在生产环境下配置LNMP环境

1.安装前的准备工作

(1)保证ntp时间同步，命令如下：

yum -y install vixie-cron

 

我们可以每天ntp对时一次，即编辑/etc/crontab文件，添加代码如下：

*/1****root　/usr/sbin/ntpdate ntp.api.bz >>/dev/null 2>&1

 

让Centos5.5的crond开机即启动，命令如下：

service crond start| chkconfig crond start

 

(2)由于在安装前还需要安装软件库，我在内网配置了一台yum服务器(过程略)，嫌麻烦的朋友可直接采用Centos5.5的源来安装以下软件库，命令如下：

yum-y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2glib2-devel bzip2 bzip2-devel ncurses ncurses-develcurl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers

(3)下载LNMP环境所需要的源码包，如下所示：

mkdir-p/usr/local/src

 

cd/usr/local/src下载架构环境所需的源码包，其文件列表清单list.txt文件如下：

http://blog.s135.com/soft/linux/nginx_php/nginx/nginx-0.8.46.tar.gz
http://blog.s135.com/soft/linux/nginx_php/php/php-5.2.14.tar.gz
http://blog.s135.com/soft/linux/nginx_php/phpfpm/php-5.2.14-fpm-0.5.14.diff.gz
http://blog.s135.com/soft/linux/nginx_php/mysql/mysql-5.5.3-m3.tar.gz
http://blog.s135.com/soft/linux/nginx_php/libiconv/libiconv-1.13.1.tar.gz
http://blog.s135.com/soft/linux/nginx_php/mcrypt/libmcrypt-2.5.8.tar.gz
http://blog.s135.com/soft/linux/nginx_php/mcrypt/mcrypt-2.6.8.tar.gz
http://blog.s135.com/soft/linux/nginx_php/memcache/memcache-2.2.5.tgz
http://blog.s135.com/soft/linux/nginx_php/mhash/mhash-0.9.9.9.tar.gz
http://blog.s135.com/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz
http://blog.s135.com/soft/linux/nginx_php/eaccelerator/eaccelerator-0.9.6.1.tar.bz2
http://blog.s135.com/soft/linux/nginx_php/pdo/PDO_MYSQL-1.0.2.tgz
http://blog.s135.com/soft/linux/nginx_php/imagick/ImageMagick.tar.gz
http://blog.s135.com/soft/linux/nginx_php/imagick/imagick-2.3.0.tgz

 

开始下载，可以用如下命令来实现：

wget　-i　/usr/local/src/list.txt

2.安装php-5.2.14所需要的支持库

以下过程我们可以写一个SHELL脚本，让它全自动完成，免得一个个地手动输入命令，SHELL脚本如下：

 

#!/bin/bash
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/

./configure--prefix=/usr/local
make
make install
cd ../

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure--enable-ltdl-install
make
make install
cd ../../

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln　-s　/usr/local/lib/libmcrypt.la　/usr/lib/libmcrypt.la
ln　-s　/usr/local/lib/libmcrypt.so　/usr/lib/libmcrypt.so
ln　-s　/usr/local/lib/libmcrypt.so.4　/usr/lib/libmcrypt.so.4
ln　-s　/usr/local/lib/libmcrypt.so.4.4.8　/usr/lib/libmcrypt.so.4.4.8
ln　-s　/usr/local/lib/libmhash.a　/usr/lib/libmhash.a
ln　-s　/usr/local/lib/libmhash.la　/usr/lib/libmhash.la
ln　-s　/usr/local/lib/libmhash.so　/usr/lib/libmhash.so
ln　-s　/usr/local/lib/libmhash.so.2　/usr/lib/libmhash.so.2
ln　-s　/usr/local/lib/libmhash.so.2.0.1　/usr/lib/libmhash.so.2.0.1
ln　-s　/usr/local/bin/libmcrypt-config　/usr/bin/libmcrypt-config

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../

 

3.源码编译安装MySQL5.5.3-m3

(1)建立运行MySQL数据库的用户组及用户mysql，完成下面的安装过程，命令如下：

groupadd mysql
useradd-g mysql mysql
tar zxvf mysql-5.5.3-m3.tar.gz
cd mysql-5.5.3-m3/

 

MySQL5.5.3-m3的编译参数如下：

./configure--prefix=/usr/local/webserver/mysql/--enable-assembler--with-extra-charsets=complex--enable-thread-safe-client--with-big-tables--with-readline--with-ssl--with-embedded-server--enable-local-infile--with-plugins=partition,innobase,myisammrg
make && make install

给mysql运行所在的目录以执行权限，将其所有权给予mysql:mysql，命令如下：

chmod +w/usr/local/webserver/mysql
chown-R mysql:mysql/usr/local/webserver/mysql
cd ../

 

(2)创建MySQL数据库存放的目录，这里建立reallog目录用于存放mysql-relay-bin.xxx文件，它可以存放slave端的I/O线程从master端所读取的binary log信息，然后由slave端的SQL线程从该relay log中读取并解析相应的日志信息，转化成master所执行的query语句，接着在slave端应用，/data/mysql/3306/data用于存放MySQL数据，/data/mysql/3306/binlog用于此MySQL运行时所产生的二进制文件，如下所示：

mkdir　-p　/data/mysql/3306/data/
mkdir　-p　/data/mysql/3306/binlog/
mkdir　-p　/data/mysql/3306/relaylog/
chown　-R　mysql:mysql/data/mysql/

 

(3)以mysql用户账号的身份建立数据表，命令如下：

/usr/local/webserver/mysql/bin/mysql_install_db

--basedir=/usr/local/webserver/mysql

--datadir=/data/mysql/3306/data--user=mysql

 

成功后应该有如下显示：

/usr/local/webserver/mysql/bin/mysqladmin-u root password 'new-password'
/usr/local/webserver/mysql/bin/mysqladmin-u root-h server.cn7788.com password 'new-password'
Alternatively you can run:
/usr/local/webserver/mysql/bin/mysql_secure_installation
which will also give you the option of removing the test
databases and anonymous user created by default.　This is
strongly recommended for production servers.
See the manual for more instructions.
You can start the MySQL daemon with:
cd/usr/local/webserver/mysql ;/usr/local/webserver/mysql/bin/mysqld_safe &
You can test the MySQL daemon with mysql-test-run.pl
cd/usr/local/webserver/mysql/mysql-test ; perl mysql-test-run.pl
Please report any problems with the/usr/local/webserver/mysql/scripts/mysqlbug script!

