Discuz!官方免费开源建站系统

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索

CentOS6.2/5.8下LNMP高性能的WEB服务器快速Yum搭建流程

[复制链接]
梁国平 发表于 2014-2-9 02:39:38 | 显示全部楼层 |阅读模式
本文将指导你如何在CentOS/Red Hat (RHEL) 6.2/5.8下使用Yum来搭建LEMP WEB服务器。国内LEMP (Linux, Nginx, MySQL, PHP) 服务器目前在国内大的企业如百度腾讯使用非常普遍,但是因为LEMP不易安装配置,难为了许多运维人员。在本安装中,我尽量使用yum安装而避免编译安装,有将有效减少安装过程的时间及复杂程序。
LEMP(或LNMP)高性能的WEB服务器在CentOS6.2/5.8下的Yum搭建流程

STEP1.切换到root用户

[plain] view plaincopyprint?

  • su -
  • ## OR ##
  • sudo -i

su -## OR ##sudo -i

STEP2.安装必要的软件源

1. 安装Remi源


[plain] view plaincopyprint?

  • ## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
  • rpm -Uvh http://download.fedoraproject.or ... ease-6-7.noarch.rpm
  • ## CentOS 6 and Red Hat (RHEL) 6 ##
  • rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
  • ## Remi Dependency on CentOS 5 and Red Hat (RHEL) 5 ##
  • rpm -Uvh http://dl.fedoraproject.org/pub/ ... ease-5-4.noarch.rpm
  • ## CentOS 5 and Red Hat (RHEL) 5 ##
  • rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##rpm -Uvh http://download.fedoraproject.or ... ease-6-7.noarch.rpm ## CentOS 6 and Red Hat (RHEL) 6 ##rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm  ## Remi Dependency on CentOS 5 and Red Hat (RHEL) 5 ##rpm -Uvh http://dl.fedoraproject.org/pub/ ... ease-5-4.noarch.rpm ## CentOS 5 and Red Hat (RHEL) 5 ## rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
2.配置Nginx 源

创建/etc/yum.repos.d/nginx.repo文件并写入以下内容
CentOS


[plain] view plaincopyprint?

  • [nginx]
  • name=nginx repo
  • baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
  • gpgcheck=0
  • enabled=1

[nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/$releasever/$basearch/gpgcheck=0enabled=1
RedHat(RHEL)

[plain] view plaincopyprint?

  • [nginx]
  • name=nginx repo
  • baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
  • gpgcheck=0
  • enabled=1

[nginx]name=nginx repobaseurl=http://nginx.org/packages/rhel/$releasever/$basearch/gpgcheck=0enabled=1

STEP3.安装Nginx

[plain] view plaincopyprint?

  • yum --enablerepo=remi,remi-test install nginx

yum --enablerepo=remi,remi-test install nginx

STEP4.安装PHP5.4.4&PHP-FPM


[plain] view plaincopyprint?

  • yum --enablerepo=remi,remi-test install php php-fpm php-common

yum --enablerepo=remi,remi-test install php php-fpm php-common
STEP5.安装PHP5.4.4模块扩展(一些扩展可能无用,请自行去除)

[plain] view plaincopyprint?

  • yum --enablerepo=remi,remi-test install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

yum --enablerepo=remi,remi-test install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml
STEP6.停止并禁用httpd服务,启动Nginx HTTP服务及PHP-FPM
1.  停止httpd

[plain] view plaincopyprint?

  • /etc/init.d/httpd stop
  • ## OR ##
  • service httpd stop
  • chkconfig httpd off

/etc/init.d/httpd stop## OR ##service httpd stopchkconfig httpd off
2.  启动Nginx


[plain] view plaincopyprint?

  • /etc/init.d/nginx start
  • ## OR ##
  • service nginx start

/etc/init.d/nginx start## OR ##service nginx start
3.  启动PHP_FPM

[plain] view plaincopyprint?

  • /etc/init.d/php-fpm start
  • ## OR ##
  • service php-fpm start

/etc/init.d/php-fpm start## OR ##service php-fpm start4. 配置nginx使用PHP-FPM,修改/etc/nginx/conf.d/default.conf
(1) 先为/etc/nginx/conf.d/default.conf作一个备份
[plain] view plaincopyprint?

  • cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf_bak

cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf_bak
(2) 在default.conf 文件中,找到以下内容。

[plain] view plaincopyprint?

  • location / {
  •         root   /usr/share/nginx/html;
  •         index  index.html index.htm;
  •     }

location / {        root   /usr/share/nginx/html;        index  index.html index.htm;    }修改为:

[plain] view plaincopyprint?

  • location / {
  •         root   /usr/share/nginx/html;
  •         index  index.html index.htm index.php;
  • }

location / {        root   /usr/share/nginx/html;        index  index.html index.htm index.php;}nginx默认的wwwroot文件夹为/usr/share/nginx/html,这里你可以修改为自己指定的目录
(3) 去除以下内容前的#号,并修改fastcgi_param所在行

[plain] view plaincopyprint?

  • #location ~ \.php$ {
  • #       root           html;
  • #       fastcgi_pass   127.0.0.1:9000;
  • #       fastcgi_index  index.php;
  • #       fastcgi_param  SCRIPT_FILENAME  [将此处修改为wwwroot路径]$fastcgi_script_name;
  • #        include        fastcgi_params;
  • #}

#location ~ \.php$ {#       root           html;#       fastcgi_pass   127.0.0.1:9000;#       fastcgi_index  index.php;#       fastcgi_param  SCRIPT_FILENAME  [将此处修改为wwwroot路径]$fastcgi_script_name;#        include        fastcgi_params;#}

修改结果

[plain] view plaincopyprint?

  • location ~ \.php$ {
  •         root           html;
  •         fastcgi_pass   127.0.0.1:9000;
  •         fastcgi_index  index.php;
  •         fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html$fastcgi_script_name;
  •         include        fastcgi_params;
  • }

location ~ \.php$ {        root           html;        fastcgi_pass   127.0.0.1:9000;        fastcgi_index  index.php;        fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html$fastcgi_script_name;        include        fastcgi_params;}


STEP7.配置iptables防火墙开启80端口


为Nginx Web Server开放80端口,修改/etc/sysconfig/iptables文件,加入如下内容

[plain] view plaincopyprint?

  • cd /etc/nginx/sites-enabled/
  • -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

cd /etc/nginx/sites-enabled/-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT重启iptables防火墙

[plain] view plaincopyprint?

  • cd /etc/nginx/sites-enabled/
  • service iptables restart
  • ## OR ##
  • /etc/init.d/iptables restart

cd /etc/nginx/sites-enabled/service iptables restart## OR ##/etc/init.d/iptables restart


STEP8.测试Nginx及PHP-FPM
1. 重启nginx及php-fpm

[plain] view plaincopyprint?

  • service nginx restart
  • service php-fpm restart

service nginx restartservice php-fpm restart

2. 打开浏览器,访问http://localhost或http://服务器ip,如果出现以下页面,说明nginx安装成功
3. 在/usr/share/nginx/html文件夹下创建phpinfo.php文件,内容如下

[plain] view plaincopyprint?

  • <?php
  •     phpinfo();
  • ?>

<?php       phpinfo();  ?> 访问http://localhost/phpinfo.php或http://服务器ip/phpinfo.php,如果出现以下页面,说明PHP-FPM配置安装成功



STEP9. 安装mysql5.5
1. 安装mysql5.5

[plain] view plaincopyprint?

  • yum --enablerepo=remi,remi-test install mysql mysql-server

yum --enablerepo=remi,remi-test install mysql mysql-server
2. 启动mysql并配置mysql自启动

[plain] view plaincopyprint?

  • /etc/init.d/mysqld start
  • ## OR ##
  • service mysqld start
  • chkconfig --levels 235 mysqld on

/etc/init.d/mysqld start ## OR ##service mysqld start chkconfig --levels 235 mysqld on
3. 进行mysql 初始安全设置

  • 设置(修改)root密码
  • 删除匿名用户
  • 禁用root远程登录
  • 删除测试数据库test
  • 重载权限表
要启用MySQL 安全设置请输入以下命令
[plain] view plaincopyprint?

  • /usr/bin/mysql_secure_installation

/usr/bin/mysql_secure_installation
输出
[plain] view plaincopyprint?

  • NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
  •       SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
  • In order to log into MySQL to secure it, we\'ll need the current
  • password for the root user.  If you\'ve just installed MySQL, and
  • you haven\'t set the root password yet, the password will be blank,
  • so you should just press enter here.
  • Enter current password for root (enter for none):
  • OK, successfully used password, moving on...
  • Setting the root password ensures that nobody can log into the MySQL
  • root user without the proper authorisation.
  • Set root password? [Y/n] Y
  • New password:
  • Re-enter new password:
  • Password updated successfully!
  • Reloading privilege tables..
  • ... Success!
  • By default, a MySQL installation has an anonymous user, allowing anyone
  • to log into MySQL without having to have a user account created for
  • them.  This is intended only for testing, and to make the installation
  • go a bit smoother.  You should remove them before moving into a
  • production environment.
  • Remove anonymous users? [Y/n] Y
  • ... Success!
  • Normally, root should only be allowed to connect from 'localhost'.  This
  • ensures that someone cannot guess at the root password from the network.
  • Disallow root login remotely? [Y/n] Y
  • ... Success!
  • By default, MySQL comes with a database named 'test' that anyone can
  • access.  This is also intended only for testing, and should be removed
  • before moving into a production environment.
  • Remove test database and access to it? [Y/n] Y
  • - Dropping test database...
  • ... Success!
  • - Removing privileges on test database...
  • ... Success!
  • Reloading the privilege tables will ensure that all changes made so far
  • will take effect immediately.
  • Reload privilege tables now? [Y/n] Y
  • ... Success!
  • Cleaning up...
  • All done!  If you\'ve completed all of the above steps, your MySQL
  • installation should now be secure.
  • Thanks for using MySQL!

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!  In order to log into MySQL to secure it, we\'ll need the currentpassword for the root user.  If you\'ve just installed MySQL, andyou haven\'t set the root password yet, the password will be blank,so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MySQLroot user without the proper authorisation. Set root password? [Y/n] YNew password: Re-enter new password: Password updated successfully!Reloading privilege tables.. ... Success!  By default, a MySQL installation has an anonymous user, allowing anyoneto log into MySQL without having to have a user account created forthem.  This is intended only for testing, and to make the installationgo a bit smoother.  You should remove them before moving into aproduction environment. Remove anonymous users? [Y/n] Y ... Success! Normally, root should only be allowed to connect from 'localhost'.  Thisensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MySQL comes with a database named 'test' that anyone canaccess.  This is also intended only for testing, and should be removedbefore moving into a production environment. Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so farwill take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up...   All done!  If you\'ve completed all of the above steps, your MySQLinstallation should now be secure. Thanks for using MySQL!



【注】:如果您不想启动MySQL 安全设置命令,但至少也得修改一下root用户密码

[plain] view plaincopyprint?

  • mysqladmin -u root password [your_password_here]
  • ## 示例##
  • mysqladmin -u root password myownsecrectpass

mysqladmin -u root password [your_password_here]## 示例##mysqladmin -u root password myownsecrectpass

4. 配置防火墙开启3306端口 修改/etc/sysconfig/iptables 文件:
[plain] view plaincopyprint?

  • vi /etc/sysconfig/iptables

vi /etc/sysconfig/iptables2. 在COMMIT之前加入以下内容:
[plain] view plaincopyprint?

  • -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT3. 重启Iptables:
[plain] view plaincopyprint?

  • service iptables restart
  • ## OR ##
  • /etc/init.d/iptables restart

service iptables restart## OR ##/etc/init.d/iptables restart

至此我们的LEMP(或LNMP)高性能的WEB服务器搭建完成

更多资料可参考

1. Nginx&PHP-FPM安装请参考
在CentOS/RHEL6.2/5.8,Fedora17/16上安装Nginx/PHP-FPM环境

2. Mysql5.5安装请参考
使用YUM安装MySQL 5.5(适用于CentOS6.2/5.8及Fedora 17/16平台)

********************************************

* 作者:叶文涛

* 本文链接:
LEMP(或LNMP)高性能的WEB服务器在CentOS6.2/5.8下的Yum搭建流程



您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

手机版|小黑屋|Discuz! 官方站 ( 皖ICP备16010102号 )star

GMT+8, 2024-12-23 12:13 , Processed in 0.024025 second(s), 4 queries , Gzip On, Redis On.

Powered by Discuz! X3.4

Copyright © 2001-2023, Tencent Cloud.

快速回复 返回顶部 返回列表