LNMP介绍
LNMP是什么
LNMP(Linux-Nginx-MySQL-PHP)网站架构是目前国际流行的Web架构;
这四种软件组合,可以成为一个免费、高效、扩展性强的Web架构;
LNMP原理图
注意:php-fpm是控制php-fpm守护进程的(包括某个域名的访问日志、错误日志、session存放位置等)
安装配置LNMP
环境说明
| IP地址 | 服务 |
| 192.168.0.93 | Nginx MySQL PHP |
Nginx安装
安装Nginx依赖
安装Pcre Pcre(Perl compatible regular expressions),兼容正则表达式 因为Nginx有rewrite模块,rewrite模块需要pcre的库 yum -y install pcre pcre-devel 安装openssl yum -y install openssl
安装启动Nginx
#创建启动Nginx的用户 [root@lnmp02 ~]# useradd nginx -s /sbin/nologin -M [root@lnmp02 ~]# mkdir /home/oldgirl/tools [root@lnmp02 ~]# cd /home/oldgirl/tools [root@lnmp02 tools]# wget http://nginx.org/download/nginx-1.8.1.tar.gz [root@lnmp02 tools]# tar xf nginx-1.8.1.tar.gz [root@lnmp02 tools]# cd nginx-1.8.1 [root@lnmp02 nginx-1.6.3]#./configure --prefix=/application/nginx-1.8.1 --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module #http_stub_status_module模块是为了获取nginx状态用的 [root@lnmp02 nginx-1.6.3]#make && make install [root@lnmp02 nginx-1.6.3]#ln -s /application/nginx-1.8.1/ /application/nginx
[root@lnmp02 nginx-1.6.3]# /application/nginx/sbin/nginx
修改Nginx主配置文件
vim /application/nginx/conf/nginx.conf
#定义nginx运行用户 user nginx; #启动进程, 通常设置成cpu核心数或者cpu核心数的2倍 worker_processes 8; #全局错误日志 error_log /application/nginx/logs/nginx_error.log error; #定义ngin pid路径 pid /var/run/nginx.pid; #开文件描述符个数, 一般设置大点 worker_rlimit_nofile 65535; #工作模式及连接数上限 events { use epoll; worker_connections 65535; } http { #设定mime类型,类型由mime.type文件定义 include /application/nginx/mime.types; default_type application/octet-stream; #关闭nginx版本 server_tokens off; #设定日志格式 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /application/nginx/logs/nginx_access.log main; #是否调用 sendfile 函数(zero copy 方式)来输出文件 #普通应用,必须设为on。 如果用来进行下载等应用磁盘IO重负载应用,可设置为off sendfile on; #tcp_nopush on; #允许上传单个文件大小 client_max_body_size 256m; client_body_buffer_size 1024k; #连接超时时间 keepalive_timeout 65; #gzip设置 gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; #fastcgi配置 fastcgi_connect_timeout 360; fastcgi_send_timeout 360; fastcgi_read_timeout 360; fastcgi_buffer_size 32k; fastcgi_buffers 64 32k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; fastcgi_intercept_errors on; #支持SHTML解析 ssi on; ssi_silent_errors off; ssi_types text/shtml; #开启虚拟主机 include /etc/nginx/conf.d/*.conf; include /application/nginx/extra/*.conf; }
添加Nginx虚拟主机
vim /applicaiton/nginx/conf/extra/activity.conf
server{ listen 80; #第一个域名不做解析,用来在php.ini中做防跨站攻击 server_name a.baidu.cn activity.baiud.cn; index index.php index.shtml index.html index.htm; root /application/www/baidu/activity; location / { if (!-e $request_filename) { rewrite ^/(.*)$ /index.php/$1 last; } } location ~ /\.ht { deny all; } location ^~ /(shell|application|modules|protected) { deny all; } location ~ .*\.php { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php;
### include fastcgi_params;
#### include /application/nginx/jim_fix_params; fastcgi_param "TCAPPID" $http_tcappid; fastcgi_param "TCAPPSIGN" $http_tcappsign; fastcgi_param "HTTP_TCAPP_ID" $http_tcapp_id; fastcgi_param "HTTP_TCAPP_SIGN" $http_tcapp_sign; fastcgi_pass_header TCSERVERSIGN; fastcgi_hide_header TCSERVER-SIGN; add_header TCSERVERVER "1.0"; #关闭客户端主动断开连接 proxy_ignore_client_abort on; set $path_info ""; set $real_script_name $fastcgi_script_name; if ($document_uri ~ "^(.+?\.php)(/.+)$") { set $real_script_name $1; set $path_info $2; } fastcgi_param SCRIPT_FILENAME $document_root$real_script_name; fastcgi_param SCRIPT_NAME $real_script_name; fastcgi_param PATH_INFO $path_info; } access_log /alidata1/nginx/logs/activity.baidu.cn_access.log main; error_log /alidata1/nginx/logs/activity.baidu.cn_error.log notice; }
fastcgi_params