(4)创建my.cnf配置文件，我将其放在/data/mysql/3306下，即/data/mysql/3306文件。文件内容如下所示：

［client］

character-set-server = utf8

port = 3306

socket = /tmp/mysql.sock

［mysqld］

character-set-server = utf8

replicate-ignore-db = mysql

replicate-ignore-db = test

replicate-ignore-db = information_schema

user = mysql

port = 3306

socket =/tmp/mysql.sock

basedir =/usr/local/webserver/mysql

datadir =/data/mysql/3306/data

log-error =/data/mysql/3306/mysql_error.log

pid-file =/data/mysql/3306/mysql.pid
open_files_limit= 10240

back_log = 600

max_connections = 5000

max_connect_errors = 6000

table_cache = 614

external-locking = FALSE

max_allowed_packet = 32M

sort_buffer_size = 1M

join_buffer_size = 1M

thread_cache_size = 300

#thread_concurrency = 8

query_cache_size = 512M

query_cache_limit = 2M

query_cache_min_res_unit = 2k

default-storage-engine = MyISAM

thread_stack = 192K

transaction_isolation = READ-COMMITTED

tmp_table_size = 246M

max_heap_table_size = 246M

long_query_time = 3
log-slave-updates

log-bin =/data/mysql/3306/binlog/binlog

binlog_cache_size = 4M

binlog_format = MIXED

max_binlog_cache_size = 8M

max_binlog_size = 1G

relay-log-index =/data/mysql/3306/relaylog/relaylog

relay-log-info-file =/data/mysql/3306/relaylog/relaylog

relay-log =/data/mysql/3306/relaylog/relaylog

expire_logs_days = 30

key_buffer_size = 256M

read_buffer_size = 1M

read_rnd_buffer_size = 16M

bulk_insert_buffer_size = 64M

myisam_sort_buffer_size = 128M

myisam_max_sort_file_size = 10G

myisam_repair_threads = 1
myisam_recover


interactive_timeout = 120

wait_timeout = 120

skip-name-resolve

slave-skip-errors = 1032,1062,126,1114,1146,1048,1396


server-id = 1


innodb_additional_mem_pool_size = 16M

innodb_buffer_pool_size = 512M

innodb_data_file_path = ibdata1:256M:autoextend

innodb_file_io_threads = 4

innodb_thread_concurrency = 8

innodb_flush_log_at_trx_commit = 2

innodb_log_buffer_size = 16M

innodb_log_file_size = 128M

innodb_log_files_in_group = 3

innodb_max_dirty_pages_pct = 90

innodb_lock_wait_timeout = 120

innodb_file_per_table = 0


log-slow-queries =/data/mysql/3306/slow.log

long_query_time = 10

［mysqldump］
quick

max_allowed_packet = 32M

(5)用命令启动MySQL数据库，无论是内部开发环境还是生产环境，我们的MySQL数据库启动后就不会关闭了，没有特殊情况也不会重启。所以也可以将以下启动MySQL的命令置于/etc/rc.local文件内，命令如下：

/usr/local/webserver/mysql/bin/mysqld_safe

--defaults-file=/data/mysql/3306/my.cnf

 

 

这样我们只要重启服务器，就可以启动MySQL数据库了。我们还可以用命令验证，命令如下：

lsof-i:3306
COMMAND　PID　USER　FD　TYPE DEVICE SIZE NODE NAME
mysqld　18286 mysql　14u　IPv6　92763　TCP*:mysql (LISTEN)

4.编译安装php-5.2.14

我们进入/usr/local/src目录后，就可以编译安装php-5.2.14，如下所示：

tar zxvf php-5.2.14.tar.gz
gzip-cd php-5.2.14-fpm-0.5.14.diff.gz| patch-d php-5.2.14-p1

 

不打这个补丁的话，会产生无sbin目录的错误。cd php-5.2.14/php-5.2.14的编译参数如下：

./configure--prefix=/usr/local/webserver/php

--with-config-file-path=/usr/local/webserver/php/etc

--with-mysql=/usr/local/webserver/mysql

--with-mysqli=/usr/local/webserver/mysql/bin/mysql_config

--with-iconv-dir=/usr/local--with-freetype-dir

--with-jpeg-dir--with-png-dir--with-zlib--with-libxml-dir=/usr--enable-xml
--disable-rpath--enable-discard-path--enable-safe-mode
--enable-bcmath--enable-shmop--enable-sysvsem
--enable-inline-optimization--with-curl--with-curlwrappers
--enable-mbregex--enable-fastcgi--enable-fpm
--enable-force-cgi-redirect--enable-mbstring--with-mcrypt
--with-gd--enable-gd-native-ttf--with-openssl--with-mhash
--enable-pcntl--enable-sockets--with-ldap--with-ldap-sasl
--with-xmlrpc--enable-zip--enable-soap

make ZEND_EXTRA_LIBS='-liconv'

 

为免得发生liconv报错，所以带上ZEND参数，这个问题要是经常编译PHP的朋友非常熟悉的。make install源码编译安装完成后，我们为php创建php.ini文件，如下所示：

cp php.ini-dist　/usr/local/webserver/php/etc/php.ini
cd ../

5.安装php5扩展模块

以下过程也可以写成脚本形式，免得手动一个个输入，内容如下：

#!/bin/bash
tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/usr/local/webserver/php/bin/phpize

./configure　--enable-eaccelerator=shared--with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config--with-pdo-mysql=/usr/local/webserver/mysql
make
make install
cd ../

tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure
make
make install
cd ../

tar zxvf imagick-2.3.0.tgz
cd imagick-2.3.0/
/usr/local/webserver/php/bin/phpize

./configure--with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../

修改php.ini文件，加载动态模块，让PHP5.2.14能顺利启动。

手动修改，查找：

/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"

 

将其修改如下：

extension_dir =

 "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"

 

 

并在此行后增加以下几行内容，然后保存：

extension = "memcache.so"

extension = "imagick.so"

 

再查找以下内容：

output_buffering = Off

 

然后将其修改如下：

output_buffering = On

 

再查找以下内容：

; cgi.fix_pathinfo=0

然后将其修改如下：

cgi.fix_pathinfo=0此处代码的作用是防止Nginx文件类型错误解析漏洞。

配置eAccelerator加速PHP，命令如下：

mkdir-p/usr/local/webserver/eaccelerator_cache
vim　/usr/local/webserver/php/etc/php.ini

 

在文件末尾加上以下配置信息：

［eaccelerator］

zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"

eaccelerator.shm_size="64"

eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"

eaccelerator.enable="1"

eaccelerator.optimizer="1"

eaccelerator.check_mtime="1"

eaccelerator.debug="0"

eaccelerator.filter=""

eaccelerator.shm_max="0"

eaccelerator.shm_ttl="3600"

eaccelerator.shm_prune_period="3600"

eaccelerator.shm_only="0"

eaccelerator.compress="1"

6.安装Nginx

关于Nginx的虚拟用户是一个重难点，不止一个朋友与我交流这个问题。其实其配置方法跟Apache一样，下面以我线上服务器的配置文件向大家演示一下，大家自然就明白了。

(1)创建www用户和www用户组，也为后面的Nginx安装做准备。/data/logs是Nginx相关日志文件存放的目录，如下所示：

/usr/sbin/groupadd www
/usr/sbin/useradd-g www www
mkdir-p/data/htdocs/www

 

创建根路径，如下所示：

mkdir-p　/data/logs

 

创建Nginx日志路径。分别为我的Nginx创建虚拟用户目录，如下所示：

cd　/data/htdocs/www
mkdir adongweb baobei ImageVue very365

 

分别将其目录权限给予www:www，命令如下：

chown-R www:www/data/logs
chown-R www:www/data/htdocs/www

 

(2)创建php-fpm配置文件(php-fpm是为PHP打的一个FastCGI管理补丁，可以平滑变更php.ini配置而无需重启php-cgi)。在/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件，命令如下：

rm-f/usr/local/webserver/php/etc/php-fpm.conf

 

我们用rm命令删除原有的php-fpm.conf文件后，创建一个新的/usr/local/webserver/php/etc/php-fpm.conf文件，文件内容如下：

<?xml version="1.0" ?>

<configuration>

　All relative paths in this config are relative to php's install prefix


　<section name="global_options">

Pid file

<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>

Error log file

　<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>

Log level

<value name="log_level">notice</value>

When this amount of php processes exited with SIGSEGV or SIGBUS ...

<value name="emergency_restart_threshold">10</value>

...in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.

<value name="emergency_restart_interval">1m</value>

Time limit on waiting child's reaction on signals from master

<value name="process_control_timeout">5s</value>

Set to 'no' to debug fpm

<value name="daemonize">yes</value>


　</section>


　<workers>


<section name="pool">

　Name of pool.Used in logs and stats.

　<value name="name">default</value>

　Address to accept fastcgi requests on.
　Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'

　<value name="listen_address">127.0.0.1:9000</value>


　<value name="listen_options">

Set listen(2)backlog

<value name="backlog">-1</value>

Set permissions for unix socket, if one used.
InLinux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.

<value name="owner"></value>

<value name="group"></value>

<value name="mode">0666</value>

　</value>

　Additional php.ini defines, specific to this pool of workers.

　<value name="php_defines">

<value name="sendmail_path">/usr/sbin/sendmail-t-i</value>

<value name="display_errors">0</value>

　</value>

　Unix user of processes

　<value name="user">www</value>

　Unix group of processes

　<value name="group">www</value>

　Process manager settings

　<value name="pm">

Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'

<value name="style">static</value>

Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi

Used with any pm_style.

<value name="max_children">300</value>

Settings group for 'apache-like' pm style

<value name="apache_like">

　Sets the number of server processes created on startup.
　Used only when 'apache-like' pm_style is selected

　<value name="StartServers">20</value>

　Sets the desired minimum number of idle server processes.
　Used only when 'apache-like' pm_style is selected

　<value name="MinSpareServers">5</value>

　Sets the desired maximum number of idle server processes.
　Used only when 'apache-like' pm_style is selected

　<value name="MaxSpareServers">35</value>


</value>


　</value>

　The timeout (in seconds)for serving a single request afterwhich the worker process will be terminated
　Should be used when 'max_execution_time' ini option does not stop script execution for some reason
　'0s' means 'off'

　<value name="request_terminate_timeout">0s</value>

　The timeout (in seconds)for serving of single request after which a php backtrace will be dumped to slow.log file
　'0s' means 'off'

　<value name="request_slowlog_timeout">0s</value>

　The log file for slow requests

　<value name="slowlog">logs/slow.log</value>

　Set open file desc rlimit

　<value name="rlimit_files">65535</value>

　Set max core size rlimit

　<value name="rlimit_core">0</value>

　Chroot to this directory at the start, absolute path

　<value name="chroot"></value>

　Chdir to this directory at the start, absolute path

　<value name="chdir"></value>

　Redirect workers' stdout and stderr into main error log.
　If not set, they will be redirected to/dev/null, according to FastCGI specs

　<value name="catch_workers_output">yes</value>

　How much requests each process should execute before respawn.
　Useful to work around memory leaks in 3rd party libraries.
　For endless request processing please specify 0
　Equivalent to PHP_FCGI_MAX_REQUESTS

　<value name="max_requests">1024</value>

　Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
　Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
　Makes sense only with AF_INET listening socket.

　<value name="allowed_clients">127..0.0.1</value>

　Pass environment variables like LD_LIBRARY_PATH
　All $VARIABLEs are taken from current environment

　<value name="environment">

<value name="HOSTNAME">$HOSTNAME</value>

<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>

<value name="TMP">/tmp</value>

<value name="TMPDIR">/tmp</value>

<value name="TEMP">/tmp</value>

<value name="OSTYPE">$OSTYPE</value>

<value name="MACHTYPE">$MACHTYPE</value>

<value name="MALLOC_CHECK_">2</value>

　</value>


</section>


　</workers>


</configuration>

 

 

(3)启动php-cgi进程，监听127.0.0.1的9000端口，进程数为300(生产环境下的服务器为300~500个均可)，用户为www，如下所示：

ulimit-SHn 65535
/usr/local/webserver/php/sbin/php-fpm start

注意　usr/local/webserver/php/sbin/php-fpm还有其他参数，包括：

startstopquitrestartreloadlogrotate。修改php.ini后不重启php-cgi，重新加载配置文件使用reload。

(4)安装并配置Nginx0.8.46。

首先安装PCRE，让Nginx0.8.46能支持正则表达式，命令如下：

tar zxvf pcre-8.46.tar.gz
cd pcre-8.10/
./configure
make && make install
cd ../

 

再接着安装Nginx0.8.46，命令如下：

tar zxvf nginx-0.8.46.tar.gz
cd nginx-0.8.46/

./configure　--user=www　--group=www

--prefix=/usr/local/webserver/nginx　--with-http_stub_status_module
--with-http_ssl_module
make && make install
cd ../

 

(5)配置Nginx的conf文件，我们可以用Vim修改/usr/local/webserver/nginx/conf/nginx.conf文件，内容如下：

user　www www;
worker_processes 8;
error_log　/data/logs/nginx_error.log　crit;
pid/usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;

events
{
　use epoll;
　worker_connections 65535;
}

http
{
　include　mime.types;
　default_type　application/octet-stream;

