基於CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台
一、安裝準備
1.1平台環境:
CentOS 5.4 x86_64 GNU/Linux
nginx-0.8.21
php-5.2.9
spawn-fcgi-1.6.3
mysql-5.1.34
1.2系統安裝及分區:
1.2.1操作系統安裝:
安裝過程中選擇最少的包,採用文本模式安裝,不安裝圖形。
1.2.3系統分區:
/boot 100M (大約100左右)
SWAP 4G 物理內存的2倍(如果你的物理內存大於4G,分配4G即可)
/ 50G
/data 剩餘所有空間.
註:具體分區請根據相關業務劃分
1.2.4系統軟體包安裝規範
系統約定:
軟體源代碼包存放位置 /usr/local/src
源碼包編譯安裝位置(prefix) /usr/local/software_name
腳本以及維護程序存放位置 /usr/local/sbin
MySQL 資料庫位置 /data/mysql/data(可按情況設置)
網站根目錄 /data/www/wwwroot(可按情況設置)
虛擬主機日誌根目錄 /data/logs(可按情況設置)
Nginx運行賬戶 www:www
install_software_name.sh //存放編譯參數腳本習慣將所有編譯腳本存放在install_software_name.sh便於升級和更新軟體.
1.3.系統初始化
#vi init_network.sh
#welcome
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Centos System init === |
+--------------------------------------------------------------+
+----------------------Author:NetSeek--------------------------+
EOF
#disable ipv6
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Disable IPV6 === |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off
echo "ipv6 is disabled!"
#disable selinux
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
echo "selinux is disabled,you must reboot!"
#vim
sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
echo 'syntax on' > /root/.vimrc
#zh_cn
sed -i -e 's/^LANG=.*/LANG="en"/' /etc/sysconfig/i18n
#init_ssh
ssh_cf="/etc/ssh/sshd_config"
sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
#client
sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
echo "ssh is init is ok.............."
#chkser
#tunoff services
#--------------------------------------------------------------------------------
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Tunoff services === |
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sendmail | sshd | syslog | local | mysqld )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
1.4 系統環境部署及調整
檢查系統是否正常
# tail -n100 /var/log/messages (檢查有無系統級錯誤信息)
# dmesg (檢查硬體設備是否有錯誤信息)
# ifconfig (檢查網卡設置是否正確)
# ping www.linuxtone.org (檢查網路是否正常)
1.5使用 yum 程序安裝所需開發包
1.5.1 更換快源
#cd /etc/yum.repos.d/
#mv CentOS-Base.repo CentOS-Base.repo.linuxtone
#wget http://docs.linuxtone.org/soft/lemp/CentOS-Base.repo
1.5.2 yum安裝相關軟體包:
#yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libtool* zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-devel gettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
1.6 定時校正伺服器時鐘,定時與中國國家授時中心授時伺服器同步
# crontab -e
加入一行:
15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1
1.7下載相關軟體包
#cd /usr/local/src
#vi list_tar.list
http://docs.linuxtone.org/soft/lemp/ImageMagick.tar.gz
http://docs.linuxtone.org/soft/lemp/PDO_MYSQL-1.0.2.tgz
http://docs.linuxtone.org/soft/lemp/eaccelerator-0.9.5.3.tar.bz2
http://docs.linuxtone.org/soft/lemp/imagick-2.2.2.tgz
http://docs.linuxtone.org/soft/lemp/libiconv-1.13.tar.gz
http://docs.linuxtone.org/soft/lemp/libmcrypt-2.5.8.tar.gz
