N24_jerry 第十二周作業

N24_Jerry ? ? Linux干貨

1、請描述一次完整的http請求處理過程;

簡介 一次完整的HTTP請求過程從TCP三次握手建立連接成功后開始,客戶端按照指定的格式開始向服務端發送HTTP請求,服務端接收請求后,解析HTTP請求,處理完業務邏輯,最后返回一個HTTP的響應給客戶端,HTTP的響應內容同樣有標準的格式。無論是什么客戶端或者是什么服務端,大家只要按照HTTP的協議標準來實現的話,那么它一定是通用的。

1、客戶端發起http請求階段

客戶端在與服務端TCP三次握手建立連接成功后

開始按照指定的格式開始向服務端發送HTTP請求

HTTP請求格式主要有四部分組成,分別是:請求行、請求頭、空行、消息體,每部分內容占一行,如下圖: N24_jerry 第十二周作業

下面我們來詳解一下這個來自客戶端的http請求

請求行:請求行是請求消息的第一行,由三部分組成:分別是請求方法(GET/POST/DELETE/PUT/HEAD)、請求資源的URI路徑、HTTP的版本號

請求頭:請求頭中的信息有和緩存相關的頭(Cache-Control,If-Modified-Since)、客戶端身份信息(User-Agent)等等。

消息體:請求體是客戶端發給服務端的請求數據,這部分數據并不是每個請求必須的。

2、服務端接收客戶端http請求階段

服務端接收來自于網絡上的主機請求報文中對某特定資源的一次請求的過程

3、服務端處理客戶端http請求階段

對請求報文進行解析,獲取客戶端請求的資源及請求方法等相關信息;

根據請求報文的頭信息,來確定請求合適,編碼等

4、服務端根據客戶端http請求與訪問自己本地資源

獲取請求報文中請求的資源,根據請求,從應用-》系統內核-》驅動-》資源存放媒介(硬盤、內存)獲取客戶端需要的信息

5、服務端構建http響應報文

服務器接收處理完請求后返回一個HTTP相應消息給客戶端。HTTP響應消息的格式包括:狀態行、響應頭、空行、消息體。每部分內容占一行。

N24_jerry 第十二周作業

狀態行:狀態行位于相應消息的第一行,有HTTP協議版本號,狀態碼和狀態說明三部分構成。

響應頭:響應頭是服務器傳遞給客戶端用于說明服務器的一些信息,以及將來繼續訪問該資源時的策略。

響應體:響應體是服務端返回給客戶端的HTML文本內容,或者其他格式的數據,比如:視頻流、圖片或者音頻數據。

6、服務端將http響應報文發送給客戶端

就是在已建立的tcp鏈接之上將相應報文及客戶請求的數據從應用層,傳輸層、傳輸層、鏈路層、物理層層層打包頭依次傳輸到客戶端的物理層、鏈路層、傳輸層、應用層層層解包,最后客戶端獲得自己http請求的數據。

7、記錄日志

服務端記錄http請求訪問日志

2、httpd所支持的處理模型有哪些,他們的分別使用于哪些環境。

prefork:多進程模型,每個進程響應一個請求

一個主進程:負責生成子進程及回收子進程;負責創建套接字;負責接收請求,并將其派發給某子進程進行處理;

n個子進程:每個子進程處理一個請求;

工作模型:會預先生成幾個空閑進程,隨時等待用于響應用戶請求;最大空閑和最小空閑;

worker:多進程多線程模型,每線程處理一個用戶請求

一個主進程:負責生成子進程;負責創建套接字;負責接收請求,并將其派發給某子進程進行處理;

多個子進程:每個子進程負責生成多個線程;

每個線程:負責響應用戶請求;

并發響應數量:m*n

m:子進程數量

n:每個子進程所能創建的最大線程數量;

event:事件驅動模型,多進程模型,每個進程響應多個請求

一個主進程 :負責生成子進程;負責創建套接字;負責接收請求,并將其派發給某子進程進行處理;

子進程:基于事件驅動機制直接響應多個請求;

3、源碼編譯安裝LAMP環境(基于wordpress程序),并寫出詳細的安裝、配置、測試過程。

1、安裝包的準備

肯定是下載源碼包了啊,所謂兵馬未動糧草先行,這步過于簡單,我就不寫了。

我準備的是以下幾個包: httpd-2.4.25.tar.gz 
nginx-1.10.3.tar.gz(可選項,如果喜歡用nginx) php-5.6.30.tar.gz mariadb-10.1.21.tar.gz
openssl-1.0.2k.tar.gz wordpress-4.7.3-zh_CN.tar.gz

2、更新系統組件

CentOS:yum update

Ubuntu:apt update && apt upgrade

這一步是個人喜好,不喜勿噴~~~

3、檢查原有httpd-2.2,如有請卸載

命令

rpm -qa | grep httpd

yum remove httpd*

4、安裝編譯以來組件包,保平安

yum groupinstall “Development Tools” “Server Platform Development”

yum install gcc gcc-c++ ncurses-devel perl cmake libaio pcre-devel openssl-devel bison.x8664 bison-devel.x8664 libxml2-devel.x86_64

5、修改主機名 

[root@CentOS6 opt]# hostname LAMPW
[root@CentOS6 opt]# vim /etc/sysconfig/network
[root@CentOS6 opt]# vim /etc/hosts
[root@CentOS6 opt]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=LAMPW
NETWORKING_IPV6=no
[root@CentOS6 opt]# cat /etc/hosts
127.0.0.1   LAMPW
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@CentOS6 opt]#

6、這一步完了記得重啟機器

reboot

7、編譯安裝Apache

httpd-2.4.25需要較新版本的apr和apr-util,因此需要事先對其進行升級。我這里用的是源碼包編譯安裝

(1)編譯安裝apr

[root@LAMPW opt]# tar zxf apr-1.5.2.tar.gz

[root@LAMPW opt]# cd apr-1.5.2

[root@LAMPW apr-1.5.2]# ./configure –prefix=/opt/apr

[root@LAMPW apr-1.5.2]# make && make install

(2)編譯安裝apr-util

[root@LAMPW opt]# tar zxf apr-util-1.5.4.tar.gz

[root@LAMPW opt]# cd apr-util-1.5.4

[root@LAMPW apr-util-1.5.4]# ./configure –prefix=/opt/apr-util –with-apr=/opt/apr

[root@LAMPW apr-util-1.5.4]# make && make install

(3)編譯安裝apache2.4.25

編譯參數如下: 

./configure --prefix=/opt/apache24 \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/opt/apr \ 
--with-apr-util=/opt/apr-util \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=event \
--enable-cache \
--enable-cache-disk \

(4)安裝apache2.4.25服務腳本

編輯一下內容放到/etc/init.d/下面,附上執行權限,chkconfig –add httpd & chkconfig httpd on設置為開機啟動即可,相關內容根據實際路徑編輯一下即可: 

#!/bin/bash
#chkconfig: - 88 66
#description:  this is a httpd scripts  of myself.
prog=/opt/apache24/bin/httpd
configfile=/opt/apache24/conf/httpd.conf
lockfile=/opt/apache24/lock/httpd
namearg=httpd
pidfile=/opt/apache24/httpd.pid
. /etc/init.d/functions

start() {
    if [ -e $lockfile  ];then
    echo "the program $namearg (`cat $pidfile`)is running" && exit 1
    else
        echo -n  "Starting $namearg ..." && sleep 2
        $prog -f $configfile && touch $lockfile && echo -e "\t\t\t[\033[32m ok \033[0m]" ||
        echo -e "\t\t\t[\033[32m fail \033[0m]"
    fi
}

stop (){
    if [  -e $lockfile  ];then
    echo -n  "Stopping $namearg..." && sleep 2
    killproc $namearg   &>/dev/null && rm -rf $lockfile && echo -e "\t\t\t[\033[32m ok \033[0m]"||  echo -e "\t\t\t[\033[32m fail \033[0m]"

    else
         echo  -e "Stopping $namearg ...\t\t\t[\033[31m fail\033[0m]"

    fi
}

status () {

    if [ -e $lockfile  ];then
        echo "the program $namearg (`cat $pidfile`)is running" && exit 1
    else

        echo "the program $namearg is not running"

    fi
}

case $1 in
start)
    start
    ;;
stop)
    stop
    ;;
restart)
    stop
    start
    ;;
status)
    status
    ;;
*)
    echo "Usage: $namearg [start | stop | restart | status  ] "
    ;;
esac

(5)為httpd服務的相關命令添加環境變量

vim /etc/profile,添加以下內容: 

#Set the httpd variable environment for $PATH
export httpd_HOME=/opt/apache24
export PATH=$PATH:${httpd_HOME}/bin

最后echo $PATH看看,OK啦

apache2.4到此編譯安裝完畢,httpd.conf根據實際情況自己修改一下下啦

8.編譯安裝mysql-5.6.35,mysql-5.7已棄坑

(1)環境監察,看看有沒有已安裝的mysql相關包,有的話就卸載掉

基礎了,我就不寫了

(2)安裝cmake,我喜歡用最新版,下載的是cmake version 3.8.0-rc2,源碼編譯安裝,稍微麻煩,但是可以享受其過程。 

[root@LAMPW opt]# tar zxf cmake-3.8.0.tar.gz
[root@LAMPW opt]#./bootstrap --help  #看看有什么鬼參數
[root@LAMPW opt]#./bootstrap --prefix=/usr   #我比較懶,直接一步到位,指定/usr目錄
[root@LAMPW opt]#make && make install
[root@LAMPW cmake-3.7.2]# cmake --version
cmake version 3.8.0-rc2

CMake suite maintained and supported by Kitware (kitware.com/cmake).
[root@LAMPW cmake-3.7.2]#

well done!

(3)建立MySQL程序目錄和數據存儲目錄 

[root@LAMPW /]# mkdir -pv /data/MySQL_data
mkdir: created directory `/data'
mkdir: created directory `/data/MySQL_data'
[root@LAMPW /]# mkdir -pv /opt/MySQL
mkdir: created directory `/opt/MySQL'
[root@LAMPW /]#

PS:其實這一步可以省略,在編譯參數里面制定,make install是強制執行了,沒有目錄的話會自動創建,數據存放目錄除外,親測有效。

(4)創建MySQL的系統用戶組和系統用戶 

[root@LAMPW /]# groupadd -r mysql
[root@LAMPW /]# useradd -d /data/MySQL_data/ -g mysql -M -r -s /sbin/nologin mysql
[root@LAMPW /]# id mysql
uid=498(mysql) gid=499(mysql) groups=499(mysql)

(5)開始編譯安裝mysql-5.6.35 

cmake . -DCMAKE_INSTALL_PREFIX=/opt/mysql \
-DMYSQL_DATADIR=/data/mysql_data \
-DSYSCONFDIR=/opt/mysql/etc \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_LIBWRAP=0 \
-DMYSQL_UNIX_ADDR=/opt/mysql/tmp/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_MEMORY_STORAGE_ENGINE=1 \



make -j 8 && make install

PS: 編譯前要刪除/etc/my.cnf,不然編譯會報錯。

(6)相關目錄的授權

cd /data && chown -R mysql:mysql mysql_data/

cd /opt/ && chown -R mysql:mysql mysql/

(7)初始化data存放目錄設置

cd /opt/mysql && scripts/mysqlinstalldb –user=mysql –basedir=/opt/mysql –datadir=/data/mysql_data

ls /data/mysql_data # 有數據說明初始化成功

(8)初始化完成后mysql中目錄文件的屬主應改回成root,以免被別人攻破mysql用戶密碼而帶來數據破壞等 

[root@CentOS6 ~]# cd /opt/ && chown -R root:root mysql/
[root@CentOS6 opt]# ll
total 122444
drwx------  8  501    20     4096 Aug 12  2015 boost_1_59_0
-rw-r--r--  1 root root  83709983 Mar 17 13:08 boost_1_59_0.tar.gz
drwxr-xr-x 15 root root      4096 Mar 17 13:16 cmake-3.8.0-rc2
-rw-r--r--  1 root root   7504498 Mar 17 13:08 cmake-3.8.0-rc2.tar.gz
-rw-r--r--  1 root root   1974108 Mar 17 13:08 make-4.2.tar.gz
drwxr-xr-x 13 root root      4096 Mar 17 17:30 mysql
drwxr-xr-x 35 7161 31415     4096 Mar 17 17:00 mysql-5.6.35
-rw-r--r--  1 root root  32167628 Mar 17 14:55 mysql-5.6.35.tar.gz
[root@CentOS6 opt]# ls mysql/
bin  COPYING  data  docs  include  lib  man  my.cnf  mysql-test  README  scripts  share  sql-bench  support-files
[root@CentOS6 opt]# ll mysql/
total 72
drwxr-xr-x  2 root root  4096 Mar 17 17:01 bin
-rw-r--r--  1 root root 17987 Nov 28 21:36 COPYING
drwxr-xr-x  3 root root  4096 Mar 17 17:00 data
drwxr-xr-x  2 root root  4096 Mar 17 17:00 docs
drwxr-xr-x  3 root root  4096 Mar 17 17:00 include
drwxr-xr-x  3 root root  4096 Mar 17 17:00 lib
drwxr-xr-x  4 root root  4096 Mar 17 17:00 man
-rw-r--r--  1 root root   943 Mar 17 17:30 my.cnf
drwxr-xr-x 10 root root  4096 Mar 17 17:01 mysql-test
-rw-r--r--  1 root root  2496 Nov 28 21:36 README
drwxr-xr-x  2 root root  4096 Mar 17 17:18 scripts
drwxr-xr-x 28 root root  4096 Mar 17 17:01 share
drwxr-xr-x  4 root root  4096 Mar 17 17:01 sql-bench
drwxr-xr-x  2 root root  4096 Mar 17 18:36 support-files
[root@CentOS6 opt]#

(9)mysql主配置文件

初始化后會自動在當前目錄下創建一個my.cnf配置文件,直接修改就可以(在mysql 5.6 以后配置文件自動生成,不需要我們再進行復制),但是/usr/local/mysql/support-files目錄下,有默認配置的配置文件,可以拷貝過去。這里我用默認生成的。

修改配置文件 #必須修改啊,不然下一步會報錯哦 

[root@CentOS6 /]# vim /opt/mysql/my.cnf

[mysqld]

basedir = /opt/mysql
datadir = /data/mysql_data
port = 3306

(10)為mysql提供sysv服務腳本并啟動服務 

[root@CentOS6 ~]# cp /opt/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@CentOS6 ~]#chkconfig --add mysqld
[root@CentOS6 ~]#chkconfig mysqld on
[root@CentOS6 ~]# chkconfig mysqld --list
mysqld          0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@CentOS6 ~]#

service mysqld start 記得要測試OK,其中啟動可能會報錯,例如目錄權限啊,sock 、pid 文件目錄設置等,主要看看報錯日志,跟著解決就好。

