«
»

CentOS 5.2 (x86_64)+Nginx+Php-fcgi+Mysql安装过程


本文参考:http://blog.s135.com/nginx_php_v5/
1.换CentOS的yum源

cd /etc/yum.repos.d/
mv CentOS-Base.repo CentOS-Base.repo.bak
wget http://blog.s135.com/soft/linux/centos/5.2/CentOS-Base.repo

2.定时校正服务器时钟

yum install ntp #如果ntp已经安装可以略过
crontab -e

加入如下一行:

15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1


3.安装所需的程序

LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel

4.下载软件

mkdir -p /data/software
vim soft.list

加入以下内容

http://sysoev.ru/nginx/nginx-0.7.58.tar.gz
http://cn.php.net/get/php-5.2.8.tar.bz2/from/cn2.php.net/mirror
http://php-fpm.anight.org/downloads/head/php-5.2.8-fpm-0.5.10.diff.gz
http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.34.tar.gz/from/http://mysql.he.net/
http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.tar.gz
http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0
http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0
http://pecl.php.net/get/memcache-2.2.5.tgz
http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.8.tar.gz
http://bart.eaccelerator.net/source/0.9.5.3/eaccelerator-0.9.5.3.tar.bz2
http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
http://blog.s135.com/soft/linux/nginx_php/imagick/ImageMagick.tar.gz
http://pecl.php.net/get/imagick-2.2.2.tgz

开始下载

wget -i soft.list

5.编译安装软件
5.1编译安装PHP 5.2.8所需的支持库
图省事,我把这些以下内容写到php-lib.sh中

tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13/
./configure --prefix=/usr/local
make
make install
cd ../

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../

执行(如果不是另存为php-lib.sh的可以忽略这一步

chmod +x php-lib.sh
./php-lib.sh

5.2编译安装mysql
以下内容存为mysql-install.sh

/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql
tar zxvf mysql-5.1.34.tar.gz
cd mysql-5.1.34/
./configure --prefix=/usr/local/webserver/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=innobase
make && make install
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
cd ../

执行(如果不是另存为mysql-install.sh的可以忽略这一步)

chmod +x mysql-install.sh
./mysql-install.sh

5.2.1创建MySQL数据库存放目录

mkdir -p /data/mysql/data/
chown -R mysql:mysql /data/mysql/

5.2.2以mysql用户帐号的身份建立数据表

/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/data/mysql/data --user=mysql

5.2.3创建my.cnf配置文件

vim /data/mysql/my.cnf

输入以下内容

[client]
default-character-set = utf8
port    = 3306
socket  = /tmp/mysql.sock

[mysql]
prompt="(\u:www.fj18.com:)[\d]> "
no-auto-rehash

[mysqld]
#default-character-set = utf8
user    = mysql
port    = 3306
socket  = /tmp/mysql.sock
basedir = /usr/local/webserver/mysql
datadir = /data/mysql/data
open_files_limit    = 10240
back_log = 600
max_connections = 3000
max_connect_errors = 6000
table_cache = 614
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 2M
join_buffer_size = 2M
thread_cache_size = 300
thread_concurrency = 8
query_cache_size = 32M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
default_table_type = MyISAM
thread_stack = 192K
transaction_isolation = READ-COMMITTED
tmp_table_size = 246M
max_heap_table_size = 246M
long_query_time = 1
log_long_format
log-bin = /data/mysql/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 512M
expire_logs_days = 7
key_buffer_size = 256M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_max_extra_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover

skip-name-resolve
master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396

server-id = 1

innodb_additional_mem_pool_size = 16M
innodb_buffer_pool_size = 2048M
innodb_data_file_path = ibdata1:1024M:autoextend
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 90
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0
[mysqldump]
quick
max_allowed_packet = 32M

5.2.4创建管理MySQL数据库的shell脚本

vim /data/mysql/mysql

输入以下内容

#!/bin/sh

mysql_username="admin"
mysql_password="12345678"

function_start_mysql()
{
    printf "Starting MySQL...\n"
    /bin/sh /usr/local/webserver/mysql/bin/mysqld_safe --defaults-file=/data/mysql/my.cnf 2>&1 > /dev/null &
}

function_stop_mysql()
{
    printf "Stoping MySQL...\n"
    /usr/local/webserver/mysql/bin/mysqladmin -u ${mysql_username} -p${mysql_password} -S /tmp/mysql.sock shutdown
}

function_restart_mysql()
{
    printf "Restarting MySQL...\n"
    function_stop_mysql
    sleep 5
    function_start_mysql
}

function_kill_mysql()
{
    kill -9 $(ps -ef | grep 'bin/mysqld_safe' | awk '{printf $2}')
    kill -9 $(ps -ef | grep 'libexec/mysqld' | awk '{printf $2}')
}

if [ "$1" = "start" ]; then
    function_start_mysql
elif [ "$1" = "stop" ]; then
    function_stop_mysql
elif [ "$1" = "restart" ]; then
function_restart_mysql
elif [ "$1" = "kill" ]; then
function_kill_mysql
else
    printf "Usage: /data/mysql/mysql {start|stop|restart|kill}\n"
fi

加上可执行权限

chmod +x /data/mysql/mysql

5.2.5创建一个具有root权限的用户(admin)和密码(12345678)
启动数据库

/data/mysql/mysql start

通过命令行登录管理MySQL服务器(不用密码)

/usr/local/webserver/mysql/bin/mysql -u root -p -S /tmp/mysql.sock

创建账号

GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' IDENTIFIED BY '12345678';
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'127.0.0.1' IDENTIFIED BY '12345678';
FLUSH PRIVILEGES;

停止数据库

/data/mysql/mysql stop

5.3 编译安装php(FastCGI模式)

vim php-install.sh

输入以下内容

tar jxvf php-5.2.8.tar.bz2
gzip -cd php-5.2.8-fpm-0.5.10.diff.gz | patch -d php-5.2.8 -p1
cd php-5.2.8/
./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --with-mime-magic=/usr/share/magic.mime
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
cd ../

修改权限并执行

chmod +x php-install.sh
./php-install.sh

5.4 编译安装PHP5扩展模块

vim php-extension.sh

加入以下内容

tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../

tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure
make
make install
cd ../

tar zxvf imagick-2.2.2.tgz
cd imagick-2.2.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

加入可执行权限并执行

chmod +x php-extension.sh
./php-extension.sh

修改php.ini

sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/webserver/php/etc/php.ini

配置eAccelerator加速PHP:

mkdir -p /usr/local/webserver/eaccelerator_cache
vim /usr/local/webserver/php/etc/php.ini

在最后加入以下内容

[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

5.5创建www用户和组

/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data/www
chmod +w /data/www
chown -R www:www /data/www

mkdir -p /data/logs
chmod +w /data/logs
chown -R www:www /data/logs

5.6创建php-fpm配置文件并启动php-fpm

mv /usr/local/webserver/php/etc/php-fpm.conf /usr/local/webserver/php/etc/php-fpm.conf.bak
vim /usr/local/webserver/php/etc/php-fpm.conf

输入以下内容

<?xml version="1.0" ?>
<configuration>
 
  All relative paths in this config are relative to php's install prefix
 
  <section name="global_options">
 
    Pid file
    <value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>
 
    Error log file
    <value name="error_log">/data/logs/php-fpm.log</value>
 
    Log level
    <value name="log_level">notice</value>
 
    When this amount of php processes exited with SIGSEGV or SIGBUS ...
    <value name="emergency_restart_threshold">10</value>
 
    ... in a less than this interval of time, a graceful restart will be initiated.
    Useful to work around accidental curruptions in accelerator's shared memory.
    <value name="emergency_restart_interval">1m</value>
 
    Time limit on waiting child's reaction on signals from master
    <value name="process_control_timeout">5s</value>
 
    Set to 'no' to debug fpm
    <value name="daemonize">yes</value>
 
  </section>
 
  <workers>
 
    <section name="pool">
 
      Name of pool. Used in logs and stats.
      <value name="name">default</value>
 
      Address to accept fastcgi requests on.
      Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
      <value name="listen_address">127.0.0.1:9000</value>
 
      <value name="listen_options">
 
        Set listen(2) backlog
        <value name="backlog">-1</value>
 
        Set permissions for unix socket, if one used.
        In Linux read/write permissions must be set in order to allow connections from web server.
        Many BSD-derrived systems allow connections regardless of permissions.
        <value name="owner"></value>
        <value name="group"></value>
        <value name="mode">0666</value>
      </value>
 
      Additional php.ini defines, specific to this pool of workers.
      <value name="php_defines">
        <value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
        <value name="display_errors">1</value>
      </value>
 
      Unix user of processes
        <value name="user">www</value>
 
      Unix group of processes
        <value name="group">www</value>
 
      Process manager settings
      <value name="pm">
 
        Sets style of controling worker process count.
        Valid values are 'static' and 'apache-like'
        <value name="style">static</value>
 
        Sets the limit on the number of simultaneous requests that will be served.
        Equivalent to Apache MaxClients directive.
        Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
        Used with any pm_style.
        <value name="max_children">128</value>
 
        Settings group for 'apache-like' pm style
        <value name="apache_like">
 
          Sets the number of server processes created on startup.
          Used only when 'apache-like' pm_style is selected
          <value name="StartServers">20</value>
 
