1.利用CentOS Linux系统自带yum命令安装、升级所需的程序库:
sudo -s LANG=C yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers patch git libtool automake telnet cmake bison bind-utils jwhois setuptool ntsysv iptables iptables-services epel-release
2.下载适用CentOS程序源码包这里用[OpenResty](http://openresty.org/)(也称为ngx_openresty)代替了标准的[Nginx](http://nginx.org/)。它是一个全功能的 Web 应用服务器。它打包了标准的Nginx核心,很多的常用的第三方模块,以及它们的大多数依赖项。
从PHP 5.3.3版本起,PHP已经集成php-fpm了,不再是第三方的包了。在编译PHP时./configure的时候带 –enable-fpm参数即可开启PHP-FPM
mkdir -p /data0/software cd /data0/software wget https://openresty.org/download/openresty-1.13.6.2.tar.gz wget http://cn2.php.net/distributions/php-7.3.2.tar.gz wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.15.tar.gz wget http://jaist.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz wget http://jaist.dl.sourceforge.net/project/mcrypt/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz wget http://jaist.dl.sourceforge.net/project/mhash/mhash/0.9.9.9/mhash-0.9.9.9.tar.gz wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.gz wget http://pecl.php.net/get/imagick-3.4.3.tgz wget https://libzip.org/download/libzip-1.5.1.tar.gz二,安装PHP(FastCGI模式)
由于采用了[mysqlnd](http://baike.baidu.com/view/2630684.htm),编译PHP时不再需要先编译MySQL。
1.编译安装PHP所需的支持库
tar zxvf libiconv-1.15.tar.gz cd /data0/software/libiconv-1.15 ./configure --prefix=/usr/local make make install cd ../ tar zxvf libmcrypt-2.5.8.tar.gz cd libmcrypt-2.5.8/ ./configure make make install /sbin/ldconfig cd libltdl/ ./configure --enable-ltdl-install make make install cd ../../ tar zxvf mhash-0.9.9.9.tar.gz cd mhash-0.9.9.9/ ./configure make make install cd ../ ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config tar zxvf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8/ /sbin/ldconfig ./configure make make install cd ../ yum remove -y libzip #编译工具 yum install -y cmake3 tar zxvf libzip-1.5.1.tar.gz cd libzip-1.5.1 ./configure mkdir build && cd build && cmake3 .. && make && make install cd ../../2.编译安装PHP
首先
echo /usr/local/lib >> /etc/ld.so.conf echo /usr/local/lib64 >> /etc/ld.so.conf ldconfig
第二步
tar zxvf php-7.3.2.tar.gz cd php-7.3.2 cp -frp /usr/lib64/libldap* /usr/lib ln -s /usr/lib64/liblber* /usr/lib/ ./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap --enable-opcache --enable-exif --enable-sysvmsg make ZEND_EXTRA_LIBS='-liconv' make install cp php.ini-production /usr/local/webserver/php/etc/php.ini cd ../
3.编译安装PHP扩展模块
tar zxvf imagick-3.4.3.tgz cd imagick-3.4.3 /usr/local/webserver/php/bin/phpize ./configure --with-php-config=/usr/local/webserver/php/bin/php-config make make install cd ../ cd /data0/software/ git clone git://github.com/nicolasff/phpredis cd phpredis git submodule init git submodule update /usr/local/webserver/php/bin/phpize ./configure --with-php-config=/usr/local/webserver/php/bin/php-config make && make install cd ../
4.修改php.ini文件
#手工修改: vi /usr/local/webserver/php/etc/php.ini #查找php.ini中的 ; extension_dir = "./" 修改为 extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20180731/" #注意:要去掉extension_dir 前面的分号(;) #并在此行后增加以下几行,然后保存: ;extension = "memcache.so" extension = "imagick.so" extension = "redis.so" 查找——这个废弃 ;always_populate_raw_post_data 修改为 always_populate_raw_post_data = On 查找 ;cgi.fix_pathinfo=1 修改为 cgi.fix_pathinfo=0 查找 时区 ;date.timezone = 修改 中国时区 date.timezone = Asia/Hong_Kong
说明,timezone可以到[这里](http://www.php.net/manual/en/timezones.php)查找对应的timezone
5.配置OPCache加速PHP
vi /usr/local/webserver/php/etc/php.ini
//查找[opcache],在[opcache]下面加上以下配置信息:
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20180731/opcache.so"
//然后,修改[opcache]已有的配置信息,需要修改的配置信息如下:
; Determines if Zend OPCache is enabled
opcache.enable=1
; Determines if Zend OPCache is enabled for the CLI version of PHP
opcache.enable_cli=1
; The OPcache shared memory storage size.
opcache.memory_consumption=128
; The maximum number of keys (scripts) in the OPcache hash table.
