从零开始构建云平台监控(一)搭建LNMP

搭建LNMP

先安装mysql—->安装php—–>安装nginx
版本:
mysql 5.7.19
php 7.1.7
nginx 1.12.1

本次搭建除mysql外全部采用源码方式安装,因为采用源码的方式安装可以更好的对功能模块是否需要做定制。

安装依赖

1
yum -y install gcc gcc-devel gcc-c++ gcc-c++-devel libaio-devel boost boost-devel autoconf* automake* zlib* libxml* ncurses-devel ncurses libgcrypt* libtool* cmake openssl openssl-devel bison bison-devel unzip numactl-devel

创建mysql软件源
vim /etc/yum.repo.d/mysql.repo

1
2
3
4
[mysql]
name = mysql
baseurl = https://mirrors.ustc.edu.cn/mysql-repo/yum/mysql-5.7-community/el/7/x86_64/
gpgcheck=0

1
yum install mysql-community-libs mysql-community-common mysql-community-client mysql-community-devel mysql-community-server

启动mysql
systemctl start mysqld

mysql初始化
mysqld –initialize –user=mysql

查找默认密码
grep “temporary password” /var/log/mysqld.log

默认密码策略设置密码需要大写、小写、特殊符号。关闭默认密码策略

编辑/etc/my.cnf
validate_password=off

重启mysql
systemctl restart mysqld

用初始密码登录mysql重启密码

1
alter user root@localhost identified by 'passw0rd';

修改默认编码
由下图可见database和server的字符集使用了latin1编码方式,不支持中文,即存储中文时会出现乱码。以下是命令行修改为utf-8编码的过程,以支持中文

修改为utf-8打开,编辑/etc/my.cnf.d/server.cnf
在mysqld里面添加
character_set_server = utf8

重启mysql
systemctl restart mysqld

再次查看

安装php7

php7在性能上比php5.x有2倍多的提升,同时兼容性也特别好。同时php5.x很多openssl和openssh的漏洞

安装依赖包

1
yum -y install libmcrypt-devel mcrypt mhash gd-devel ncurses-devel libxml2-devel bzip2-devel libcurl-devel curl-devel libjpeg-devel libpng-devel freetype-devel net-snmp-devel openssl-devel

安装libconv
创建目录
mkdir /lnmp
进入目录
cd /lnmp
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
解压包

1
2
3
4
5
tar xvf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv1.14

make时包此错

解决方法

1
2
3
4
5
6
vi libiconv-1.14/srclib/stdio.in.h
将698行的代码:_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");替换为:
#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
#endif

重新make && make install
保存动态链接库

1
2
echo "/usr/local/lib64/" > /etc/ld.so.conf.d/lnmp.conf
echo "/usr/local/lib/" >> /etc/ld.so.conf.d/lnmp.conf

刷新
ldconfig

下载php7.1.7源码包
cd /lnmp
wget http://cn2.php.net/distributions/php-7.1.7.tar.gz

解压
tar -xvf php-7.1.7.tar.gz

配置和检查依赖php7.1.7

1
./configure --prefix=/usr/local/php7.1.7 --with-config-file-path=/usr/local/php7.1.7/etc --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-iconv-dir=/usr/local/libiconv1.14 --with-pcre-regex --with-zlib --with-bz2 --enable-calendar --with-curl --enable-dba --with-libxml-dir --enable-ftp --with-gd --with-jpeg-dir --with-png-dir --with-zlib-dir --with-freetype-dir --enable-gd-native-ttf --with-mhash --enable-mbstring --with-mcrypt --enable-pcntl --enable-xml --disable-rpath --enable-shmop --enable-sockets --enable-zip --enable-bcmath --with-snmp --disable-ipv6 --with-gettext --enable-fpm --with-fpm-user=www --with-fpm-group=www --with-openssl

make && make install
复制php配置文件

1
cp /lnmp/php-7.1.7/php.ini-production /usr/local/php7.1.7/etc/php.ini

配置php
修改时区

1
sed -i 's#;date.timezone =#date.timezone = Asia/Shanghai#g' /usr/local/php7.1.7/etc/php.ini

