基于CentOS 5.5 搭建nginx +php +php-fpm+mysql高性能php平台

作者:Coralzd
博客:www.freebsdsystem.org
论坛:bbs.linuxtone.org(IT运维专家网)
欢迎转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本声明.

一、安装准备
1.1 平台环境

CentOS 5.5 i686 GNU/Linux
Nginx 0.8.38
PHP 5.3.2
PHP-FPM 0.6.5
MYSQL 5.5.3 M3

1.2 系统安装及分区
1.2.1操作系统安装
安装过程中选择最少的包,采用文本模式安装,不安装图形。
1.2.3系统分区
/boot  100M    (大约100左右)
SWAP  4G      物理内存的2倍(如果你的物理内存大于4G,分配4G即可)
/       50G
/data             剩余所有空间.
注:具体分区请根据相关业务划分
1.2.4系统软件包安装规范
系统约定:
软件源代码包存放位置             /usr/local/src
源码包编译安装位置(prefix)     /usr/local/software_name
脚本以及维护程序存放位置       /usr/local/sbin
MySQL 数据库位置                /data/mysql/data(可按情况设置)
网站根目录                          /data/www/wwwroot(可按情况设置)
虚拟主机日志根目录               /data/logs(可按情况设置)
Nginx运行账户                     www:www
install_software_name.sh     //存放编译参数脚本习
惯将所有编译脚本存放在install_software_name.sh便于升级和更新软件.

1.3.系统初始化
#vi init_network.sh

#welcome
cat << EOF
+————————————————————–+
|         === Welcome to Centos System init ===                |
+————————————————————–+
+———————-Author:NetSeek————————–+
EOF
#disable ipv6
cat << EOF
+————————————————————–+
|         === Welcome to Disable IPV6 ===                      |
+————————————————————–+
EOF
echo “alias net-pf-10 off” >> /etc/modprobe.conf
echo “alias ipv6 off” >> /etc/modprobe.conf
/sbin/chkconfig –level 35 ip6tables off
echo “ipv6 is disabled!”
#disable selinux
sed -i ‘/SELINUX/s/enforcing/disabled/’ /etc/selinux/config
echo “selinux is disabled,you must reboot!”
#vim
sed -i “8 s/^/alias vi=’vim’/” /root/.bashrc
echo ‘syntax on’ > /root/.vimrc
#zh_cn
sed -i -e ‘s/^LANG=.*/LANG=”en”/’   /etc/sysconfig/i18n
#init_ssh
ssh_cf=”/etc/ssh/sshd_config”
sed -i -e ’74 s/^/#/’ -i -e ’76 s/^/#/’ $ssh_cf
sed -i “s/#UseDNS yes/UseDNS no/” $ssh_cf
#client
sed -i -e ’44 s/^/#/’ -i -e ’48 s/^/#/’ $ssh_cf
echo “ssh is init is ok…………..”
#chkser
#tunoff services
#——————————————————————————–
cat << EOF
+————————————————————–+
|         === Welcome to Tunoff services ===                   |
+————————————————————–+
EOF
#———————————————————————————
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sendmail | sshd | syslog | local | mysqld )
echo “Base services, Skip!”
;;
*)
echo “change $CURSRV to off”
chkconfig –level 235 $CURSRV off
service $CURSRV stop
;;
esac
done

1.4 系统环境部署及调整
检查系统是否正常
# tail -n100 /var/log/messages   (检查有无系统级错误信息)
# dmesg                     (检查硬件设备是否有错误信息)
# ifconfig                    (检查网卡设置是否正确)
# ping www.linuxtone.org (检查网络是否正常)
1.5使用 yum 程序安装所需开发包
1.5.1 更换快源
#cd /etc/yum.repos.d/
#mv CentOS-Base.repo CentOS-Base.repo.linuxtone
#wget http://docs.linuxtone.org/soft/lemp/CentOS-Base.repo
1.5.2 yum安装相关软件包:

#yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel libtool* zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-devel gettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers gzip

1.6 定时校正服务

器时钟,定时与中国国家授时中心授时服务器同步
# crontab -e
加入一行:

