Separate deployment of LNMP architecture on three hosts
1. What is LNMP
LNMP stands for: Nginx+MySQL+PHP website server architecture under Linux system. PHP in Nginx is combined with Nginx in the form of fastcgi, which can be understood as Nginx proxying PHP's fastcgi.
2. Why use LNMP
LNMP has the characteristics of low cost, flexible deployment, rapid development, security and stability, etc. It is an excellent combination of Web network applications and environments. If it is a personal website with relatively low server configuration, of course the LNMP architecture is preferred.
3. How LNMP works
First of all, the Nginx service cannot handle dynamic requests, so when a user initiates a dynamic request, how does Nginx handle it.
1. Static request: request static files or html pages, html files that exist on the server
Static files: files uploaded to the server, files that will never change are static files
html is a standard static file
2, dynamic requests: requests for dynamic content, requests with parameters Dynamic
pages do not exist on the server, and may be pages made up of values from databases or redis and other places
When a user initiates an http request, the request will be processed by Nginx. If it is a static resource request, Nginx will return it directly. If it is a dynamic request, Nginx will transfer it to the back-end PHP program for processing through the fastcgi protocol, as shown in the following figure.
12. Data flow process Request: browser -> load balancing -> nginx -> php-fpm -> wrapper -> mysql
Response: mysql -> wrapper -> php-fpm -> nginx -> load balancing -> browser.
4. LNMP Deployment
Environment description :
| CPU name | IP address | App version | system |
|---|---|---|---|
| nginx | 192.168.183.135 | nginx-1.20.2 | i tried8 |
| mysql | 192.168.183.136 | mysql-5.7.38 | i tried8 |
| php | 192.168.183.137 | php-8.1.11 | i tried8 |
1. Install nginx
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname nginx
[root@localhost ~]# bash
[root@nginx ~]# setenforce 0
[root@nginx ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@nginx ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//创建用户
[root@nginx ~]# useradd -rMs /sbin/nologin nginx
//安装依赖包
[root@nginx ~]# dnf -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make wget vim
//下载nginx软件包并解压
[root@nginx ~]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
--2022-10-11 13:47:12-- http://nginx.org/download/nginx-1.20.2.tar.gz
Resolving nginx.org (nginx.org)... 3.125.197.172, 52.58.199.22, 2a05:d014:edb:5704::6, ...
Connecting to nginx.org (nginx.org)|3.125.197.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1062124 (1.0M) [application/octet-stream]
Saving to: ‘nginx-1.20.2.tar.gz’
nginx-1.20.2.tar.gz 100%[================>] 1.01M 658KB/s in 1.6s
2022-10-11 13:47:14 (658 KB/s) - ‘nginx-1.20.2.tar.gz’ saved [1062124/1062124]
[root@nginx ~]# tar -xf nginx-1.20.2.tar.gz
//进入目录配置编译安装
[root@nginx ~]# cd nginx-1.20.2
[root@nginx nginx-1.20.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-debug \
> --with-http_ssl_module \
> --with-http_realip_module \
> --with-http_image_filter_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module \
> --http-log-path=/var/log/nginx/access.log \
> --error-log-path=/var/log/nginx/error.log
[root@nginx nginx-1.20.2]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//安装完成
[root@nginx nginx-1.20.2]# cd /usr/local/nginx/
[root@nginx nginx]# ls
conf html logs sbin
//配置环境变量
[root@nginx nginx]# echo "export PATH=$PATH:/usr/local/nginx/sbin" > /etc/profile.d/nginx.sh
[root@nginx nginx]# source /etc/profile.d/nginx.sh
//编写service文件启动服务
[root@nginx nginx]# cd
[root@nginx ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
> [Unit]
> Description=nginx server daemon
> After=network.target
>
> [Service]
> Type=forking
> ExecStart=/usr/local/nginx/sbin/nginx
> ExecStop=/usr/local/nginx/sbin/nginx -s stop
> ExecReload=/bin/kill -HUP \$MAINPID
>
> [Install]
> WantedBy=multi-user.target
> EOF
[root@nginx ~]# systemctl daemon-reload
[root@nginx ~]# systemctl enable --now nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
[root@nginx ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
2. Install mysql
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname mysql
[root@localhost ~]# bash
[root@mysql ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# setenforce 0
[root@mysql ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//安装依赖包
[root@mysql ~]# dnf -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
//创建用户
[root@mysql ~]# useradd -rMs /sbin/nologin mysql
//下载mysql软件包
[root@mysql ~]# ls
anaconda-ks.cfg mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz //此处为节约时间是将提前下载好的进行上传
//解压重命名
[root@mysql ~]# tar xf mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@mysql ~]# cd /usr/local/
[root@mysql local]# ls
bin games lib libexec sbin src
etc include lib64 mysql-5.7.38-linux-glibc2.12-x86_64 share
[root@mysql local]# mv mysql-5.7.38-linux-glibc2.12-x86_64 mysql
[root@mysql local]# ls
bin etc games include lib lib64 libexec mysql sbin share src
//修改属主属组
[root@mysql local]# chown -R mysql.mysql mysql
//配置include、man及环境变量
[root@mysql local]# ln -s /usr/local/mysql/include /usr/include/mysql
[root@mysql local]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@mysql local]# vi /etc/man_db.conf
MANDATORY_MANPATH /usr/local/mysql/man
[root@mysql local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@mysql local]# source /etc/profile.d/mysql.sh
[root@mysql local]# which mysql
/usr/local/mysql/bin/mysql
//建立数据存放目录
[root@mysql ~]# mkdir -p /opt/data
[root@mysql ~]# chown -R mysql.mysql /opt/data/
//初始化数据库
[root@mysql ~]# mysqld --initialize --user mysql --datadir /opt/data
2022-10-11T06:12:47.976658Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2022-10-11T06:12:48.115799Z 0 [Warning] InnoDB: New log files created, LSN=45790
2022-10-11T06:12:48.152163Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2022-10-11T06:12:48.163911Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: ba9d3275-492b-11ed-bad6-000c2907de9b.