一通肆虐(測試) 

[root@CentOS6 mysql]# service mysqld 
Usage: mysqld  {start|stop|restart|reload|force-reload|status}  [ MySQL server options ]
[root@CentOS6 mysql]# service mysqld stop
Shutting down MySQL.. SUCCESS! 
[root@CentOS6 mysql]# service mysqld reload
 ERROR! MySQL PID file could not be found!
[root@CentOS6 mysql]# service mysqld start
Starting MySQL. SUCCESS! 
[root@CentOS6 mysql]# service mysqld status
 SUCCESS! MySQL running (2019)
[root@CentOS6 mysql]# service mysqld reload
 SUCCESS! Reloading service MySQL
[root@CentOS6 mysql]# service mysqld restart
Shutting down MySQL.. SUCCESS! 
Starting MySQL. SUCCESS! 
[root@CentOS6 mysql]#

嗦嘎!

(11)輸出mysql的頭文件至系統頭文件路徑/usr/include 

[root@CentOS6 mysql]# ln -sv /opt/mysql/include/ /usr/include/mysql
`/usr/include/mysql' -> `/opt/mysql/include/'
[root@CentOS6 mysql]#

(12)輸出mysql的頭文件至系統頭文件路徑/usr/include 

[root@CentOS6 mysql]# ln -sv /opt/mysql/include/ /usr/include/mysql
`/usr/include/mysql' -> `/opt/mysql/include/'
[root@CentOS6 mysql]#

(13)輸出mysql的庫文件給系統庫查找路徑 

[root@CentOS6 ~]# vim /etc/ld.so.conf.d/mysql.conf 
[root@CentOS6 ~]# ldconfig -v |grep mysql
ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-642.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg
/opt/mysql/lib:
    libmysqlclient.so.18 -> libmysqlclient_r.so.18.1.0
/usr/lib64/mysql:
    libmysqlclient.so.16 -> libmysqlclient.so.16.0.0
    libmysqlclient_r.so.16 -> libmysqlclient_r.so.16.0.0
[root@CentOS6 ~]#

(14) 修改PATH環境變量,讓系統可以直接使用mysql的相關命令 

[root@CentOS6 ~]# echo "export PATH=$PATH:/opt/mysql/bin" > /etc/profile.d/mysql.sh  #一條命令搞定,很叼
[root@CentOS6 ~]# ll /etc/profile.d/mysql.sh
-rw-r--r-- 1 root root 83 Mar 20 11:03 /etc/profile.d/mysql.sh
[root@CentOS6 ~]# cat /etc/profile.d/mysql.sh  #查看一下創建的文件內容
export PATH=/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/root/bin:/opt/mysql/bin
[root@CentOS6 ~]# source /etc/profile.d/mysql.sh  #使其即時生效
[root@CentOS6 ~]# echo $?  #命令是OK的
0
[root@CentOS6 ~]# mysql    #用tab鍵匹配一下MySQL命令 ,bingo!
mysql                       mysql_embedded
mysqlaccess                 mysql_find_rows
mysqlaccess.conf            mysql_fix_extensions
mysqladmin                  mysqlhotcopy
mysqlbinlog                 mysqlimport
mysqlbug                    mysql_plugin
mysqlcheck                  mysql_secure_installation
mysql_client_test           mysql_setpermission
mysql_client_test_embedded  mysqlshow
mysql_config                mysqlslap
mysql_config_editor         mysqltest
mysql_convert_table_format  mysqltest_embedded
mysqld                      mysql_tzinfo_to_sql
mysqld_multi                mysql_upgrade
mysqld_safe                 mysql_waitpid
mysqldump                   mysql_zap
mysqldumpslow               
[root@CentOS6 ~]#

(15) 最終測試,使用mysql命令登錄 

[root@CentOS6 lib]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.6.35 Source distribution

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show status;
+-----------------------------------------------+-------------+
| Variable_name                                 | Value       |
+-----------------------------------------------+-------------+
| Aborted_clients                               | 0           |
| Aborted_connects                              | 0           |
| Binlog_cache_disk_use                         | 0           |
| Binlog_cache_use                              | 0           |
| Binlog_stmt_cache_disk_use                    | 0           |
| Binlog_stmt_cache_use                         | 0           |
| Bytes_received                                | 219         |
| Bytes_sent                                    | 179         |
| Com_admin_commands                            | 0           |
| Com_assign_to_keycache                        | 0

