1、http的认识
http:hyper text transfer protocol,是Apache超文本传输协议(HTTP)服务器的主程序。被设计为一个独立运行的后台进程,它会建立一个处理请求的子进程或线程的池。通常,httpd不应该被直接调用,而应该在类Unix系统中由apachectl调用,在Windows中作为服务运行。
2、http的版本与特性
2.2版本特性:
1)事先创建进程
2)按需维持适当的进程
3)模块化设计,核心比较小,各种功能通过模块添加(包括PHP),支持运行时配置,支持单独编译模块
4)支持多种方式的虚拟主机配置,如基于ip的虚拟主机,基于端口的虚拟主机,基于域名的虚拟主机等
5)支持https协议(通过mod_ssl模块实现)
6)支持用户认证
7)支持基于IP或域名的ACL访问控制机制
8)支持每目录的访问控制(用户访问默认主页时不需要提供用户名和密码,但是用户访问某特定目录时需要提供用户名和密码)
9)支持URL重写
10)支持MPM(Multi Path Modules,多处理模块)。用于定义httpd的工作模型(单进程、单进程多线程、多进程、多进程单线程、多进程多线程)
2.4版本新特性:
httpd-2.4的新特性:
1)MPM支持运行DSO机制(Dynamic Share Object,模块的动态装/卸载机制),以模块形式按需加载
2)支持event MPM,eventMPM模块生产环境可用
3)支持异步读写
4)支持每个模块及每个目录分别使用各自的日志级别
5)每个请求相关的专业配置,使用来配置
6)增强版的表达式分析器
7)支持毫秒级的keepalive timeout
8)基于FQDN的虚拟主机不再需要NameVirtualHost指令
9)支持用户自定义变量
10)支持新的指令(AllowOverrideList)
11)降低对内存的消耗
httpd的三种工作模式:
| 工作模型 | 工作方式 |
|---|---|
| prefork | 多进程模型,预先生成进程,一个请求用一个进程响应;一个主进程负责生成n个子进程,子进程也称为工作进程每个子进程处理一个用户请求,即使没有用户请求,也会预先生成多个空闲进程,随时等待请求到达,最大不会超过1024个 |
| worker | 基于线程工作,一个请求用一个线程响应(启动多个进程,每个进程生成多个线程) |
| event | 基于事件的驱动,一个进程处理多个请求 |
httpd-2.4新增加的模块
| 模块 | 功能 |
|---|---|
| mod_proxy_fcgi | 反向代理时支持apache服务器后端协议的模块 |
| mod_ratelimit | 提供速率限制功能的模块 |
| mod_remoteip | 基于ip的访问控制机制被改变,不再支持使用Order,Deny,Allow来做基于IP的访问控制 |
3、httpd基础
httpd自带的工具程序:
| 工具 | 功能 |
|---|---|
| htpasswd | basic认证基于文件实现时,用到的账号密码生成工具 |
| apachectl | httpd自带的服务控制脚本,支持start,stop,restart |
| apxs | 由httpd-devel包提供的,扩展httpd使用第三方模块的工具 |
| rotatelogs | 日志滚动工具 |
| suexec | 访问某些有特殊权限配置的资源时,临时切换至指定用户运行的工具 |
| ab | apache benchmark,httpd的压力测试工具 |
基于yum安装时httpd程序的文件
| 文件/目录 | 功能 |
|---|---|
| /var/log/httpd/access.log | 访问日志 |
| /var/log/httpd/error_log | 错误日志 |
| /var/www/html/ | 网站站点目录 |
| /etc/httpd/conf/httpd.conf | 主配置文件 |
| /usr/lib64/httpd/modules/ | 模块文件路径 |
| /etc/httpd/conf.modules.d/*.conf | 模块配置文件 |
| /etc/httpd/conf.d/*.conf | 辅助配置文件 |
mpm:以DSO机制提供,配置文件为/etc/httpd/conf.modules.d/00-mpm.conf
httpd命令的使用:
语法:httpd [options]
-l #查看静态编译的模块,列出核心中编译了哪些模块。它不会列出使用LoadModule指令动态加载的模块
-M #输出一个已经启用的模块列表,包括静态编译在服务器中的模块和作为DSO动态加载的模块
-v #显示httpd的版本,然后退出
-V #显示httpd和apr/apr-util的版本和编译参数,然后退出
-X #以调试模式运行httpd。仅启动一个工作进程,并且服务器不与控制台脱离
-t #检查配置文件是否有语法错误(常用)
4、编译安装httpd
环境说明:
服务器ip地址:192.168.10.10
客户端ip地址:192.168.10.20
需要准备的源码包文件:
apr-1.6.5.tar.bz2
apr-util-1.6.1.tar.bz2
httpd-2.4.37.tar.bz2
1)安装编译工具与开发工具
[root@jyy src]# yum install gcc gcc-c++ bzip2
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
jyy | 4.1 kB 00:00:00
Package bzip2-1.0.6-12.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package gcc.x86_64 0:4.8.3-9.el7 will be installed
--> Processing Dependency: cpp = 4.8.3-9.el7 for package: gcc-4.8.3-9.el7.x86_64
--> Processing Dependency: glibc-devel >= 2.2.90-12 for package: gcc-4.8.3-9.el7.x86_64
--> Processing Dependency: libmpc.so.3()(64bit) for package: gcc-4.8.3-9.el7.x86_64
--> Processing Dependency: libmpfr.so.4()(64bit) for package: gcc-4.8.3-9.el7.x86_64
---> Package gcc-c++.x86_64 0:4.8.3-9.el7 will be installed
--> Processing Dependency: libstdc++-devel = 4.8.3-9.el7 for package: gcc-c++-4.8.3-9.el7.x86_64
[root@jyy src]# yum groupinstall "Development Tools" -y
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Resolving Dependencies
--> Running transaction check
---> Package autoconf.noarch 0:2.69-11.el7 will be installed
--> Processing Dependency: m4 >= 1.4.14 for package: autoconf-2.69-11.el7.noarch
--> Processing Dependency: perl(Data::Dumper) for package: autoconf-2.69-11.el7.noarch
---> Package automake.noarch 0:1.13.4-3.el7 will be installed
--> Processing Dependency: perl(TAP::Parser) for package: automake-1.13.4-3.el7.noarch