2022-10-11T06:12:48.165296Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2022-10-11T06:12:48.355412Z 0 [Warning] A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355437Z 0 [Warning] A deprecated TLS version TLSv1.1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355796Z 0 [Warning] CA certificate ca.pem is self signed.
2022-10-11T06:12:48.392081Z 1 [Note] A temporary password is generated for root@localhost: M.81jgNZ9DKR
[root@mysql ~]# echo 'M.81jgNZ9DKR' > pass
//生成配置文件
[root@mysql ~]# cat >> /etc/my.cnf <<EOF
> [mysqld]
> basedir = /usr/local/mysql
> datadir = /opt/data
> socket = /tmp/mysql.sock
> port = 3306
> pid-file = /opt/data/mysql.pid
> user = mysql
> skip-name-resolve
> EOF
//配置服务启动脚本
[root@mysql ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
[root@mysql ~]# chmod +x /etc/init.d/mysqld
//编写service文件启动服务并设置开机自启
[root@mysql ~]# cat > /usr/lib/systemd/system/mysqld.service <<EOF
[Unit]
Description=mysqld server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/mysqld start
ExecStop=/etc/init.d/mysqld stop
ExecReload=/bin/kill -HUP \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@mysql ~]# systemctl daemon-reload
[root@mysql ~]# systemctl enable --now mysqld
[root@mysql ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
//登录mysql修改密码
[root@mysql ~]# cat pass
M.81jgNZ9DKR
[root@mysql ~]# mysql -uroot -pM.81jgNZ9DKR
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.38
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('123com');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
[root@mysql ~]# mysql -uroot -p123com
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.38 MySQL Community Server (GPL)
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
3. Install PHP
//修改主机名关闭防火墙selinux
[root@localhost ~]# hostnamectl set-hostname php
[root@localhost ~]# bash
[root@php ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@php ~]# setenforce 0
[root@php ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//配置yum源
[root@php ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
[root@php ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
//安装依赖包
[root@php ~]# yum -y install epel-release
[root@php ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ wget make ncurses-devel openssl cmake libxm12 libxm12-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel php-mysqlnd libsqlite3x-devel libzip-devel https://dl.rockylinux.org/pub/rocky/9/CRB/x86_64/os/Packages/o/oniguruma-devel-6.9.6-1.el9.5.x86_64.rpm http://mirror.stream.centos.org/9-stream/CRB/x86_64/os/Packages/libzip-devel-1.7.3-7.el9.x86_64.rpm http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm --allowerasing --skip-broken --nobest
//下载php软件包
[root@php ~]# wget https://www.php.net/distributions/php-8.1.11.tar.gz
//解压软件包编译安装
[root@php ~]# tar xf php-8.1.11.tar.gz
[root@php ~]# cd php-8.1.11
[root@php php-8.1.11]# ./configure --prefix=/usr/local/php8 --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix
[root@php php-8.1.11]# make
[root@php php-8.1.11]# make install
//配置环境变量查看版本
[root@php php-8.1.11]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php8.sh
[root@php php-8.1.11]# source /etc/profile.d/php8.sh
[root@php php-8.1.11]# which php
/usr/local/php8/bin/php
[root@php php-8.1.11]# php -v
PHP 8.1.11 (cli) (built: Oct 11 2022 15:39:15) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.11, Copyright (c) Zend Technologies
//配置php-fpm
[root@php php-8.1.11]# cp php.ini-production /etc/php.ini
cp: overwrite '/etc/php.ini'? y
[root@php php-8.1.11]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@php php-8.1.11]# chmod +x /etc/init.d/php-fpm
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf
//编写service文件启动服务并设为开机自启
[root@php php-8.1.11]# cat > /usr/lib/systemd/system/php.service <<EOF
[Unit]
Description=php server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/php-fpm start
ExecStop=/etc/init.d/php-fpm stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@php php-8.1.11]# systemctl daemon-reload
[root@php php-8.1.11]# systemctl enable --now php
Created symlink /etc/systemd/system/multi-user.target.wants/php.service → /usr/lib/systemd/system/php.service.
[root@php php-8.1.11]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
4. Configure after installation
nginx server
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
······
location / {
root html;
index index.php index.html index.htm; //添加index.php
}
······
location ~ \.php$ {
root html;
fastcgi_pass 192.168.183.137:9000; //改为php端ip
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; //将$/scripts修改为根目录
include fastcgi_params;
}
//检查配置文件是否有错误
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
//重启服务
[root@nginx ~]# systemctl restart nginx
//创建index.php文件
[root@nginx ~]# cd /usr/local/nginx/html/
[root@nginx html]# vim index.php
[root@nginx html]# cat index.php
<?php
phpinfo();
?>
php server
[root@php ~]# vim /usr/local/php8/etc/php-fpm.d/www.conf
listen = 192.168.183.137:9000 //监听php服务器的ip端口号为9000
;listen.allowed_clients = 192.168.183.135 //允许nginx服务器进行访问
//创建index.php文件
[root@php ~]# mkdir /var/www
[root@php ~]# cat > /var/www/index.php <<EOF
> <?php
> phpinfo();
> ?>
> EOF
//重启服务
[root@php ~]# systemctl restart php
[root@php ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 192.168.183.137:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
access verification
