本文原创自点点点细雨的CSDN博客,谢绝转载
前言
好久没有写博客了,真是不好,感觉接触的东西越来越多,如果不记录下来的话,就会慢慢忘记。因为业务需要,apache的负载能力已经不能满足现在的需求了,所以决定采用nginx作为服务器,承载更多的接口访问。
准备工作
centos6.5的虚拟机一台,重新装的系统,没有别的东西
Nginx
更新源
因为yum自己不支持nginx,所以需要自己更新一下。
[root@localhost ~]# rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
Retrieving http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
warning: /var/tmp/rpm-tmp.piHjNP: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing... ########################################### [100%]
1:nginx-release-centos ########################################### [100%]
[root@localhost ~]# yum info nginx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cug.edu.cn
* extras: mirrors.cug.edu.cn
* updates: mirrors.cug.edu.cn
nginx | 2.9 kB 00:00
nginx/primary_db | 34 kB 00:00
Available Packages
Name : nginx
Arch : x86_64
Version : 1.6.2
Release : 1.el6.ngx
Size : 336 k
Repo : nginx
Summary : High performance web server
URL : http://nginx.org/
License : 2-clause BSD-like license
Description : nginx [engine x] is an HTTP and reverse proxy server, as well as
: a mail proxy server.
安装nginx
[root@localhost ~]# yum install nginx Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.cug.edu.cn * extras: mirrors.cug.edu.cn * updates: mirrors.cug.edu.cn Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package nginx.x86_64 0:1.6.2-1.el6.ngx will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: nginx x86_64 1.6.2-1.el6.ngx nginx 336 k Transaction Summary ================================================================================ Install 1 Package(s) Total download size: 336 k Installed size: 828 k Is this ok [y/N]: y Downloading Packages: nginx-1.6.2-1.el6.ngx.x86_64.rpm | 336 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Warning: RPMDB altered outside of yum. Installing : nginx-1.6.2-1.el6.ngx.x86_64 1/1 ---------------------------------------------------------------------- Thanks for using nginx! Please find the official documentation for nginx here: * http://nginx.org/en/docs/ Commercial subscriptions for nginx are available on: * http://nginx.com/products/ ---------------------------------------------------------------------- Verifying : nginx-1.6.2-1.el6.ngx.x86_64 1/1 Installed: nginx.x86_64 0:1.6.2-1.el6.ngx Complete!
设置nginx开机启动并且启动服务
[root@localhost ~]# chkconfig nginx on [root@localhost ~]# service nginx start 正在启动 nginx: [确定]
试了一下,没有成功,才想起来,没有配置防火墙,所以,先停止防火墙,再重启nginx
[root@localhost ~]# service iptables stop iptables:将链设置为政策 ACCEPT:filter [确定] iptables:清除防火墙规则: [确定] iptables:正在卸载模块: [确定] [root@localhost ~]# service nginx start [root@localhost ~]# service nginx restart 停止 nginx: [确定] 正在启动 nginx: [确定]
Nginx安装成功!
安装MySQL
直接安装MySQL的客户端和服务器
[root@localhost ~]# yum install mysql mysql-server
启动服务
[root@localhost ~]# service mysqld start
初始化 MySQL 数据库: Installing MySQL system tables...
OK
Filling help tables...
OK
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h localhost.localdomain password 'new-password'
Alternatively you can run:
/usr/bin/mysql_secure_installation
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &
You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl
Please report any problems with the /usr/bin/mysqlbug script!
[确定]
正在启动 mysqld: [确定]
设置开机启动mysql,备份配置文件
[root@localhost ~]# chkconfig mysqld on [root@localhost ~]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf cp:是否覆盖"/etc/my.cnf"? y
设置root用户的密码
[root@localhost ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
重启mysql
[root@localhost ~]# service mysqld restart 停止 mysqld: [确定] 正在启动 mysqld: [确定]
安装PHP
安装php和php-fpm
Nginx作为服务器本身并不能支持php,我们需要一个叫php-fpm的来让nginx支持php解析。
[root@localhost ~]# yum install php php-fpm
安装php扩展
[root@localhost ~]# yum install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt
貌似有几个扩展没有安装上,请注意!
Setting up Install Process No package php-mcrypt available. No package php-mhash available. No package libmcrypt available.
开机启动php-fpm,启动php-fpm
[root@localhost ~]# chkconfig php-fpm on [root@localhost ~]# service php-fpm start 正在启动 php-fpm: [确定]
环境配置
nginx支持php
备份配置文件
[root@localhost ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbak
[root@localhost ~]# vi /etc/nginx/nginx.conf
修改user那一行,变成
user nginx nginx;
备份配置文件,编辑
[root@localhost ~]# cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.confbak [root@localhost ~]# vi /etc/nginx/conf.d/default.conf
简单修改之后的配置文件
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
重启Nginx
修改PHP配置
[root@localhost ~]# vi /etc/php.ini
date.timezone = PRC #在946行 把前面的分号去掉,改为date.timezone = PRC disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,ope nlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdns rr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname #在386行 列出PHP可以禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用。 expose_php = Off #在432行 禁止显示php版本的信息 magic_quotes_gpc = On #在745行 打开magic_quotes_gpc来防止SQL注入 short_open_tag = ON #在229行支持php短标签 open_basedir = .:/tmp/ #在380行 设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,可以防止php木马跨站,如果改了之后安装程序有问题(例如:织梦内容管理系统),可以注销此行,或者直接写上程序的目录/data/www.osyunwei.com/:/tmp/
保存
修改php-fpm配置
备份配置文件,进行修改
[root@localhost ~]# cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.confbak [root@localhost ~]# vi /etc/php-fpm.d/www.conf
; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache Choosed to be able to access some dir as httpd user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx
测试
在nginx所在的目录写入测试文件,设置权限,并且重启nginx和php-prm
[root@localhost html]# vi info.php
[root@localhost html]# chown nginx.nginx /usr/share/nginx/html -R
[root@localhost html]# service nginx restart
停止 nginx: [确定]
正在启动 nginx: [确定]
[root@localhost html]# service php-fpm restart
停止 php-fpm: [确定]
正在启动 php-fpm:[27-Dec-2014 13:11:21] NOTICE: PHP message: PHP Warning: Directive 'magic_quotes_gpc' is deprecated in PHP 5.3 and greater in Unknown on line 0
[确定]
出现了问题,访问php文件出现了
File not found.
解决问题
配置文件错误,下面是调试成功的配置文件
[root@localhost html]# vi /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /usr/share/nginx/html;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
# include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
配置完成
后记
完成基本的配置工作之后,还有一些问题要考虑。
- 虚拟机的配置
- url重写
- php扩展的安装
- 和负载均衡的搭配问题
