HTTPD detailed installation,

HTTP installation

http service is based on C/S structure

HTTP features and composition

Apache features:

• Highly modular: core + modules
• DSO: Dynamic Shared Object dynamic loading/unloading
• MPM: multi-processing module

apache function:

• Multiple virtual hosts: IP, Port, FQDN
• CGI: Common Gateway Interface, Common Gateway Interface
• Reverse proxy
• Load balancing
• Path alias
• Rich user authentication mechanism: basic, digest
• Support third-party modules

httpd-2.4 new features

• MPM supports operation as DSO mechanism; it is loaded on demand in the form of modules
• Event MPM production environment available
• Asynchronous read and write mechanism
• Supports individual log level definition for each module and each directory
• Dedicated configuration per request
• Enhanced version of expression analysis
• Definition of millisecond persistent connection duration
• FQDN-based virtual hosts do not require NameVirutalHost instructions
• New instruction
• Support user-defined variables
• Lower memory consumption

##MPM multi-processing module working mode

prefork : Multi-process I/O model, each process responds to a request, CentOS 7 httpd default model

• A main process: spawning and recycling n child processes, creating sockets, and not responding to requests
• Multiple sub-processes: work process, each sub-process handles a request; at the beginning of the system, multiple idle processes are generated in advance, waiting for the request
  

Prefork MPM pre-fork mode, there is a main control process, and then generate multiple child processes, each child process has an independent thread to respond to user requests, relatively occupy memory, but relatively stable, you can set the maximum and minimum number of processes, which is the oldest One of the most stable modes, suitable for scenarios where the traffic is not very large.
Advantages: Stable
Disadvantages: slow, occupying resources, not suitable for high-concurrency scenarios

worker : Reusable multi-process I/O model, multi-process multi-threading, IIS uses this model

• A main process: spawn m child processes, each child process is responsible for spawning n threads, each thread responds to a request and responds concurrently
• Request: m*n

Worker MPM is a mixed multi-process and multi-threaded model. There is a control process that starts multiple child processes. Each child process contains a fixed thread. The thread process is used to process the request. When the thread is not enough, it will start another The new child process then starts the thread in the process to process the request. Because it uses the thread to process the request, it can withstand higher concurrency.

• Advantages: Compared with prefork, it occupies less memory and can handle more requests at the same time
• Disadvantages: using the keep-alive long connection method, a thread will always be occupied, even if there is no data transmission, it needs to wait until the timeout will be released. If too many threads are occupied in this way, it will also lead to unavailable service threads in high concurrency scenarios. (This problem also occurs in prefork mode)

event: event-driven model (variation of worker model), CentOS8 default model

A main process: spawn m child processes, each child process is responsible for spawning n threads, each thread responds to a request, and concurrently responds to the request: m*n, there is a special monitoring thread to manage these keep-alive type threads, when When there is a real request, the request is passed to the service thread, and after the execution is completed, the release is allowed. This enhances the request processing capability in high concurrency scenarios

The event MPM is the latest model in Apache. The apache 2.4.X series released in 2012 officially supports the event model. It belongs to the event-driven model (epoll). Each process responds to multiple requests. In the current version, it is already a stable and usable model. . It is very similar to the worker mode. The biggest difference is that it solves the problem of wasting resources of threads that have been occupied for a long time in the keep-alive scenario. (Some threads are kept waiting because they are kept empty. There are almost no requests in the middle. Come over and even wait until the timeout).
In event MPM, there will be a dedicated thread to manage these keep-alive threads. When a real request comes, the request is passed to the service thread, and after the execution is completed, it is allowed to be released. This enhances the request processing capability in high-concurrency scenarios.
Event only starts to establish a connection when there is data to send, and the connection request will trigger the worker thread. That is, an option of TCP is used, called delayed acceptance of the connection TCP_DEFER_ACCEPT, and this option is added Later, if the client only makes a TCP connection and does not send a request, the Accept operation will not be triggered, and the worker thread will not be triggered to work, and a simple anti-*** (TCP connection) will be performed.

Advantages : Single thread responds to multiple requests, occupies less memory, and performs better under high concurrency. There will be a dedicated thread to manage the keep-alive type of thread. When a real request comes, the request is passed to the service thread After the execution is complete, it is allowed to release the
disadvantages: no thread safety control
httpd-2.4: event stable version, centos7 will default
httpd-2.2: event beta version, centos6 default

Httpd installation and related files

rpm package install httpd and start httpd service

Version description: CentOS 7 and above, the default system is httpd 2.4, CentOS 6 version is httpd 2.2 by default

Installation method:

• rpm: centos release version, stable, recommended
• Compilation: customized or special requirements

Install httpd 2.4

[root@centos8 ~]#dnf -y install httpd
[root@centos8 ~]#systemctl start httpd
[root@centos8 ~]#ss -ntl|grep :80
LISTEN        0         128                  *:80                 *:*

httpd-2.4 related documents

Configuration file:

