动静分离能有效提升站点访问效率,此时apache工作在反向代理模式。PHP不在作为apache的模块。而是以独立服务器的方式运行。两者之间通过fcgi机制建立通讯。
一.安装DNS服务实现域名解析
1.安装bind
[root@www ~]# yum install bind
2.配置named主配置文件
[root@www ~]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package toconfigure the ISC BIND named(8) DNS
// server as a caching only nameserver (asa localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ forexample named configuration files.
//
options {
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { localhost; };
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
/*bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
*/
};
logging {
channel default_debug {
file"data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include"/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3.配置区域配置文件
[root@www ~]# vim /etc/named.rfc1912.zones
zone "stu31.com" IN {
type master;
file "stu31.com.zone";
};
4.配置区域解析库文件(正向)
[root@www ~]# vim /var/named/stu31.com.zone $TTL 600 $ORIGIN stu31.com. @ IN SOA ns1.stu31.com. root@stu31.com ( 20141219 1M 2H 3D 6M ) @ IN NS ns1 IN MX 5 mail ns1 IN A 172.16.31.20 www IN A 172.16.31.20 bbs IN A 172.16.31.20 pmp IN A 172.16.31.20 mail IN A 172.16.31.20 pop3 IN CNAME mail iamp4 IN CNAME mail
更改权限及属主属组
[root@www ~]# chmod 640/var/named/stu31.com.zone [root@www ~]# chown :named/var/named/stu31.com.zone
5.检查语法
[root@www ~]# named-checkconf [root@www ~]# named-checkzone stu31.com/var/named/stu31.com.zone zone stu31.com/IN: loaded serial 20141219 OK
6.启动named服务
[root@www ~]# service named start Generating /etc/rndc.key: [ OK ] Starting named: [ OK ]
将本地网络的DNS服务器地址指向172.16.31.20
[root@www ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=172.16.31.20
测试完全区域:
[root@www ~]# dig -t axfr stu31.com @172.16.31.20 ; <<>> DiG9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -t axfr stu31.com@172.16.31.20 ;; global options: +cmd stu31.com. 600 IN SOA ns1.stu31.com.root\@stu31.com.stu31.com. 2014121903 60 7200 259200 360 stu31.com. 600 IN NS ns1.stu31.com. stu31.com. 600 IN MX 5 mail.stu31.com. bbs.stu31.com. 600 IN A 172.16.31.20 iamp4.stu31.com. 600 IN CNAME mail.stu31.com. mail.stu31.com. 600 IN A 172.16.31.20 ns1.stu31.com. 600 IN A 172.16.31.20 pmp.stu31.com. 600 IN A 172.16.31.20 pop3.stu31.com. 600 IN CNAME mail.stu31.com. web.stu31.com. 600 IN A 172.16.31.20 www.stu31.com. 600 IN A 172.16.31.20 stu31.com. 600 IN SOA ns1.stu31.com.root\@stu31.com.stu31.com. 2014121903 60 7200 259200 360 ;; Query time: 2 msec ;; SERVER: 172.16.31.20#53(172.16.31.20) ;; WHEN: Mon Dec 22 08:31:22 2014 ;; XFR size: 12 records (messages 1, bytes304)
二.源码安装httpd-2.4.10
1.安装apr及apr-util
[root@www ~]# tar xf apr-1.5.0.tar.bz2 [root@www ~]# cd apr-1.5.0 [root@www apr-1.5.0]# ./configure--prefix=/usr/local/apr [root@www apr-1.5.0]# make && makeinstall
[root@www apr-1.5.0]# cd .. [root@www ~]# tar xf apr-util-1.5.3.tar.bz2 [root@www ~]# cd apr-util-1.5.3 [root@www apr-util-1.5.3]# ./configure--prefix=/usr/local/apr-util --with-apr=/usr/local/apr [root@www apr-util-1.5.3]# make &&make install
设置apr及apr-util成为系统环境变量
[root@www apr-util-1.5.3]# vim/etc/profile.d/apr.sh exportPATH=/usr/local/apr/bin:/usr/local/apr-util/bin:$PATH
2.源码安装httpd
[root@www ~]# tar xf httpd-2.4.10.tar.bz2 [root@www ~]# cd httpd-2.4.10 [root@www httpd-2.4.10]# ./configure--prefix=/usr/local/apache --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-rewrite --with-z --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-modules=most --enable-mpms-shared=all --with-mpm=event
编译参数注释
--prefix= #指定安装到/usr/local/apache路径下
--sysconfdir= #指定配置文件安装到/etc/httpd24下
--enable=so #支持动态装卸载模块
--enable-ssl #支持https加密传输
--enable-rewrite #支持URL重写
--enable-cgi #支持cgi格式脚本
--with-z #支持zlib压缩
--with-pcre #支持扩展正则表达式
--with-apr #指定apr安装位置
--with-apr-util #指定apr-util安装位置
--enable-mpms-shared #把mpm三种模式以共享模块的方式编译进去
--enable-mpm #httpd启动是默认是开启event模式
--enable-rewrite #支持反向代理
安装:
[root@www httpd-2.4.10]#make &&make install
3.创建httpd服务脚本(因为系统已安装httpd,我们需要安装到其他路径,服务脚本也一样要更改名称,与原httpd服务区分)
