系统环境: RHEL6 x86-64 selinux and iptables disabled
[root@vm1 mnt]# ls
mysql-5.5.12.tar.gz nginx-1.4.2.tar.gz php-5.4.12.tar.bz2
1.编译安装mysql
[root@vm1 mnt]# yum install gcc gcc-c++ make ncurses-devel bison openssl-devel zlib-devel cmake -y 首先安装依赖性
[root@vm1 mnt]# mkdir /usr/local/lnmp
[root@vm1 mnt]# tar zxf mysql-5.5.12.tar.gz
[root@vm1 mnt]# cd mysql-5.5.12
[root@vm1 mysql-5.5.12]# cmake -DCMAKE_INSTALL_PREFIX=/usr/local/lnmp/mysql \ #安装目录
-DMYSQL_DATADIR=/usr/local/lnmp/mysql/data \ #数据库存放目录
-DMYSQL_UNIX_ADDR=/usr/local/lnmp/mysql/data/mysql.sock \ #Unix socket 文件路径
-DWITH_MYISAM_STORAGE_ENGINE=1 \ #安装 myisam 存储引擎
-DWITH_INNOBASE_STORAGE_ENGINE=1 \ #安装 innodb 存储引擎
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \ #安装 archive 存储引擎
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ #安装 blackhole 存储引擎
-DWITH_PARTITION_STORAGE_ENGINE=1 \ #安装数据库分区
-DENABLED_LOCAL_INFILE=1 \ #允许从本地导入数据
-DWITH_READLINE=1 \ #快捷键功能
-DWITH_SSL=yes \ #支持 SSL
-DDEFAULT_CHARSET=utf8 \ #使用 utf8 字符
-DDEFAULT_COLLATION=utf8_general_ci \ #校验字符
-DEXTRA_CHARSETS=all \ #安装所有扩展字符集
-DMYSQL_TCP_PORT=3306 \ #MySQL 监听端口[root@vm1 mysql-5.5.12]# make && make install
[root@vm1 mysql-5.5.12]# make && make install
如果重新编译执行下面操作,然后重新编译
make clean
rm -f CmakeCache.txt
[root@vm1 mysql-5.5.12]# useradd -M -s /sbin/nologin mysql 创建mysql用户
[root@vm1 mnt]# cd /usr/local/lnmp/mysql
[root@vm1 mysql]# ./scripts/mysql_install_db --user=mysql --basedir=/usr/local/lnmp/mysql/ --datadir=/usr/local/lnmp/mysql/data/
[root@vm1 mysql]# chown -R mysql.mysql *
[root@vm1 mysql]# chown -R root .
[root@vm1 mysql]# chown -R root data
[root@vm1 mysql]# cp support-files/my-medium.cnf /etc/my.cnf #根据你的主机内存复制 mysql 配置文件
[root@vm1 mysql]# cp support-files/mysql.server /etc/init.d/mysqld
[root@vm1 mysql]# cd bin/
[root@vm1 bin]# pwd
/usr/local/lnmp/mysql/bin
[root@vm1 ~]# vim .bash_profile #设置环境变量
-
PATH=$PATH:$HOME/bin:/usr/local/lnmp/mysql/bin
[root@vm1 ~]# source .bash_profile #使其立即生效
[root@vm1 mysql]# /etc/init.d/mysqld start #启动mysql服务
Starting MySQL.... SUCCESS!
[root@vm1 mysql]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1596/mysqld
[root@vm1 bin]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.5.12-log Source distribution
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> quit
Bye
[root@vm1 mnt]# ln -s /usr/local/lnmp/mysql/lib /usr/local/lnmp/mysql/lib64
#不然在 php 编译的时候找不到 mysql 的库文件
2.编译安装php
[root@vm1 mnt]# tar zxf libiconv-1.13.1.tar.gz #加强系统对支持字符编码转换的功能
[root@vm1 mnt]# cd libiconv-1.13.1
[root@vm1 libiconv-1.13.1]# mkdir /usr/local/lnmp/phpmodule
[root@vm1 libiconv-1.13.1]# ./configure --prefix=/usr/local/lnmp/phpmodule/libiconv
[root@vm1 libiconv-1.13.1]# make && make install
[root@vm1 mnt]# tar jxf libmcrypt-2.5.8.tar.bz2 # mcrypt mhash 是 php 加密算法扩展库
[root@vm1 mnt]# cd libmcrypt-2.5.8
[root@vm1 libmcrypt-2.5.8]# ./configure --prefix=/usr/local/lnmp/phpmodule/libmcrypt
[root@vm1 libmcrypt-2.5.8]# make && make install
[root@vm1 libmcrypt-2.5.8]# cd libltdl/
[root@vm1 libltdl]# ./configure --prefix=/usr/local/lnmp/phpmodule/libmcrypt --enable-ltdl-install
[root@vm1 libltdl]# make && make install
[root@vm1 libltdl]# cd ../..
[root@vm1 mnt]# tar jxf mhash-0.9.9.9.tar.bz2
[root@vm1 mnt]# cd mhash-0.9.9.9
[root@vm1 mhash-0.9.9.9]# ./configure --prefix=/usr/local/lnmp/phpmodule/mhash
[root@vm1 mhash-0.9.9.9]# make && make install
为了让后面编译安装mcrypt的时候可以检测到libiconv,libmcrypt,mhash我们对这三个库作个软链接:
[root@vm1 mnt]# ln -s /usr/local/lnmp/phpmodule/libiconv/lib/* /usr/local/lib
[root@vm1 mnt]# ln -s /usr/local/lnmp/phpmodule/libmcrypt/lib/* /usr/local/lib
[root@vm1 mnt]# ln -s /usr/local/lnmp/phpmodule/mhash/lib/* /usr/local/lib
[root@vm1 mnt]# ln -s /usr/local/lnmp/phpmodule/mhash/include/* /usr/local/include/
[root@vm1 mnt]# ldconfig /usr/local/lib #执行使其立即生效
[root@vm1 mnt]# tar zxf mcrypt-2.6.8.tar.gz
[root@vm1 mnt]# cd mcrypt-2.6.8
[root@vm1 mcrypt-2.6.8]# ./configure --prefix=/usr/local/lnmp/phpmodule/mcrypt --with-libiconv-prefix=/usr/local/lnmp/phpmodule/libiconv/ --with-libmcrypt-prefix=/usr/local/lnmp/phpmodule/libmcrypt/
# ./configure 时可能会报这个错:/bin/rm: cannot remove `libtoolT’: No such file or directory
直接忽略
[root@vm1 mcrypt-2.6.8]# make && make install
[root@vm1 mnt]# tar jxf php-5.4.12.tar.bz2
[root@vm1 mnt]# cd php-5.4.12
软件包依赖性安装:
[root@vm1 php-5.4.12]# yum install net-snmp-devel curl-devel libxml2-devel libpng-devel libjpeg-devel freetype-devel gmp-devel openldap-devel -y
[root@vm1 php-5.4.12]# ./configure --prefix=/usr/local/lnmp/php --with-config-file-path=/usr/local/lnmp/php/etc --with-mysql=/usr/local/lnmp/mysql/ --with-mysqli=/usr/local/lnmp/mysql/bin/mysql_config --with-openssl --with-snmp --with-gd --with-zlib --with-curl --with-libxml-dir --with-png-dir --with-jpeg-dir --with-freetype-dir --with-pear --with-gettext --with-gmp --enable-inline-optimization --enable-soap --enable-ftp --enable-sockets --enable-mbstring --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --with-mcrypt=/usr/local/lnmp/phpmodule/libmcrypt/ --with-mhash=/usr/local/lnmp/phpmodule/mhash/ --with-iconv-dir=/usr/local/lnmp/phpmodule/libiconv/
[root@vm1 php-5.4.12]# make ZEND_EXTRA_LIBS='-liconv' 这里可能会有报错,我们只要执行一下 ldconfig /usr/local/lib这条命令基本上就可以通过
[root@vm1 php-5.4.12]# make install
接下来进行一些基本的配置:
[root@vm1 php-5.4.12]# cp /usr/local/lnmp/php/etc/php-fpm.conf.default /usr/local/lnmp/php/etc/php-fpm.conf
[root@vm1 fpm]# cd /mnt/php-5.4.12/sapi/fpm/
[root@vm1 fpm]# cp init.d.php-fpm /etc/init.d/php-fpm
[root@vm1 fpm]# chmod +x /etc/init.d/php-fpm
[root@vm1 php-5.4.12]# cp php.ini-production /usr/local/lnmp/php/etc/php.ini
[root@vm1 php-5.4.12]# cd /usr/local/lnmp/php/etc/
[root@vm1 etc]# vim php.ini
[Date]
; Defines the default timezone used by the date functions
;
date.timezone = Asia/Shanghai #设置时区
cgi.fix_pathinfo=0 #防止 Nginx 文件类型错误解析漏洞
[root@vm1 etc]# vim php-fpm.conf #去掉以下几行的注释
pid = run/php-fpm.pid
pm.max_children = 50
pm.start_servers = 20 #在生产环境中一定要做压力测试,找到最合适的进程数组合
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
[root@vm1 bin]# pwd
/usr/local/lnmp/php/bin
[root@vm1 bin]# vim ~/.bash_profile
PATH=$PATH:$HOME/bin:/usr/local/lnmp/mysql/bin:/usr/local/lnmp/php/bin
[root@vm1 bin]# source ~/.bash_profile
3.编译安装nginx
[root@vm1 mnt]# yum install -y pcre-devel openssl-devel
[root@vm1 mnt]# tar zxf nginx-1.4.2.tar.gz
[root@vm1 mnt]# cd nginx-1.4.2
[root@vm1 nginx-1.4.2]# vim auto/cc/gcc
# debug
#CFLAGS="$CFLAGS -g" #(注释掉这行,去掉 debug 模式编译,编译以后程序只有几百 k)
[root@vm1 nginx-1.4.2]# vim src/core/nginx.h
#define NGINX_VERSION "1.4.2"
#define NGINX_VER "nginx/" NGINX_VERSION (修改此行, 去掉后面的 “ NGINX_VERSION”,为了安全,这样编译后外界无法获取程序的版本号)
