lamp分离部署
准备工作
环境说明
主机 | ip | 属性 | 系统 |
---|---|---|---|
node1 | 192.168.94.141 | httpd | rhel8 |
node2 | 192.168.94.143 | mysql | rhel8 |
node3 | 192.168.94.144 | php | rhel8 |
关闭防火墙selinux上下文
[root@node0 ~]# ansible test -m shell -a 'systecmctl stop firewalld'
[root@node2 ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
//批量配置yum源
[root@node0 ~]# ansible test -m get_url -a 'url=https://mirrors.aliyun.com/repo/Centos-8.repo dest=/etc/yum.repos.d/'
[root@node0 ~]# ansible test -m shell -a 'yum makecache'
安装httpd
node1源码安装
//添加apache用户和组
[root@node1 httpd]# useradd -r -M -s /sbin/nologin apache
[root@node1 httpd]# id apache
uid=993(apache) gid=990(apache) groups=990(apache)
//安装开发工具
[root@node1 httpd]# yum groups mark install 'Development Tools' -y
//安装依赖包
[root@node1 httpd]# yum -y install make openssl-devel pcre-devel expat-devel libtool gcc gcc-c++
- 下载apr apr-util httpd2.4到httpd目录(略)
[root@node1 httpd]# ll
total 10180
-rw-r--r-- 1 root root 1093896 Jan 7 21:29 apr-1.7.0.tar.gz
-rw-r--r-- 1 root root 554301 Jan 7 21:29 apr-util-1.6.1.tar.gz
-rw-r--r-- 1 root root 7187805 Jan 7 21:29 httpd-2.4.46.tar.bz2
//解压
[root@node1 httpd]# tar xf apr-1.7.0.tar.gz
[root@node1 httpd]# tar xf apr-util-1.6.1.tar.gz
[root@node1 httpd]# tar xf httpd-2.4.46.tar.bz2
//统一移动到httpsrc里
[root@node1 httpd]# mv apr-1.7.0 apr-util-1.6.1 httpd-2.4.46 /root/httpdsrc/
[root@node1 ~]# ll httpdsrc/
total 12
drwxr-xr-x 27 1001 1001 4096 Apr 2 2019 apr-1.7.0
drwxr-xr-x 20 1001 1001 4096 Oct 18 2017 apr-util-1.6.1
drwxr-sr-x 11 root 40 4096 Aug 1 22:11 httpd-2.4.46
- 编译安装apr
[root@node1 apr-1.7.0]# vim configure
trap "$RM \"$cfgfile\"; exit 1" 1 2 15
#$RM "$cfgfile" //注释
//编译安装
[root@node1 apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@node1 apr-1.7.0]# make && make install
- 编译安装apr-util
[root@node1 apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@node1 apr-util-1.6.1]# make && make install
- 编译安装httpd
[root@node1 apr-util-1.6.1]# cd /root/httpdsrc/httpd-2.4.46/
[root@node1 httpd-2.4.46]# ./configure --prefix=/usr/local/apache \
> --sysconfdir=/etc/httpd24 \
> --enable-so \
> --enable-ssl \
> --enable-cgi \
> --enable-rewrite \
> --with-zlib \
> --with-pcre \
> --with-apr=/usr/local/apr \
> --with-apr-util=/usr/local/apr-util/ \
> --enable-modules=most \
> --enable-mpms-shared=all \
> --with-mpm=prefork
[root@node1 httpd-2.4.46]# make && make install
- 配置httpd环境变量设置软连接
[root@node1 httpd-2.4.46]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@node1 httpd-2.4.46]# source /etc/profile.d/httpd.sh
[root@node1 httpd-2.4.46]# which apachectl
/usr/local/apache/bin/apachectl
- 启动服务
[root@node1 httpd-2.4.46]# apachectl start
[root@node1 httpd-2.4.46]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
mysql安装
node2二进制安装
- 创建mysql用户组
[root@node2 ~]# useradd -r -M -s /sbin/nologin mysql
[root@node2 ~]# id mysql
uid=993(mysql) gid=990(mysql) groups=990(mysql)
- 下载包(略),安装依赖包
[root@node2 ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel gcc gcc-c++ ncurses-compat-libs*
//解压目录
[root@node2 ~]# tar xf mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
[root@node2 ~]# mv mysql-5.7.31-linux-glibc2.12-x86_64 /usr/local/
- 创建软连接,更改目录属主,组
[root@node2 ~]# ln -s /usr/local/mysql-5.7.31-linux-glibc2.12-x86_64/ /usr/local/mysql
[root@node2 ~]# chown -R mysql:mysql /usr/local/mysql*
//创建数据库存放目录
[root@node2 ~]# mkdir /opt/data
[root@node2 ~]# chown -R mysql:mysql /opt/data/
- 配置环境变量
[root@node2 ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH'> /etc/profile.d/mysql.sh
[root@node2 ~]# source /etc/profile.d/mysql.sh
[root@node2 ~]# which mysql
/usr/local/mysql/bin/mysql
- 初始化数据库
[root@node2 ~]# mysqld --initialize --user=mysql --datadir=/opt/data
2021-01-07T14:59:39.321260Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2021-01-07T14:59:39.517286Z 0 [Warning] InnoDB: New log files created, LSN=45790
2021-01-07T14:59:39.545768Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2021-01-07T14:59:39.605666Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: f74cea01-50f8-11eb-b14c-000c295904e4.