          Sets the desired minimum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MinSpareServers">5</value>
 
          Sets the desired maximum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MaxSpareServers">35</value>
 
        </value>
 
      </value>
 
      The timeout (in seconds) for serving a single request after which the worker process will be terminated
      Should be used when 'max_execution_time' ini option does not stop script execution for some reason
      '0s' means 'off'
      <value name="request_terminate_timeout">0s</value>
 
      The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
      '0s' means 'off'
      <value name="request_slowlog_timeout">0s</value>
 
      The log file for slow requests
      <value name="slowlog">logs/slow.log</value>
 
      Set open file desc rlimit
      <value name="rlimit_files">51200</value>
 
      Set max core size rlimit
      <value name="rlimit_core">0</value>
 
      Chroot to this directory at the start, absolute path
      <value name="chroot"></value>
 
      Chdir to this directory at the start, absolute path
      <value name="chdir"></value>
 
      Redirect workers' stdout and stderr into main error log.
      If not set, they will be redirected to /dev/null, according to FastCGI specs
      <value name="catch_workers_output">yes</value>
 
      How much requests each process should execute before respawn.
      Useful to work around memory leaks in 3rd party libraries.
      For endless request processing please specify 0
      Equivalent to PHP_FCGI_MAX_REQUESTS
      <value name="max_requests">500</value>
 
      Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
      Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
      Makes sense only with AF_INET listening socket.
      <value name="allowed_clients">127.0.0.1</value>
 
      Pass environment variables like LD_LIBRARY_PATH
      All $VARIABLEs are taken from current environment
      <value name="environment">
        <value name="HOSTNAME">$HOSTNAME</value>
        <value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
        <value name="TMP">/tmp</value>
        <value name="TMPDIR">/tmp</value>
        <value name="TEMP">/tmp</value>
        <value name="OSTYPE">$OSTYPE</value>
        <value name="MACHTYPE">$MACHTYPE</value>
        <value name="MALLOC_CHECK_">2</value>
      </value>
 
    </section>
 
  </workers>
 
</configuration>

修改文件句柄

vim /etc/security/limits.conf

在最后加上

* soft nofile 51200
* hard nofile 51200

这里先用直接命令实现

ulimit -SHn 51200

启动

/usr/local/webserver/php/sbin/php-fpm start

5.7 安装Nginx

vim nginx-install.sh

加入以下内容

tar zxvf pcre-7.8.tar.gz
cd pcre-7.8/
./configure
make && make install
cd ../
tar zxvf nginx-0.7.58.tar.gz
cd nginx-0.7.58/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../

修改可执行权限并执行

chmod +x nginx-install.sh
./nginx-install.sh

创建Nginx配置文件

mv /usr/local/webserver/nginx/conf/nginx.conf /usr/local/webserver/nginx/conf/nginx.conf.bak
vim /usr/local/webserver/nginx/conf/nginx.conf

输入如下内容

user  www www;

worker_processes 8;

error_log  /data/logs/nginx_error.log  crit;

pid        /usr/local/webserver/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
{
    use epoll;
    worker_connections 51200;
}

http
{
    include       mime.types;
    default_type  application/octet-stream;

    charset  utf-8;
      
    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 8m;
      
    sendfile on;
    tcp_nopush     on;

    keepalive_timeout 60;

    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types       text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

    #limit_zone  crawler  $binary_remote_addr  10m;

    server
    {
        listen       80;
        server_name  www.fj18.com;
        index index.html index.htm index.php;
        root  /data/www;

        #limit_conn   crawler  20;   
                            
        location ~ .*\.(php|php5)?$
        {     
            #fastcgi_pass  unix:/tmp/php-cgi.sock;
            fastcgi_pass  127.0.0.1:9000;
            fastcgi_index index.php;
            include fcgi.conf;
    }
    
        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      1h;
        }   

        log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
            '$status $body_bytes_sent "$http_referer" '
            '"$http_user_agent" $http_x_forwarded_for';
        access_log  /data/logs/access.log  access;
    }

    server
    {
        listen  80;
        server_name  status.fj18.com;

        location / {
            stub_status on;
            access_log   off;
        }
    }
}

创建fcgi.conf文件

vim /usr/local/webserver/nginx/conf/fcgi.conf

输入以下内容

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

启动Nginx

/usr/local/webserver/nginx/sbin/nginx

6配置开机启动

vim /etc/rc.local

在最后加上

/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx
/data/mysql/mysql start

7优化Linux内核参数

vim /etc/sysctl.conf

在最后加上

net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000    65000

使配置立即生效

/sbin/sysctl -p

, , , ,

This entry was posted on 2009-06-04, 14:37 and is filed under Web服务器. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. No comments yet.
(will not be published)