• /etc/httpd/conf/httpd.conf main configuration file
• /etc/httpd/conf.d/*.conf sub-configuration file
• /etc/httpd/conf.d/conf.modules.d/ The configuration file loaded by the module

Check the configuration syntax : httpd -t

Service unit file:

• /usr/lib/systemd/system/httpd.service
• Configuration file: /etc/sysconfig/httpd

Service control and activation

• systemctl enable|disable httpd.service
• systemctl {start|stop|restart|status|reload} httpd.service
• apachectl start|stop|restart|configtest
• service httpd configtest

Site web document root directory: /var/www/html

Module file path:

• /etc/httpd/modules
  /usr/lib64/httpd/modules]

Main server program file: /usr/sbin/httpd

Main process file: /etc/httpd/run/httpd.pid

Log file directory: /var/log/httpd

• access_log: access log
• error_log: error log

Help documentation package: httpd-manual

Compile and install httpd-2.4 depends on apr-1.4+, apr-util-1.4+

APR: Apache portable Run-time libraries, Apache portable runtime libraries, mainly to provide upper-level applications with a low-level support interface library that can be used across multiple operating system platforms. In the early version of Apache, the application itself must be able to handle the details of various specific operating system platforms, and call different processing functions for different platforms. With the further development of Apache, the Apache organization decided to separate these general functions. Develop into a new project. In this way, the development of APR is independent of Apache, and Apache only uses APR. At present, APR is mainly used by Apache. Due to its better portability
, some C programs that need to be transplanted also start to use APR. Open source projects: such as Flood for server stress testing.

Loader tester, project site: http://httpd.apache.org/test/flood
APR official website: http://apr.apache.org
Description: Install httpd-2.4, which depends on apr-1.4+, apr-util-1.4 +

Compile and install httpd-2.4 preparation

#安装相关包：
[root@centos7 ~]#yum -y install gcc make pcre-devel openssl-devel expat-devel
#下载源代码并解压缩：
[root@centos7 ~]#wget https://downloads.apache.org//apr/apr-1.7.0.tar.bz2
[root@centos7 ~]#wget https://downloads.apache.org//apr/apr-util-1.6.1.tar.bz2
[root@centos7 ~]#wget https://downloads.apache.org//httpd/httpd-2.4.46.tar.bz2
[root@centos7 ~]#ls
httpd-2.4.46.tar.bz2,apr-1.7.0.tar.bz2,apr-util-1.6.1.tar.bz2
[root@centos7 ~]#tar xvf apr-1.7.0.tar.bz2
[root@centos7 ~]#tar xvf apr-util-1.6.1.tar.bz2
[root@centos7 ~]#tar xvf httpd-2.4.46.tar.bz2

Compile and install httpd-2.4 method one (more cumbersome)

1. Compile and install apr

cd apr-1.7.0
./configure --prefix=/apps/apr
make && make install

2. Compile and install apr-util

cd ./apr-util-1.6.1
./configure --prefix=/apps/apr-util --with-apr=/apps/apr/
make -j 2 && make install

3. Compile and install httpd-2.4

cd ../httpd-2.4.46
./configure --prefix=/apps/httpd24 \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/apps/apr/ \
--with-apr-util=/apps/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork
make -j 4 && make install

Compile and install httpd-2.4 method two (recommended)

1. Combine the source code of apr and apr-util with the source code of httpd

tar xf apr-1.7.0.tar.bz2
tar xvf apr-util-1.6.1.tar.bz2
tar xf httpd-2.4.46.tar.bz2
mv apr-1.7.0 httpd-2.4.46/srclib/apr
mv apr-util-1.6.1 httpd-2.4.46/srclib/apr-util
ls httpd-2.4.46/srclib/
apr apr-util Makefile.in

2. Compile and install the three together

cd httpd-2.4.46/
./configure \
--prefix=/apps/httpd24 \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-included-apr \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork 
make -j 4 && make install

Compile and install configuration

Httpd compilation process: /apps/httpd24/build/config.nice
comes with service control script: /apps/httpd24/bin/apachectl

Create a dedicated user

useradd -s /sbin/nologin -r apache

Specify the user running httpd

vim /apps/httpd24/conf/httpd
user apache
group apache

Configure environment variables

#方法一
vim /etc/profile.d/httpd24.sh
PATH=/apps/httpd24/bin:$PATH
#方法二
echo 'PATH=/apps/httpd24/bin:$PATH' > /etc/profile.d/httpd24.sh
. /etc/profile.d/httpd24.sh

Configuration help

vim /etc/man_db.conf
MANDATORY_MANPATH      /apps/httpd24/man

Set automatic startup

vim /etc/rc.d/rc.local
/apps/httpd24/bin/apachectl start
chmod +x /etc/rc.d/rc.local