vim /application/nginx/fastcgi_params fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200;
jim_fix_params
vim /application/nginx/jim_fix_params
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
mime.types
vim /application/nginx/mime.types types { text/html html htm shtml; text/css css; text/xml xml; image/gif gif; image/jpeg jpeg jpg; application/javascript js; application/atom+xml atom; application/rss+xml rss; text/mathml mml; text/plain txt; text/vnd.sun.j2me.app-descriptor jad; text/vnd.wap.wml wml; text/x-component htc; image/png png; image/tiff tif tiff; image/vnd.wap.wbmp wbmp; image/x-icon ico; image/x-jng jng; image/x-ms-bmp bmp; image/svg+xml svg svgz; image/webp webp; application/font-woff woff; application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; application/msword doc; application/pdf pdf; application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; application/vnd.ms-excel xls; application/vnd.ms-fontobject eot; application/vnd.ms-powerpoint ppt; application/vnd.wap.wmlc wmlc; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; application/x-java-jnlp-file jnlp; application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; application/x-stuffit sit; application/x-tcl tcl tk; application/x-x509-ca-cert der pem crt; application/x-xpinstall xpi; application/xhtml+xml xhtml; application/xspf+xml xspf; application/zip zip; application/octet-stream bin exe dll; application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; audio/midi mid midi kar; audio/mpeg mp3; audio/ogg ogg; audio/x-m4a m4a; audio/x-realaudio ra; video/3gpp 3gpp 3gp; video/mp2t ts; video/mp4 mp4; video/mpeg mpeg mpg; video/quicktime mov; video/webm webm; video/x-flv flv; video/x-m4v m4v; video/x-mng mng; video/x-ms-asf asx asf; video/x-ms-wmv wmv; video/x-msvideo avi;
测试虚拟主机访问
[root@lnmp02 ~]# mkdir /application/www/baidu/activity [root@lnmp02 ~]# echo aaaa > /application/www/baiud/index.html [root@lnmp02 ~]# curl activity/baiud.cn
aaaa
MySQL安装
安装启动MySQL
[root@lnmp02 ~]# useradd -s /sbin/nologin -M mysql [root@lnmp02 ~]# cd /home/oldgirl/tools/ [root@lnmp02 tools]# tar -xf mysql-5.5.51-linux2.6-x86_64.tar.gz [root@lnmp02 tools]# mv mysql-5.5.51-linux2.6-x86_64 /application/mysql-5.5.51 [root@lnmp02 tools]# ln -s /application/mysql-5.5.51/ /application/mysql #初始化mysql [root@lnmp02 tools]# /application/mysql/scripts/mysql_install_db --basedir=/application/mysql/ --datadir=/application/mysql/data/ --user=mysql #授权mysql用户 [root@lnmp02 tools]# chown -R mysql.mysql /application/mysql #生成mysql配置文件 [root@lnmp02 tools]# cp /application/mysql/support-files/my-medium.cnf /etc/my.cnf #修改mysql启动文件 [root@lnmp02 tools]# sed -i 's#/usr/local/mysql#/application/mysql#g' /application/mysql/bin/mysqld_safe #启动mysql [root@lnmp02 tools]# /application/mysql/bin/mysqld_safe & 加入到环境变量 [root@lnmp02 tools]# vim /etc/profile PATH="/application/mysql/bin:$PATH" #加入到最后一行
修改MySQL密码
mysqladmin -uroot password "oldboy123"
FastCGI
什么是CGI
- CGI全称“通用网关接口”(Common Gateway Interface),用于HTTP服务器与其他机器上的程序服务通信交流的一种工具,CGI必须运行在网络服务器上
- 传统的CGI主要缺点是性能较差,因为每次HTTP服务器遇到动态程序时都需要重新启动解析器来进行解析,然后结果被返回给HTTP服务器,这在处理高并发时几乎是不可用的,因此就诞生了FastCGI
什么是FaseCGI
- FastCGI是可伸缩、高速的在HTTP服务器和动态脚本语言间通信的接口;
- 主要优点是把动态语言和HTTP服务器分离开来;
- 多数流行的HTTP服务器都支持FastCGI如:Nginx、Apache等
- FastCGI也被许多脚本语言支持,比较流行的是PHP
FastCGI作用
- FastCGI采用C/S架构;
- 可以将HTTP服务器和脚本解析服务器分开,同时在脚本解析服务器上启动一个或多个脚本解析守护进程.当HTTP服务器每次遇到动态程序时,可以将其直接交付给FastCGI进程来执行,然后将得到的结果返回给浏览器;
- 这种方式可以让HTTP服务器专一的处理静态请求或者将动态脚本服务器的结果返回给客户端,这在很大程序上提升了整个应用的性能
FastCGI重要特点总结
- Nginx、Apache以及多数动态语言(PHP、Java、Python等)都支持FastCGI
- FastCGI是HTTP服务器和动态脚本服务器通信的接口或工具
