基于PHP的运行环境大家用的比较多的是以apache做中间件的LAMP(linux+apache+mysql+php)环境和以nginx做中间件的LNMP(linux+nginx+mysql+php)环境,apache是世界排名第一的web服务器,apache可以整合大多数应用,比如jsp,php,cgi,python等等,但是apache过于臃肿以及对静态文件响应过于缓慢是让人很不满意的;而nginx作为后起之秀,大有超越前辈的势头,从最近很多门户网站选用nginx就可见一斑,nginx速度快,占用资源少,高性能转发,很高的稳定性,支持热部署,杀手级的proxy和rewrite,但nginx对于php处理依托于fastcgi,fastcgi不够稳定,经常出现502错误,生成相对复杂的页面没有优势,反而会使php-cgi进程变为僵尸进程,多用户多站点的安全性不高,对于其它开发语言的整合,apache表现的更好;综上述对比,为了搭建高性能的php运行环境,就要考虑对apache、nginx进行整合,各取所长,nginx在处理静态内容上的效率较apache强很大,那么就用nginx在前端处理静态文件,把基于php的动态文件转发到后端的apache来处理,接下来我们就开始布署LNAMP(linux+nginx+apache+mysql+php)环境
一、网络拓扑:
lvs-master: 192.168.9.221
LVS-backup: 192.168.9.222 LVS-VIP: 192.168.9.220web_server_1: 192.168.9.223
web_server_2: 192.168.9.224 nfs_server_1: 192.168.9.228 nfs_server_1: 192.168.9.229 nfs_vip: 192.168.9.230 mysql_master: 192.168.9.226 mysql_backup: 192.168.9.227 mysql_vip: 192.168.9.225目的:搭建高可用、高性能的php集群
二、初始化系统
#init system 系统环境: CentOS 5.5 (最小化安装)./init_system.sh #此脚本参见
#更新组件
sudo -s LANG=C yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg \ libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 \ glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap \ openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel bison三、LVS+keeplived
#关于LVS+keeplived的配置请参考我的另一篇博文《CentOS5.5环境下布署LVS+keepalived 》四、web_server安装配置(nginx、apache整合)
#download software cd /opt wget wget wget wget wget #rpaf模块,该模块用于apache做后端时获取访客真实的IP wget #字符转换库libiconv wget wget wget wget wget #php5-mail-header.patch为php被丁,有助于防止邮件发送被滥用 wget #PHP的memcache扩展 wget #eaccelerator加速 wget wget ftp://ftp.p_w_picpathmagick.org/pub/ImageMagick/ImageMagick.tar.bz2 #PHP的imagick扩展 wget #Suhosin是一个PHP程序的保护系统 wget wget wget #32位 wget #64位 wget wget wget #PHP的PDO扩展 wget #Tcmalloc 优化nginx、mysql wget#---------------------------- 使用cmake编译安装mysql ----------------------------------
#使用Tcmalloc 优化nginx、mysql cd /opt tar -zxvf google-perftools-1.7.tar.gz cd google-perftools-1.7/ ./configure make;make installecho "/usr/local/lib" > /etc/ld.so.conf.d/usr_local_lib.conf
/sbin/ldconfig cd ../tar -zxvf cmake-2.8.4.tar.gz
cd cmake-2.8.4 ./bootstrap gmake gmake install cd ..//usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql -s /sbin/nologin mkdir -p /data/mysql/data mkdir -p /data/mysql/binlog mkdir -p /data/mysql/relaylog mkdir -p /data/mysql/mysql chown -R mysql:mysql /data/mysql cd /opt tar zxvf mysql-5.5.13.tar.gz cd mysql-5.5.13/ rm -rf CMakeCache.txt cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \ -DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \ -DDEFAULT_CHARSET=utf8 \ -DDEFAULT_COLLATION=utf8_general_ci \ -DEXTRA_CHARSETS=all \ -DWITH_MYISAM_STORAGE_ENGINE=1 \ -DWITH_INNOBASE_STORAGE_ENGINE=1 \ -DWITH_READLINE=1 \ -DENABLED_LOCAL_INFILE=1 \ -DMYSQL_DATADIR=/data/mysql/data \ -DMYSQL_TCP_PORT=3306 make;make install chmod +w /usr/local/mysql chown -R mysql:mysql /usr/local/mysql ln -s /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib/libmysqlclient.so.18#编辑mysql配置文件
vi /etc/my.cnf- [client]
- port = 3306
- socket = /data/mysql/mysql.sock
- [mysqld]
- character_set_server = utf8
- collation-server = utf8_general_ci
- replicate-ignore-db = mysql
- replicate-ignore-db = test
- replicate-ignore-db = information_schema
- user = mysql
- port = 3306
- socket = /data/mysql/mysql.sock
- basedir = /usr/local/mysql
- datadir = /data/mysql/data
- log-error = /data/mysql/mysql_error.log
- pid-file = /data/mysql/mysql.pid
- open_files_limit = 10240
- back_log = 600
- max_connections = 5000
- max_connect_errors = 6000
- table_cache = 512
- external-locking = FALSE
- max_allowed_packet = 32M
- sort_buffer_size = 6M
