CentOS + Nginx 环境搭建教程

服务器 2650 0 2012-03-28

获取相关开源软件包

本文中提到的所有开源软件包为截止到2009年10月20日的最新稳定版，且均从官方网站下载。

mkdir -p /home/software
cd /home/software
fetch http://sysoev.ru/nginx/nginx-0.8.24.tar.gz
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.00.tar.gz
wget ftp://xmlsoft.org/libxml2/libxml2-2.7.6.tar.gz
wget http://www.zlib.net/zlib-1.2.3.tar.gz
wget ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.40.tar.gz
wget http://www.ijg.org/files/jpegsrc.v7.tar.gz
wget http://ftp.twaren.net/Unix/NonGNU/freetype/freetype-2.3.11.tar.gz
wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
wget http://www.php.net/get/php-5.2.11.tar.gz/from/this/mirror
wget http://php-fpm.org/downloads/php-5.2.11-fpm-0.5.13.diff.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.tar.gz

安装、升级所需的程序库

利用CentOS Linux系统自带的yum命令安装、升级所需的程序库

yum -y install gcc gcc-c++ autoconf libtool* openssl openssl-devel

安装 Mysql5.1.40

Mysql5.1.40 下载地址： http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.40.tar.gz/from/pick

/usr/sbin/groupadd mysql
/usr/sbin/useradd mysql -g mysql -d /dev/null -s /sbin/nologin
tar zxvf mysql-5.1.40.tar.gz
cd mysql-5.1.40
./configure –prefix=/usr/local/webserver/mysql/ –enable-assembler –with-extra-charsets=complex –enable-thread-safe-client –with-big-tables –with-readline –with-ssl –with-embedded-server –enable-local-infile –with-plugins=innobase
make && make install clean
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
cp /usr/local/webserver/mysql/share/mysql/my-medium.cnf /usr/local/webserver/mysql/my.cnf
cd ..

以mysql用户帐号的身份建立数据表

/usr/local/webserver/mysql/bin/mysql_install_db –datadir=/usr/local/webserver/mysql/data –user=mysql

创建 Mysql 开机启动脚本

cp /usr/local/webserver/mysql/share/mysql/mysql.server /etc/init.d/mysql
chmod +x /etc/init.d/mysql

添加 Nginx 为系统服务（开机自动启动）

chkconfig --add mysql
chkconfig mysql on

启动 Mysql

service mysql start

安装 Nginx

安装Nginx所需的pcre库

tar zxvf pcre-8.00.tar.gz
cd pcre-8.00
./configure
make && make install clean
cd ..

安装 Nginx0.8.24

tar zxvf nginx-0.8.24.tar.gz
cd nginx-0.8.24
./configure –user=www –group=www –prefix=/usr/local/webserver/nginx –with-http_stub_status_module –with-http_ssl_module
make && make install clean
cd ..

创建www组、用户、Nginx 日志目录

/usr/sbin/groupadd www
/usr/sbin/useradd www -g www -d /dev/null -s /sbin/nologin
mkdir -p /var/log/nginx
chmod +w /var/log/nginx
chown -R www:www /var/log/nginx

创建 Nginx 配置文件

rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf

输入以下内容：

user  www www;
worker_processes 8;

error_log  /var/log/nginx/error.log;
pid        /var/log/nginx/nginx.pid;

worker_rlimit_nofile 51200;
events {
  use epoll;
  worker_connections 51200;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 8m;

    sendfile        on;
    tcp_nopush     on;

    keepalive_timeout  30;

    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    gzip  on;
    gzip_min_length   1k;
    gzip_buffers      4 16k;
    gzip_http_version 1.1;
    gzip_comp_level   2;
    gzip_types text/plain application/x-javascript text/css application/xml
    gzip_vary on;

    server {
        listen       80;
        server_name  localhost;
        root   /home/excms;
        index  index.html index.htm index.php;

        location ~ .php$ {
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }

        location /nginx_status {
            stub_status on;
            access_log   off;
        }
    }
}

创建 Nginx 开机启动脚本

vi /etc/init.d/nginx

加入以下内容

#!/bin/bash
#
# chkconfig: - 85 15
# description: Nginx is a World Wide Web server.
# processname: nginx

nginx=/usr/local/webserver/nginx/sbin/nginx
conf=/usr/local/webserver/nginx/conf/nginx.conf

case $1 in
       start)
              echo -n "Starting Nginx"
              $nginx -c $conf
              echo " done"
       ;;

       stop)
              echo -n "Stopping Nginx"
              killall -9 nginx
              echo " done"
       ;;

       test)
              $nginx -t -c $conf
       ;;

 reload)
              echo -n "Reloading Nginx"
              ps auxww | grep nginx | grep master | awk '{print $2}' | xargs kill -HUP
              echo " done"
       ;;

 restart)
  $0 stop
  $0 start
       ;;

       show)
              ps -aux|grep nginx
       ;;

