nginx + php 配置
我的centos6是64位的版本
安装步骤:
(系统要求:Linux 2.6+ 内核,本文中的Linux操作系统为CentOS 5.3,另在RedHat AS4上也安装成功)
一、获取相关开源程序:
【适用CentOS操作系统】利用CentOS Linux系统自带的yum命令安装、升级所需的程序库(RedHat等其他Linux发行版可从安装光盘中找到这些程序库的RPM包,进行安装):
sudo -s
LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
我下载的源码包
mysql-5.5.25a-linux2.6-x86_64.tar.gz
imagick-2.3.0.tgz
PDO_MYSQL-1.0.2.tgz
memcached-1.4.13
eaccelerator-0.9.6.1.tar.bz2
libiconv-1.14.tar.gz
memcached-1.4.13.tar.gz
nginx-1.3.3.tar.gz
libmcrypt-2.5.7
ImageMagick.tar.gz
libmcrypt-2.5.8.tar.gz
mhash-0.9.9.9.tar.bz2
pcre-8.30.tar.bz2
mcrypt-2.6.8.tar.gz
php-5.3.14.tar.bz2
二、安装php-5.3.14(FastCGI模式)
1、编译安装PHP 5.2.14所需的支持库:
tar zxvf libiconv-1.14.tar.gz
cd libiconv-1.14/
./configure --prefix=/usr/local
make
make install
cd ../
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd http://www.cnblogs.com/
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../
2、安装mysql-5.5.25a(编译过的版本)
安装在/usr/local/mysql下面,这样的话一些依赖关系都在,免去一些安装麻烦。
shell> groupadd mysql
shell> useradd -r -g mysql mysql
shell> cd /usr/local
shell> tar zxvf /path/to/mysql-VERSION-OS.tar.gz
shell> ln -s full-path-to-mysql-VERSION-OS mysql
shell> cd mysql
shell> chown -R mysql .
shell> chgrp -R mysql .
shell> scripts/mysql_install_db --user=mysql
shell> chown -R root .
shell> chown -R mysql data
# Next command is optional
shell> cp support-files/my-medium.cnf /etc/my.cnf
shell> bin/mysqld_safe --user=mysql &
# Next command is optional
shell> cp support-files/mysql.server /etc/init.d/mysqld
shell> chkconfig --add mysqld
shell> chkconfig mysqld on
进入到mysql command line 下,添加一个root权限的账户
GRANT ALL PRIVILEGES ON *.* TO 'carddev'@'localhost' IDENTIFIED BY 'carddev';
GRANT ALL PRIVILEGES ON *.* TO 'carddev'@'127.0.0.1' IDENTIFIED BY 'carddev';
3、编译安装PHP(FastCGI模式)
tar zxvf php-5.3.14.tar.gz
cd php-5.3.14
./configure --prefix=/usr/local/php --with-config-file-path=/etc --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --nable-soap
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /etc/php.ini
cd ../
以下php安装错误来自百度搜索
安装php的时候,出现cannot stat `ext/phar/phar.phar': No such file or directory
于是我又: cd ext/phar/
ls -l
结果发现没有phar.phar 这个文件!!于是我怀疑是phar.php ,
cp ./phar.php ./phar.phar
make install
4、编译安装PHP5扩展模块
我将memcache server端和client端都安装在了一台机器上,这样方便测试
首先安装memcache server
tar zxvf memcached-1.4.13.tg.gz
cd memcache-1.4.13/
./configure ?prefix=/usr/local/memcached
make
make install
cd ../
在这个时候,不一定会编译通过,依旧会出现:
checking for libevent directory… configure: error: libevent is required. You can get it from http://www.monkey.org/~provos/libevent/
If it’s already installed, specify its path using ?with-libevent=/dir/
因为libevent 这个包是系统默认安装的,没有安装相应的开发所用的头文件。
所以,还要使用如下命令来安装:
yum install libevent-devel
有的时候会报一些找不到lib包的warning,例如:找不到libevent-1.4.so.2
可以建立软连接.也可以用ldconfig来解决这个问题,在/etc/ld.so.conf,添加些常用的lib库路径.