- join_buffer_size = 8M
- thread_cache_size = 300
- thread_concurrency = 8
- query_cache_size = 512M
- query_cache_limit = 2M
- query_cache_min_res_unit = 2k
- default-storage-engine = MyISAM
- thread_stack = 256K
- transaction_isolation = READ-COMMITTED
- tmp_table_size = 256M
- max_heap_table_size = 256M
- long_query_time = 3
- log-slave-updates
- log-bin = /data/mysql/binlog/binlog
- binlog_cache_size = 4M
- binlog_format = MIXED
- max_binlog_cache_size = 8M
- max_binlog_size = 100M
- relay-log-index = /data/mysql/relaylog/relaylog
- relay-log-info-file = /data/mysql/relaylog/relaylog
- relay-log = /data/mysql/relaylog/relaylog
- expire_logs_days = 30
- key_buffer_size = 384M
- read_buffer_size = 4M
- read_rnd_buffer_size = 16M
- bulk_insert_buffer_size = 64M
- myisam_sort_buffer_size = 128M
- myisam_max_sort_file_size = 10G
- myisam_repair_threads = 1
- myisam_recover
- interactive_timeout = 120
- wait_timeout = 120
- skip_external_locking
- skip-name-resolve
- #master-connect-retry = 10
- slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
- #master-host = 192.168.1.2
- #master-user = username
- #master-password = password
- #master-port = 3306
- server-id = 1
- skip-innodb
- #log-slow-queries = /data/mysql/slow.log
- #long_query_time = 10
- [mysqldump]
- quick
- max_allowed_packet = 32M
#初始化mysql
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --user=mysql#利用TCMalloc提高mysql在高并发下的性能
vi /usr/local/mysql/bin/mysqld_safe#在# executing mysqld_safe的下一行,加上:
export LD_PRELOAD=/usr/local/lib/libtcmalloc.so#使用lsof命令查看tcmalloc是否起效
/usr/sbin/lsof -n | grep tcmalloc#设置mysql启动文件
cp support-files/mysql.server /etc/rc.d/init.d/mysqld vi /etc/rc.d/init.d/mysqld basedir=/usr/local/mysql datadir=/data/mysql/datachmod 700 /etc/rc.d/init.d/mysqld
/etc/rc.d/init.d/mysqld start /sbin/chkconfig --add mysqld /sbin/chkconfig --level 2345 mysqld on ln -s /usr/local/mysql/bin/mysql /sbin/mysql ln -s /usr/local/mysql/bin/mysqladmin /sbin/mysqladmin#设置root密码(753951)
/sbin/mysqladmin -u root password 753951#配置库文件搜索路径
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf /sbin/ldconfig#添加/usr/local/mysql/bin到环境变量PATH中
export PATH=$PATH:/usr/local/mysql/bin#添加mysql管理帐户
#mysql -h localhost -u root -p753951 #msqyl> use mysql; #msqyl> grant all on *.* to identified by '852741'; #msqyl> flush privileges; #msqyl> exit;#----------------------------------- 编译安装apache -------------------------------------
/usr/sbin/groupadd www /usr/sbin/useradd -g www www -s /sbin/nologin mkdir -p /data/www/kerry mkdir -p /data/logs/kerry mkdir -p /data/www/king mkdir -p /data/logs/king chown -R www:www /data/www chown -R www:www /data/logs cd /opt tar -zxvf httpd-2.2.19.tar.gz cd httpd-2.2.19 cd srclib/apr ./configure --prefix=/usr/local/apr --enable-threads --enable-other-child --enable-static make;make install cd ../apr-util ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr make;make install cd ../../ ./configure --prefix=/usr/local/apache \ --enable-deflate \ --enable-headers \ --enable-mime-magic \ --enable-proxy \ --enable-ssl \ --enable-so \ --enable-rewrite \ --enable-suexec \ --with-suexec-bin=/usr/sbin/suexec \ --with-suexec-caller=www \ --with-apr=/usr/local/apr \ --with-apr-util=/usr/local/apr-util \ --with-mpm=prefork \ --with-ssl=/usr make;make installcp /usr/local/apache/bin/apachectl /etc/init.d/httpd
vi /etc/init.d/httpd #在首行#!/bin/sh下添加 # Startup script for the Apache Web Server # # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve \ # HTML files and CGI. # processname: httpd # pidfile: /usr/local/apache/logs/httpd.pid # config: /usr/local/apache/conf/httpd.conf#修改apache配置文件
cd /usr/local/apache/conf/ mv httpd.conf httpd.conf.bakvi httpd.conf
- PidFile logs/httpd.pid
- LockFile logs/accept.lock
- ServerRoot "/usr/local/apache"
- Listen 0.0.0.0:81
- User www
- Group www
- ServerAdmin king_819@163.com
- ServerName www.kerry.com
- Timeout 300
- KeepAlive Off
- MaxKeepAliveRequests 100
- KeepAliveTimeout 5
- UseCanonicalName Off
- AccessFileName .htaccess
- TraceEnable Off
- ServerTokens ProductOnly
- FileETag None
- ServerSignature Off
- HostnameLookups Off
- # LoadModule perl_module modules/mod_perl.so
- DocumentRoot "/usr/local/apache/htdocs"
- <Directory "/">
- Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
- Order allow,deny
- Allow from all
- AllowOverride All
- </Directory>
- <Directory "/usr/local/apache/htdocs">
- Options Includes -Indexes FollowSymLinks
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
- DefaultType text/plain
- RewriteEngine on
- AddType text/html .shtml
- AddHandler cgi-script .cgi .pl .plx .ppl .perl
- AddHandler server-parsed .shtml
- <IfModule mime_module>
- TypesConfig conf/mime.types
- AddType application/perl .pl .plx .ppl .perl
- AddType application/x-img .img
- AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
- AddType application/x-httpd-php-source .phps
- AddType application/cgi .cgi
- AddType text/x-sql .sql
- AddType text/x-log .log
- AddType text/x-config .cnf conf
- AddType text/x-registry .reg
- AddType application/x-compress .Z
- AddType application/x-gzip .gz .tgz
- AddType text/html .shtml
- AddType application/x-tar .tgz
- AddType application/rar .rar
- AddType application/x-compressed .rar
- AddType application/x-rar .rar
- AddType application/x-rar-compressed .rar
- AddType text/vnd.wap.wml .wml
- AddType p_w_picpath/vnd.wap.wbmp .wbmp
- AddType text/vnd.wap.wmlscript .wmls
- AddType application/vnd.wap.wmlc .wmlc
- AddType application/vnd.wap.wmlscriptc .wmlsc
- </IfModule>
- <IfModule dir_module>
- DirectoryIndex index.html index.htm index.shtml index.php
- </IfModule>
- <Files ~ "^error_log$">
- Order allow,deny
- Deny from all
- Satisfy All
- </Files>
- <FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
- Satisfy All
- </FilesMatch>
- ErrorLog "logs/error_log"
- LogLevel warn
- <IfModule log_config_module>
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
- <IfModule logio_module>
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
- </IfModule>
- CustomLog "logs/access_log" common
- </IfModule>
- <IfModule alias_module>
- ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
- </IfModule>
- <Directory "/usr/local/apache/cgi-bin">
- AllowOverride None
- Options None
- Order allow,deny
- Allow from all
- </Directory>
- <IfModule mpm_prefork_module>
- StartServers 3
- MinSpareServers 3
- MaxSpareServers 5
- MaxClients 150
- MaxRequestsPerChild 1024
- </IfModule>
- <IfModule mod_headers.c>
- <FilesMatch "\.(html|htm|shtml)$">
- Header set Cache-Control "max-age=3600, must-revalidate"
- </FilesMatch>
- </IfModule>
- ReadmeName README.html
- HeaderName HEADER.html
- IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
- Include conf/extra/httpd-languages.conf
- <Location /server-status>
- SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- </Location>
- ExtendedStatus On
- <Location /server-info>
- SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- </Location>
- <IfModule ssl_module>
- Listen 0.0.0.0:443
- AddType application/x-x509-ca-cert .crt
- AddType application/x-pkcs7-crl .crl
- SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
- SSLPassPhraseDialog builtin
- SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
- SSLSessionCacheTimeout 300