[root@www httpd-2.4.10]# cp /etc/rc.d/init.d/httpd httpd24
[root@www httpd-2.4.10]# vim httpd24
#!/bin/bash
#
# httpd Startup script for the Apache HTTPServer
#
# chkconfig: - 85 15
# description: The Apache HTTP Server is anefficient and extensible \
# server implementing the currentHTTP standards.
# processname: httpd
# config: /etc/httpd/conf/httpd.conf
# config: /etc/sysconfig/httpd
# pidfile: /var/run/httpd/httpd.pid
#
### BEGIN INIT INFO
# Provides: httpd
# Required-Start: $local_fs $remote_fs$network $named
# Required-Stop: $local_fs $remote_fs$network
# Should-Start: distcache
# Short-Description: start and stop ApacheHTTP Server
# Description: The Apache HTTP Server is anextensible server
# implementing the current HTTP standards.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
#if [ -f /etc/sysconfig/httpd ]; then
# . /etc/sysconfig/httpd
#fi
# Start httpd in the C locale by default.
HTTPD_LANG=${HTTPD_LANG-"C"}
# This will prevent initlog from swallowingup a pass-phrase prompt if
# mod_ssl needs a pass-phrase from theuser.
INITLOG_ARGS=""
# Set HTTPD=/usr/sbin/httpd.worker in/etc/sysconfig/httpd to use a server
# with the thread-based "worker"MPM; BE WARNED that some modules may not
# work correctly with a thread-based MPM;notably PHP will refuse to start.
# Path to the apachectl script, serverbinary, and short-form for messages.
apachectl=/usr/local/apache/bin/apachectl
httpd=${HTTPD-/usr/local/apache/bin/httpd}
prog=httpd
pidfile=${PIDFILE-/var/run/httpd/httpd.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd}
RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}
# The semantics of these two functionsdiffer from the way apachectl does
# things -- attempting to start whilerunning is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $"Starting $prog: "
LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
# When stopping httpd, a delay (of default10 second) is required
# before SIGKILLing the httpd parent; thisgives enough time for the
# httpd parent to SIGKILL any errantchildren.
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
RETVAL=6
echo $"not reloading due to configuration syntax error"
failure $"not reloading $httpd due to configuration syntaxerror"
else
# Force LSB behaviour from killproc
LSB=1 killproc -p ${pidfile} $httpd -HUP
RETVAL=$?
if [ $RETVAL -eq 7 ]; then
failure $"httpd shutdown"
fi
fi
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart|try-restart)
if status -p ${pidfile} $httpd >&/dev/null; then
stop
start
fi
;;
force-reload|reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog{start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"
RETVAL=2
esac
exit $RETVAL
复制脚本到服务脚本存放路径:
[root@www httpd-2.4.10]# cp httpd24 /etc/rc.d/init.d/httpd24
将httpd24服务加入系统启动:
[root@www httpd-2.4.10]# chkconfig --listhttpd24 service httpd24 supports chkconfig, but isnot referenced in any runlevel (run 'chkconfig --add httpd24') [root@www httpd-2.4.10]# chkconfig --addhttpd24
4.启动httpd24服务
[root@www httpd-2.4.10]# service httpd24start Starting httpd: [ OK ]
查看服务监听端口:
[root@www ~]# ss -tunl |grep 80 tcp LISTEN 0 128 :::80 :::*
测试:
[root@www ~]# curl http://172.16.31.20 <html><body><h1>Itworks!</h1></body></html>
httpd-2.4.10安装完毕
将mysql主机本地网络的DNS服务器地址指向172.16.31.20
[root@mysql ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=172.16.31.20
三.编译安装MariaDB-10.0.10
1.解压二进制安装包,创建软链接:
[root@mysql ~]# tar xfmariadb-10.0.10-linux-x86_64.tar.gz -C /usr/local [root@mysql ~]# cd /usr/local/ [root@mysql local]# ln -smariadb-10.0.10-linux-x86_64/ mysql
2.创建mysql用户运行管理mysql服务
[root@mysql ~]# useradd -M -s /sbin/nologin-d /mydata/data -r mysql [root@mysql ~]# id mysql uid=496(mysql) gid=493(mysql)groups=493(mysql)
3.创建数据库数据存放磁盘目录
