实验环境

cat /etc/redhat-release 

CentOS release 6.5 (Final)


实验软件

cmake-3.7.2.tar.gz    

libmcrypt-2.5.8.tar.gz  

mhash-0.8.15.tar.gz  

libiconv-1.15.tar.gz  

mcrypt-2.6.8.tar.gz     

mysql-5.6.24.tar.gz

nginx-1.10.2.tar.gz

redis-4.0.2.tgz 

php-5.6.30.tar.gz


软件安装

cp -pv /etc/sysctl.conf  /etc/sysctl.conf.bak

cat >> /etc/sysctl.conf << EOF

> net.ipv4.tcp_syncookies = 1

> net.ipv4.tcp_tw_reuse = 1

> net.ipv4.tcp_tw_recycle = 1

> net.ipv4.tcp_fin_timeout = 10

> net.ipv4.ip_forward= 1

> EOF  &&   sysctl -p


cp -pv /etc/hosts /etc/hosts.bak && echo 192.168.10.16 web1 >>  /etc/hosts

yum install -y gcc gcc-c++ autoconf automake libjpeg libjpeg-devel libpng libpng-devel

yum install -y freetype freetype-devel libxml2 libxml2-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel

yum install -y ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn

yum install -y libidn-devel libtool-ltdl-devel* openldap openldap-devel openldap-clients openldap-servers make

yum install -y zlib-devel pcre-devel* openssl-devel libtool* git tree bison* perl gd gd-devel fiex*


tar zxvf libiconv-1.15.tar.gz

cd libiconv-1.15

./configure --prefix=/usr/local/libiconv && make -j6 && make install


tar zxvf libmcrypt-2.5.8.tar.gz

cd libmcrypt-2.5.8

./configure && make -j6 && make install


tar zxvf mhash-0.8.15.tar.gz

cd mhash-0.8.15

./configure && make -j6 && make install


echo /usr/local/lib/ >> /etc/ld.so.conf && ldconfig

tar zxvf mcrypt-2.6.8.tar.gz

cd mcrypt-2.6.8

./configure && make -j6 && make install


tar zxvf cmake-3.7.2.tar.gz

cd cmake-3.7.2

./bootstrap && gmake -j6 && gmake install


groupadd mysql && useradd  -g mysql mysql

mkdir -pv /var/log/mysql

touch /var/log/mysql/{slow.log,mysql.err}

tar zxvf mysql-5.6.24.tar.gz 

cd mysql-5.6.24

cmake \

-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \

-DMYSQL_DATADIR=/usr/local/mysql/data \

-DSYSCONFDIR=/etc \

-DMYSQL_USER=mysql \

-DWITH_MYISAM_STORAGE_ENGINE=1 \

-DWITH_INNOBASE_STORAGE_ENGINE=1 \

-DWITH_ARCHIVE_STORAGE_ENGINE=1 \

-DWITH_MEMORY_STORAGE_ENGINE=1 \

-DWITH_READLINE=1 \

-DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock \

-DMYSQL_TCP_PORT=3306 \

-DENABLED_LOCAL_INFILE=1 \

-DENABLE_DOWNLOADS=1 \

-DWITH_PARTITION_STORAGE_ENGINE=1 \

-DEXTRA_CHARSETS=all \

-DDEFAULT_CHARSET=utf8 \

-DDEFAULT_COLLATION=utf8_general_ci \

-DWITH_DEBUG=0 \

-DMYSQL_MAINTAINER_MODE=0 \

-DWITH_SSL:STRING=bundled \

-DWITH_ZLIB:STRING=bundled \

make -j6 && make install


chown -R mysql:mysql /usr/local/mysql/

cp -pv support-files/my-default.cnf /etc/my.cnf

cp -pv support-files/mysql.server /etc/init.d/mysqld

chmod +x /etc/init.d/mysqld && chkconfig --level 35 mysqld on


cp -pv /etc/my.cnf  /etc/my.cnf.bak

cat /etc/my.cnf

basedir = /usr/local/mysql

datadir = /usr/local/mysql/data

log-error = /var/log/mysql/mysql.err

slow_query_log = 1

slow_query_log_file = /var/log/mysql/slow.log 

wait_timeout = 28800

interactive_timeout =  28800


/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql/ 

--datadir=/usr/local/mysql/data   --user=mysql &   初始化数据库

service  mysqld restart  && chkconfig --level 35 mysqld on


cp -pv /usr/local/mysql/bin/{mysql,mysqld,mysqladmin} /usr/bin/

mysqladmin  -uroot password 数据库验证

mysql -uroot -p123.com

mysql> 

mysql --version

mysql  Ver 14.14 Distrib 5.6.24, for Linux (x86_64) using  EditLine wrapper


tar zxvf php-5.6.30.tar.gz

cd php-5.6.30.tar.gz

./configure --prefix=/usr/local/php \

--with-config-file-path=/usr/local/php/etc \

--with-mhash --with-mcrypt --enable-bcmath \

--enable-mysqlnd --with-mysql --with-mysqli --with-pdo-mysql \

--with-gd --enable-gd-native-ttf --with-jpeg-dir --with-png-dir --with-freetype-dir \