- SSLMutex file:/usr/local/apache/logs/ssl_mutex
- SSLRandomSeed startup builtin
- SSLRandomSeed connect builtin
- </IfModule>
- #Vhosts
- NameVirtualHost 127.0.0.1:81
- <VirtualHost 127.0.0.1:81>
- ServerAdmin king_819@163.com
- DocumentRoot /data/www/kerry
- ServerName www.kerry.com
- ErrorLog logs/kerry-error_log
- CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/kerry/%y_%m_%d.access_log 86400" common
- </VirtualHost>
- <VirtualHost 127.0.0.1:81>
- ServerAdmin king_819@163.com
- DocumentRoot /data/www/king
- ServerName www.king.com
- ErrorLog logs/king-error_log
- CustomLog "|/usr/local/apache/bin/rotatelogs /data/logs/king/%y_%m_%d.access_log 86400" common
- </VirtualHost>
chmod 700 /etc/init.d/httpd
/etc/init.d/httpd start /sbin/chkconfig --add httpd /sbin/chkconfig --level 2345 httpd on#------------------------------------- 编译安装PHP -------------------------------------
#编译安装相关支持库 cd /opt tar -zxvf libiconv-1.13.1.tar.gz cd libiconv-1.13.1/ ./configure make;make installcd /opt
tar -jxvf libmcrypt-2.5.8.tar.bz2 cd libmcrypt-2.5.8/ ./configure make;make install /sbin/ldconfigcd libltdl/
./configure --enable-ltdl-install make;make installcd /opt
tar -jxvf mhash-0.9.9.9.tar.bz2 cd mhash-0.9.9.9/ ./configure make;make install ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1cd /opt
tar -zxvf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8/ /sbin/ldconfig ./configure make;make install#编译php,这里我们为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.补丁介绍信息请点击:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/
cd /opt
tar -jxvf php-5.2.17.tar.gz patch -d php-5.2.17 -p1 < php5-mail-header.patch cd php-5.2.17 ./configure --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --with-apxs2=/usr/local/apache/bin/apxs \ --with-mysql=/usr/local/mysql \ --with-mysqli=/usr/local/mysql/bin/mysql_config \ --with-iconv-dir=/usr/local \ --with-freetype-dir \ --with-jpeg-dir \ --with-png-dir \ --with-zlib \ --with-libxml-dir=/usr \ --enable-xml \ --disable-rpath \ --enable-discard-path \ --enable-safe-mode \ --enable-bcmath \ --enable-shmop \ --enable-sysvsem \ --enable-inline-optimization \ --with-curl \ --with-curlwrappers \ --enable-mbregex \ --enable-force-cgi-redirect \ --enable-mbstring \ --with-mcrypt \ --with-gd \ --enable-gd-native-ttf \ --with-openssl \ --with-mhash \ --enable-pcntl \ --enable-sockets \ --with-ldap \ --with-ldap-sasl \ --with-xmlrpc \ -enable-zip \ --enable-soapmake ZEND_EXTRA_LIBS='-liconv'
make install cp php.ini-dist /usr/local/php/etc/php.ini#安装php扩展模块
cd /opt tar -zxvf memcache-2.2.6.tgz cd memcache-2.2.6/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-zlib-dir --enable-memcache make;make installcd /opt
tar -jxvf eaccelerator-0.9.6.1.tar.bz2 cd eaccelerator-0.9.6.1/ /usr/local/php/bin/phpize ./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config make;make installcd /opt
tar -zxvf PDO_MYSQL-1.0.2.tgz cd PDO_MYSQL-1.0.2/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql make;make installcd /opt
tar -jxvf ImageMagick.tar.bz2 cd ImageMagick-6.6.9-8 ./configure make;make installcd /opt
tar -zxf imagick-3.0.1.tgz cd imagick-3.0.1/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make;make installcd /opt
tar -zxf suhosin-0.9.32.1.tgz cd suhosin-0.9.32.1 /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php/bin/php-config make;make installcd /opt
tar -jxf ioncube_loaders_lin_x86.tar.bz2 cd ioncube mkdir /usr/local/ioncube mv ioncube_loader_lin_5.2.so /usr/local/ioncube/cd /opt
tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17 cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so#修改php.ini.
