目录
5.5 配置 php 支持 redis 保存 session
5.7 访问 web 页面测试实现session保存在redis服务
利用 LNMP 实现WordPress站点搭建
LNMP项目实战环境说明
L:Linux(CentOS7)https://mirrors.aliyun.com/centos/7/isos/x86_64/
N:Nginx(1.18.0) https://nginx.org/en/download.html
M:MySQL(8.0.19) https://dev.mysql.com/downloads/mysql/
P:PHP(7.4.10) http://php.net/downloads.php
Wordpress(5.4.2):https://cn.wordpress.org/download/
#部署规划:
10.0.0.7:Nginx php-fpm 运行web服务
10.0.0.17:运行MySQL数据库,Redis服务
1 部署数据库
在10.0.0.17主机部署MySQL服务
1.1 二进制部署MySQL数据库
[root@centos7 ~]#cat install_mysql5.7or8.0_for_centos.sh
#!/bin/bash
. /etc/init.d/functions
SRC_DIR=`pwd`
MYSQL='mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz'
COLOR='echo -e \E[01;31m'
END='\E[0m'
MYSQL_ROOT_PASSWORD=magedu
check (){
if [ $UID -ne 0 ]; then
action "当前用户不是root,安装失败" false
exit 1
fi
cd $SRC_DIR
if [ ! -e $MYSQL ];then
$COLOR"缺少${MYSQL}文件"$END
$COLOR"请将相关软件放在${SRC_DIR}目录下"$END
exit
elif [ -e /usr/local/mysql ];then
action "数据库已存在,安装失败" false
exit
else
return
fi
}
install_mysql(){
$COLOR"开始安装MySQL数据库..."$END
yum -y -q install libaio numactl-libs libaio &> /dev/null
cd $SRC_DIR
tar xf $MYSQL -C /usr/local/
MYSQL_DIR=`echo $MYSQL| sed -nr 's/^(.*[0-9]).*/\1/p'`
ln -s /usr/local/$MYSQL_DIR /usr/local/mysql
chown -R root.root /usr/local/mysql/
id mysql &> /dev/null || { useradd -s /sbin/nologin -r mysql ; action "创建mysql用户"; }
echo 'PATH=/usr/local/mysql/bin/:$PATH' > /etc/profile.d/mysql.sh
. /etc/profile.d/mysql.sh
ln -s /usr/local/mysql/bin/* /usr/bin/
cat > /etc/my.cnf <<-EOF
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
EOF
mysqld --initialize --user=mysql --datadir=/data/mysql
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld on
service mysqld start
sleep 3
[ $? -ne 0 ] && { $COLOR"数据库启动失败,退出!"$END;exit; }
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
action "数据库安装完成"
}
check
install_mysql
[root@centos7 src]# bash install_mysql5.7or8.0_for_centos.sh
开始安装MySQL数据库...
创建mysql用户 [ 确定 ]
Starting MySQL. [ 确定 ]
数据库安装完成 [ 确定 ]
1.2 创建wordpress数据库和用户并授权
[root@centos7 src]# mysql -uroot -pmagedu
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.29-log MySQL Community Server (GPL)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
mysql> create user wordpress@'10.0.0.%' identified by '123456';
Query OK, 0 rows affected (0.01 sec)
mysql> grant all on wordpress.* to wordpress@'10.0.0.%';
Query OK, 0 rows affected (0.00 sec)
1.3 验证MySQL账户权限
[root@centos8 ~]# mysql -uwordpress -p123456 -h10.0.0.17
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.29-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| wordpress |
+--------------------+
2 rows in set (0.00 sec)
2.部署PHP
在10.0.0.7主机部署php-fpm服务
2.1 编译安装 php
[root@nginx ~]#yum -y install gcc openssl-devel libxml2-devel bzip2-devel libmcrypt-devel sqlite-devel oniguruma-devel
[root@nginx ~]#cd /usr/local/src
[root@nginx src]#wget https://www.php.net/distributions/php-7.4.11.tar.xz
[root@nginx src]#ll -h php-7.4.11.tar.xz
-rw-r--r-- 1 root root 9.9M Sep 29 2020 php-7.4.11.tar.xz
[root@nginx src]#tar xf php-7.4.11.tar.xz
[root@nginx src]#cd php-7.4.11
[root@nginx src]#mkdir /apps/php74 -p
[root@nginx php-7.4.11]# ./configure \
> --prefix=/apps/php74 \
> --enable-mysqlnd \
> --with-mysqli=mysqlnd \
> --with-pdo-mysql=mysqlnd \
> --with-openssl \
> --with-zlib \
> --with-config-file-path=/etc \
> --with-config-file-scan-dir=/etc/php.d \
> --enable-mbstring \
> --enable-xml \
> --enable-sockets \
> --enable-fpm \
> --enable-maintainer-zts \
> --disable-fileinfo
[root@nginx php-7.4.11]#make -j 2 && make install
2.2准备 php 配置文件
#生成配置文件
[root@nginx php-7.4.11]#cp php.ini-production /etc/php.ini
[root@nginx php-7.4.11]#cd /apps/php74/etc
[root@nginx etc]#cp php-fpm.conf.default php-fpm.conf
[root@nginx etc]#cd php-fpm.d/
[root@nginx php-fpm.d]#cp www.conf.default www.conf
[root@nginx php-fpm.d]#vim www.conf
[root@nginx php-fpm.d]#grep '^[^;]' www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000 #监听地址及IP
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /pm_status
ping.path = /ping
access.log = log/$pool.access.log
slowlog = log/$pool.log.slow #慢日志路径
#创建用户
[root@nginx php-fpm.d]#useradd -r -s /sbin/nologin www
#创建访问日志文件路径
[root@nginx php-fpm.d]#mkdir /apps/php74/log
2.3启动并验证 php-fpm 服务
[root@nginx ~]#/apps/php74/sbin/php-fpm -t
[root@nginx ~]#cp /usr/local/src/php-7.4.11/sapi/fpm/php-fpm.service /usr/lib/systemd/system/
[root@nginx ~]#systemctl daemon-reload
[root@nginx ~]#systemctl enable --now php-fpm
[root@nginx ~]#ss -ntlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:9000 *:*users:(("php-fpm",pid=112880,fd=9),("php-fpm",pid=112879,fd=9),("php-fpm",pid=112878,fd=7))
LISTEN 0 128 *:80 *:*users:(("nginx",pid=2134,fd=6),("nginx",pid=1305,fd=6))
LISTEN 0 128 *:22 *:*users:(("sshd",pid=1293,fd=3))
LISTEN 0 100 127.0.0.1:25 *:*users:(("master",pid=1391,fd=13))
LISTEN 0 128 [::]:22 [::]:*users:(("sshd",pid=1293,fd=4))
LISTEN 0 100 [::1]:25 [::]:*users:(("master",pid=1391,fd=14))
[root@nginx ~]#pstree -p |grep php
|-php-fpm(112878)-+-php-fpm(112879)
| `-php-fpm(112880)
[root@nginx ~]#ps -ef |grep php
root 112878 1 0 22:32 ? 00:00:00 php-fpm: master process (/apps/php74/etc/php-fpm.conf)
www 112879 112878 0 22:32 ? 00:00:00 php-fpm: pool www
www 112880 112878 0 22:32 ? 00:00:00 php-fpm: pool www
root 112896 3200 0 22:37 pts/0 00:00:00 grep --color=auto php
3.部署 Nginx
3.1 编译安装 nginx
[root@centos7 src]# cd ~
[root@centos7 ~]# yum -y install gcc pcre-devel openssl-devel zlib-devel
[root@centos7 src]#wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@centos7 src]# tar xf nginx-1.18.0.tar.gz
[root@centos7 src]# cd nginx-1.18.0
[root@centos7 nginx-1.18.0]#./configure --prefix=/apps/nginx \
--user=www \
--group=www \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-pcre \
--with-stream \
--with-stream_ssl_module \
--with-stream_realip_module
[root@centos7 nginx-1.18.0]#make -j 4 && make install
3.2 准备服务文件并启动 nginx
[root@centos7 nginx-1.18.0]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/apps/nginx/run/nginx.pid
ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
[Install]
WantedBy=multi-user.target
#创建目录
[root@centos7 nginx-1.18.0]# mkdir /apps/nginx/run/
#修改配置文件
[root@centos7 nginx-1.18.0]# vim /apps/nginx/conf/nginx.conf
pid /apps/nginx/run/nginx.pid;
[root@centos7 nginx-1.18.0]# systemctl daemon-reload
[root@centos7 nginx-1.18.0]# systemctl enable --now nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@centos7 nginx-1.18.0]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:22 [::]:*
3.3 配置 Nginx 支持 fastcgi
[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
[root@centos7 ~]#grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes 1;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.magedu.org; #指定主机名
location / {
root /data/nginx/wordpress; #指定数据目录
index index.php index.html index.htm; #指定默认主页
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ { #实现php-fpm
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/(ping|pm_status)$ { #实现状态页
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
}
}
[root@centos7 ~]# /apps/nginx/sbin/nginx -t
nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
[root@centos7 ~]# /apps/nginx/sbin/nginx -s reload
3.4 准备 php 测试页
[root@nginx ~]#mkdir -p /data/nginx/wordpress
[root@nginx ~]#vim /data/nginx/wordpress/test.php
<?php
phpinfo();
?>
3.5 验证 php 测试页
浏览器:www.magedu.org/ping
www.magedu.org/pm_status
www.magedu.org/test.php
4.部署WordPress
在10.0.0.7主机部署WordPress
4.1 准备 WordPress 文件
[root@centos7 ~]# tar xf wordpress-5.9.2-zh_CN.tar.gz
[root@centos7 ~]# cp -r wordpress/* /data/nginx/wordpress
[root@centos7 ~]# chown -R www.www /data/nginx/wordpress/
4.2 初始化web页面
浏览器:http://www.hkping.com
4.3 登录后台管理界面并发表文章
4.4 验证发表的文章
4.5 配置允许上传大文件
#注意:默认只支持1M以下文件上传,要利用php程序上传大图片,还需要修改下面三项配置,最大上传由三项值
的最小值决定
#直接上传大于1M文件,会出现下面413错误
#nginx上传文件大小限制
[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
server {
client_max_body_size 10m; #默认值为1M
.....