--with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib \

--with-libxml-dir --enable-simplexml \

--enable-xml --disable-rpath \

--enable-bcmath --enable-soap --enable-zip \

--with-curl --enable-fpm \

--enable-mbstring --enable-sockets --with-gd --with-openssl \

--enable-opcache --disable-fileinfo

make -j6 && make install

cp -pv {php.ini-production,php.ini-development} /root/ 

cp -pv  php.ini-production /usr/local/php/etc/php.ini

cp -pv sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm

chmod +x /etc/init.d/php-fpm && chkconfig --level 35 php-fpm on

cp -pv /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf

cp -pv /usr/local/php/sbin/{php-fpm,php} /usr/bin/


php-fpm -t

configuration file /usr/local/php/etc/php-fpm.conf test is successful

service php-fpm restart


tar zxvf nginx-1.10.2.tar.gz

cd nginx-1.10.2

./configure \

--prefix=/usr/local/nginx \

--with-http_stub_status_module \

--with-http_ssl_module \

--with-http_realip_module \

--without-http_limit_conn_module  \

--without-http_limit_req_module \

--with-pcre \

--pid-path=/var/run/nginx.pid

make -j6 && make install


cp -pv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak

cp -pv /usr/local/nginx/sbin/nginx /usr/bin/


cat /usr/local/nginx/conf/nginx.conf

events {

use epoll;

worker_connections 1024;

}

location ~ \.php$ {

root html;

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php index.html;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include fastcgi_params;

}


nginx  -t

nginx  -c /usr/local/nginx/conf/nginx.conf && nginx  -s reload 平滑重启用于 从新加载配置文件

nginx -s stop && nginx  停止进程重启服务


touch   /usr/local/nginx/html/{index.html  index.php}

echo '<?php phpinfo(); ?>' > /usr/local/nginx/html/index.php

echo test_html > /usr/local/nginx/html/index.html

curl http://localhost/index.html

test_html


http://serverip/index.php

lnmp_lnmp


安装php模块

tar zxvf redis-4.0.2.tgz

cd redis-4.0.2

/usr/local/php/bin/phpize

./configure --with-php-cnotallow=/usr/local/php/bin/php-config --enable-redis

make -j6 && make install 

Installing shared extensions:  /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/


cp -pv /usr/local/php/etc/php.ini  /usr/local/php/etc/php.ini.bak

extension_dir = /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/

extension = redis.so


service php-fpm restart

php -m | grep redis

redis


lnmp_lnmp_02


自签私有证书

mkdir -pv /usr/local/nginx/conf/cert

cd /usr/local/nginx/conf/cert

openssl genrsa -des3 -out server.key 2048 

openssl req -new -key server.key -out server.csr  默认需要输入验证


cp -pv server.key server.key.org

openssl rsa -in server.key.org -out server.key 取消私有证书验证

openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt


配置域名虚拟主机

cp -pv /etc/hosts /etc/hosts.bak     配置host域名解析

echo 127.0.0.1 www.oa.com > /etc/hosts

echo 127.0.0.1 www.bbs.com >> /etc/hosts


mkdir -pv /usr/local/nginx/vhosts   虚拟主机配置目录

touch /usr/local/nginx/vhost/{www.oa.conf,www.bbs.conf}    虚拟主机配置文件

touch /usr/local/nginx/logs/{www.oa.log,www.bbs.log}      虚拟主机日志文件


mkdir -pv /data/www             虚拟主机代码目录

mkdir -pv /data/www/{oa,bbs}

touch /data/www/{oa,bbs}/index.html 

echo oa > /data/www/oa/index.html  &&   echo bbs > /data/www/bbs/index.html 


cat /usr/local/nginx/conf/nginx.conf

worker_processes  1;

events {

    worker_connections  1024;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    server_tokens off;   隐藏nginx版本号

    include /usr/local/nginx/vhosts/*.conf;

}


cat /usr/local/nginx/vhosts/www.oa.conf 

server {

  listen      80;

 client_max_body_size 10M;     修改nginx上传限制

  server_name www.oa.com;

  access_log /usr/local/nginx/logs/www.oa.log;


  location / {

   root /data/www/oa;

   index index.html index.htm;

     }

}

nginx  -t && nginx -s stop && nginx

curl http://www.oa.com

oa


配置https虚拟主机

cat /usr/local/nginx/vhosts/www.bbs.conf 

server {

  listen      443;

 client_max_body_size 10M;     修改nginx上传限制

  ssl         on;

  server_name www.bbs.com;

  ssl_certificate cert/server.crt;

  ssl_certificate_key cert/server.key;

  ssl_session_cache shared:SSL:1m;

  ssl_session_timeout 5m;

  ssl_ciphers HIGH:!aNULL:!MD5;

  access_log /usr/local/nginx/logs/www.bbs.log;


 location / {

   root /data/www/bbs;

   index index.html index.htm;

  }

}

nginx  -t && nginx -s stop && nginx


netstat -tuplna | grep LISTEN

tcp        0      0 0.0.0.0:80         0.0.0.0:*           LISTEN      1394/nginx       

tcp       0      0 0.0.0.0:443          0.0.0.0:*          LISTEN      1394/nginx


https://www.bbs.com

lnmp_lnmp_03


docker部署lnmp

yum install -y yum-utils  docker-ce-18.06.3.ce   

systemctl daemon-reload

systemctl start docker && systemctl enable docker

docker --version

Docker version 18.06.3-ce, build 6d37f41


docker pull mysql:5.7

docker pull php:7.2-fpm

docker pull nginx:1.12.2



docker run -itd --name mysql

-p 3306:3306 --restart=always   \

-v /etc/localtime:/etc/localtime -v /usr/local/mysql/data/:/var/lib/mysql \

-e MYSQL_ROOT_PASSWORD=root123  \

--net=host  mysql:5.7  && docker logs -f mysql | grep 3306  

[Note] Server hostname (bind-address): '*'; port: 3306

Version: '5.7.36'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  MySQL Community Server (GPL)


docker exec -it mysql /bin/bash -c 'mysql -uroot -proot'

mysql>  


docker run -itd --name phpfpm \

-p 9000:9000   --restart=always  \

-v  /usr/local/docker/nginx/html:/var/www/html  \

--net=host   php:7.2-fpm   && docker logs -f phpfpm 

NOTICE: fpm is running, pid 1

NOTICE: ready to handle connections


docker exec -it phpfpm  /bin/bash -c 'php -m'

[PHP Modules]

Core

fileinfo    查看php默认模块


docker exec -it phpfpm  /bin/bash -c 'docker-php-ext-install pdo_mysql'  安装php模块

docker exec -it phpfpm  /bin/bash -c 'php -m | grep pdo_mysql'       

pdo_mysql    查看php安装模块


docker run -itd  --name nginx \

-p 80:80  --restart=always  \  

-v  /usr/local/docker/nginx/html:/usr/share/nginx/html  \

--net=host  nginx:1.12.2   \

docker logs -f nginx  


docker inspect phpfpm | grep IPAddress  

"IPAddress": "172.17.0.3",  查看phpfpm容器ip 桥接网络模式使用

                 

docker exec -it nginx /bin/bash -c 'cp -pv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak'

docker cp nginx:/etc/nginx/conf.d/default.conf /root/

cat default.conf

server {

   listen       80;

   server_name  localhost;


   #charset koi8-r;

   #access_log  /var/log/nginx/host.access.log  main;


   location / {

       root   /usr/share/nginx/html;

       index  index.php index.html index.htm;

   }


   #location ~ \.php$ {

   #    proxy_pass   http://127.0.0.1;

   #}


   # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

   #

   location ~ \.php$ {

       root           /var/www/html;

       fastcgi_pass   192.168.10.18:9000;   192.168.10.18 host模式  172.17.0.3桥接模式

       fastcgi_index  index.php;

       fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

       include        fastcgi_params;

   }

}


docker cp default.conf  nginx:/etc/nginx/conf.d/default.conf

docker exec -it nginx /bin/bash -c 'nginx -t && nginx -s reload'

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

nginx语法检测


touch /usr/local/docker/nginx/html/{index.html,index.php}

echo testhtml > /usr/local/docker/nginx/html/index.html

echo '<?php phpinfo(); ?>' > /usr/local/docker/nginx/html/index.php


curl http://localhost/index.html

testhtml

cat /usr/local/docker/nginx/www/html/index.php  

<?php phpinfo(); ?>


netstat -tuplna | grep LISTEN

tcp6       0      0 :::3306      :::*       LISTEN      11932/mysqld

tcp6       0      0 :::9000      :::*       LISTEN      12280/php-fpm: mast

tcp        0      0 0.0.0.0:80   0.0.0.0:*  LISTEN      14889/nginx: master  


docker save nginx:1.12.2  > nginx1.12.2_images-$(date +%Y%m%d).tar.gz  备份容器

docker load -i mysql5.7_images.tar.gz            导入容器


http://serverip

lnmp_lnmp_04