本文将指导你如何在CentOS/Red Hat (RHEL) 6.2/5.8下使用Yum来搭建LEMP WEB服务器。国内
LEMP (Linux, Nginx, MySQL, PHP) 服务器目前在国内大的企业如百度腾讯使用非常普遍,但是因为LEMP不易安装配置,难为了许多运维人员。在本安装中,我尽量使用yum安装而避免编译安装,有将有效减少安装过程的时间及复杂程序。
LEMP(或LNMP)高性能的WEB服务器在CentOS6.2/5.8下的Yum搭建流程
STEP1.切换到root用户
su -
## OR ##
sudo -i
1. 安装Remi源
## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm
## CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
## Remi Dependency on CentOS 5 and Red Hat (RHEL) 5 ##
rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
## CentOS 5 and Red Hat (RHEL) 5 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
2.配置Nginx 源
创建/etc/yum.repos.d/nginx.repo文件并写入以下内容
CentOS
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
RedHat(RHEL)
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=0
enabled=1
STEP3.安装Nginx
yum --enablerepo=remi,remi-test install nginx
STEP4.安装PHP5.4.4&PHP-FPM
yum --enablerepo=remi,remi-test install php php-fpm php-common
STEP5.安装PHP5.4.4模块扩展(一些扩展可能无用,请自行去除)
yum --enablerepo=remi,remi-test install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml
1. 停止httpd
/etc/init.d/httpd stop
## OR ##
service httpd stop
chkconfig httpd off
2. 启动Nginx
/etc/init.d/nginx start
## OR ##
service nginx start
3. 启动PHP_FPM
/etc/init.d/php-fpm start
## OR ##
service php-fpm start
4. 配置nginx使用PHP-FPM,修改/etc/nginx/conf.d/default.conf
(1) 先为/etc/nginx/conf.d/default.conf作一个备份
cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf_bak
(2) 在default.conf 文件中,找到以下内容。
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
修改为:
location / {nginx默认的wwwroot文件夹为/usr/share/nginx/html,这里你可以修改为自己指定的目录
root /usr/share/nginx/html;
index index.html index.htm index.php;
}
(3) 去除以下内容前的#号,并修改fastcgi_param所在行
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME [将此处修改为wwwroot路径]$fastcgi_script_name;
# include fastcgi_params;
#}
修改结果
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
include fastcgi_params;
}
STEP7.配置iptables防火墙开启80端口
为Nginx Web Server开放80端口,修改/etc/sysconfig/iptables文件,加入如下内容
cd /etc/nginx/sites-enabled/
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
重启iptables防火墙
cd /etc/nginx/sites-enabled/
service iptables restart
## OR ##
/etc/init.d/iptables restart
STEP8.测试Nginx及PHP-FPM
1. 重启nginx及php-fpm
service nginx restart
service php-fpm restart
3. 在/usr/share/nginx/html文件夹下创建phpinfo.php文件,内容如下
<?php访问http://localhost/phpinfo.php或http://服务器ip/phpinfo.php,如果出现以下页面,说明PHP-FPM配置安装成功
phpinfo();
?>
STEP9. 安装mysql5.5
1. 安装mysql5.5
yum --enablerepo=remi,remi-test install mysql mysql-server
2. 启动mysql并配置mysql自启动
/etc/init.d/mysqld start
## OR ##
service mysqld start
chkconfig --levels 235 mysqld on
3. 进行mysql 初始安全设置
- 设置(修改)root密码
- 删除匿名用户
- 禁用root远程登录
- 删除测试数据库test
- 重载权限表
/usr/bin/mysql_secure_installation
输出
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we\'ll need the current
password for the root user. If you\'ve just installed MySQL, and
you haven\'t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you\'ve completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
mysqladmin -u root password [your_password_here]
## 示例##
mysqladmin -u root password myownsecrectpass
4. 配置防火墙开启3306端口
vi /etc/sysconfig/iptables2. 在COMMIT之前加入以下内容:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT3. 重启Iptables:
service iptables restart
## OR ##
/etc/init.d/iptables restart
********************************************
* 作者:叶文涛
* 本文链接:LEMP(或LNMP)高性能的WEB服务器在CentOS6.2/5.8下的Yum搭建流程
******************转载请注明来源 ***************