#php上传文件大小限制
[root@centos7 ~]#vim /etc/php.ini
post_max_size = 30M #默认值为8M
upload_max_filesize = 20M #默认值为2M
[root@centos7 ~]#systemctl restart nginx php-fpm
4.6 安全加固
[root@centos7 ~]#vim /apps/nginx/conf/nginx.conf
[root@centos7 ~]#grep -Ev '#|^$' /apps/nginx/conf/nginx.conf
worker_processes 1;
pid /apps/nginx/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.hkping.com;
server_tokens off; #是否在响应报文的Server首部显示nginx版本
client_max_body_size 10M;
location / {
root /data/nginx/wordpress;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root /data/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_hide_header X-Powered-By; #隐藏响应头指定信息
}
location ~ ^/(ping|pm_status)$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
}
}
}
[root@centos7 ~]# nginx -t
nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
[root@centos7 ~]# nginx -s reload
4.7 配置 php 开启 opcache 加速
在10.0.0.7主机进行以下修改配置
#编辑php.ini配置文件
[root@centos7 ~]#vim /etc/php.ini
[opcache]
; Determines if Zend OPCache is enabled
zend_extension=opcache.so
opcache.enable=1
.....
[root@centos7 ~]#systemctl restart php-fpm
#浏览器访问测试页确认开启opcache加速
5.PHP 扩展session模块支持redis
5.1 编译安装PHP redis
在10.0.0.7主机进行以下编译安装
[root@centos7 ~]#cd /usr/local/src
[root@centos7 src]#ls
[root@centos7 src]#wget http://pecl.php.net/get/redis-5.3.1.tgz
[root@centos7 src]#tar xf redis-5.3.1.tgz
[root@centos7 src]#cd redis-5.3.1/
[root@centos7 redis-5.3.1]# ls
arrays.markdown CREDITS redis_array_impl.c redis_session.c
cluster_library.c INSTALL.markdown redis_array_impl.h redis_session.h
cluster_library.h liblzf redis.c sentinel_library.c
cluster.markdown library.c redis_cluster.c sentinel_library.h
common.h library.h redis_cluster.h sentinel.markdown
config.m4 php_redis.h redis_commands.c tests
config.w32 README.markdown redis_commands.h
COPYING redis_array.c redis_sentinel.c
crc16.h redis_array.h redis_sentinel.h
#如果是yum安装php,需要执行yum -y install php-cli php-devel
#以下为编译安装php的对应方式
[root@centos7 redis-5.3.1]#/apps/php74/bin/phpize
Configuring for:
PHP Api Version: 20190902
Zend Module Api No: 20190902
Zend Extension Api No: 320190902
Cannot find autoconf. Please check your autoconf installation and the #报错提示
$PHP_AUTOCONF environment variable. Then, rerun this script.
