Shulou(Shulou.com)06/01 Report--

Lab requirements:

LNMP implements multiple virtual hosts, deploys wordpress and phpmyadmin, and provides https for phpmyadmin

Experimental environment:

LNMP CentOS 7.2x86_64 IP:172.16.251.138

Test side CentOS 6.7x86_64 IP:172.16.251.164

Software package:

Initial-setup-ks.cfg

Mariadb-5.5.46-linux-x86_64.tar.gz

Nginx-1.10.0.tar.gz

Php-5.4.26.tar.bz2

PhpMyAdmin-4.4.14.1-all-languages.zip

Wordpress-4.3.1-zh_CN.zip

Preparation for the experiment:

Install the development package group, support software, and resolve dependencies

[root@station138] # iptables-F

[root@station138 ~] # setenforce 0

[root@station138 ~] # yum groupinstall "Development Tools"Server Platform Development"

[root@station138 ~] # yum-y installpcre-devel openssl-devel zlib-devel

Compile and install nginx:

[root@station138 ~] # tar xfnginx-1.10.0.tar.gz

1. Create a program user:

[root@station138 nginx-1.10.0] # useradd-rnginx

two。 Enter the directory to start compilation:

[root@station138 nginx-1.10.0] # / configure--prefix=/usr/local/nginx-- sbin-path=/usr/sbin/nginx--conf-path=/etc/nginx/nginx.conf-- error-log-path=/var/log/nginx/error.log--http-log-path=/var/log/nginx/access.log-- pid-path=/var/run/nginx.pid--lock-path=/var/run/nginx.lock-- user=nginx-- group=nginx-- with- Http_ssl_module-with-http_v2_module--with-http_dav_module-with-http_stub_status_module-with-threads--with-file-aio

[root@station138 nginx-1.10.0] # make&& make install

3. Check the configuration file:

[root@station138 nginx-1.10.0] # nginx- t

Nginx: the configuration file / etc/nginx/nginx.conf syntax is ok

Nginx: configuration file / etc/nginx/nginx.conf test is successful

4. Start the service:

[root@station138 nginx-1.10.0] # nginx

[root@station138 nginx-1.10.0] # netstat-anpt | grep nginx

Tcp 0 0 0.0.0 0 master 80 0.0.0 0. 0. 0 master

5. Create a virtual host:

[root@station138 ~] # mkdir-pv / var/www/v {1jue 2}

[root@station138 ~] # echo "web1" > > / var/www/v1/index.html

[root@station138 ~] # echo "web2" > > / var/www/v2/index.html

[root@station138 ~] # vim/etc/nginx/nginx.conf

Server {

Listen 80

Server_name www.a.com

Location / {

Root / var/www/v1

Index index.php index.htmlindex.htm

}

}

Server {

Listen 80

Server_name www.b.com

Location / {

Root / var/www/v2

Index index.php index.html index.htm

}

}

[root@station138] # nginx-s reload

6. Client test:

Binary installation mariadb:

1. Establish mysql system users

[root@station138~] # useradd-r-M mysql

two。 Set up a directory for data storage

[root@station138~] # mkdir-p / testdir/mydata

[root@station138~] # chown-R mysql.mysql / testdir/mydata

3. Extract the mariadb installation package

[root@station138] # tar xf mariadb-5.5.46-linux-x86_64.tar.gz-C / usr/local

[root@station138~] # ln-sv / usr/local/mariadb-5.5.46-linux-x86_64/ mysql

[root@station138~] # chown-R root.mysql / usr/local/mysql/*

4. Use the scripts script file mysql_install_db file to install the database

[root@station138mysql] # scripts/mysql_install_db-user=mysql-datadir=/testdir/mydata

