[转载] [教程] 康盛创想 Linux(基于CentOS的LNMP) 服务器部署标准

一、系统约定

软件源代码包存放位置

 /usr/local/src

 
源码包编译安装位置(prefix)

 /usr/local/software_name

 
脚本以及维护程序存放位置

 /usr/local/sbin

 
MySQL 数据库位置

 /var/lib/mysql(可按情况设置)

 
Nginx 网站根目录

 /home/www/wwwroot(可按情况设置)

 
Nginx 虚拟主机日志根目录

 /home/www/logs(可按情况设置)

 
Nginx 运行账户

 www:www

二、系统环境初始化

1. 检查系统是否正常

# more /var/log/messages(检查有无系统级错误信息)
# dmesg (检查硬件设备是否有错误信息)

# cat /proc/cpuinfo (检查CPU频率是否正常)

# top (按1检测CPU核数是否正常,内存大小是否正常)

# ifconfig(检查网卡设置是否正确)
# ping www.zhaorongtao.com(检查网络是否正常)
2. 关闭不需要的服务

# ntsysv
以下仅列出需要启动的服务,未列出的服务一律推荐关闭:

atd

crond

irqbalance

microcode_ctl

network

sendmail

sshd

syslog
关闭SElinux:修改/etc/selinux/config文件中的SELINUX= 为 disabled
3.更换快速源

# cd /etc/yum.repos.d/

# mv CentOS-Base.repo CentOS-Base.repo.old

# wget http://centos.ustc.edu.cn/CentOS-Base.repo.5

# mv CentOS-Base.repo.5 CentOS-Base.repo

# yum update

4. 使用 yum 程序安装所需开发包(以下为标准的 RPM 包名称)

# yum -y install ntp make openssl openssl-devel pcre pcre-devel libpng libpng-devel libjpeg-6b libjpeg-devel-6b freetype freetype-devel gd gd-devel zlib zlib-devel gcc gcc-c++ libXpm libXpm-devel ncurses ncurses-devel libmcrypt libmcrypt-devel libxml2 libxml2-devel imake autoconf automake screen sysstat compat-libstdc++-33 curl curl-devel

5. 定时校正服务器时钟,定时与中国国家授时中心授时服务器同步

# crontab -e
加入一行:
*/30 * * * * ntpdate 210.72.145.44 > /dev/null 2>&1
6. 下载程序包

请到各程序官方网站下载最新的稳定版本存放到/usr/local/src/目录
Nginx
当前稳定版0.7.65

http://wiki.nginx.org/NginxChs

PHP
当前稳定版5.2.13

http://cn.php.net/releases/
PHP FPM补丁   当前稳定版0.5.14

http://php-fpm.org/downloads/

Mysql
当前稳定版5.0.86

http://dev.mysql.coml/

Zend
当前稳定版3.3.3

http://www.zend.com/

Memcache
当前稳定版2.2.5

http://pecl.php.net/package/memcache/

Memcached
当前稳定版1.4.5
http://memcached.googlecode.com

Libiconv
当前稳定版1.13.1

http://www.gnu.org/software/libiconv/

libevent
当前稳定版1.4.13

http://www.monkey.org/~provos/libevent/
文中的配置文件和脚本限于篇幅,请到以下地址下载

Nginx控制脚本
http://c.sihost.net/jb/nginx
PHP FPM配置文件
http://c.sihost.net/jb/php-fpm.conf

Nginx 配置文件
http://c.sihost.net/jb/nginx.conf

FCGI配置文件
http://c.sihost.net/jb/fcgi.conf

以上列出的程序最新稳定版下载列表

http://c.sihost.net/lnmp_tools.list
在 /usr/local/src目录下执行
wget http://c.sihost.net/lnmp_tools.list
wget -i lnmp_tools.list
7. 创建web运行用户
# groupadd www

# useradd -g www www

# mkdir -p /home/www/wwwroot

# chmod +w /home/www/wwwroot

# chown www:www /home/www/wwwroot -R

8. 重新启动

# init 6

三、编译安装环境
1. 安装MySQL

# cd /usr/local/src

# tar zxvf mysql-5.0.86-linux-i686-icc-glibc23.tar.gz

# mv mysql-5.0.86-linux-i686-icc-glibc23 /usr/local/

# ln -s /usr/local/mysql-5.0.86-linux-i686-icc-glibc23/ /usr/local/mysql

# groupadd mysql

# useradd -g mysql mysql -d /home/mysql -s /sbin/nologin

# chown -R mysql:mysql /usr/local/mysql

# chown -R mysql:mysql /usr/local/mysql-5.0.86-linux-i686-icc-glibc23/

# cd /usr/local/mysql

# ./scripts/mysql_install_db –user=mysql

# cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld

# chmod 755 /etc/rc.d/init.d/mysqld

# chkconfig –add mysqld

# chkconfig –level 3 mysqld on

# cp ./support-files/my-huge.cnf /etc/my.cnf

# mv /usr/local/mysql/data /var/lib/mysql

# chown -R mysql:mysql /var/lib/mysql

编辑/etc/my.cnf

在 [mysqld] 段增加
datadir = /var/lib/mysql

skip-innodb

wait-timeout = 10

max_connections = 512

max_connect_errors = 10000000

在 [mysqld] 段修改
max_allowed_packet = 16M

thread_cache_size = CPU个数*2

将 log-bin 注释
service mysqld start

# bin/mysqladmin -u root password password

其中红色的password是要设置的root密码

2. 编译安装Nginx
# cd /usr/local/src/

# tar zxvf nginx-0.7.65.tar.gz

# cd nginx-0.7.65

# ./configure –prefix=/usr/local/nginx –conf-path=/usr/local/nginx/conf/nginx.conf –with-http_realip_module –with-http_addition_module –with-http_gzip_static_module –with-http_random_index_module –with-http_stub_status_module –with-http_sub_module –with-http_dav_module