Create a service unit file (CentOS 7 and above)

vim /usr/lib/systemd/system/httpd24.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
#EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/apps/httpd24/bin/apachectl start
#ExecStart=/apps/httpd24/bin/httpd $OPTIONS -k start
ExecReload=/apps/httpd24/bin/apachectl graceful
#ExecReload=/apps/httpd24/bin/httpd $OPTIONS -k graceful
ExecStop=/apps/httpd24/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target

root@centos7_1 httpd24]#systemctl enable --now httpd24.service

Create a startup script (CentOS 6 or earlier)

#自定义启动脚本(参考httpd-2.2的服务脚本)
cp  /etc/rc.d/init.d/httpd /etc/rc.d/init.d/httpd24
vim /etc/rc.d/init.d/httpd24
apachectl=/apps/httpd24/bin/apachectl
httpd=${HTTPD-/apps/httpd24/bin/httpd}
pidfile=${PIDFILE-/apps/httpd24/logs/httpd.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd24}
chkconfig –add httpd24
chkconfig –list httpd24

One-click installation of httpd-2.4 script

方法一:
#!/bin/bash
#Author: 吴建富N46
# 安装相关包
yum -y install wget gcc make pcre-devel openssl-devel expat-devel
# 下载源代码并解压缩
wget -P /usr/local/src/ https://mirror.bit.edu.cn/apache//apr/apr-1.7.0.tar.gz
wget -P /usr/local/src/ https://mirror.bit.edu.cn/apache//apr/apr-util-
1.6.1.tar.gz
wget -P /usr/local/src/ https://mirrors.bfsu.edu.cn/apache//httpd/httpd-
2.4.46.tar.gz
cd /usr/local/src/
tar xf apr-1.7.0.tar.gz
tar xf apr-util-1.6.1.tar.gz
tar xf httpd-2.4.46.tar.gz
# 将apr和apr-util源码与httpd源码合并，三者共同编译安装
mv apr-1.7.0 httpd-2.4.46/srclib/apr
mv apr-util-1.6.1 httpd-2.4.46/srclib/apr-util
cd httpd-2.4.46/
./configure --prefix=/apps/httpd --enable-so --enable-ssl --enable-cgi --enable-
rewrite --with-zlib --with-pcre \
--with-included-apr --enable-modules=most --enable-mpms-shared=all --with-
mpm=prefork
make && make install
# 创建apache账户
useradd -r -s /sbin/nologin apache
# 修改配置文件
sed -i 's/^User.*/User apache/' /apps/httpd/conf/httpd.conf
sed -i 's/^Group.*/Group apache/' /apps/httpd/conf/httpd.conf
# 配置环境变量
echo 'PATH="/apps/httpd/bin:$PATH"' > /etc/profile.d/httpd.sh
. /etc/profile.d/httpd.sh
# 配置man帮助
echo 'MANDATORY_MANPATH  /apps/httpd/man' >> /etc/man_db.conf
# 创建service unit文件，设置开机启动
cat > /lib/systemd/system/httpd.service << EOF
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
ExecStart=/apps/httpd/bin/apachectl start
ExecReload=/apps/httpd/bin/apachectl graceful
ExecStop=/apps/httpd/bin/apachectl stop
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable --now httpd.service

#方法二:
#!/bin/bash
#Author: 李余生-N46
#Description: httpd source code install
#下载源码包
target_dir=/usr/local/src
install_dir=/usr/local/httpd
download_url=https://mirror.bit.edu.cn/apache/httpd/httpd-2.4.46.tar.bz2
file_name=${download_url##*/}
uncompress_dir=${file_name%.tar*}
rpm -q wget || yum install -y wget
wget -O $target_dir/$file_name $download_url
#安装依赖包
yum install -y gcc make apr-devel apr-util-devel pcre-devel openssl-devel
redhat-rpm-config
#添加apache用户
id apache &> /dev/null || useradd -r -u 80 -d /var/www -s /sbin/nologin apach
#解压源码包
tar xf $target_dir/$file_name -C $target_dir
cd $target_dir/$uncompress_dir
#编译安装
./configure --prefix=$install_dir --sysconfdir=/etc/httpd --enable-ssl
make -j`lscpu | grep "^CPU(s)" | awk '{print $NF}'` && make install
#设置环境变量
echo 'PATH='$install_dir'/bin:$PATH' > /etc/profile.d/httpd.sh
source /etc/profile.d/httpd.sh
#修改配置文件
sed -ri 's#(User )daemon#\1apache#' /etc/httpd/httpd.conf
sed -ri 's#(Group )daemon#\1apache#' /etc/httpd/httpd.conf
#启动httpd服务
cat > /lib/systemd/system/httpd.service << EOF
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
ExecStart=/usr/local/httpd/bin/apachectl start
ExecReload=/usr/local/httpd/bin/apachectl graceful
ExecStop=/usr/local/httpd/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable httpd.service
systemctl start httpd.service
#检查firewalld状态
firewall_status=`firewall-cmd --state`
if [ $firewall_status = running ];then
  echo "防火墙已启用，开放端口"
 firewall-cmd --permanent --add-service=http --add-service=https
 firewall-cmd --reload
fi