1、请描述一次完整的http请求处理过程;
一次完整的http请求处理过程:
(1) 建立或处理连接:接收请求或拒绝请求;
(2) 接收请求:接收来自于网络上的主机请求报文中对某特定资源的一次请求的过程;
(3) 处理请求:对请求报文进行解析,获取客户端请求的资源及请求方法等相关信息;
(4) 访问资源:获取请求报文中请求的资源;
(5) 构建响应报文:
(6) 发送响应报文:
(7) 记录日志:
2、httpd所支持的处理模型有哪些,他们的分别使用于哪些环境。
MPM:Multipath processing Modules (多路处理模块)
prefork:多进程模型,每个进程响应一个请求;
一个主进程:负责生成子进程及回收子进程;负责创建套接字;负责接收请求,并将其派发给某子进程进行处理;
n个子进程:每个子进程处理一个请求;
工作模型:会预先生成几个空闲进程,随时等待用于响应用户请求;最大空闲和最小空闲;
worker:多进程多线程模型,每线程处理一个用户请求;
一个主进程:负责生成子进程;负责创建套接字;负责接收请求,并将其派发给某子进程进行处理;
多个子进程:每个子进程负责生成多个线程;
并发响应数量:m*n每个线程:负责响应用户请求;
m:子进程数量
n:每个子进程所能创建的最大线程数量;
event:事件驱动模型,多进程模型,每个进程响应多个请求;
一个主进程 :负责生成子进程;负责创建套接字;负责接收请求,并将其派发给某子进程进行处理;
子进程:基于事件驱动机制直接响应多个请求;
httpd-2.2: 仍为测试使用模型;
httpd-2.4:event可生产环境中使用;
3、源码编译安装LAMP环境(基于wordpress程序),并写出详细的安装、配置、测试过程。
OS版本:2.6.32-431.el6.x86_64
httpd版本:2.4.9
mariadb版本:mariadb-10.0.13
php版本:php-5.4.26
1、安装编译安装所需系统环境
~]# yum groupinstall "Development Tools" "Server Platform Development" -y
2、编译安装http-2.4.9需要较新版本的apr和apr-util,对这两个包进行解压后编译安装
(1)编译安装apr
~]#tar -xf apr-1.5.0.tar.bz2
cd apr-1.5.0
./configure –prefix=/usr/local/apr
make && make install
(2)编译安装apr-util
~]# tar xf apr-util-1.5.3.tar.bz2
~]# cd apr-util-1.5.3
apr-util-1.5.3]# ./configure –prefix=/usr/local/apr-util –with-apr=/usr/local/apr
apr-util-1.5.3]# make && make install
3、编译安装httpd
~]# tar -xf httpd-2.4.9.tar.bz2
~]# cd httpd-2.4.9
httpd-2.4.9]# yum install -y openssl openssl-devel pcre pcre-devel 安装几个必备软件
httpd-2.4.9]#./configure –prefix=/usr/local/apache24 –sysconfdir=/etc/httpd24 –enable-so –enable-ssl –enable-cgi –enable-rewrite –with-zlib –with-pcre –with-apr=/usr/local/apr –with-apr-util=/usr/local/apr-util –enable-modules=most –enable-mpms-shared=all –with-mpm=prefork 我选择了profork模型
httpd-2.4.9]# make && make install
将apache24的bin加入path变量中
~]# vim /etc/profile.d/httpd.sh
export PATH=/usr/local/apache24/bin:$PATH
~]#source /etc/profile.d/httpd.sh
输出头文件至系统文件路径usr/include
~]# ln -sv /usr/local/apache24/include/ /usr/include/apache24
"/usr/include/apache24" -> "/usr/local/apache24/include/"
启动httpd并测试是否正常
~]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.