9、編譯安裝php

(1)安裝依賴包保平安

yum install gd-devel libmcrypt-devel libcurl-devel openssl-devel libxml2-devel

(2)下載加壓,下面是編譯參數 

./configure --prefix=/opt/php \
--with-openssl \
--with-mysqli=/opt/mysql/bin/mysql_config \
--enable-mbstring \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml  \
--enable-sockets \
--with-apxs2=/opt/apache24/bin/apxs \
--with-mcrypt  \
--with-config-file-path=/opt/php/conf \
--with-config-file-scan-dir=/opt/php/php.d \
--with-bz2 \
--enable-maintainer-zts \
--with-mysql=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-mysqli=mysqlnd \
--with-mysql=/opt/mysql \

make -j 8
make test
make install

(3)從源碼包復制php配置文件

cp /opt/php-5.6.30/php.ini-production /opt/php/etc/

(4) 編輯apache配置文件httpd.conf,以apache支持php ,此為httpd模塊加載方式,非fastcgi模式

# vim /opt/apache24/conf/httpd.conf 1、添加如下二行 AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps

2、定位至DirectoryIndex index.html 修改為: DirectoryIndex index.php index.html

而后重新啟動httpd,或讓其重新載入配置文件即可測試php是否已經可以正常使用。

vim /opt/apache24/htdocs/index.php 測試頁面index.php示例如下: 

<?php
      $link = mysql_connect('192.168.0.248','root','123456');
      if ($link)
        echo " hahaha, Success...";
      else
        echo "Failure...";

      mysql_close();
    ?>


    <? 
            phpinfo(); 
    ?>

(5) 測試是否ok

N24_jerry 第十二周作業

安裝部署WordPress

(1)下載WordPress,并解壓到網站根目錄 

[root@lampw tools]# cp wordpress-4.7.3-zh_CN.tar.gz /opt/apache24/htdocswordpress.tar.gz
[root@lampw tools]# cd /opt/apache24/htdocs/
[root@lampw htdocs]# tar zxf wordpress.tar.gz 
[root@lampw htdocs]# cd wordpress/
[root@lampw wordpress]# ll
total 188
-rw-r--r--  1 nobody 65534   418 Sep 25  2013 index.php
-rw-r--r--  1 nobody 65534 19935 Jan  3 02:51 license.txt
-rw-r--r--  1 nobody 65534  6956 Mar  7 13:14 readme.html
-rw-r--r--  1 nobody 65534  5447 Sep 28 05:36 wp-activate.php
drwxr-xr-x  9 nobody 65534  4096 Mar  7 13:14 wp-admin
-rw-r--r--  1 nobody 65534   364 Dec 19  2015 wp-blog-header.php
-rw-r--r--  1 nobody 65534  1627 Aug 29  2016 wp-comments-post.php
-rw-r--r--  1 nobody 65534  2930 Mar  7 13:14 wp-config-sample.php
drwxr-xr-x  5 nobody 65534  4096 Mar  7 13:14 wp-content
-rw-r--r--  1 nobody 65534  3286 May 25  2015 wp-cron.php
drwxr-xr-x 18 nobody 65534 12288 Mar  7 13:14 wp-includes
-rw-r--r--  1 nobody 65534  2422 Nov 21 10:46 wp-links-opml.php
-rw-r--r--  1 nobody 65534  3301 Oct 25 11:15 wp-load.php
-rw-r--r--  1 nobody 65534 33939 Nov 21 10:46 wp-login.php
-rw-r--r--  1 nobody 65534  8048 Jan 11 13:15 wp-mail.php
-rw-r--r--  1 nobody 65534 16250 Nov 29 13:39 wp-settings.php
-rw-r--r--  1 nobody 65534 29896 Oct 19 12:47 wp-signup.php
-rw-r--r--  1 nobody 65534  4513 Oct 15 03:39 wp-trackback.php
-rw-r--r--  1 nobody 65534  3065 Sep  1  2016 xmlrpc.php

(2)創建WordPress要連接mysql的賬號 

[root@lampw wordpress]# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1419
Server version: 5.6.35 Source distribution

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> CREATE DATABASE wpdb; 
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON wpdb.* TO wpuser@'192.168.%.%' IDENTIFIED BY 'wppass';;
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql>

3)創建WordPress的配置文件

[root@WebServer wordpress]# pwd

/usr/local/apache/htdocs/wordpress

[root@WebServer wordpress]# cp wp-config-sample.php wp-config.php

4)更改 wp-config.php關于數據庫的連接相關配置

[root@WebServer wordpress]# vim wp-config.php

define(‘DB_NAME’, ‘wpdb’); # 填寫數據庫

/** MySQL數據庫用戶名 */

define(‘DB_USER’, ‘wpuser’); # 填寫數據庫賬號

/** MySQL數據庫密碼 */

define(‘DB_PASSWORD’, ‘wppass’); # 填寫密碼

/** MySQL主機 */

define(‘DB_HOST’, ‘10.10.10.4’); # 數據庫所在的主機,本機也可以填寫localhost

5)訪問測試

有圖有真相

N24_jerry 第十二周作業

4、建立httpd服務器(基于編譯的方式進行),要求:

提供兩個基于名稱的虛擬主機

前期工作

建立相應目錄,我一般都是放在/data, 

[root@lampw data]# mkdir -pv /data/web/vhost/{www1,www2}
mkdir: created directory `/data/web'
mkdir: created directory `/data/web/vhost'
mkdir: created directory `/data/web/vhost/www1'
mkdir: created directory `/data/web/vhost/www2'

vim /opt/apache24/conf/httpd.conf

AllowOverride none # Require all denied

(a)www1.stuX.com,頁面文件目錄為/web/vhosts/www1;錯誤日志為/var/log/httpd/www1.err,訪問日志為/var/log/httpd/www1.access; 