http://docs.linuxtone.org/soft/lemp/mcrypt-2.6.8.tar.gz
http://docs.linuxtone.org/soft/lemp/memcache-2.2.5.tgz
http://docs.linuxtone.org/soft/lemp/mhash-0.9.9.9.tar.gz
http://docs.linuxtone.org/soft/lemp/mysql-5.1.34.tar.gz
http://docs.linuxtone.org/soft/lemp/pcre-7.8.tar.gz
http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
http://docs.linuxtone.org/soft/lemp/php-5.2.9.tar.bz2
http://sysoev.ru/nginx/nginx-0.8.21.tar.gz
http://docs.linuxtone.org/soft/lemp/ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
#wget -i list_tar.list
1.8.添加nginx 運維賬戶:
#vi add_webuser.sh
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data/www/wwwroot
chmod +w /data/www/wwwroot
chown www:www /data/www/wwwroot -R
#sh add_webuser.sh
二.編譯安裝
2.1 編譯安裝pcre
#tar zxvf pcre-7.8.tar.gz
#cd pcre-7.8
#./configure && make && make install
2.2 編譯安裝nginx
#tar zxvf nginx-0.8.21.tar.gz
#cd nginx-0.8.21
2.2.1 附加:修改nginx源代碼,偽裝nginx伺服器(僅供參考,安全還得認真做起^.^):
(1).修改gcc
#vi auto/cc/gcc
NGX_GCC_OPT="-O"
修改為:
NGX_GCC_OPT="-O3"
(2).修改nginx.h
#vi nginx-0.8.21/src/core/nginx.h
#define NGINX_VERSION "0.7.58"
#define NGINX_VER "nginx/" NGINX_VERSION
修改為:
#define NGINX_VERSION "1.0"
#define NGINX_VER "LTWS/" NGINX_VERSION
(3).修改nginx_http_header_filter_module
#vi nginx-0.8.21/src/http/ngx_http_header_filter_module.c
static char ngx_http_server_string[] = "Server: nginx" CRLF;
修改為:
static char ngx_http_server_string[] = "Server: LTWS" CRLF;
(4).修改ngx_http_special_response.c
#vi nginx-0.8.21/src/http/ngx_http_special_response.c
將如下
static u_char ngx_http_error_full_tail[] =
"<hr><center>" NGINX_VER "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>nginx</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
修改為:
static u_char ngx_http_error_full_tail[] =
"<hr><center> "NGINX_VER" </center>" CRLF
"<hr><center>http://www.linuxtone.com</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_tail[] =
"<hr><center>HMGWS</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
2.2.2 nginx 編譯安裝
./configure \
"--user=www" \
"--group=www" \
"--prefix=/usr/local/nginx/" \
"--with-http_stub_status_module" \
"--with-http_ssl_module" \
"--with-md5=/usr/lib" \
"--with-sha1=/usr/lib"
make
make install
2.3 編譯安裝配置mysql
./configure \
"--prefix=/usr/local/mysql" \
"--localstatedir=/data/mysql/data" \
"--with-comment=Source" \
"--with-server-suffix=-Linuxtone.Org" \
"--enable-assembler" \
"--with-charset=utf8" \
"--with-collation=utf8_chinese_ci" \
"--with-collation=utf8_chinese_ci" \
"--with-extra-charsets=complex" \
"--enable-thread-safe-client" \
"--with-big-tables" \
"--with-readline" \
"--with-ssl" \
"--with-embedded-server" \
"--enable-local-infile" \
"--with-plugins=innobase"
make
make install
useradd mysql -d /data/mysql -s /sbin/nologin
/usr/local/mysql/bin/mysql_install_db --user=mysql
cd /usr/local/mysql
chown -R root:mysql .
mkdir -p /data/mysql/data
chown -R mysql /data/mysql/data
cp share/mysql/my-huge.cnf /etc/my.cnf.bak
wget http://www.caifw.com/api/my.cnf
sed -i '50 s/^/#/' /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
/etc/rc.d/init.d/mysqld start
cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done
2.4 編譯安裝php
2.4.1安裝php相應的lib
2.4.1.1 libiconv-1.13
#tar zxvf libiconv-1.13.tar.gz
#cd libiconv-1.13
#./configure --prefix=/usr && make && make install
2.4.1.2 libmcrypt-2.5.8
#tar zxvf libmcrypt-2.5.8.tar.gz
#cd libmcrypt-2.5.8/
#./configure --prefix=/usr && make && make install
#echo "/usr/lib" >> /etc/ld.so.conf
#ldconfig
#cd libltdl/
#./configure --enable-ltdl-install
#make && make install
2.4.1.3 mhash-0.9.9.9
#tar zxvf mhash-0.9.9.9.tar.gz
#cd mhash-0.9.9.9
#./configure --prefix=/usr && make && make install
#ldconfig
2.4.1.4 mcrypt-2.6.8
#tar zxvf mcrypt-2.6.8.tar.gz
#cd mcrypt-2.6.8
#./configure --prefix=/usr && make&& make install
2.4.2 安裝spawn-fcgi
#tar zvxf spawn-fcgi-1.6.3.tar.gz
#cd spawn-fcgi-1.6.3
#./configure && make && make install
2.4.3 安裝php
#tar jvxf php-5.2.9.tar.bz2
#vi install_php.sh
./configure \
"--prefix=/usr/local/php" \
"--enable-fastcgi" \
"--enable-fpm" \
"--enable-discard-path" \
"--enable-force-cgi-redirect" \
"--with-config-file-path=/usr/local/php/etc" \
"--with-mysql=/usr/local/mysql" \
"--with-mysqli=/usr/local/mysql/bin/mysql_config" \
"--with-iconv-dir" \
"--with-freetype-dir" \
"--with-jpeg-dir" \
"--with-png-dir" \
"--with-gd" \
"--with-zlib" \
"--with-libxml-dir" \
"--with-curl" \
"--with-curlwrappers" \
"--with-openssl" \
"--with-mhash" \
"--with-xmlrpc" \
"--with-mcrypt" \
"--with-ldap" \
"--with-ldap-sasl" \
"--enable-xml" \
"--disable-rpath" \
"--enable-discard-path" \
"--enable-safe-mode" \
"--enable-bcmath" \
"--enable-shmop" \
"--enable-sysvsem" \
"--enable-inline-optimization" \
"--enable-mbregex" \
"--enable-mbstring" \
"--enable-gd-native-ttf" \
"--enable-ftp" \
"--enable-pcntl" \
"--enable-sockets" \
"--enable-zip" \
"--disable-debug" \
"--disable-ipv6"
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/php/etc/php.ini
#sh install_php.sh
2.4.4安裝PHP擴展模塊
2.4.4.1 memcache-2.2.5
#tar zvxf memcache-2.2.5.tgz
#cd memcache-2.2.5
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.2 eaccelerator-0.9.5.3
#tar jvxf eaccelerator-0.9.5.3.tar.bz2
#cd eaccelerator-0.9.5.3
#/usr/local/php/bin/phpize
#./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
#make && make install
2.4.4.3 PDO_MYSQL-1.0.2
#tar zxvf PDO_MYSQL-1.0.2.tgz
#cd PDO_MYSQL-1.0.2
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
#make && make install
2.4.4.4 ImageMagick
#tar zxvf ImageMagick.tar.gz
#cd ImageMagick-6.5.1-2/
#./configure --enable-shared --with-modules --without-x --with-gs-font-dir=default --with-perl=yes --with-xml=yes --with-zlib=yes --with-jpeg=yes
# make && make install
複製代碼
2.4.4.5 imagick-2.2.2
#tar zxvf imagick-2.2.2.tgz
#cd imagick-2.2.2/
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make
#make install
2.4.5腳本配置php.ini
# vi init_php.sh
#!/bin/bash
fcgi_cf="/usr/local/php/etc/php.ini"
ea(){
cat << EOF
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/data/cache/ea"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
EOF
}
#mkdir
mkdir -p /data/cache/ea
ea >> $fcgi_cf
#config for php.ini
sed -i '205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g' $fcgi_cf
sed -i '210 s#disable_functions =#;disable_functions = phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server#g' $fcgi_cf
sed -i '/expose_php/s/On/Off/' $fcgi_cf
sed -i '/display_errors/s/On/Off/' $fcgi_cf
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' $fcgi_cf
sed -i 's#output_buffering = Off#output_buffering = On#' $fcgi_cf
2.5安裝Zend
#tar zvxf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
# cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
# ./install
註:php.ini的位置為/usr/local/php/etc 伺服器不選用apache