localdomain. Set the 'ServerName' directive globally to suppress this message
~]# ss -tnl | grep 80
LISTEN 0 128 :::80 :::*
~]# curl http://192.168.150.136
<html><body><h1>It works!</h1></body></html>
4、编译安装mariadb
首先安装mariadb编译安装所需的cmake、ncurses-devel
~]# yum -y install cmake ncurses-devel
(1)创建数据存放目录
~]# mkdir -pv /data/mydata
mkdir: 已创建目录 "/data"
mkdir: 已创建目录 "/data/mydata"
(2)创建mysql用户,并授予数据文件mysql账户权限
~]# groupadd mysql
~]# useradd -s /sbin/nologin -g mysql -M mysql
~]# id mysql
uid=500(mysql) gid=500(mysql) 组=500(mysql)
~]# chown -R mysql.mysql /data/mydata
(3)安装mariadb
解压mariadb
~]# tar -xf mariadb-10.0.13.tar.gz
编译安装mariadb
mariadb-10.0.13]# cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mydata -DSYSCONFDIR=/etc -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DWITH_SSL=system -DWITH_ZLIB=system -DWITH_LIBWRAP=0 -DMYSQL_UNIX_ADDR=/tmp/mysql.sock -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci
mariadb-10.0.13]# make && make install
(4)配置mariadb
初始化数据库
~]# cd /usr/local/mysql/
mysql]# scripts/mysql_install_db –user=mysql –datadir=/data/mydata
mysql]# ls /data/mydata/
aria_log.00000001 ibdata1 ib_logfile1 performance_schema
aria_log_control ib_logfile0 mysql test
设置配置文件,修改datadir指定目录项和socket所指定文件
[mysqld]
datadir=/data/mydata
socket=/tmp/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
设置启动脚本
mysql]# cp support-files/mysql.server /etc/init.d/mysqld
mysql]# chkconfig –add mysqld
mysql]# chkconfig –list mysqld
启动并查看服务
mysql]# service mysqld start
Starting MySQL. SUCCESS!
~]# ss -tnlp | grep 3306
LISTEN 0 128 :::3306 :::* users:(("mysqld",65174,
16))
设置环境变量
~]# vim /etc/profile.d/mysql.sh
export PATH=/usr/local/mysql/bin:$PATH
~]# source /etc/profile.d/mysql.sh
导出头文件
~]# ln -sv /usr/local/mysql/include/ /usr/local/include/mysql
"/usr/local/include/mysql" -> "/usr/local/mysql/include/"
导出库文件
mysql]# vim /etc/ld.so.conf.d/mysql.conf
/usr/local/mysql/lib
mysql]# ldconfig -v
mysql]# ldconfig -p |grep mysql
libmysqlclient_r.so.16 (libc6,x86-64) => /usr/lib64/mysql/libmysqlclient_r.so.16
libmysqlclient.so.18 (libc6,x86-64) => /usr/local/mysql/lib/libmysqlclient.so.18
libmysqlclient.so.16 (libc6,x86-64) => /usr/lib64/mysql/libmysqlclient.so.16
libmysqlclient.so (libc6,x86-64) => /usr/local/mysql/lib/libmysqlclient.so
使用mysql_secure_installation脚本来进行安全配置
[root@localhost mysql]# mysql_secure_installation
/usr/local/mysql/bin/mysql_secure_installation: line 379: find_mysql_client: command not fou
nd
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n]
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
… Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
… skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] n
… skipping.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
… Success!
Cleaning up…
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
5、编译安装php
编译安装前安装所需要包
~]# yum -y install libxml2-devel
解压并进行编译安装,注意编译安装的参数要和前面安装的参数一致,比如说Mysql的apache24
php-5.4.26]# ./configure –prefix=/usr/local/php –with-mysql=/usr/local/mysql –with-o
penssl –with-mysqli=/usr/local/mysql/bin/mysql_config –enable-mbstring –with-png-dir –with-jpeg-dir –with-freetype-dir –with-zlib –with-libxml-dir=/usr –enable-xml –enable-sockets –with-apxs2=/usr/local/apache24/bin/apxs –with-mcrypt –with-config-file-path=/etc –with-config-file-scan-dir=/etc/php.d –with-bz2
编译时报错
configure: error: Please reinstall the BZip2 distribution
安装bzip2-devel
php-5.4.26]# yum -y install bzip2-devel
configure: error: mcrypt.h not found. Please reinstall libmcrypt.