- FastCGI优点是把动态语言解析和HTTP服务器分离
- FastCGI接口采用C/S架构,客户端(HTTP服务器)和服务器(动态语言解析服务器)
- PHP动态语言服务器可以启动多个FastCGI守护进程例如:php-fpm
PHP安装
安装PHP依赖库
[root@lnmp02 tools]# yum -y install libxml2-devel gd-devel libcurl-devel libxslt-devel libmcrypt-devel mhash mhash-devel mcrypt [root@lnmp02 tools]# tar -zxvf libiconv-1.14.tar.gz [root@lnmp02 tools]# cd libiconv-1.14 [root@lnmp02 libiconv-1.14]#./configure --prefix=/usr/local/libiconv [root@lnmp02 libiconv-1.14]# make [root@lnmp02 libiconv-1.14]# make install
编译安装PHP
[root@lnmp02 tools]# tar xf php-5.3.27.tar.gz [root@lnmp02 tools]# cd php-5.3.27 [root@lnmp02 php-5.3.27]# ./configure \ > --prefix=/application/php5.3.27 \ > --with-mysql=/application/mysql \ > --with-iconv-dir=/usr/local/libiconv \ > --with-freetype-dir \ > --with-jpeg-dir \ > --with-png-dir \ > --with-zlib \ > --with-libxml-dir=/usr \ > --enable-xml \ > --disable-rpath \ > --enable-safe-mode \ > --enable-bcmath \ > --enable-shmop \ > --enable-sysvsem \ > --enable-inline-optimization \ > --with-curl \ > --with-curlwrappers \ > --enable-mbregex \ > --enable-fpm \ > --enable-mbstring \ > --with-mcrypt \ > --with-gd \ > --enable-gd-native-ttf \ > --with-openssl \ > --with-mhash \ > --enable-pcntl \ > --enable-sockets \ > --with-xmlrpc \ > --enable-zip \ > --enable-soap \ > --enable-short-tags \ > --enable-zend-multibyte \ > --enable-static \ > --with-xsl \ > --with-fpm-user=nginx \ > --with-fpm-group=nginx \ > --enable-ftp [root@lnmp02 php-5.3.27]# ln -s /application/mysql/lib/libmysqlclient.so.18 /usr/lib64/ [root@lnmp02 php-5.3.27]# touch ext/phar/phar.phar [root@lnmp02 php-5.3.27]# make 如国报/usr/bin/ld: cannot find -lltdl这个错误 [root@lnmp02 php-5.3.27]#cd /usr/lib64/ [root@lnmp02 lib64]# ln -s libltdl.so.7 libltdl.so [root@lnmp02 php-5.3.27]# make install [root@lnmp02 php-5.3.27]# ln -s /application/php5.3.27/ /application/php
拷贝PHP解析器配置文件
[root@lnmp02 php-5.3.27]# cp php.ini-production /application/php/lib/php.ini #有两个配置文件一个是developer一个是production,一个是开发环境的一个是生产环境的,生产环境的把错误显示给关闭了,为了更好地与用户体验和放置暴露信息
拷贝php-fpm.conf
[root@lnmp02 etc]# cp php-fpm.conf.default php-fpm.conf
修改php-fpm全局配置文件
[root@lnmp02 tools]# vim /application/php/etc/php-fpm.conf include=/etc/php-fpm.d/*.conf [global] pid = /var/run/php-fpm/php-fpm.pid error_log = /var/log/php-fpm/error.log daemonize = yes
修改php-fpm子配置文件
vim /application/php/etc/php-fpm.d/baidu.conf [baidu] listen = 127.0.0.1:9000 listen.allowed_clients = 127.0.0.1 ;启动php-fpm的用户 user = baidu group = baidu pm = static pm.max_children = 500 pm.start_servers = 5 pm.min_spare_servers = 5 pm.max_spare_servers = 35 ping.path = /ping ping.response = pong access.log = /application/php/logs/baidu.access.log access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" request_terminate_timeout = 0 rlimit_files = 65535 rlimit_core = 0 slowlog = /application/php/logs/baidu-slow.log php_admin_value[error_log] = /application/php/logs/baidu-error.log php_admin_flag[log_errors] = on php_value[session.save_handler] = files php_value[session.save_path] = /application/php/session php_value[soap.wsdl_cache_dir] = /application/php/wsdlcache
配置php.ini