[root@lampw data]# mkdir -pv /data/web/vhost/{www1,www2}
mkdir: created directory `/data/web'
mkdir: created directory `/data/web/vhost'
mkdir: created directory `/data/web/vhost/www1'
mkdir: created directory `/data/web/vhost/www2'

vim /opt/apache24/conf/httpd.conf 

<VirtualHost 192.168.0.248:80>

        ServerName www1.stuX.com
        DocumentRoot "/data/web/vhosts/www1"
        ErrorLog /data/web/log/httpd/www1.err
        CustomLog /data/web/log/httpd/www1.access combined
        <Directory "/data/web/vhosts/www1">
                Options None
                AllowOverride None
                Require all granted
        </Directory>

        <Location "/server-status">

               SetHandler server-status 

               Options None
                AllowOverride None
                AuthType Basic
                AuthName "Adimin Realm,show something"
                AuthUserFile "/opt/apache24/conf/.htpasswd"
                Require user jerry
        </Location>
</VirtualHost>

(b)www2.stuX.com,頁面文件目錄為/web/vhosts/www2;錯誤日志為/var/log/httpd/www2.err,訪問日志為/var/log/httpd/www2.access; 

[root@lampw data]# mkdir -pv /data/web/vhost/{www1,www2}
mkdir: created directory `/data/web'
mkdir: created directory `/data/web/vhost'
mkdir: created directory `/data/web/vhost/www1'
mkdir: created directory `/data/web/vhost/www2'


[root@lampw data]# vim /opt/apache24/conf/httpd.conf

    <VirtualHost 192.168.0.248:80>
            ServerName www2.stuX.com
            DocumentRoot "/data/web/vhosts/www2"
            ErrorLog /data/web/log/httpd/www1.err
            CustomLog /data/web/log/httpd/www1.access combined
            <Directory "/data/web/vhosts/www2">
                    Options None
                    AllowOverride None
                    Require all granted
            </Directory>
    </VirtualHost>

(c)為兩個虛擬主機建立各自的主頁文件index.html,內容分別為其對應的主機名; 

[root@lampw data]# vim /data/web/vhost/www1/index.html
[root@lampw data]# vim /data/web/vhost/www2/index.html
[root@lampw data]# cat /data/web/vhost/www1/index.html
<h1>www1.stuX.com</h1>
[root@lampw data]# cat /data/web/vhost/www2/index.html
<h1>www2.stuX.com</h1>
[root@lampw data]#

(d)通過www1.stuX.com/server-status輸出httpd工作狀態相關信息,且只允許提供帳號密碼才能訪問(status:status);

[root@lampw ~]# cd /opt/apache24/bin/

[root@lampw bin]# ./htpasswd -m -c /opt/apache24/conf/.htpasswd jerry

[root@lampw data]# vim /opt/apache24/conf/httpd.conf 

<VirtualHost 192.168.0.248:80>

            ServerName www1.stuX.com
            DocumentRoot "/data/web/vhosts/www1"
            ErrorLog /data/web/log/httpd/www1.err
            CustomLog /data/web/log/httpd/www1.access combined
            <Directory "/data/web/vhosts/www1">
                    Options None
                    AllowOverride None
                    Require all granted
            </Directory>

            <Location "/server-status">

                   SetHandler server-status 

                   Options None
                    AllowOverride None
                    AuthType Basic
                    AuthName "Adimin Realm,show something"
                    AuthUserFile "/opt/apache24/conf/.htpasswd"
                    Require user jerry
            </Location>
    </VirtualHost>

5、為第4題中的第2個虛擬主機提供https服務,使得用戶可以通過https安全的訪問此web站點;

(1)要求使用證書認證,證書中要求使用的國家(CN)、州(HA)、城市(ZZ)和組織(MageEdu);

(2)設置部門為Ops,主機名為www2.stuX.com,郵件為admin@stuX.com;

生成私鑰 

[root@lampw pki]# (umask 077; openssl genrsa -out /etc/pki/ca-trust/cakey.pem 8192)
Generating RSA private key, 8192 bit long modulus
...................................................................................................................++
........................................................................................................................................................................................................................................................++
e is 65537 (0x10001)

生成自簽證書 

[root@lampw pki]# openssl req -new -x509 -key /etc/pki/ca-trust/cakey.pem -out /etc/pki/ca-trust/cacert.pem -days 3655
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN  
State or Province Name (full name) [Some-State]:HA
Locality Name (eg, city) []:ZZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MageEdu
Organizational Unit Name (eg, section) []:MageEdu
Common Name (e.g. server FQDN or YOUR name) []:www2.stuX.com
Email Address []:admin@stuX.com
[root@lampw pki]#

