Déploiement séparé de l'architecture LNMP sur trois hôtes
Annuaire d'articles
Annuaire d'articles
1. Qu'est-ce que le LNMP
LNMP signifie : Architecture de serveur de site Web Nginx+MySQL+PHP sous système Linux. PHP dans Nginx est combiné avec Nginx sous la forme de fastcgi, qui peut être compris comme Nginx proxying fastcgi de PHP.
2. Pourquoi utiliser LNMP
LNMP a les caractéristiques d'un faible coût, d'un déploiement flexible, d'un développement rapide, de la sécurité et de la stabilité, etc. C'est une excellente combinaison d'applications et d'environnements de réseau Web. S'il s'agit d'un site Web personnel avec une configuration de serveur relativement faible, l'architecture LNMP est bien sûr préférée.
3. Comment fonctionne LNMP
Tout d'abord, le service Nginx ne peut pas gérer les requêtes dynamiques, donc lorsqu'un utilisateur lance une requête dynamique, comment Nginx la gère-t-il.
1. Requête statique : demande des fichiers statiques ou des pages html, fichiers html qui existent sur le serveur Fichiers
statiques : fichiers téléchargés sur le serveur, les fichiers qui ne changeront jamais sont des fichiers statiques
html est un fichier statique standard
2, requêtes dynamiques : requêtes de contenu dynamique, requêtes avec paramètres Les
pages dynamiques n'existent pas sur le serveur, et peuvent être des pages composées de valeurs provenant de bases de données ou de redis et d'autres endroits
Lorsqu'un utilisateur lance une requête http, la requête est traitée par Nginx. S'il s'agit d'une requête de ressource statique, Nginx la renvoie directement. S'il s'agit d'une requête dynamique, Nginx la transfère au programme PHP principal pour traitement via le protocole fastcgi, comme illustré dans la figure suivante.
12. Processus de flux de données Requête : navigateur -> équilibrage de charge -> nginx -> php-fpm -> wrapper -> mysql
Réponse : mysql -> wrapper -> php-fpm -> nginx -> load balancing -> browser.
4. Déploiement LNMP
Descriptif environnement :
| Nom du processeur | adresse IP | Version de l'application | système |
|---|---|---|---|
| nginx | 192.168.183.135 | nginx-1.20.2 | j'ai essayé8 |
| mysql | 192.168.183.136 | mysql-5.7.38 | j'ai essayé8 |
| php | 192.168.183.137 | php-8.1.11 | j'ai essayé8 |
1. Installez nginx
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname nginx
[root@localhost ~]# bash
[root@nginx ~]# setenforce 0
[root@nginx ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@nginx ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//创建用户
[root@nginx ~]# useradd -rMs /sbin/nologin nginx
//安装依赖包
[root@nginx ~]# dnf -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make wget vim
//下载nginx软件包并解压
[root@nginx ~]# wget http://nginx.org/download/nginx-1.20.2.tar.gz
--2022-10-11 13:47:12-- http://nginx.org/download/nginx-1.20.2.tar.gz
Resolving nginx.org (nginx.org)... 3.125.197.172, 52.58.199.22, 2a05:d014:edb:5704::6, ...