《解決方案》
三、配置整合
3.1 配置nginx
註:本文spawn-fcgi開啟9000跟9001兩個埠,利用nginx的upstream負載均衡php程序到不同的fcgi埠上面,解決502 gateway錯誤
#cd /usr/local/nginx/conf
#cp nginx.conf nginx.conf.linuxtone
#vi nginx.conf
user www www;
worker_processes 10;
pid /var/run/nginx.pid;
# [ debug | info | notice | warn | error | crit ]
error_log /dev/null;
#error_log /data/logs/nginxerror.log;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}
http
{
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
#charset gb2312;
charset utf8;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /data/www/logs/access.log main;
access_log /dev/null;
#General Options
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
ignore_invalid_headers on;
recursive_error_pages on;
server_name_in_redirect off;
sendfile on;
#timeouts
keepalive_timeout 60;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
#fastcgi options
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
#size limits
client_max_body_size 50m;
client_body_buffer_size 256k;
#gzip compression
gzip on;
gzip_min_length 0;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_comp_level 9;
gzip_types text/plain text/css image/x-icon image/png;
gzip_vary on;
#temp files
proxy_temp_path /dev/shm/proxy_temp;
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;
#client_body_temp_path /usr/local/nginx/client_body_temp 1 2;
#proxy_temp_path /usr/local/nginx/proxy_temp 1 2;
#fastcgi_temp_path /usr/local/nginx/fastcgi_temp 1 2;
#upstream
upstream spawn {
# ip_hash;
server 127.0.0.1:9000 max_fails=0 fail_timeout=30s;
server 127.0.0.1:9001 max_fails=0 fail_timeout=30s;
}
# The following includes are specified for virtual hosts
#www.linuxtone.org
include /usr/local/nginx/conf/vhosts/www.linuxtone.org.conf;
}
#mkdir vhosts
#vi vhosts/www.linuxtone.org.conf
server
{
listen 80;
server_name www.linuxtone.org .linuxtone.org;
index index.html index.htm index.php;
root /data/www/wwwroot/linuxtone;
error_page 404 http://www.linuxtone.org;
#rewrite ^/bbs/(.*) http://bbs.linuxtone.org/$1;
location ~ .*\.php?$
{
fastcgi_pass spawn;
include /usr/local/nginx/conf/spawn_php5.conf;
fastcgi_index index.php;
}
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
access_log off;
expires 1d;
break;
}
}
}
#vi /usr/local/nginx/conf/spawn_php5.conf
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
#fastcgi_param REDIRECT_STATUS 200;
3.2 配置spawn-fcgi啟動腳本
#mkdir /usr/local/php/sbin
# vi /usr/local/php/sbin/spawn-fcgi
#! /bin/sh
set -e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="spawn-fcgi daemon"
NAME=spawn-fcgi
DAEMON=/usr/local/bin/$NAME
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
d_start() {
$DAEMON -a 127.0.0.1 -p 9000 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1
$DAEMON -a 127.0.0.1 -p 9001 -C 128 -u www -g www -f /usr/local/php/bin/php-cgi > /dev/null 2>&1 || echo -n " already running"
}
d_stop() {
/usr/bin/killall -9 php-cgi > /dev/null 2>&1 || echo -n " not running"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
d_stop
sleep 1
d_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2
exit 3
;;
esac
exit 0
#chmod 755 /usr/local/php/sbin/spawn-fcgi
四、啟動WEB服務
4.1.啟動spawn-fcgi
#/usr/local/php/sbin/spawn-fcgi start
4.2.啟動nginx
4.2.1檢查nginx配置:
# /usr/local/nginx/sbin/nginx ?t //返回如下信息說明配置正確
the configuration file /usr/local/nginx//conf/nginx.conf syntax is ok
configuration file /usr/local/nginx//conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx //啟動nginx
4.3.加入開機啟動
#vi /etc/rc.local
在最後加入:
ulimit -SHn 51200
/usr/local/nginx/sbin/nginx
/usr/local/php/sbin/spawn-fcgi start
五、測試
#mkdir /data/www/wwwroot/linuxtone
#vi phpinfo.php
<?php
Phpinfo();
?>
打開瀏覽器輸入:http://www.linuxtone.org/phpinfo.php
即可查看當前配置環境. 查看完成後出於安全考慮請再將此函數禁掉.
《解決方案》
寫了這麼多....頂一下吧
《解決方案》
支持樓主!!!
《解決方案》
這個要頂的,要是再介紹一些優化經驗那就無敵了
《解決方案》
頂