為CA提供所需的目錄及文件 

[root@lampw pki]# mkdir  -pv  /etc/pki/CA/{certs,crl,newcerts}
mkdir: created directory `/etc/pki/CA'
mkdir: created directory `/etc/pki/CA/certs'
mkdir: created directory `/etc/pki/CA/crl'
mkdir: created directory `/etc/pki/CA/newcerts'
[root@lampw pki]# touch  /etc/pki/CA/{serial,index.txt}
[root@lampw pki]# echo  01 > /etc/pki/CA/serial
[root@lampw pki]#

用到證書的主機生成私鑰 

[root@lampw pki]# mkdir  -pv  /etc/pki/CA/{certs,crl,newcerts}
mkdir: created directory `/etc/pki/CA'
mkdir: created directory `/etc/pki/CA/certs'
mkdir: created directory `/etc/pki/CA/crl'
mkdir: created directory `/etc/pki/CA/newcerts'
[root@lampw pki]# touch  /etc/pki/CA/{serial,index.txt}
[root@lampw pki]# echo  01 > /etc/pki/CA/serial
[root@lampw pki]#  mkdir -pv /opt/apache24/ssl
mkdir: created directory `/opt/apache24/ssl'
[root@lampw pki]# cd /opt/apache24/ssl
[root@lampw ssl]# (umask  077; openssl  genrsa -out  /opt/apache24/ssl/httpd.key 8192)
Generating RSA private key, 8192 bit long modulus
.............................................................................................................++
....................................................++
e is 65537 (0x10001)
[root@lampw ssl]#

生成證書簽署請求 

[root@lampw ssl]# openssl  req  -new  -key  /opt/apache24/ssl/httpd.key  -out /opt/apache24/ssl/httpd.csr  -days  365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:HA
Locality Name (eg, city) []:ZZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MageEdu
Organizational Unit Name (eg, section) []:MageEdu
Common Name (e.g. server FQDN or YOUR name) []:www2.stuX.com
Email Address []:admin@stuX.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

將請求通過可靠方式發送給CA主機,這次是在同一臺機器,我就略過,如果是生產環境,估計就是要發給可信的證書簽署機構

在CA主機上簽署證書 

[root@centos ssl]# openssl ca  -in  /etc/httpd/ssl/httpd.csr  -out  /etc/pki/CA/certs/httpd.crt  -days  365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Mar 22 03:49:48 2017 GMT
            Not After : Mar 22 03:49:48 2018 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HA
            organizationName          = MageEdu
            organizationalUnitName    = ops
            commonName                = www2.stuX.com
            emailAddress              = admin@stuX.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                EC:C4:48:10:BE:BD:1D:D2:48:38:17:B7:FD:0D:57:DE:51:B1:8F:64
            X509v3 Authority Key Identifier: 
                keyid:ED:42:A1:59:88:A2:45:0A:F2:64:46:A6:BA:C9:7A:5D:E3:9C:FB:AE

Certificate is to be certified until Mar 22 03:49:48 2018 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
[root@centos ssl]#

ssl]# ls /etc/pki/CA/certs/httpd.crt

/etc/pki/CA/certs/httpd.crt

ssl]# cp /etc/pki/CA/certs/httpd.crt /etc/httpd24/ssl/

ssl]# ls

httpd.crt httpd.csr httpd.key

2、修改配置文件提供ssl服務

開啟主配置文件的ssl調用,刪除www2在httpd-vhosts中的定義

Include /etc/httpd24/extra/httpd-ssl.conf

~]# vim /etc/httpd24/extra/httpd-ssl.conf

[root@localhost httpd24]# cat extra/httpd-ssl.conf | grep -v “^#”

Listen 443

SSLPassPhraseDialog builtin

<VirtualHost 192.168.150.136:443>

DocumentRoot “/web/vhost/www2”

ServerName www2.stuX.com:443

ServerAdmin you@example.com

ErrorLog “/var/log/httpd/www2.err”

TransferLog “/usr/local/apache24/logs/access_log”

SSLEngine on

SSLCertificateFile “/etc/httpd24/ssl/httpd.crt”

SSLCertificateKeyFile “/etc/httpd24/ssl/httpd.key”

<Directory “/web/vhost/www2”>

AllowOverride None 

Options None

Require all granted

主配置文件中啟用ssl模塊

~]# vim /etc/httpd24/httpd.conf

LoadModule sslmodule modules/modssl.so

重啟httpd服務后測試

httpd24]# ss -tnl | grep 443

LISTEN 0 128 :::443 :::*

6、在LAMP架構中,請分別以php編譯成httpd模塊形式和php以fpm工作為獨立守護進程的方式來支持httpd,列出詳細的過程。

php編譯成httpd模塊形式

參閱第三題第九步

php以fpm工作為獨立守護進程的方式來支持httpd

./configure –prefix=/opt/php5-fpm \ –with-mysql=mysqlnd \ –with-openssl \ –with-mysqli=mysqlnd \ –enable-mbstring \ –with-freetype-dir \ –with-jpeg-dir \ –with-png-dir \ –with-zlib \ –with-libxml-dir=/usr \ –enable-xml \ –enable-sockets \ –enable-fpm \ –with-mcrypt \ –with-config-file-path=/opt/php5-fpm/conf \ –with-config-file-scan-dir=/opt/php5-fpm/conf.d \ –with-bz2