5. Provide configuration fil

[root@station138mysql] # cp support-files/my-large.cnf / etc/my.cnf

[root@station138mysql] # vim / etc/my.cnf

Datadir=/testdir/mydata / / indicates the data storage path of mysql

Innodb_file_per_table = ON / / become a separate tablespace

Skip_name_resolve = ON / / Skip name resolution

6. Provide mysql service startup script

[root@station138 support-files] # cp mysql.server / etc/rc.d/init.d/mysqld

[root@station138 support-files] # chkconfig-- add mysqld

7. Add environment variabl

[root@station138 ~] # vim / etc/profile.d/mysql.sh

Export PATH=/usr/local/mysql/bin:$PATH

[root@station138 ~] # source / etc/profile.d/mysql.sh

8. Export header file, export library file:

[root@station138] # ln-s / usr/local/include/ / usr/include/mysql

[root@station138 ~] # vim / etc/ld.so.conf.d/mysql.conf

9. Start the service

[root@station138 ~] # systemctl start mysqld

[root@station138 ~] # ss-tnl

LISTEN 0 50 *: 3306 *: *

Install PHP with source code:

1. Install support software to resolve dependencies:

[root@station138 ~] # yum-y install bzip2-devel libmcrypt-devel libxml2-devel openssl-devel

two。 Compile php

[root@station138 ~] # tar xf php-5.4.26.tar.bz2 [root@station138 ~] # cd php-5.4.26/ [root@station138 php-5.4.26] #. / configure\

-prefix=/usr/local/php-with-openssl-with-mysql=mysqlnd

-- with-pdo-mysql=mysqlnd-- with-mysql=mysqlnd-- enable-mbstring-- with-freetype-dir-- with-jpeg-dir-- with-png-dir-- with-zlib--with-libxml-dir=/usr-- enable-xml-- enable-sockets-- enable-fpm-- with-mcrypt--with-config-file-path=/etc-- with-config-file-scan-dir=/etc/php.d-- with-bz2

[root@station138 php-5.4.26] # make & & make install

3.php provides configuration files

[root@station138 php-5.4.26] # cp php.ini-production / etc/php.ini

4. Provide php-fpm script

[root@station138 php-5.4.26] # cp sapi/fpm/init.d.php-fpm / etc/rc.d/init.d/php-fpm [root@station138 php-5.4.26] # chmod + x / etc/rc.d/init.d/php-fpm [root@station138 php-5.4.26] # chkconfig-- add php-fpm

5. Provide php-fpm profile

[root@station138 php-5.4.26] # cd / usr/local/php [root@station138 php-5.4.26] # cp etc/php-fpm.conf.default etc/php-fpm.conf

6. Start the service

[root@station138 php-5.4.26] # systemctl start php-fpm [root@station138 php-5.4.26] # ss-tnl State Recv-Q Send-Q Local Address:Port Peer Address:PortLISTEN 0 128 127.0.1 root@station138 php-5.4.26 9000 *: *

7. Configure nginx to support php resolution:

[root@station138 ~] # vim/etc/nginx/nginx.conf

Server {

Listen 80

Server_name www.a.com

Location / {

Root / var/www/v1

Index index.php index.html index.htm

}

Error_page 500 502 503 504 / 50x.html

Location = / 50x.html {

Root html

}

Location ~\ .php$ {

Root / var/www/v1

Fastcgi_pass 127.0.0.1:9000

Fastcgi_index index.php

Fastcgi_param SCRIPT_FILENAME / var/www/v1/$fastcgi_script_name

Include fastcgi_params

}

}

Server {

Listen 80

Server_name www.b.com

Location / {

Root / var/www/v2

Index index.php index.html index.htm

}

Location ~\ .php$ {

Root / var/www/v2

Fastcgi_pass 127.0.0.1:9000

Fastcgi_index index.php

Fastcgi_param SCRIPT_FILENAME / var/www/v2/$fastcgi_script_name

Include fastcgi_params

}

}

[root@station138] # nginx-s reload

8. Client test php:

9. Create a database and authorize users

[root@station138 nginx] # mysql-uroot-p

MariaDB [(none)] > create database wpdb

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)] > grant all on wpdb.* to 'wpuser'@'172.16.%.%' identified by' wp123'

Query OK, 0 rows affected (0.14 sec)

MariaDB [(none)] > create database pma

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)] > grant all on pma.* to 'pmauser'@'172.16.%.%' identified by' pma123'

Query OK, 0 rows affected (0.00 sec)

10. Test mysql-php:

[root@station138 ssl] # cat / var/www/v1/index.php

Web1

Deploy applications:

1. Deploy wordpress:

[root@station138 ~] # unzip wordpress-4.3.1-zh_CN.zip

[root@station138 ~] # mv wordpress / var/www/v1/

[root@station138 wordpress] # mv wp-config-sample.php wp-config.php

[root@station138 wordpress] # vim wp-config.php / * * name of WordPress database * / define ('DB_NAME',' wpdb'); / * * MySQL database user name * / define ('DB_USER',' wpuser'); / * * MySQL database password * / define ('DB_PASSWORD',' wp123'); / * MySQL host * / define ('DB_HOST',' 172.16.251.138')

two。 Deploy phpMyAdmin:

[root@station138 ~] # unzip phpMyAdmin-4.4.14.1-all-languages.zip [root@station138 ~] # mv phpMyAdmin-4.4.14.1-all-languages/ var/www/v2 [root@station138 v2] # ln-sv phpMyAdmin-4.4.14.1-all-languages/ pma [root@station138 v2] # vim phpmyadmin/libraries/config.default.php$cfg ['blowfish_secret'] =' tSQRO02T+grA6rvJHCXr';$cfg ['Servers'] [$] [' host'] = '172.16.251.138' $cfg ['Servers'] [$I] [' user'] = 'pmauser';$cfg [' Servers'] [$I] ['password'] =' pma123']

3. Client test application:

Provide https for phpmyadmin:

1. Generate the private key:

[root@station138 CA] # (umask 077; opensslgenrsa-out private/cakey.pem 2048)

two。 Generate self-signed certificate:

[root@station138 CA] # openssl req-new-x509-key private/cakey.pem-out cacert.pem

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: bj

Locality Name (eg, city) [Default City]: bj

Organization Name (eg, company) [DefaultCompany Ltd]: yw

Organizational Unit Name (eg, section) []: Ops

Common Name (eg, your name or your server'shostname) []: www.b.com

Email Address []: admin@b.com

3. Provide auxiliary files

[root@station138 CA] # touch index.txt

[root@station138 CA] # echo 01 > serial

4. Generate the private key:

[root@station138 ssl] # (umask 077; openssl genrsa-out nginx.key1024)

5. Generate a certificate request:

[root@station138 ssl] # openssl req-new-key nginx.key-outnginx.csr

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: bj

Locality Name (eg, city) [Default City]: bj

Organization Name (eg, company) [DefaultCompany Ltd]: yw

Organizational Unit Name (eg, section) []: Ops

Common Name (eg, your name or your server'shostname) []: www.b.com

Email Address []: admin@b.com

Please enter the following 'extra'attributes

To be sent with your certificate request

A challenge password []:

An optional company name []:

6. Issue the certificate:

[root@station138 ssl] # openssl ca-in / testdir/nginx.csr-out/etc/pki/CA/certs/nginx.crt

[root@station138 ssl] # cp/etc/pki/CA/certs/nginx.crt / etc/nginx/ssl/

7. Modify the nginx configuration file to add support for ssl:

[root@station138 ~] # vim / etc/nginx/nginx.conf

Server {

Listen 443 ssl

Server_name localhost

Ssl_certificate / etc/nginx/ssl/nginx.crt

Ssl_certificate_key / etc/nginx/ssl/nginx.key

Ssl_session_cache shared:SSL:1m

Ssl_session_timeout 5m

Ssl_ciphers HIGH:!aNULL:!MD5

Ssl_prefer_server_ciphers on

Location / {

Root html

Index index.php index.html index.htm

}

}

8. Test https:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.