平台搭建环境:
CentOS5.2 32/x86_64 GNU/Linux (32/64操作系统均通过,推荐使用64位操作系统)

目标:构建高性的LEMP环境提供WEB服务

一、系统安装
1. 系统分区建议
/boot 100M (大约100左右)
SWAP 物理内存的2倍(如果你的物理内存大于4G,分配4G即可)
/ 分区15~20G
/usr/local 20G (用于安装软件)
/data 剩余所有空间.

【注】具体分区请根据相关业务划分,具体安装本文不作介绍安装过程中选择最少的包,采用文本模式安装请不要安装图形。

2.系统初始化
系统初始化脚本(根据具体需求关闭不需要的服务)
# shinit_network.sh //下载本文提供的scripts.tar.gz包,即可找到此脚本.

二、编译安装基本环境
1. 安装准备
1.1系统软件包安装规范
系统约定
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
脚本以及维护程序存放位置 /usr/local/sbin
MySQL 数据库位置 /data/mysql/data(可按情况设置)
网站根目录 /data/www/wwwroot(可按情况设置)
虚拟主机日志根目录 /data/logs(可按情况设置)
Nginx运行账户 www:www
install_software_name.sh //存放编译参数脚本习惯将所有编译脚本存放在install_software_name.sh便于升级和更新软件.

创建网站账号及相关存放目录
#add_user.sh

1. /usr/sbin/groupadd www
2. /usr/sbin/useradd -g www www
3. mkdir -p /data/www/wwwroot
4. chmod +w /data/www/wwwroot
5. chown www:www /data/www/wwwroot -R

复制代码

1.2系统环境部署及调整
检查系统是否正常
#tail -n100 /var/log/messages(检查有无系统级错误信息)
#dmesg (检查硬件设备是否有错误信息)
#ifconfig(检查网卡设置是否正确)
#ping www.linuxtone.org (检查网络是否正常)

1.3使用 yum 程序安装所需开发包(以下为标准的 RPM 包名称)
添加国内镜像源加速软件安装下载速度请参照:http://bbs.linuxtone.org/thread-158-1-1.html

1. yum -y install ntp vim-enhanced gcc gcc-c++gcc-g77 flex bison autoconf automake bzip2-devel   ncurses-devel openssl-devel libtool*zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel fontconfig-devel freetype-devel libXpm-develgettext-devel curl curl-devel pam-devel e2fsprogs-devel krb5-devel libidnlibidn-devel

复制代码

1.4定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
#crontab -e
加入一行:

1. 15 3 * * * /usr/sbin/ntpdate 210.72.145.44> /dev/null 2>&1

复制代码

1.5下载编译相关的源码包.
#vi list 在list文件里填入以后下载地址列表.
官方下载软件包名:

1. #nginx
2. pcre-7.8.tar.gz
3. nginx-0.7.30.tar.gz
4. #PHP-GD-LIB
5. gd-2.0.35.tar.bz2
6. libiconv-1.12.tar.gz
7. libmcrypt-2.5.8.tar.bz2
8. mhash-0.9.9.9.tar.gz…
9. mcrypt-2.6.7.tar.gz
10. #MySQL
11mysql-5.1.30.tar.gz
12. #php
13. php-5.2.8.tar.bz2
14. php-5.2.8-fpm-0.5.10.diff.gz
15. #PHP-EXT
16. memcache-2.2.4.tgz
17. PDO_MYSQL-1.0.2.tgz
18. eaccelerator-0.9.5.3.tar.bz2

19.ImageMagick.tar.gz
20.imagick-2.3.0.tgz 
 

2. 编译安装软件包
源码编译安装所需包(Source)
1.1 编译安装Nginx

1. tar zxvf pcre-7.8.tar.gz
2. cd pcre-7.8
3. ./configure && make && makeinstall

1. tar zxvf nginx-0.7.30.tar.gz
2. cd nginx-0.7.30

优化nginx的编译:

vim auto/cc/gcc

找到

# debug
CFLAGS=”$CFLAGS -g”

然后在CFLAGS前面加上#号,得到:

# debug
#CFLAGS=”$CFLAGS -g”

好了,保存退出。

为特定的CPU指定CPU类型编译优化
在编译Nginx时,默认的GCC编译参数是“-O”,要优化GCC编译,可以使用以下两个参数:
–with-cc-opt=-O3

3. ./configure –user=www –group=www–prefix=/usr/local/nginx/ –with-http_stub_status_module
 –with-openssl=/usr/lib –with-cc-opt=’-O3′
4. make && make install

复制代码
1.2编译安装GD及相关的LIB.