添加了–enable-fpm選項 ,這是重點啊,各位記住。

make && make install

拷貝配置文件至/opt/php5-fpm/conf目錄

php-5.4.26]# cp php.ini-production /etc/php.ini

拷貝php-fpm配置文件,并同時取消pid選項的注釋

cp /usr/local/php5/etc/php-fpm.conf.default /usr/local/php5/etc/php-fpm.conf

php-5.4.26]# vim /usr/local/php5/etc/php-fpm.conf

pid = /usr/local/php5/var/run/php-fpm.pid

添加服務腳本

fpm]# pwd

/root/php-5.4.26/sapi/fpm

fpm]# cp init.d.php-fpm /etc/rc.d/init.d/php-fp

~]# chmod +x /etc/rc.d/init.d/php-fpm

~]# chkconfig –add php-fpm

啟動php-fpm

~]# service php-fpm start

配置httpd

~]# vim /etc/httpd24/httpd.conf

啟用這兩個模塊

LoadModule proxymodule modules/modproxy.so

LoadModule proxyfcgimodule modules/modproxyfcgi.so

添加文件類型

AddType application/x-httpd-php .php

AddType application/x-httpd-php-source .phps

添加php文件的訪問通過fpm

ProxyRequests Off

ProxyPassMatch ^/(.*.php)$ fcgi://127.0.0.1:9000/usr/local/apache24/htdocs/$1

找到 DirectoryIndex index.html

改為

DirectoryIndex index.php index.html

編輯php測試頁并開啟httpd進行測試

php-5.4.26]# cd /usr/local/apache24/htdocs/

htdocs]# vim index.php 

<h1>phpfpmtest</h1>

<?php

    phpinfo();

?>

[root@localhost htdocs]# apachectl start

AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using localhost.

localdomain. Set the ‘ServerName’ directive globally to suppress this

[root@localhost htdocs]# ss -tnl httpd 80 php-fpm 9000

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 :::80 :::*

LISTEN 0 128 :::22 :::*

LISTEN 0 128 *:22 :

LISTEN 0 100 ::1:25 :::*

LISTEN 0 100 127.0.0.1:25 :

LISTEN 0 128 127.0.0.1:6010 :

LISTEN 0 128 ::1:6010 :::*

LISTEN 0 128 127.0.0.1:6011 :

LISTEN 0 128 ::1:6011 :::*

LISTEN 0 128 127.0.0.1:9000 :

此時的Server API為FPM/FastCGI

原創文章,作者:N24_Jerry,如若轉載,請注明出處:http://www.www58058.com/71551

(0)
N24_JerryN24_Jerry
上一篇 2017-03-21
下一篇 2017-03-22

相關推薦

  • Linux軟件包管理及相關命令

    rpm命令,yum命令

    2018-03-12

  • Linux ansible 服務

                      Linux ansible 服務 Ansible:    運維工具的分類: agent:基于專用的agent程序完成管理功能,puppet, func, zabbix, … agentless:基于ss…

    系統運維 2016-11-19

  • puppet學習筆記

      一、Puppet基礎原理: Puppet是一款使用GPLV2X協議授權的開源管理配置工具,用ruby語言開發,既可以通過客戶端—服務器的方式運行,也可以獨立運行。puppet可以為系統管理員提供方便,快捷的系統自動化管理。   二、puppet工作流程 1. 客戶端 puppet-client 向 puppet-maste…

    Linux干貨 2015-11-04

  • 構建NP和NMP

    實驗一、構建NP (一)實驗布置:兩臺虛擬機充當代理服務器和后端服務器,一臺虛擬機充當客戶端。 (二)實驗目的:實現NP的搭建。 (三)實驗圖解: (四)實驗步驟: 1、  在后端服務器安裝php-fpm文件,修改PHP-FPM的配置文件,vim/etc/php-fpm.d/www.conf文件,如下: listen = 127.0.0.1:900…

    2017-05-07

  • varnish 緩存服務器配置與使用

    varnish 緩存服務器配置與使用 一、cache 1.緩存為什么會存在? 一個快的設備要想和慢的設備交互,只有一種辦法就是讓快的設備工作在慢的設備的頻段上!這樣的話就浪費了,我們可以在兩者之間加上一個加速器,這個加速器就叫做緩存! CPU要讀取一個數據時,首先從Cache中查找,如果找到就立即讀取并送給CPU處理;如果沒有找到,就用相對慢的速度從內存中讀…

    2016-11-13

  • MySQL流程函數

    MySQL流程函數 IF(value,x y) 如果value是真,返回x,否則返回y MariaDB [learn]> INSERT INTO salary(sal) VALUES (1000),(2000),(3000),(4000),(5000),(6000),(NULL); Query OK, 7 rows affected (0.06 sec…

    Linux干貨 2017-05-02

評論列表(1條)

  • 馬哥教育
    馬哥教育 2017-03-29 17:31

    非常詳細的文檔,繼續加油。

欧美性久久久久