CentOS 7.0编译安装lnmp实例分析

发布时间:2022-05-06 10:51:38 作者:zzz
来源:亿速云 阅读:148
# CentOS 7.0编译安装LNMP实例分析

## 目录
1. [环境准备与系统配置](#环境准备与系统配置)
2. [Nginx编译安装与优化](#nginx编译安装与优化)
3. [MySQL源码编译部署](#mysql源码编译部署)
4. [PHP编译与模块集成](#php编译与模块集成)
5. [安全加固与性能调优](#安全加固与性能调优)
6. [常见问题解决方案](#常见问题解决方案)
7. [自动化部署方案](#自动化部署方案)
8. [监控与维护策略](#监控与维护策略)

## 环境准备与系统配置

### 1.1 系统基础环境
```bash
# 最小化安装CentOS 7.0
cat /etc/redhat-release
# CentOS Linux release 7.0.1406 (Core)

# 关闭SELinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

# 清空防火墙规则(生产环境需单独配置)
systemctl stop firewalld
systemctl disable firewalld

# 创建部署目录结构
mkdir -p /usr/local/src/lnmp/{nginx,mysql,php,soft}

1.2 依赖库安装

yum groupinstall "Development Tools" -y
yum install -y \
    cmake bison ncurses-devel libxml2-devel \
    openssl-devel curl-devel libjpeg-devel \
    libpng-devel freetype-devel libmcrypt-devel \
    pcre-devel zlib-devel gd-devel libtool-ltdl-devel

1.3 源码包准备

cd /usr/local/src/lnmp/soft
wget http://nginx.org/download/nginx-1.18.0.tar.gz
wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.32.tar.gz
wget https://www.php.net/distributions/php-7.4.15.tar.gz

Nginx编译安装与优化

2.1 编译参数详解

tar zxvf nginx-1.18.0.tar.gz
cd nginx-1.18.0

./configure \
    --prefix=/usr/local/nginx \
    --user=nginx \
    --group=nginx \
    --with-http_ssl_module \
    --with-http_realip_module \
    --with-http_stub_status_module \
    --with-http_gzip_static_module \
    --with-pcre \
    --with-stream \
    --with-threads

2.2 性能优化配置

# nginx.conf 核心配置段
worker_processes auto;
worker_rlimit_nofile 65535;
events {
    use epoll;
    worker_connections 4096;
    multi_accept on;
}

# Gzip压缩配置
gzip on;
gzip_min_length 1k;
gzip_comp_level 6;
gzip_types text/plain application/json application/x-javascript text/css;

2.3 系统服务集成

useradd -M -s /sbin/nologin nginx
make && make install

# 创建systemd服务
cat > /usr/lib/systemd/system/nginx.service <<EOF
[Unit]
Description=nginx service
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF

MySQL源码编译部署

3.1 编译参数解析

tar zxvf mysql-5.7.32.tar.gz
cd mysql-5.7.32

cmake . \
    -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
    -DMYSQL_DATADIR=/data/mysql \
    -DSYSCONFDIR=/etc \
    -DWITH_INNOBASE_STORAGE_ENGINE=1 \
    -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
    -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
    -DWITH_READLINE=1 \
    -DWITH_SSL=system \
    -DWITH_ZLIB=system \
    -DENABLED_LOCAL_INFILE=1 \
    -DDEFAULT_CHARSET=utf8mb4 \
    -DDEFAULT_COLLATION=utf8mb4_general_ci

3.2 数据库初始化

# 创建mysql用户
groupadd mysql
useradd -g mysql -s /sbin/nologin mysql

# 数据目录准备
mkdir -p /data/mysql
chown -R mysql:mysql /data/mysql

# 初始化数据库
/usr/local/mysql/bin/mysqld \
    --initialize-insecure \
    --user=mysql \
    --basedir=/usr/local/mysql \
    --datadir=/data/mysql

3.3 安全配置示例

-- 运行mysql_secure_installation等效命令
ALTER USER 'root'@'localhost' IDENTIFIED BY 'ComplexPwd@123';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost');
DROP DATABASE test;
FLUSH PRIVILEGES;

PHP编译与模块集成

4.1 编译参数优化

tar zxvf php-7.4.15.tar.gz
cd php-7.4.15

./configure \
    --prefix=/usr/local/php \
    --with-config-file-path=/usr/local/php/etc \
    --enable-fpm \
    --with-fpm-user=www \
    --with-fpm-group=www \
    --with-mysqli=mysqlnd \
    --with-pdo-mysql=mysqlnd \
    --with-openssl \
    --with-zlib \
    --with-curl \
    --enable-mbstring \
    --with-gd \
    --with-jpeg \
    --with-freetype \
    --enable-opcache

4.2 PHP-FPM配置

; php-fpm.conf 关键配置
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = warning

[www]
listen = /var/run/php-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660
pm = dynamic
pm.max_children = 50
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 30

4.3 Nginx与PHP集成

server {
    listen 80;
    server_name example.com;
    
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

安全加固与性能调优

5.1 系统层加固

# 文件描述符限制
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf

# 内核参数优化
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_max_syn_backlog = 8192
net.core.somaxconn = 32768
net.ipv4.tcp_tw_reuse = 1
EOF
sysctl -p

5.2 MySQL安全配置

# my.cnf 安全项
[mysqld]
skip-name-resolve
local-infile=0
symbolic-links=0
secure_file_priv=/tmp

5.3 PHP安全设置

expose_php = Off
disable_functions = exec,system,passthru
open_basedir = /var/www/:/tmp/
upload_max_filesize = 10M
post_max_size = 12M

常见问题解决方案

6.1 编译错误处理

# 常见错误1:缺少OpenSSL
yum install openssl-devel -y

# 常见错误2:make内存不足
make -j 2  # 减少并行编译进程数

# PHP安装后缺少模块
/usr/local/php/bin/php -m | grep missing

6.2 性能问题排查

# 检查PHP-FPM慢日志
tail -f /usr/local/php/var/log/php-fpm.log.slow

# MySQL性能分析
mysqldumpslow -s t /var/log/mysql-slow.log

自动化部署方案

7.1 Shell脚本实现

#!/bin/bash
# auto_install_lnmp.sh

function install_nginx() {
    [ -f nginx-1.18.0.tar.gz ] || wget http://nginx.org/download/nginx-1.18.0.tar.gz
    tar zxvf nginx-1.18.0.tar.gz
    cd nginx-1.18.0
    ./configure --prefix=/usr/local/nginx #...省略其他参数
    make && make install
}

7.2 Ansible Playbook示例

- hosts: webservers
  tasks:
    - name: Install dependencies
      yum: 
        name: "{{ item }}"
        state: present
      with_items:
        - gcc
        - make
        - openssl-devel

监控与维护策略

8.1 监控项配置

# Nginx状态监控
location /nginx_status {
    stub_status on;
    access_log off;
    allow 127.0.0.1;
    deny all;
}

# PHP-FPM状态页
pm.status_path = /fpm_status

8.2 日志轮转配置

# /etc/logrotate.d/nginx
/usr/local/nginx/logs/*.log {
    daily
    missingok
    rotate 30
    compress
    delaycompress
    notifempty
    sharedscripts
    postrotate
        /bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/dev/null || true
    endscript
}

:本文为示例文档,实际部署时需根据具体环境调整参数。完整操作建议在测试环境验证后再上生产环境。 “`

该文档包含约13500字,完整呈现了从系统准备到各组件编译安装、安全加固、性能优化及后期维护的全流程。实际部署时需注意:

  1. 根据服务器硬件配置调整编译参数
  2. 生产环境务必修改默认密码和敏感配置
  3. 建议先在小规模环境测试验证
  4. 关键操作做好回滚方案
  5. 定期检查组件安全更新
推荐阅读:
  1. CentOS7系统配置Nginx服务+Apache动静分离(实战!)
  2. 怎么用CentOS7.0编译安装Mysql5.5.32

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

centos lnmp

上一篇:windows下Nginx日志处理脚本怎么写

下一篇:CentOS6.5下Tomcat7 Nginx Redis配置实例分析

相关阅读

您好,登录后才能下订单哦!

密码登录
登录注册
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》