1. tar jxvf gd-2.0.35.tar.bz2
2. cd gd-2.0.35
3. ./configure –prefix=/usr/local/gd2&& make && make install
4. tar zxvf libiconv-1.12.tar.gz

复制代码

1. cd libiconv-1.12
2. ./configure –prefix=/usr && make&& make install
3. tar jxvf libmcrypt-2.5.8.tar.bz2

复制代码

1. cd libmcrypt-2.5.8
2. ./configure –prefix=/usr && make&& make install
3.

复制代码

1. tar zxvf mhash-0.9.9.tar.gz
2. cd mhash-0.9.9
3. ./configure –prefix=/usr && make&& make install

复制代码
# vi /etc/ld.so.conf
添加/usr/lib

1. include ld.so.conf.d/*.conf
2. /usr/lib

复制代码
# ldconfig
【注】ldconfig 命令的用途,主要是在默认搜寻目录(/lib和/usr/lib)以及动态库配置文件/etc/ld.so.conf内所列的目录, 而当用户安装了一个新的动态链接库时,就需要手工运行这个命令。

1. tar zxvf mcrypt-2.6.7.tar.gz
2. [code]
3. cd mcrypt-2.6.7
4. ./configure –prefix=/usr && make&& make install

复制代码

1.3 编译安装MySQL
#sh install_mysql.sh
//具体脚本如下:

1. CHOST=”x86_64-pc-linux-gnu”
2. CFLAGS=”-march=nocona -O3 -pipe”
3. CXXFLAGS=”${CFLAGS}”
4. ./configure “
5. “–prefix=/usr/local/mysql” “
6. “–localstatedir=/data/mysql/data” “
7. “–with-comment=Source” “
8. “–with-server-suffix=-Linuxtone.Org” “
9. “–with-mysqld-user=mysql” “
10. “–without-debug” “
11. “–with-big-tables” “
12. “–with-charset=gbk” “
13. “–with-collation=gbk_chinese_ci” “
14. “–with-extra-charsets=all” “
15. “–with-pthread” “
16. “–enable-static” “
17. “–enable-thread-safe-client” “
18. “–with-client-ldflags=-all-static” “
19. “–with-mysqld-ldflags=-all-static” “
20. “–enable-assembler” “
21. “–with-plugins=all” “
22. “–without-ndb-debug”
23. make
24. make install
25. useradd mysql -d /data/mysql -s/sbin/nologin
26. /usr/local/mysql/bin/mysql_install_db–user=mysql
27. cd /usr/local/mysql
28. chown -R root:mysql .
29. mkdir -p /data/mysql/data
30. chown -R mysql /data/mysql/data
31. cp share/mysql/my-huge.cnf /etc/my.cnf
32. cp share/mysql/mysql.server/etc/rc.d/init.d/mysqld
33. chmod 755 /etc/rc.d/init.d/mysqld
34. chkconfig –add mysqld
35. /etc/rc.d/init.d/mysqld start
36.

37. cd /usr/local/mysql/bin
38. for i in *; do ln -s /usr/local/mysql/bin/$i/usr/bin/$i; done

复制代码
【注】编译mysql前请正确配置好主机名,否则不能正常启动.
例如:
[xxxxx@xxxxx.com-5.1.30]# cat /etc/hosts

1. # Do not remove the following line, or various programs
2. # that require network functionality will fail.
3. 127.0.0.1 localhost.localdomainlocalhost
4. 192.168.1.104 lemp.linuxtone.org

复制代码

【注】将本文提供下载的scripts.tar.gz包中的my.cnf替换你的/etc/my.cnf,并根据你的硬件参数做相关调整,并可以利用包中的tuning-primer.sh 做初步性能调优。

1.4 编译安装PHP-FastCGI

1. tar jxvf php-5.2.8.tar.bz2
2. gzip -cd php-5.2.8-fpm-0.5.10.diff.gz| patch -d php-5.2.8 -p1
3. cd php-5.2.8