格式磁盘
[root@mysql ~]# echo -n -e"n\np\n3\n\n+10G\nt\n3\n8e\n\w\n" |fdisk /dev/sda [root@mysql ~]# partx -a /dev/sda
创建LVM
[root@mysql ~]# pvcreate /dev/sda3 Physical volume "/dev/sda3" successfully created [root@mysql ~]# vgcreate myvg /dev/sda3 Volume group "myvg" successfully created [root@mysql ~]# lvcreate -L 10g -n mylvmyvg Logical volume "mylv" created [root@mysql ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert mylv myvg -wi-a----- 10.00g root vg0 -wi-ao---- 20.00g swap vg0 -wi-ao---- 2.00g usr vg0 -wi-ao---- 10.00g var vg0 -wi-ao---- 20.00g
4.实现xfs文件系统支持并创建xfs文件系统
[root@mysql ~]# yum install xfsprogs [root@mysql ~]# mkfs -t xfs /dev/myvg/mylv
5.实现文件系统自动挂载
[root@mysql ~]# mkdir /mydata [root@mysql ~]# blkid /dev/myvg/mylv /dev/myvg/mylv: UUID="04a307f3-6877-4142-b05e-60e4d5504b39"TYPE="xfs" [root@mysql ~]# vim /etc/fstab UUID="04a307f3-6877-4142-b05e-60e4d5504b39" /mydata xfs defaults 0 0 [root@mysql ~]# mount -a
6.创建数据库数据文件在逻辑卷上的存放目录创建,更改目录属主属组
[root@mysql ~]# mkdir /mydata/data [root@mysql ~]# chown mysql:mysql/mydata/data/
7.初始化安装MariaDB
[root@mysql mysql]#scripts/mysql_install_db --user=mysql --datadir=/mydata/data [root@mysql mysql]# ls /mydata/data/ aria_log.00000001 ib_logfile0 mysql-bin.000001 mysql-bin.state aria_log_control ib_logfile1 mysql-bin.000002 performance_schema ibdata1 mysql mysql-bin.index test
8.mariadb配置文件创建及更改,有模版
安装系统的时候,/etc/路径下有一个my.cnf的,这里换个路径
[root@mysql mysql]# mkdir /etc/mysql [root@mysql mysql]# cpsupport-files/my-huge.cnf /etc/mysql/my.cnf [root@mysql mysql]# vim /etc/mysql/my.cnf [mysqld] datadir = /mydata/data port = 3306 socket = /tmp/mysql.sock skip-external-locking key_buffer_size = 384M max_allowed_packet = 1M table_open_cache = 512 sort_buffer_size = 2M read_buffer_size = 2M read_rnd_buffer_size = 8M myisam_sort_buffer_size = 64M thread_cache_size = 8 query_cache_size = 32M innodb_file_per_table = on # Try number of CPU's*2 forthread_concurrency thread_concurrency = 8
注意:
data_dir = /mydata/data #mysql数据文件存放目录
thread_concurrency = 8 #线程数:cpu核心*2
innodb_file_per_table = on #每个innodb文件一个表空间
9.mariadb服务脚本创建
因为mariadb和mysql是兼容的,直接命名成mysql好记忆
[root@mysql mysql]# cp support-files/mysql.server /etc/rc.d/init.d/mysqld [root@mysql mysql]# chkconfig --list mysqld service mysqld supports chkconfig, but isnot referenced in any runlevel (run 'chkconfig --add mysqld') [root@mysql mysql]# chkconfig –add mysqld
10.启动mysqld服务,测试启动
[root@mysql mysql]# service mysqld start Starting MySQL. [ OK ] [root@mysql mysql]# ss -tunl |grep 3306 tcp LISTEN 0 128 *:3306 *:*
11.mysqld服务的一些设置
设置环境变量:
[root@mysql mysql]# vim/etc/profile.d/mysqld.sh export PATH=/usr/local/mysql/bin:$PATH [root@mysql mysql]# source/etc/profile.d/mysqld.sh
输出mysql的头文件至系统头文件路径/usr/include。
[root@mysql mysql]# ln -sv/usr/local/mysql/include /usr/include/mysql
输出mysql的库文件给系统库查找路径,系统重新
[root@mysql mysql]# echo'/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf [root@mysql mysql]# ldconfig
12.测试客户端启动:
[root@mysql mysql]# mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 4 Server version: 10.0.10-MariaDB-log MariaDBServer Copyright (c) 2000, 2014, Oracle, SkySQL Aband others. Type 'help;' or '\h' for help. Type '\c' toclear the current input statement. MariaDB [(none)]> select version(); +---------------------+ | version() | +---------------------+ | 10.0.10-MariaDB-log | +---------------------+ 1 row in set (0.00 sec)
13.给数据库设置一个密码。
[root@mysql mysql]# mysqladmin -u rootpassword New password: Confirm new password:
MariaDB安装完毕
将PHP主机本地网络的DNS服务器地址指向172.16.31.20
[root@php~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DNS=172.16.31.20
四.编译安装PHP-5.4.26
1.源码包解压安装
