- ## 3. lamp平台构建
- 3.1 安装httpd
- 3.2 安装mysql
- 3.3 安装php
- 3.4 配置apache
- 3.4.1 启用代理模块
- 3.4.2 配置虚拟主机
- 3.5 验证
## 3. lamp平台构建
环境说明:
| 系统平台 | IP | 需要安装的服务 |
|---|---|---|
| centos7 redhat7 | 192.168.140.130 | httpd-2.4 mysql-5.7 php php-mysql |
lamp平台软件安装次序:
httpd --> mysql --> php
注意:php要求httpd使用prefork MPM
3.1 安装httpd//YUM源配置成阿里源
[root@duanruhui ~]# ls /etc/yum.repos.d/
CentOS-Base.repo epel.repo epel-testing.repo
epel-modular.repo epel-testing-modular.repo redhat.repo
//安装开发工具包
[root@duanruhui ~]# yum groups install 'Development Tools'
//创建apache服务的用户和组
[root@duanruhui ~]# useradd -r -M -s /sbin/nologin apache
//安装依赖包
[root@localhost ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++
//下载和安装apr以及apr-util
[root@duanruhui ~]# ls
apr-1.7.0.tar.gz
apr-util-1.6.1.tar.gz
httpd-2.4.53.tar.gz
[root@duanruhui ~]# tar xf apr-1.7.0.tar.gz
[root@duanruhui ~]# cd apr-1.7.0
[root@duanruhui apr-1.7.0]# vi configure
cfgfile="${ofile}T"
trap "$RM "$cfgfile"; exit 1" 1 2 15
# $RM "$cfgfile" //将此行加上注释,或者删除此行
[root@duanruhui apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@duanruhui apr-1.7.0]# make -j 4 && make install
[root@duanruhui ~]# tar -xf apr-util-1.6.1.tar.gz
[root@duanruhui ~]# cd apr-util-1.6.1
[root@duanruhui apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@localhost apr-util-1.6.1]# make -j 4 && make install
//编译安装httpd
[root@duanruhui ~]# tar xf httpd-2.4.53.tar.gz
[root@duanruhui ~]# cd httpd-2.4.53
[root@duanruhui httpd-2.4.53]#
[root@duanruhui httpd-2.4.53]# ./configure --prefix=/usr/local/apache
--enable-so
--enable-ssl
--enable-cgi
--enable-rewrite
--with-zlib
--with-pcre
--with-apr=/usr/local/apr
--with-apr-util=/usr/local/apr-util/
--enable-modules=most
--enable-mpms-shared=all
--with-mpm=prefork
//安装后配置
[root@duanruhui ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@duanruhui ~]# source /etc/profile.d/httpd.sh
[root@duanruhui ~]# which httpd
/usr/local/apache/bin/httpd
//设置头文件
[root@duanruhui ~]# ln -s /usr/local/apache/include/ /usr/include/httpd
//设置帮助文档
[root@duanruhui ~]# vi /etc/man_db.conf
...
#
MANDATORY_MANPATH /usr/man
MANDATORY_MANPATH /usr/share/man
MANDATORY_MANPATH /usr/local/share/man
MANDATORY_MANPATH /usr/local/apache/man
#---------------------------------------------------------
...
//设置开机自启
[root@duanruhui ~]# cd /usr/lib/systemd/system
[root@duanruhui system]# cp sshd.service httpd.service
[root@duanruhui system]# vi httpd.service
[Unit]
Description=httpd server daemon
After=network.target sshd-keygen.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@duanruhui system]# systemctl daemon-reload
[root@duanruhui system]# cd
[root@duanruhui ~]# systemctl enable --now httpd
//关闭防火墙
[root@duanruhui ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@duanruhui ~]# vi /etc/selinux/config
[root@duanruhui ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
//取消ServerName前面的注释
sed -i '/#ServerName/s/#//g' /etc/httpd24/httpd.conf
[root@duanruhui ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
3.2 安装mysql
//安装mysql源
[root@duanruhui ~]# wget http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
[root@duanruhui ~]# rpm -ivh mysql57-community-release-el7-10.noarch.rpm
warning: mysql57-community-release-el7-10.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:mysql57-community-release-el7-10 ################################# [100%]
Complete!
