Maison >base de données >tutoriel mysql >LNMP环境部署
LNMP 部署 一、准备工作: 需要准备的源码包 nginx-1.1.3.tar.gzphp-5.2.14.tar.gzphp-5.2.14-fpm-0.5.14.diff.gzmysql-5.5.33-linux2.6-x86_64.tar.gzlibiconv-1.13.1.tar.gzlibmcrypt-2.5.8.tar.gzmcrypt-2.6.8.tar.gzmemcache-2.2.5.tgzmhash-0.9.9.9.tar
需要准备的源码包
nginx-1.1.3.tar.gz php-5.2.14.tar.gz php-5.2.14-fpm-0.5.14.diff.gz mysql-5.5.33-linux2.6-x86_64.tar.gz libiconv-1.13.1.tar.gz libmcrypt-2.5.8.tar.gz mcrypt-2.6.8.tar.gz memcache-2.2.5.tgz mhash-0.9.9.9.tar.gz pcre-8.10.tar.gz eaccelerator-0.9.6.1.tar.bz2 PDO_MYSQL-1.0.2.tgz ImageMagick/ImageMagick.tar.gz imagick-3.1.2.tgz
需要用yum安装的包
install libxml2 libxml2-devel libjpeg libjpeg-devel openldap openldap-devel glibc
tar zxvf libiconv-1.13.1.tar.gz cd libiconv-1.13.1/ ./configure --prefix=/usr/local make make install cd ../ tar zxvf libmcrypt-2.5.8.tar.gz cd libmcrypt-2.5.8/ ./configure make make install /sbin/ldconfig cd libltdl/ ./configure --enable-ltdl-install make make install cd ../../ tar zxvf mhash-0.9.9.9.tar.gz cd mhash-0.9.9.9/ ./configure make make install cd ../ ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config ln -s /usr/lib64/libjpeg.so /usr/lib/libjpeg.so ln -s /usr/lib64/libpng.so /usr/lib/libpng.so cp -frp /usr/lib64/libldap* /usr/lib/ tar zxvf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8/ /sbin/ldconfig ./configure make make install cd ../
安装过程
## 为MySQL建立用户和组 groupadd -g 3306 mysql useradd -g mysql -u 3306 -s /sbin/nologin -M mysql ## 二进制安装方式 tar xf mysql-5.5.15-linux2.6-i686.tar.gz -C /usr/local ln -sv /usr/local/mysql-5.5.15-linux.2.6-i686 /usr/local/mysql mkdir /mydata ## 创建数据保存目录 chown -R mysql:mysql /mydata/ cd /usr/local/mysql scripts/mysql_install_db --user=mysql --datadir=/mydata/data chown -R root . ## 加入启动脚本 cp support-files/mysql.server /etc/init.d/mysqld chkconfig --add mysqld ##修改配置文件 cp support-files/my-large.cnf /etc/my.cnf ## 加入mySQL命令 export PATH=$PATH:/usr/local/mysql/bin ## 定义头文件 ln -sv /usr/local/mysql/include /usr/include/mysql ldconfig
配置过程
vim /etc/my.cnf
在[mysqld]段内加入并修改以下两处
datadir = /mydata/data thread_concurrency 2 ## (并发线程数,一般是cpu核心的两倍)
vim /etc/profile
在里面加入:
PATH=$PATH:/usr/local/mysql/bin
vim /etc/ld.so.conf.d/mysql.conf
写入
/usr/local/mysql/lib
启用过程
service mysqld start cd /root/lnmp
输入以下SQL语句,创建一个具有root权限的用户(admin)和密码(ops.cntv.cn):
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'ops.cntv.cn'; GRANT ALL PRIVILEGES ON *.* TO 'admin'@'127.0.0.1' IDENTIFIED BY 'ops.cntv.cn';
tar zxvf php-5.2.14.tar.gz gzip -cd php-5.2.14-fpm-0.5.14.diff.gz | patch -d php-5.2.14 -p1 cd php-5.2.14/ ./configure --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --with-mysql=/usr/local/mysql \ --with-mysqli=/usr/local/mysql/bin/mysql_config \ --with-iconv-dir=/usr/local \ --with-freetype-dir \ --with-jpeg-dir \ --with-png-dir \ --with-zlib \ --with-libxml-dir=/usr \ --enable-xml \ --disable-rpath \ --enable-discard-path \ --enable-safe-mode \ --enable-bcmath \ --enable-shmop \ --enable-sysvsem \ --enable-inline-optimization \ --with-curl --with-curlwrappers \ --enable-mbregex \ --enable-fastcgi \ --enable-fpm \ --enable-force-cgi-redirect \ --enable-mbstring --with-mcrypt \ --with-gd --enable-gd-native-ttf \ --with-openssl \ --with-mhash \ --enable-pcntl \ --enable-sockets \ --with-ldap \ --with-ldap-sasl \ --with-xmlrpc \ --enable-zip \ --enable-soap make ZEND_EXTRA_LIBS='-liconv' make install cp php.ini-dist /usr/local/php/etc/php.ini cd ../
tar zxvf memcache-2.2.5.tgz cd memcache-2.2.5/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make make install cd ../ tar jxvf eaccelerator-0.9.6.1.tar.bz2 cd eaccelerator-0.9.6.1/ /usr/local/php/bin/phpize ./configure --enable-eaccelerator=shared \ --with-php-config=/usr/local/php/bin/php-config make make install cd ../ tar zxvf PDO_MYSQL-1.0.2.tgz cd PDO_MYSQL-1.0.2/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config \ --with-pdo-mysql=/usr/local/mysql make make install cd ../ tar zxvf ImageMagick.tar.gz cd ImageMagick-6.5.1-2/ ./configure make make install ln -s /usr/local/include/ImageMagick-6 /usr/local/include/ImageMagick cd ../ tar zxvf imagick-2.3.0.tgz cd imagick-2.3.0/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make make install cd ../
手工修改:
查找/usr/local/php/etc/php.ini
中的extension_dir = "./"
修改为
extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
增加以下几行
extension = "memcache.so" extension = "pdo_mysql.so" extension = "imagick.so"
再查找output_buffering = Off
修改为 On
再查找;cgi.fix_pathinfo=0
去掉“;”号,防止Nginx文件类型错误解析漏洞。
mkdir -p /usr/local/eaccelerator_cache vi /usr/local/php/etc/php.ini
跳到配置文件的最末尾,加上以下配置信息:
[eaccelerator] zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so" eaccelerator.shm_size="64" eaccelerator.cache_dir="/usr/local/eaccelerator_cache" eaccelerator.enable="1" eaccelerator.optimizer="1" eaccelerator.check_mtime="1" eaccelerator.debug="0" eaccelerator.filter="" eaccelerator.shm_max="0" eaccelerator.shm_ttl="3600" eaccelerator.shm_prune_period="3600" eaccelerator.shm_only="0" eaccelerator.compress="1" eaccelerator.compress_level="9"
/usr/sbin/groupadd www /usr/sbin/useradd -g www www mkdir -p /web chmod +w /web chown -R www:www /web
在/usr/local/php/etc/
目录中创建php-fpm.conf
文件:
rm -f /usr/local/php/etc/php-fpm.conf vim /usr/local/php/etc/php-fpm.conf
输入以下内容
<?xml version="1.0" ?> <configuration> All relative paths in this config are relative to php's install prefix <section name="global_options"> Pid file <value name="pid_file">/usr/local/php/logs/php-fpm.pid</value> Error log file <value name="error_log">/usr/local/php/logs/php-fpm.log</value> Log level <value name="log_level">notice</value> When this amount of php processes exited with SIGSEGV or SIGBUS ... <value name="emergency_restart_threshold">10</value> ... in a less than this interval of time, a graceful restart will be initiated. Useful to work around accidental curruptions in accelerator's shared memory. <value name="emergency_restart_interval">1m</value> Time limit on waiting child's reaction on signals from master <value name="process_control_timeout">5s</value> Set to 'no' to debug fpm <value name="daemonize">yes</value> </section> <workers> <section name="pool"> Name of pool. Used in logs and stats. <value name="name">default</value> Address to accept fastcgi requests on. Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket' <value name="listen_address">127.0.0.1:9000</value> <value name="listen_options"> Set listen(2) backlog <value name="backlog">-1</value> Set permissions for unix socket, if one used. In Linux read/write permissions must be set in order to allow connections from web server. Many BSD-derrived systems allow connections regardless of permissions. <value name="owner"></value> <value name="group"></value> <value name="mode">0666</value> </value> Additional php.ini defines, specific to this pool of workers. <value name="php_defines"> <value name="sendmail_path">/usr/sbin/sendmail -t -i</value> <value name="display_errors">0</value> </value> Unix user of processes <value name="user">www</value> Unix group of processes <value name="group">www</value> Process manager settings <value name="pm"> Sets style of controling worker process count. Valid values are 'static' and 'apache-like' <value name="style">static</value> Sets the limit on the number of simultaneous requests that will be served. Equivalent to Apache MaxClients directive. Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi Used with any pm_style. <value name="max_children">128</value> Settings group for 'apache-like' pm style <value name="apache_like"> Sets the number of server processes created on startup. Used only when 'apache-like' pm_style is selected <value name="StartServers">20</value> Sets the desired minimum number of idle server processes. Used only when 'apache-like' pm_style is selected <value name="MinSpareServers">5</value> Sets the desired maximum number of idle server processes. Used only when 'apache-like' pm_style is selected <value name="MaxSpareServers">35</value> </value> </value> The timeout (in seconds) for serving a single request after which the worker process will be terminated Should be used when 'max_execution_time' ini option does not stop script execution for some reason '0s' means 'off' <value name="request_terminate_timeout">0s</value> The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file '0s' means 'off' <value name="request_slowlog_timeout">0s</value> The log file for slow requests <value name="slowlog">logs/slow.log</value> Set open file desc rlimit <value name="rlimit_files">65535</value> Set max core size rlimit <value name="rlimit_core">0</value> Chroot to this directory at the start, absolute path <value name="chroot"></value> Chdir to this directory at the start, absolute path <value name="chdir"></value> Redirect workers' stdout and stderr into main error log. If not set, they will be redirected to /dev/null, according to FastCGI specs <value name="catch_workers_output">yes</value> How much requests each process should execute before respawn. Useful to work around memory leaks in 3rd party libraries. For endless request processing please specify 0 Equivalent to PHP_FCGI_MAX_REQUESTS <value name="max_requests">1024</value> Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect. Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+) Makes sense only with AF_INET listening socket. <value name="allowed_clients">127.0.0.1</value> Pass environment variables like LD_LIBRARY_PATH All $VARIABLEs are taken from current environment <value name="environment"> <value name="HOSTNAME">$HOSTNAME</value> <value name="PATH">/usr/local/bin:/usr/bin:/bin</value> <value name="TMP">/tmp</value> <value name="TMPDIR">/tmp</value> <value name="TEMP">/tmp</value> <value name="OSTYPE">$OSTYPE</value> <value name="MACHTYPE">$MACHTYPE</value> <value name="MALLOC_CHECK_">2</value> </value> </section> </workers> </configuration>
需要添加一个软连接
ln -s /lib64/libpcre.so.0.0.1 /lib64/libpcre.so.1
ulimit -SHn 65535 /usr/local/php/sbin/php-fpm start
注意:如果要重启,可以使用 reload 命令
tar zxvf pcre-8.10.tar.gz cd pcre-8.10/ ./configure make && make install cd ../
tar zxvf nginx-1.1.3.tar.gz cd nginx-1.1.3/ ./configure --user=www \ --group=www \ --prefix=/usr/local/nginx \ --with-http_stub_status_module \ --with-http_ssl_module make && make install cd ../
mkdir -p /web/logs chmod +w /web/logs chown -R www:www /web/logs
在/usr/local/nginx/conf/
目录中创建nginx.conf
文件:
rm -f /usr/local/nginx/conf/nginx.conf vi /usr/local/nginx/conf/nginx.conf
输入以下内容:
user www www; worker_processes 8; ## 根据自己的CPU来决定到底应该是多少 error_log /web/logs/nginx_error.log crit; pid /usr/local/nginx/nginx.pid; #Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; #charset gb2312; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 8m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; #limit_zone crawler $binary_remote_addr 10m; server { listen 80; server_name 192.168.0.156; ## 这里简单测试,所以直接使用IP index index.html index.htm index.php; root /web; #limit_conn crawler 20; location ~ .*\.(php|php5)?$ { #fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fcgi.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 1h; } location /status { stub_status on; ## 开启状态统计,为后面的优化做测试 } log_format access '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" $http_x_forwarded_for'; access_log /web/logs/access.log access; } }
在/usr/local/nginx/conf/目录中创建.conf文件:
vi /usr/local/nginx/conf/fcgi.conf
输入以下内容:
fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200;
ulimit -SHn 65535 /usr/local/nginx/sbin/nginx
vim /etc/rc.local
在末尾增加以下内容:
ulimit -SHn 65535 /usr/local/php/sbin/php-fpm start /usr/local/nginx/sbin/nginx
一般来说nginx 配置文件中对优化比较有作用的为以下几项:
worker_processes 8; #nginx 进程数,建议按照cpu 数目来指定,一般为它的倍数。 worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000; #为每个进程分配cpu,上例中将8 个进程分配到8 个cpu,当然可以写多个,或者将一个进程分配到多个cpu。 worker_rlimit_nofile 102400; #这个指令是指当一个nginx 进程打开的最多文件描述符数目,理论值应该是最多打开文件数(ulimit -n)与nginx 进程数相除,但是nginx 分配请求并不是那么均匀,所以最好与ulimit-n 的值保持一致。 use epoll; #使用epoll 的I/O 模型,这个不用说了吧。 worker_connections 102400; #每个进程允许的最多连接数, 理论上每台nginx 服务器的最大连接数为worker_processes*worker_connections。 keepalive_timeout 60; #keepalive 超时时间。 client_header_buffer_size 4k; #客户端请求头部的缓冲区大小,这个可以根据你的系统分页大小来设置,一般一个请求头的大小不会超过1k,不过由于一般系统分页都要大于1k,所以这里设置为分页大小。分页大小可以用命令getconf PAGESIZE 取得。 open_file_cache max=102400 inactive=20s; #这个将为打开文件指定缓存,默认是没有启用的,max 指定缓存数量,建议和打开文件数一致,inactive 是指经过多长时间文件没被请求后删除缓存。 open_file_cache_valid 30s; #这个是指多长时间检查一次缓存的有效信息。 open_file_cache_min_uses 1; #open_file_cache 指令中的inactive 参数时间内文件的最少使用次数,如果超过这个数字,文件描述符一直是在缓存中打开的,如上例,如果有一个文件在inactive 时间内一次没被使用,它将被移除。