[root@php~]# tar xf php-5.4.26.tar.bz2 [root@php~]# cd php-5.4.26 [root@phpphp-5.4.26]# ./configure --prefix=/usr/local/php --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-openssl --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --with-gd --enable-xml --enable-sockets --enable-fpm --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts
参数说明:
--prefix=/usr/local/php #指定php安装路径,如果不想使用php,可以之间删除
--with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd
#如果使用PHP5.3以上版本,为了链接MySQL数据库,可以指定mysqlnd,这样在本机就不需要先安装MySQL或MySQL开发包了。mysqlnd从php 5.3开始可用,可以编译时绑定到它(而不用和具体的MySQL客户端库绑定形成依赖),但从PHP 5.4开始它就是默认设置了
--with-openssl #支持openssl加密php页面
--enable-mbstring #启用多字节字符串支持
--with-freetype-dir #设定到FreeType 2的安装路径
--with-jpeg-dir #支持jpg图片
--with-png-dir #支持png图片
--with-zlib #支持zlib压缩传输
--with-libxml-dir=/usr #指定libxml2安装目录
--enable-xml #支持xml扩展
--enable-sockets #启用套接字支持
--enable-fpm #启用FastCGI模式
--with-mcrypt #支持mcrypt扩展
--with-config-file-path=/etc #指定配置文件所在目录
--with-config-file-scan-dir=/etc/php.d #设定在哪个路径下扫描配置文件
--with-bz2 #支持bzip2压缩格式
--enable-maintainer-zts #支持apache的worker或event这两个MPM
--with-gd #支持gd扩展
安装:
[root@phpphp-5.4.26]# make && make install
2.为php提供配置文件:
[root@phpphp-5.4.26]# vim php.ini-production /etc/php.ini
3.为php提供Sys启动控制脚本,加入开机启动。
[root@phpphp-5.4.26]# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm [root@phpphp-5.4.26]# chmod +x /etc/rc.d/init.d/php-fpm [root@phpphp-5.4.26]# chkconfig --list php-fpm servicephp-fpm supports chkconfig, but is not referenced in any runlevel (run'chkconfig --add php-fpm') [root@phpphp-5.4.26]# chkconfig --add php-fpm [root@phpphp-5.4.26]# chkconfig php-fpm on
4.为php-fpm提供配置文件,编辑php-fpm配置文件,修改监听端口,默认是127.0.0.1。
[root@phpphp-5.4.26]# cp /usr/local/php/etc/php-fpm.conf.default/usr/local/php/etc/php-fpm.conf [root@phpphp-5.4.26]# vim /usr/local/php/etc/php-fpm.conf pm.max_children= 50 pm.start_servers= 5 pm.min_spare_servers= 2 pm.max_spare_servers= 8 pid =/usr/local/php5/var/run/php-fpm.pid listen =172.16.31.22:9000
php服务器的ip地址是17.16.31.22,监听端口改为php服务器的9000端口哦!o(∩_∩)o
5.启动php-fpm,检查php监听端口。
[root@phpphp-5.4.26]# service php-fpm start Startingphp-fpm done [root@phpphp-5.4.26]# ss -tunl |grep 9000 tcp LISTEN 0 128 172.16.31.22:9000 *:*
6.环境变量设置:
[root@phpphp-5.4.26]# vim /etc/profile.d/php.sh exportPATH=/usr/local/php/bin:$PATH [root@phpphp-5.4.26]# source /etc/profile.d/php.sh [root@phpphp-5.4.26]# php -v PHP5.4.26 (cli) (built: Dec 21 2014 01:53:51) Copyright(c) 1997-2014 The PHP Group ZendEngine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
PHP部分配置完成。
五.切换到httpd服务器,创建虚拟主机,结合php。
1.编辑httpd主配置文件:
[root@www~]# vim /etc/httpd24/httpd.conf
a.在Apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现。
此模块为mod_proxy_fcgi.so,它其实是作为mod_proxy.so模块的扩充,因此,这两个模块都要加载
LoadModuleproxy_module modules/mod_proxy.so
LoadModuleproxy_fcgi_modulemodules/mod_proxy_fcgi.so
b.让httpd支持php,添加下面两行,加入index.php。
<IfModuledir_module>
DirectoryIndex index.php index.html
</IfModule>
AddTypeapplication/x-compress .Z
AddTypeapplication/x-gzip .gz .tgz
AddTypeapplication/x-httpd-php .php
AddTypeapplication/x-httpd-php-source .phps
c.开启虚拟主机,默认是注释掉的。
Include/etc/httpd24/extra/httpd-vhosts.conf
2.编辑虚拟主机配置文件
[root@www~]# vim /etc/httpd24/extra/httpd-vhosts.conf <VirtualHost*:80> ServerAdmin www.stu31.com DocumentRoot "/web/vhosts/www1/wp" ServerName www.stu31.com ProxyRequests Off ProxyPassMatch ^/(.*\.php)$ fcgi://172.16.31.22:9000/web/vhosts/www1/wp/$1 ErrorLog"/web/vhosts/www1/logs/www-error_log" CustomLog"/web/vhosts/www1/logs/www-access_log" common <Directory"/web/vhosts/www1/wp"> Options none AllowOverride none Require all granted </Directory> </VirtualHost>
注意:
ProxyRequests Off #这里是关闭正向代理
ProxyPassMatch ^/(.*\.php)$ fcgi://172.16.31.22:9000/web/vhosts/www1/wp/$1
#这里是客户端的以.php结尾的URL的请求都反向代理到PHP服务器运行