2)创建apache系统用户
[root@jyy src]# groupadd -r apache
[root@jyy src]# useradd -r -g apache -s /sbin/nologin apache
[root@jyy src]# yum -y install openssl-devel pcre-devel expat-devel libtool
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Package libtool-2.4.2-20.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package expat-devel.x86_64 0:2.1.0-8.el7 will be installed
---> Package openssl-devel.x86_64 1:1.0.1e-42.el7 will be installed
--> Processing Dependency: krb5-devel(x86-64) for package: 1:openssl-devel-1.0.1e-42.el7.x86_64
--> Processing Dependency: zlib-devel(x86-64) for package: 1:openssl-devel-1.0.1e-42.el7.x86_64
---> Package pcre-devel.x86_64 0:8.32-14.el7 will be installed
3)apr的编译安装
oot@jyy src]# ls
▽pr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 debug httpd-2.4.34.tar.bz2 kernels
[root@jyy src]# tar xf apr-1.6.3.tar.bz2
[root@jyy src]# ls
apr-1.6.3 apr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 debug httpd-2.4.34.tar.bz2 kernels
[root@jyy src]# cd apr-1.6.3/
[root@jyy apr-1.6.3]# ls
apr-config.in atomic config.layout file_io LICENSE network_io README.cmake time
apr.dep build configure helpers locks NOTICE shmem tools
apr.dsp buildconf configure.in include Makefile.in NWGNUmakefile strings user
apr.dsw build.conf docs libapr.dep Makefile.win passwd support
apr.mak build-outputs.mk dso libapr.dsp memory poll tables
apr.pc.in CHANGES emacs-mode libapr.mak misc random test
apr.spec CMakeLists.txt encoding libapr.rc mmap README threadproc
[root@jyy apr-1.6.3]# vim configure
# See if we are running on zsh, and set the options that allow our
# commands through without removal of \ escapes.
if test -n "${ZSH_VERSION+set}"; then
setopt NO_GLOB_SUBST
fi
cfgfile=${ofile}T
trap "$RM \"$cfgfile\"; exit 1" 1 2 15
# $RM "$cfgfile" //将此行加上注释,或者删除此行
cat <<_LT_EOF >> "$cfgfile"
[root@jyy apr-1.6.3]# ./configure --prefix=/usr/local/apr
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
Configuring APR library
Platform: x86_64-pc-linux-gnu
checking for working mkdir -p... yes
APR Version: 1.6.3
checking for chosen layout... apr
checking for gcc... gcc
[root@jyy apr-1.6.3]# make && make install
make[1]: Entering directory `/usr/src/apr-1.6.3'
/usr/src/apr-1.6.3/build/mkdir.sh tools
/bin/sh /usr/src/apr-1.6.3/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -I./include -I/usr/src/apr-1.6.3/include/arch/unix -I./include/arch/unix -I/usr/src/apr-1.6.3/include/arch/unix -I/usr/src/apr-1.6.3/include -I/usr/src/apr-1.6.3/include/private -I/usr/src/apr-1.6.3/include/private -o tools/gen_test_char.lo -c tools/gen_test_char.c && touch tools/gen_test_char.lo
4)编译安装httpd
mkdir /etc/httpd24/original/extra
Installing HTML documents
mkdir /usr/local/apache/htdocs
Installing error documents
mkdir /usr/local/apache/error
Installing icons
mkdir /usr/local/apache/icons
mkdir /usr/local/apache/logs
Installing CGIs
mkdir /usr/local/apache/cgi-bin
Installing header files
mkdir /usr/local/apache/include
Installing build system files
mkdir /usr/local/apache/build
Installing man pages and online manual
mkdir /usr/local/apache/man
mkdir /usr/local/apache/man/man1
mkdir /usr/local/apache/man/man8
mkdir /usr/local/apache/manual
make[1]: Leaving directory `/usr/src/httpd-2.4.34'
[root@jyy httpd-2.4.34]#
5)启动服务,查看网页是否可以访问
vim /etc/profile.d/httpd.sh
export PATH=/usr/local/apache/bin:$PATH //添加环境变量
[root@jyy apache]# source /etc/profile.d/httpd.sh
[root@jyy apache]#
# If your host doesn't have a registered DNS name, enter i
ts IP address here.
#
ServerName www.example.com:80 //修改主配置文件,把这一行的注释去掉
[root@jyy apache]# apachectl start
[root@jyy apache]# ss -tunl | grep 80
tcp LISTEN 0 128 :::80 :::*
[root@jyy apache]#
5、三种虚拟主机的配置
1)基于不同端口:
#virtual host 1 # 虚拟主机1的配置
<VirtualHost 192.168.10.10:80>
ServerName www.tom.com
DocumentRoot "/usr/local/apache/htdocs/tom"
ErrorLog "logs/tom_error_log"
CustomLog "logs/tom_access_log" combined
<Directory /usr/local/apache/htdocs/tom>
<RequireAll>
Require ip 192.168.10.20
</RequireAll>
</Directory>
</VirtualHost>
#virtual host 2 # 虚拟主机2的配置
<VirtualHost 192.168.10.10:8080>
ServerName www.jerry.com
DocumentRoot "/usr/local/apache/htdocs/jerry"
ErrorLog "logs/jerry_error_log"
CustomLog "logs/jerry_access_log" combined
<Directory /usr/local/apache/htdocs/jerry>
<RequireAll>
Require ip 192.168.10.20
</RequireAll>
</Directory>
</VirtualHost>
//添加8080端口
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80
Listen 8080
[root@jyy htdocs]# mkdir tom
[root@jyy htdocs]# mkdir jerry
[root@jyy htdocs]#
[root@jyy htdocs]# echo "Hello wo is tom" > ./tom/index.html
[root@jyy htdocs]# echo "Hello wo is jerry" > ./jerry/index.html
[root@jyy htdocs]#
[root@jyy htdocs]# chown apache.apache -R /usr/local/apache/htdocs/
[root@jyy bin]# apachectl stop
[root@jyy bin]# apachectl start
[root@jyy bin]# ss -tunl | grep 80 8080
grep: 8080: No such file or directory
[root@jyy bin]# ss -tunl | grep 80
tcp LISTEN 0 128 :::8080 :::*
tcp LISTEN 0 128 :::80 :::*
[root@jyy bin]#
在客户端测试是否只有192.168.10.20可以访问
2)基于不同ip地址:
<VirtualHost 192.168.10.10:80>
ServerName www.tom.com
DocumentRoot "/usr/local/apache/htdocs/tom"
ErrorLog "logs/tom_error_log"
CustomLog "logs/tom_access_log" combined
<Directory /usr/local/apache/htdocs/tom>
<RequireAll>
Require ip 192.168.10.20
</RequireAll>
</Directory>
</VirtualHost>
#virtual host 2 # 虚拟主机2的配置
<VirtualHost 192.168.10.30:80>
ServerName www.jerry.com
DocumentRoot "/usr/local/apache/htdocs/jerry"
ErrorLog "logs/jerry_error_log"
CustomLog "logs/jerry_access_log" combined
<Directory /usr/local/apache/htdocs/jerry>
<RequireAll>
//添加一个ip地址
[root@jyy bin]# ip addr add 192.168.10.30/24 dev eno16777736
RTNETLINK answers: File exists
[root@jyy bin]# apachectl stop
[root@jyy bin]# apachectl start
[root@jyy bin]# ss -tunl | grep 80
tcp LISTEN 0 128 :::80 :::*
[root@jyy bin]#
客户端访问测试:
3)基于域名访问:
#virtual host 1 # 虚拟主机1的配置
<VirtualHost 192.168.10.10:80>
ServerName www.tom.com
DocumentRoot "/usr/local/apache/htdocs/tom"
ErrorLog "logs/tom_error_log"
CustomLog "logs/tom_access_log" combined
<Directory /usr/local/apache/htdocs/tom>
<RequireAll>
Require ip 192.168.10.20
</RequireAll>
</Directory>
</VirtualHost>
#virtual host 2 # 虚拟主机2的配置
<VirtualHost 192.168.10.10:80>
ServerName www.jerry.com
DocumentRoot "/usr/local/apache/htdocs/jerry"
ErrorLog "logs/jerry_error_log"
CustomLog "logs/jerry_access_log" combined
[root@jyy bin]# apachectl stop
[root@jyy bin]# apachectl start
[root@jyy bin]# ss -tunl | grep 80
tcp LISTEN 0 128 :::80 :::*
[root@jyy bin]#
在客户端主机解析文件里添加记录
[root@jyy ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.10 www.tom.com
192.168.10.10 www.jerry.com