15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1

1.7下载相关软件包
#cd /usr/local/src

wget http://download.suhosin.org/suhosin-patch-5.3.2-0.9.9.1.patch.gz
wget http://monkey.org/~provos/libevent-1.4.13-stable.tar.gz
wget http://sysoev.ru/nginx/nginx-0.8.38.tar.gz
wget http://www.php.net/get/php-5.3.2.tar.gz/from/this/mirror
wget http://docs.linuxtone.org/soft/lemp/mysql-5.1.34.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.tar.gz
wget “http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0”
wget “http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0”
wget http://pecl.php.net/get/memcache-2.2.5.tgz
wget “http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0”
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.02.tar.gz
wget http://bart.eaccelerator.net/source/0.9.6/eaccelerator-0.9.6.tar.bz2
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
wget http://blog.s135.com/soft/linux/nginx_php/imagick/ImageMagick.tar.gz
wget http://pecl.php.net/get/imagick-2.3.0.tgz

1.8.添加nginx 运行账户:
#vim add_nginxuser.sh

/usr/sbin/groupadd www
/usr/sbin/useradd  www -s /sbin/nologin -g www
mkdir -p /data/www/wwwroot
chmod +w /data/www/wwwroot
chown -R www.www /data/www/wwwroot

sh add_nginxuser.sh

二.编译安装
2.1 编译安装pcre

#tar zxvf pcre-8.02.tar.gz
#cd pcre-8.02
#./configure && make && make install

2.2 编译安装nginx

#tar zxvf nginx-0.8.38.tar.gz
#cd nginx-0.8.38

2.2.1 附加:修改nginx源代码,伪装nginx服务器(仅供参考,安全还得认真做起^.^):
(1).修改gcc
#vi auto/cc/gcc
NGX_GCC_OPT=”-O”修改为:
NGX_GCC_OPT=”-O3″
(2).修改nginx.h
#vi nginx-0.8.38/src/core/nginx.h

#define NGINX_VERSION      “0.8.38”
#define NGINX_VER          “nginx/” NGINX_VERSION修改为:
#define NGINX_VERSION      “2.0”
#define NGINX_VER          “LTWS/” NGINX_VERSION

(3).修改nginx_http_header_filter_module
#vi nginx-0.8.38/src/http/ngx_http_header_filter_module.c
static char ngx_http_server_string[] = “Server: nginx” CRLF;修改为:
static char ngx_http_server_string[] = “Server: LTWS” CRLF;
(4).修改ngx_http_special_response.c
#vi nginx-0.8.38/src/http/ngx_http_special_response.c
将如下

static u_char ngx_http_error_full_tail[] =
“<hr><center>” NGINX_VER “</center>” CRLF
“</body>” CRLF
“</html>” CRLF
;

static u_char ngx_http_error_tail[] =
“<hr><center>nginx</center>” CRLF
“</body>” CRLF
“</html>” CRLF

;
修改为:

static u_char ngx_http_error_full_tail[] =
“<hr><center> “NGINX_VER” </center>” CRLF
“<hr><center>http://www.linuxtone.com</center>” CRLF
“</body>” CRLF
“</html>” CRLF
;

static u_char ngx_http_error_tail[] =
“<hr><center>HMGWS</center>” CRLF
“</body>” CRLF
“</html>” CRLF
;

2.2.2 nginx 编译安装

tar zvxf nginx-0.8.38.tar.gz
./configure \
“–user=www” \
“–group=www” \
“–prefix=/usr/local/nginx/” \
“–with-http_stub_status_module” \
“–with-http_ssl_module” \