　#charset　gb2312;
　server_names_hash_bucket_size 128;
　client_header_buffer_size 32k;
　large_client_header_buffers 4 32k;
　client_max_body_size 8m;
　sendfile on;
　tcp_nopushon;

　keepalive_timeout 60;

　tcp_nodelay on;

　fastcgi_connect_timeout 300;
　fastcgi_send_timeout 300;
　fastcgi_read_timeout 300;
　fastcgi_buffer_size 64k;
　fastcgi_buffers 4 64k;
　fastcgi_busy_buffers_size 128k;
　fastcgi_temp_file_write_size 128k;

　gzip on;
　gzip_min_length　1k;
　gzip_buffers4 16k;
　gzip_http_version 1.0;
　gzip_comp_level 2;
　gzip_types　text/plain application/x-javascript text/css application/xml;
　gzip_vary on;

　#limit_zone　crawler　$binary_remote_addr　10m;

　server
　{
listen 80 default;
server_name _;
index index.html index.htm index.php;
root　/data/htdocs/www;
#server_name_in_redirect off;

　location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)?$
{
　expires　1h;
}

}

　server
　{
listen　80;
server_name　www.adongstudio.com;
index index.html index.htm index.php;
root　/data/htdocs/www/adongweb;

#limit_conn　crawler　20;

　location~.*＼.(php| php5)?$
　{
#fastcgi_pass　unix:/tmp/php-cgi.sock;
fastcgi_pass　127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
　}

　location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
　{
expires　30d;
　}

　location~.*＼.(js| css)?$
　{
expires　1h;
　}

　log_format　access　'$remote_addr-$remote_user［$time_local］ "$request" '
　'$status $body_bytes_sent "$http_referer" '
　'"$http_user_agent" $http_x_forwarded_for';
　access_log　/data/logs/access.log　access;
}
　server
　{
listen　80;
server_name　www.longfeistudio.com;
index index.html index.htm index.php;
root　/data/htdocs/www/ImageVue;

#limit_conn　crawler　20;

location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)?$
{
　expires　1h;
}

access_log　off;

}
server
　{
listen　80;
server_name　www.hongyanbike.com;
index index.html index.htm index.php;
root　/data/htdocs/www/xhui/hybike;

location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)?$
{
　expires　1h;
}

access_log　off;
　}
server
　{
listen　80;
server_name　www.very365.com mm.very365.com very365.com;
index index.html index.htm index.php;
root　/data/htdocs/www/very365;
　location/
　{

　rewrite ^/(.*)/product/(［0-9］+)/$/seoproduct＼.php＼?spell=$1&productid=$2;

　rewrite ^/brand/(.*)/page/(［0-9］+)/$/seobrand＼.php＼?spell=$1&page=$2;

　rewrite ^/brand/(.*)/$/seobrand＼.php＼?spell=$1;

}
location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
　fastcgi_param SCRIPT_FILENAME　/data/htdocs/www/very365$fastcgi_script_name;
　fastcgi_param　SCRIPT_NAME　/data/htdocs/www/very365 $fastcgi_script_name;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)$
{
　expires　1h;
}
access_log　off;
　}
server
　{
listen　80;
server_name　www.wqueen.cn wqueen.cn;

index index.html index.htm index.php;
root　/data/htdocs/www/wqueen/bbs;

location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)?$
{
　expires　1h;
}

access_log　off;
}

server
　{
listen　80;
server_name　baobei.wqueen.cn;
index index.html index.htm index.php;
root　/data/htdocs/www/baobei;

location~.*＼.(php| php5)?$
{
　#fastcgi_pass　unix:/tmp/php-cgi.sock;
　fastcgi_pass　127.0.0.1:9000;
　fastcgi_index index.php;
　include fcgi.conf;
}

location~.*＼.(gif| jpg| jpeg| png| bmp| swf)$
{
　expires　30d;
}

location~.*＼.(js| css)?$
{
　expires　1h;
}

access_log　off;
　}
}

 

 