3.分别在httpd主机和php主机上创建网站目录:/web/vhosts/www1
[root@www~]# mkdir -pv /web/vhosts/www1/wp mkdir:created directory `/web' mkdir:created directory `/web/vhosts' mkdir:created directory `/web/vhosts/www1' mkdir:created directory `/web/vhosts/www1/wp' [root@phpphp-5.4.26]# mkdir -pv /web/vhosts/www1/wp mkdir:created directory `/web' mkdir:created directory `/web/vhosts' mkdir:created directory `/web/vhosts/www1' mkdir:created directory `/web/vhosts/www1/wp' [root@www~]# mkdir /web/vhosts/www1/logs
4.重启httpd和php服务,测试httpd和php结合。
[root@www~]# service httpd24 restart Stoppinghttpd: [ OK ] Startinghttpd: [ OK ] [root@php~]# service php-fpm restart Gracefullyshutting down php-fpm . done Startingphp-fpm done
六.在数据库添加库,授权,添加授权密码,安装wordpress。
1.回到数据库主机,创建wordpress数据库wpdb
[root@mysqlmysql]# mysql -u root -p Enterpassword: Welcometo the MariaDB monitor. Commands endwith ; or \g. YourMariaDB connection id is 6 Serverversion: 10.0.10-MariaDB-log MariaDB Server Copyright(c) 2000, 2014, Oracle, SkySQL Ab and others. Type'help;' or '\h' for help. Type '\c' to clear the current input statement. #创建wordpress数据库 MariaDB[(none)]> create schema wpdb; Query OK,1 row affected (0.00 sec) #设置wordpress权限 MariaDB[(none)]> grant all on wpdb.* to 'wpadmin'@'172.16.%.%' identified by'oracle'; Query OK,0 rows affected (0.00 sec) #刷新权限 MariaDB[(none)]> flush privileges; Query OK,0 rows affected (0.00 sec) #推出 MariaDB[(none)]> \q Bye
2.wpdb数据库创建好了,回到php主机
解压wordpress并将其移动到所在目录:
[root@php~]# tar xf wordpress-4.0.1-zh_CN.tar.gz
[root@php~]# mv wordpress/* /web/vhosts/www1/wp/
3.编辑wordpress配置文件,加入wpdb,授权帐号,密码等。
[root@php~]# cd /web/vhosts/www1/wp/
[root@phpwp]# cp wp-config-sample.php wp-config.php
[root@phpwp]# vim wp-config.php
/**WordPress数据库的名称 */
define('DB_NAME','wpdb');
/** MySQL数据库用户名 */
define('DB_USER','wpadmin');
/** MySQL数据库密码 */
define('DB_PASSWORD','oracle');
/** MySQL主机 */
define('DB_HOST','172.16.31.21');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET','utf8');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE','');
4.重新启动服务:
使用windowsXP客户端测试:将客户端ip和dns设置好:
安装完成后输入地址访问博客。
这时候图片是显示不出来的,图片是静态的,需要放到httpd主机上。
我们先设置好博客:
登录博客:
5.将php主机wordpress目录scp到httpd主机。
[root@php~]# scp -r /web/vhosts/www1/wp/ root@172.16.31.20:/web/vhosts/www1/wp/
再次刷新页面。
七.接下来安装Discuz。
本地DNS服务器添加两个域名:
pmp.stu31.com
bbs.stu31.com
上面的DNS服务已经配置好了。
1.回到httpd主机,创建想对应的网站根目录,创建两个虚拟主机。
[root@www~]# vim /etc/httpd24/extra/httpd-vhosts.conf <VirtualHost*:80> ServerAdmin admin.stu31.com DocumentRoot"/web/vhosts/www1/pmp" ServerName pmp.stu31.com ProxyRequests Off ProxyPassMatch ^/(.*\.php)$ fcgi://172.16.31.22:9000/web/vhosts/www1/pmp/$1 ErrorLog"/web/vhosts/www1/logs/pmp-error_log" CustomLog"/web/vhosts/www1/logs/pmp-access_log" common <Directory "/web/vhosts/www1/pmp"> Options none AllowOverride none Require all granted </Directory> </VirtualHost> <VirtualHost*:80> ServerAdmin bbs.stu31.com DocumentRoot"/web/vhosts/www1/bbs" ServerName bbs.stu31.com ProxyRequests Off ProxyPassMatch ^/(.*\.php)$ fcgi://172.16.31.22:9000/web/vhosts/www1/bbs/$1 ErrorLog"/web/vhosts/www1/logs/bbs-error_log" CustomLog"/web/vhosts/www1/logs/bbs-access_log" common <Directory"/web/vhosts/www1/bbs"> Options none AllowOverride none Require all granted </Directory> </VirtualHost>
2.在httpd主机和php主机上创建pmp和bbs两个网站目录
[root@www~]# mkdir /web/vhosts/www1/{pmp,bbs} -pv
mkdir:created directory `/web/vhosts/www1/pmp'
mkdir:created directory `/web/vhosts/www1/bbs'
[root@php~]# mkdir /web/vhosts/www1/{pmp,bbs} -pv
mkdir:created directory `/web/vhosts/www1/pmp'
mkdir:created directory `/web/vhosts/www1/bbs'
3.重启httpd服务,或者重新载入配置文件。
[root@www~]# service httpd24 restart Stoppinghttpd: [ OK ] Startinghttpd: [ OK ]
4.安装Discuz论坛
[root@php~]# unzip Discuz_X3.2_SC_UTF8.zip