[PHP] engine = On short_open_tag = Off asp_tags = Off precision = 14 output_buffering = 4096 zlib.output_compression = Off implicit_flush = Off unserialize_callback_func = serialize_precision = 17 disable_functions = disable_classes = zend.enable_gc = On expose_php = On max_execution_time = 30 max_input_time = 60 memory_limit =256M error_reporting = E_ALL | E_NOTICE | E_STRICT display_errors = Off error_log = /application/logs/php/error.log display_startup_errors = Off log_errors = On log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On track_errors = Off html_errors = On variables_order = "GPCS" request_order = "GP" register_argc_argv = Off auto_globals_jit = On post_max_size = 8M auto_prepend_file = auto_append_file = default_mimetype = "text/html" default_charset = "UTF-8" doc_root = user_dir = enable_dl = Off file_uploads = On upload_tmp_dir = /alidata1/php/upload upload_max_filesize = 5M max_file_uploads = 20 allow_url_fopen = On allow_url_include = Off default_socket_timeout = 60 [CLI Server] cli_server.color = On [Date] date.timezone = "Asia/Shanghai" [filter] [iconv] [intl] [sqlite] [sqlite3] [Pcre] [Pdo] [Pdo_mysql] pdo_mysql.cache_size = 2000 pdo_mysql.default_socket= [Phar] [mail function] sendmail_path = /usr/sbin/sendmail -t -i mail.add_x_header = On [SQL] sql.safe_mode = Off [ODBC] odbc.allow_persistent = On odbc.check_persistent = On odbc.max_persistent = -1 odbc.max_links = -1 odbc.defaultlrl = 4096 odbc.defaultbinmode = 1 [Interbase] ibase.allow_persistent = 1 ibase.max_persistent = -1 ibase.max_links = -1 ibase.timestampformat = "%Y-%m-%d %H:%M:%S" ibase.dateformat = "%Y-%m-%d" ibase.timeformat = "%H:%M:%S" [MySQL] mysql.allow_local_infile = On mysql.allow_persistent = On mysql.cache_size = 2000 mysql.max_persistent = -1 mysql.max_links = -1 mysql.default_port = mysql.default_socket = mysql.default_host = mysql.default_user = mysql.default_password = mysql.connect_timeout = 60 mysql.trace_mode = Off [MySQLi] mysqli.max_persistent = -1 mysqli.allow_persistent = On mysqli.max_links = -1 mysqli.cache_size = 2000 mysqli.default_port = 3306 mysqli.default_socket = mysqli.default_host = mysqli.default_user = mysqli.default_pw = mysqli.reconnect = Off [mysqlnd] mysqlnd.collect_statistics = On mysqlnd.collect_memory_statistics = Off [OCI8] [PostgreSQL] pgsql.allow_persistent = On pgsql.auto_reset_persistent = Off pgsql.max_persistent = -1 pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [Sybase-CT] sybct.allow_persistent = On sybct.max_persistent = -1 sybct.max_links = -1 sybct.min_server_severity = 10 sybct.min_client_severity = 10 [bcmath] bcmath.scale = 0 [browscap] [Session] session.save_handler = files session.save_path = "/application/php/session" session.use_strict_mode = 0 session.use_cookies = 1 session.use_only_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 1000 session.gc_maxlifetime = 1440 session.referer_check = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = 0 session.hash_bits_per_character = 5 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" [MSSQL] mssql.allow_persistent = On mssql.max_persistent = -1 mssql.max_links = -1 mssql.min_error_severity = 10 mssql.min_message_severity = 10 mssql.compatibility_mode = Off mssql.secure_connection = Off [Assertion] [mbstring] [gd] [exif] [Tidy] tidy.clean_output = Off [soap] soap.wsdl_cache_enabled=1 soap.wsdl_cache_dir="/tmp" soap.wsdl_cache_ttl=86400 soap.wsdl_cache_limit = 5 [sysvshm] [ldap] ldap.max_links = -1 [mcrypt] [dba] [curl] ;把用户限制在这几个目录 [HOST=activity.baidu.cn] open_basedir ="/application/www/baidu/activity:/application/www/baidu/framework:/application/php/upload:/application/php/session" 1923 display_errors = On
启动php-fpm
[root@lnmp02 etc] /application/php/sbin/php-fpm
测试Nginx和PHP结合
写一个简单的php验证程序 [root@lnmp02 ~]# vim /application/www/baidu/activity/index.php <?php phpinfo(); ?> 测试 访问activity.baidu.cn
测试PHP连接数据库
测试php连接数据库 写一个测试php连接mysql的程序 [root@lnmp02 ~]# vim /application/www/baidu/test_mysql.php <?php $link=mysql_connect("localhost","root","oldboy123"); if(!$link) echo "Failed"; else echo "Success"; ?> 测试 访问activity.baidu.cn/test_mysql.php