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "suhosin.so"\nextension = "imagick.so"\n#' /usr/local/php/etc/php.ini sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/php/etc/php.ini sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/php/etc/php.ini sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/php/etc/php.ini#配置eAccelerator加速PHP
mkdir -p /data/eaccelerator_cache chmod -R 777 /data/eaccelerator_cache cat >>/usr/local/php/etc/php.ini<<EOF [eaccelerator] zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so" zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.17/ZendOptimizer.so" zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so" eaccelerator.shm_size="64" eaccelerator.cache_dir="/data/eaccelerator_cache" eaccelerator.enable="1" eaccelerator.optimizer="1" eaccelerator.check_mtime="1" eaccelerator.debug="0" eaccelerator.filter="" eaccelerator.shm_max="0" eaccelerator.shm_ttl="3600" eaccelerator.shm_prune_period="3600" eaccelerator.shm_only="0" eaccelerator.compress="1" eaccelerator.compress_level="9" eaccelerator.keys = shm eaccelerator.sessions = shm eaccelerator.content = shm EOF#安装Memcached(可选)
cd /opt tar -xzf libevent-2.0.11-stable.tar.gz cd libevent-2.0.11-stable ./configure make;make install ln -s /usr/local/lib/libevent-1.4.so.2 /usr/libcd /opt
tar -xzf memcached-1.4.5.tar.gz cd memcached-1.4.5 ./configure --prefix=/usr/local/memcached --with-libevent=/usr make;make install#基本使用方法:
启动: /usr/local/memcached/bin/memcached -d -m 64 -p 11211 -u www -l localhost 关闭: killall -9 memcached#---------------------------------- 安装配置nginx ----------------------------------------
#安装pcre /opt tar -jxvf pcre-8.12.tar.gz cd pcre-8.12/ ./configure make;make install#安装nginx
cd /opt tar -zxvf nginx-1.0.4.tar.gz cd nginx-1.0.4/ ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module --with-google_perftools_module make;make install cd ../#添加nginx启动脚本
vi /etc/init.d/nginx- #! /bin/sh
- ulimit -n 65535
- # Description: Startup script for nginx
- # chkconfig: 2345 55 25
- PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
- DESC="nginx daemon"
- NAME=nginx
- DAEMON=/usr/local/nginx/sbin/$NAME
- CONFIGFILE=/usr/local/nginx/conf/nginx.conf
- PIDFILE=/usr/local/nginx/logs/$NAME.pid
- SCRIPTNAME=/etc/init.d/$NAME
- set -e
- [ -x "$DAEMON" ] || exit 0
- do_start() {
- $DAEMON -c $CONFIGFILE || echo -n "nginx already running"
- }
- do_stop() {
- kill -QUIT `cat $PIDFILE` || echo -n "nginx not running"
- }
- do_reload() {
- kill -HUP `cat $PIDFILE` || echo -n "nginx can't reload"
- }
- case "$1" in
- start)
- echo -n "Starting $DESC: $NAME"
- do_start
- echo "."
- /etc/init.d/httpd start
- ;;
- stop)
- echo -n "Stopping $DESC: $NAME"
- do_stop
- echo "."
- /etc/init.d/httpd stop
- ;;
- reload)
- echo -n "Reloading $DESC configuration..."
- do_reload
- echo "."
- /etc/init.d/httpd restart
- ;;
- restart)
- echo -n "Restarting $DESC: $NAME"
- do_stop
- sleep 1
- do_start
- echo "."
- /etc/init.d/httpd restart
- ;;
- *)
- echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
- exit 3
- ;;
- esac
- exit 0
#添加nginx配置文件
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak vi /usr/local/nginx/conf/nginx.conf- user www www;
- worker_processes 8;
- error_log /usr/local/nginx/logs/nginx_error.log crit;
- pid /usr/local/nginx/nginx.pid;
- #使用Tcmalloc优化nginx性能
- google_perftools_profiles /var/tmp/tcmalloc;
- #Specifies the value for maximum file descriptors that can be opened by this process.
- worker_rlimit_nofile 65535;
- #工作模式及连接数上限
- events
- {
- use epoll;
- worker_connections 65535;
- }
- #设定http服务器,利用它的反向代理功能提供负载均衡支持
- http
- {
- #设定mime类型
- include mime.types;
- default_type application/octet-stream;
- #charset gb2312;
- #设定请求缓冲
- server_names_hash_bucket_size 128;
- client_header_buffer_size 32k;
- large_client_header_buffers 4 32k;
- client_max_body_size 30m;
- sendfile on;
- tcp_nopush on;
- keepalive_timeout 60;
- tcp_nodelay on;
- server_tokens off;
- client_body_buffer_size 512k;
- proxy_connect_timeout 5;
- proxy_send_timeout 60;
- proxy_read_timeout 5;
- proxy_buffer_size 16k;
- proxy_buffers 4 64k;
- proxy_busy_buffers_size 128k;
- proxy_temp_file_write_size 128k;
- # fastcgi_connect_timeout 300;
- # fastcgi_send_timeout 300;
- # fastcgi_read_timeout 300;
- # fastcgi_buffer_size 64k;
- # fastcgi_buffers 4 64k;
- # fastcgi_busy_buffers_size 128k;
- # fastcgi_temp_file_write_size 128k;
- gzip on;
- gzip_min_length 1k;
- gzip_buffers 4 16k;
- gzip_http_version 1.1;
- gzip_comp_level 2;
- gzip_types text/plain application/x-javascript text/css application/xml;
- gzip_vary on;
- #limit_zone crawler $binary_remote_addr 10m;
- ###禁止通过ip访问站点
- server{
- server_name _;
- return 404;
- }
- server
- {
- listen 80;
- server_name www.kerry.com;
- index index.html index.htm index.php;#设定访问的默认首页地址
- root /data/www/kerry;#设定网站的资源存放路径
- #limit_conn crawler 20;
- if (-d $request_filename)
- {
- rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
- }
- #所有php的页面均交由apache处理
- location ~ \.(php)?$ {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_pass ;#转向apache处理
- }
- location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
- {
- expires 30d;
- }
- location ~ .*\.(js|css)?$
- {
- expires 1h;
- }
- #定义访问日志的写入格式
- log_format wwwlog '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" $http_x_forwarded_for';
- access_log /data/logs/kerry/kerry_nginx.log wwwlog;#设定访问日志的存放路径
- }
- server
- {
- listen 80;
- server_name www.king.com;
- index index.html index.htm index.php;#设定访问的默认首页地址
- root /data/www/king;#设定网站的资源存放路径
- #limit_conn crawler 20;
- if (-d $request_filename)
- {
- rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
- }
- #所有php的页面均交由apache处理
- location ~ \.(php)?$ {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_pass ;#转向apache处理
- }
- location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ #设定访问静态文件直接读取不经过apache
- {
- expires 30d;
- }
- location ~ .*\.(js|css)?$
- {
- expires 1h;
- }
- #定义访问日志的写入格式
- log_format bbslog '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" $http_x_forwarded_for';
- access_log /data/logs/king/king_nginx.log bbslog;#设定访问日志的存放路径
- }
- server
- {
- listen 80;
- server_name status.www.kerry.com;
- location / {
- stub_status on;
- access_log off;
- }
- }
- }
#将nginx添加到启动服务中
chmod 700 /etc/init.d/nginx /etc/init.d/nginx start /sbin/chkconfig --add nginx /sbin/chkconfig --level 2345 nginx on#每天定时切割Nginx日志
vi /usr/local/nginx/sbin/cut_nginx_log.sh- #!/bin/bash
- # This script run at 00:00
- # The Nginx logs path
- logs_path_kerry="/data/logs/kerry/"
- logs_path_kerry="/data/logs/king/"
- mv ${logs_path_kerry}kerry_nginx.log ${logs_path_kerry}$kerry_nginx_$(date -d "yesterday" +"%Y%m%d").log
- mv ${logs_path_king}king_nginx.log ${logs_path_king}king_nginx_$(date -d "yesterday" +"%Y%m%d").log
- kill -USR1 `cat /usr/local/nginx/nginx.pid`
chmod +x /usr/local/nginx/sbin/cut_nginx_log.sh
#添加计划任务,每天凌晨00:00切割nginx访问日志 crontab -e 00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh#为apache安装rpaf模块,该模块用于apache做后端时获取访客真实的IP
#使用apxs安装模块.这里要使用此前apache编译安装后的apxs cd /opt tar -zxf mod_rpaf-0.6.tar.gz cd mod_rpaf-0.6 /usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c#编辑/usr/local/apache/conf/httpd.conf,添加模块参数,查找LoadModule php5_module modules/libphp5.so,在下方添加:
LoadModule rpaf_module modules/mod_rpaf-2.0.so
#Mod_rpaf settings RPAFenable On #上面出现的192.168.9.9请修改为你本机所监听web服务的ip.多个IP用空格空开 RPAFproxy_ips 127.0.0.1 192.168.9.9 RPAFsethostname On RPAFheader X-Forwarded-For