make
make install

2.3 编译安装配置mysql

tar zvxf mysql-5.5.3-m3.tar.gz
./configure \
“–prefix=/usr/local/mysql” \
“–localstatedir=/data/mysql/data” \
“–with-comment=Source” \
“–with-server-suffix=-Linuxtone.Org” \
“–enable-assembler” \
“–with-extra-charsets=complex” \
“–enable-thread-safe-client” \
“–with-big-tables” \
“–with-readline” \
“–with-ssl” \
“–with-embedded-server” \
“–enable-local-infile” \
“–with-plugins=partition,innobase,myisammrg”
make
make install
/sbin/useradd mysql -d /data/mysql -s /sbin/nologin
/usr/local/mysql/bin/mysql_install_db –user=mysql
cd /usr/local/mysql
chown -R root:mysql .
mkdir -p /data/mysql/data
chown -R mysql /data/mysql/data
cp share/mysql/my-huge.cnf /etc/my.cnf.bak
wget http://www.caifw.com/api/my.cnf
sed -i ’50 s/^/#/’ /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig –add mysqld
/etc/rc.d/init.d/mysqld start

cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done

2.4 编译安装php
2.4.1安装php相应的lib
2.4.1.1 libiconv-1.13

#tar zxvf libiconv-1.13.tar.gz
#cd libiconv-1.13
#./configure –prefix=/usr && make && make install

2.4.1.2 libmcrypt-2.5.8

#tar zxvf libmcrypt-2.5.8.tar.gz
#cd libmcrypt-2.5.8/
#./configure –prefix=/usr && make && make install
#echo “/usr/lib” >> /etc/ld.so.conf
#ldconfig
#cd libltdl/
#./configure –enable-ltdl-install
#make && make install

2.4.1.3 mhash-0.9.9.9

#tar zxvf mhash-0.9.9.9.tar.gz
#cd mhash-0.9.9.9
#./configure –prefix=/usr && make && make install
#ldconfig

2.4.1.4 mcrypt-2.6.8

#tar zxvf mcrypt-2.6.8.tar.gz
#cd mcrypt-2.6.8
#./configure –prefix=/usr && make&& make install

2.4.1.5 suhosin

gunzip suhosin-patch-5.2.11-0.9.7.patch.gz
tar zvxf php-5.3.2.tar.gz
cd /usr/local/src/php-5.3.2
patch -p 1 -i ../suhosin-patch-5.3.2-0.9.9.1.patch

2.4.2 安装php-fpm

svn co http://svn.php.net/repository/php/php-src/trunk/sapi/fpm sapi/fpm
./buildconf –force

2.4.3 安装php

#vi install_php.sh

./configure  \
“–prefix=/usr/local/php” \
“–with-libevent-dir” \
“–with-fpm-user=www” \
“–with-fpm-group=www” \
“–enable-suhosin” \
“–enable-fpm” \
“–enable-discard-path” \
“–enable-force-cgi-redirect” \
“–with-config-file-path=/usr/local/php/etc” \
“–with-mysql=/usr/local/mysql” \
“–with-mysqli=/usr/local/mysql/bin/mysql_config” \
“–with-iconv-dir” \
“–with-freetype-dir” \
“–with-jpeg-dir” \
“–with-png-dir” \
“–with-gd” \
“–with-zlib” \
“–with-libxml-dir” \
“–with-curl” \
“–with-curlwrappers” \
“–with-openssl” \
“–with-mhash” \
“–with-xmlrpc” \
“–with-mcrypt” \
“–with-ldap” \
“–with-ldap-sasl” \
“–enable-xml” \
“–enable-discard-path” \
“–enable-safe-mode” \
“–enable-bcmath” \
“–enable-shmop” \
“–enable-sysvsem” \
“–enable-inline-optimization” \
“–enable-mbregex” \
“–enable-mbstring” \
“–enable-gd-native-ttf” \
“–enable-ftp” \
“–enable-pcntl” \
“–enable-sockets” \
“–enable-zip” \
“–disable-debug” \
“–disable-ipv6”
make ZEND_EXTRA_LIBS=’-liconv’
make install
cp php.ini-production /usr/local/php/etc/php.ini
cp sapi/fpm/php-fpm /etc/init.d/php-fpm
chmod 755 /etc/init.d/php-fpm

#sh install_php.sh
2.4.4安装PHP扩展模块
2.4.4.1 memcache-2.2.5

#tar zvxf memcache-2.2.5.tgz
#cd memcache-2.2.5
#/usr/local/php/bin/phpize
#./configure –with-php-config=/usr/local/php/bin/php-config
#make && make install

