linux运维、架构之路-Lamp架构部署

一、Lamp架构原理

二、Lamp架构软件安装

1、apache安装脚本

#!/bin/sh
cd /server/tools/
yum install zlib-devel -y
wget http://mirror.bit.edu.cn/apache/httpd/httpd-2.2.34.tar.gz
tar xf httpd-2.2.34.tar.gz
cd httpd-2.2.34
./configure \
--prefix=/application/apache2.2.34 \ #安装目录
--enable-deflate \ #压缩
--enable-expires \ #缓存过期时间
--enable-headers \ #http请求头
--enable-modules=most \ #激活apache大多数模块
--enable-so \
--with-mpm=worker \ #进程的一种模式
--enable-rewrite #伪静态
make && make install
ln -s /application/apache2.2.34/ /application/apache
/application/apache/bin/apachectl start
lsof -i:80

①apache和php是以模块的形式配合,安装完apache默认安装了

[root@web03 ~]# ll /application/apache/modules/
total 34140
-rw-r--r-- 1 root root     9291 2017-11-09 16:36 httpd.exp
-rwxr-xr-x 1 root root 34945541 2017-11-10 10:08 libphp5.so

②同样apache的主配置文件里也配置了php模块

[root@web03 ~]# grep libphp5.so /application/apache/conf/httpd.conf
LoadModule php5_module        modules/libphp5.so

2、MySQL安装脚本

#!/bin/bash
useradd -s /sbin/nologin -M mysql
cd /server/tools
tar xf mysql-5.6.34-linux-glibc2.5-x86_64.tar.gz
mkdir -p /application/
mv /server/tools/mysql-5.6.34-*-x86_64 /application/mysql-5.6.34
ln -s /application/mysql-5.6.34/ /application/mysql
chown -R mysql.mysql /application/mysql/
/application/mysql/scripts/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data --user=mysql
\cp /application/mysql/support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld
sed -i 's#/usr/local/mysql#/application/mysql#g' /application/mysql/bin/mysqld_safe /etc/init.d/mysqld
\cp /application/mysql/support-files/my-default.cnf /etc/my.cnf
/etc/init.d/mysqld start
lsof -i:3306
echo 'export PATH=/application/mysql/bin:$PATH' >>/etc/profile
source /etc/profile
chkconfig --add mysqld 
chkconfig mysqld on
/application/mysql/bin/mysqladmin -u root password '123456'

3、PHP安装脚本

#!/bin/bash
yum install -y zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel freetype-devel libpng-devel gd-devel libcurl-devel libxslt-devel
yum -y install libmcrypt-devel mhash mcrypt
cd /server/tools/
tar zxf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv
make && make install
cd /server/tools/
tar xf php-5.5.32.tar.gz
cd php-5.5.32
./configure \
--prefix=/application/php5.5.32 \
--with-apxs2=/application/apache/bin/apxs \ #指定apache的/bin/apxs路径,通过apxs来增加PHP扩展模块
--with-mysql=/application/mysql/ \ #指定mysql安装路径
--with-pdo-mysql=mysqlnd \
--with-xmlrpc \
--with-openssl \
--with-zlib \
--with-freetype-dir \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-iconv=/usr/local/libiconv \
--enable-short-tags \
--enable-sockets \
--enable-zend-multibyte \
--enable-soap \
--enable-mbstring \
--enable-static \
--enable-gd-native-ttf \
--with-curl \
--with-xsl \
--enable-ftp \
--with-libxml-dir\
ln -s /application/mysql/lib/libmysqlclient.so.18  /usr/lib64/
touch ext/phar/phar.phar
make && make install
ln -s /application/php-5.5.32/ /application/php

MySQL和web分离,php编译参数

./configure \
--prefix=/application/php5.5.32 \
--with-apxs2=/application/apache/bin/apxs \
--with-mysql=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-xmlrpc \
--with-openssl \
--with-zlib \
--with-freetype-dir \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-iconv=/usr/local/libiconv \
--enable-short-tags \
--enable-sockets \
--enable-zend-multibyte \
--enable-soap \
--enable-mbstring \
--enable-static \
--enable-gd-native-ttf \
--with-curl \
--with-xsl \
--enable-ftp \
--with-libxml-dir\

4、配置apache支持PHP只需三步

[root@web03 conf]# diff httpd.conf httpd.conf.bak
54d53
< LoadModule php5_module        modules/libphp5.so
67,68c66,67
< User www #修改默认用户
< Group www
---
> User daemon
> Group daemon
168c167
<     DirectoryIndex index.php index.html #加入动态首页文件
---
>     DirectoryIndex index.html
320,321d318
<     AddType application/x-httpd-php .php .phtml #加入支持PHP的内容
<     AddType application/x-httpd-php-source .phps

三、apache配置文件说明

1、主配置文件httpd.conf

#修改以下内容
Include conf/extra/httpd-vhosts.conf   #打开注释
Options -Indexes FollowSymLinks        #主页打不开时,禁止列目录(优化)

2、虚拟主机配置文件httpd-vhosts.conf

<VirtualHost *:80>
    ServerAdmin 774181401@qq.com
    DocumentRoot "/var/html/www"
    ServerName www.etiantian.org
    ServerAlias etiantian.org
    ErrorLog "logs/www-error_log"
    CustomLog "logs/www-access_log" common
</VirtualHost>

增加虚拟主机时必须加入以下内容,不然报403错误

egrep -v "#|^$" httpd.conf >httpd.conf.bak
[root@web03 conf]# tail -7 httpd.conf
</IfModule>
<Directory "/var/html">
    Options -Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

3、apache常用命令

/extar/htdocs(默认站点目录)
/bin/apachectl -t(检查语法)
/bin/apachectl graceful(平滑重启服务)
/application/apache/bin/apachectl -l(查看编译的模块)
strace /application/apache/bin/apachectl -M(如果检查慢的话,用strace追踪)

4、日志轮询

①日志轮询工具cronolog
yum install cronolog -y
以bbs为例加入
CustomLog "|/usr/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined
mkdir /app/logs -p
/application/apache/bin/apachectl graceful

②脚本定时任切割日志思路,晚上00点
cd /application/apache/logs/
mv www-access_log www-access_$(date +%F)log
/application/apache/bin/apachectl graceful

5、apache安全优化

1、编译之前改源码
2、隐藏apache版本号信息
vi /application/apache/conf/httpd.conf
Include conf/extra/httpd-default.conf #去注释

vi /application/apache/conf/extra/httpd-default.conf
ServerTokens Prod
ServerSignature Off
3、Options -Indexes FollowSymLinks  禁止列目录(优化)
posted @ 2017-11-10 14:43  闫新江  阅读(812)  评论(0编辑  收藏  举报