LNMP
lnmp搭建(分离部署)
环境
系统 | 主机名 | ip | 功能 |
---|---|---|---|
rhel8 | node1 | 192.168.94.141 | nginx |
rhel8 | node2 | 192.168.94.143 | mysql |
rhel8 | node4 | 192.168.94.130 | php |
准备工作:
//防火墙selinux关闭
systemctl disable --now firewalld
sed -ri '/SELINUX=enforcing/s/enforcing/disable/g' /etc/selinux/config
//配置网络源
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
sed -i 's|$releasever|8|' /etc/yum.repos.d/CentOS-Base.repo
yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
sed -i 's|$releasever|8|' /etc/yum.repos.d/epel*
yum clean all
yum makecache
node1安装nginx(源码)
//创建nginx用户
[root@node1 ~]# useradd -r -M -s /sbin/nologin nginx
//安装开发工具组和依赖包
[root@node1 ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make
[root@node1 ~]# yum -y groups mark install 'development tools'
//创建日志存放目录
[root@node1 ~]# mkdir -p /var/log/nginx
[root@node1 ~]# chown -R nginx.nginx /var/log/nginx
//下载源码包
[root@node1 ~]# cd /usr/src/
[root@node1 src]# wget http://nginx.org/download/nginx-1.20.0.tar.gz
[root@node1 src]# ll
...
-rw-r--r--. 1 root root 1061070 Apr 20 22:46 nginx-1.20.0.tar.gz
//解压
[root@node1 src]# tar xf nginx-1.20.0.tar.gz
[root@node1 src]# cd nginx-1.20.0/
//编译安装
[root@node1 nginx-1.20.0]# ./configure \
> --prefix=/usr/local/nginx \ #指定路径
> --user=nginx \ #指定用户
> --group=nginx \ #指定组
> --with-debug \ #启用debug测试
> --with-http_ssl_module \ #启用ssl证书模块
> --with-http_realip_module \ #启用http真实ip模块
> --with-http_image_filter_module \ #启用http图像过滤器模块
> --with-http_gunzip_module \ #启用http压缩模块
> --with-http_gzip_static_module \ #启用静态压缩
> --with-http_stub_status_module \ #启用状态页面
> --http-log-path=/var/log/nginx/access.log \ #指定日http访问日志路径
> --error-log-path=/var/log/nginx/error.log #指定报错日志路径
//启用多核心加速安装
[root@node1 nginx-1.20.0]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//添加环境变量
[root@node1 nginx-1.20.0]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@node1 nginx-1.20.0]# source /etc/profile.d/nginx.sh
[root@node1 nginx-1.20.0]# which nginx
/usr/local/nginx/sbin/nginx
node2安装mysql(二进程包安装)
[root@node2 ~]# useradd -r -M -s /sbin/nologin mysql
[root@node2 ~]# id mysql
uid=993(mysql) gid=989(mysql) groups=989(mysql)
[root@node2 ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel gcc gcc-c++ ncurses-compat-libs*
[root@node2 ~]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
[root@node2 ~]# ll
total 367720
-rw-------. 1 root root 1179 Jan 6 18:03 anaconda-ks.cfg
-rw-r--r--. 1 root root 376537503 May 30 21:36 mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
[root@node2 ~]# tar xf mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@node2 ~]# ln -s /usr/local/mysql-5.7.31-linux-glibc2.12-x86_64/ /usr/local/mysql
[root@node2 ~]# chown -R mysql.mysql /usr/local/mysql*
[root@node2 ~]# mkdir /opt/data
[root@node2 ~]# chown -R mysql.mysql /usr/local/mysql
[root@node2 ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH'> /etc/profile.d/mysql.sh
[root@node2 ~]# source /etc/profile.d/mysql.sh
[root@node2 ~]# which mysql
/usr/local/mysql/bin/mysql
[root@node2 ~]# mysqld --initialize --user=mysql --datadir=/opt/data
...
2021-05-30T13:40:43.855205Z 1 [Note] A temporary password is generated for root@localhost: yyll2lwogs=X
[root@node2 ~]# echo 'yyll2lwogs=X' > .mysqltmppass
[root@node2 ~]# echo '/usr/local/mysql/lib/'> /etc/ld.so.conf.d/mysql.co
nf
[root@node2 ~]# ldconfig
[root@node2 ~]# cat >> /etc/my.cnf <<EOF
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
EOF
[root@node2 ~]# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@node2 ~]# cat >> /etc/init.d/mysqld <<EOF
> basedir=/usr/local/mysql
> datadir=/opt/data
> EOF
[root@node2 ~]# service mysqld start
Starting MySQL.Logging to '/opt/data/node2.err'.
SUCCESS!
[root@node2 ~]# mysql -uroot -p'yyll2lwogs=X'
mysql> set password = password('123456');
Query OK, 0 rows affected, 1 warning (0.01 sec)
node3安装php(yum)
[root@node4 ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd
[root@node4 ~]# yum -y install php-*
配置
node1
[root@node1 ~]# vim /usr/local/nginx/conf/nginx.conf
...
location / {
root /www;
index index.php index.html;
}
....
location ~ \.php$ {
root /www;
fastcgi_pass 192.168.94.130:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
[root@node1 ~]# vim /usr/local/nginx/conf/fastcgi_params
...
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
[root@node1 ~]# mkdir /www/
[root@node1 ~]# chown -R nginx.nginx /www/
node4
[root@node4 ~]# useradd -M -s /sbin/nologin nginx
[root@node4 ~]# yum -y install nfs-*
[root@node4 ~]# mkdir /www
[root@node4 ~]# chown -R nginx.nginx /www/
[root@node4 ~]# cat > /www/index.php <EOF
> <?php
> phpinfo();
> ?>
[root@node4 ~]# vim /etc/exports
/www 192.168.94.130/24(rw,all_squash,root_squash,anonuid=991,anongid=989) #需跟nginx机id相同
[root@node4 ~]# vim /etc/php-fpm.d/www.conf
...
;listen = /run/php-fpm/www.sock #加;注释
listen = 0.0.0.0:9000 #添加监听端口
...
listen.allowed_clients = 192.168.94.141 #添加允许监听服务端
[root@node4 ~]# systemctl status nfs-server.service
[root@node4 ~]# systemctl start php-fpm
[root@node4 ~]# ss -antl|grep 9000
LISTEN 0 128 0.0.0.0:9000 0.0.0.0:*
[root@node1 ~]# yum -y install nfs-*
[root@node1 ~]# showmount -e 192.168.94.130
Export list for 192.168.94.130:
/www 192.168.94.130/24
[root@node1 ~]# mount -t nfs 192.168.94.130:/www /www/
[root@node1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
node2
mysql> grant all on *.* to root@192.168.94.141 identified by '123456';
Query OK, 0 rows affected, 1 warning (0.01 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> quit
测试访问