一、系统约定
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
脚本以及维护程序存放位置 /usr/local/sbin
MysqL 数据库位置 /var/lib/MysqL(可按情况设置)
网站根目录 /home/www/wwwroot(可按情况设置)
虚拟主机日志根目录 /home/www/logs(可按情况设置)
运行账户 www:www
二、系统环境部署及调整
1、检查系统是否正常
# more /var/log/messages (检查有无系统级错误信息)
# dmesg (检查硬件设备是否有错误信息)
# ifconfig(检查网卡设置是否正确)
# ping www.163.com (检查网络是否正常)
# cat /proc/cpuinfo (检查cpu频率是否正常)
# top (按1检测cpu核数是否正常,内存大小是否正常)
2、关闭不需要的服务
# ntsysv
以下仅列出需要启动的服务,未列出的服务一律推荐关闭:
atd
crond
irqbalance
microcode_ctl
network
sendmail
sshd
syslog
关闭SElinux:修改/etc/selinux/config文件中的SELINUX= 为 disabled
3、更换yum国内源
# cd /etc/yum.repos.d
# mv CentOS-Base.repo CentOS-Base.repo.save
# wget http://centos.ustc.edu.cn/CentOS-Base.repo.5
# mv CentOS-Base.repo.5 CentOS-Base.repo
# yum clean all
4、服务器时间检查和设置
#data (检查时间是否正确,是否是中国时间CST)
#cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime (如果时区不对,则执行,时间正常的跳过)
#yum -y install ntp (安装ntp对时工具)
#chkconfig ntpd on (让对时服务开机启动)
5、使用 yum 对系统进行更新并且安装必要软件包
#yum update –y
#yum -y install make openssl openssl-devel pcre pcre-devel libpng libpng-devel libjpeg-6b libjpeg-devel-6b freetype freetype-devel gd gd-devel zlib zlib-devel gcc gcc-c++ libXpm libXpm-devel ncurses ncurses-devel libmcrypt libmcrypt-devel libxml2 libxml2-devel imake autoconf automake screen sysstat compat-libstdc++-33 curl curl-devel
6. 重新启动系统
# init 6
三、编译安装L.A.M.P环境
1、下载软件(截止到09年10月的最新版本)
# cd /usr/local/src
#wget http://sysoev.ru/Nginx/Nginx-0.7.63.tar.gz
#wget http://download.scientificlinux.net/Nginx
#wget http://download.scientificlinux.net/PHP-fpm.conf
#wget http://download.scientificlinux.net/Nginx.conf
#wget http://download.scientificlinux.net/fcgi.conf
#wget http://download.scientificlinux.net/PHP-5.2.10.tar.gz
#wget http://download.scientificlinux.net/PHP-5.2.10-fpm-0.5.13.diff.gz
#wget http://download.scientificlinux.net/ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz (32位系统)
#wget http://download.scientificlinux.net/ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz (64位系统)
#wget http://download.scientificlinux.net/MysqL-5.1.39-linux-i686-glibc23.tar.gz (32位系统)
#wget http://download.scientificlinux.net/MysqL-5.1.39-linux-x86_64-glibc23.tar.gz (64位系统)
2、安装MysqL
复制代码
代码如下:
cd /usr/local/src
tar zxvf MysqL-5.1.39-linux-i686-glibc23.tar.gz
mv MysqL-5.1.39-linux-i686-glibc23 /usr/local/
ln -s /usr/local/MysqL-5.1.39-linux-i686-glibc23/ /usr/local/MysqL
groupadd MysqL
chown -R MysqL:MysqL /usr/local/MysqL
chown -R MysqL:MysqL /usr/local/MysqL-5.1.39-linux-i686-glibc23/
cd /usr/local/MysqL
./scripts/MysqL_install_db –user=MysqL
cp ./support-files/MysqL.server /etc/rc.d/init.d/MysqLd
chmod 755 /etc/rc.d/init.d/MysqLd
cp ./support-files/my-huge.cnf /etc/my.cnf
mv /usr/local/MysqL/data /var/lib/MysqL
chown -R MysqL:MysqL /var/lib/MysqL
编辑/etc/my.cnf
datadir = /var/lib/MysqL
skip-innodb
wait-timeout = 10
max_connections = 512
max_connect_errors = 10000000
max_allowed_packet = 16M
thread_cache_size = cpu个数*2
将 log-bin 注释
service MysqLd start
bin/MysqLadmin -u root password ‘password_for_root’
其中引号内的password_for_root是要设置的root密码
3、安装Nginx
复制代码
代码如下:
cd /usr/local/src/
tar zxvf Nginx-0.7.63.tar.gz
cd Nginx-0.7.63
./configure –prefix=/usr/local/Nginx –conf-path=/usr/local/Nginx/conf/Nginx.conf –with-http_realip_module –with-http_addition_module –with-http_gzip_static_module –with-http_random_index_module –with-http_stub_status_module –with-http_sub_module –with-http_dav_module
make
make install
cp /usr/local/src/Nginx /etc/init.d/Nginx
chmod 755 /etc/init.d/Nginx
4、安装PHP和Zend
复制代码
代码如下:
cd /usr/local/src
tar zxvf PHP-5.2.10.tar.gz
gzip -cd PHP-5.2.10-fpm-0.5.13.diff.gz | patch -d PHP-5.2.10 -p1
cd PHP-5.2.10
./configure –prefix=/usr/local/PHP5 –with-config-file-path=/usr/local/etc/cgi –enable-mbstring –enable-ftp –with-gd –with-jpeg-dir=/usr –with-png-dir=/usr –enable-magic-quotes –with-MysqL=/usr/local/MysqL –with-pear –enable-sockets –with-ttf –with-freetype-dir=/usr –enable-gd-native-ttf –with-zlib –enable-sysvsem –enable-sysvshm –with-libxml-dir=/usr –enable-force-cgi-redirect –enable-fastcgi –with-xmlrpc –enable-zip –enable-fpm
make
make install
mkdir -p /usr/local/etc/cgi/
cp PHP.ini-dist /usr/local/etc/cgi/PHP.ini
mv -f /usr/local/src/PHP-fpm.conf /usr/local/PHP5/etc/PHP-fpm.conf
groupadd www
useradd -g www www
echo ‘ulimit -SHn 65535’ >> /etc/rc.local
echo ‘/usr/local/PHP5/sbin/PHP-fpm start’ >> /etc/rc.local
cd /usr/local/src
tar zxvf ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
cd ZendOptimizer-3.3.3-linux-glibc23-i386
./install
(注意第一个要填的路径是Zend安装路径,第二个是PHP.ini所在的路径,即/usr/local/etc/cgi)
(不要选重启apache)
复制代码
代码如下:
mv -f /usr/local/src/fcgi.conf /usr/local/Nginx/conf/
cp -f /usr/local/src/Nginx.conf /usr/local/Nginx/conf/Nginx.conf
mkdir -p /home/www/wwwroot
ulimit -SHn 65535
/usr/local/PHP5/sbin/PHP-fpm start
service Nginx start
在/home/www/wwwroot放入一个index.PHP,内容为
6、设置系统防火墙
编辑/usr/local/sbin/fw.sh
复制以下内容进去
复制代码
代码如下:
#!/bin/bash
# Stop iptables service first
service iptables stop
# Load FTP Kernel modules
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp
# Inital chains default policy
/sbin/iptables -F -t filter
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
# Enable Native Network Transfer
/sbin/iptables -A INPUT -i lo -j ACCEPT
# Accept Established Connections
/sbin/iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
# ICMP Control
/sbin/iptables -A INPUT -p icmp -m limit –limit 1/s –limit-burst 10 -j ACCEPT
# WWW Service
/sbin/iptables -A INPUT -p tcp –dport 80 -j ACCEPT
# FTP Service
/sbin/iptables -A INPUT -p tcp –dport 21 -j ACCEPT
# SSH Service
/sbin/iptables -A INPUT -p tcp –dport 22 -j ACCEPT
退出编辑,执行以下命令
复制代码
代码如下:
# chmod 755 /usr/local/sbin/fw.sh
# echo ‘/usr/local/sbin/fw.sh’ >> /etc/rc.local
# /usr/local/sbin/fw.sh
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。