/etc/sysctl.conf
net.ipv4.tcp_max_tw_buckets = 6000 #timewait 的数量,默认是180000。 net.ipv4.ip_local_port_range = 1024 65000 #允许系统打开的端口范围。 net.ipv4.tcp_tw_recycle = 1 #启用timewait 快速回收。 net.ipv4.tcp_tw_reuse = 1 #开启重用。允许将TIME-WAIT sockets 重新用于新的TCP 连接。 net.ipv4.tcp_syncookies = 1 #开启SYN Cookies,当出现SYN 等待队列溢出时,启用cookies 来处理。 net.core.somaxconn = 262144 #web 应用中listen 函数的backlog 默认会给我们内核参数的net.core.somaxconn 限制到128,而nginx 定义的NGX_LISTEN_BACKLOG 默认为511,所以有必要调整这个值。 net.core.netdev_max_backlog = 262144 #每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目。 net.ipv4.tcp_max_orphans = 262144 #系统中最多有多少个TCP 套接字不被关联到任何一个用户文件句柄上。如果超过这个数字,孤儿连接将即刻被复位并打印出警告信息。这个限制仅仅是为了防止简单的DoS 攻击,不能过分依靠它或者人为地减小这个值,更应该增加这个值(如果增加了内存之后)。 net.ipv4.tcp_max_syn_backlog = 262144 #记录的那些尚未收到客户端确认信息的连接请求的最大值。对于有128M 内存的系统而言,缺省值是1024,小内存的系统则是128。 net.ipv4.tcp_timestamps = 0 #时间戳可以避免序列号的卷绕。一个1Gbps 的链路肯定会遇到以前用过的序列号。时间戳能够让内核接受这种“异常”的数据包。这里需要将其关掉。 net.ipv4.tcp_synack_retries = 1 #为了打开对端的连接,内核需要发送一个SYN 并附带一个回应前面一个SYN 的ACK。也就是所谓三次握手中的第二次握手。这个设置决定了内核放弃连接之前发送SYN+ACK 包的数量。 net.ipv4.tcp_syn_retries = 1 #在内核放弃建立连接之前发送SYN 包的数量。 net.ipv4.tcp_fin_timeout = 1 #如果套接字由本端要求关闭,这个参数决定了它保持在FIN-WAIT-2 状态的时间。对端可以出错并永远不关闭连接,甚至意外当机。缺省值是60 秒。2.2 内核的通常值是180 秒,你可以按这个设置,但要记住的是,即使你的机器是一个轻载的WEB 服务器,也有因为大量的死套接字而内存溢出的风险,FIN- WAIT-2 的危险性比FIN-WAIT-1 要小,因为它最多只能吃掉1.5K 内存,但是它们的生存期长些。 net.ipv4.tcp_keepalive_time = 30 #当keepalive 起用的时候,TCP 发送keepalive 消息的频度。缺省是2 小时。
fastcgi_cache_path /usr/local/nginx/fastcgi_cache levels=1:2 keys_zone=TEST:10m inactive=5m; #这个指令为FastCGI 缓存指定一个路径,目录结构等级,关键字区域存储时间和非活动删除时间。 fastcgi_connect_timeout 300; #指定连接到后端FastCGI 的超时时间。 fastcgi_send_timeout 300; #向FastCGI 传送请求的超时时间,这个值是指已经完成两次握手后向FastCGI 传送请求的超时时间。 fastcgi_read_timeout 300; #接收FastCGI 应答的超时时间,这个值是指已经完成两次握手后接收FastCGI 应答的超时时间。 fastcgi_buffer_size 4k; #指定读取FastCGI 应答第一部分需要用多大的缓冲区,一般第一部分应答不会超过1k,由于页面大小为4k,所以这里设置为4k。 fastcgi_buffers 8 4k; #指定本地需要用多少和多大的缓冲区来缓冲FastCGI 的应答。 fastcgi_busy_buffers_size 8k; #这个指令我也不知道是做什么用,只知道默认值是fastcgi_buffers 的两倍。 fastcgi_temp_file_write_size 8k; #在写入fastcgi_temp_path 时将用多大的数据块,默认值是fastcgi_buffers 的两倍。 fastcgi_cache TEST #开启FastCGI 缓存并且为其制定一个名称。个人感觉开启缓存非常有用,可以有效降低CPU 负载,并且防止502 错误。 fastcgi_cache_valid 200 302 1h; fastcgi_cache_valid 301 1d; fastcgi_cache_valid any 1m; #为指定的应答代码指定缓存时间,如上例中将200,302 应答缓存一小时,301 应答缓存1 天,其他为1 分钟。 fastcgi_cache_min_uses 1; #缓存在fastcgi_cache_path 指令inactive 参数值时间内的最少使用次数,如上例,如果在5 分钟内某文件1 次也没有被使用,那么这个文件将被移除。 fastcgi_cache_use_stale error timeout invalid_header http_500; #不知道这个参数的作用,猜想应该是让nginx 知道哪些类型的缓存是没用的。
<value name="max_children">60</value> #同时处理的并发请求数,即它将开启最多60 个子线程来处理并发连接。 <value name="rlimit_files">102400</value> #最多打开文件数。 <value name="max_requests">204800</value> #每个进程在重置之前能够执行的最多请求数。
原文地址:LNMP环境部署, 感谢原作者分享。