其实Nginx的虚拟目录跟Apache的配置过程差不多，每一个server{}即对应一个虚拟主机，server_name是此虚拟主机的域名，root是此虚拟主机的根目录。当然，我们预先就应该在DNS做好相应的解析对应关系。另外，由于此LNMP主要用于博客和论坛，后面的虚拟主机我就没有配置相应的日志了，有兴趣的朋友可以根据我的配置文件自行修改设置，这里就不细述了。

(6)在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件。/usr/local/webserver/nginx/conf/fcgi.conf文件的内容如下：

fastcgi_param　GATEWAY_INTERFACE　CGI/1.1;
fastcgi_param　SERVER_SOFTWAREnginx;
fastcgi_param　QUERY_STRING$query_string;
fastcgi_param　REQUEST_METHOD$request_method;
fastcgi_param　CONTENT_TYPE$content_type;
fastcgi_param　CONTENT_LENGTH$content_length;
fastcgi_param　SCRIPT_FILENAME$document_root$fastcgi_script_name;
fastcgi_param　SCRIPT_NAME$fastcgi_script_name;
fastcgi_param　REQUEST_URI$request_uri;
fastcgi_param　DOCUMENT_URI$document_uri;
fastcgi_param　DOCUMENT_ROOT$document_root;
fastcgi_param　SERVER_PROTOCOL$server_protocol;
fastcgi_param　REMOTE_ADDR$remote_addr;
fastcgi_param　REMOTE_PORT$remote_port;
fastcgi_param　SERVER_ADDR$server_addr;
fastcgi_param　SERVER_PORT$server_port;
fastcgi_param　SERVER_NAME$server_name;
fastcgi_param　REDIRECT_STATUS200;

 

我们启动Nginx时，经常会遇到no input file specified的问题，其实这是由于我们的nginx.conf文件没有指定＄document_root变量，所以我们将下面这行内容改动一下（另外一种方法就是正确指定此变量）：

fastcgi_param　SCRIPT_FILENAME$document_root$fastcgi_script_name;

 

将其修改如下：

fastcgi_param　SCRIPT_FILENAME/data/htdocs/www$fastcgi_script_name;

 

(7)启动Nginx，命令如下：

/usr/local/webserver/nginx/sbin/nginx

 

以后每次更改Nginx配置文件想重新启动Nginx时，都可以平滑地启动Nginx，这也是Nginx0.8.x增加的新特征，命令如下：

/usr/local/webserver/nginx/sbin/nginx-s reload

 

(8)编写每天定时切割Nginx日志的脚本，创建脚本文件/usr/local/webserver/nginx/sbin/cut_nginx_log.sh，文件内容如下：

#!/bin/bash
# This script run at 00:00
# The Nginx logs path

logs_path="/data/logs"
mkdir-p ${logs_path}$(date-d "yesterday" +"%Y")/$(date-d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date-d "yesterday" +"%Y")/$(date-d "yesterday" +"%m")/access_$(date-d "yesterday" +"%Y%m%d").log
/usr/local/webserver/nginx/sbin/nginx-s reload

 

设置Crontab，每天零点切割Nginx访问日志。/etc/crontab文件新增的内容如下：

00 00***/bin/bash　/usr/local/webserver/nginx/sbin/cut_nginx_log.sh

7.优化Linux内核

我们可以编辑/etc/sysctl.conf，新增内容如下：

net.ipv4.tcp_max_syn_backlog = 65536

net.core.netdev_max_backlog =　32768

net.core.somaxconn = 32768

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

#net.ipv4.tcp_tw_len = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_max_orphans = 3276800

net.ipv4.ip_local_port_range = 1024　65535

 

使配置立即生效，命令如下：

/sbin/sysctl-p

8.将相关软件都配置成自启动模式

我们将一些内容添加进/etc/rc.local文件中，如下所示：

ulimit-SHn 65535
/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx

/usr/local/webserver/mysql/bin/mysqld_safe　--defaults-file=/data/mysql/3306/my.cnf

 

基本的安装过程到这里就结束了。通过对线上项目相当长时间的观察，我们也发现，Nginx作为Web服务器，在高并发的情况下还是非常稳定的。我也推荐大家将其应用于高并发的Web环境中，尤其是那种日PV百万级以上的Web网站。