~]# wget ftp://mcrypt.hellug.gr/pub/crypto/mcrypt/libmcrypt/libmcrypt-2.5.7.tar.gz
~]# tar -xf libmcrypt-2.5.7.tar.gz
~]# cd libmcrypt-2.5.7
libmcrypt-2.5.7]# ./configure
libmcrypt-2.5.7]# make && make install
再次编译没有问题,进行安装
php-5.4.26]# make -j 4 && make install
6、修改httpd的配置文件,支持php
~]# vim /etc/httpd24/httpd.conf
末行添加
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
定位至DirectoryIndex index.html
修改为:
DirectoryIndex index.php index.html
重启httpd服务,并编辑测试页进行php和mysql的连接测试
~]# apachectl restart
~]# cd /usr/local/apache24/htdocs
htdocs]# ls
index.html
htdocs]# vim index.php
测试php
<h1>phptestpage</h1>
<?php
phpinfo();
?>
测试mysql
htdocs]# cat index.php
<h1>test page</h1>
<?php
$conn = mysql_connect('127.0.0.1','root','oracleadmin');
if ($conn)
echo "OK";
else
echo "Failure";
?>
7、部署wordpress
~]# unzip wordpress-3.2.1-zh_CN.zip
[root@localhost ~]# cp -rf wordpress /usr/local/apache24/htdocs/
[root@localhost ~]# cd /usr/local/apache24/htdocs/wordpress/
[root@localhost wordpress]# cp wp-config-sample.php wp-config.php
[root@localhost wordpress]# vim wp-config.php
/** WordPress 数据库的名称 */
define('DB_NAME', 'wpdb');
/** MySQL 数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL 数据库密码 */
define('DB_PASSWORD', 'wppasswd');
数据库创建
~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.0.13-MariaDB Source distribution
Copyright (c) 2000, 2014, Oracle, SkySQL Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> GRANT ALL ON wpdb.* TO 'wpuser'@'localhost' IDENTIFIED BY 'wppasswd';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE wpdb;
Query OK, 1 row affected (0.06 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.04 sec)
MariaDB [(none)]> exit
Bye
~]# mysql -uwpuser -pwppasswd
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 13
Server version: 10.0.13-MariaDB Source distribution
Copyright (c) 2000, 2014, Oracle, SkySQL Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> SHOW DATABASES;
+——————–+
| Database |
+——————–+
| information_schema |
| test |
| wpdb |
+——————–+
3 rows in set (0.05 sec)
4、建立httpd服务器(基于编译的方式进行),要求:
提供两个基于名称的虚拟主机:
(a)www1.stuX.com,页面文件目录为/web/vhosts/www1;错误日志为/var/log/httpd/www1.err,访问日志为/var/log/httpd/www1.access;
(b)www2.stuX.com,页面文件目录为/web/vhosts/www2;错误日志为/var/log/httpd/www2.err,访问日志为/var/log/httpd/www2.access;
(c)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名;
(d)通过www1.stuX.com/server-status输出httpd工作状态相关信息,且只允许提供帐号密码才能访问(status:status);
1、httpd的编译安装参考上题
2、编辑配置文件
~]# vim /etc/httpd24/httpd.conf
主配置文件注释
#DocumentRoot "/usr/local/apache24/htdocs"
virtual hosts选项打开
Include /etc/httpd24/extra/httpd-vhosts.conf
3、建立虚拟主机配置文件
~]# vim /etc/httpd24/extra/httpd-vhosts.conf
<VirtualHost 192.168.150.136 *:80>
ServerAdmin webmaster@example.com
DocumentRoot "/web/vhost/www1/"
ServerName www1.stuX.com
ServerAlias www.example.com
ErrorLog "/var/log/httpd/www1.err"
CustomLog "/var/log/httpd/www1.access" common
<Directory "/web/vhost/www1">
AllowOverride None
Options None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.150.136 *:80>
ServerAdmin webmaster@example.com
DocumentRoot "/web/vhost/www2"
ServerName www2.stuX.com
ErrorLog "/var/log/httpd/www2.err"
CustomLog "/var/log/httpd/www2.access" common
<Directory "/web/vhost/www2">
AllowOverride None
Options None
Require all granted
</Directory>
</VirtualHost>
4、创建目录及文件
mkdir -pv /web/vhost/{www1,www2}
mkdir: 已创建目录 "/web"
mkdir: 已创建目录 "/web/vhost"
mkdir: 已创建目录 "/web/vhost/www1"
mkdir: 已创建目录 "/web/vhost/www2
]# mkdir -p /var/log/httpd
~]# for i in {1..2};do echo "www$i.site" > /web/vhost/www$i/index.html;done
语法检查
]# httpd -t
Syntax OK
5、重启httpd服务并进行访问测试
~]# apachectl restart
~]# vim /etc/hosts
~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.150.136 www1.stuX.com
192.168.150.136 www2.stuX.com
~]# curl http://www2.stuX.com
