安装LINUX
1. 导航界面 【回车】
2. 是否将CD数据拷贝到磁盘上安装 【跳过】
3. LINUX安装界面 【下一步】
4. 选择语言 【英文】
5. 键盘 【美国标准键盘】
6. 选择类型 【自定义】
7. 磁盘分配 【自动分区】
8. 自动分区 【删除所有分区】
9. 引导装载 【下一步】
10. 网络配置 【DHCP】
11. 选择系统默认语言 【英文】
12. 选择时区 【北京】
13. 设置管理员密码 【321321】
14. 选择安装包 LINUX开发工具,系统配置工具
15. 开始安装
网络配置
Netconfig 图形界面设置网络,重启network后生效。
网络服务启动脚本
/etc/init.d/network 从新启动才能生效
扩展:# /etc/rc.d/init.d/network start 启动network
# /etc/rc.d/init.d/network stop 停止network
# /etc/rc.d/init.d/network restart 重启network
# ifconfig eth0 down 停止eth0接口
# ifconfig eth0 up 开启eth0接口
Ifdown 网络接口名称 停止某个网络接口。
Ifup 网络接口名称 开启某个网络接口。
设置Ip
netcofnig
/etc/rc.d/init.d/network start
ifconfig eth0 up
设置防火墙
vi /etc/sysconfig/iptables
重启防火墙
/etc/init.d/iptables restart
查看防火墙
/etc/init.d/iptables status
创建目录
Mkdir /home/soft/
wget http://memcached.googlecode.com/files/memcached-1.2.7.tar.gz
wget http://apache.etoak.com/httpd/httpd-2.2.11.tar.gz
wget http://www.zlib.net/zlib-1.2.3.tar.gz
wget http://jaist.dl.sourceforge.net/sourceforge/libpng/libpng-1.4.0beta53.tar.gz
wget http://ftp.twaren.net/Unix/NonGNU/freetype/freetype-2.1.10.tar.gz
wget http://ftp.gnu.org/pub/gnu/gettext/gettext-0.17.tar.gz
wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
wget http://cn2.php.net/get/php-5.2.9.tar.gz/from/cn.php.net/mirror
安装Mysql5.0.37
开始安装和编译代码:
groupadd mysql
useradd -g mysql mysql
tar zxvf mysql-5.0.37.tar.gz
cd mysql-5.0.37
./configure --prefix=/usr/local/webserver/mysql
make
make install
scripts/mysql_install_db
chown -R root:mysql /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql/var
chgrp -R mysql /usr/local/webserver/mysql
cp support-files/my-medium.cnf /etc/my.cnf
cp /usr/local/webserver/mysql/share/mysql/mysql.server /usr/local/webserver/mysql/share/mysql/mysqld
chmod a+x /usr/local/webserver/mysql/share/mysql/mysqld
mysqladmin -uroot password "321321"
启动服务方法
/usr/local/webserver/mysql/share/mysql/mysqld start
停止服务方法
/usr/local/webserver/mysql/bin/mysqladmin shutdown
cp /usr/local/webserver/mysql/include/mysql/mysql.h /usr/local/webserver/mysql/
设置成开机自启动
在/etc/rc.d/rc.local文件中加入一行
/usr/local/webserver/mysql/share/mysql/mysqld start
这样每次重新启动系统以后,mysql也会随系统一起启动.
安装Memcache + libevent
tar zxvf libevent-1.4.9-stable.tar.gz
cd libevent-1.4.9-stable
./configure --prefix=/usr/ && make && make install
cd ../
tar zxvf memcached-1.2.7.tar.gz
cd memcached-1.2.7
./configure --prefix=/usr/local/server/memcached --with-libevent=/usr/ && make && make install
/usr/local/server/memcached/bin/memcached -l 192.168.8.1 -d -p 10000 -u nobody -m 128
cd ../
表示用 daemon 的方式启动 memcached,监听在 192.168.8.1 的 10000 端口上,运行用户为 nobody,为其分配128MB 的内存
安装 PHP扩展包
tar zxvf zlib-1.2.3.tar.gz
cd zlib-1.2.3
./configure
make
make install
cd ../
tar zxvf libpng-1.4.0beta53.tar.gz
cd libpng-1.4.0beta53
cd scripts/
mv makefile.linux ../makefile
cd ../
make
make install
cd ../
tar zxvf freetype-2.1.10.tar.gz
cd freetype-2.1.10
./configure
make && make install
cd ../
tar zxvf jpegsrc.v6b.tar.gz
cd jpeg-6b/
./configure --enable-shared
make
make test
mkdir /usr/local/man
mkdir /usr/local/man/man1
make install
cd ../
tar zxvf gettext-0.17.tar.gz
cd gettext-0.17
./configure --prefix=/usr
cp /usr/lib/libattr.* /lib/
make
make install
cd ../
tar zxvf gd-2.0.35.tar.gz
cd gd-2.0.35
./configure --with-png --with-freetype --with-jpeg
make && make install
cp gd.h /usr/
cd ../
tar zxvf libiconv-1.12.tar.gz
cd libiconv-1.12
./configure --prefix=/usr/local/iconv
make
make install
cd ../
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../
tar zxvf mhash-0.9.9.tar.gz
cd mhash-0.9.9
./configure
make
make install
cd ../
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../
安装PHP
tar zxvf php-5.2.9.tar.gz
gzip -cd php-5.2.8-fpm-0.5.10.diff.gz | patch -d php-5.2.9 -p1
cd php-5.2.9
./configure --prefix=/usr/local/webserver/php --with-mysql=/usr/local/webserver/mysql --with-freetype --with-png --with-gd --with-jpeg --with-zlib --enable-magic-quotes --with-iconv --without-sqlite --with-mcrypt --with-iconv=/usr/local/iconv --without-pdo-sqlite --with-gettext=/usr --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mhash --enable-pcntl --enable-sockets --with-config-file-path=/usr/local/webserver/php/etc --disable-dom --disable-simplexml --enable-roxen-zts
make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
编译安装PHP5扩展模块
tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../
配置eAccelerator加速PHP
mkdir -p /usr/local/webserver/eaccelerator_cache
修改PHP.ini
vi /usr/local/webserver/php/etc/php.ini
手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"
修改为extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行后增加以下几行,然后保存:
extension = "memcache.so"
extension = "pdo_mysql.so"
再查找output_buffering = Off
修改为output_buffering = On
按shift+g键跳到配置文件的最末尾,加上以下配置信息:
[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
修改配置文件
vi /etc/sysctl.conf
输入以下内容
kernel.shmmax = 134217728
然后执行以下命令使配置生效
/sbin/sysctl -p
创建www用户和组,虚拟主机使用的目录:
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data0/htdocs/www
chmod +w /data0/htdocs/www
chown -R www:www /data0/htdocs/www
创建php-fpm配置文件(php-fpm是为PHP打的一个FastCGI管理补丁,可以平滑变更php.ini配置而无需重启php-cgi):
在/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件:
rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf
输入以下内容(如果您安装 Nginx + PHP 用于程序调试,请将以下的<value name="display_errors">0</value>改为<value name="display_errors">1</value>,以便显示PHP错误信息,否则,Nginx 会报状态为500的空白错误页):
<?xml version="1.0" ?>
<configuration>
All relative paths in this config are relative to php's install prefix
<section name="global_options">
Pid file
<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>
Error log file
<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>
Log level
<value name="log_level">notice</value>
When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>
Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>
Set to 'no' to debug fpm
<value name="daemonize">yes</value>
</section>
<workers>
<section name="pool">
Name of pool. Used in logs and stats.
<value name="name">default</value>
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
<value name="listen_address">127.0.0.1:9000</value>
<value name="listen_options">
Set listen(2) backlog
<value name="backlog">-1</value>
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
<value name="owner"></value>
<value name="group"></value>
<value name="mode">0666</value>
</value>
Additional php.ini defines, specific to this pool of workers.
<value name="php_defines">
<value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
<value name="display_errors">1</value>
</value>
Unix user of processes
<value name="user">www</value>
Unix group of processes
<value name="group">www</value>
Process manager settings
<value name="pm">
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
<value name="style">static</value>
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
<value name="max_children">128</value>
Settings group for 'apache-like' pm style
<value name="apache_like">
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
<value name="StartServers">20</value>
Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MinSpareServers">5</value>
Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MaxSpareServers">35</value>
</value>
</value>
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
<value name="request_terminate_timeout">0s</value>
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
'0s' means 'off'
<value name="request_slowlog_timeout">0s</value>
The log file for slow requests
<value name="slowlog">logs/slow.log</value>
Set open file desc rlimit
<value name="rlimit_files">51200</value>
Set max core size rlimit
<value name="rlimit_core">0</value>
Chroot to this directory at the start, absolute path
<value name="chroot"></value>
Chdir to this directory at the start, absolute path
<value name="chdir"></value>
Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
<value name="catch_workers_output">yes</value>
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
<value name="max_requests">500</value>
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
<value name="allowed_clients">127.0.0.1</value>
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
<value name="environment">
<value name="HOSTNAME">$HOSTNAME</value>
<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
<value name="TMP">/tmp</value>
<value name="TMPDIR">/tmp</value>
<value name="TEMP">/tmp</value>
<value name="OSTYPE">$OSTYPE</value>
<value name="MACHTYPE">$MACHTYPE</value>
<value name="MALLOC_CHECK_">2</value>
</value>
</section>
</workers>
</configuration>
启动php-cgi进程,监听127.0.0.1的9000端口,进程数为200(如果服务器内存小于3GB,可以只开启64个进程),用户为www
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
安装Nginx 0.7.47
安装Nginx所需的pcre库:
tar zxvf pcre-7.8.tar.gz
cd pcre-7.8/
./configure
make && make install
cd ../
tar zxvf nginx-0.7.47.tar.gz
cd nginx-0.7.47/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --without-http_memcached_module --without-http_map_module --without-http_geo_module --without-http_autoindex_module --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf
输入以下内容
user www www;
worker_processes 8;
error_log /data1/logs/nginx_error.log crit;
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http
{
include mime.types;
default_type application/octet-stream;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
server
{
listen 80;
server_name blog.s135.com;
index index.html index.htm index.php;
root /data0/htdocs/blog;
#limit_conn crawler 20;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/access.log access;
}
server
{
listen 80;
server_name www.s135.com;
index index.html index.htm index.php;
root /data0/htdocs/www;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
log_format wwwlogs '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/wwwlogs.log wwwlogs;
}
}
在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件:
vi /usr/local/webserver/nginx/conf/fcgi.conf
输入以下内容
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
启动Nginx
ulimit -SHn 51200
/usr/local/webserver/nginx/sbin/nginx
配置开机自动启动Nginx + PHP
vi /etc/rc.local
在末尾增加以下内容
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx
优化Linux内核参数
vi /etc/sysctl.conf
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
使配置立即生效
/sbin/sysctl -p
编写每天定时切割Nginx日志的脚本
vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
增写以下内容
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
设置crontab,每天凌晨00:00切割nginx访问日志
crontab -e
输入以下内容
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh