第一部分,服务器优化(操作用户:root)
1、hostnamectl set-hostname SYT-test-001
2、yum -y install lrzsz
3、cp sysctl.conf sysctl.conf.bak
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 65536
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 819200
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_sack = 0
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.conf.default.rp_filter = 0
net.core.optmem_max = 65535
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_reordering = 5
net.ipv4.tcp_retrans_collapse = 0
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
fs.file-max = 2000000
4、passwd root
groupadd -r nginx
useradd -r -g nginx -s /sbin/nologin nginx
passwd nginx
5、yum -y install openssl openssl-devel gcc-c++
6、vi /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft noproc 65535
* hard noproc 65535
reboot
第二部分,安装nginx(操作用户:root)
mkdir /opt/syt
[安装包nginx-1.16.1.tar.gz pcre-8.39.tar.gz zlib-1.2.8.tar.gz上传到/opt/syt]
cd /opt/syt
tar zxf zlib-1.2.8.tar.gz
tar zxf pcre-8.39.tar.gz
tar zxf nginx-1.16.1.tar.gz
cd nginx-1.16.1/
./configure --prefix=/opt/syt --with-http_dav_module --with-http_stub_status_module --with-http_addition_module --with-http_sub_module --with-http_flv_module --with-http_mp4_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre=/opt/syt/pcre-8.39 --with-zlib=/opt/syt/zlib-1.2.8 --user=nginx --group=nginx
make
make install
/opt/syt/sbin/nginx -t
(nginx -t用于测试是否完成安装)
cp /opt/syt/conf/nginx.conf /opt/syt/conf/nginx.conf.bak
vi /opt/syt/conf/nginx.conf
生产服务器工作线程数、亲和力需要修改
user nginx;
worker_processes 2;
worker_cpu_affinity 01 10;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_header_buffer_size 4k;
open_file_cache max=102400 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 1;
client_header_timeout 15;
client_body_timeout 15;
reset_timedout_connection on;
send_timeout 15;
server_tokens off;
client_max_body_size 10m;
fastcgi_connect_timeout 600;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_temp_path /opt/syt/nginx_tmp;
fastcgi_intercept_errors on;
fastcgi_cache_path /opt/syt/fastcgi_cache levels=1:2 keys_zone=cache_fastcgi:128m inactive=1d max_size=10g;
gzip on;
gzip_min_length 2k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 6;
gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascript application/xml;
gzip_vary on;
gzip_proxied any;
server {
listen 80;
server_name localhost;
rewrite ^ https://$http_host$request_uri? permanent;
}
server {
listen 443 ssl;
server_name localhost;
#ssl on;
ssl_certificate /opt/syt/certs/1_www.fysyt.com_bundle.crt;
ssl_certificate_key /opt/syt/certs/2_www.fysyt.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
charset utf-8;
#access_log logs/host.access.log main;
# location ~* ^.+\.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$ {
# valid_referers none blocked 192.168.154.132;
# if ($invalid_referer) {
# return 404;
# break;
# }
# access_log off;
# }
location / {
root html;
index index.php index.html index.htm;
}
location ~* \.(ico|jpe?g|gif|png|bmp|swf|flv)$ {
expires 30d;
#log_not_found off;
access_log off;
}
location ~* \.(js|css)$ {
expires 7d;
log_not_found off;
access_log off;
}
location = /(favicon.ico|roboots.txt) {
access_log off;
log_not_found off;
}
location /status {
stub_status on;
}
location ~ .*\.(php|php5)?$ {
root html;
fastcgi_pass 172.17.0.6:9000;
fastcgi_index index.php;
include fastcgi.conf;
#关闭fastcgi的缓存 fastcgi_cache cache_fastcgi;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_uses 1;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_cache_key http://$host$request_uri;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
/opt/syt/sbin/nginx -s reload
第三部分,安装php
mkdir /opt/php
[安装包php-7.3.16.tar.gz上传至/opt/php]
安装php所需
yum -y install libxml2 libxml2-devel openssl openssl-devel curl-devel libjpeg-devel libpng-devel freetype-devel libmcrypt-devel libzip-devel pcre-devel
cd /opt/php
tar -zxf php-7.3.16.tar.gz
cd /opt/php/php-7.3.16
./configure --prefix=/opt/php \
--with-config-file-path=/opt/php/etc \
--with-config-file-scan-dir=/opt/php/etc/php.d \
--enable-mysqlnd \
--with-mysqli \
--with-pdo-mysql \
--enable-fpm \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--with-gd \
--with-iconv \
--with-zlib \
--enable-xml \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--enable-mbregex \
--enable-mbstring \
--enable-ftp \
--with-openssl \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-soap \
--without-pear \
--with-gettext \
--enable-session \
--with-curl \
--with-jpeg-dir \
--with-freetype-dir \
--enable-opcache \
--enable-redis
make test
make
make install
cp /opt/php/php-7.3.16/php.ini-production /opt/php/etc/php.ini
cp /opt/php/php-7.3.16/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
cp /opt/php/etc/php-fpm.conf.default /opt/php/etc/php-fpm.conf
cp /opt/php/etc/php-fpm.d/www.conf.default /opt/php/etc/php-fpm.d/www.conf
chmod +x /etc/init.d/php-fpm
chkconfig --add php-fpm
chkconfig php-fpm on
(查看状态)
chkconfig --list php-fpm
sed -i 's#;pid = run/php-fpm.pid#pid = run/php-fpm.pid#g' /opt/php/etc/php-fpm.conf
sed -i 's/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.max_children = 5/pm.max_children = 300/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.start_servers = 2/pm.start_servers = 10/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.min_spare_servers = 1/pm.min_spare_servers = 10/g' /opt/php/etc/php-fpm.conf
sed -i 's/pm.max_spare_servers = 3/pm.max_spare_servers = 50/g' /opt/php/etc/php-fpm.conf
service php-fpm start
netstat -anpt | grep 9000
(查看状态)
第四部分,安装redis
[将安装包redis-5.0.8.tar.gz上传至/opt]
cd /opt
tar zxf redis-5.0.8.tar.gz
cd /opt/redis-5.0.8
make
cp /opt/redis-5.0.8/redis.conf /opt/redis-5.0.8/redis.conf.bak
vi /opt/redis-5.0.8/redis.conf
修改daemonize no为daemonize yes
复制一行,在原有的配置前加“#”,之后修改
启动redis
/opt/redis-5.0.8/src/redis-server /opt/redis-5.0.8/redis.conf
netstat -anpt|grep 6379
(查看6379是否打开)
添加redis扩展
wget https://codeload.github.com/phpredis/phpredis/zip/develop
unzip phpredis-develop.zip
cd phpredis-develop
yum -y install autoconf
/opt/php/bin/phpize
./configure --with-php-config=/opt/php/bin/php-config
make && make install
vi /usr/local/php7/etc/php.ini
extension=redis.so
service restart php-fpm
/opt/php/bin/php -m | grep redis
(验证)
第五部分,安装mysql
groupadd -r mysql
useradd -r -g mysql -s /bin/false -M mysql
mkdir /opt/mysql
[上传安装包mysql-5.7.29-el7-x86_64.tar.gz到/opt/mysql]
cd /opt/mysql
tar zxf mysql-5.7.29-el7-x86_64.tar.gz
mv mysql-5.7.29-el7-x86_64 mysql
rpm -e mariadb-libs --nodeps
卸载mariadb-libs
mkdir /opt/mysql/mysql/data
chown -R mysql:mysql /opt/mysql/mysql/
cat >> /etc/my.cnf << EOF
[client]
socket=/opt/mysql/mysql/data/mysql.sock
[mysqld]
basedir=/opt/mysql/mysql
datadir=/opt/mysql/mysql/data
port=3306
pid-file=/opt/mysql/mysql/data/mysql.pid
server_id=1
socket=/opt/mysql/mysql/data/mysql.sock
log-error=/opt/mysql/mysql/data/mysql.err
slow_query_log = 1
slow_query_log_file=/opt/mysql/mysql/data/slow-query.log
long_query_time = 1
log-queries-not-using-indexes
max_connections = 1024
back_log = 128
wait_timeout = 60
interactive_timeout = 7200
key_buffer_size = 256M
query_cache_size = 256M
query_cache_type = 1
query_cache_limit = 50M
max_connect_errors = 20
sort_buffer_size = 2M
max_allowed_packet = 32M
join_buffer_size = 2M
thread_cache_size = 200
innodb_buffer_pool_size = 2048M
innodb_flush_log_at_trx_commit = 1
innodb_log_buffer_size = 32M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
log-bin=/opt/mysql/mysql/data/mysqlbin
binlog_cache_size = 2M
max_binlog_cache_size = 8M
max_binlog_size = 512M
expire_logs_days = 7
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
EOF
yum -y install numactl
ln -s /opt/mysql/mysql/bin/* /usr/local/bin
mysqld --initialize --user=mysql --basedir=/opt/mysql/mysql/ --datadir=/opt/mysql/mysql/data
cat /opt/mysql/mysql/data/mysql.err | grep localhost | awk -F"localhost: " {'print $2'}
取密码
cp /opt/mysql/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld on
systemctl daemon-reload
systemctl start mysqld
mysqladmin -uroot -p password '123456'
在弹出的输入框输出刚刚用cat等命令截取的密码
企业实战项目Linux+nginx+php+mysql+redis部署web服务
猜你喜欢
转载自blog.51cto.com/13434336/2486363
今日推荐
周排行