Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

CentOS 7, apm+xcache, rpm package, php module

2025-04-07 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Share

Shulou(Shulou.com)06/01 Report--

Lab requirements:

1. CentOS 7, apm+xcache, rpm package, php module

A) one virtual host provides phpMyAdmin and the other virtual host provides wordpress

B) provide https services for phpMyAdmim

Experimental environment:

Linux server operating system version: CentOS Linux release 7.2.1511 (Core) IP:172.16.252.113

WIN7 system client: IP:172.16.250.100

Experimental premise:

1) turn off the firewall and SELinux

~] # service iptables stop

~] # setenforce 0

The process of the experiment:

First, install amp environment

1.yum package installation amp

~] # yum install httpd php php-mysql mariadb

1) check whether the package has been installed successfully

~] # rpm-qa httpd php php-mysql mysql-server

2) start the service

~] # systemctl start httpd

~] # systemctl start mariadb

3) check whether the service starts normally

~] # ss-nlt

~] # ps aux | grep httpd

~] # ps aux | grep myslq

4) set the boot to start automatically

~] # systemctl enable httpd

~] # systemctl enable mariadb

5) check whether it is set to boot

~] # systemctl is-enabled httpd

~] # systemctl is-enabled mariadb

two。 One virtual host provides phpMyAdmin and the other virtual host provides wordpress

Second, configure virtual host

1) vhosts www1

ServerName www1.magedu.com

DocumentRoot / data/vhosts/www1

ErrorLog logs/www1-error_log

CustomLog logs/www1-access_log combiend

Options None

AllowOverride None

Require all granted

2) vhosts www2

ServerName www2.magedu.com

DocumentRoot / data/vhosts/www2

ErrorLog logs/www2-error_log

CustomLog logs/www2-access_log combiend

Options None

AllowOverride None

Require all granted

2. Deploy wordpress environment:

1) create a site directory

~] # mkdir / data/vhosts/www1

2) decompress the wordpress package

Tools] # unzip wordpress-4.3.1-zh_CN.zip

3) copy to the site directory www1

# cp wordpress / data/vhosts/www1

4) Log in to the database

~] # mysql-uroot-p

5) create a database for bolg named: wordpress

MariaDB [(none)] > CREATE DATABASE wordpress

6) check whether the database is created successfully

MariaDB [(none)] > SHOW DATABASES

+-+

| | Database |

+-+

| | information_schema |

| | mysql |

| | performance_schema |

| | wordpress |

+-+

4 rows in set (0.00 sec)

7) authorized users

MariaDB [(none)] > GRANT ALL ON wordpress.* TO ly@'localhost' IDENTIFIED BY 'liyang'

Query OK, 0 rows affected (0.03 sec)

MariaDB [(none)] > GRANT ALL ON wordpress.* TO ly@'127.0.0.1' IDENTIFIED BY 'liyang'

Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)] > GRANT ALL ON wordpress.* TO ly@'172.16.%.%' IDENTIFIED BY 'liyang'

Query OK, 0 rows affected (0.00 sec)

8) rename wordpress configuration file to wp-config.php

] # cp wp-config-sample.php wp-config.php

9) modify wp-config.php file to connect to the database

~] # sed-n'22 Magi 38p'/ data/vhosts/www1/wordpress/wp-config.php

/ * * name of WordPress database * /

Define ('DB_NAME',' wordpress')

/ * * MySQL database user name * /

Define ('DB_USER',' ly')

/ * * MySQL database password * /

Define ('DB_PASSWORD',' liyang')

/ * * MySQL host * /

Define ('DB_HOST',' 172.16.252.113')

/ * default text encoding when creating a datasheet * /

Define ('DB_CHARSET',' utf8')

/ * * Database collation type. If you are not sure, do not change * /

Define ('DB_COLLATE',')

III. Testing

1) add domain name resolution on the server side

] # echo "172.16.252.113 www1.magedu.com" > > / etc/hosts

2) add to the hosts file in PC

172.16.252.113 www1.magedu.com

3) whether httpd-- > php can be accessed

Www1] # cat admin.php

4) whether httpd-- > php--mariadb can be accessed

5) in the browser, install http://www2.magedu.com/wordpress/index.php as prompted

