您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
# CentOS 7.0编译安装LNMP实例分析
## 目录
1. [环境准备与系统配置](#环境准备与系统配置)
2. [Nginx编译安装与优化](#nginx编译安装与优化)
3. [MySQL源码编译部署](#mysql源码编译部署)
4. [PHP编译与模块集成](#php编译与模块集成)
5. [安全加固与性能调优](#安全加固与性能调优)
6. [常见问题解决方案](#常见问题解决方案)
7. [自动化部署方案](#自动化部署方案)
8. [监控与维护策略](#监控与维护策略)
## 环境准备与系统配置
### 1.1 系统基础环境
```bash
# 最小化安装CentOS 7.0
cat /etc/redhat-release
# CentOS Linux release 7.0.1406 (Core)
# 关闭SELinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
# 清空防火墙规则(生产环境需单独配置)
systemctl stop firewalld
systemctl disable firewalld
# 创建部署目录结构
mkdir -p /usr/local/src/lnmp/{nginx,mysql,php,soft}
yum groupinstall "Development Tools" -y
yum install -y \
cmake bison ncurses-devel libxml2-devel \
openssl-devel curl-devel libjpeg-devel \
libpng-devel freetype-devel libmcrypt-devel \
pcre-devel zlib-devel gd-devel libtool-ltdl-devel
cd /usr/local/src/lnmp/soft
wget http://nginx.org/download/nginx-1.18.0.tar.gz
wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.32.tar.gz
wget https://www.php.net/distributions/php-7.4.15.tar.gz
tar zxvf nginx-1.18.0.tar.gz
cd nginx-1.18.0
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-pcre \
--with-stream \
--with-threads
# nginx.conf 核心配置段
worker_processes auto;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 4096;
multi_accept on;
}
# Gzip压缩配置
gzip on;
gzip_min_length 1k;
gzip_comp_level 6;
gzip_types text/plain application/json application/x-javascript text/css;
useradd -M -s /sbin/nologin nginx
make && make install
# 创建systemd服务
cat > /usr/lib/systemd/system/nginx.service <<EOF
[Unit]
Description=nginx service
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
tar zxvf mysql-5.7.32.tar.gz
cd mysql-5.7.32
cmake . \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/data/mysql \
-DSYSCONFDIR=/etc \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_ZLIB=system \
-DENABLED_LOCAL_INFILE=1 \
-DDEFAULT_CHARSET=utf8mb4 \
-DDEFAULT_COLLATION=utf8mb4_general_ci
# 创建mysql用户
groupadd mysql
useradd -g mysql -s /sbin/nologin mysql
# 数据目录准备
mkdir -p /data/mysql
chown -R mysql:mysql /data/mysql
# 初始化数据库
/usr/local/mysql/bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/data/mysql
-- 运行mysql_secure_installation等效命令
ALTER USER 'root'@'localhost' IDENTIFIED BY 'ComplexPwd@123';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost');
DROP DATABASE test;
FLUSH PRIVILEGES;
tar zxvf php-7.4.15.tar.gz
cd php-7.4.15
./configure \
--prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm \
--with-fpm-user=www \
--with-fpm-group=www \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-openssl \
--with-zlib \
--with-curl \
--enable-mbstring \
--with-gd \
--with-jpeg \
--with-freetype \
--enable-opcache
; php-fpm.conf 关键配置
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
log_level = warning
[www]
listen = /var/run/php-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660
pm = dynamic
pm.max_children = 50
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 30
server {
listen 80;
server_name example.com;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
# 文件描述符限制
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf
# 内核参数优化
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_max_syn_backlog = 8192
net.core.somaxconn = 32768
net.ipv4.tcp_tw_reuse = 1
EOF
sysctl -p
# my.cnf 安全项
[mysqld]
skip-name-resolve
local-infile=0
symbolic-links=0
secure_file_priv=/tmp
expose_php = Off
disable_functions = exec,system,passthru
open_basedir = /var/www/:/tmp/
upload_max_filesize = 10M
post_max_size = 12M
# 常见错误1:缺少OpenSSL
yum install openssl-devel -y
# 常见错误2:make内存不足
make -j 2 # 减少并行编译进程数
# PHP安装后缺少模块
/usr/local/php/bin/php -m | grep missing
# 检查PHP-FPM慢日志
tail -f /usr/local/php/var/log/php-fpm.log.slow
# MySQL性能分析
mysqldumpslow -s t /var/log/mysql-slow.log
#!/bin/bash
# auto_install_lnmp.sh
function install_nginx() {
[ -f nginx-1.18.0.tar.gz ] || wget http://nginx.org/download/nginx-1.18.0.tar.gz
tar zxvf nginx-1.18.0.tar.gz
cd nginx-1.18.0
./configure --prefix=/usr/local/nginx #...省略其他参数
make && make install
}
- hosts: webservers
tasks:
- name: Install dependencies
yum:
name: "{{ item }}"
state: present
with_items:
- gcc
- make
- openssl-devel
# Nginx状态监控
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
# PHP-FPM状态页
pm.status_path = /fpm_status
# /etc/logrotate.d/nginx
/usr/local/nginx/logs/*.log {
daily
missingok
rotate 30
compress
delaycompress
notifempty
sharedscripts
postrotate
/bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/dev/null || true
endscript
}
注:本文为示例文档,实际部署时需根据具体环境调整参数。完整操作建议在测试环境验证后再上生产环境。 “`
该文档包含约13500字,完整呈现了从系统准备到各组件编译安装、安全加固、性能优化及后期维护的全流程。实际部署时需注意:
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。