[root@centos7 redis-5.3.1]#yum -y install autoconf
#重新执行成功
[root@centos7 redis-5.3.1]#/apps/php74/bin/phpize
Configuring for:
PHP Api Version: 20190902
Zend Module Api No: 20190902
Zend Extension Api No: 320190902
#查看生成configure脚本
[root@centos7 redis-5.3.1]#ls
arrays.markdown common.h COPYING library.h
redis_array_impl.h redis_sentinel.c sentinel_library.h
autom4te.cache config.h.in crc16.h php_redis.h redis.c
redis_sentinel.h sentinel.markdown
build config.m4 CREDITS README.markdown
redis_cluster.c redis_session.c tests
cluster_library.c configure INSTALL.markdown redis_array.c
redis_cluster.h redis_session.h
cluster_library.h configure.ac liblzf redis_array.h
redis_commands.c run-tests.php
cluster.markdown config.w32 library.c redis_array_impl.c
redis_commands.h sentinel_library.c
#yum安装php,无需指定--with-php-config
[root@centos7 redis-5.3.1]#./configure --with-php-config=/apps/php74/bin/php-config
[root@centos7 redis-5.3.1]#make -j 8 && make install
.....
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Build complete.
Don't forget to run 'make test'.
Installing shared extensions: /apps/php74/lib/php/extensions/no-debug-zts-20190902/
#验证redis模块
#yum安装php,模块文件默认存放在 /usr/lib64/php/modules/redis.so
[root@centos7 redis-5.3.1]#ll /apps/php74/lib/php/extensions/no-debug-zts-20190902/
total 9584
-rwxr-xr-x 1 root root 4647668 Oct 22 10:44 opcache.a
-rwxr-xr-x 1 root root 2509416 Oct 22 10:44 opcache.so
-rwxr-xr-x 1 root root 2651320 Oct 22 12:10 redis.so
5.2 编辑php配置文件支持redis
#编辑php.ini配置文件,扩展redis.so模块
[root@centos7 ~]#vim /etc/php.ini
.....
#extension=/apps/php74/lib/php/extensions/no-debug-zts-20190902/redis.so
extension=redis.so #文件最后一行添加此行,路径可省略
[root@centos7 ~]#systemctl restart php-fpm
5.3 验证加载 redis 模块
#访问测试页确认redis模块开启
浏览器访问:http://www.hkping.com/test.php
5.4 安装和配置 redis 服务
在10.0.0.17主机进行安装redis 服务
#在10.0.0.17主机安装redis服务
[root@centos7 ~]#yum install epel-release
[root@centos7 ~]#yum -y install redis
[root@centos7 ~]#vim /etc/redis.conf
bind 0.0.0.0
requirepass 123456
[root@centos7 ~]#systemctl enable --now redis
[root@centos7 ~]#ss -tnl
State Recv-Q Send-Q Local Address:Port
Peer Address:Port
LISTEN 0 128 *:22
*:*
LISTEN 0 100 127.0.0.1:25
*:*
LISTEN 0 128 *:6379
*:*
LISTEN 0 128 [::]:22
[::]:*
LISTEN 0 100 [::1]:25
[::]:*
LISTEN 0 70 [::]:33060
[::]:*
LISTEN 0 128 [::]:3306
5.5 配置 php 支持 redis 保存 session
在10.0.0.7 主机进行以下配置
#在10.0.0.7主机配置php的session保存在redis服务
[root@centos7 ~]#vim /etc/php.ini
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = redis
session.save_path = "tcp://10.0.0.17:6379?auth=123456"
[root@centos7 ~]#systemctl restart php-fpm
5.6 准备 php实现 session 的测试页面
在10.0.0.7主机进行准备相关文件
[root@centos7 ~]#cat /data/nginx/wordpress/session.php
<?php
session_start();
//redis用session_id作为key 并且是以string的形式存储
$redisKey = 'PHPREDIS_SESSION:' . session_id();
// SESSION 赋值测试
$_SESSION['message'] = "Hello, I'm in redis";
$_SESSION['arr'] = [1, 2, 3, 4, 5, 6];
echo $_SESSION["message"] , "<br/>";
echo "Redis key = " . $redisKey . "<br/>";
echo "以下是从Redis获取的数据", "<br/>";
// 取数据'
$redis = new Redis();
$redis->connect('10.0.0.17', 6379);
$redis->auth('123456');
echo $redis->get($redisKey);
?>
5.7 访问 web 页面测试实现session保存在redis服务
浏览器访问:http://www.hkping.com/session.php
5.8 redis 主机验证 session 数据
在10.0.0.17主机进行验证
[root@centos7 ~]# redis-cli -h 10.0.0.17 -a 123456
10.0.0.17:6379> keys *
1) "PHPREDIS_SESSION:7gul0mrne9gk41fjbdqggja86q"
10.0.0.17:6379> get PHPREDIS_SESSION:7gul0mrne9gk41fjbdqggja86q
"message|s:19:\"Hello, I'm in redis\";arr|a:6:{i:0;i:1;i:1;i:2;i:2;i:3;i:3;i:4;i:4;i:5;i:5;i:6;}"