; only numbers between 200 and 100000 are allowed.
opcache.max_accelerated_files=5000
; How often (in seconds) to check file timestamps for changes to the shared
; memory storage allocation. ("1" means validate once per second, but only
; once per request. "0" means always validate)
opcache.revalidate_freq=60
##### 6.创建www用户和组,以及供blog.abc.com和www.abc.com两个虚拟主机使用的目录
/usr/sbin/groupadd www /usr/sbin/useradd -g www www mkdir -p /data0/htdocs/blog chmod +w /data0/htdocs/blog chown -R www:www /data0/htdocs/blog mkdir -p /data0/htdocs/www chmod +w /data0/htdocs/www chown -R www:www /data0/htdocs/www
##### 7.创建php-fpm配置文件
cd /usr/local/webserver/php/etc/ mv php-fpm.conf.default php-fpm.conf vi /usr/local/webserver/php/etc/php-fpm.conf #需要修改的几个地方 pid = run/php-fpm.pid error_log = log/php-fpm.log process_control_timeout = 5s rlimit_files = 65535 rlimit_core = 0 mv php-fpm.d/www.conf.default php-fpm.d/www.conf vi /usr/local/webserver/php/etc/php-fpm.d/www.conf #需要修改的几个地方 listen.backlog = 128 pm = static pm.max_children = 128 pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 pm.max_requests = 1024 rlimit_core = 0 catch_workers_output = yes
##### 8.启动php-cgi进程,监听127.0.0.1的9000端口,进程数为128(如果服务器内存小于3GB,可以只开启64个进程),用户为www
编辑php-fpm.service
vi /data0/software/php-7.3.2/sapi/fpm/php-fpm.service [Unit] Description=The PHP FastCGI Process Manager After=syslog.target network.target [Service] Type=simple PIDFile=/usr/local/webserver/php/var/run/php-fpm.pid ExecStart=/usr/local/webserver/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/webserver/php/etc/php-fpm.conf ExecReload=/bin/kill -USR2 $MAINPID [Install] WantedBy=multi-user.target #然后拷贝php-fpm.service到/usr/lib/systemd/system/ cp /data0/software/php-7.3.2/sapi/fpm/php-fpm.service /usr/lib/systemd/system/ ulimit -SHn 65535 systemctl start php-fpm.service #php-fpm开启 systemctl stop php-fpm.service #php-fpm关闭命令 systemctl restart php-fpm.service #php-fpm重启命令三,安装Nginx
##### 1.安装Nginx所需的pcre库
cd /data0/software tar zxvf pcre-8.42.tar.gz cd pcre-8.42 ./configure make && make install cd ../
##### 2.安装Nginx
tar zxvf openresty-1.13.6.2.tar.gz cd openresty-1.13.6.2 ./configure --user=www --group=www --prefix=/usr/local/openresty --with-luajit --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_realip_module --with-http_v2_module gmake gmake install cd ../ rm -f /usr/local/webserver/nginx ln -s /usr/local/openresty/nginx/ /usr/local/webserver/nginx
##### 3.创建Nginx日志目录
mkdir -p /data1/logs chmod +w /data1/logs chown -R www:www /data1/logs
##### 4.创建Nginx配置文件
#1.在/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件:
rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf
#输入以下内容:
user www www;
worker_processes 8;
error_log /data1/logs/nginx_error.log crit;
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml application/javascript;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent $upstream_response_time $request_time "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for "$server_name" "$http_host"';
log_format wwwlogs '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent $upstream_response_time $request_time "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for "$server_name" "$http_host"';
server
{
listen 80;
server_name blog.abc.com;
index index.html index.htm index.php;
root /data0/htdocs/blog;
#limit_conn crawler 20;
location ~ .*.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*.(js|css)?$
{
expires 1h;
}
access_log /data1/logs/access.log access;
}
server
{
listen 80 default;
server_name _;
index index.html index.htm index.php;
root /data0/htdocs/www;
location ~ .*.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
access_log /data1/logs/wwwlogs.log wwwlogs;
}
server
{
listen 80;
server_name status.blog.abc.com;
location / {
stub_status on;
access_log off;
}
}
}
#2.在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件:
vi /usr/local/webserver/nginx/conf/fcgi.conf
输入以下内容:
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param script_FILENAME $document_root$fastcgi_script_name;
fastcgi_param script_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param document_URI $document_uri;
fastcgi_param document_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
##### 5.启动Nginx
vi /usr/lib/systemd/system/nginx.service #在末尾增加以下内容: [Unit] Description=nginx - high performance web server documentation=http://nginx.org/en/docs/ After=network.target [Service] Type=forking PIDFile=/usr/local/webserver/nginx/nginx.pid ExecStart=/usr/local/webserver/nginx/sbin/nginx ExecReload=/usr/local/webserver/nginx/sbin/nginx -s reload [Install] WantedBy=multi-user.target #启动nginx ln -s /usr/local/lib/libpcre.so.1 /usr/lib64/libpcre.so.1 ulimit -SHn 65535 systemctl start nginx.service四,配置开机自动启动Nginx + PHP-FPM
##### 开机启动nginx和PHP-FPM
systemctl enable nginx.service systemctl enable php-fpm.service五,优化Linux内核参数
vi /etc/sysctl.conf #在末尾增加以下内容: # Add net.ipv4.tcp_max_syn_backlog = 65536 net.core.netdev_max_backlog = 32768 net.core.somaxconn = 32768 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2 net.ipv4.tcp_tw_recycle = 1 #net.ipv4.tcp_tw_len = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_max_orphans = 3276800 #net.ipv4.tcp_fin_timeout = 30 #net.ipv4.tcp_keepalive_time = 120 net.ipv4.ip_local_port_range = 1024 65535 fs.file-max = 65536 net.ipv4.ip_forward=1 #使配置立即生效: /sbin/sysctl -p六,其它扩展
##### 1.增大open files的限制值
vi /etc/security/limits.conf 在“# End of file”上面添加如下: * - nofile 65536 #该语句表示:每一个用户的默认打开文件数是65536。 #修改完毕之后,重启服务器。然后输入: ulimit -a #输出结果如下: core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited pending signals (-i) 1024 max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) unlimited open files (-n) 65536 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 16384 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited #只要open files的限制值达到65536,则问题解决。
##### 2.在不停止Nginx服务的情况下平滑变更Nginx配置
#1、修改/usr/local/webserver/nginx/conf/nginx.conf配置文件后,请执行以下命令检查配置文件是否正确: /usr/local/webserver/nginx/sbin/nginx -t 如果屏幕显示以下两行信息,说明配置文件正确: the configuration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok the configuration file /usr/local/webserver/nginx/conf/nginx.conf was tested successfully #2、平滑重启: /usr/local/webserver/nginx/sbin/nginx -s reload
##### 3.编写每天定时切割Nginx日志的脚本
#1、创建脚本/usr/local/webserver/nginx/sbin/cut_nginx_log.sh
vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
#入以下内容:
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/data1/logs/"
files=`ls ${logs_path}`
mkdir -p ${logs_path}$(date -d "-1 day" +"%Y")/$(date -d "-1 day" +"%m")/
for i in $files
do
if [ -f ${logs_path}${i} ]
then
is=`echo $i | sed 's/.log$//g'`
mv ${logs_path}${i} ${logs_path}$(date -d "-1 day" +"%Y")/$(date -d "-1 day" +"%m")/${is}-$(date -d "-1 day" +"%Y%m%d").log
fi
done
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
#2、设置crontab,每天凌晨00:00切割nginx访问日志
chmod 755 /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
crontab -e
输入以下内容:
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
除非注明,本博客文章均为原创,转载请以链接形式标明本文地址
本文地址: http://blog.cnwyhx.com/centos7-linux-nginx-php7-install-v1
### 七,Redis安装
下载、解压、编译Redis wget http://download.redis.io/releases/redis-5.0.5.tar.gz tar xzf redis-5.0.5.tar.gz cd redis-5.0.5 make # 守护进程配置yes启动 daemonize yes src/redis-server redis.conf
### Linux常用配置
##### 1.配置全局变量(别名)
#编辑 /etc/bashrc(所有人) 或者~/.bashrc(个人) vim /etc/bashrc alias php7="/usr/local/php/php-7.1.15/bin/php" source ~/.bashrc #重启一样的意思
##### 2.chmod权限介绍
权限 drwxrwxr-x -- 第1位表示文件类型,第2-4位表示这个文件的属主拥有的权限,第5-7位表示和这个文件属主所在同一组的用户所具有的权限,第8-10位表示其他用户所具有的权限 -- r=4,w=2,x=1 因此rwx=4+2+1=7 chmod -R 777 test/ 权限,一般不会直接777,我在本地就会用,都是可读可写就行,就是6
##### 3.关于内存
ps aux | grep swoft #进程 kill -9 主进程ID top m #内存 free -m #内存大小
