip_comp_level 6;
    gzip_http_version 1.1;
    gzip_min_length 256;
    gzip_proxied any;
    gzip_vary on;
    gzip_disable "MSIE [1-6]\.";

    open_file_cache max=1000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
    open_file_cache_errors on;

    proxy_cache_path /data/tools/nginx/proxycache levels=1:2:1 keys_zone=proxycache:512m inactive=120s max_size=1g;

    autoindex_exact_size on;

    charset utf-8;
    autoindex_localtime on;

    log_format access_json '{"@timestamp":"$time_iso8601",'
    '"host":"$server_addr",'
    '"clientip":"$remote_addr",'
    '"size":$body_bytes_sent,'
    '"responsetime":$request_time,'
    '"upstreamtime":"$upstream_response_time",'
    '"upstreamhost":"$upstream_addr",'
    '"http_host":"$host",'
    '"uri":"$uri",'
    '"domain":"$host",'
    '"xff":"$http_x_forwarded_for",'
    '"referer":"$http_referer",'
    '"tcp_xff":"$proxy_protocol_addr",'
    '"http_user_agent":"$http_user_agent",'
    '"status":"$status"}';

    server {
        listen       80 default_server;
        server_name  _;
        root /data/wwwroot/;
        index index.html index.htm index.php;
        location /nginx_status {
            stub_status on;
            access_log off;
            allow 192.168.100.0/24;
            allow 127.0.0.1;
            deny all;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|ico)$ {
            expires 30d;
            access_log off;
        }

        location ~ .*\.(js|css)?$ {
            expires 7d;
            access_log off;
        }

        error_page 404 /404.html;
        location = /40x.html {
        }               

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    include vhost/*.conf;
}

[root@localhost conf]# cat vhost/www.chejh.net.conf 
server {
  listen 80;
  server_name www.chejh.net;
  access_log /data/wwwlogs/www.chejh.net_nginx.log access_json;

  location / {
    root /data/wwwroot/www.chejh.net;
    index index.html index.htm index.php;
  }

  location ~ \.php$ {
    root           /data/wwwroot/www.chejh.net;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
    }

}

#打開狀態頁（注意）
#由於http://www.chejh.net和http://192.168.100.43指向的不是一個路徑因此要用ip訪問
#http://192.168.100.43/nginx_status

#開啓測試頁
[root@localhost ~]# cat /data/wwwroot/www.chejh.net/index.html 
test nginx

安裝php

[root@localhost ~]# yum -y install wget vim pcre pcre-devel openssl openssl-devel libicudevel \
> gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype \
> freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \
> glib2-devel ncurses ncurses-devel curl curl-devel krb5-devel libidn libidn-devel \
> openldap openldap-devel nss_ldap jemalloc-devel cmake boost-devel bison \
> automake libevent libevent-devel gd gd-devel libtool* libmcrypt libmcrypt-devel \
> mcrypt mhash libxslt libxslt-devel readline readline-devel gmp gmp-devel libcurl \
> libcurl-devel openjpegdevel

[root@localhost soft]# tar -zxvf php-7.1.30.tar.gz
[root@localhost soft]# cd php-7.1.30/
[root@localhost php-7.1.30]# ./configure --prefix=/data/tools/php-7.1.30 --enable-fpm --with-fpm user=www --with-fpm-group=www --with-pear --with-curl \
> --with-png-dir --with-freetype-dir --with-iconv --with-mhash --with-zlib --with-xmlrpc --with-xsl --with-openssl \
> --with-mysqli --with-pdo-mysql --disable-debug --enable-zip --enable-sockets --enable-soap \
> --enable-inline-optimization --enable-xml --enable-ftp --enable-exif --enable-wddx --enable-bcmath \
> --enable-calendar --enable-shmop --enable-dba --enable-sysvsem --enable-sysvshm --enable-sysvmsg
[root@localhost php-7.1.30]# make -j 2 && make install

準備php配置

[root@localhost tools]# ln -sv /data/tools/php-7.1.30/ /data/tools/php
[root@localhost php-7.1.30]# pwd
/data/soft/php-7.1.30
[root@localhost php-7.1.30]# cp php.ini-production /data/tools/php-7.1.30/etc/php.ini

[root@localhost tools]# cd /data/tools/php-7.1.30/etc/php-fpm.d
[root@localhost php-fpm.d]# pwd
/data/tools/php-7.1.30/etc/php-fpm.d
[root@localhost php-fpm.d]# cat www.conf.default |grep -v ";"|grep -v "^$" > www.conf

[root@localhost php-fpm.d]# cat www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

[root@localhost etc]# pwd
/data/tools/php-7.1.30/etc
[root@localhost etc]# cp php-fpm.conf.default php-fpm.conf

**啓動並驗證php**
#檢測語法並啓動php
[root@localhost ~]# /data/tools/php/sbin/php-fpm -t
[27-May-2020 10:55:17] NOTICE: configuration file /data/tools/php-7.1.30/etc/php-fpm.conf test is successful

#驗證php

[root@localhost ~]# cd /data/wwwroot/www.chejh.net/
[root@localhost ~]# /data/tools/php/sbin/php-fpm -c /data/tools/php/etc/php.ini
[root@localhost www.chejh.net]# pwd
/data/wwwroot/www.chejh.net
[root@localhost www.chejh.net]# ps -ef|grep php
root       6386      1  0 11:04 ?        00:00:00 php-fpm: master process (/data/tools/php-7.1.30/etc/php-fpm.conf)
www        6387   6386  0 11:04 ?        00:00:00 php-fpm: pool www
www        6388   6386  0 11:04 ?        00:00:00 php-fpm: pool www
root       6424  10689  0 11:06 pts/0    00:00:00 grep --color=auto php
[root@localhost www.chejh.net]# netstat -tunlpa|grep php
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      6386/php-fpm: maste 

**#建立php測試頁**
[root@localhost ~]# cat /data/wwwroot/www.chejh.net/index.php 
<?php
phpinfo();
?>

測試：www.chejh.net