LNMP部署

LNMP是众所周知的Web网站服务器架构环境，linux系统+nginx为HTTP和反向代理服务器+mysql数据库+php脚本语言组合成一个高性能、轻量、稳定、扩展性强的Web网站服务器架构环境。

注意：在安装操作系统的安装软件配置部分，建议选择“Server with GUI”，并选择“Development Tools”和“Compatibility Libraries”两项附加软件。同时在确保操作系统中gcc、libgcc、gcc-c++等编译器已经正确安装。

 

1、nignx安装

#依赖文件安装： 

yum -y install zlib pcre pcre-devel openssl openssl-devel

#解压nginx安装文件

tar zxvf nginx-1.16.1.tar.gz

#创建nginx用户

useradd -s /sbin/nologin www
id www

#编译安装nignx：分别为configure  、make 、make install

[root@localhost nginx-1.16.1]# ./configure \
--user=www \
--group=www \
--prefix=/usr/local/nginx \
--sbin-path=/usr/local/nginx/sbin/nginx \
--conf-path=/usr/local/nginx/conf/nginx.conf \
--error-log-path=/usr/local/nginx/logs/error.log \
--http-log-path=/usr/local/nginx/logs/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/lock/subsys/nginx \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_gzip_static_module \
--with-pcre

[root@localhost nginx-1.14.0]# make
[root@localhost nginx-1.14.0]# make install

#对conf目录下的nginx.conf配置文件进行编辑

[root@localhost nginx]# cd conf/
[root@localhost conf]# ls
nginx.conf

实例配置：
[root@localhost conf]# vim nginx.conf

user www;
worker_processes 2;
worker_cpu_affinity 01 10;
error_log logs/error.log;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65535;

#error_log logs/error.log notice;
#error_log logs/error.log info;

events {
use epoll;
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log logs/access.log main;

sendfile on;
tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;
server_names_hash_bucket_size 128;
client_max_body_size 20m;
client_header_buffer_size 32k;
large_client_header_buffers 4 128k;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;

server {
listen 80;

server_name localhost 192.168.0.77;

#charset koi8-r;

access_log logs/host.access.log main;

location / {
root html;
index index.html index.htm;
}

error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}

# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;

# location / {
# root html;
# index index.html index.htm;
# }
#}

# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;

# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;

# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;

# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;

# location / {
# root html;
# index index.html index.htm;
# }
#}

}

#通过./nginx -t 测试nginx是否安装成功；

#通过./nginx -v、 ./nginx -V 查看nignx版本 ；-V参数可查看编辑安装的具体属性

[root@localhost sbin]# ./nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost sbin]# ./nginx -v
nginx version: nginx/1.14.2
[root@localhost sbin]# ./nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --sbin-path=/usr/local/nginx/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre

#启动nginx方法：在nginx安装目录下的sbin目录中  ./nginx 即可

[root@localhost sbin]# ./nginx
[root@localhost ~]# ps -ef | grep nginx
root 7672 1 0 22:38 ? 00:00:00 nginx: master process ./nginx
www 7673 7672 0 22:38 ? 00:00:00 nginx: worker process
www 7674 7672 0 22:38 ? 00:00:00 nginx: worker process
root 7830 2707 0 22:52 pts/1 00:00:00 grep --color=auto nginx
[root@localhost ~]# ps -ef | grep 7672
root 7672 1 0 22:38 ? 00:00:00 nginx: master process ./nginx
www 7673 7672 0 22:38 ? 00:00:00 nginx: worker process
www 7674 7672 0 22:38 ? 00:00:00 nginx: worker process
root 7832 2707 0 22:53 pts/1 00:00:00 grep --color=auto 7672

 #查看主页内容

[root@localhost nginx]# cd html/
[root@localhost html]# ll
total 8
-rw-r--r--. 1 root root 537 Dec 20 16:54 50x.html
-rw-r--r--. 1 root root 612 Dec 20 16:54 index.html

#查看访问记录（这里由于还未访问，log文件大小为0）

[root@localhost nginx]# cd logs/
[root@localhost logs]# ll
total 0
-rw-r--r--. 1 root root 0 Dec 20 17:54 access.log
-rw-r--r--. 1 root root 0 Dec 20 17:54 error.log
-rw-r--r--. 1 root root 0 Dec 20 17:54 host.access.log

#注意：一般需要对iptables 进行清空，网页打开时才不会被拒绝 
[root@localhost logs]# iptables -F
#若iptables -F不行，可以关于iptables拒绝访问nginx网页的解决方法：
1、检查是否安装iptables；最好先关闭默认的firewall
[root@localhost conf]# systemctl stop firewalld.service 
[root@localhost conf]# systemctl disable firewalld.service 
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
2、下载iptables
[root@localhost conf]# yum install iptables-services.x86_64 -y
3、插入策略
[root@localhost sysconfig]# iptables -I INPUT -p tcp -d 192.168.74.74/24 --dport 80 -j ACCEPT 
[root@localhost sysconfig]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination 
ACCEPT tcp -- anywhere 192.168.74.0/24 tcp dpt:http
[root@localhost sysconfig]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
打开网页不会再被拒绝 