隐藏php版本号

1
sed -i 's#expose_php = On#expose_php = Off#g' /usr/local/php7.1.7/etc/php.ini

配置启动脚本

1
2
[root@localhost php-7.1.7]# cp /lnmp/php-7.1.7/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@localhost php-7.1.7]# chmod +x /etc/init.d/php-fpm

配置fast-cgi

1
cp /usr/local/php7.1.7/etc/php-fpm.d/www.conf /usr/local/php7.1.7/etc/php-fpm.conf

修改fast-cgi
vim /usr/local/php7.1.7/etc/php-fpm.conf
修改已下参数
rlimit_files = 65535

创建www用户和组

1
useradd www -s /sbin/nologin

启动php-fpm
/etc/init.d/php-fpm start
设置开机自启
/sbin/chkconfig –add php-fpm
修改php.ini以满足zabbix要求
vim /usr/local/php7.1.7/etc/php.ini
限制执行目录,nginx网页放在/var/www/html下

1
2
3
4
5
open_basedir = "/var/www/html/:/tmp"
max_execution_time = 300
max_input_time = 300
post_max_size = 24M
upload_max_filesize = 4M

修改php连接mysql
pdo_mysql.default_socket= /var/lib/mysql/mysql.sock
mysqli.default_socket = /var/lib/mysql/mysql.sock

安装nginx

wget http://nginx.org/download/nginx-1.12.1.tar.gz
解压

[root@localhost lnmp]# tar -xvf nginx-1.12.1.tar.gz

[root@localhost lnmp]# cd nginx-1.12.1

1
[root@localhost lnmp]#./configure --prefix=/usr/local/nginx1.12.1 --user=www --group=www --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module

[root@localhost lnmp]#make && make install

配置nginx

1
cp /usr/local/nginx1.12.1/conf/nginx.conf /usr/local/nginx1.12.1/conf/nginx.conf.bak

vim /usr/local/nginx1.12.1/conf/nginx.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
user www www;
worker_processes 4;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 65535;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
server {
listen 80;
server_name localhost;
charset utf8;
location / {
root /var/www/html;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
location ~ \.php$ {
root /var/www/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}

修改ulimit
ulimit -n 65535
编辑
/etc/systemd/system.conf
设置DefaultLimitNOFILE=65535

重启系统

启动nginx
/usr/local/nginx1.12.1/sbin/nginx
重载nginx
/usr/local/nginx1.12.1/sbin/nginx -s reload
关闭nginx
/usr/local/nginx1.12.1/sbin/nginx -s stop
重启nginx
/usr/local/nginx1.12.1/sbin/nginx -s reopen

设置nginx启动脚本
编辑/etc/init.d/nginx
注意PATH和NAME变量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/bin/bash
# chkconfig: - 85 15
PATH=/usr/local/nginx1.12.1
DESC="nginx daemon"
NAME=nginx
DAEMON=$PATH/sbin/$NAME
CONFIGFILE=$PATH/conf/$NAME.conf
PIDFILE=$PATH/logs/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
$DAEMON -s stop || echo -n "nginx not running"
}
do_reload() {
$DAEMON -s reload || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
;;
reload|graceful)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
do_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0

添加执行权限
chmod a+x /etc/init.d/nginx
注册成服务
/sbin/chkconfig –add nginx

添加开机自启
/sbin/chkconfig nginx on

查看

创建目录
mkdir -p /var/www/html
修改用户和属组
chown www:www /var/www/html
重启测试
启动nginx
systemctl start nginx
重启
systemctl restart nginx
关闭
systemctl stop nginx

测试php
在/var/www/html下编写index.php文件

1
2
3
<?php
phpinfo();
?>

修改权限
chown www:www /var/www/html/index.php
重启nginx和php-fpm

打开浏览器输入地址

至此LNMP搭建完毕。