生产环境搭建LNMP平台
版本号
MySQL5.5.37 php-5.5.14 nginx-1.6.0 mongo-1.5.4 libiconv-1.14 gettext-0.18.1.1 libmcrypt-2.5.8 mcrypt-2.6.8 mhash-0.9.9 memcache-2.2.7 zlib-1.2.5 ImageMagick-6.8.8-9 libpng-1.6.2 imagick-3.1.2 freetype-2.4.12 pcre-8.35
php模块 pthreads.so redis.so imap.so memcache.so imagick.so opcache.so mongo.so
服务重新加载
service nginx reload
service php-fpm reload
service mysqld restart
配置文件路径
nginx /usr/local/nginx/conf/nginx.conf php /usr/local/php/etc/php-fpm.conf /usr/local/php/etc/php.ini mysql /etc/my.cnf
下面开始
Centos 6.5 64位CentOS-6.5-x86_64-minimal.iso最小化安装
安装包下载地址 http://pan.baidu.com/s/1sXpGj
关闭selinux SELINUX=disabled
shutdown -r now #不重启的话,更新ssh后下一次重启,ssh会启动失败
yum install gcc gcc-c++ vim wget lrzsz ntpdate sysstat dstat wget man tree -y
tar -xzf ifstat-1.1.tar.gz cd ifstat-1.1 ./configure make make install cd ..
yum install ncurses ncurses-devel libpcap libpcap-devel -y tar -xzf iftop-0.17.tar.gz cd iftop-0.17 ./configure make make install cd ..
tar -xzf htop-1.0.tar.gz cd htop-1.0 ./configure make make install cd ..
# /usr/local/bin/htop
# /usr/local/bin/ifstat
echo "export PATH=$PATH:/usr/local/bin" >> /etc/profile.d/tools.sh
. /etc/profile.d/tools.sh
yum install -y vim-enhanced patch make flex bison file libtool libtool-libs autoconf libjpeg-devel libpng libpng-devel gd gd-devel freetype-devel libxml2 libxml2-devel zlib zlib-devel glib2 glib2-devel bzip2bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel fonts-chinese gettext-devel gmp-devel pspell-devel unzip libcap apr* automake openssl-devel perl compat* mpfr cpp glibc glibc-devel libgomp libstdc++-devel ppl cloog-ppl keyutils keyutils-libs-devel libcom_err-devel libsepol-devel krb5-devel libXpm* php-common php-gd pcre-devel libmcrypt-devel gd2 gd2-devel openldap*
#Set timezone
rm -rf /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ntpdate 0.asia.pool.ntp.org ;hwclock -w
cat >>/etc/sysctl.conf<<eof
fs.file-max = 65535
eof
ulimit -SHn 65535
mkdir /data
cd /data/ #软件包都放此目录
编译安装MySQL 5.5.37
安装cmake2.8.7 跨平台的安装(编译)工具
tar -zxf cmake-2.8.7.tar.gz cd cmake-2.8.7 ./configure make&& make install cd ..
编译安装mysql
/usr/sbin/groupadd mysql /usr/sbin/useradd -g mysql mysql mkdir -p /var/mysql/data mkdir -p /var/mysql/log chown -R mysql.mysql /var/mysql
tar zxf mysql-5.5.37.tar.gz
cd mysql-5.5.37
cmake -DCMAKE_BUILD_TYPE:STRING=Release -DMYSQL_USER=mysql-DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/var/mysql/data -DSYSCONFDIR=/etc -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_MEMORY_STORAGE_ENGINE=1 -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_FEDERATED_STORAGE_ENGINE=1 -DWITH_PARTITION_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock -DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1 -DWITH_PARTITION_STORAGE_ENGINE=1 -DEXTRA_CHARSETS=all -DWITH_SSL=yes -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci
make -j4
make install
复制配置文件:
mv /etc/my.cnf /etc/my.cnf.bak
cp support-files/my-large.cnf /etc/my.cnf
vim +40 /etc/my.cnf
在[mysqld]添加:
skip-name-resolve lower_case_table_names= 1 character-set-server= utf8 query_cache_limit= 10M max_connections= 2000 datadir= /var/mysql/data lower_case_table_names= 1 character-set-server= utf8 log-error= /var/mysql/log/mysql-error.log pid-file= /var/mysql/log/mysql.pid general_log= 1 log_output=TABLE log-bin=/var/mysql/log/mysql-bin slow_query_log= ON slow_query_log_file= /var/mysql/log/mysql_slow.log long_query_time= 2 max_heap_table_size= 64M #注释下面的log-bin=mysql-bin
复制启动脚本 :
cp ./support-files/mysql.server /etc/init.d/mysqld chmod 755 /etc/init.d/mysqld chkconfig --add mysqld chkconfig mysqld on cd..