复制代码
#sh install_php.sh
//具体脚本如下

1. CHOST=”i686-pc-linux-gnu”
2. CFLAGS=”-march=prescott-O3 -pipe -fomit-frame-pointer”
3. CXXFLAGS=”${CFLAGS}”
4. ./configure “
5. “–prefix=/usr/local/php-fcgi” “
6. “–enable-fastcgi” “
7. “–enable-fpm” “
8. “–enable-discard-path” “
9. “–enable-force-cgi-redirect””
10. “–with-config-file-path=/usr/local/php-fcgi/etc” “
11. “–enable-zend-multibyte” “
12. “–with-mysql=/usr/local/mysql” “
13. “–with-libxml-dir” “
14. “–with-xmlrpc” “
15. “–with-gd=/usr/local/gd2” “
16. “–with-jpeg-dir” “
17. “–with-png-dir” “
18. “–with-bz2” “
19. “–with-freetype-dir” “
20. “–with-iconv-dir” “
21. “–with-zlib-dir” “
22. “–with-curl” “
23. “–with-curlwrappers” “
24. “–with-openssl” “
25. “–with-mcrypt” “
26. “–with-mhash” “
27. “–enable-pcntl” “
28. “–enable-sockets” “
29. “–enable-sysvsem” “
30. “–enable-inline-optimization” “
31. “–enable-soap” “
32. “–enable-gd-native-ttf” “
33. “–enable-ftp” “
34. “–enable-mbstring” “
35. “–enable-exif” “
36. “–disable-debug” “
37. “–disable-ipv6”
38. #sed -i ‘s#-lz -lm -lxml2-lz -lm -lxml2 -lz -lm -lcrypt#& -liconv#’ Makefile
39. makeZEND_EXTRA_LIBS=’-liconv’   注:为免得发生liconv报错,所以带上ZEND参数,这个问题要是经常编译PHP的朋友非常熟悉的。
40. make install
41. cp php.ini-dist/usr/local/php-fcgi/etc/php.ini

复制代码
1.5 编译安装PHP扩展

1. tar zxvf memcache-2.2.4.tgz
2. cd memcache-2.2.4
3. /usr/local/php-fcgi/bin/phpize
4. ./configure–with-php-config=/usr/local/php-fcgi/bin/php-config
5. make && make install
6.

复制代码

1. tar jxvf eaccelerator-0.9.5.3.tar.bz2
2. cd eaccelerator-0.9.5.3
3. /usr/local/php-fcgi/bin/phpize
4. ./configure –enable-eaccelerator=shared–with-php-config=/usr/local/php-fcgi/bin/php-config
5. make && make install
6.

复制代码

1. tar zxvf PDO_MYSQL-1.0.2.tgz
2. cd PDO_MYSQL-1.0.2
3. /usr/local/php-fcgi/bin/phpize
4. ./configure –with-php-config=/usr/local/php-fcgi/bin/php-config–with-pdo-mysql=/usr/local/mysql
5. make && make install

复制代码

  1. tar zxvf ImageMagick.tar.gz  

     

  2. cd ImageMagick-6.5.1-2/  
     
  3. ./configure  
     
  4. make  
     
  5. make install  
     
  6. cd ../  
     
  7.  
     
  8. tar zxvf imagick-2.3.0.tgz  
     
  9. cd imagick-2.3.0/  
     
  10. /usr/local/php-fcgi/bin/phpize  
     
  11. ./configure–with-php-config=/usr/local/php-fcgi/bin/php-config  

     

  12. make  
     
  13. make install  
     

1.6 配置php.ini

修改php.ini文件,加载动态模块,让PHP5.2.8能顺利启动。

手动修改,查找:

  1. /usr/local/webserver/php/etc/php.ini中的extension_dir = "./" 

 

将其修改如下:

  1. extension_dir =  
  2.  "/usr/local/php-fcgi/lib/php/extensions/no-debug-non-zts-20060613/" 

 

 

并在此行后增加以下几行内容,然后保存:

  1. extension = "memcache.so" 
  2. extension = "imagick.so" 
  3.  
  4. extension = "pdo_mysql.so"

 

再查找以下内容:

  1. output_buffering = Off 

 

然后将其修改如下:

  1. output_buffering = On 

 

再查找以下内容:

  1. cgi.fix_pathinfo=0 

然后将其修改如下:

cgi.fix_pathinfo=0此处代码的作用是防止Nginx文件类型错误解析漏洞。

 #vi /usr/local/php-fcgi/etc/php.ini //在最后加上

1. [eAccelerator]
2. extension=”=“/usr/local/php-fcgi/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so
3. eaccelerator.shm_size=”32″
4. eaccelerator.cache_dir=”/cache_tmpfs/eaccelerator”
5. eaccelerator.enable=”1″
6. eaccelerator.optimizer=”1″
7. eaccelerator.check_mtime=”1″
8. eaccelerator.debug=”0″
9. eaccelerator.filter=””
10. eaccelerator.shm_max=”0″
11. eaccelerator.shm_ttl=”0″
12. eaccelerator.shm_prune_period=”0″
13. eaccelerator.shm_only=”0″
14. eaccelerator.compress=”1″
15. eaccelerator.compress_level=”9″

复制代码

1.7 安装ZendOptimizer-3.3.3

1. tar zxvf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
2. cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
3. ./install

复制代码

解压后进入目录./install,安提示选择相关的目录及配置文件存放目录即可.

1.8 配置php-fpm.conf
    

修改php-fpm配置文件:
vi /usr/local/php/etc/php-fpm.conf
找到58-66行里注释去掉,或删除改为下面几行
<!–     –>    此为注释,需去掉
然后把里面的用户 nobody  改为 www
找113行,把<value name=”rlimit_files”>1024</value>里的数字改成 65535

启动php-cgi进程,监听127.0.0.1的9000端口,进程数为300(生产环境下的服务器为300~500个均可),用户为www,如下所示:

ulimit-SHn 65535   

/usr/local/php-fcgi/sbin/php-fpm start //启动服务查看是否报错,不报错继续。

1.9 配置nginx/conf

1. #cd /usr/local/nginx/conf
2.#rm -fr nginx.conf

3.#touch nginx.conf然后在里面添加:

user www www; 
worker_processes 8; 
error_log /data/logs/nginx_error.log crit; 
pid /usr/local/nginx/logs/nginx.pid; 
#Specifies the value for maximum file descriptors that can be opened by this process. 
worker_rlimit_nofile 65535; 
 
events 

 use epoll; 
 worker_connections 65535; 

 
http 

 include mime.types; 
 default_type application/octet-stream; 
 
 #charset gb2312; 
 server_names_hash_bucket_size 128; 
 client_header_buffer_size 32k; 
 large_client_header_buffers 4 32k; 
 client_max_body_size 8m; 
 sendfile on; 
 tcp_nopushon; 
 
 keepalive_timeout 60; 
 
 tcp_nodelay on; 
 
 fastcgi_connect_timeout 300; 
 fastcgi_send_timeout 300; 
 fastcgi_read_timeout 300; 
 fastcgi_buffer_size 64k; 
 fastcgi_buffers 4 64k; 
 fastcgi_busy_buffers_size 128k; 
 fastcgi_temp_file_write_size 128k; 
 
 gzip on; 
 gzip_min_length 1k; 
 gzip_buffers4 16k; 
 gzip_http_version 1.0; 
 gzip_comp_level 2; 
 gzip_types text/plain application/x-javascript text/css application/xml; 
 gzip_vary on;  

   include vhost.conf;
 
 #limit_zone crawler $binary_remote_addr 10m;

}

4.然后在创建一个vhost.conf的文件,在里面添加:

#——— fantefei.com   ———————————————— 

server {
        listen       80;
        server_name  aa.fantefei.com;
        root   /home/ftp/newssite_news/wwwroot;

        charset utf-8;

        location /{
                   index  index.php index.htm index.html;
                   charset utf-8;

       if (!-e $request_filename) { 
                  rewrite  ^/(.*)$  /index.php/$1  last;
                  break;
                    }
         }

          location ~ .+\.php($|/) {
                  set $script     $uri;
                  set $path_info  “/”;
        if ($uri ~ “^(.+\.php)(/.+)”) {
                set $script     $1;
                set $path_info  $2;
         }

        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index  index.php?IF_REWRITE=1;
        include fcgi.conf;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param SCRIPT_FILENAME  /home/ftp/newssite_news/wwwroot$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $script;
}

        access_log  /var/log/nginx_log_club  combined;

        error_page  404              /;
        if (-d $request_filename) {
                rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
        }
}
#————————————————————————————-

上面的写法还让nginx支持了thinkphp的pathinfo和url重写的功能,其他的只需要在thinkphp的url_mod等于3就可以了。

5.在/usr/local/nginx/conf/下建立一个fcgi.conf的文件,在里面添加一下内容:

fastcgi_param GATEWAY_INTERFACE CGI/1.1; 
fastcgi_param SERVER_SOFTWAREnginx; 
fastcgi_param QUERY_STRING$query_string; 
fastcgi_param REQUEST_METHOD$request_method; 
fastcgi_param CONTENT_TYPE$content_type; 
fastcgi_param CONTENT_LENGTH$content_length; 
fastcgi_param SCRIPT_FILENAME$document_root$fastcgi_script_name; 
fastcgi_param SCRIPT_NAME$fastcgi_script_name; 
fastcgi_param REQUEST_URI$request_uri; 
fastcgi_param DOCUMENT_URI$document_uri; 
fastcgi_param DOCUMENT_ROOT$document_root; 
fastcgi_param SERVER_PROTOCOL$server_protocol; 
fastcgi_param REMOTE_ADDR$remote_addr; 
fastcgi_param REMOTE_PORT$remote_port; 
fastcgi_param SERVER_ADDR$server_addr; 
fastcgi_param SERVER_PORT$server_port; 
fastcgi_param SERVER_NAME$server_name; 
fastcgi_param REDIRECT_STATUS200;
[xxxxx@xxxxx.com]# /usr/local/nginx/sbin/nginx –t //验证是否有配置语法错误.

1. 2009/01/06 09:36:12 [info] 23353#0: the configuration file/usr/local/nginx//conf/nginx.conf syntax is ok
2. 2009/01/06 09:36:12 [info] 23353#0: the configuration file/usr/local/nginx//conf/nginx.conf was tested successfully

复制代码
#chmod a+x /etc/init.d/nginx //将文本提供的nginx脚本上传至/etc/init.d/目录下
【注】此脚本已经含有php-fpm的管理.直接利用此脚本即可管理所有服务.

1. # /etc/init.d/nginx stop //停止nginx服务
2. # /etc/init.d/nginx start //启动nginx服务

复制代码

2.0 验证服务环境
配置完成虚拟主机以后,编辑php.ini把disable_functions里的phpinfo去掉,仍后重启服务,利用Phpinfo函数查看环环配置。
编写phpinfo.php

1. <?php
2. phpinfo();
3. ?>

复制代码
http://ip/phpinfo.php
即可查看当前配置环境. 查看完成后出于安全考虑请再将此函数禁掉.

三、服务器简单优化
1.简单优化磁盘I/O
# vi /etc/fstab //加入notaime

1. LABEL=/data /data ext3 defaults,noatime 0 2

复制代码
#mount -oremount /data //重新挂载/data分区.

2.简单优化Linux内核参数(更多的请根据服务器状况做相关调整)
#vi/etc/sysctl.conf,新增添内容如下:

net.ipv4.tcp_max_syn_backlog = 65536

net.core.netdev_max_backlog = 32768 

net.core.somaxconn = 32768

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

#net.ipv4.tcp_tw_len = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000 

net.ipv4.tcp_max_orphans = 3276800

net.ipv4.ip_local_port_range = 1024 65535

 

使配置立即生效,命令如下:

1. #sysctl –p

将相关软件都配置成自启动模式

我们将一些内容添加进/etc/rc.local文件中,如下所示:

ulimit-SHn 65535 
/usr/local/php-fcgi/sbin/php-fpm start 
/usr/local/nginx/sbin/nginx 

/usr/local/mysql/bin/mysqld_safe 

六、常见错误(疑问)解答 [守住每一天] 补充:
1、eaccelerator 与xcache 差在那?
当缓存的PHP二进制文件太多,以至于超过shm_size后,eAccelerator在性能方面要高于Xcache
2、按文档安装完成了结果出502Bad Gateway ?
请查看http://www.linuxtone.org 相关版块
3、nginxstatus 解释
active connections — 对后端发起的活动连接数
server accepts handled requests — nginx 总共处理了555-55553 个连接, 成功创建555-55553 次握手
(证明中间没有失败的), 总共处理了555-5555 个请求
reading — nginx 读取到客户端的Header信息数
writing — nginx 返回给客户端的Header信息数
waiting — 开启 keep-alive 的情况下,这个值等于 active – (reading +writing),意思就是Nginx已经处理完成,
正在等候下一次请求指令的驻留连接。在访问效率高,请求很快被处理完毕的情况下,Waiting数比较多是正常的。
如果reading + writing数较多,则说明并发访问量非常大,正在处理过程中。

4、EA 或xcache和zend 能一起使用?
可以
5、按脚本执行sed -i -e ‘s/^LANG=.*/LANG=”en”/’ /etc/sysconfig/i18n 后。
可能会遇到如下错误:

perl: warning: Please checkthat your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG =”en_US.UTF-8:en_US:en_US.ISO-8859-1″
are supported and installed on your system.
perl: warning: Falling back to the standard locale (“C”).
解决办法:
LC_ALL=C;exportLC_ALL ; LC_CTYPE=C ; export LC_CTYPE;