2. 安装memcache client端
Memcached客户端是基于libmemcached的,所以需先安装libmemcached。
官网:http://download.tangent.org
下载最新版本,我下载的是libmemcached-1.0.9
cd libmemcached-1.0.9
./configure --prefix=/usr/local/libmemcached --with-libmemcached-dir=/usr/local/libmemcached
make && make install
OK,现在安装PHP extension for interfacing with memcached via libmemcached library
下载地址:http://pecl.php.net/package/memcached
tar zxvf memcached-2.0.1.tgz
cd memcached-2.0.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-libmemcached-dir=/usr/local/libmemcached
make && make install
tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../
tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure
make
make install
cd ../
tar zxvf imagick-2.3.0.tgz
cd imagick-2.3.0/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
5、修改php.ini文件
手工修改:查找/etc/php.ini中的extension_dir = "./"
修改为extension_dir = "/usr/local/php/lib/php/extensions"
cp -R /usr/local/php/lib/php/extensions/no-debug-non-zts-20090626/* /usr/local/php/lib/php/extensions
并在此行后增加以下几行,然后保存:
extension = "pdo_mysql.so"
extension = "imagick.so"
extension = "memcached.so"
再查找; cgi.fix_pathinfo=0
修改为cgi.fix_pathinfo=0,防止Nginx文件类型错误解析漏洞。
6、配置eAccelerator加速PHP:
mkdir -p /usr/local/eaccelerator_cache
vi /etc/php.ini
按shift+g键跳到配置文件的最末尾,加上以下配置信息:
[eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
7、创建www用户和组
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
chown -R www.www /var/www
8、配置php-fpm.conf
打开一下两行注释:
pid = run/php-fpm.pid
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
user = www
group = www
到了php5.3.3,默认即支持php-fpm
但是php/sbin/php-fpm的内容发生了变化,之前是一个脚本,现在是一个二进制文件,需要使用信号控制:
master进程可以理解以下信号
SIGINT, SIGTERM 立刻终止
SIGQUIT 平滑终止
SIGUSR1 重新打开日志文件
SIGUSR2 平滑重载所有worker进程并重新载入配置和二进制模块
示例:
php-fpm 关闭:
kill -SIGINT `cat /usr/local/php/var/run/php-fpm.pid`
php-fpm 重启:
kill -SIGUSR2 `cat /usr/local/php/var/run/php-fpm.pid`
加入到服务中去并每次开机自动启动
cp $PHP_SOURCE_DIR/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod 700 /etc/init.d/php-fpm
chkconfig --add php-fpm
chkconfig php-fpm on
服务方式启动php-fpm
service php-fpm restart
注:/usr/local/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload。
三、安装Nginx 0.8.46
1、安装Nginx所需的pcre库:
tar zxvf pcre-8.30.tar.gz
cd pcre-8.30/
./configure
make && make install
cd ../
2、安装Nginx
tar zxvf nginx-1.3.3.tar.gz
cd nginx-1.3.3/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../
3、创建Nginx日志目录
mkdir -p /usr/local/nginx/logs/
chmod +w /usr/local/nginx/logs/
chown -R www:www /usr/local/nginx/logs/
4、创建Nginx配置文件
①、在/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件:
rm -f /usr/local/nginx/conf/nginx.conf
vi /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
error_log /usr/local/nginx/logs/error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
server {
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /var/www;
#charset koi8-r;
#access_log logs/host.access.log main;
location ~ .*\.(php|php5)?$
{
#root html;
#index index.html index.htm;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /usr/local/nginx/logs/access.log access;
}
}
②、在/usr/local/nginx/conf/目录中创建fcgi.conf文件:
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
5、启动Nginx
ulimit -SHn 65535
/usr/local/nginx/sbin/nginx
Nginx启动出错 error while loading shared libraries: libpcre.so.1
[root@localhost conf]# ldd $(which /usr/local/nginx/sbin/nginx)
linux-vdso.so.1 => (0x00007fff227ff000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00000032f3800000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000032f6000000)
libpcre.so.1 => not found
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00000032fc400000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00000032fa400000)
libdl.so.2 => /lib64/libdl.so.2 (0x00000032f3400000)
libz.so.1 => /lib64/libz.so.1 (0x00000032f3c00000)
libc.so.6 => /lib64/libc.so.6 (0x00000032f3000000)
/lib64/ld-linux-x86-64.so.2 (0x00000032f2c00000)
libfreebl3.so => /lib64/libfreebl3.so (0x00000032f5c00000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00000032fb000000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00000032f9800000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00000032f7000000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00000032f8800000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00000032f9000000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00000032f9400000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00000032f5000000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00000032f4c00000)
可以看出 libpcre.so.1 => not found 并没有找到,进入/lib目录中手动链接下
[root@localhost lib]# ln -s libpcre.so.0.0.1 libpcre.so.1
然后在启动nginx ok 了
[root@localhost lib]# /usr/local/nginx/sbin/nginx
另外我在/etc/ld.so.conf下面加了些配置
1 include ld.so.conf.d/*.conf
2 include /usr/lib
3 include /usr/lib64
4 include /usr/local/lib
四、配置开机自动启动Nginx
vi /etc/rc.local
ulimit -SHn 65535
/usr/local/nginx/sbin/nginx
五、优化Linux内核参数
vi /etc/sysctl.conf
在末尾增加以下内容:
# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
使配置立即生效:
/sbin/sysctl -p
六、在不停止Nginx服务的情况下平滑变更Nginx配置
1、修改/usr/local/nginx/conf/nginx.conf配置文件后,请执行以下命令检查配置文件是否正确:
/usr/local/nginx/sbin/nginx -t
如果屏幕显示以下两行信息,说明配置文件正确:
the configuration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok
the configuration file /usr/local/webserver/nginx/conf/nginx.conf was tested successfully
2、平滑重启:
①、对于Nginx 0.8.x版本,现在平滑重启Nginx配置非常简单,执行以下命令即可:
/usr/local/nginx/sbin/nginx -s reload
②、对于Nginx 0.8.x之前的版本,平滑重启稍微麻烦一些,按照以下步骤进行即可。输入以下命令查看Nginx主进程号:
ps -ef | grep "nginx: master process" | grep -v "grep" | awk -F ' ' '{print $2}'
屏幕显示的即为Nginx主进程号,例如:
6302
这时,执行以下命令即可使修改过的Nginx配置文件生效:
kill -HUP 6302
或者无需这么麻烦,找到Nginx的Pid文件:
kill -HUP `cat /usr/local/webserver/nginx/nginx.pid`
七、编写每天定时切割Nginx日志的脚本
1、创建脚本/usr/local/nginx/sbin/cut_nginx_log.sh
vi /usr/local/nginx/sbin/cut_nginx_log.sh
输入以下内容:
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/nginx/nginx.pid`
2、设置crontab,每天凌晨00:00切割nginx访问日志
crontab -e
输入以下内容:
00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh