運維實戰 LNMP框架
- 架構簡介
- 前期準備
- MySQL的安裝
- MySQL的初始化
- PHP的安裝
- 引數的含義
- Nginx與PHP的對接
- PHPMyAdmin的安裝與配置
- Memcache的安裝與配置
- 構建Nginx高速快取
- Tomcat結合Memcache
- 操作記錄
- MySQL初始化
- Memcache的安裝與配置
架構簡介
LAMP=Linux+Apache+Mysql+PHP
LNMP=Linux+Nginx+Mysql+PHP
LAMP是一個多C/S架構的平臺,雖然這些開放源代碼程式本身并不是專門設計成同另幾個程式一起作業的,但由于它們的免費和開源,慢慢的被組合成為了一種解決方案.
實際上其中的每一個部分還可以根據業務或者作業系統需求進行調換,如Linux也可以改成Windows,Apache改為Nginx就變成了LNMP架構等等,這里采用了Nginx因此簡稱也就改成了LNMP.
專案所需打包檔案
前期準備
MySQL的安裝
這里使用的是社區版本mysql-boost-5.7.31,原因只是因為5.7在生產環境中用的更多而已.
與之前的類似不過這里解壓后會發現沒有configure,因為MySQL使用的是cmake而不是make.
##安裝cmake
yum install -y cmake
##如果程序中出錯則安裝缺失的依賴包
##重新執行編譯前請清楚cmake產生的快取檔案避免從停止處開始導致出現錯誤
yum install -y ncurses-devel.x86_64
yum install -y gcc-c++
yum install -y bison
rm -fr CMakeCache.txt
##編譯
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DMYSQL_UNIX_ADDR=/usr/local/mysql/data/mysql.sock -DWITH_INNOBASE_STORAGE_ENGINE=1 -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DWITH_BOOST=/mnt/mysql-5.7.31/boost/boost_1_59_0
##引數解釋
DCMAKE_INSTALL_PREFIX 安裝路徑
DMYSQL_DATADIR 資料庫存放目錄
DMYSQL_UNIX_ADDR Unix Socket檔案路徑
DWITH_INNOBASE_STORAGE_ENGINE 加載的資料庫引擎
DDEFAULT_CHARSET 受用UTF-8字符
DDEFAULT_COLLATION 檢驗UTF-8字符
DEXTRA_CHARSETS 安裝字符集選項(選擇所有)
DWITH_BOOST 指定Boost擴展原始碼路徑
##安裝
make && make install
##需要注意的檔案
/usr/local/mysql/support-files/mysql.server 啟動腳本
/etc/my.cnf 全域組態檔
MySQL的初始化
##復制啟動腳本到init.d并為以后的使用做準備
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/
mv /etc/init.d/mysql.server /etc/init.d/mysqld
##創建供MySQL使用的系統用戶mysql,指定加目錄并設定免登錄
useradd -M -d /usr/local/mysql/ -s /sbin/nologin mysql
##修改my.cnf,正確設定其中的資料目錄和socket位置
[mysqld]
datadir=/usr/local/mysql/data
socket=/usr/local/mysql/data/mysql.sock
symbolic-links=0
##初始化資料目錄并指定私有用戶
##因為使用的命令位于/usr/local/mysql/bin中,為了便于以后使用我們修改.bash_profile中的系統變數并使之生效
##初始化時會生成隨機密碼,記錄下來下文會使用
vim ~/.bash_profile
source ~/.bash_profile
mysqld --initialize --user=mysql
##啟動MySQL,為了進行安全初始化
/etc/init.d/mysqld start
mysql_secure_installation
##初始化結束后,就可以正常使用了
mysql -pwestos
PHP的安裝
目前生產環境PHP主流依然是用7,因此這里也用7作為實驗版本.
##安裝bzip2并解壓原始碼包
yum install -y bzip2
tar jxf php-7.4.12.tar.bz2
##編譯安裝
cd php-7.4.12/
./configure --prefix=/usr/local/lnmp/php --with-config-file-path=/usr/local/lnmp/php/etc --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --with-curl --with-iconv --with-mhash --with-zlib --with-openssl --enable-mysqlnd --with-mysqli --with-pdo-mysql --disable-debug --enable-sockets --enable-soap --enable-inline-optimization --enable-xml --enable-ftp --enable-gd --enable-exif --enable-mbstring --enable-bcmath --with-fpm-systemd
make
make install
##如果缺少依賴則進行安裝
yum install systemd-libs.x86_64 -y
yum install libxml2-devel.x86_64 -y
yum install sqlite-devel.x86_64 -y
yum install libcurl-devel.x86_64 -y
yum install libpng-devel.x86_64 -y
##缺少oniguruma-devel-6.8.2-1.el7.x86_64但是官方源并不包含
##從網路獨立下載符合需求的版本后安裝
yum install -y oniguruma-*
引數的含義
--prefix 安裝路徑
--with-config-file-path 主組態檔目錄
--enable-fpm 激活FPM的管理器
--with-fpm-user=nginx 以nginx身份運行,如果不設定則默認用戶為Apache
--with-curl 啟用curl模塊
--with-iconv 啟用iconv
--with-mhash 啟用M哈希加密
--enable-mysqlnd 啟用mysqlnd驅動
--with-mysqli 啟用mysqli驅動
--disable-debug 關閉debug
--enable-soap 啟用soap動態模塊
--enable-inline-optimization 性能優化
--with-fpm-systemd 生成systemd的啟動腳本
##添加/usr/local/lnmp/php/sbin進環境變數并激活
vim ~/.bash_profile
source ~/.bash_profile
##使用模板撰寫組態檔
cp /usr/local/lnmp/php/etc/php-fpm.conf.default /usr/local/lnmp/php/etc/php-fpm.conf
cp /usr/local/lnmp/php/etc/php-fpm.d/www.conf.default /usr/local/lnmp/php/etc/php-fpm.d/www.conf
vim php-fpm.conf
vim www.conf
##從原始碼包復制主組態檔模板并修改
cp /mnt/php-7.4.12/php.ini-production /usr/local/lnmp/php/etc/php.ini
##從原始碼包復制init.d需要的啟動腳本
##從原始碼包復制systemd需要的service檔案
cp /mnt/php-7.4.12/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
cp /mnt/php-7.4.12/sapi/fpm/php-fpm.service /usr/lib/systemd/system
##啟動方式
1)
/etc/init.d/php-fpm start
/etc/init.d/php-fpm stop
2)
systemctl daemon-reload
systemctl start php-fpm.service
如果直接使用systemctl start php-fpm.service會發現執行出錯,原因是系統啟用了保護,編輯php-fpm.service即可
vim php-fpm.service
##注釋掉ProtectSystem
;ProtectSystem=full
systemctl daemon-reload
systemctl start php-fpm.service
修改php.ini,調整時區
vim php.ini
timeZone Asia/Shanghai
這里由于使用的是原始碼編譯且開啟了FPM支持,因此安裝的軟體是支持FastCGI的.
與CGI相比,FastCGI更快且有常駐后臺,回應更快且能實作平滑加載.
采用編譯方式安裝的原因也是如此.
Nginx與PHP的對接
經過剛才的實驗其實你已經可以通過訪問9000埠來訪問本機開啟的PHP測驗頁面了
但日常使用中我們顯然沒有這樣操作.
通過Nginx實作埠轉發明顯更加符合使用習慣.
但首先讓我們寫一個nginx.service方便啟動,官方已經提供了內容我們直接復制即可.
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
但如果你和我一樣將nginx獨立再/usr/local中使用了目錄,那么你應該修改上文的目錄,如下所示
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
之后測驗其運行情況
vim nginx.service
systemctl enable --now nginx.service
- 更改
nginx的組態檔,實作對于.php檔案的支持以及反向代理 - 撰寫
php測驗頁
vim /usr/local/nginx/conf/nginx.conf
location / {
root html;
index index.php index.html index.htm;
}
location ~ \.php$ {
root html;
fastcgi_pass 172.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi.conf;
}
vim index.php
<?php
phpinfo()
?>
同時,還應該修改php.ini中socket項的設定來實作與MySQL的對接.
