CentOS5+Cherokee+PHP+MySQL安裝
系統環境:CentOS 5.2,最小化安裝,未定製軟體,禁用iptables,selinux
主要參考文章:
Nginx 0.7.x + PHP 5.2.8(FastCGI)搭建勝過Apache十倍的Web伺服器(第4版)[原創] http://blog.s135.com/nginx_php_v4/
Cherokee Installation on Unix http://www.cherokee-project.com/doc/basics_installation_unix.html
cherokee下設置local與remote方式的php fastcgi http://ipbfans.org/2009/01/cherokee-php-fastcgi-local-remote
RedHat/CentOS下的cherokee的啟動腳本 http://ipbfans.org/2009/01/redhat-centos-cherokee-init-script
一、下載所需軟體
mkdir /root/download
cd /root/download
vi down.sh
添加以下內容
wget http://sysoev.ru/nginx/nginx-0.7.47.tar.gz
wget http://www.php.net/get/php-5.2.8.tar.gz/from/this/mirror
wget http://php-fpm.anight.org/downloads/head/php-5.2.8-fpm-0.5.10.diff.gz
wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.33.zip/from/http://mysql.mirror.redwire.net/
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.tar.gz
wget "http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0"
wget "http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0"
wget http://pecl.php.net/get/memcache-2.2.5.tgz
wget "http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0"
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.8.tar.gz
wget http://bart.eaccelerator.net/source/0.9.5.3/eaccelerator-0.9.5.3.tar.bz2
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
保存退出
sh down.sh
這樣就可以下載了,不用每次複製粘貼過去進行下載
二、安裝基本軟體
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel
三、安裝PHP 5.2.8(FastCGI模式)
1、編譯安裝PHP 5.2.8所需的支持庫:
tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13/
./configure --prefix=/usr/local
make
make install
cd ../
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../
2、編譯安裝MySQL 5.1.33
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql
unzip mysql-5.1.33.zip
cd mysql-5.1.33/
./configure --prefix=/usr/local/webserver/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=innobase
make && make install
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
cp support-files/my-medium.cnf /usr/local/webserver/mysql/my.cnf
cd ../
vi /usr/local/webserver/mysql/my.cnf,將其這個選項註解掉
#--skip-federated
①、以mysql用戶帳號的身份建立數據表:
/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/usr/local/webserver/mysql/data --user=mysql
②、啟動MySQL(最後的&表示在後台運行)
/bin/sh /usr/local/webserver/mysql/bin/mysqld_safe --defaults-file=/usr/local/webserver/mysql/my.cnf &
設置MySQL開機自動運行
vi /etc/rc.local
添加以下內容
/usr/local/webserver/mysql/bin/mysqld_safe --defaults-file=/usr/local/webserver/mysql/my.cnf &
3、編譯安裝PHP(FastCGI模式)
tar zxvf php-5.2.8.tar.gz
gzip -cd php-5.2.8-fpm-0.5.10.diff.gz | patch -d php-5.2.8 -p1
cd php-5.2.8/
./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
cd ../
4、編譯安裝PHP5擴展模塊
tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../
5、修改php.ini文件
手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"
修改為extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
並在此行后增加以下幾行,然後保存:
extension = "memcache.so"
extension = "pdo_mysql.so"
再查找output_buffering = Off
修改為output_buffering = On
自動修改:若嫌手工修改麻煩,可執行以下shell命令,自動完成對php.ini文件的修改:
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
6、配置eAccelerator加速PHP:
mkdir -p /usr/local/webserver/eaccelerator_cache
vi /usr/local/webserver/php/etc/php.ini
按shift+g鍵跳到配置文件的最末尾,加上以下配置信息:
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
vi /etc/sysctl.conf
修改kernel.shmmax為以下值
kernel.shmmax = 134217728
然後執行以下命令使配置生效:
/sbin/sysctl -p
7、創建www用戶和組,以及/var/www:
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /var/www
chown -R www:www /data0/htdocs/blog
8、創建php-fpm配置文件(php-fpm是為PHP打的一個FastCGI管理補丁,可以平滑變更php.ini配置而無需重啟php-cgi):
在/usr/local/webserver/php/etc/目錄中創建php-fpm.conf文件:
rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf
輸入以下內容(如果您安裝 Nginx + PHP 用於程序調試,請將以下的<value name="display_errors">0</value>改為<value name="display_errors">1</value>,
以便顯示PHP錯誤信息,否則,Nginx 會報狀態為500的空白錯誤頁):
<?xml version="1.0" ?>
<configuration>
All relative paths in this config are relative to php's install prefix
<section name="global_options">
Pid file
<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>
Error log file
<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>
Log level
<value name="log_level">notice</value>
When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>
Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>
Set to 'no' to debug fpm
<value name="daemonize">yes</value>
</section>
<workers>
<section name="pool">
Name of pool. Used in logs and stats.