Connecting to nginx.org (nginx.org)|3.125.197.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1062124 (1.0M) [application/octet-stream]
Saving to: ‘nginx-1.20.2.tar.gz’
nginx-1.20.2.tar.gz 100%[================>] 1.01M 658KB/s in 1.6s
2022-10-11 13:47:14 (658 KB/s) - ‘nginx-1.20.2.tar.gz’ saved [1062124/1062124]
[root@nginx ~]# tar -xf nginx-1.20.2.tar.gz
//进入目录配置编译安装
[root@nginx ~]# cd nginx-1.20.2
[root@nginx nginx-1.20.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-debug \
> --with-http_ssl_module \
> --with-http_realip_module \
> --with-http_image_filter_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module \
> --http-log-path=/var/log/nginx/access.log \
> --error-log-path=/var/log/nginx/error.log
[root@nginx nginx-1.20.2]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//安装完成
[root@nginx nginx-1.20.2]# cd /usr/local/nginx/
[root@nginx nginx]# ls
conf html logs sbin
//配置环境变量
[root@nginx nginx]# echo "export PATH=$PATH:/usr/local/nginx/sbin" > /etc/profile.d/nginx.sh
[root@nginx nginx]# source /etc/profile.d/nginx.sh
//编写service文件启动服务
[root@nginx nginx]# cd
[root@nginx ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
> [Unit]
> Description=nginx server daemon
> After=network.target
>
> [Service]
> Type=forking
> ExecStart=/usr/local/nginx/sbin/nginx
> ExecStop=/usr/local/nginx/sbin/nginx -s stop
> ExecReload=/bin/kill -HUP \$MAINPID
>
> [Install]
> WantedBy=multi-user.target
> EOF
[root@nginx ~]# systemctl daemon-reload
[root@nginx ~]# systemctl enable --now nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
[root@nginx ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
2. Installez mysql
//修改主机名关闭防火墙和selinux
[root@localhost ~]# hostnamectl set-hostname mysql
[root@localhost ~]# bash
[root@mysql ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@mysql ~]# setenforce 0
[root@mysql ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//安装依赖包
[root@mysql ~]# dnf -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
//创建用户
[root@mysql ~]# useradd -rMs /sbin/nologin mysql
//下载mysql软件包
[root@mysql ~]# ls
anaconda-ks.cfg mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz //此处为节约时间是将提前下载好的进行上传
//解压重命名
[root@mysql ~]# tar xf mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@mysql ~]# cd /usr/local/
[root@mysql local]# ls
bin games lib libexec sbin src
etc include lib64 mysql-5.7.38-linux-glibc2.12-x86_64 share
[root@mysql local]# mv mysql-5.7.38-linux-glibc2.12-x86_64 mysql
[root@mysql local]# ls
bin etc games include lib lib64 libexec mysql sbin share src
//修改属主属组
[root@mysql local]# chown -R mysql.mysql mysql
//配置include、man及环境变量
[root@mysql local]# ln -s /usr/local/mysql/include /usr/include/mysql
[root@mysql local]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@mysql local]# vi /etc/man_db.conf
MANDATORY_MANPATH /usr/local/mysql/man
[root@mysql local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@mysql local]# source /etc/profile.d/mysql.sh
[root@mysql local]# which mysql
/usr/local/mysql/bin/mysql
//建立数据存放目录
[root@mysql ~]# mkdir -p /opt/data
[root@mysql ~]# chown -R mysql.mysql /opt/data/
//初始化数据库
[root@mysql ~]# mysqld --initialize --user mysql --datadir /opt/data
2022-10-11T06:12:47.976658Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2022-10-11T06:12:48.115799Z 0 [Warning] InnoDB: New log files created, LSN=45790
2022-10-11T06:12:48.152163Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2022-10-11T06:12:48.163911Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: ba9d3275-492b-11ed-bad6-000c2907de9b.
2022-10-11T06:12:48.165296Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2022-10-11T06:12:48.355412Z 0 [Warning] A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355437Z 0 [Warning] A deprecated TLS version TLSv1.1 is enabled. Please use TLSv1.2 or higher.
2022-10-11T06:12:48.355796Z 0 [Warning] CA certificate ca.pem is self signed.
2022-10-11T06:12:48.392081Z 1 [Note] A temporary password is generated for root@localhost: M.81jgNZ9DKR
[root@mysql ~]# echo 'M.81jgNZ9DKR' > pass
//生成配置文件
[root@mysql ~]# cat >> /etc/my.cnf <<EOF
> [mysqld]
> basedir = /usr/local/mysql
> datadir = /opt/data
> socket = /tmp/mysql.sock
> port = 3306
> pid-file = /opt/data/mysql.pid
> user = mysql
> skip-name-resolve
> EOF
//配置服务启动脚本
[root@mysql ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@mysql ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
[root@mysql ~]# chmod +x /etc/init.d/mysqld
//编写service文件启动服务并设置开机自启
[root@mysql ~]# cat > /usr/lib/systemd/system/mysqld.service <<EOF
[Unit]
Description=mysqld server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/mysqld start
ExecStop=/etc/init.d/mysqld stop
ExecReload=/bin/kill -HUP \$MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@mysql ~]# systemctl daemon-reload
[root@mysql ~]# systemctl enable --now mysqld
[root@mysql ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
//登录mysql修改密码
[root@mysql ~]# cat pass
M.81jgNZ9DKR
[root@mysql ~]# mysql -uroot -pM.81jgNZ9DKR
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.38
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('123com');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
[root@mysql ~]# mysql -uroot -p123com
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.38 MySQL Community Server (GPL)
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
3. Installez PHP
//修改主机名关闭防火墙selinux
[root@localhost ~]# hostnamectl set-hostname php
[root@localhost ~]# bash
[root@php ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@php ~]# setenforce 0
[root@php ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//配置yum源
[root@php ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
[root@php ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
//安装依赖包
[root@php ~]# yum -y install epel-release
[root@php ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ wget make ncurses-devel openssl cmake libxm12 libxm12-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel php-mysqlnd libsqlite3x-devel libzip-devel https://dl.rockylinux.org/pub/rocky/9/CRB/x86_64/os/Packages/o/oniguruma-devel-6.9.6-1.el9.5.x86_64.rpm http://mirror.stream.centos.org/9-stream/CRB/x86_64/os/Packages/libzip-devel-1.7.3-7.el9.x86_64.rpm http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm --allowerasing --skip-broken --nobest
//下载php软件包
[root@php ~]# wget https://www.php.net/distributions/php-8.1.11.tar.gz
//解压软件包编译安装
[root@php ~]# tar xf php-8.1.11.tar.gz
[root@php ~]# cd php-8.1.11
[root@php php-8.1.11]# ./configure --prefix=/usr/local/php8 --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix
[root@php php-8.1.11]# make
[root@php php-8.1.11]# make install
//配置环境变量查看版本
[root@php php-8.1.11]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php8.sh
[root@php php-8.1.11]# source /etc/profile.d/php8.sh
[root@php php-8.1.11]# which php
/usr/local/php8/bin/php
[root@php php-8.1.11]# php -v
PHP 8.1.11 (cli) (built: Oct 11 2022 15:39:15) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.11, Copyright (c) Zend Technologies
//配置php-fpm
[root@php php-8.1.11]# cp php.ini-production /etc/php.ini
cp: overwrite '/etc/php.ini'? y
[root@php php-8.1.11]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@php php-8.1.11]# chmod +x /etc/init.d/php-fpm
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@php php-8.1.11]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf
//编写service文件启动服务并设为开机自启
[root@php php-8.1.11]# cat > /usr/lib/systemd/system/php.service <<EOF
[Unit]
Description=php server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/php-fpm start
ExecStop=/etc/init.d/php-fpm stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
[root@php php-8.1.11]# systemctl daemon-reload
[root@php php-8.1.11]# systemctl enable --now php
Created symlink /etc/systemd/system/multi-user.target.wants/php.service → /usr/lib/systemd/system/php.service.
[root@php php-8.1.11]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
4. Configurer après l'installation
serveur nginx
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
······
location / {
root html;
index index.php index.html index.htm; //添加index.php
}
······
location ~ \.php$ {
root html;
fastcgi_pass 192.168.183.137:9000; //改为php端ip
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; //将$/scripts修改为根目录
include fastcgi_params;
}
//检查配置文件是否有错误
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
//重启服务
[root@nginx ~]# systemctl restart nginx
//创建index.php文件
[root@nginx ~]# cd /usr/local/nginx/html/
[root@nginx html]# vim index.php
[root@nginx html]# cat index.php
<?php
phpinfo();
?>
serveur php
[root@php ~]# vim /usr/local/php8/etc/php-fpm.d/www.conf
listen = 192.168.183.137:9000 //监听php服务器的ip端口号为9000
;listen.allowed_clients = 192.168.183.135 //允许nginx服务器进行访问
//创建index.php文件
[root@php ~]# mkdir /var/www
[root@php ~]# cat > /var/www/index.php <<EOF
> <?php
> phpinfo();
> ?>
> EOF
//重启服务
[root@php ~]# systemctl restart php
[root@php ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 192.168.183.137:9000 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
vérification d'accès