[root@duanruhui ~]# ls
apr-1.7.0 mysql-community-client-5.7.37-1.el7.x86_64.rpm
apr-1.7.0.tar.gz mysql-community-common-5.7.37-1.el7.x86_64.rpm
apr-util-1.6.1 mysql-community-devel-5.7.37-1.el7.x86_64.rpm
apr-util-1.6.1.tar.gz mysql-community-libs-5.7.37-1.el7.x86_64.rpm
httpd-2.4.53 'mysql-community-server-5.7.37-1.el7.x86_64 .rpm'
httpd-2.4.53.tar.gz
[root@duanruhui ~]# dnf -y install /*.rpm
[root@duanruhui ~]# systemctl enable --now mysqld
[root@duanruhui ~]# systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset>
Active: active (running) since Thu 2022-04-21 21:18:03 CST; 16s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Process: 75012 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysql>
Process: 74962 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/>
Main PID: 75014 (mysqld)
Tasks: 27 (limit: 11217)
Memory: 286.1M
CGroup: /system.slice/mysqld.service
└─75014 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld>
[root@duanruhui ~]# systemctl enable --now mysqld
[root@duanruhui ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
//启动mysql
[root@localhost ~]# service mysqld start
Starting MySQL.. SUCCESS!
[root@localhost ~]# ps -ef|grep mysql
root 1521 1 0 01:58 pts/0 00:00:00 /bin/sh /usr/local/mysql/binmysqld_safe --datadir=/opt/data --pid-file=/opt/data/mysql.pid
mysql 1699 1521 0 01:58 pts/0 00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/opt/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=localhost.localdomain.err --pid-file=/opt/data/mysql.pid --socket=/tmp/mysql.sock --port=3306
root 1734 1301 0 01:59 pts/0 00:00:00 grep --color=auto mysql
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
//修改密码
//使用临时密码登录
[root@duanruhui ~]# grep "password" /var/log/mysqld.log
2022-04-21T13:18:00.752490Z 1 [Note] A temporary password is generated for root@localhost: fhpve_%9w3%Z
[root@duanruhui ~]# mysql -uroot -p'fhpve_%9w3%Z'
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 2
Server version: 5.7.37
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
mysql> set password = password('HJLdrh123!');
Query OK, 0 rows affected, 1 warning (0.00 sec)
3.3 安装php
//配置yum源 [root@duanruhui ~]# ls apr-1.7.0 apr-util-1.6.1 httpd-2.4.53 php-7.4.29.tar.xz apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.53.tar.gz [root@duanruhui ~]# tar xf php-7.4.29.tar.xz //安装依赖包 [root@duanruhui ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd //编译安装php [root@localhost src]# tar xf php-7.2.8.tar.xz [root@localhost src]# cd php-7.2.8 [root@duanruhui ~]# dnf -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm [root@duanruhui ~]# dnf -y install sqlite-devel libzip-devel [root@localhost php-7.2.8]# ./configure --prefix=/usr/local/php7 --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-png --with-zlib-dir --with-freetype --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix //安装后配置 [root@duanruhui ~]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh [root@duanruhui ~]# source /etc/profile.d/php7.sh [root@duanruhui ~]# which php /usr/local/php7/bin/php //配置php-fpm [root@duanruhui php-7.4.29]# cp php.ini-production /etc/php.ini [root@duanruhui php-7.4.29]# cp php.ini-production /etc/php.ini [root@duanruhui php-7.4.29]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm [root@duanruhui php-7.4.29]# chmod +x /etc/rc.d/init.d/php-fpm [root@duanruhui php-7.4.29]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf [root@duanruhui php-7.4.29]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf [root@duanruhui php-7.4.29]# //编辑php-fpm的配置文件(/usr/local/php7/etc/php-fpm.conf): //配置fpm的相关选项为你所需要的值: [root@localhost ~]# vim /usr/local/php7/etc/php-fpm.conf ..... ..... pm.max_children = 50 ;最多同时提供50个进程提供50个并发服务 pm.start_servers = 5 ;启动时启动5个进程 pm.min_spare_servers = 2 ;最小空闲进程数 pm.max_spare_servers = 8 ;最大空闲进程数 [root@localhost ~]# tail /usr/local/php7/etc/php-fpm.conf ; file. ; Relative path can also be used. They will be prefixed by: ; - the global prefix if it's been set (-p argument) ; - /usr/local/php7 otherwise include=/usr/local/php7/etc/php-fpm.d/*.conf pm.max_children = 50 pm.start_servers = 5 pm.min_spare_servers = 2 pm.max_spare_servers = 8 //启动php-fpm root@duanruhui php-fpm.d]# service php-fpm start Starting php-fpm done [root@duanruhui php-fpm.d]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 127.0.0.1:9000 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 80 *:3306 *:* LISTEN 0 128 *:80 *:* LISTEN 0 128 [::]:22 [::]:* //默认情况下,fpm监听在127.0.0.1的9000端口,也可以使用如下命令验证其是否已经监听在相应的套接字 [root@localhost ~]# ps -ef|grep php [root@duanruhui php-fpm.d]# ps -ef|grep php root 255064 1 0 22:42 ? 00:00:00 php-fpm: master process (/usr/local/php7/etc/php-fpm.conf) nobody 255065 255064 0 22:42 ? 00:00:00 php-fpm: pool www nobody 255066 255064 0 22:42 ? 00:00:00 php-fpm: pool www root 255069 10759 0 22:43 pts/4 00:00:00 grep --color=auto php [root@duanruhui system]# cp httpd.service php.service [root@duanruhui system]# vi php.service [root@duanruhui system]# cat php.service [Unit] Description=php-fpm server daemon After=network.target sshd-keygen.target [Service] Type=forking ExecStart=/etc/init.d/php-fpm start ExecStop=/usr/bin/kill -9 $MAINPID ExecReload=/usr/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target [root@duanruhui system]# systemctl daemon-reload3.4 配置apache 3.4.1 启用代理模块
在apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现,此模块为mod_proxy_fcgi.so,它其实是作为mod_proxy.so模块的扩展,因此,这两个模块都要加载,编辑httpd.conf文件,取消以下两行内容的注释:
- LoadModule proxy_module modules/mod_proxy.so
- LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
//启用httpd的相关模块 [root@duanruhui conf]# vi httpd.conf ... LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_connect_module modules/mod_proxy_connect.so #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so #LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so ...3.4.2 配置虚拟主机
在需要使用fcgi的虚拟主机中添加类似如下两行:
ProxyRequests Off //关闭正向代理 ProxyPassMatch ^/(.*.php)$ fcgi://127.0.0.1:9000/PATH/TO/DOCUMENT_ROOT/$1
例如:
ProxyPassMatch ^/(.*.php)$ fcgi://127.0.0.1:9000/var/www/html/idfsoft.com/$1
以上设置表示把以.php结尾的文件请求发送到php-fpm进程,php-fpm至少需要知道运行的目录和URI,所以这里直接在fcgi://127.0.0.1:9000后指明了这两个参数,其它参数的传递已经被mod_proxy_fcgi.so进行了封装,不需要手动指定。
注意:
这里写的/var/www/html/是yum源安装方式生成的网页存放目录,这里必须改成你编译安装指定的网页存放路径,禁止直接复制我这里的路径
这里的idfsoft.com是域名,你必须改成你所使用的域名,禁止直接复制此处的域名
这里的$1表示匹配所有以.php结尾的http请求
//创建虚拟主机目录并生成php测试页面 [root@duanruhui ~]# cd /usr/local/apache/htdocs/ [root@duanruhui htdocs]# mkdir test.example.com [root@duanruhui htdocs]# cd test.example.com/ [root@duanruhui test.example.com]# vi index.php [root@duanruhui test.example.com]# cat index.php [root@duanruhui ~]# chown -R apache.apache /usr/local/apache/htdocs/ [root@duanruhui ~]# ls /usr/local/apache/htdocs/ index.html test.example.com [root@duanruhui ~]# ll /usr/local/apache/htdocs/ total 4 -rw-r--r--. 1 apache apache 45 Jun 12 2007 index.html drwxr-xr-x. 2 apache apache 23 Apr 21 22:21 test.example.com [root@duanruhui conf]# vi httpd.conf //在配置文件的最后加入以下内容3.5 验证SSLRandomSeed startup builtin SSLRandomSeed connect builtin DocumentRoot "/usr/local/apache/htdocs/test.example.com" ServerName test.example.com ProxyRequests Off ProxyPassMatch ^/(.*.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/test.example.com/$1 [root@duanruhui conf]# vi httpd.conf //搜索AddType,添加以下内容 # If the AddEncoding directives above are commented-out, then you # probably should define those extensions to indicate media types:a # AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType application/x-httpd-php .php #添加此行 AddType application/x-httpd-php-source .phps #添加此行 //重启apache服务 [root@localhost ~]# apachectl stop [root@localhost ~]# apachectl start [root@localhost ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 127.0.0.1:9000 *:* LISTEN 0 128 :::80 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 80 :::3306 :::*Options none AllowOverride none Require all granted
1.修改/etc/hosts文件,添加域名与IP的映射
2.在浏览器上使用域名访问,若看到以下界面则表示lamp架构搭建成功,否则请检查你的操作
