企业级LNMP分离式部署
Posted fengdou
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了企业级LNMP分离式部署相关的知识,希望对你有一定的参考价值。
安装mysql数据库
安装步骤介绍
本例采用MySQL二进制安装包进行安装演示
(1) 创建mysql用户的账号
[[email protected] ~]# groupadd mysql
[[email protected] ~]# useradd -s /sbin/nologin -g mysql -M mysql
[[email protected] ~]# tail -1 /etc/passwd
mysql:x:500:501::/home/mysql:/sbin/nologin
[[email protected] ~]# id mysql
uid=500(mysql) gid=501(mysql) groups=501(mysql)
(2)获取MySQL二进制软件包
百度云盘:http://pan.baidu.com/s/1hrBCzsC
提取码:4yjf
(3) 采用二进制方式安装MySQL
[[email protected] ~]# tar xf mysql-5.5.32-linux2.6-x86_64.tar.gz -C /usr/local/
[[email protected] ~]# cd /usr/local/
[[email protected] local]# mv mysql-5.5.32-linux2.6-x86_64 mysql-5.5.32
[[email protected] local]# ln -s mysql-5.5.32 mysql
[[email protected] local]# ls
bin etc games include lib lib64 libexec mysql mysql-5.5.32 sbin share src
[[email protected] local]# cd /usr/local/mysql
[[email protected] mysql]# ls
bin data include lib mysql-test scripts sql-bench
COPYING docs INSTALL-BINARY man README share support-files
#提示:
二进制安装包,仅需要解压就可以了,不需要执行cmake/configure,make,make install等过程
(4)初始化MySQL配置文件my.cnf
[[email protected] mysql]# ls -l support-files/*.cnf
-rw-r--r--. 1 7161 wheel 4691 Jun 19 2013 support-files/my-huge.cnf
-rw-r--r--. 1 7161 wheel 19759 Jun 19 2013 support-files/my-innodb-heavy-4G.cnf
-rw-r--r--. 1 7161 wheel 4665 Jun 19 2013 support-files/my-large.cnf
-rw-r--r--. 1 7161 wheel 4676 Jun 19 2013 support-files/my-medium.cnf
-rw-r--r--. 1 7161 wheel 2840 Jun 19 2013 support-files/my-small.cnf
[[email protected] mysql]# /bin/cp support-files/my-small.cnf /etc/my.cnf
提示:
- support-files下有my.cnf的各种配置样例。
- 使用cp全路径/bin/cp,可实现拷贝而不出现替换提示,即如果有重名文件会直接覆盖
- 本例为测试安装环境,因此选择参数配置小的my-small.cnf配置模版,如果是生产环境可以根据硬件选择更高级的配置文件,上述配置文件模版对硬件的要求从低到高依次为
my-medium.cnf (最低)
my-small.cnf
my-large.cnf
my-huge.cnf
my-innodb-heavy-4G.cnf(最高)
(5)初始化MySQL数据库文件
初始化命令如下
[[email protected] mysql]# mkdir -p /usr/local/mysql/data
[[email protected] mysql]# chown -R mysql.mysql /usr/local/mysql
[[email protected] mysql]# yum -y install libaio
[[email protected] mysql]# /usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql
#初始化MySQL数据库文件,会有很多信息提示,如果没有ERROR级别的错误,会有两个OK的字样,表示初始化成功,否则就要解决初始化的问题
配置并启动MySQL数据库
(1)设置MySQL启动脚本,命令如下
[[email protected] mysql]# cp support-files/mysql.server /etc/init.d/mysqld
#拷贝MySQL启动脚本到MySQL的命令路径
[[email protected] mysql]# chmod +x /etc/init.d/mysqld
#使脚本可执行
(2)MySQL二进制默认安装路径是/usr/local/mysql,启动脚本里是/usr/local/mysql。如果安装路径不同,那么脚本里路径等都需要替换
(3)启动MySQL数据库,命令如下:
[[email protected] mysql]# /etc/init.d/mysqld start
Starting MySQL... SUCCESS!
[[email protected] mysql]# netstat -antup | grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1347/mysqld
如果发现3306端口没起来,请tail -100 /usr/local/mysql/data/主机名.err查看日志信息,看是否有报错信息,然后根据相关错误提示进行调试。经常查看服务运行日志是个很好的习惯,也是高手的习惯。
(4)设置MySQL开机自启动,命令如下:
[[email protected] mysql]# chkconfig --add mysqld
[[email protected] mysql]# chkconfig mysqld on
[[email protected] mysql]# chkconfig --list mysqld
mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off
(5)配置mysql命令的全局使用路径,命令如下:
[[email protected] mysql]# ln -s /usr/local/mysql/bin/* /usr/local/bin/
[[email protected] mysql]# which mysqladmin
/usr/local/bin/mysqladmin
(6)登陆MySQL测试,命令如下:
[[email protected] mysql]# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1
Server version: 5.5.32 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘h‘ for help. Type ‘c‘ to clear the current input statement.
MySQL安全配置
(1)为MySQL的root用户设置密码,命令如下:
[[email protected] mysql]# mysqladmin -uroot password ‘666666‘
[[email protected] mysql]# mysql -uroot -p666666
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 4
Server version: 5.5.32 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘h‘ for help. Type ‘c‘ to clear the current input statement.
(2)清理无用的MySQL用户及库,命令如下:
mysql> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| | localhost |
| root | localhost |
| | mysql |
| root | mysql |
+------+-----------+
6 rows in set (0.00 sec)
mysql> drop user "root"@"::1";
Query OK, 0 rows affected (0.00 sec)
mysql> drop user ""@"localhost";
Query OK, 0 rows affected (0.05 sec)
mysql> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | localhost |
| | mysql |
| root | mysql |
+------+-----------+
4 rows in set (0.00 sec)
安装nginx
nginx的编译安装部署
[[email protected] ~]# mount /dev/sr0 /media/cdrom/
mount: block device /dev/sr0 is write-protected, mounting read-only
[[email protected] ~]# yum install -y pcre-devel openssl-devel
#wget -q http://nginx.org/download/nginx-1.10.2.tar.gz
[[email protected] ~]# useradd -s /sbin/nologin -M www #创建程序用户
[[email protected] ~]# tar xf nginx-1.10.2.tar.gz -C /usr/src/ #解压缩
[[email protected] ~]# cd /usr/src/nginx-1.10.2
[[email protected] nginx-1.10.2]# ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module #预配置
[[email protected] nginx-1.10.2]# make && make install #编译和安装
[[email protected] nginx-1.10.2]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/ #给命令做软连接,以便PATH能找到
[[email protected] nginx-1.10.2]# /usr/local/nginx/sbin/nginx #启动nginx
配置nginx配置文件
[[email protected] conf]# cat nginx.conf.default | egrep -v "#|^$" > nginx.conf
[[email protected] conf]# vim nginx.conf
[[email protected] conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yunjisuan.com;
root /www;
location / {
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
# 检查配置文件
[[email protected] conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#加入映射文件
[[email protected] conf]# echo "`hostname -I` www.yunjisuan.com" >> /etc/hosts
[[email protected] conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.200.20 www.yunjisuan.com
添加网页
[[email protected] conf]# mkdir /www
[[email protected] conf]# echo "`hostname -I` www.yunjisuan.com" >> /www/index.html
[[email protected] conf]# chown -R www.www /www/ #php的程序用户也要弄成www
[[email protected] conf]# curl www.yunjisuan.com
192.168.200.20 www.yunjisuan.com
安装PHP
检查安装PHP所需的lib库
PHP程序在开发及运行时会调用一些诸如zlib,gd等函数库,因此需要确认lib库是否已经安装,执行过程如下:
[[email protected] ~]# rpm -qa zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel
[[email protected] ~]# rpm -qa freetype-devel libpng-devel gd libcurl-devel libxslt-devel
提示:
1)每个lib一般都会存在对应的以“*-devel”命名的包,安装lib对应的-devel包后,对应的lib包就会自动安装好,例如安装gd-devel时就会安装gd。
2)这些lib库不是必须安装的,但是目前的企业环境下一般都需要安装。否则,PHP程序运行时会出现问题,例如验证码无法显示等。
执行下面命令安装相关的lib软件包
[[email protected] ~]# yum -y install zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel
[[email protected] ~]# yum -y install freetype-devel libpng-devel gd libcurl-devel libxslt-devel
安装后的结果如下:
[[email protected] ~]# rpm -qa zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel
libxml2-devel-2.7.6-14.el6.x86_64
zlib-devel-1.2.3-29.el6.x86_64
libjpeg-turbo-devel-1.2.1-1.el6.x86_64
#这里仅缺少libiconv-devel包
[[email protected] ~]# rpm -qa freetype-devel libpng-devel gd libcurl-devel libxslt-devel
libxslt-devel-1.1.26-2.el6_3.1.x86_64
libcurl-devel-7.19.7-37.el6_4.x86_64
libpng-devel-1.2.49-1.el6_2.x86_64
gd-2.0.35-11.el6.x86_64
freetype-devel-2.3.11-14.el6_3.1.x86_64
从以上结果看出,仅有libiconv-devel这个包没有安装,因为默认的yum源没有此包,后面会编译安装。
安装yum无法安装的libiconv库
[[email protected] ~]# yum -y install wget
[[email protected] ~]# wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
[[email protected] ~]# ls
anaconda-ks.cfg install.log install.log.syslog libiconv-1.14.tar.gz
[[email protected] ~]# tar xf libiconv-1.14.tar.gz -C /usr/src/
[[email protected] ~]# cd /usr/src/libiconv-1.14/
[[email protected] libiconv-1.14]# ./configure --prefix=/usr/local/libiconv && make && make install
安装libmcrypt库
推荐使用简单的在线yum的方式安装:wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[[email protected] libiconv-1.14]# yum -y install libmcrypt-devel
安装mhash加密扩展库
推荐使用简单的在线yum的方式安装:wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[[email protected] ~]# yum -y install mhash
安装mcrvpt加密扩展库
推荐使用简单的在线yum的方式安装:wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[[email protected] ~]# yum -y install mcrypt
开始安装PHP(FastCGI方式)服务
获取PHP软件包
[[email protected] ~]# wget http://cn2.php.net/get/php-5.3.28.tar.gz/from/this/mirror
解压配置PHP
[[email protected] ~]# useradd -s /sbin/nologin -M www
[[email protected] ~]# id www
uid=500(www) gid=500(www) groups=500(www)
[[email protected] ~]# tar xf php-5.3.28.tar.gz -C /usr/src/
[[email protected] ~]# cd /usr/src/php-5.3.28/
[[email protected] php-5.3.28]# ./configure --prefix=/usr/local/php5.3.28 --with-mysql=mysqlnd --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=www --with-fpm-group=www --enable-ftp
-devel
是安装前面命令有关的所有包
yum install openssl openssl-devel
执行上述命令后,最后的正确输出提示为下图
编译PHP
正确执行前文配置PHP软件的./configure系列命令后,就可以编译PHP软件了,具体操作过程如下:
[[email protected] php-5.3.28]# ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib64/ #分离式不用这步
[[email protected] php-5.3.28]# touch ext/phar/phar.phar #分离式不用这步
[[email protected] php-5.3.28]# make # 直接编译
#make最后的正确提示
Build complete.
Don‘t forget to run ‘make test‘.
安装PHP生成文件到系统
[[email protected] php-5.3.28]# make install
配置PHP引擎配置文件php.ini
(1)设置软链接以方便访问,命令如下
[[email protected] php-5.3.28]# ln -s /usr/local/php5.3.28/ /usr/local/php
[[email protected] php-5.3.28]# ls -l /usr/local/php
lrwxrwxrwx. 1 root root 21 Nov 25 23:30 /usr/local/php -> /usr/local/php5.3.28/
(2)查看PHP配置默认模版文件,命令如下
[[email protected] php-5.3.28]# ls php.ini*
php.ini-development php.ini-production
(3)拷贝PHP配置文件到PHP默认目录,并更改文件名称为php.ini,命令如下
[[email protected] php-5.3.28]# cp php.ini-production /usr/local/php/lib/php.ini
[[email protected] php-5.3.28]# ls -l /usr/local/php/lib/php.ini
-rw-r--r--. 1 root root 69627 Nov 25 23:32 /usr/local/php/lib/php.ini
配置PHP(FastCGI方式)的配置文件php-fpm.conf
[[email protected] php-5.3.28]# cd /usr/local/php/etc/
[[email protected] etc]# ls
pear.conf php-fpm.conf.default
[[email protected] etc]# cp php-fpm.conf.default php-fpm.conf
#修改配置文件就是修改一下监听端口
启动PHP服务(FastCGI方式)
(1)启动PHP服务php-fpm,命令如下
[[email protected] etc]# /usr/local/php/sbin/php-fpm
(2)检查PHP服务php-fpm的进程及启动端口的情况,命令如下:
[[email protected] etc]# ps -ef | grep php-fpm
root 30699 1 0 23:42 ? 00:00:00 php-fpm: master process (/usr/local/php5.3.28/etc/php-fpm.conf)
www 30700 30699 0 23:42 ? 00:00:00 php-fpm: pool www
www 30701 30699 0 23:42 ? 00:00:00 php-fpm: pool www
root 30716 1046 0 23:43 pts/0 00:00:00 grep php-fpm
[[email protected] etc]# lsof -i:9000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
php-fpm 30699 root 7u IPv4 146919 0t0 TCP 192.168.200.30:cslistener (LISTEN)
php-fpm 30700 www 0u IPv4 146919 0t0 TCP 192.168.200.30:cslistener (LISTEN)
php-fpm 30701 www 0u IPv4 146919 0t0 TCP 192.168.200.30:cslistener (LISTEN)
配置Nginx支持PHP程序请求访问
修改Nginx配置文件
[[email protected] conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yunjisuan.com;
root /www;
location / {
index index.html index.htm;
}
location ~ .*.(php|php5)?$ {
fastcgi_pass 192.168.200.30:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[[email protected] conf]# /usr/local/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] conf]# /usr/local/sbin/nginx -s reload
测试
映射IP
测试动态
[[email protected] conf]# cd /www/
[[email protected] www]# ls
index.html
[[email protected] www]# echo "huahua" > index.php
[[email protected] www]# ls
index.html index.php
[[email protected] etc]# mkdir /www #php服务器里的目录必须和nginx服务器的一致
[[email protected] www]# touch index.php
[[email protected] www]# echo "123" >> index.php
[[email protected] www]# cat index.php
123
加入数据库
[[email protected] mysql]# mysql -uroot -p666666
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.5.32 MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘h‘ for help. Type ‘c‘ to clear the current input statement.
mysql> grant all on *.* to ‘yunjisuan‘@‘%‘ identified by ‘666666‘;
Query OK, 0 rows affected (0.00 sec)
创建网页
#php上创建
[[email protected] www]# cat test_mysql.php
<?php
//$link_id=mysql_connect(‘主机名‘,‘用户‘,‘密码‘);
$link_id=mysql_connect(‘192.168.200.31‘,‘yunjisuan‘,‘666666‘);
if($link_id){
echo "mysql successful by hua !";
}else{
echo mysql_error();
}
?>
#nginx也要创建
测试
以上是关于企业级LNMP分离式部署的主要内容,如果未能解决你的问题,请参考以下文章