##查看socket項的位置和權限
ll /usr/local/mysql/data/mysql.sock
srwxrwxrwx 1 mysql mysql 0 Apr 8 09:27 /usr/local/mysql/data/mysql.sock
##同時可以發現其所在目錄的other并沒有權限,因此nginx用戶無法呼叫它
ll /usr/local/mysql/data/ -d
drwxr-x--- 5 mysql mysql 4096 Apr 8 09:27 /usr/local/mysql/data/
##修改權限為775
chmod 775 /usr/local/mysql/data/
PHPMyAdmin的安裝與配置
unzip phpMyAdmin-5.0.2-all-languages.zip
mv phpMyAdmin-5.0.2-all-languages /usr/local/nginx/html/phpMyAdmin
cd /usr/local/nginx/html/phpMyAdmin
vim conf/nginx.conf
systemctl reload nginx.service
如果上文不修改mysql.sock所在目錄的權限則這里會出現登陸失敗的情況,修改則不會.
Memcache的安裝與配置
Memcache是一種nosql資料庫,運行在記憶體中,擁有快取命中率高的特點.
默認運行埠11211,默認記憶體占用64M
##解壓原始碼包安裝依賴并執行編譯安裝,需要用到php目錄下的bin中的命令因此需要修改環境變數
tar zxf memcache-4.0.5.2.tgz
cd memcache-4.0.5.2/
yum install autoconf
vim ~/.bash_profile
source ~/.bash_profile
cd ../memcache-4.0.5.2/
phpize
./configure --enable-memcache
make
make install
##安裝完成后修改php主組態檔開啟插件,實作對memcache的支持
cd /usr/local/lnmp/php/etc/
vim php.ini
extension=memcache
systemctl reload php-fpm.service
yum install -y memcached
systemctl start memcached.service
##查看組態檔可以看到其設定埠11211和記憶體占用64M
cat /etc/sysconfig/memcached
##Memcache同時也提供簡易的監控頁面
##復制原始碼包中的測驗頁面和監控頁面到nginx發布目錄下
##修改監控頁面內容實作更改登錄資訊和memcache位置
cp /mnt//memcache-4.0.5.2/example.php /usr/local/nginx/html/
cp /mnt//memcache-4.0.5.2/memcache.php /usr/local/nginx/html/
vim /usr/local/nginx/html/memcache.php
systemctl reload nginx.service
構建Nginx高速快取
Openresty是Nginx的一個發行版,增加對lua腳本的支持,同樣運行在80埠上,因此開啟時要注意80埠的占用情況.
在安裝Memcache后傳統快取策略是:
Client請求Nginx , Nginx使用fastcgi連接php-fpm, sapi與php互動.當存在快取時使用Memcache中的快取,不存在時查詢資料庫.
但這樣相當于沒有有效利用Nginx的高并發,請求的生命周期取決于請求到php之后的部分.
如果能夠實作 當Client請求Nginx時,Memcache快取命中則直接回傳,未命中才進行后續操作并存盤Memcache快取,顯然更加高效.
tar zxf openresty-1.19.3.1.tar.gz
cd openresty-1.19.3.1/
./configure --prefix=/usr/local/openresty --with-http_ssl_module --with-http_stub_status_module
make
make install
systemctl stop nginx.service
vim /usr/local/openresty/nginx/conf/nginx.conf
/usr/local/openresty/nginx/sbin/nginx -t
cp /usr/local/nginx/html/example.php .
cp /usr/local/nginx/html/memcache.php .
cp /usr/local/nginx/html/index.php .
/usr/local/openresty/nginx/sbin/nginx -s start
upstream memcache {
server 127.0.0.1:11211;
keepalive 512; //保持512個不立即關閉的連接用于提升性能
}
location /memc {
internal; //表示只接受內部訪問
memc_connect_timeout 100ms;
memc_send_timeout 100ms;
memc_read_timeout 100ms;
set $memc_key $query_string; //使用內置的$query_string來作為key
set $memc_exptime 300; //表示快取失效時間
memc_pass memcache;
}
location ~ \.php$ {
set $key $uri$args;
srcache_fetch GET /memc $key;
srcache_store PUT /memc $key;
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi.conf;
}
當所請求的url以“.php”結尾時,首先到Memcache中查詢有沒有以$uri$args為key的資料,如果有則直接回傳;否則執行location的邏輯,如果回傳的http狀態碼為200,則在輸出前以$uri$args為key,將輸入結果存入Memcache.
##進行壓力測驗
ab -c10 -n500
可以看到,當存在Memcache高速快取時壓力測驗每秒的通過數顯然更高.
Tomcat結合Memcache
上文中作為動態語言的PHP已經實作了與nginx的對接,這里來測驗jsp的對接情況.
首先需要安裝Tomcat.
Tomcat并不適合高并發,當流量過大時會有卡死的風險.
一般通過外部使用nginx進行調度和負載均衡,內部多開幾個Tomcat來實作性能提高.
但同時Memcache沒有集群的概念,無法通過借助集群等概念實作高可用和健康管理.
因此采用交叉存盤的邏輯來實作.
##舉例
一臺Nginx對應兩個Tomcat,分別位于兩臺主機上,稱為T1和T2
兩臺主機上同時存在2個Memcache,分別成為M1和M2
將T1的資料優先存在M2中,T2的資料優先存在M1中,稱為交叉存盤.
當T1出現問題時,Nginx通過健康管理將所有資料調度到T2,由于session保持的原因,之后的資料可以繼續寫入M2而不是M1.
當M2出現問題時,T1將本身的資料寫入備用的M1,之后的資料也都寫入M1,Y也實作了可持續使用.
- 安裝
Tomcat并配置 - 復制測驗用的
test.jsp到Tomcat發布目錄并正常訪問 - 配置
Nginx(這里使用原版)的組態檔實作反向代理.jsp結尾的訪問到8080埠 - 在
Server2上也正確配置Tomcat - 在兩者的
Tomcat中分別配置與Memcache的規則 - 復制需要用到的
jar包到/usr/local/tomcat/lib - 在
Nginx中配置負載均衡 - 重啟
Tomcat,Memcache,Nginx
rpm -ivh jdk-8u121-linux-x64.rpm
tar zxf apache-tomcat-7.0.37.tar.gz -C /usr/local
cd /usr/local/
ln -s apache-tomcat-7.0.37/ tomcat
cd tomcat/
##拷貝jar包到/usr/local/tomcat/lib目錄
##啟動和關閉腳本
bin/startup.sh
bin/shutdown.sh
##發布目錄
/usr/local/tomcat/webapps/ROOT/
##編輯Tomcat組態檔
##當出現問題時才使用n1節點,即優先使用n2節點
vim context.xml
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="n1:172.25.5.1:11211,n2:172.25.5.2:11211"
failoverNodes="n1"
requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$"
transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory"
/>
##增加.jsp反向代理規則
/usr/local/openresty/nginx/sbin/nginx -s stop
vim /usr/local/nginx/conf/nginx.conf
nginx -t
nginx -s reload
location ~ \.jsp$ {
proxy_pass http://127.0.0.1:8080;
}
##帶有負載均衡的版本
upstream Tomcat {
sticky;
server 172.25.5.1:8080;
server 172.25.5.2:8080;
}
location ~ \.jsp$ {
proxy_pass http://Tomcat;
}
使用Telnet查看保存的內容
由于Nosql采用鍵值對的方式進行存盤,直接查看ID即可看到加密的內容.
yum install telnet -y
[root@Server1 conf]# telnet localhost 11211
Trying ::1...
Connected to localhost.
Escape character is '^]'.
get 9FF0EA3C09605E9431D467D0D0852001-n1
VALUE 9FF0EA3C09605E9431D467D0D0852001-n1 2048 125
Wx����x���01x����x����#9FF0EA3C09605E9431D467D0D0852001-n1user1111user2222user3333
END
操作記錄
MySQL初始化
[root@Server1 mnt]# cd /usr/local/mysql/support-files/
[root@Server1 support-files]# ls
magic mysqld_multi.server mysql-log-rotate mysql.server
##這里的mysql.server即為MySQL的啟動腳本
##初始化資料目錄并設定私有用戶
[root@Server1 init.d]# mysqld --initialize --user=mysql
2021-04-08T01:26:39.551569Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2021-04-08T01:26:39.954469Z 0 [Warning] InnoDB: New log files created, LSN=45790
2021-04-08T01:26:40.016385Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2021-04-08T01:26:40.078251Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 7806f80a-9809-11eb-ac50-52540079f81b.