2.4.4.2 eaccelerator-0.9.6

#tar jvxf eaccelerator-0.9.6.tar.bz2
#cd eaccelerator-0.9.6
#/usr/local/php/bin/phpize
#./configure –enable-eaccelerator=shared –with-php-config=/usr/local/php/bin/php-config
#make && make install

2.4.4.3 PDO_MYSQL-1.0.2

#tar zxvf PDO_MYSQL-1.0.2.tgz
#cd PDO_MYSQL-1.0.2
#/usr/local/php/bin/phpize
#./configure –with-php-config=/usr/local/php/bin/php-config –with-pdo-mysql=/usr/local/mysql
#make && make install

2.4.4.4 ImageMagick

#tar zxvf ImageMagick.tar.gz
#cd ImageMagick-6.5.1-2/
#./configure –enable-shared –with-modules –without-x –with-gs-font-dir=default –with-perl=yes –with-xml=yes –with-zlib=yes –with-jpeg=yes
# make && make install

2.4.4.5 imagick-2.3.2

#tar zxvf imagick-2.2.2.tgz
#cd imagick-2.2.2/
#/usr/local/php/bin/phpize
#./configure –with-php-config=/usr/local/php/bin/php-config
#make
#make install

2.4.5脚本配置php.ini
# vi init_php.ini

#!/bin/bash
fcgi_cf=”/usr/local/php/etc/php.ini”
ea(){
cat << EOF
[eAccelerator]
zend_extension=”/usr/local/php/lib/php/extensions/no-debug-non-zts-20090626/eaccelerator.so”
eaccelerator.shm_size=”32″
eaccelerator.cache_dir=”/data/cache/ea”
eaccelerator.enable=”1″
eaccelerator.optimizer=”1″
eaccelerator.check_mtime=”1″
eaccelerator.debug=”0″
eaccelerator.filter=””
eaccelerator.shm_max=”0″
eaccelerator.shm_ttl=”0″
eaccelerator.shm_prune_period=”0″
eaccelerator.shm_only=”0″
eaccelerator.compress=”1″
eaccelerator.compress_level=”9″
EOF
}
#mkdir
mkdir -p /data/cache/ea
ea >> $fcgi_cf
#config for php.ini
sed -i ‘205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g’ $fcgi_cf
sed -i ‘210 s#disable_functions =#;disable_functions =

phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,rea

dlink,symlink,popepassthru,stream_socket_server#g’ $fcgi_cf
sed -i ‘/expose_php/s/On/Off/’ $fcgi_cf
sed -i ‘/display_errors/s/On/Off/’ $fcgi_cf
sed -i ‘s#extension_dir = “./”#extension_dir = “/usr/local/php/lib/php/extensions/no-debug-non-zts-20090626/”\nextension = “memcache.so”\nextension =

“pdo_mysql.so”\nextension = “imagick.so”\n#’ $fcgi_cf
sed -i ‘s#output_buffering = Off#output_buffering = On#’ $fcgi_cf

三、配置整合
3.1 配置php-fpm

cat php-fpm.conf;;
Global;
pid = /usr/local/php/var/run/php-fpm.pid
error_log = /usr/local/php/var/log/php-fpm.log
log_level = notice
emergency_restart_threshold = 10
emergency_restart_interval = 1m
process_control_timeout = 5s
daemonize = yes;
pools here
include = /usr/local/php/etc/fpm.d/*.conf