初始化数据库
/usr/local/mysql/scripts/mysql_install_db --user=mysql --datadir=/var/mysql/data --basedir=/usr/local/mysql --log-output=file cat> /etc/ld.so.conf.d/mysql.conf<<EOF /usr/local/mysql/lib/mysql /usr/local/lib EOF ldconfig yum install mysql -y service mysqld start /usr/local/mysql/bin/mysql_secure_installation #配置mysql
编译安装php-5.5.14所需组件
安装libiconv
tar zxf libiconv-1.14.tar.gz cd libiconv-1.14 ./configure --prefix=/usr/local/libs make make install cd ../
安装libmcrypt
tar zxf libmcrypt-2.5.8.tar.gz cd libmcrypt-2.5.8/ ./configure --prefix=/usr/local/libs make make install /sbin/ldconfig cd libltdl/ ./configure --enable-ltdl-install --prefix=/usr/local/libs make make install cd ../../
安装mhash
tar xzf mhash-0.9.9.tar.gz cd mhash-0.9.9 ./configure --prefix=/usr/local/libs make make install cd ../
安装zlib
tar -zxf zlib-1.2.5.tar.gz cd zlib-1.2.5 ./configure --prefix=/usr/local/libs make make install cd ../
安装libpng
tar -zxf libpng-1.6.2.tar.gz cd libpng-1.6.2 ./configure --prefix=/usr/local/libs make make install cd ../
安装freetype
tar -zxf freetype-2.4.12.tar.gz cd freetype-2.4.12 ./configure --prefix=/usr/local/libs make make install cd ../
安装Jpeg
tar -zxf jpegsrc.v9.tar.gz cd jpeg-9 ./configure --prefix=/usr/local/libs --enable-shared --enable-static make make install cd ../
安装gettext
tar -zxf gettext-0.18.1.1.tar.gz cd gettext-0.18.1.1 ./configure --prefix=/usr/local/libs make make install cd ../
cat > /etc/ld.so.conf.d/local.conf << eof /usr/local/libs/lib /usr/local/lib eof ldconfig -v
tar zxf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8/ export LDFLAGS="-L/usr/local/libs/lib -L/usr/lib"export CFLAGS="-I/usr/local/libs/include -I/usr/include" export LD_LIBRARY_PATH=/usr/local/libs/: LD_LIBRARY_PATH ./configure --prefix=/usr/local/libs --with-libmcrypt-prefix=/usr/local/libs make make install cd ../
编译安装PHP(FastCGI模式)
cp -frp /usr/lib64/libldap* /usr/lib/
ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib64/
tar zxf php-5.5.14.tar.gz
cd php-5.5.14/
./configure --prefix=/usr/local/php --with-fpm-user=www --with-fpm-group=www --with-config-file-path=/usr/local/php/etc --with-openssl --with-curl --with-mysql=/usr/local/mysql --with-pdo-mysql=/usr/local/mysql --with-mysqli=mysqlnd --enable-mbstring=all --with-gd --with-freetype-dir=/usr/local/libs --with-jpeg-dir=/usr/local/libs --with-png-dir=/usr/local/libs --with-zlib-dir=/usr/local/libs --enable-mbstring --enable-sockets --with-iconv-dir=/usr/local/libs --enable-libxml --enable-soap --with-mcrypt=/usr/local/libs --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --enable-fpm --enable-gd-native-ttf --with-mhash --enable-pcntl --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-phar --without-pear --enable-ftp --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-maintainer-zts --disable-rpath --with-gettext --enable-opcache