2021-04-08T01:26:40.080460Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2021-04-08T01:26:40.363615Z 0 [Warning] CA certificate ca.pem is self signed.
2021-04-08T01:26:40.393868Z 1 [Note] A temporary password is generated for root@localhost: q/XmkIJ,e531
##啟動MySQL
[root@Server1 init.d]# ./mysqld start
Starting MySQL.Logging to '/usr/local/mysql/data/Server1.err'.
SUCCESS!
##可以看到其正確啟動,運行在3306埠(使用netstat)
[root@Server1 init.d]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
mysql 3733 0.9 17.5 1600940 177744 pts/0 Sl 09:27 0:00 /usr/local/mysql
##進行安全初始化,需要用到上文初始化資料目錄時生成的密碼
[root@Server1 init.d]# mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root:
The existing password for the user account root has expired. Please set a new password.
New password:
Re-enter new password:
VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?
Press y|Y for Yes, any other key for No:
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) :
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
##安裝及初始化結束,MySQL可以正常使用
[root@Server1 init.d]# mysql -pwestos
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.31 Source distribution
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SHOW DATABASES
-> ;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
mysql> exit
Bye
Memcache的安裝與配置
[root@Server1 nginx]# cd /mnt/
[root@Server1 mnt]# tar zxf memcache-4.0.5.2.tgz
[root@Server1 mnt]# cd memcache-4.0.5.2/
[root@Server1 memcache-4.0.5.2]# yum install autoconf
[root@Server1 memcache-4.0.5.2]# vim ~/.bash_profile
[root@Server1 memcache-4.0.5.2]# source ~/.bash_profile
[root@Server1 php-7.4.12]# cd ../memcache-4.0.5.2/
[root@Server1 memcache-4.0.5.2]# phpize
[root@Server1 memcache-4.0.5.2]# ./configure --enable-memcache
[root@Server1 memcache-4.0.5.2]# make
[root@Server1 memcache-4.0.5.2]# make install
[root@Server1 memcache-4.0.5.2]# cd /usr/local/lnmp/php/lib/php/extensions/no-debug-non-zts-20190902/
[root@Server1 no-debug-non-zts-20190902]# ls
memcache.so opcache.a opcache.so
[root@Server1 no-debug-non-zts-20190902]# cd /usr/local/lnmp/php/etc/
[root@Server1 etc]# vim php.ini
[root@Server1 etc]# systemctl reload php-fpm.service
[root@Server1 etc]# php -m | grep memcache
memcache
[root@Server1 etc]# yum install -y memcached
[root@Server1 etc]# systemctl start memcached.service
[root@Server1 etc]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS=""
[root@Server1 etc]# cd /mnt/memcache-4.0.5.2/
[root@Server1 memcache-4.0.5.2]# cp example.php /usr/local/nginx/html/
[root@Server1 memcache-4.0.5.2]# cat example.php
<?php
$memcache = memcache_connect('localhost', 11211);
if ($memcache) {
$memcache->set("str_key", "String to store in memcached");
$memcache->set("num_key", 123);
$object = new StdClass;
$object->attribute = 'test';
$memcache->set("obj_key", $object);
$array = Array('assoc'=>123, 345, 567);
$memcache->set("arr_key", $array);
var_dump($memcache->get('str_key'));
var_dump($memcache->get('num_key'));
var_dump($memcache->get('obj_key'));
}
else {
echo "Connection to memcached failed";
}
?>
[root@Server1 memcache-4.0.5.2]# cp memcache.php /usr/local/nginx/html/
[root@Server1 memcache-4.0.5.2]# systemctl reload nginx.service
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/276166.html
標籤:其他
上一篇:初步了解MyBatis