[www]
listen = 127.0.0.1:9000
listen.backlog = -1
listen.allowed_clients = 127.0.0.1;
listen.owner = www;
listen.group = www;
listen.mode = 0666
user = www
group = www
有两种形式,static , dynamic  默认是以dynamic。
pm = static
pm.max_children = 50;
pm.start_servers = 20;
pm.min_spare_servers = 5;
pm.max_spare_servers = 35
pm.max_requests = 65535;
pm.status_path = /status;
ping.path = /ping;
ping.response = pong
request_terminate_timeout = 0s
request_slowlog_timeout = 0s
slowlog = /usr/local/php/var/log/php-fpm.log.slow
rlimit_files = 65535rlimit_core = 0
catch_workers_output = yes
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f
php_flag[display_errors] = off
php_admin_value[error_log] = /usr/local/php/var/log/fpm-php.www.log
php_admin_flag[log_errors] = on
php_admin_value[memory_limit] = 20M
php_admin_value[open_basedir] = /var/www/wordpress:/home/www/sessions:/tmp
php_admin_value[session.save_path] = /home/www/sessions

3.2 配置nginx

rm -rf /usr/local/nginx/conf/nginx.conf

vim /usr/local/nginx/conf/nginx.conf

user  www www;

worker_processes 8;

error_log  /data/wwwroot/logs/nginx_error.log  crit;

pid        /usr/local/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;

events
{
use epoll;
worker_connections 65535;
}

http
{
include       mime.types;
default_type  application/octet-stream;

#charset  gb2312;

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;

sendfile on;
tcp_nopush     on;

keepalive_timeout 60;

tcp_nodelay on;

fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;

gzip on;
gzip_min_length  1k;
gzip_buffers     4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types       text/plain application/x-javascript text/css application/xml;
gzip_vary on;

#limit_zone  crawler  $binary_remote_addr  10m;

server
{
listen       80;
server_name  www.linuxtone.org linuxtone.org;
index index.html index.htm index.php;
root  /data/www/wwwroot;

#limit_conn   crawler  20;

location ~ .*\.(php|php5)?$
{
#fastcgi_pass  unix:/tmp/php-cgi.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires      30d;
}

location ~ .*\.(js|css)?$
{
expires      1h;
}

log_format  access  ‘$remote_addr – $remote_user [$time_local] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” $http_x_forwarded_for’;
access_log  /data/www/logs/access.log  access;
}

}

vim /usr/local/nginx/conf/fcgi.conf

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
# PHP only, required if PHP was built with –enable-force-cgi-redirect
#fastcgi_param  REDIRECT_STATUS    200;

四、启动web服务
4.1.启动php-fpm
#/usr/local/php/sbin/php-fpm
4.2.启动nginx
4.2.1检查nginx配置:
# /usr/local/nginx/sbin/nginx ?t     //返回如下信息说明配置正确
the configuration file /usr/local/nginx//conf/nginx.conf syntax is ok
configuration file /usr/local/nginx//conf/nginx.conf test is successful#/usr/local/nginx/sbin/nginx    //启动nginx
4.3.加入开机启动
#vi /etc/rc.local
在最后加入:

ulimit -SHn 51200
/usr/local/nginx/sbin/nginx
/usr/local/php/sbin/php-fpm

五、测试
#mkdir /data/www/wwwroot/linuxtone
#vi phpinfo.php

<?php
Phpinfo();
?>

打开浏览器输入:http://www.linuxtone.org/phpinfo.php
附注:
本文的配置脚本可以参见http://bbs.linuxtone.org/thread-4908-1-1.html附件ngin_spawn.rar
本文所有脚本均参考www.linuxtone.org站长netseek提供的脚本包,下载地址:
http://www.linuxtone.org/lemp/scripts.tar.gz

本文参考文档:
哈密瓜  基于CentOS 5.4搭建nginx+php+spawn-fcgi+mysql高性能php平台 http://bbs.linuxtone.org/thread-4908-1-1.html
netseek LEMP构建高性能WEB服务器(第三版)http://bbs.linuxtone.org/thread-1582-1-1.html
张宴 Nginx 0.5.31 + PHP 5.2.4搭建可承受3万以上并发连接数,胜过Apache 10倍的Web服务器  http://blog.s135.com/post/297/
Deidara  php-fpm with php-5.3.2 + APC http://deidara.blog.51cto.com/400447/317026

One thought on “基于CentOS 5.5 搭建nginx +php +php-fpm+mysql高性能php平台

  1. Pingback: ImageMagick及PHP的imagick扩展的安装及配置 | haohtml's blog

Comments are closed.