make ZEND_EXTRA_LIBS='-liconv'
make install
——插播——
#如果php版本为php-5.3.28,那么编译参数为
./configure --prefix=/usr/local/php --with-fpm-user=www --with-fpm-group=www --with-config-file-path=/usr/local/php/etc --with-openssl --with-curl --with-mysql=/usr/local/mysql --with-pdo-mysql=/usr/local/mysql --with-mysqli=mysqlnd --enable-mbstring=all --with-gd --with-freetype-dir=/usr/local/libs --with-jpeg-dir=/usr/local/libs --with-png-dir=/usr/local/libs --with-zlib-dir=/usr/local/libs --enable-mbstring --enable-sockets --with-iconv-dir=/usr/local/libs --enable-libxml --enable-soap --with-mcrypt=/usr/local/libs --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --enable-fpm --enable-gd-native-ttf --with-mhash --enable-pcntl --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-phar --without-pear --enable-ftp --disable-rpath --with-gettext --enable-magic-quotes
make ZEND_EXTRA_LIBS='-liconv' -j4
make install
并且下面的pthreads-master模块会安装不成功,不过ming可以安装,所以根据自己的需要考虑,其他安装过程一致
——插播——
ln -s /usr/local/php/bin/php /usr/bin/php ln -s /usr/local/php/bin/phpize /usr/bin/phpize ln -s /usr/local/php/sbin/php-fpm /usr/bin/php-fpm
cp php.ini-development /usr/local/php/etc/php.ini cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf cp /data/php-5.5.14/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm chmod +x /etc/init.d/php-fpm
cd ../
sed -i 's/;date\.timezone \=/date\.timezone \= Asia\/Shanghai/g' /usr/local/php/etc/php.ini
sed -i 's/expose_php = On/expose_php = Off/g' /usr/local/php/etc/php.ini
sed -i 's/disable_functions =.*/disable_functions =passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname/g' /usr/local/php/etc/php.ini
编译安装PHP扩展模块
unzip pthreads-master.zip cd pthreads-master /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make make install cd ..
——插播——
php5.3安装ming可以按下面方法,php5.5整合zend,安装的时候提示错误
Ming
首先开启PHP命令
vi ~/.bash_profile
加一行后保存
export PATH=$PATH:/www/wdlinux/php/bin
然后运行命令
source ~/.bash_profile
wget http://pear.php.net/go-pear.phar
php go-pear.phar
中间有个问题直接enter确认就行。
wget http://jaist.dl.sourceforge.net/project/ming/Releases/ming-0.4.5.tar.gz
tar-zxvf ming-0.4.5.tar.gz
cd ming-0.4.5.tar.gz
./configure --enable-php
make && make install
完成后修改PHP.ini增加 一行
/usr/local/php/lib/php/extensions/no-debug-non-zts-20090626/ming.so
——插播——
memcache扩展
tar -xzf memcache-2.2.7.tgz cd memcache-2.2.7 /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make make install cd ..
安装imagick扩展
tar zxf ImageMagick-6.8.8-9.tar.gz cd ImageMagick-6.8.8-9/ ./configure --prefix=/usr/local/p_w_picpathmagick make && make install cd .. tar -xzf imagick-3.1.2.tgz cd imagick-3.1.2 /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-imagick=/usr/local/p_w_picpathmagick make make install cd ..
