week11 1、请描述一次完整的http请求处理过程; 2、httpd所支持的处理模型有哪些,他们的分别使用于哪些环境。 3、源码编译安装LAMP环境(基于wordpress程序),并写出详细的安装、配置、测试过程。 4、建立httpd服务器(基于编译的方式进行),要求: 提供两个基于名称的虚拟主机: (a)www1.stuX.com,页面文件目录为/web/vhosts/www1;错误日志为/var/log/httpd/www1.err, 访问日志为/var/log/httpd/www1.access; (b)www2.stuX.com,页面文件目录为/web/vhosts/www2;错误日志为/var/log/httpd/www2.err, 访问日志为/var/log/httpd/www2.access; (c)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名; (d)通过www1.stuX.com/server-status输出httpd工作状态相关信息,且只允许提供帐号密码才能访问(status:status); 5、为第4题中的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点; (1)要求使用证书认证,证书中要求使用的国家(CN)、州(HA)、城市(ZZ)和组织(MageEdu); (2)设置部门为Ops,主机名为www2.stuX.com,邮件为admin@stuX.com; 6、在LAMP架构中,请分别以php编译成httpd模块形式和php以fpm工作为独立守护进程的方式来支持httpd,列出详细的过程。
题目1: 1)建立或处理连接:客户端发送http请求报文,服务器端接收或拒绝请求; 2)接收请求:服务器端接收来自客户端对某些资源的请求; 3)处理请求:服务器端解析客户端请求报文,获取客户端请求的资源及请求方法等信息; 4)访问资源:服务器端获取客户端请求的资源; 5)构建响应报文; 6)发送响应报文; 7)日志记录;
题目2: http支持的处理模型: 1)prefork: 多进程模型;每个进程响应一个请求; 一个主进程:负责生成及回收子进程;负责创建套接字;负责接收请求,并派发请求给子进程; 多个子进程:负责处理来自主进程派发的客户端请求;每个子进程处理一个请求; 工作模式:服务器端会预先生成几个空闲进程,用于响应客户端请求; 可以在配置文件中设置最大及最小空闲子进程数目; 2)worker: 多进程多线程模型;每个线程响应一个请求; 一个主进程:负责生成及回收子进程;负责创建套接字;负责接收请求,并派发请求给子进程; 多个子进程:每个子进程生成多个线程; n个线程:每个线程响应一个请求; 并发数量:子进程数目x每个子进程所能生成的最大线程数 3)event: 事件驱动模型;多进程模型;每个进程响应多个请求; 一个主进程:负责生成及回收子进程;负责创建套接字;负责接收请求,并派发请求给子进程; 多个子进程:每个子进程基于事件驱动机制响应多个请求;
题目3:源码编译安装LAMP+Wordpress:
1)准备环境
[root@dr2 ~]# yum -y groupinstall "Development Tools" "Server Platform Development"
[root@dr2 ~]# yum -y install openssl-devel zlib-devel libxml2-devel pcre-devel
2)编译安装apr
[root@dr2 ~]# tar xf apr-1.5.2.tar.bz2
[root@dr2 ~]# cd apr-1.5.2
[root@dr2 ~]# ./configure --prefix=/usr/local/apr
[root@dr2 ~]# make && make install
3)编译安装apr-util
[root@dr2 ~]# tar xf apr-util-1.5.4.tar.bz2
[root@dr2 ~]# cd apr-util-1.5.4
[root@dr2 ~]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@dr2 ~]# make && make install
4)编译安装httpd
[root@dr2 ~]# tar xf httpd-2.4.23.tar.bz2
[root@dr2 ~]# cd httpd-2.4.23
[root@dr2 ~]# ./configure --prefix=/usr/local/apache2 \
--enable-http --enable-remoteip --enable-rewrite \
--enable-ssl --enable-unixd --enable-modules=most --with-mpm=event \
--enable-mpms-shared=all --enable-mods-shared=most --enable-so \
--enable-deflate --enable-cgi --enable-proxy --enable-proxy-fcgi \
--enable-proxy-ajp --enable-proxy-http --enable-proxy-balancer \
--enable-cgi --enable-cgid --enable-watchdog \
--enable-proxy-hcheck --with-pcre --with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/
[root@dr2 ~]# make && make install
添加path路径:/etc/profile.d/apache.sh
export PATH=$PATH:/usr/local/apache2/bin
root@dr2 ~]# source /etc/profile.d/apache.sh
添加服务启动脚本:/usr/lib/systemd/system/httpd.service
[Unit]
Description=The Apache2.4 HTTP Server
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache2/bin/apachectl start
ExecReload=/usr/local/apache2/bin/apachectl restart
ExecStop=/usr/local/apache2/bin/apachectl stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@dr2 ~]# systemctl daemon-reload
[root@dr2 ~]# systemctl enable httpd
编辑配置文件:/usr/local/apache2/conf/httpd.conf,修改如下参数:
User apache
Group apache
[root@dr2 ~]# systemctl start httpd
5)编译安装MySQL-5.7.12
[root@dr2 ~]# groupadd -r mysql
[root@dr2 ~]# useradd -r -g mysql -s /sbin/nologin mysql
[root@dr2 ~]# tar xf mysql-5.7.12-linux-glibc2.5-x86_64.tar.gz -C /usr/local/
[root@dr2 ~]# cd /usr/local
[root@dr2 ~]# ln -sv mysql-5.7.12-linux-glibc2.5-x86_64 mysql
[root@dr2 ~]# chown -R mysql:mysql mysql/
[root@dr2 ~]# cd mysql
[root@dr2 ~]# mkdir -pv /data/mydata
[root@dr2 ~]# chown -R mysql.mysql /data/mydata/
[root@dr2 ~]# ./bin/mysqld --initialize --user=mysql --datadir=/data/mydata/
[root@dr2 ~]# cp support-files/mysql.server /etc/init.d/mysqld
[root@dr2 ~]# chmod +x /etc/init.d/mysqld
[root@dr2 ~]# chkconfig mysqld on
[root@dr2 ~]# cp support-files/my-default.cnf /etc/my.cnf
编辑my.cnf:
basedir=/usr/local/mysql
datadir=/data/mydata
innodb_file_per_table=ON
skip_name_resolve=ON
character_set_server=utf8
pid_file=/var/run/mysql.pid
添加mysql PATH路径:(/etc/profile.d/mysql.sh)
export PATH=/usr/local/mysql/bin:$PATH
添加mysql库文件:(/etc/ld.so.conf.d/mysql.conf )
/usr/local/mysql/lib
添加mysql头文件:
[root@dr2 mysql]# ln -sv /usr/local/mysql/include/ /usr/include/mysql
修改root密码:
[root@dr2 ~]# mysqld_safe --skip-grant-tables &
[root@dr2 ~]# mysql
mysql> update user set authentication_string=password('redhat') where host='localhost';
mysql> exit
[root@dr2 ~]# kill %1
启动mysqld:
[root@dr2 ~]# service mysqld start
再次修改密码:
[root@dr2 ~]# mysql
mysql> set password for root@localhost = password('redhat');
mysql>exit
6)编译安装php7
准备环境:
[root@dr2 ~]# yum -y install bzip2-devel gd-devel libmcrypt-devel
安装php7:
[root@dr2 ~]# tar xf php-7.0.8.tar.xz
[root@dr2 ~]# cd php-7.0.8
[root@dr2 php-7.0.8]# ./configure --prefix=/usr/local/php7 \
--enable-fpm --with-fpm-user=apache --with-fpm-group=apache \
--with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d \
--with-libxml-dir=/usr --enable-xml --enable-bcmath --with-gd \
--with-jpeg-dir --with-png-dir --with-zlib --with-freetype-dir \
--with-gettext --enable-mbstring --with-mysqli=mysqlnd \
--with-mysql-sock=/tmp/mysql.sock --enable-mysqlnd \
--enable-sockets --enable-zip --with-openssl \
--with-pcre-dir --with-mcrypt --with-bz2 \
--without-pear --disable-phar
[root@dr2 php-7.0.8]# make && make install
[root@dr2 php-7.0.8]# mkdir /etc/php.d
[root@dr2 php-7.0.8]# cp php.ini-production /etc/php.ini
[root@dr2 php-7.0.8]# cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/php7-fpm.service
编辑php7-fpm.service:
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target
[Service]
Type=simple
PIDFile=/var/run/php7-fpm.pid
ExecStart=/usr/local/php7/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php7/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
[root@dr2 php-7.0.8]# systemctl daemon-reload
[root@dr2 php-7.0.8]# systemctl enable php7-fpm
[root@dr2 php-7.0.8]# cd /usr/local/php7/etc
[root@dr2 etc]# mv php-fpm.conf.default php-fpm.conf
[root@dr2 etc]# cd php-fpm.d
[root@dr2 php-fpm.d]# mv www.conf.default www.conf
编辑www.conf,修改如下参数:
user = apache
group = apache
listen.owner = apache
listen.group = apache
listen.mode = 0660
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
启动服务:
[root@dr2 ~]# systemctl start php7-fpm.service
查看是否正常启动:
[root@dr2 ~]# systemctl status php7-fpm.service
[root@dr2 ~]# ss -ntl
7)安装wordpress
[root@dr2 soft]# mkdir /www
[root@dr2 soft]# unzip wordpress-4.6.1.zip -d /www/
编辑apache配置文件,添加虚拟主机:
[root@dr2 soft]# cd /usr/local/apache2/conf/
编辑httpd.conf:
ServerName www.example.com:80
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#DocumentRoot "/usr/local/apache2/htdocs" #注释中心主机
Include conf/extra/wordpress.conf
创建虚拟主机:(/usr/local/apache2/etc/conf/extra/wordpress.conf)
<VirtualHost *:80>
ServerAdmin root@localhost
DocumentRoot "/www/wordpress"
ServerName wordpress.example.com
DirectoryIndex index.php
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/www/wordpress/$1
<Directory "/www/wordpress">
Options none
AllowOverride none
Require all granted
</Directory>
ErrorLog "/var/log/httpd/wordpress/error.log"
CustomLog "/var/log/httpd/wordpress/access.log" common
</VirtualHost>
[root@dr2 soft]# mkdir -pv /var/log/httpd/wordpress
[root@dr2 soft]# chown -R apache:apache /var/log/httpd/
检查:
[root@dr2 soft]# httpd -t
[root@dr2 soft]# httpd -M #查看当前apache装载的模块
重新启动服务:
[root@dr2 soft]# systemctl restart httpd.service
准备wordpress所用的数据库:
[root@dr2 soft]# mysql -uroot -p
mysql> create database wpdb default charset utf8;
Query OK, 1 row affected (0.01 sec)
mysql> grant all on wpdb.* to wpuser@localhost identified by 'redhat';
Query OK, 0 rows affected, 2 warnings (0.01 sec)
mysql> grant all on wpdb.* to wpuser@'%' identified by 'redhat';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
安装wordpress:
浏览器端输入:http://IP;安装提示安装即可;
题目4:
编辑虚拟主机配置文件:extra/httpd-vhost1.conf
<VirtualHost *:80>
ServerAdmin root@localhost
DocumentRoot "/web/vhosts/www1"
ServerName www1.stuX.com
<Directory "/web/vhosts/www1">
Options none
AllowOverride none
Require all granted
</Directory>
<Location /server-status>
SetHandler server-status
AuthType Basic
AuthName "Auth Aceess"
AuthBasicProvider file
AuthUserFile "/usr/local/apache2/conf/extra/password"
Require valid-user
</Location>
ErrorLog "/var/log/httpd/www1.err"
CustomLog "/var/log/httpd/www1.access" common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin root@localhost
DocumentRoot "/web/vhosts/www2"
ServerName www2.stuX.com
<Directory "/web/vhosts/www2">
Options none
AllowOverride none
Require all granted
</Directory>
ErrorLog "/var/log/httpd/www2.err"
CustomLog "/var/log/httpd/www2.access" common
</VirtualHost>
编辑httpd.conf,加载虚拟主机配置文件:
Include conf/extra/httpd-vhost1.conf
创建相关目录文件:
[root@dr2 extra]# mkdir -pv /web/vhosts/www{1,2}
在www1,www2目录下创建index.html,区分web信息;
编辑/etc/hosts
10.0.0.4 www1.stuX.com
10.0.0.4 www2.stuX.com
重启服务:
[root@dr2 extra]# httpd -t
[root@dr2 extra]# systemctl restart httpd.service
测试:
[root@dr2 extra]# curl http://www1.stuX.com/
Vhost: www1
[root@dr2 extra]# curl http://www2.stuX.com/
Vhosts: www2
[root@dr2 extra]# curl -I http://www1.stuX.com/server-status
HTTP/1.1 401 Unauthorized
Date: Sat, 29 Oct 2016 23:24:27 GMT
Server: Apache/2.4.23 (Unix) PHP/7.0.8
WWW-Authenticate: Basic realm="Auth Aceess"
Content-Type: text/html; charset=iso-8859-1
[root@dr2 extra]# curl -I -u apache:redhat http://www1.stuX.com/server-status
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2016 23:24:28 GMT
Server: Apache/2.4.23 (Unix) PHP/7.0.8
Content-Length: 4068
Content-Type: text/html; charset=ISO-8859-1
题目5:
1)构建私有CA
root@dr2 ~]# yum -y install openssl
root@dr2 ~]# cd /etc/pki/CA/
生成私钥:
[root@dr2 CA]# (umask 077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 4096)
生成自签证书并自签:
[root@dr2 CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem \
-out /etc/pki/CA/cacert.pem -days 365
为CA提供所需的文件:
[root@dr2 CA]# touch serial index.txt
[root@dr2 CA]# echo 01 > serial
2)构建https
[root@dr2 CA]# cd /usr/local/apache2/conf/
[root@dr2 conf]# mkdir ssl
[root@dr2 conf]# cd ssl
生成http私钥:
[root@dr2 ssl]# (umask 077;openssl genrsa -out ./httpd.key 4096)
生成证书请求:
[root@dr2 ssl]# openssl req -new -key ./httpd.key -out ./httpd.csr -days 365
CA签署:
[root@dr2 ssl]# openssl ca -in httpd.csr -out ./httpd.crt -days 365
[root@dr2 ssl]# tree .
.
├── httpd.crt
├── httpd.csr
└── httpd.key
3)修改httpd.conf:
Listen 443
LoadModule ssl_module modules/mod_ssl.so
4)修改httpd虚拟主机配置文件:extra/httpd-vhost1.conf
[root@dr2 ssl]# cd /usr/local/apache2/conf/extra
[root@dr2 extra]# vim httpd-vhost1.conf
<VirtualHost *:443>
ServerAdmin root@localhost
DocumentRoot "/web/vhosts/www2"
ServerName www2.stuX.com
SSLEngine on
SSLCertificateFile "/usr/local/apache2/conf/ssl/httpd.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/ssl/httpd.key"
<Directory "/web/vhosts/www2">
Options none
AllowOverride none
Require all granted
</Directory>
ErrorLog "/var/log/httpd/www2.err"
CustomLog "/var/log/httpd/www2.access" common
</VirtualHost>
5)重启服务
[root@dr2 extra]# httpd -t
[root@dr2 extra]# systemctl restart httpd.service
题目6:
1)php编译成httpd模块方式:
[root@dr2 php-7.0.8]# ./configure --prefix=/usr/local/php7 --with-config-file-path=/etc \
--with-config-file-scan-dir=/etc/php.d --with-libxml-dir=/usr --enable-xml \
--enable-bcmath --with-gd --with-jpeg-dir --with-png-dir --with-zlib --with-freetype-dir \
--with-gettext --enable-mbstring --with-mysqli=mysqlnd --with-mysql-sock=/tmp/mysql.sock \
--enable-mysqlnd --enable-sockets --enable-zip --with-openssl --with-pcre-dir \
--with-apxs2=/usr/local/apache2/bin/apxs --with-mcrypt --with-bz2 --without-pear --disable-phar
使用--with-apxs2=/path/to/apx选项会将php作为模块编译进apache;
查看apache模块:
[root@dr2 wordpress]# httpd -M|grep -i php
php7_module (shared)
2)php以fpm工作为独立守护进程方式:
[root@dr2 php-7.0.8]# ./configure --prefix=/usr/local/php7 --enable-fpm --with-fpm-user=apache \
--with-fpm-group=apache --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d \
--with-libxml-dir=/usr --enable-xml --enable-bcmath --with-gd --with-jpeg-dir --with-png-dir \
--with-zlib --with-freetype-dir --with-gettext --enable-mbstring --with-mysqli=mysqlnd \
--with-mysql-sock=/tmp/mysql.sock --enable-mysqlnd --enable-sockets --enable-zip \
--with-openssl --with-pcre-dir --with-mcrypt --with-bz2 --without-pear --disable-phar
使用--enable-fpm,--with-fpm-user,--with-fpm-group选项,不使用--with-apxs选项;
如果apache使用的是event机制,则使用此项--enable-maintainer-zts;
php7官方建议apache使用prefork模式,不使用worker模式;
php-fpm有2种监听状态:
1)Tcp/ip socket
默认监听在127.0.0.1的9000端口;
2)Unix socket
listen = /var/run/php-fpm.sock
对应的apache要加载proxy_module及proxy_fcgi_module模块;
php-fpm进程工作模式:
1)static:以固定数量的子进程运行;
pm.max_children
2)dynamic:子进程数是动态改变的,类似apache的prefork模式;
pm.max_children:最多可同时运行的子进程数量;
pm.start_servers:启动时子进程数量;
pm.min_spare_servers:最小空闲子进程数量;
pm.max_spare_servers:最大空闲子进程数量;
3)ondemand:主进程启动时不会生成子进程,只有当有请求时才会生成子进程去响应;
pm.max_children
pm.process_idle_timeout:一个空闲进程被销毁的间隔时间,单位秒;
原创文章,作者:devon,如若转载,请注明出处:http://www.178linux.com/56401
评论列表(1条)
过程写的比较详细,赞;题目中涉及的Http处理模型试用于哪些环境这类接近实战的建议多想几个场景会更好。加油~