2、mysql安装

#安装依赖源

yum -y install make gcc-c++ cmake bison-devel ncurses-devel bison perl perl-devel perl perl-devel

#解压mysql至指定路径下

tar -zxvf mysql-boost-5.7.28.tar.gz -C /usr/local

#创建mysql组和用户

groupadd mysql

useradd -r -g mysql -s /bin/false mysql

#mysql 5.4版本后通过cmake来进行编译、make、make install

cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql/ -DMYSQL_DATADIR=/data1/mysql/data -DDEFAULT_CHARSET=all \

-DDEFAULT_CHARSET=utf8 \

-DDEFAULT_COLLATION=utf8_general_ci \

-DWITH_INNOBASE_STORAGE_ENGINE=1 \

-DWITH_MYISAM_STORAGE_ENGINE=1 \

-DMYSQL_USER=mysql \

-DMYSQL_TCP_PORT=3306 \

-DWITH_BOOST=boost \

-DENABLED_LOCAL_INFILE=1 \

-DWITH_PARTITION_STORAGE_ENGINE=1 \

-DMYSQL_UNIX_ADDR=/tmp/mysqld.sock \

-DWITH_EMBEDDED_SERVER=1

 

make

make install

#mysql安装好后，需要初始化，注意这里初始化会随机产生密码

./mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/data1/mysql/data

XQv=)LAQ1j0i

#编辑my.cnf文件，对mysql配置属性进行添加。注意：由于linux系统自带my.cnf文件，最好先删除原有文件，在重新创建。

vim /etc/my.cnf

[mysqld]

datadir=/db/data

socket=/tmp/mysqld.sock

symbolic-links=0

log-error=/var/log/mysqld.log

:wq!

#将mysql启动脚本复制到开机启动脚本中，并修改权限后启动mysql。

cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld

chmod 755 /etc/init.d/mysqld

chkconfig mysqld on

service mysqld start

#登录mysql

[root@localhost bin]# ./mysql -uroot -p

Enter password: #输入刚才的随机密码“XQv=)LAQ1j0i”

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 2

Server version: 5.7.28

 

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

 

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

 

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

 

mysql>

mysql> SET PASSWORD = PASSWORD('Lsy@139.com');　　　　　　　　 #新密码设置

Query OK, 0 rows affected, 1 warning (0.01 sec)

 

mysql> ALTER USER 'root'@'localhost' PASSWORD EXPIRE NEVER; 　　　　#应用密码永不过期

 

Query OK, 0 rows affected (0.00 sec)mysql> flush privileges; 　　　　　　　　　#刷新

Query OK, 0 rows affected (0.00 sec)

 

 

 

3、安装PHP7

#安装依赖关系

yum install -y libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel curl curl-devel openssl openssl-devel

#解压php

tar -zxvf php-7.2.3.tar.gz

#创建php安装目录。然后编译安装php  

[root@localhost local]# mkdir php7

[root@localhost local]# cd app/php-7.2.3/

[root@localhost php-7.2.3]# ./configure --prefix=/usr/local/php7 --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-openssl --enable-mbstring --enable-xml --enable-session --enable-ftp --enable-pdo -enable-tokenizer --enable-zip

 

make 

make install

#将php.ini-production和sapi/fpm/php-fpm.service文件，分别拷贝至/usr/local/php7/lib/php.ini  /usr/lib/systemd/system/目录下

[root@localhost php-7.2.3]# cp php.ini-production /usr/local/php7/lib/php.ini

[root@localhost php-7.2.3]# cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/

#修改php-fpm配置文件www.conf

www.conf 文件位于/usr/local/php7/etc/php-fpm.conf内，注意需要将php-fpm.conf.default文件改名为php-fpm.conf，其中该文件大部分都被注释掉，最后末尾有个include=/usr/local/php7/etc/php-fpm.d/*.conf 表示所有fpm配置都在/usr/local/php7/etc/php-fpm.d/下的.conf文件中，所以切换至/usr/local/php7/etc/php-fpm.d/目录下，注意将www.conf.default文件,改名为www.conf 并编辑。

 

###为什么要修改php-fpm模块的配置文件？###

###因为Nginx不仅是一个Web服务器，也是一个功能强大的代理服务器，除了进行http请求的代理外，也可以进行许多其他协议请求的代理。

为了能够使Nginx理解FastCGI协议，Nginx提供了一个FastCGI模块来将http请求映射为对应的FastCGI请求。

PHP-FPM是一个第三方的FastCGI进程管理器。最先它是作为PHP的一个补丁来开发的，现在PHP-FPM已经集成到了PHP源码中，在安装PHP的时候，通过指定“--enable-fpm”选项即可启用PHP-FPM功能。

PHP-FPM管理的进程包含master进程和worker进程两种。master进程只有一个，主要负责监听端口，接收来自Web Server的请求，而worker进程则一般有多个(具体数量根据实际需要配置)，每个进程内部都嵌了一个PHP解释器，是PHP代码真正执行的地方。Nginx就可以将请求发送给PHP-FPM了，也就实现了Nginx与PHP-FPM的集成。###

 

cd /usr/local/php7/etc

[root@localhost etc]# cp php-fpm.conf.default php-fpm.conf 

[root@localhost etc]# ll

total 20

-rw-r--r--. 1 root root 1244 May 17 15:36 pear.conf

-rw-r--r--. 1 root root 4468 May 17 15:36 php-fpm.conf

-rw-r--r--. 1 root root 4468 May 17 16:18 php-fpm.conf.default

drwxr-xr-x. 2 root root 46 May 17 16:16 php-fpm.d

 

[root@localhost etc]# cd php-fpm.d/

[root@localhost php-fpm.d]# cp www.conf.default www.conf 

[root@localhost php-fpm.d]# ll

total 40

-rw-r--r--. 1 root root 18596 May 17 15:36 www.conf

-rw-r--r--. 1 root root 18596 May 17 16:16 www.conf.default

 

 

[root@localhost php-fpm.d]# vim www.conf            #可修改pm配置

user = www

group = www

 

listen = 127.0.0.1:9000

 

pm = dynamic

 

pm.max_children = 100

 

pm.start_servers = 10

 

pm.min_spare_servers = 5

 

pm.max_spare_servers = 50

:wq!

#启动php-fpm模块

cd /usr/local/php7/sbin

[root@localhost sbin]# ./php-fpm 

[root@localhost sbin]# ps -ef | grep php-fpm 

root 55345 1 0 16:31 ? 00:00:00 php-fpm: master process (/usr/local/php7/etc/php-fpm.conf)

www 55346 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55347 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55348 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55349 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55350 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55351 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55352 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55353 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55354 55345 0 16:31 ? 00:00:00 php-fpm: pool www

www 55355 55345 0 16:31 ? 00:00:00 php-fpm: pool www

root 55359 114912 0 16:31 pts/1 00:00:00 grep --color=auto php-fpm

 

 

4、修改nginx的配置文件来支持php

[root@localhost ~]# cd /usr/local/nginx/conf/

[root@localhost conf]# vim nginx.conf

在server下修改或者添加location ~ \.php$参数如下：

server {

listen 80;

 

server_name localhost 192.168.74.74;

 

#charset koi8-r;

 

access_log logs/host.access.log main;

 

location / {

root html;

index index.html index.htm index.php;

}

 

error_page 404 /404.html;

 

# redirect server error pages to the static page /50x.html

#

error_page 500 502 503 504 /50x.html;

location = /50x.html {

root html;

}

 

# proxy the PHP scripts to Apache listening on 127.0.0.1:80

#

location ~ \.php$ {

root html;

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;

include fastcgi_params;

}

# proxy_pass http://127.0.0.1;

#}

 

.....

:wq!

#重启nignx

[root@localhost conf]# killall -9 nginx

[root@localhost conf]# cd ../sbin/

[root@localhost sbin]# ./nginx

#添加php测试文件phpinfo.php

[root@localhost sbin]# cd ../html/

[root@localhost html]# vim phpinfo.php

<?php phpinfo(); ?>

:wq!

 

打开浏览器http://192.168.74.74/phpinfo.php验证

 

/usr/local/php7/bin/php -m #查看PHP安装的模块信息

 

验证php连接mysql数据库的两种方式：

cd /usr/local/nginx/html/

[root@localhost html]# vim mysqli.php

<?php

$conn = mysqli_connect('127.0.0.1', 'root', 'Lsy@139.com', 'mysql');

if(!$conn){

die("数据库连接错误" . mysqli_connect_error());

}else{

echo"数据库连接成功";

}

:x!

打开浏览器http://192.168.74.74/mysqli.php验证

 

[root@localhost html]# vim pdo-mysql.php

<?php

try{

$pdo=new pdo('mysql:host=127.0.0.1;dbname=mysql','root','Lsy@139.com');

}catch(PDDException $e){

echo "数据库连接错误";

}

echo "数据库连接成功";

?>

:x!

打开浏览器http://192.168.74.74/pdo-mysql.php验证