安装IMAP的PHP扩展
yum install libc-client.x86_64 libc-client-devel.x86_64 -y cp /usr/lib64/libc-client.so* /usr/lib cd php-5.5.14/ext/imap/ phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-imap --with-imap-ssl --with-kerberos make make install cd /data
安装phpredis扩展
unzip phpredis-master.zip cd phpredis-master /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make make install cd /data
mongo扩展
tar -xzf mongo-1.5.4.tgz cd mongo-1.5.4 /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --prefix=/usr/local/mongo make make install cd ..
vim /usr/local/php/etc/php.ini #在php.ini最后添加如下
extension_dir = "/usr/local/php/lib/php/extensions/no-debug-zts-20121212/" extension = "pthreads.so" extension = "redis.so" extension = "imap.so" extension = "memcache.so" extension = "imagick.so" extension = "mongo.so" zend_extension =/usr/local/php/lib/php/extensions/no-debug-zts-20121212/opcache.so opcache.memory_consumption=128 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=4000 opcache.revalidate_freq=60 opcache.fast_shutdown=1 opcache.enable_cli=1
安装Nginx
安装Nginx
tar -zxf pcre-8.35.tar.gz cd pcre-8.35 ./configure --prefix=/usr/local/pcre make&&make install cd ../
groupadd www
useradd -g www www -s /sbin/nologin
tar -xzf nginx-1.6.0.tar.gz
cd nginx-1.6.0/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre=/data/pcre-8.35 --with-http_realip_module --with-http_p_w_picpath_filter_module
make
make install
cd ../
wget -c http://soft.vpser.net/lnmp/ext/init.d.nginx cp init.d.nginx /etc/init.d/nginx chmod +x /etc/init.d/nginx
创建Nginx日志目录
mkdir -p /data/nginx/logs chmod +w /data/nginx/logs chown -R www:www /data/nginx/logs
修改nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
cat > /usr/local/nginx/conf/nginx.conf <<eof
user www www;
worker_processes 4;
error_log /data/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
keepalive_timeout 300;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascripttext/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
server_tokens off;
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
log_not_found off;
fastcgi_intercept_errors on;
server
{
listen 80;
server_name www.yourweb.com;
index index.html index.htm index.php;
root /var/www/;
location ~ .*\.(php|php5)?$
{
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fcgi.conf;
}
location /status {
stub_status on;
access_log off;
}
location ~.*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log /data/nginx/logs/access.log access;
error_page 404 = /404.html;
}
include /usr/local/nginx/conf/server/*.conf;
}
eof
mkdir /usr/local/nginx/conf/server/cp /usr/local/nginx/conf/fastcgi.conf /usr/local/nginx/conf/fcgi.conf mkdir /var/www/ cat>/var/www/phpinfo.php<< eof <?php phpinfo(); ?> eof
mv /usr/local/php/etc/php-fpm.conf /usr/local/php/etc/php-fpm.conf.bak
cat > /usr/local/php/etc/php-fpm.conf << eof [global] pid = /usr/local/php/var/run/php-fpm.pid error_log = /usr/local/php/var/log/php-fpm.log log_level = error [www] listen = /tmp/php-cgi.sock user = www group = www listen.mode = 0666 ;pm = dynamic pm = static pm.max_children = 10 pm.start_servers = 5 pm.min_spare_servers = 5 pm.max_spare_servers = 30 request_terminate_timeout = 60 request_slowlog_timeout = 60s slowlog = /var/log/php-fpm.log.slow pm.max_requests = 1024 eof
升级前关闭selinux
升级ssl,ssh
yum install zlib zlib-devel krb5-devel.x86_64 -y #如果单独升级openssh需要安装 tar -xzf openssl-1.0.1g.tar.gz cd openssl-1.0.1g ./config --prefix=/usr/local/ssl shared zlib-dynamic enable-camellia -DOPENSSL_NO_HEARTBEATS make make install openssl version mv /usr/bin/openssl /usr/bin/openssl.old mv /usr/include/openssl /usr/include/opensslold ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl ln -s /usr/local/ssl/include/openssl/ /usr/include/openssl echo "/usr/local/ssl/lib/" >>/etc/ld.so.conf ldconfig -v|grep ssl openssl version cd ..
yum install pam* -y tar -xzf openssh-6.6p1.tar.gz cd openssh-6.6p1 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man --with-kerberos5=/usr/lib64/libkrb5.so --mandir=/usr/share/man make make install ssh -V cd ..
