最新下载
热门教程
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Nginx+PHP(FastCGI)+MySQL在小内存VPS(t1.micro)上的安装配置与优化
时间:2022-06-30 18:46:08 编辑:袖梨 来源:一聚教程网
背景介绍:
以前,因为AWS EC2的价格比较昂贵而租用了其它国外小厂商的VPS,在使用了3年多之后,发现AWS EC2的价格居然比现在正在使用的VPS要便宜很多。
全球线路与速度最理想的日本节点的t1.micro型号,选择3年长期合约的价格在2500元人民币左右,一年下来也不到900元,所以就打算将Blog迁移到AWS EC2上。
之前在部署VPS环境的时候,基本上是完整的参考了张宴的两篇文档,包括操作系统的选择也是相同的。
但这一次我想采用目前较新的CentOS 6.4 minimal x86_64。
同时选择版本最新的Nginx,PHP以及MySQL,引入EPEL仓库来简化安装与部署过程中对额外的依赖软件的安装,优化一些原来的工作方式,比如创建服务管理脚本来启动/停止Nginx与MySQL,使用logrotate来切割日志等;
经过了一番折腾,在填了不少的坑之后,终于成功的完成了新环境的部署,感觉非常不错。
下面,就是此次的整个安装配置过程:
1. 安装常用工具
yum install -y vim wget unzip screen tree mlocate
2. 安装编译工具
yum install -y gcc gcc-c++ autoconf patch cmake automake
3. 安装EPEL仓库
yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
4. 安装所有必需的软件包
yum install -y libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel freetype freetype-devel
yum install -y libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel gmp gmp-devel
yum install -y bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel unixODBC unixODBC-devel
yum install -y krb5-libs krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel
yum install -y libgcrypt libgcrypt-devel libtool
yum install -y libmcrypt libmcrypt-devel mhash mhash-devel mcrypt pcre pcre-devel
yum install -y ImageMagick ImageMagick-devel
5. 下载所有必需的软件源码包
mkdir /root/packages
cd /root/packages
wget http://nginx.org/download/nginx-1.4.7.tar.gz
wget http://museum.php.net/php5/php-5.2.17.tar.gz
wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
wget http://mirrors.sohu.com/mysql/MySQL-5.5/mysql-5.5.36.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
wget http://pecl.php.net/get/imagick-3.2.0RC1.tgz
wget http://pkgs.fedoraproject.org/repo/pkgs/php-eaccelerator/eaccelerator-0.9.6.1.tar.bz2/32ccd838e06ef5613c2610c1c65ed228/eaccelerator-0.9.6.1.tar.bz2
6. 编译安装iconv
cd /root/packages
tar xzvf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure
make
make install
7. 编译安装并配置MySQL
7.1 编译安装MySQL
cd /root/packages
tar xzvf mysql-5.5.36.tar.gz
cd mysql-5.5.36
cmake -DCMAKE_INSTALL_PREFIX=/webserver/mysql
-DSYSCONFDIR=/webserver/mysql/etc
-DMYSQL_DATADIR=/webserver/mysql/data
-DMYSQL_TCP_PORT=3306
-DMYSQL_UNIX_ADDR=/werbserver/mysql/run/mysqld.sock
-DMYSQL_USER=mysql
-DEXTRA_CHARSETS=all
-DWITH_READLINE=1
-DWITH_SSL=system
-DWITH_EMBEDDED_SERVER=1
-DENABLED_LOCAL_INFILE=1
-DWITH_INNOBASE_STORAGE_ENGINE=1
make
make install
7.2 创建mysql用户
useradd mysql -d /webserver/mysql/data
7.3 创建MySQL所需目录
mkdir -p /webserver/mysql/{etc,data,tmp,run,binlogs,log}
chown mysql:mysql -R /webserver/mysql/{etc,data,tmp,run,binlogs,log}
7.4 创建my.cnf配置文件
vim /webserver/mysql/etc/my.cnf
[mysqld]
# basic settings
datadir = /webserver/mysql/data
tmpdir = /webserver/mysql/tmp
socket = /webserver/mysql/run/mysqld.sock
port = 3306
pid-file = /webserver/mysql/run/mysqld.pid
# innodb settings
default-storage-engine = INNODB
innodb_file_per_table = 1
log-bin = /webserver/mysql/binlogs/bin-log-mysqld
log-bin-index = /webserver/mysql/binlogs/bin-log-mysqld.index
innodb_data_home_dir = /webserver/mysql/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /webserver/mysql/data
# increase the max connections
max_connections = 200
# the expiration time for logs, including binlogs
expire_logs_days = 7
# set the character as utf8
character-set-server = utf8
collation-server = utf8_unicode_ci
# server id
server-id=33061
# other settings
[mysqld_safe]
log-error = /webserver/mysql/log/mysqld.log
pid-file = /webserver/mysql/run/mysqld.pid
open-files-limit = 8192
[mysqlhotcopy]
interactive-timeout
[client]
port = 3306
socket = /webserver/mysql/run/mysqld.sock
default-character-set = utf8
chown mysql:mysql /webserver/mysql/etc/my.cnf
7.5 初始化MySQL系统数据库
chmod +x scripts/mysql_install_db