<value name="name">default</value>
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
<value name="listen_address">127.0.0.1:9000</value>
<value name="listen_options">
Set listen(2) backlog
<value name="backlog">-1</value>
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
<value name="owner"></value>
<value name="group"></value>
<value name="mode">0666</value>
</value>
Additional php.ini defines, specific to this pool of workers.
<value name="php_defines">
<value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
<value name="display_errors">1</value>
</value>
Unix user of processes
<value name="user">www</value>
Unix group of processes
<value name="group">www</value>
Process manager settings
<value name="pm">
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
<value name="style">static</value>
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
<value name="max_children">128</value>
Settings group for 'apache-like' pm style
<value name="apache_like">
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
<value name="StartServers">20</value>
Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MinSpareServers">5</value>
Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MaxSpareServers">35</value>
</value>
</value>
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
<value name="request_terminate_timeout">0s</value>
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
'0s' means 'off'
<value name="request_slowlog_timeout">0s</value>
The log file for slow requests
<value name="slowlog">logs/slow.log</value>
Set open file desc rlimit
<value name="rlimit_files">51200</value>
Set max core size rlimit
<value name="rlimit_core">0</value>
Chroot to this directory at the start, absolute path
<value name="chroot"></value>
Chdir to this directory at the start, absolute path
<value name="chdir"></value>
Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
<value name="catch_workers_output">yes</value>
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
<value name="max_requests">500</value>
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
<value name="allowed_clients">127.0.0.1</value>
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
<value name="environment">
<value name="HOSTNAME">$HOSTNAME</value>
<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
<value name="TMP">/tmp</value>
<value name="TMPDIR">/tmp</value>
<value name="TEMP">/tmp</value>
<value name="OSTYPE">$OSTYPE</value>
<value name="MACHTYPE">$MACHTYPE</value>
<value name="MALLOC_CHECK_">2</value>
</value>
</section>
</workers>
</configuration>
9、啟動php-cgi進程,監聽127.0.0.1的9000埠,進程數為200(如果伺服器內存小於3GB,可以只開啟64個進程),用戶為www:
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
註:/usr/local/webserver/php/sbin/php-fpm還有其他參數,包括:start|stop|quit|restart|reload|logrotate,
修改php.ini后不重啟php-cgi,重新載入配置文件使用reload。
10、安裝ZendOptimizer
wget http://downloads.zend.com/optimizer/3.3.3/ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
tar xzf ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
cd ZendOptimizer-3.3.3-linux-glibc23-i386
./install
Please specify the location for installing /usr/local/Zend
The following configuration changes have been made: x
x x
x - The php.ini file has been relocated from /usr/local/webserver/php/etc to /usr/local/Zend/etc x
x x
x - A symbolic link for the php.ini file has been created in /usr/local/webserver/php/etc. x
x x
x - The original php.ini was backed up to x
x /usr/local/webserver/php/etc/php.ini-zend_optimizer.bak
ZendOptimize安裝后,不用做任何就配置,只需重啟php-fpm,就可以與eaccelerator很好地兼容
修改php.ini后
要執行此命令,使配置文件生效,不用重啟Cherokee:
/usr/local/webserver/php/sbin/php-fpm restart
《解決方案》
三、配置開機自動啟動php-fpm
vi /etc/rc.local
在末尾增加以下內容:
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
四、優化Linux內核參數
vi /etc/sysctl.conf
在末尾增加以下內容:
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
使配置立即生效:
/sbin/sysctl -p
五、安裝Cherokee
cd /root/download
wget http://www.cherokee-project.com/download/0.99/0.99.9/cherokee-0.99.9.tar.gz
tar xzf cherokee-0.99.9.tar.gz
cd cherokee-0.99.9
./configure --localstatedir=/var --prefix=/usr --sysconfdir=/etc --with-wwwroot=/var/www
make
make install
添加Cherokee啟動腳本
因為Cherokee默認提供的安裝腳本只適用於debian或ubuntu系統,所以需要手動寫,從網上拷貝來一個,稍作修改
vi /etc/init.d/cherokee
#!/bin/bash
#
# chkconfig: 2345 55 25
# description: Cherokee http server
#
. /etc/rc.d/init.d/functions
RETVAL=0
prog="cherokee"
worker="$prog"
#base_dir="/usr/local/cherokee"
conf_file=/etc/cherokee/cherokee.conf
bin_file=/usr/sbin/${worker}
pid_file=/var/run/cherokee.pid.worker
start() {
echo -n $"Starting $prog: "
daemon $bin_file -C $conf_file -d && success || failure
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/${prog}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
if [ -r "$pid_file" ]; then
if [ -n `cat $pid_file` ]; then
killproc $bin_file -TERM
else
failure $"Stopping $prog"
fi
else
failure $"Stopping $prog"
fi
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -rf /var/lock/subsys/${prog} ${pid_file}
}
restart() {
stop
sleep 1
start
}
reload() {
echo -n $"Reloading configuration of $prog: "
killproc $bin_file -HUP
RETVAL=$?
echo
}
logrotate() {
echo -n $"Rotating logs of $prog: "
killproc $bin_file -USR2
RETVAL=$?
echo
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
logrotate)
logrotate
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status|logrotate}"
exit 1
;;
esac
exit $RETVAL
保存退出
chkconfig --add cherokee
chkconfig --level 235 cherokee on
開啟Cherokee的Web管理界面
chkrokee-admin -b &
這裡會提供用戶名和一次性的密碼
整合Cherokee和PHP
打開http://localhost:9090/
用開啟chkrokee-admin時生成的admin和密碼登錄進去后
點擊左側導航欄的「Information Sources」,在右側「Known sources」下面列出了目前已知的信息源,點擊默認的「php」,進入php設置:
Type: 「Local Interpreter」(就是本地解釋器),一般用在fastcgi的可執行程序與cherokee運行在同一台伺服器的情況。
「Remote Host」(就是遠程主機),一般用在fastcgi的看執行程序與cherokee不在同一伺服器的情況,或者為了保持cherokee和fastcgi進程更好的獨立性。
Nick: 這個「信息源」的名稱,具體就隨意了^^
Connection: 「信息源」提供的連接方式,可以設置為「IP地址:埠」的方式(比如:127.0.0.1:9000),也可以設置為Unix的socket(比如/tmp/php.sock)。
Interpreter: 「信息源」的解釋器,也就是fastcgi的可執行文件以及其運行參數。這裡我們將原有值改為:/usr/local/webserver/php/bin/php-cgi -b 9000。
此處的9000為上文php-fpm中定義的9000埠。
Spawn timeout: 超時設置(單位:秒,默認是3秒),用於cherokee與fastcgi進程通信時的超時閥值,這裡採用系統默認值,不用填寫即可。
本例中設置為:
Type:Local Interpreter
Nick:PHP LOCAL
Connection:127.0.0.1:9000
Interpreter:/usr/local/webserver/php/bin/php-cgi -b 9000
其餘均為默認值
左側選擇Hard restart,點擊Save(此處只所以選擇Hard restart,是因為只有這個才會使配置保存到/etc/cherokee/cherokee.conf,如果是Graceful restart,則只對本此運行有效)
點擊左側導航欄的"Status",點擊右側"Launch",這時才可以把Cherokee啟動起來。
此時,Cherokee的運行用戶和組都是root,這是非常不安全的,這裡把它修改為用www用戶和組運行
chown www.www /var/log/cherokee.access
chown www.www /var/log/cherokee.error
點擊左側導航欄的"General",點擊「Server Permissions」,將User和Group更改為www,其餘默認,左側選擇Hard restart,點擊Save。
六、安裝vsftpd
yum install vsftpd
vi /etc/vsftpd/vsftpd.conf
將相應內容修改為
#anonymous_enable=YES
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
touch /etc/vsftpd/chroot_list
添加vsftpd自動啟動
chkconfig --level 235 vsftpd on
啟動vsftpd
service vsftpd start
七、新建站點流程
1、創建目錄
mkdir /var/www/test.com
2、新建FTP用戶
useradd -g www -d /var/www/test.com -s /sbin/nologin -M test
3、修改test用戶名密碼
passwd test
4、將用戶鎖定在主目錄下(此例中為/var/www/test.com)
echo test >> /etc/vsftpd/chroot_list
或者
vi /etc/vsftpd/chroot_list
向裡面添加test
用戶名一行一個
5、更改目錄屬性
chown -R test.www /var/www/test.com
注意問題
修改cherokee運行用戶后,記住要修改cherokee的屬主屬性,否則會報錯