       *)
              echo -n "Usage: $0 {start|restart|reload|stop|test|show}"
       ;;

esac

为 nginx.sh 脚本设置可执行属性

chmod +x /etc/init.d/nginx

添加 Nginx 为系统服务（开机自动启动）

chkconfig --add nginx
chkconfig nginx on

启动 Nginx

service nginx start

在不停止 Nginx 服务的情况下平滑变更 Nginx 配置
修改 /usr/local/webserver/nginx/conf/nginx.conf 配置文件后，请执行以下命令检查配置文件是否正确：

service nginx test

如果屏幕显示以下两行信息，说明配置文件正确：
the configuration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok
the configuration file /usr/local/webserver/nginx/conf/nginx.conf was tested successfully

平滑变更 Nginx 配置

service nginx reload

安装 GD

安装 zlib

tar zxvf zlib-1.2.3.tar.gz
cd zlib-1.2.3
./configure
make && make install clean
cd ..

安装 libpng

tar zxvf libpng-1.2.40.tar.gz
cd libpng-1.2.40
./configure
make && make install clean
cd ..

安装 jpeg

tar zxvf jpegsrc.v7.tar.gz
cd jpeg-7
./configure -enable-shared -enable-static
make && make install clean
cd ..

安装 freetype

tar zxvf freetype-2.3.11.tar.gz
cd freetype-2.3.11
./configure
make && make install clean
cd ..

安装 gd2.0.35

tar zxvf gd-2.0.35.tar.gz
cd gd-2.0.35
./configure
make && make install clean
cd ..

安装 libxml2

tar -zxvf libxml2-2.7.6.tar.gz
cd libxml2-2.7.6
./configure
make && make install clean
cd ..

安装 PHP

编译安装PHP 5.2.11所需的支持库 libiconv

tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13
./configure –prefix=/usr/local
make && make install clean
cd ..

编译安装PHP（FastCGI模式）

tar zxvf php-5.2.11.tar.gz
gzip -cd php-5.2.11-fpm-0.5.13.diff.gz | patch -d php-5.2.11 -p1
cd php-5.2.11
./configure –prefix=/usr/local/webserver/php –with-config-file-path=/usr/local/webserver/php/etc –with-mysql=/usr/local/webserver/mysql –with-iconv-dir –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-gd –enable-gd-native-ttf –with-libxml-dir –enable-xml –disable-rpath –enable-discard-path –enable-safe-mode –enable-bcmath –enable-shmop –enable-sysvsem –enable-inline-optimization –with-curlwrappers –enable-mbregex –enable-fastcgi –enable-fpm –enable-force-cgi-redirect –enable-mbstring –with-openssl –enable-pcntl –enable-sockets
make ZEND_EXTRA_LIBS=’-liconv’
make install clean
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
cd ..

安装 ZendOptimizer

ZendOptimizer 官方下载地址： http://www.zend.com/en/products/guard/downloads

tar zxvf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz

cd ZendOptimizer-3.3.9-linux-glibc23-i386
cp data/5_2_x_comp/ZendOptimizer.so /usr/local/webserver/php/include/

修改 php.ini 在末尾添加以下内容

[zend]
zend_optimizer.optimization_level=15
zend_extension="/usr/local/webserver/php/include/ZendOptimizer.so"

修改php-fpm配置文件
php-fpm是为PHP打的一个FastCGI管理补丁，可以平滑变更php.ini配置而无需重启php-cgi

vi /usr/local/webserver/php/etc/php-fpm.conf

将 <value name=”user”>nobody</value>和 <value name=”group”>nobody</value> 中的 nobody 改为 www, 并去掉前后的注释标签 <!– , –>；
如要显示PHP调试的错误信息将 <value name=”display_errors”>0</value> 修改为 <value name=”display_errors”>1</value> ，并去掉前后的注释标签 <!– , –>, 以显示PHP错误信息，否则，Nginx 会报状态为500的空白错误页。

修改 php-fpm 启动脚本

ln -s /usr/local/webserver/php/sbin/php-fpm /etc/init.d/php-fpm
vi /usr/lcaol/webserver/php/sbin/php-fpm

在 #!/bin/sh 下添加以下内容

#
# chkconfig: - 85 15
# description: php-fpm is PHP FastCGI Process Manage.
# processname: php-fpm

添加 php-fpm 为系统服务

chkconfig --add php-fpm
chkconfig php-fpm on

启动 php-fpm

service php-fpm start

在不停止 PHP-fpm 服务的情况下平滑变更 php.ini 配置
修改 /usr/local/webserver/php/etc/php.ini 或者 /usr/loca/webserver/php/etc/php-fpm.conf 配置文件后，请执行以下命令检查配置文件是否正确：

service php-fpm reload

测试

在/home/excms 目录下新建 phpinfo.php

vi /home/excms/phpinfo.php

加入如下文本

<? phpinfo(); ?>;

打开浏览器，在地址栏里输入 http://您服务器的IP/phpinfo.php

优化Linux内核参数

vi /etc/sysctl.conf

在末尾增加如下文本

net.core.netdev_max_backlog =  32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024  65535

使配置立即生效：

/sbin/sysctl -p

防ddos攻击

Sysctl 修改

vi /etc/rc.local