将解压出来的三个目录移动到/var/www/php/Discuz目录下。
[root@php~]# mv readme/ upload/ utility/ /web/vhosts/www1/bbs/
[root@php~]# ls /web/vhosts/www1/bbs/
readme upload utility
在scp一份到httpd主机。
[root@php~]# cd /web/vhosts/www1/bbs/ [root@phpbbs]# scp -r readme/ upload/ utility/ root@172.16.31.20:/web/vhosts/www1/bbs/
到httpd主机检查:
[root@www~]# ls /web/vhosts/www1/bbs/ readme upload utility
5.切换到数据库主机,添加Discuz论坛的管理帐号,密码,库。
[root@mysqlmysql]# mysql -u root -p Enterpassword: Welcometo the MariaDB monitor. Commands endwith ; or \g. YourMariaDB connection id is 55 Serverversion: 10.0.10-MariaDB-log MariaDB Server Copyright(c) 2000, 2014, Oracle, SkySQL Ab and others. Type'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB[(none)]> create schema bbsdb; Query OK,1 row affected (0.00 sec) MariaDB[(none)]> grant all on bbsdb.* to 'bbsadmin'@'172.16.%.%' identified by'oracle'; Query OK,0 rows affected (0.00 sec) MariaDB[(none)]> flush privileges; Query OK,0 rows affected (0.00 sec) MariaDB[(none)]> show databases; +--------------------+ |Database | +--------------------+ |bbsdb | |information_schema | |mysql | |performance_schema | |test | |wpdb | +--------------------+ 6 rows inset (0.00 sec) MariaDB[(none)]> \q Bye
打开浏览器,输入对应域名地址。
同意继续:
全新安装
继续安装:
6.出来一大推权限问题,回到php主机,给上面这些文件可写权限。
[root@phpbbs]# chmod -R go+w /web/vhosts/www1/bbs/upload/config/
[root@phpbbs]# chmod -R go+w /web/vhosts/www1/bbs/upload/data/
[root@phpbbs]# chmod -R go+w /web/vhosts/www1/bbs/upload/uc_*
继续安装
输入上面创建的针对bbs的数据库服务器ip地址,数据库名称和密码以及新建管理员用户和密码:
安装完成
安装完成访问:注意地址哦!o(∩_∩)o
这时候还是图片出不来,需要再次将readme upload utility拷贝到httpd主机。
[root@phpbbs]# scp -r readme/ upload/ utility/ root@172.16.31.20:/web/vhosts/www1/bbs/
再次刷新下页面,就正常了。
八.接下来开始安装phpMyadmin。
1.虚拟主机已经创建完成,phpMyAdmin不需要在数据库中加入库,账户密码
解压程序包
[root@php~]# unzip phpMyAdmin-4.3.2-all-languages.zip
移动到特定网站目录:
[root@php~]# mv phpMyAdmin-4.3.2-all-languages/* /web/vhosts/www1/pmp/
创建配置文件:
[root@php~]# cd /web/vhosts/www1/pmp/
[root@phppmp]# cp config.sample.inc.php config.inc.php
2.设置配置文件:
设置随机数,为了安全吧!
[root@phppmp]# openssl rand -hex 8 | md5sum
80912828243ccf7033298368628ad07d -
[root@phppmp]# vim config.inc.php
$cfg['blowfish_secret']= '80912828243ccf7033298368628ad07d'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH!*/
#将数据库IP更改为数据库地址:
$cfg['Servers'][$i]['host']= '172.16.31.21';
3.同样的,将phpMyAdmin数据复制一份到httpd主机。
[root@php~]# scp -r /web/vhosts/www1/pmp/* root@172.16.31.20:/web/vhosts/www1/pmp/
安装phpMyamin完成!!!
九.phpMyAdmin传输是明文的,不是很可靠,现在给转换成以https加密传输访问。
1.找到httpd-ssl.conf的配置,默认是注释掉的。
开启模块及开启ssl配置文件:
[root@www~]# vim /etc/httpd24/httpd.conf LoadModulesocache_shmcb_modulemodules/mod_socache_shmcb.so LoadModulessl_module modules/mod_ssl.so # Secure(SSL/TLS) connections Include/etc/httpd24/extra/httpd-ssl.conf
2.现在把数据库的主机做为CA服务器。
a.生成密钥。
[root@mysqlCA]# (umask 077; openssl genrsa -out private/cakey.pem 2048) GeneratingRSA private key, 2048 bit long modulus ....+++ ............................................+++ e is65537 (0x10001)
b.生成自签署证书
[root@mysqlCA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3650 You areabout to be asked to enter information that will be incorporated into yourcertificate request. What youare about to enter is what is called a Distinguished Name or a DN. There arequite a few fields but you can leave some blank For somefields there will be a default value, If youenter '.', the field will be left blank. ----- CountryName (2 letter code) [XX]:CN State orProvince Name (full name) []:HA LocalityName (eg, city) [Default City]:ZZ OrganizationName (eg, company) [Default Company Ltd]:stu31 OrganizationalUnit Name (eg, section) []:ops CommonName (eg, your name or your server's hostname) []:mysql.stu31.com EmailAddress []:mysql@stu31.com
c.创建索引库及序列号文件
[root@mysqlCA]# touch index.txt serial
[root@mysqlCA]# echo 01 >serial
3.httpd主机设置证书
a.生成密钥
[root@www~]# cd /etc/httpd24/ [root@wwwhttpd24]# ls extra httpd.conf magic mime.types original [root@wwwhttpd24]# mkdir certs [root@wwwhttpd24]# cd certs [root@wwwcerts]# (umask 077 ; openssl genrsa -out httpd.key 2048) GeneratingRSA private key, 2048 bit long modulus ...........................................................................................................................................................................................................................................................................................................................+++ .............................................+++ e is65537 (0x10001)
b.生成证书签署申请
[root@wwwcerts]# openssl req -new -key httpd.key -out httpd.csr You areabout to be asked to enter information that will be incorporated into yourcertificate request. What youare about to enter is what is called a Distinguished Name or a DN. There arequite a few fields but you can leave some blank For somefields there will be a default value, If youenter '.', the field will be left blank. ----- CountryName (2 letter code) [XX]:CN State orProvince Name (full name) []:HA LocalityName (eg, city) [Default City]:ZZ OrganizationName (eg, company) [Default Company Ltd]:stu31 OrganizationalUnit Name (eg, section) []:ops CommonName (eg, your name or your server's hostname) []:pmp.stu31.com EmailAddress []:pmp@stu31.com Pleaseenter the following 'extra' attributes to besent with your certificate request Achallenge password []: Anoptional company name []:
c.将https.csr复制到证书服务器主机。
[root@wwwcerts]# scp httpd.csr root@172.16.31.21:/etc/pki/CA root@172.16.31.21'spassword: httpd.csr 100%1029 1.0KB/s 00:00
4.证书服务器签署证书
[root@mysqlCA]# openssl ca -in httpd.csr -out https.crt -days 3650 Usingconfiguration from /etc/pki/tls/openssl.cnf Checkthat the request matches the signature Signatureok CertificateDetails: Serial Number: 1 (0x1) Validity Not Before: Dec 20 20:20:17 2014GMT Not After : Dec 17 20:20:17 2024GMT Subject: countryName = CN stateOrProvinceName = HA organizationName = stu31 organizationalUnitName = ops commonName = pmp.stu31.com emailAddress = pmp@stu31.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 81:56:C1:E9:31:EB:31:40:1C:A1:FE:19:6F:A8:14:59:AF:9B:80:97 X509v3 Authority Key Identifier: keyid:3A:65:60:42:6A:F7:C6:7B:C5:60:29:DC:BF:F8:39:AD:4F:54:52:01 Certificateis to be certified until Dec 17 20:20:17 2024 GMT (3650 days) Sign thecertificate? [y/n]:y 1 out of1 certificate requests certified, commit? [y/n]y Write outdatabase with 1 new entries Data BaseUpdated
5.签署完成后还有将证书发送到http主机。
[root@mysqlCA]# scp https.crt root@172.16.31.20:/etc/httpd24/certs/ Theauthenticity of host '172.16.31.20 (172.16.31.20)' can't be established. RSA keyfingerprint is b8:a4:da:03:91:67:32:2f:d5:72:0b:77:3b:6f:ba:30. Are yousure you want to continue connecting (yes/no)? yes Warning:Permanently added '172.16.31.20' (RSA) to the list of known hosts. root@172.16.31.20'spassword: https.crt 100%4555 4.5KB/s 00:00
6.编辑httpd-ssl.conf,定义主机,指定密钥文件等。
[root@wwwhttpd24]# vim extra/httpd-ssl.conf <VirtualHost_default_:443> DocumentRoot"/web/vhosts/www1/pmp" ServerNamebbs.stu31.com:443 ProxyRequestsOff ProxyPassMatch^/(.*\.php)$ fcgi://172.16.31.22:9000/web/vhosts/www1/pmp/$1 <Directory"/web/vhosts/www1/pmp"> Options none AllowOverride none Require all granted </Directory> ErrorLog"/web/vhosts/www1/logs/https-error_log" TransferLog"/web/vhosts/www1/logs/https-access_log" SSLEngineon SSLCertificateFile"/etc/httpd24/certs/https.crt" SSLCertificateKeyFile"/etc/httpd24/certs/httpd.key"
重启httpd服务。
7.将CA服务器里的证书拷贝到windowsXP里面安装测试
拷贝的是CA服务器的证书哦!别拷贝错误啦!
安装证书在客户端:
安装完成后进行测试:
这样phpMyadmin加密 传输就完成啦!!!!!o(∩_∩)o
使用ab测试网站速度:
先缓存一些:
[root@www~]# ab -c 10 -n 100 http://pmp.stu31.com/index.php This isApacheBench, Version 2.3 <$Revision: 1604373 $> Copyright1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensedto The Apache Software Foundation, http://www.apache.org/ Benchmarkingpmp.stu31.com (be patient).....done ServerSoftware: Apache/2.4.10 ServerHostname: pmp.stu31.com ServerPort: 80 DocumentPath: /index.php DocumentLength: 8993 bytes ConcurrencyLevel: 10 Timetaken for tests: 5.495 seconds Completerequests: 100 Failedrequests: 0 Totaltransferred: 1026300 bytes HTMLtransferred: 899300 bytes Requestsper second: 18.20 [#/sec] (mean) #我们注重的是平均每秒处理的请求数!!!才18.2个请求每秒!!! Time perrequest: 549.503 [ms] (mean) Time perrequest: 54.950 [ms] (mean, acrossall concurrent requests) Transferrate: 182.39 [Kbytes/sec]received ConnectionTimes (ms) min mean[+/-sd] median max Connect: 0 0 1.6 0 9 Processing: 271 537 149.9 538 1502 Waiting: 263 502 146.9 497 1462 Total: 271 537 150.1 538 1503 Percentageof the requests served within a certain time (ms) 50% 538 66% 556 75% 572 80% 586 90% 703 95% 728 98% 849 99% 1503 100% 1503 (longest request)
再进行大型并发测试:
[root@www~]# ab -c 100 -n 1000 http://pmp.stu31.com/index.php This isApacheBench, Version 2.3 <$Revision: 1604373 $> Copyright1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensedto The Apache Software Foundation, http://www.apache.org/ Benchmarkingpmp.stu31.com (be patient) Completed100 requests Completed200 requests Completed300 requests Completed400 requests Completed500 requests Completed600 requests Completed700 requests Completed800 requests Completed900 requests Completed1000 requests Finished1000 requests ServerSoftware: Apache/2.4.10 ServerHostname: pmp.stu31.com ServerPort: 80 DocumentPath: /index.php DocumentLength: 8993 bytes ConcurrencyLevel: 100 Timetaken for tests: 56.817 seconds Completerequests: 1000 Failedrequests: 0 Totaltransferred: 10263000 bytes HTMLtransferred: 8993000 bytes Requestsper second: 17.60 [#/sec] (mean) Time perrequest: 5681.702 [ms] (mean) Time perrequest: 56.817 [ms] (mean, acrossall concurrent requests) Transferrate: 176.40 [Kbytes/sec]received ConnectionTimes (ms) min mean[+/-sd] median max Connect: 0 4 15.0 0 81 Processing: 473 5505 979.8 5709 6616 Waiting: 441 5363 953.4 5547 6444 Total: 482 5510 973.2 5711 6616 Percentageof the requests served within a certain time (ms) 50% 5711 66% 5794 75% 5870 80% 5936 90% 6100 95% 6209 98% 6404 99% 6456 100% 6616 (longest request)
十.安装xcache实现加速
1.解压安装xcache:
使用phpize附加模块哦!
什么时候需要用到 phpize 呢?当我们需要再加些模块,又不想重新编译php,这些我们就可以用phpize了。
[root@php~]# tar xf xcache-3.1.0.tar.bz2 [root@php~]# cd xcache-3.1.0 [root@phpxcache-3.1.0]# /usr/local/php/bin/phpize --clean && phpize Cleaning.. Configuringfor: PHP ApiVersion: 20100412 ZendModule Api No: 20100525 ZendExtension Api No: 220100525 [root@phpxcache-3.1.0]# ./configure --with-php-config=/usr/local/php/bin/php-config [root@phpxcache-3.1.0]# make && make install
注意这条安装完成后提示的信息:
Installingshared extensions: /usr/local/php/lib/php/extensions/no-debug-zts-20100525/
2.将其写入xcache.ini文件中:
先将xcache.ini复制到/etc/php.d/目录下:
[root@phpxcache-3.1.0]# cp xcache.ini /etc/php.d/
添加上面安装完成后提示的信息进去:
[root@php ~]# vim /etc/php.d/xcache.ini
extension= /usr/local/php/lib/php/extensions/no-debug-zts-20100525/xcache.so
重启php服务器:
[root@php~]# service php-fpm restart Gracefullyshutting down php-fpm . done Startingphp-fpm done
3.再次对pmp.stu31.com进行了测试:
[root@www ~]# ab -c 100 -n 1000 http://pmp.stu31.com/index.php This is ApacheBench, Version 2.3 <$Revision: 1604373 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking pmp.stu31.com (be patient) Completed 100 requests Completed 200 requests Completed 300 requests Completed 400 requests Completed 500 requests Completed 600 requests Completed 700 requests Completed 800 requests Completed 900 requests Completed 1000 requests Finished 1000 requests Server Software: Apache/2.4.10 Server Hostname: pmp.stu31.com Server Port: 80 Document Path: /index.php Document Length: 8993 bytes Concurrency Level: 100 Time taken for tests: 17.669 seconds Complete requests: 1000 Failed requests: 0 Total transferred: 10232000 bytes HTML transferred: 8993000 bytes Requests per second: 56.60 [#/sec] (mean) #使用xcache后对网站的加速是3倍左右哦!!!结果在此!! Time per request: 1766.879 [ms] (mean) Time per request: 17.669 [ms] (mean, across all concurrent requests) Transfer rate: 565.53 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 5 17.9 0 104 Processing: 180 1701 301.1 1775 2159 Waiting: 159 1653 293.2 1721 2057 Total: 187 1706 293.7 1777 2159 Percentage of the requests served within a certain time (ms) 50% 1777 66% 1814 75% 1838 80% 1849 90% 1875 95% 1897 98% 1938 99% 1964 100% 2159 (longest request)
到这里,LAMP的动静分离实验正式完成了!中途可能会出现错误,如果你出现错误可以给我说说哦!
