lamp架构的部署

王志龙 2020-06-14

lamp简介

lamp,是由Linux+Apache+Mysql/MariaDB+Php/Perl/Python的一组动态网站或者服务器的开源软件,除Linux外其它各部件本身都是各自独立的程序,但是因为经常被放在一起使用,拥有了越来越高的兼容度,共同组成了一个强大的Web应用程序平台。

LAMP指的是Linux(操作系统)、Apache(HTTP服务器)、MySQL(也指MariaDB,数据库软件)和PHP(有时也是指Perl或Python)的第一个字母,一般用来建立web应用平台。

web服务的工作流程

web服务器的资源分为两种,静态资源和动态资源

  • 静态资源就是指静态内容,客户端从服务器获得的资源的表现形式与原文件相同。可以简单的理解为就是直接存储于文件系统中的资源
  • 动态资源则通常是程序文件,需要在服务器执行之后,将执行的结果返回给客户端

那么web服务器如何执行程序并将结果返回给客户端呢?下面通过一张图来说明一下web服务器如何处理客户端的请求

lamp架构的部署

如上图所示

阶段①显示的是httpd服务器(即apache)和php服务器通过FastCGI协议进行通信,且php作为独立的服务进程运行

阶段②显示的是php程序和mysql数据库间通过mysql协议进行通信。php与mysql本没有什么联系,但是由Php语言写成的程序可以与mysql进行数据交互。同理perl和python写的程序也可以与mysql数据库进行交互

CGI与FASTCGI

上图阶段①中提到了FastCGI,下面我们来了解下CGI与FastCGI

CGI(Common Gateway Interface,通用网关接口),CGI是外部应用程序(CGI程序)与WEB服务器之间的接口标准,是在CGI程序和Web服务器之间传递信息的过程。CGI规范允许Web服务器执行外部程序,并将它们的输出发送给Web浏览器,CGI将web的一组简单的静态超媒体文档变成一个完整的新的交互式媒体

FastCGI(Fast Common Gateway Interface)是CGI的改良版,CGI是通过启用一个解释器进程来处理每个请求,耗时且耗资源,而FastCGI则是通过master-worker形式来处理每个请求,即启动一个master主进程,然后根据配置启动几个worker进程,当请求进来时,master会从worker进程中选择一个去处理请求,这样就避免了重复的生成和杀死进程带来的频繁cpu上下文切换而导致耗时

httpd与php结合的方式

httpd与php结合的方式有以下三种:

  • modules:php将以httpd的扩展模块形式存在,需要加载动态资源时,httpd可以直接通过php模块来加工资源并返回给客户端
    • httpd prefork:libphp5.so(多进程模型的php)
    • httpd event or worker:libphp5-zts.so(线程模型的php)
  • CGI:httpd需要加载动态资源时,通过CGI与php解释器联系,获得php执行的结果,此时httpd负责与php连接的建立和断开等
  • FastCGI:利用php-fpm机制,启动为服务进程,php自行运行为一个服务,https通过socket与php通信

较于CGI方式,FastCGI更为常用,很少有人使用CGI方式来加载动态资源

web工作流程

通过上面的图说明一下web的工作流程:

  1. 客户端通过http协议请求web服务器资源
  2. web服务器收到请求后判断客户端请求的资源是静态资源或是动态资源
    • 若是静态资源则直接从本地文件系统取之返回给客户端。
    • 否则若为动态资源则通过FastCGI协议与php服务器联系,通过CGI程序的master进程调度worker进程来执行程序以获得客户端请求的动态资源,并将执行的结果通过FastCGI协议返回给httpd服务器,httpd服务器收到php的执行结果后将其封装为http响应报文响应给客户端。在执行程序获取动态资源时若需要获得数据库中的资源时,由Php服务器通过mysql协议与MySQL/MariaDB服务器交互,取之而后返回给httpd,httpd将从php服务器收到的执行结果封装成http响应报文响应给客户端。

LAMP构建

环境

  • CentOS7/RedHat7-192.168.233.129
    • httpd-2.4
    • mysql-5.7
    • php
    • php-mysql

安装次序:
httpd --> mysql --> php

安装httpd

#安装开发环境
[ ~]# yum groupinstall "Development Tools"
#下载必要的插件
[ ~]# yum install -y opensll-devel pcre-devel expat-devel libtool
#下载依赖和httpd
[ ~]# ls
anaconda-ks.cfg  apr-1.6.5.tar.gz  apr-util-1.6.1.tar.bz2  httpd-2.4.38.tar.bz2
[ ~]# 
#创建apache用户和组(由于创建用户时顺便创建了组)
[ ~]# useradd -r apache
[ ~]# id apache
uid=997(apache) gid=995(apache) groups=995(apache)
[ ~]# 
#解压 apr-1.6.5.tar.gz、apr-util-1.6.1.tar.bz2、httpd-2.4.38.tar.bz2
[ ~]# tar -xf apr-1.6.5.tar.gz 
[ ~]# ls
anaconda-ks.cfg  apr-1.6.5  apr-1.6.5.tar.gz  apr-util-1.6.1.tar.bz2  httpd-2.4.38.tar.bz2
[ ~]# tar -xf apr-util-1.6.1.tar.bz2 
[ ~]# ls
anaconda-ks.cfg  apr-1.6.5  apr-1.6.5.tar.gz  apr-util-1.6.1  apr-util-1.6.1.tar.bz2  httpd-2.4.38.tar.bz2
[ ~]# tar -xf httpd-2.4.38.tar.bz2 
[ ~]# ls
anaconda-ks.cfg  apr-1.6.5  apr-1.6.5.tar.gz  apr-util-1.6.1  apr-util-1.6.1.tar.bz2  httpd-2.4.38  httpd-2.4.38.tar.bz2
[ ~]# 
#进入apr-1.6.5进行编译安装
[ ~]# cd apr-1.6.5
[ apr-1.6.5]# vim configure
    cfgfile=${ofile}T
    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
#    $RM "$cfgfile" (添加注释或者删除)
[ apr-1.6.5]# ./configure --prefix=/usr/local/apr
[ apr-1.6.5]# make && make install
#进入apr-util-1.6.1 目录
[ apr-1.6.5]# cd ..
[ ~]# cd apr-util-1.6.1
[ apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/
[ apr-util-1.6.1]# make && make install
#进入httpd,并且编译
[ ~]# cd httpd-2.4.38
[ httpd-2.4.37]# ./configure --prefix=/usr/local/apache  --sysconfdir=/etc/httpd24 --enable-so  --enable-ssl  --enable-cgi  --enable-rewrite  --with-zlib  --with-pcre  --with-apr=/usr/local/apr  --with-apr-util=/usr/local/apr-util/  --enable-modules=most  --enable-mpms-shared=all  --with-mpm=prefork
[ httpd-2.4.38]# make && make install
#后续操作
[ ~]#  echo ‘export PATH=/usr/local/apache/bin:$PATH‘ > /etc/profile.d/httpd.sh 
[ ~]# source /etc/profile.d/httpd.sh 
[ ~]#  ln -s /usr/local/apache/include/ /usr/include/httpd 
[ ~]#  sed -i ‘/#ServerName/s/#//g‘ /etc/httpd24/httpd.conf 
[ ~]# apachectl start
httpd (pid 56851) already running
[ ~]# ss -antl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      128                                     *:22                                                  *:*                  
LISTEN     0      100                             127.0.0.1:25                                                  *:*                  
LISTEN     0      128                                    :::80                                                 :::*                  
LISTEN     0      32                                     :::21                                                 :::*                  
LISTEN     0      128           :::22

二进制安装mysql

-glibc2.12-x86_64  src
games  lib64    sbin
#创建软链接
[ local]# ln -sv mysql-5.7.22-linux-glibc2.12-x86_64/ mysql
‘mysql’ -> ‘mysql-5.7.22-linux-glibc2.12-x86_64/’
[ local]# 
[ local]# ll
total 0
drwxr-xr-x. 2 root root   6 Mar 10  2016 bin
drwxr-xr-x. 2 root root   6 Mar 10  2016 etc
drwxr-xr-x. 2 root root   6 Mar 10  2016 games
drwxr-xr-x. 2 root root   6 Mar 10  2016 include
drwxr-xr-x. 2 root root   6 Mar 10  2016 lib
drwxr-xr-x. 2 root root   6 Mar 10  2016 lib64
drwxr-xr-x. 2 root root   6 Mar 10  2016 libexec
lrwxrwxrwx. 1 root root  36 Apr 26 09:23 mysql -> mysql-5.7.22-linux-glibc2.12-x86_64/
drwxr-xr-x. 9 root root 129 Apr 26 09:23 mysql-5.7.22-linux-glibc2.12-x86_64
drwxr-xr-x. 2 root root   6 Mar 10  2016 sbin
drwxr-xr-x. 5 root root  49 Apr 17 14:55 share
drwxr-xr-x. 2 root root   6 Mar 10  2016 src
[ local]# 
[ local]# groupadd -r mysql
[ local]# useradd -M -s /sbin/nologin -g mysql mysql
[ local]# chown -R mysql.mysql mysql
[ local]# echo "export PATH=/usr/local/mysql/bin/:$PATH" > /etc/profile.d/mysql.sh
[ local]# source /etc/profile.d/mysql.sh 
#数据库主目录
[ local]# mkdir /opt/data
#改属组属主
[ local]# chown -R mysql.mysql /opt/data/
#初始化数据
[ local]# mysqld --initialize --user=mysql --datadir=/opt/data/
2020-04-26T13:28:47.194209Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2020-04-26T13:28:47.739448Z 0 [Warning] InnoDB: New log files created, LSN=45790
2020-04-26T13:28:47.878674Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2020-04-26T13:28:48.064606Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: dc2dc2c2-87c1-11ea-b320-000c29361d6b.
2020-04-26T13:28:48.065569Z 0 [Warning] Gtid table is not ready to be used. Table ‘mysql.gtid_executed‘ cannot be opened.
2020-04-26T13:28:48.066537Z 1 [Note] A temporary password is generated for : ,8wypuC8Swht #密码
[ local]# cd
[ ~]# echo ",8wypuC8Swht" > passwd.txt
[ ~]# ls
anaconda-ks.cfg  passwd.txt
#创建mysql的配置文件
[ ~]# vim /etc/my.cnf
[ ~]# cat /etc/my.cnf
[mysqld]
basedir = /usr/local/mysql 
datadir = /opt/data 
socket = /tmp/mysql.sock 
port = 3306 
pid-file = /opt/data/mysql.pid 
user = mysql 
skip-name-resolve
[ ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld 
[ ~]#  sed -ri ‘s#^(datadir=).*#\1/opt/data#g‘ /etc/init.d/mysqld
[ ~]#  sed -ri ‘s#^(basedir=).*#\1/usr/local/mysql#g‘ /etc/init.d/mysqld 
[ ~]# service mysqld start
Starting MySQL. SUCCESS! 
[ ~]# ss -antl
State      Recv-Q Send-Q     Local Address:Port                    
LISTEN     0      128                    *:22                      
LISTEN     0      100            127.0.0.1:25                      
LISTEN     0      128                   :::22                      
LISTEN     0      100                  ::1:25                      
LISTEN     0      80                    :::3306         #mysql端口号
[ ~]# mysql -uroot -p,8wypuC8Swht
mysql: [Warning] Using a password on the command line interface can
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.22

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights 

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input
#修改密码
mysql> set password = password ("123");

安装php

#配置yum
[~]# yum -y install epel-release
[ ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

#安装依赖
[ ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel  libpcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php72w-mysqlnd

#安装php
[ ~]# cd /usr/src/
[	src]# wget http://cn.php.net/distributions/php-7.2.8.tar.xz
[	src]# tar xf php-7.2.8.tar.xz
[ src]# cd php-7.2.8
[ php-7.2.8]# ./configure --prefix=/usr/local/php7  --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif  --enable-ftp --with-gd --with-jpeg-dir --with-png-dir --with-zlib-dir --with-freetype-dir --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --enable-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix
[ php-7.2.8]# make -j $(cat /proc/cpuinfo |grep processor|wc -l)
[ php-7.2.8]# make install

#配置php
[ php-7.2.8]# echo ‘export PATH=/usr/local/php7/bin:$PATH‘ > /etc/profile.d/php7.sh
[ php-7.2.8]# source /etc/profile.d/php7.sh
[ php-7.2.8]# php -v
PHP 7.2.8 (cli) (built: Feb 20 2019 16:45:01) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
[ php-7.2.8]# cp php.ini-production /etc/php.ini -f
[ php-7.2.8]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm -f
[ php-7.2.8]# chmod +x /etc/rc.d/init.d/php-fpm
[ php-7.2.8]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf -f
[ php-7.2.8]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf -f

#编辑php-fpm配置文件
[ php-7.2.8]#  cat >> /usr/local/php7/etc/php-fpm.conf << EOF
pm.max_children = 50    
pm.start_servers = 5    
pm.min_spare_servers = 2    
pm.max_spare_servers = 8   

#启动php-fpm
[ php-7.2.8]# service php-fpm start
Starting php-fpm  done
[ php-7.2.8]#  ss -antl
State       Recv-Q Send-Q        Local Address:Port                       Peer Address:Port              
LISTEN      0      128                       *:22                                    *:*                  
LISTEN      0      100               127.0.0.1:25                                    *:*                  
LISTEN      0      128               127.0.0.1:9000                                  *:*                  
LISTEN      0      128                      :::80                                   :::*                  
LISTEN      0      128                      :::22                                   :::*                  
LISTEN      0      100                     ::1:25                                   :::*                  
LISTEN      0      80                       :::3306                                 :::*

配置apache

启用代理模块

在apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现,此模块为mod_proxy_fcgi.so,它其实是作为mod_proxy.so模块的扩展,因此,这两个模块都要加载,编辑httpd.conf文件,取消以下两行内容的注释:

  • LoadModule proxy_module modules/mod_proxy.so
  • LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#启用httpd的相关模块
[ ~]# sed -i ‘/proxy_module/s/#//g‘ /etc/httpd24/httpd.conf
[ ~]# sed -i ‘/proxy_fcgi_module/s/#//g‘ /etc/httpd24/httpd.c onf

配置虚拟主机
在需要使用fcgi的虚拟主机中添加类似如下两行:

#关闭正向代理
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/PATH/TO/DOCUMENT_ROOT/$

如:

ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/var/www/html/idfsoft.com/$1

以上设置表示把以.php结尾的文件请求发送到php-fpm进程,php-fpm至少需要知道运行的目录和URI,所以这里直接在fcgi://127.0.0.1:9000后指明了这两个参数,其它参数的传递已经被mod_proxy_fcgi.so进行了封装,不需要手动指定。

注意:这里写的/var/www/html/是yum源安装方式生成的网页存放目录,这里需要改成你编译安装指定的网页存放路径,请勿直接复制我这里的路径
这里的idfsoft.com是域名,你需要改成你所使用的域名,请勿直接复制此处的域名
这里的$1表示匹配所有以.php结尾的http请求

[ ~]# mkdir /usr/local/apache/htdocs/The_Legend_of_Zelda.com
[ ~]# cat > /usr/local/apache/htdocs/The_Legend_of_Zelda.com/index.php <<EOF
<?php
   phpinfo();
?>
EOF
[ ~]# chown -R apache.apache /usr/local/apache/htdocs/
[ ~]# cat >> /etc/httpd24/httpd.conf <<EOF
#在末尾添加类似如下内容
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/The_Legend_of_Zelda.com"
    ServerName www.LegendofZelda.com
    ProxyRequests Off
    ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/The_Legend_of_Zelda.com/$1
    <Directory "/usr/local/apache/htdocs/The_Legend_of_Zelda.com">
        Options none
        AllowOverride none
        Require all granted
    </Directory>
</VirtualHost>  
EOF
#然后搜索/AddType
在 AddType application/x-compress .Z
   AddType application/x-gzip .gz .tgz
后面添加如下内容:
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php-source .phps
[ ~]# sed -i ‘/    DirectoryIndex/s/index.html/index.php index.html/g‘ /etc/httpd24/httpd.conf

#重启apache
[ ~]# apachectl stop
[ ~]# apachectl start
[ ~]# ss -antl
State       Recv-Q Send-Q        Local Address:Port                       Peer Address:Port              
LISTEN      0      128                       *:22                                    *:*                  
LISTEN      0      100               127.0.0.1:25                                    *:*                  
LISTEN      0      128               127.0.0.1:9000                                  *:*                  
LISTEN      0      128                      :::80                                   :::*                  
LISTEN      0      128                      :::22                                   :::*                  
LISTEN      0      100                     ::1:25                                   :::*                  
LISTEN      0      80                       :::3306                                 :::*       
#关闭防火墙
[ ~]# systemctl stop firewalld
[ ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

验证

用IP或域名登录,看到以下界面代表部署成功

lamp架构的部署

相关推荐

caspertian / 0评论 2019-12-20