scripts/mysql_install_db --user=mysql --basedir=/webserver/mysql --datadir=/webserver/mysql/data/ --defaults-file=/webserver/mysql/etc/my.cnf
7.6 创建MySQL服务管理脚本
mkdir /webserver/init.d/
cp support-files/mysql.server /webserver/init.d/mysqld
chmod +x /webserver/init.d/mysqld
7.7 启动MySQL服务
/webserver/init.d/mysqld start
7.8 登陆MySQL命令行终端
/webserver/mysql/bin/mysql -uroot -p
8. 编译安装并配置PHP
8.1 编译安装PHP
cd /root/packages
tar xzf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1
注:创建软链接以便PHP在编译时能顺利找到所需的库文件
ln -s /webserver/mysql/lib /webserver/mysql/lib64
ln -s /usr/local/lib/libiconv.so /usr/local/lib64/libiconv.so
ln -s /usr/lib64/libmhash.so.2 /usr/lib64/libmhash.so
cd php-5.2.17
./configure --prefix=/webserver/php
--with-config-file-path=/webserver/php/etc
--with-mysql=/webserver/mysql --with-mysqli=/webserver/mysql/bin/mysql_config
--with-libdir=lib64
--with-iconv-dir=/usr/local
--with-freetype-dir --with-jpeg-dir --with-png-dir
--with-zlib --with-libxml-dir --enable-xml
--disable-rpath --enable-discard-path
--enable-safe-mode --enable-bcmath --enable-shmop
--enable-sysvsem --enable-inline-optimization
--with-curl --with-curlwrappers --enable-mbregex
--enable-fastcgi --enable-fpm --enable-force-cgi-redirect
--enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf
--with-openssl --with-mhash --enable-pcntl --enable-sockets
--with-ldap --with-ldap-sasl --with-xmlrpc
--enable-zip --enable-soap
make ZEND_EXTRA_LIBS='-liconv'
注:创建软链接以便PHP在安装时能顺利找到所需的库文件
ln -s /webserver/mysql/lib/libmysqlclient.so.18 /usr/lib64/libmysqlclient.so.18
ln -s /usr/local/lib/libiconv.so.2 /usr/lib64/libiconv.so.2
make install
cp php.ini-dist /webserver/php/etc/php.ini
8.2 编译安装eaccelerator
cd /root/packages
tar xjf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/webserver/php/bin/php-config
make
make install
cd ../
8.3 编译安装PDO_MYSQL
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/webserver/php/bin/phpize
./configure --with-php-config=/webserver/php/bin/php-config --with-pdo-mysql=/webserver/mysql
make
make install
cd ../
8.4 编译安装imagick
tar xzf imagick-3.2.0RC1.tgz
cd imagick-3.2.0RC1
/webserver/php/bin/phpize
./configure --with-php-config=/webserver/php/bin/php-config
make
make install
8.5 修改php.ini配置文件
vim /webserver/php/etc/php.ini
; Directory in which the loadable extensions (modules) reside.
;extension_dir = "./"
extension_dir = "/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension = "imagick.so"
extension = "pdo_mysql.so"
;output_buffering = Off
output_buffering = On
; cgi.fix_pathinfo=0
cgi.fix_pathinfo=0
8.6 创建缓存目录 www.111com.net
mkdir /webserver/eaccelerator_cache
8.7 在php.ini中添加eaccelerator支持
vim /webserver/php/etc/php.ini
[eaccelerator]
zend_extension="/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="1"
eaccelerator.cache_dir="/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
eaccelerator.keys = "disk_only"
eaccelerator.sessions = "disk_only"
eaccelerator.content = "disk_only"
8.8 创建www用户
useradd -r www
8.9 创建所需目录
mkdir -p /webserver/blog/{rainbow,eric,keshui,logs}
chown www:www /webserver/blog/{rainbow,eric,keshui,logs}
chmod +w /webserver/blog/{rainbow,eric,keshui,logs}
mkdir /webserver/php/run
8.10 创建php-fpm.con配置文件
rm -f /webserver/php/etc/php-fpm.conf
vim /webserver/php/etc/php-fpm.conf
All relative paths in this config are relative to php's install prefix
Pid file
Error log file
Log level
When this amount of php processes exited with SIGSEGV or SIGBUS ...
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
Time limit on waiting child's reaction on signals from master
Set to 'no' to debug fpm
Name of pool. Used in logs and stats.
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
Set listen(2) backlog
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
Additional php.ini defines, specific to this pool of workers.
Unix user of processes
Unix group of processes
Process manager settings
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
Settings group for 'apache-like' pm style
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
'0s' means 'off'
The log file for slow requests
Set open file desc rlimit
Set max core size rlimit
Chroot to this directory at the start, absolute path
Chdir to this directory at the start, absolute path
Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
8.11 创建php-fpm服务管理脚本
ln -s /webserver/php/sbin/php-fpm /webserver/init.d/php-fpm
8.12 启动php-fpm服务
/webserver/init.d/php-fpm start
9 编译安装并配置Nginx
9.1 编译安装Nginx
cd /root/packages
tar xzf nginx-1.4.7.tar.gz
cd nginx-1.4.7/
./configure --user=www --group=www
--prefix=/usr/local/webserver/nginx
--with-http_stub_status_module --with-http_ssl_module
make
make install
9.2 创建Nginx所需目录
mkdir /webserver/nginx/conf/conf.d
mkdir /webserver/nginx/run
9.3 创建fastcgi_params配置文件
vim fastcgi_params
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
9.4 创建Nginx.conf主配置文件
vim /webserver/nginx/conf/nginx.conf
user www www;
worker_processes 1;
error_log /webserver/nginx/logs/error.log;
pid /webserver/nginx/run/nginx.pid;
worker_rlimit_nofile 32768;
events {
use epoll;
worker_connections 32768;
}
http {
include /webserver/nginx/conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /webserver/nginx/logs/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300; www.111com.net
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
include /webserver/nginx/conf/conf.d/*.conf;
}
9.5 创建附属配置文件
9.5.1 创建status.conf配置文件管理status页面
vim /webserver/nginx/conf/conf.d/status.conf
server
{
listen 80;
server_name status.nginxs.com status.heylinux.com;
location / {
stub_status on;
access_log off;
}
}
9.5.2 创建rainbow.conf配置文件管理heylinux.com
vim /webserver/nginx/conf/conf.d/rainbow.conf
server
{
listen 80;
server_name heylinux.com *.heylinux.com;
index index.html index.htm index.php;
root /webserver/blog/rainbow;
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
location ~ .*.(php|php5)?$
{
fastcgi_pass unix:/webserver/php/run/php-cgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /webserver/blog/rainbow$fastcgi_script_name;
include /webserver/nginx/conf/fastcgi_params;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 15d;
}
location ~ .*.(js|css)?$
{
expires 1d;
}
log_format rainbow_access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /webserver/blog/logs/rainbow_access.log rainbow_access;
}
9.5.3 创建eric.conf配置文件管理nginxs.com
vim /webserver/nginx/conf/conf.d/eric.conf
server
{
listen 80;
server_name nginxs.com *.nginxs.com;
index index.html index.htm index.php;
root /webserver/blog/eric;
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
location ~ .*.(php|php5)?$
{
fastcgi_pass unix:/webserver/php/run/php-cgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /webserver/blog/eric$fastcgi_script_name;
include /webserver/nginx/conf/fastcgi_params;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 15d;
}
location ~ .*.(js|css)?$
{
expires 1d;
}
log_format eric_access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /webserver/blog/logs/eric_access.log eric_access;
}
9.6 创建Nginx服务管理脚本
touch /webserver/init.d/nginx
chmod +x /webserver/init.d/nginx
vim /webserver/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/webserver/nginx/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/webserver/nginx/conf/nginx.conf"
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=([^ ]*).*/1/g' -`
if [ -z "`grep $user /etc/passwd`" ]; then
useradd -M -s /bin/nologin $user
fi
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
9.7 启动Nginx服务
/webserver/init.d/nginx start
10. 优化系统内核参数
vim /etc/sysctl.conf
# For Nginx
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65535
sysctl -p
vim /etc/security/limits.conf
* - nofile 32768
* - nproc 32768
11. 创建交换分区
dd if=/dev/zero of=/opt/swapfile bs=1M count=256
mkswap /opt/wapfile
swapon /opt/swapfile
vi /etc/fstab
/opt/swapfile swap swap defaults 0 0
12. 配置logrotate切割日志
yum install -y logrotate
vim /etc/logrotate.d/blog
/webserver/blog/logs/rainbow_access.log
/webserver/blog/logs/eric_access.log
{
daily
rotate 7
missingok
notifempty
dateext
sharedscripts
postrotate
if [ -f /webserver/nginx/run/nginx.pid ]; then
/bin/kill -HUP `/bin/cat /webserver/nginx/run/nginx.pid`
fi
endscript
}
相关文章
- 《绝区零》伊芙琳培养材料汇总 01-24
- 《无限暖暖》1.2春节兑换码一览 01-24
- 《网上国网》查询阶梯档位方法 01-24
- 《蛋仔派对》神游贺岁盲盒获取方法 01-24
- 《炉石传说》星际联动盗贼卡组玩法介绍 01-24
- 皮革珊瑚属于珊瑚中的 01-24