實踐作業之編譯安裝LAMP
題目1:httpd所支持的處理模型有哪些,他們的分別使用於哪些環境。
(1)prefork模型:
功能:多進程模型,每個進程響應一個請求
工作方式:
①一個主進程:負責生成子進程及回收子進程(工作進程),負責創建套接字,負責接收請求,並將其派發給某子進程進行處理
②n個子進程:每個子進程一個請求
主控進程會預先生成幾個空閑子進程,隨時等待用於響應用戶請求。根據處理過程,可能會改變空閑進程的數量,需要定義最大空閑和最小空閑
(2)worker模型:
功能:多進程多線程模型,每個線程處理一個用戶請求
工作方式:
①一個主進程:負責生成子進程,負責創建套接字,負責接收請求,並將其派發給某子進程進行處理
②多個子進程:每個子進程負責生成多個線程
③每個線程:負責響應用戶請求
並發響應數量:m*n (其中m表示子進程數量,n表示每個子進程所能創建的最大線程數量)
(3)event模型:
功能:事件驅動模型,多進程模型,每個進程響應多個請求
工作方式:
①一個主進程:負責生成子進程負責創建套接字負責接收請求,並將其派發給某子進程進行處理
②子進程:基於事件驅動機制直接響應多個請求
並發響應數量:m*n (其中m表示子進程數量,n表示每個進程所能響應的最大請求數量)
題目2:源碼編譯安裝LAMP環境(基於wordpress程序),並寫出詳細的安裝、配置、測試過程。
源碼編譯安裝LAMP環境:
httpd-2.4:prefork模型
mariadb-5.5:通用二進制格式(被php5依賴,需要先編譯安裝)
php-5.4:編譯為httpd的module
安裝編譯環境
# yum -y groupinstall "Development Tools" "Server Platform Development"
(1)安裝httpd
# yum -y install pcre-devel apr-devel apr-util-devel openssl-devel # tar xf httpd-2.4.23.tar.bz2 # cd httpd-2.4.23 # ./configure --prefix=/usr/local/apache24 --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local /apr --with-apr-util=/usr/local/apr-util --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork # make && make install 導出httpd程序路徑: # vim /etc/profile.d/httpd.sh export PATH=/usr/local/apache24/bin:$PATH # . /etc/profile.d/httpd.sh 導出httpd頭文件: # ln -sv /usr/local/apache24/include /usr/include/httpd 啟動服務: # apachectl start
(2)使用通用二進制格式安裝mariadb
# useradd -r mysql # tar xf mariadb-VERSION.tar.xz -C /usr/local # cd /usr/local # ln -sv mariadb-VERSION mysql # cd /usr/local/mysql # chown -R root:mysql # scripts/mysql_install_db --user=mysql --datadir=/mydata/data # cp support-files/mysql.server /etc/init.d/mysqld # chkconfig --add mysqld 準備數據目錄: # mkdir /mydata/data 提供配置文件: # cp support-files/my-large.cnf /etc/my.cnf # vim /etc/my.cnf [mysqld] datadir = /mydata/data innodb_file_per_table = ON skip_name_reslove = ON 啟動mysql服務: # service mysqld start 導出mysql程序路徑: # vim /etc/profile.d/mysql.sh export PATH=/usr/local/mysql/bin:$PATH 導出mysql庫文件: # vim /etc/ld.so.conf.d/mysql.conf /usr/local/mysql/lib # ldconfig 導出mysql頭文件: # ln -sv /usr/local/mysql/include /usr/include/mysql
(3)安裝php
# yum install libxml2-devel libmcrypt-devel bzip2-devel # ./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-openssl --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring --with-png-dir --with-jpeg-dir --with-freetype-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-apxs2=/usr/local/apache24/bin/apxs --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 # make && make install 為了使httpd能夠識別php動態資源並能夠提交給httpd的php模塊(引擎),需要編輯httpd的配置文件 /etc/httpd24/httpd.conf,在相應位置添加AddType配置: # cp php-5.4.45/php.ini-production /etc/php.ini # vim /etc/httpd24/httpd.conf AddType application/x-httpd-php .php DirectoryIndex index.php index.html 檢查httpd配置文件語法: # apachectl -t 重啟httpd服務: # apachectl restart
(4)部署wordpress
# tar xf wordpress-4.7-zh_CN.tar.gz -C /usr/local/apache/htdocs # chmod -R 777 /usr/local/apache/htdocs/wordpress 創建wordpress數據庫、用戶名及密碼: # mysql mysql> CREATE DATABASE wpdb; mysql> GRANT ALL ON wpdb.* TO [email protected]%.%‘ IDENTIFIED BY ‘wppass‘; mysql> FLUSH PRIVILEGES; 在瀏覽器進行訪問及部署wordpress: http://192.168.10.101/wordpress
題目3:建立httpd服務器(基於編譯的方式進行),要求:
提供兩個基於名稱的虛擬主機:
(a)www1.stuX.com,頁面文件目錄為/web/vhosts/www1;錯誤日誌為/var/log/httpd/www1.err,訪問日誌為/var/log/httpd/www1.access;
(b)www2.stuX.com,頁面文件目錄為/web/vhosts/www2;錯誤日誌為/var/log/httpd/www2.err,訪問日誌為/var/log/httpd/www2.access;
(c)為兩個虛擬主機建立各自的主頁文件index.html,內容分別為其對應的主機名;
(d)通過www1.stuX.com/server-status輸出httpd工作狀態相關信息,且只允許提供帳號密碼才能訪問(status:status);
創建站點目錄: # mkdir -pv /web/vhosts/{www1,www2} # mkdir /var/log/httpd # echo "<h1>www1.stuX.com</h1>" > /web/vhosts/www1/index.html # echo "<h1>www2.stuX.com</h1>" > /web/vhosts/www2/index.html # vim /etc/apache/httpd.conf 註釋中心主機: #DocumentRoot "/usr/local/apache/htdocs" 引用虛擬主機配置文件: Include /etc/httpd24/extra/httpd-vhosts.conf # vim /etc/httpd24/httpd.conf 配置添加如下兩個虛擬主機: <VirtualHost *:80> ServerName www1.stuX.com DocumentRoot "/web/vhosts/www1" ErrorLog "/var/log/httpd/www1.err" CustomLog "/var/log/httpd/www1.access" combined <Directory "/web/vhosts/www1"> Options None AllowOverride None Require all granted </Directory> <Location /server-status> SetHandler server-status AuthType Basic AuthName "server-status" AuthUserFile "/etc/apache/.status_pwd" Require valid-user </Location> </VirtualHost> <VirtualHost *:80> ServerName www2.stuX.com DocumentRoot "/web/vhosts/www2" ErrorLog "/var/log/httpd/www2.err" CustomLog "/var/log/httpd/www2.access" combined <Directory "/web/vhosts/www2"> Options None AllowOverride None Require all granted </Directory> </VirtualHost> # htpasswd -cm /etc/httpd24/.htpasswd status # apachectl -t # apachectl restart 測試主機: # vim /etc/hosts 192.168.10.101 www1.stuX.com www2.stuX.com 在瀏覽器進行訪問測試: http://www1.stuX.com http://www2.stuX.com
題目4:為第4題中的第2個虛擬主機提供https服務,使得用戶可以通過https安全的訪問此web站點;
(1)要求使用證書認證,證書中要求使用的國家(CN)、州(HA)、城市(ZZ)和組織(MageEdu);
(2)設置部門為Ops,主機名為www2.stuX.com,[email protected];
構建私有CA頒發SSL證書 # (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 4096) # openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3650 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.‘, the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HA Locality Name (eg, city) [Default City]:ZZ Organization Name (eg, company) [Default Company Ltd]:MageEdu Organizational Unit Name (eg, section) []:Ops Common Name (eg, your name or your server‘s hostname) []:www2.stuX.com Email Address []:[email protected] # mkdir -pv /etc/pki/CA/{certs,crl,newcerts} # touch /etc/pki/CA/{serial,index.txt} # echo 01 > /etc/pki/CA/serial 在請求主機生成私鑰,並向CA申請簽署證書 # (umask 077; openssl genrsa -out /etc/apache/ssl/httpd.key 2048) # openssl req -new -key /etc/apache/ssl/httpd.key -out /etc/apache/ssl/httpd.csr -days 365 CA簽署證書 # openssl ca -in /etc/httpd24/ssl/httpd.csr -out /etc/pki/CA/certs/httpd.crt # cp /etc/pki/CA/certs/httpd.crt /etc/apache/ssl/ # vim /etc/httpd24/httpd.conf 引用SSL配置文件: Include /etc/apache/extra/httpd-ssl.conf 加載如下模塊: LoadModule ssl_module modules/mod_ssl.so 編輯配置文件: # vim /etc/httpd24/extra/httpd-ssl.conf <VirtualHost _default_:443> DocumentRoot "/web/vhosts/www2" ServerName www2.stuX.com ErrorLog "/var/log/httpd/www2.ssl.err" TransferLog "/var/log/httpd/www2.ssl.access" <Directory "/web/vhosts/www2"> Options None AllowOverride None Require all granted </Directory> SSLEngine on SSLCertificateFile "/etc/httpd24/ssl/httpd.crt" SSLCertificateKeyFile "/etc/httpd24/ssl/httpd.key" </VirtualHost> # apachectl -t # apachectl restart 在瀏覽器進行訪問測試: https://www2.stuX.com
題目5:在LAMP架構中,請分別以php編譯成httpd模塊形式和php以fpm工作為獨立守護進程的方式來支持httpd,列出詳細的過程。
詳見《編譯安裝PHP》
本文出自 “Tab” 博客,請務必保留此出處http://xuweitao.blog.51cto.com/11761672/1934269
實踐作業之編譯安裝LAMP