# make

# make install clean

# cp /usr/local/src/nginx /etc/init.d/nginx

# chmod 755 /etc/init.d/nginx

# chkconfig –add nginx

# chkconfig nginx on

3. 编译安装PHP 所需的支持库
Libiconv

# cd /usr/local/src/

# tar zxvf libiconv-1.13.1.tar.gz

# cd libiconv-1.13.1/

# ./configure –prefix=/usr/local

# make

# make install

# cd ..

Libmcrypt

# tar zxvf libmcrypt-2.5.8.tar.gz

# cd libmcrypt-2.5.8

# ./configure

# make

# make install

# /sbin/ldconfig

# cd libltdl/

# ./configure –enable-ltdl-install

# make

# make install

# cd /usr/local/src/

Mhash
# tar zxvf mhash-0.9.9.9.tar.gz

# cd mhash-0.9.9.9/

# ./configure

# make

# make install

# cd ..
# ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la

$ ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so

$ ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4

$ ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8

# ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a

# ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la

# ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so

# ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2

# ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

$ ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

# tar zxvf mcrypt-2.6.8.tar.gz

# cd mcrypt-2.6.8

# /sbin/ldconfig

# ./configure

# make

# make install

4. 编译安装PHP

# cd /usr/local/src

# tar zxvf php-5.2.13.tar.gz

# gzip -cd php-5.2.13-fpm-0.5.14.diff.gz | patch -d php-5.2.13 -p1

# cd php-5.2.13

# ./configure –prefix=/usr/local/php –with-config-file-path=/usr/local/etc/cgi –with-mysql=/usr/local/mysql –with-mysqli=/usr/local/mysql/bin/mysql_config –with-iconv-dir=/usr/local –with-freetype-dir=/usr –with-jpeg-dir=/usr –with-png-dir=/usr –with-zlib –with-libxml-dir=/usr –with-xmlrpc –enable-xml –enable-mbstring –enable-ftp –with-gd –enable-magic-quotes –with-pear –enable-sockets –with-ttf –enable-gd-native-ttf –enable-sysvsem –enable-sysvshm –enable-shmop –enable-force-cgi-redirect –enable-fastcgi –enable-zip –enable-fpm –with-mhash –with-mcrypt –enable-discard-path –enable-bcmath –enable-inline-optimization –with-curl –with-curlwrappers –enable-mbregex –with-openssl

# make ZEND_EXTRA_LIBS=’-liconv’

# make install

# mkdir -p /usr/local/etc/cgi/

# cp php.ini-dist /usr/local/etc/cgi/php.ini

# mv -f /usr/local/src/php-fpm.conf /usr/local/php/etc/php-fpm.conf

# echo ‘ulimit -SHn 65535’ >> /etc/rc.local

# echo ‘/usr/local/php/sbin/php-fpm start’ >> /etc/rc.local

5. 安装PHP扩展模块(需要此功能的Discuz! X用户选装)
Memcache
# cd /usr/local/src

# tar zxvf memcache-2.2.5.tgz

# cd memcache-2.2.5/

# /usr/local/php/bin/phpize

# ./configure –with-php-config=/usr/local/php/bin/php-config

# make

# make install
修改php.ini文件,路径/usr/local/etc/cgi/
查找:extension_dir = “./”
修改成:extension_dir = “/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/”
在此句下面一行
添加:extension = “memcache.so”
查找:output_buffering = Off
修改成:output_buffering = On
保存。
Memcached
# cd /usr/local/src

#tar zxvf libevent-1.4.13-stable.tar.gz

# cd libevent-1.4.13-stable

# ./configure –prefix=/usr/lib

# make

# make install

# cd ../

# tar zxvf memcached-1.4.5.tar.gz

# cd memcached-1.4.5

# ./configure –prefix=/usr/local –with-libevent=/usr/lib/

# make

# make install

# /usr/local/bin/memcached -d -u www -m 128
-p <num>

监听的TCP端口(缺省: 11211)

-d

以守护进程方式运行 以守护进程方式运行 Memcached Memcached

-u <username>

运行运行 Memcached的账户 非root用户

-m <num>

最大的内存使用单位是MB 缺省是64MB

-c <num>
软连接数量缺省是1024

-v

输出警告和错误信息

-vv

打印客户端的请求和返回信息

-h
打印帮助信息
-i
打印memcached和libevent的版权信息

6. 安装ZendOptimizer

# cd ..

# tar zxvf ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz

# cd ZendOptimizer-3.3.3-linux-glibc23-i386

# ./install

Please specify the location for installing

Zend Optimizer:

这里填写Zend的安装路径,按下面写即可

/usr/local/Zend

Confirm the location of your

php.ini file:

这里填写的是php.ini的路径,按下面写即可

/usr/local/etc/cgi

Are you using Apache Web server?

这里选No

7.启动Nginx和PHP

# mv -f /usr/local/src/fcgi.conf /usr/local/nginx/conf/

# cp -f /usr/local/src/nginx.conf /usr/local/nginx/conf/nginx.conf

# ulimit -SHn 65535

# /usr/local/php/sbin/php-fpm start

# service nginx start

8.关于安全设置

查找/usr/local/etc/cgi/php.ini里的
; cgi.fix_pathinfo=0
把这句前的分号去掉,变成
cgi.fix_pathinfo=0

您可能还喜欢...