www2.site
~]# curl http://www1.stuX.com
www1.site
6、构建Server-Status设置
在www1.stuX.com里,增加server-status的设置,具体内容如下:
<VirtualHost 192.168.150.136 *:80>
DocumentRoot "/web/vhost/www1"
ServerName www1.stuX.com
ErrorLog "/var/log/httpd/www1.err"
CustomLog "/var/log/httpd/www1.access" common
<Location /server-status>
SetHandler server-status
AuthType Basic
AuthName "Server-Status"
AuthUserFile "/etc/httpd/.htpasswd"
Require valid-user
</Location>
</VirtualHost>
生成.htpasswd密码验证文件
httpd24]# htpasswd -c -m .htpasswd status
New password:
Re-type new password:
Adding password for user status
重启服务后验证
httpd24]# apachectl restart
5、为第4题中的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点;
(1)要求使用证书认证,证书中要求使用的国家(CN)、州(HA)、城市(ZZ)和组织(MageEdu);
(2)设置部门为Ops,主机名为www2.stuX.com,邮件为admin@stuX.com;
1、创建私有CA并颁发证书
~]# cd /etc/pki/CA/
CA]# touch index.txt
CA]# echo 01 > serial
CA]# (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
………………………..+++
………………………………..+++
e is 65537 (0x10001)
CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -days 365 -out /etc/pki/
CA/cacert.pemYou are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
—–
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HA
Locality Name (eg, city) [Default City]:ZZ
Organization Name (eg, company) [Default Company Ltd]:MageEdu
Organizational Unit Name (eg, section) []:Ops
Common Name (eg, your name or your server's hostname) []:stuX.com
Email Address []:admin@stuX.com
CA]# cd /etc/httpd24/
httpd24]# mkdir ssl
httpd24]# cd ssl
ssl]# (umask 077;openssl genrsa -out httpd.key 1024)
Generating RSA private key, 1024 bit long modulus
…………..++++++
………++++++
e is 65537 (0x10001)
ssl]# ls
httpd.key
ssl]# openssl req -new -key httpd.key -out httpd.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
—–
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HA
Locality Name (eg, city) [Default City]:ZZ
Organization Name (eg, company) [Default Company Ltd]:MageEdu
Organizational Unit Name (eg, section) []:Ops
Common Name (eg, your name or your server's hostname) []:www2.stuX.com
Email Address []:amin@stuX.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
ssl]# openssl ca -in /etc/httpd24/ssl/httpd.csr -out /etc/pki/CA/certs/httpd.crt -days
365Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Nov 7 04:14:36 2016 GMT
Not After : Nov 7 04:14:36 2017 GMT
Subject:
countryName = CN
stateOrProvinceName = HA
organizationName = MageEdu
organizationalUnitName = Ops
commonName = www2.stuX.com
emailAddress = amin@stuX.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
87:65:5E:DA:71:EF:1A:E3:A1:2E:48:A4:0F:D2:43:68:11:1E:01:39
X509v3 Authority Key Identifier:
keyid:AE:2C:20:53:29:AE:2B:63:6A:34:35:BC:B3:EA:CB:79:3C:C9:B7:C5
Certificate is to be certified until Nov 7 04:14:36 2017 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
ssl]# ls /etc/pki/CA/certs/httpd.crt
/etc/pki/CA/certs/httpd.crt
ssl]# cp /etc/pki/CA/certs/httpd.crt /etc/httpd24/ssl/
ssl]# ls
httpd.crt httpd.csr httpd.key
2、修改配置文件提供ssl服务
开启主配置文件的ssl调用,删除www2在httpd-vhosts中的定义
Include /etc/httpd24/extra/httpd-ssl.conf
~]# vim /etc/httpd24/extra/httpd-ssl.conf
[root@localhost httpd24]# cat extra/httpd-ssl.conf | grep -v "^#"
Listen 443
SSLPassPhraseDialog builtin
<VirtualHost 192.168.150.136:443>
DocumentRoot "/web/vhost/www2"
ServerName www2.stuX.com:443
ServerAdmin you@example.com
ErrorLog "/var/log/httpd/www2.err"
TransferLog "/usr/local/apache24/logs/access_log"
SSLEngine on
SSLCertificateFile "/etc/httpd24/ssl/httpd.crt"
SSLCertificateKeyFile "/etc/httpd24/ssl/httpd.key"
<Directory "/web/vhost/www2">
AllowOverride None
Options None
Require all granted
</Directory>
</VirtualHost>
主配置文件中启用ssl模块
~]# vim /etc/httpd24/httpd.conf
LoadModule ssl_module modules/mod_ssl.so
重启httpd服务后测试
httpd24]# ss -tnl | grep 443
LISTEN 0 128 :::443 :::*
6、在LAMP架构中,请分别以php编译成httpd模块形式和php以fpm工作为独立守护进程的方式来支持httpd,列出详细的过程。
CentOS 6:
PHP-5.3.2-:默认不支持fpm机制;需要自行打补丁并编译安装;
httpd-2.2:默认不支持fcgi协议,需要自行编译此模块;
解决方案:编译安装httpd-2.4, php-5.3.3+;
此次试验httpd版本2.4.9 httpd的编译安装同上,省略
php版本5.4.26
编译安装前安装所需要包
~]# yum -y install libxml2-devel
安装bzip2-devel
php-5.4.26]# yum -y install bzip2-devel
~]# wget ftp://mcrypt.hellug.gr/pub/crypto/mcrypt/libmcrypt/libmcrypt-2.5.7.tar.gz
~]# tar -xf libmcrypt-2.5.7.tar.gz
~]# cd libmcrypt-2.5.7
libmcrypt-2.5.7]# ./configure
libmcrypt-2.5.7]# make && make install
1、php编译成http模块形式
./configure –prefix=/usr/local/php –with-mysql=mysqlnd –with-openssl –with-mysqli=mysqlnd –enable-mbstring –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-libxml-dir=/usr/lib64 –enable-xml –enable-sockets –with-apxs2=/usr/local/apache24/bin/apxs –with-mcrypt=/usr/local/libmcrypt –with-config-file-path=/etc –with-config-file-scan-dir=/etc/php.d –with-bz2 –enable-maintainer-zts
其中–with-apxs2=/usr/local/apache24/bin/apxs选择即指定在编译时将php定义为http的模块形式
make && make install
拷贝配置文件至/etc目录
php-5.4.26]# cp php.ini-production /etc/php.ini
在httpd的主配置文件中添加php类型
php-5.4.26]# vim /etc/httpd24/httpd.conf
添加选项
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
定位DirectoryIndex修改为DirectoryIndex index.php index.html
编辑php测试页并开启httpd服务进行测试
php-5.4.26]# cd /usr/local/apache24/htdocs/
htdocs]# vim index.php
<h1>phptest</h1>
<?php
phpinfo();
?>
[root@localhost htdocs]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.
localdomain. Set the 'ServerName' directive globally to suppress this message[root@localhost htdocs]# ss -tnl 进程中只有Httpd
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 ::1:6010 :::*
2、php编译成fpm模式
./configure –prefix=/usr/local/php5 –with-mysql=mysqlnd –with-openssl –with-mysqli=mysqlnd –enable-mbstring –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-libxml-dir=/usr –enable-xml –enable-sockets –enable-fpm –with-mcrypt –with-config-file-path=/etc –with-config-file-scan-dir=/etc/php.d –with-bz2
添加了–enable-fpm选项
make && make install
拷贝配置文件至/etc目录
php-5.4.26]# cp php.ini-production /etc/php.ini
拷贝php-fpm配置文件,并同时取消pid选项的注释
cp /usr/local/php5/etc/php-fpm.conf.default /usr/local/php5/etc/php-fpm.conf
php-5.4.26]# vim /usr/local/php5/etc/php-fpm.conf
pid = /usr/local/php5/var/run/php-fpm.pid
添加服务脚本
fpm]# pwd
/root/php-5.4.26/sapi/fpm
fpm]# cp init.d.php-fpm /etc/rc.d/init.d/php-fp
~]# chmod +x /etc/rc.d/init.d/php-fpm
~]# chkconfig –add php-fpm
启动php-fpm
~]# service php-fpm start
~]# ps aux | grep fpm
root 14881 0.0 0.3 68920 3928 ? Ss 09:51 0:00 php-fpm: master process (/usr/local/p
hp5/etc/php-fpm.conf) nobody 14882 0.0 0.3 68920 3460 ? S 09:51 0:00 php-fpm: pool www
nobody 14883 0.0 0.3 68920 3460 ? S 09:51 0:00 php-fpm: pool www
root 14885 0.0 0.0 103260 872 pts/1 S+ 09:51 0:00 grep fpm
配置httpd
~]# vim /etc/httpd24/httpd.conf
启用这两个模块
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
添加文件类型
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
添加php文件的访问通过fpm
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache24/htdocs/$1
找到 DirectoryIndex index.html
改为
DirectoryIndex index.php index.html
编辑php测试页并开启httpd进行测试
php-5.4.26]# cd /usr/local/apache24/htdocs/
htdocs]# vim index.php
<h1>phpfpmtest</h1>
<?php
phpinfo();
?>
[root@localhost htdocs]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.
localdomain. Set the 'ServerName' directive globally to suppress this
[root@localhost htdocs]# ss -tnl httpd 80 php-fpm 9000
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 127.0.0.1:6011 *:*
LISTEN 0 128 ::1:6011 :::*
LISTEN 0 128 127.0.0.1:9000 *:*
此时的Server API为FPM/FastCGI
原创文章,作者:N23-苏州-void,如若转载,请注明出处:http://www.178linux.com/63734
评论列表(1条)
赞,LAMP总结的很完整,这将成为你日后工作中宝贵的笔记~可以加个扩展,比如你的架构师怎样的,集群的架构是怎么样的~~继续加油~