2021-01-07T14:59:39.606552Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2021-01-07T14:59:40.625216Z 0 [Warning] CA certificate ca.pem is self signed.
2021-01-07T14:59:40.900705Z 1 [Note] A temporary password is generated for root@localhost: 5awgd&tdlI,C
- 配置mysql
//设置include软连接
[root@node2 ~]# ln -s /usr/local/mysql/include/ /usr/local/include/mysql
//关联依赖库
[root@node2 ~]# echo '/usr/local/mysql/lib'> /etc/ld.so.conf.d/mysql.conf
[root@node2 ~]# ldconfig
//生成配置文件
[root@node2 ~]# vim /etc/my.cnf
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
//配置脚本启动路径
[root@node2 ~]# vim /etc/init.d/mysqld
# If you change base dir, you must also change datadir. These may get
# overwritten by settings in the MySQL configuration files.
basedir=/usr/local/mysql
datadir=/opt/data
- 启动服务
[root@node2 ~]# service mysqld start
Starting MySQL.Logging to '/opt/data/node2.err'.
SUCCESS!
[root@node2 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
- 进入修改密码
[root@node2 ~]# mysql -uroot -p'5awgd&tdlI,C'
mysql: [Warning] Using a password on the command line interface can be insecure.
...
mysql> set password=password('123456');
Query OK, 0 rows affected, 1 warning (0.00 sec)
//重新登录验证
[root@node2 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
...
mysql>
php安装
node3
//配置epel源
[root@node3 ~]# wget https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
//安装源
[root@node3 ~]# yum -y install /root/epel-release-latest-8.noarch.rpm
//导入gpg密钥
[root@node3 ~]# cd /etc/pki/rpm-gpg/
[root@node3 rpm-gpg]# wget https://archive.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8
--2021-01-07 23:23:49-- https://archive.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8
Resolving archive.fedoraproject.org (archive.fedoraproject.org)... 38.145.60.24, 38.145.60.23, 38.145.60.22
Connecting to archive.fedoraproject.org (archive.fedoraproject.org)|38.145.60.24|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1627 (1.6K)
Saving to: ‘RPM-GPG-KEY-EPEL-8.1’
RPM-GPG-KEY-EPEL-8.1 100%[===========================================================>] 1.59K --.-KB/s in 0s
2021-01-07 23:23:54 (127 MB/s) - ‘RPM-GPG-KEY-EPEL-8.1’ saved [1627/1627]
- 安装依赖包等
[root@node3 ~]# yum -y groups mark install 'Development Tools'
[root@node3 ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd
- 安装并启动php
[root@node3 ~]# yum -y install php-*
[root@node3 ~]# systemctl start php-fpm.service
apache和php的配置
- apache端配置
//取消注释
[root@node1 httpd-2.4.46]# vim /etc/httpd24/httpd.conf
LoadModule proxy_module modules/mod_proxy.so
...
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
//配置虚拟主机
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/"
ServerName phptest.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.94.144:9000/var/www/html/$1
<Directory "/usr/local/apache/htdocs/">
Options none
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
//查找AddType,添加以下两行
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
- php端配置
[root@node3 ~]# vim /etc/php-fpm.d/www.conf
;listen = /run/php-fpm/www.sock #注释此行
listen = 0.0.0.0:9000 //添加新套接字
; Default Value: any
listen.allowed_clients = 192.168.94.141
//测试页创建
[root@node3 ~]# echo -e "<?php\n\tphpinfo();\n?>" > /var/www/html/index.php
//更改属主和组
[root@node3 ~]# chown -R apache:apache /var/www/html/
- 重启服务
[root@node1 ~]# apachectl restart
[root@node3 ~]# systemctl restart php-fpm
- 验证成功