6) check whether the database generates data

~] # mysql-uly-p

MariaDB [(none)] > show databases

MariaDB [(none)] > use wordpress

MariaDB [wordpress] > show tables

+-- +

| | Tables_in_wordpress |

+-- +

| | wp_commentmeta |

| | wp_comments |

| | wp_links |

| | wp_options |

| | wp_postmeta |

| | wp_posts |

| | wp_term_relationships |

| | wp_term_taxonomy |

| | wp_terms |

| | wp_usermeta |

| | wp_users |

+-- +

11 rows in set (0.00 sec)

4. Deploy the phpMyAdmin environment:

1) create a site directory

~] # mkdir / data/vhosts/www2

2) decompress the phpMyAdmin package

Tools] # unzip phpMyAdmin-4.4.14.1-all-languages.zip

3) copy to the site directory www2

~] # cp-r phpMyAdmin-4.4.14.1-all-languages / data/vhosts/www1

4) configure phpMyAdmin software

Www1] # ln-sv phpMyAdmin-4.4.14.1-all-languages/ phpMyAdmin

~] # cp config.sample.inc.php config.inc.php

5) generate random numbers

~] # openssl rand-hex 8

640b56f72820ace8

6 modify the configuration file config.inc.php

] # vim config.inc.php

$cfg ['blowfish_secret'] =' 640b56f72820ace8'

7) Test in the browser and enter the database name and password according to the prompts (the host account and password are users in authorized wordpress)

Test in PC browser: http://www1.magedu.com/phpMyAdmin-4.4.14.1-all-languages/ is accessed through port 80

8) access Tip: no extension, installation of php-mbstring can solve the problem.

~] # yum install php-mbstring

3. Provide https services for phpMyAdmim

Working directory: / etc/pki/CA/

First, establish a private CA

1) generate a private key

[root@localhost CA] # (umask 077; openssl genrsa-out private/cakey.pem 2048)

Generating RSA private key, 2048 bit long modulus

. +

. +

E is 65537 (0x10001)

2) generate self-signed certificate

[root@localhost CA] # openssl req-new-x509-key private/cakey.pem-out cacert.pem

You are about to be asked to enter information that will be incorporated

Into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value

If you enter'., the field will be left blank.

-

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: Beijing

Locality Name (eg, city) [Default City]: Beijing

Organization Name (eg, company) [Default Company Ltd]: liyang

Organizational Unit Name (eg, section) []: 0ps

Common Name (eg, your name or your server's hostname) []: www2.magedu.com

Email Address []: admin@magedu.com

3) provide supporting documents

[root@localhost CA] # touch index.txt

[root@localhost CA] # echo 01 > serial

[root@localhost CA] # tree

.

├── cacert.pem

├── certs

├── crl

├── index.txt

├── index.txt.attr

├── index.txt.old

├── newcerts

├── private

│ └── cakey.pem

├── serial

└── serial.old

II. Node applies for certificate

1) generate a private key

~] # mkdir-pv / etc/httpd/ssl

Ssl] # (umask 077; openssl genrsa-out httpd.key 1024)

2) generate a certificate signing request:

Ssl] # openssl req-new-key httpd.key-out httpd.csr

You are about to be asked to enter information that will be incorporated

Into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value

If you enter'., the field will be left blank.

-

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: Beijing

Locality Name (eg, city) [Default City]: Beijing

Organization Name (eg, company) [Default Company Ltd]: liyang

Organizational Unit Name (eg, section) []: 0ps

Common Name (eg, your name or your server's hostname) []: www1.magedu.com

Email Address []: admin@magedu.com

Please enter the following 'extra' attributes

To be sent with your certificate request

A challenge password []:

An optional company name []:

Ssl] # cp httpd.csr / tmp/

III. Certificates issued by CA

1) sign the certificate

~] # openssl ca-in / tmp/httpd.csr-out / etc/pki/CA/certs/httpd.crt

Using configuration from / etc/pki/tls/openssl.cnf

Check that the request matches the signature

Signature ok

Certificate Details:

Serial Number: 1 (0x1)

Validity

Not Before: Jul 16 07:41:43 2016 GMT

Not After: Jul 16 07:41:43 2017 GMT

Subject:

CountryName = CN

StateOrProvinceName = Beijing

OrganizationName = liyang

OrganizationalUnitName = 0ps

CommonName = www2.magedu.com

EmailAddress = admin@magedu.com

X509v3 extensions:

X509v3 Basic Constraints:

CA:FALSE

Netscape Comment:

OpenSSL Generated Certificate

X509v3 Subject Key Identifier:

70:95:31:1F:E3:15:D0:EE:D1:8F:2E:DA:8C:64:95:F6:EA:80:8F:2D

X509v3 Authority Key Identifier:

Keyid:79:B8:17:4E:7D:74:2D:CD:16:63:20:1D:D1:9F:AA:D1:5F:49:09:CA

Certificate is to be certified until Jul 16 07:41:43 2017 GMT (days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

2) return the signed certificate to the requestor.

~] # cp / etc/pki/CA/certs/httpd.crt / etc/httpd/ssl/

Note: the private CA and the node application certificate are completed on the same machine.

Configure httpd to support the use of ssl and the certificates used

1) yum installs mod_ssl module

~] # httpd-M | grep ssl

~] # yum install mod_ssl-y

~] # rpm-ql mod_ssl

2) configure virtual host ssh.conf

~] # vim / etc/httpd/conf.d/ss.conf

DocumentRoot "/ data/vhosts/www2"

ServerName www1.magedu.com:443

SSLCertificateFile / etc/httpd/ssl/httpd.crt

SSLCertificateKeyFile / etc/httpd/ssl/httpd.key

SSLOptions + StdEnvVars

AllowOverride None

Require all granted

5. Test results:

1) Test in PC browser: https://www1.magedu.com/phpMyAdmin-4.4.14.1-all-languages/ is accessed through port 443

4. Stress test:

1. Normal test

1) Test concurrency

~] # ab-c 10-n 1000 www2.magedu.com/wordpress/index.php

Server Software: Apache/2.4.6

Server Hostname: www2.magedu.com

Server Port: 80

Document Path: / wordpress/index.php

Document Length: 0 bytes

Concurrency Level: 10

Time taken for tests: 79.144 seconds

Complete requests: 1000

Failed requests: 0

Write errors: 0

Non-2xx responses: 1000

Total transferred: 339000 bytes

HTML transferred: 0 bytes

Requests per second: 12.64 [# / sec] (mean)

Time per request: 791.438 [ms] (mean)

Time per request: 79.144 [ms] (mean, across all concurrent requests)

Transfer rate: 4.18 [Kbytes/sec] received

Connection Times (ms)

Min mean [+ /-sd] median max

Connect: 0 0 0.1 0 2

Processing: 240 770 736.3 669 6496

Waiting: 240 768 731.3 668 6429

Total: 240 770 736.4 669 6497

Percentage of the requests served within a certain time (ms)

50% 669

66% 718

75% 747

80% 765

90% 805

95% 878

98% 4807

99% 6494

6497 (longest request)

Second, install xcache accelerator test data for php:

1) yum install php-xcache

~] # yum install php-xcache

2) Test concurrency

~] # ab-c 10-n 1000 www2.magedu.com/wordpress/index.php

Server Software: Apache/2.4.6

Server Hostname: www2.magedu.com

Server Port: 80

Document Path: / wordpress/index.php

Document Length: 0 bytes

Concurrency Level: 10

Time taken for tests: 69.750 seconds

Complete requests: 1000

Failed requests: 0

Write errors: 0

Non-2xx responses: 1000

Total transferred: 339000 bytes

HTML transferred: 0 bytes

Requests per second: 14.34 [# / sec] (mean)

Time per request: 697.503 [ms] (mean)

Time per request: 69.750 [ms] (mean, across all concurrent requests)

Transfer rate: 4.75 [Kbytes/sec] received

Connection Times (ms)

Min mean [+ /-sd] median max

Connect: 0 0 0.1 0 2

Processing: 139 683 1093.9 631 25635

Waiting: 139 682 1093.8 629 25635

Total: 139 683 1093.9 631 25635

Percentage of the requests served within a certain time (ms)

50% 631

66% 686

75% 713

80% 734

90% 785

95% 824

98% 907

99% 1450

100% 25635 (longest request

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Database

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report