[root@vm1 nginx-1.4.2]# ./configure --prefix=/usr/local/lnmp/nginx --with-http_ssl_module --with-http_stub_status_module --user=nginx --group=nginx
[root@vm1 nginx-1.4.2]# make && make install
[root@vm1 nginx-1.4.2]# cd /usr/local/lnmp/nginx/
[root@vm1 nginx]# ls
conf html logs sbin
[root@vm1 nginx]# ln -s /usr/local/lnmp/nginx/sbin/nginx /usr/local/sbin/
或者直接设置环境变量:
[root@vm1 nginx]# vim ~/.bash_profile
PATH=$PATH:$HOME/bin:/usr/local/lnmp/mysql/bin:/usr/local/lnmp/php/bin:/usr/local/lnmp/nginx/sbin
[root@vm1 sbin]# source ~/.bash_profile
[root@vm1 nginx]# cd conf/
[root@vm1 conf]# vim nginx.conf #基本不需要什么配置
[root@vm1 conf]# groupadd -f nginx
[root@vm1 conf]# useradd -g nginx nginx #注意这两步很重要如果不没有,则你的nginx不能通过检测
[root@vm1 conf]# nginx -t #检测语法
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test is successful
[root@vm1 conf]# nginx #启动nginx
[root@vm1 conf]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 29308/nginx
[root@vm1 conf]# ps ax 这时我们看到nginx的进程数为一个
29308 ? Ss 0:00 nginx: master process nginx
29328 ? S 0:00 nginx: worker process
[root@vm1 conf]# vim nginx.conf
-
#user nobody;
-
worker_processes 2; #启动进程,通常设置成和cpu的数量相等
-
-
#error_log logs/error.log;
-
#error_log logs/error.log notice;
-
#error_log logs/error.log info;
-
-
#pid logs/nginx.pid;
-
-
-
events {
-
use epoll; #提高nginx性能,在2.6内核中可以使用
-
worker_connections 1024; #单个后台worker process进程的最大并发链接数
-
}
[root@vm1 conf]# nginx -s reload #重启nginx
[root@vm1 conf]# ps ax nginx的进程个数变为两个
29308 ? Ss 0:00 nginx: master process nginx
29332 ? S 0:00 nginx: worker process
29333 ? S 0:00 nginx: worker process
[root@vm1 conf]# nginx -s stop 停止nginx
kill -HUP `cat /usr/local/nginx/logs/nginx.pid` #nginx 0.8 之前的版本重载方式
Nginx 支持的信号
1) TERM,INT 快速关闭
2) QUIT 从容关闭
3) HUP 平滑重启,重新加载配置文件
4) USR1 重新打开日志文件,在切割日志时用处比较大
5) USR2 平滑升级可执行程序
6) WINCH 从容关闭工作进程
下面我们测试一下nginx:
[root@vm1 conf]# vim nginx.conf
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /nginxstatus { 加上这部分
stub_status on;
access_log off;
allow 192.168.1.110; 只允许这个IP访问
deny all;
}
[root@vm1 conf]# nginx -s reload
测试结果:在浏览器中输入:192.168.1.2/nginxstatus,每刷新一次,里面的内容都会改变
下面我们做一个ssl加密认证:
[root@vm1 tls]# cd /etc/pki/tls/certs/
[root@vm1 certs]# make nginx.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > nginx.pem ; \
echo "" >> nginx.pem ; \
cat $PEM2 >> nginx.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
......................+++
.....+++
writing new private key to '/tmp/openssl.XeHwD8'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:vm1.example.com
Email Address []:root@vm1.example.com
[root@vm1 certs]# cp nginx.pem /usr/local/lnmp/nginx/conf/
[root@vm1 conf]# vim nginx.conf
-
server {
-
listen 443;
-
server_name 127.0.0.1;
-
-
ssl on;
-
ssl_certificate nginx.pem;
-
ssl_certificate_key nginx.pem;
-
-
ssl_session_timeout 5m;
-
-
ssl_protocols SSLv2 SSLv3 TLSv1;
-
ssl_ciphers HIGH:!aNULL:!MD5;
-
ssl_prefer_server_ciphers on;
-
-
location / {
-
root html;
-
index index.html index.htm;
-
}
-
location /nginxstatus {
-
stub_status on;
-
access_log off;
-
allow 192.168.1.110;
-
deny all;
-
}
-
}
[root@vm1 conf]# nginx -s reload
查看测试结果,在浏览器中输入:,然后得到证书,刷新:
4.php与nginx的整合:
[root@vm1 conf]# vim nginx.conf
[root@vm1 html]# vim index.php
测试结果如下:
我们再来测试一下php与mysql连接是否正常:
[root@vm1 html]# vim mysql.php
-
-
$link=mysql_connect("localhost","root","");
-
if(!$link)
-
echo "failed!";
-
else
-
echo "OK, succeed!";
-
?>
测试结果:
到这里我们的lnmp基本搭建完成,后面会做一些优化工作。
阅读(5006) | 评论(0) | 转发(0) |