标签:账号注册 特性 man smo 快捷 防火墙设置 apache服务 data 移除
Nginx+Apache动静分离部署? 之前在讲解基于LNMP架构的Discuz论坛搭建(原文链接:https://blog.51cto.com/14557673/2461480)的时候对动静分离有所提及,这边简述一下核心原因:
? 根据Nginx服务的特性,其擅长处理静态网站(图片文字视频等文件)访问资源,而Apache擅长动态处理(例如:账号注册的交互)。
? 因此我们可以结合这两个服务特点与优势,部署实现网站服务的动静分离。
? 实验环境:两台Centos7虚拟机,一台为LAMP架构,另一台为nginx服务
? 首先我们需要搭建LAMP架构,这次我们使用yum直接进行搭建LAMP,具体步骤如下:
===================LAMP简易版搭建==================
1.安装httpd
yum install -y httpd httpd-devel
systemctl start httpd.service
[root@lamp ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.68.144 netmask 255.255.255.0 broadcast 192.168.68.255
inet6 fe80::7330:498c:44ce:c5f7 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:cc:52:c8 txqueuelen 1000 (Ethernet)
RX packets 659954 bytes 964992071 (920.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 339462 bytes 20930426 (19.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@lamp ~]# yum install -y httpd httpd-devel
[root@lamp ~]# systemctl start httpd.service
[root@lamp ~]# netstat -antp | grep httpd
tcp6 0 0 :::80 :::* LISTEN 57584/httpd
2.防火墙设置(也可以直接关闭)
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
[root@lamp ~]# firewall-cmd --permanent --zone=public --add-service=http
success
[root@lamp ~]# firewall-cmd --permanent --zone=public --add-service=https
success
[root@lamp ~]# firewall-cmd --reload
success
3.安装mariadb 数据库
yum install mariadb mariadb-server mariadb-libs mariadb-devel -y
mariadb 快速简单轻量的快捷数据库
[root@lamp ~]# yum install mariadb mariadb-server mariadb-libs mariadb-devel -y
4.启动服务
systemctl start mariadb
[root@lamp ~]# systemctl start mariadb.service
[root@lamp ~]# netstat -antp | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 67480/mysqld
5.执行mysql安全配置向导命令
mysql_secure_installation
[root@lamp ~]# mysql_secure_installation //需要交互
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we‘ll need the current
password for the root user. If you‘ve just installed MariaDB, and
you haven‘t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): //没有密码。直接回车
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y //设置root密码自己输入
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] n //选择是否移除匿名用户,自己选择
... skipping.
Normally, root should only be allowed to connect from ‘localhost‘. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n //是否不允许root远程登录
... skipping.
By default, MariaDB comes with a database named ‘test‘ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] n //是否移除测试数据库
... skipping.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y //重载刷新
... Success!
Cleaning up...
All done! If you‘ve completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
6.安装PHP
yum -y install php
[root@lamp ~]# yum -y install php
7.安装PHP与mysql关联包
yum install php-mysql -y
[root@lamp ~]# yum install php-mysql -y
8.安装php插件
yum install -y php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap
[root@lamp ~]# yum install -y php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap
9.创建PHP网页内容
cd /var/www/html
vim index.php
<?php
phpinfo();
?>
[root@lamp html]# cd /var/www/html/
[root@lamp html]# vim index.php
[root@lamp html]# cat index.php
<?php
phpinfo();
?>
10.重启httpd服务
systemctl restart httpd
[root@lamp html]# systemctl restart httpd.service
[root@lamp ~]# netstat -antp | grep httpd
tcp6 0 0 :::80 :::* LISTEN 57584/httpd
11.测试架构是否搭建成功
=====================nginx服务器配置============================
手工编译安装Nginx服务
1.安装环境包
yum -y install gcc gcc-c++ pcre-devel zlib-devel
[root@nginx ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.68.136 netmask 255.255.255.0 broadcast 192.168.68.255
inet6 fe80::f14b:5f19:2889:b137 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:f3:5e:0b txqueuelen 1000 (Ethernet)
RX packets 69672 bytes 100983394 (96.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34582 bytes 2297096 (2.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@nginx ~]# yum -y install gcc gcc-c++ pcre-devel zlib-devel
2.解压缩软件包
tar zxf nginx-1.12.2 tar.gz -C /opt/
[root@nginx LNMP-C7]# tar zxf nginx-1.12.2.tar.gz -C /opt/
[root@nginx LNMP-C7]# cd /opt/nginx-1.12.2/
[root@nginx nginx-1.12.2]# ls
auto CHANGES.ru configure html man src
CHANGES conf contrib LICENSE README
3.创建家目录但不创建家目录
useradd -M -s /sbin/nologin nginx
[root@nginx nginx-1.12.2]# useradd -M -s /sbin/nologin nginx
4.配置相关参数
cd /opt/nginx-1.12.0
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
[root@nginx nginx-1.12.2]# ./configure > --prefix=/usr/local/nginx > --user=nginx > --group=nginx > --with-http_stub_status_module
5.编译安装
make &&make install
[root@nginx nginx-1.12.2]# make && make install
6.创建软链接
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@nginx nginx-1.12.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
7.配置文件设置
vim /usr/local/nginx/conf/nginx.conf
location ~ .php$ {
proxy_pass http://192.168.68.144;
}
[root@nginx nginx-1.12.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@nginx nginx-1.12.2]# vim /usr/local/nginx/conf/nginx.conf
[root@nginx nginx-1.12.2]# sed -n ‘59,61p‘ /usr/local/nginx/conf/nginx.conf
location ~ \.php$ {
proxy_pass http://192.168.68.144;
}
8.开启nginx服务
nginx
[root@nginx nginx-1.12.2]# nginx
[root@nginx nginx-1.12.2]# netstat -antp | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 81215/nginx: master
9.关闭防火墙
systemctl stop firewalld
setenforce 0
[root@nginx nginx-1.12.2]# systemctl stop firewalld.service
[root@nginx nginx-1.12.2]# setenforce 1
10.测试验证是否通过nginx服务器访问php网页
标签:账号注册 特性 man smo 快捷 防火墙设置 apache服务 data 移除
原文地址:https://blog.51cto.com/14557673/2461718