Apache's Learning Notes

Tagged with: Apache learning

Web Service:
Transport Layer: Provides the process address.
Port Number:
TCP: Transmission Control Protocol, connection-oriented protocols, communication is the establishment of virtual links, after the end of the dismantling of the link.
0-65535
Udp:user Datagram Protocol, no connection protocol.
0-65535
Iana:
0-1023: Permanently assigned to the fixed app use.
1024-41951: Also for the registration port, but the requirement is not too strict, assign to the program to register for an application to use.
41952+: The port that the client uses randomly. (Dynamic port or private port)
Its scope definition:/proc/sys/net/ipv4/ip_local_port_range
The client and server-side communication is using a pair of sockets.

Socket (SOCKET):
An implementation of IPC that allows communication, data exchange between different processes located on different hosts (even the same host), Socket API, which appeared around 1983, was first implemented on 4.2 BSD systems.
Type:
SOCK_SIREAM:TCP socket
SOCK_DGRAM:UDP socket
Sock_ram: Bare Socket
IPv4 Address Private Address:
10.0.0.0/8
172.16.0.0/16-172.31.0.0/16
192.168.0.0/24-192.168.255.0/24

 通信过程中两方主机内核中都会有发送缓冲和接收缓冲,客户端的接收缓冲对应服务器端的发送缓冲.

Features of the TCP protocol:
Request connection, three-time handshake
Package data into segments, checksum (CRC-32)
Confirm, retransmit, and timeout
Sort, logical Sequence number
Flow control: Sliding window algorithm
Congestion control: Slow start and congestion avoidance algorithms

Socket Domain (varies by address used)
Af_inet:address Family:ipv4.
Af_inet6:ipv6.
Af_unix: used when communicating with different processes on the same host.
Each type of socket provides at least two sockets: a stream. A datagram.
Flow: Reliable delivery, connection-oriented, no boundaries.
Datagram: Unreliable delivery, with borders.

Socket-related system calls:
Socket (): Creates a socket.
Bind (): Bind.
Listen (): Monitor.
Accept (): Receives the request.
Connect (): request connection established.
Write (): Send data.
Read (): Receive data.
Send (), recv (), SendTo (), Recvfrom ().

http: Hypertext Transfer Protocol (Hyper Text Transfer Protocol).
HTML: Programming language, hyper-text markup language.

Mime:multipurpose Internet Mail Extesion

Working mechanism:
HTTP request
HTTP response
HTTP resource: Web resource
static files:. Jpg,.html,.gif,.txt,.js,.css,.avi
Dynamic files:. php,.jsp.

  媒体:    媒体类型(MIME类型):major/minor        text/html        text/planin        image/jpeg        image/gif

Uri:uniform Resource Identifier
URL (Uniform Resource Locator): A location used to describe a particular resource on a server.
Scheme://server:port/path/to/resource
URN (Uniform Resource naming)

HTTP protocol version:
http/0.9: Prototype version, simple function.
http/1.0: The first widely used version, which supports MIME.
http/1.1: Enhanced caching capabilities.
SPDY: A protocol developed by Google that shortens load times by compressing, multiplexing, and prioritizing.
http/2.0:

A complete HTTP request process:
(1) Establishing or processing a connection: receiving a request or rejecting a request.
(2) Receiving the request:
The process of receiving a request for a resource from a network request message.
Concurrent access response Model (Web I/O):
Single-process I/O structure: Initiates a process that processes user requests, and processes only one, multiple-request serial responses at a time.
Multi-process I/O Fabric: Starts multiple threads, each of which responds to a request.
Multiplexing I/O structure: a process responds to n requests.
Multithreaded model: A process generates n threads.
Event Driver: Event-driven
Multiplexed multi-process I/O Fabric: Start multiple processes altogether, each responding to n requests.
(3) Processing the request:
The request message is parsed and the requested resource and request method are obtained.
Meta Data: Request headers
<method> <URL> <VERSION>
Host:www.baidu.com the requested host name
Connection: Indicates the way this connection is
(4) Accessing or acquiring resources:
Gets the requested resource in the request message.
Web server: The server that hosts the Web resource, which provides the requestor with a static resource requested by the requester, or a dynamically-run generated resource that is placed under a path on the local file system, which is often referred to as Docroot
(5) Construct the response message.
(6) Send the response message.
(7) record the log.

HTTP Server program:
HTTPD (Apache)
Nginx
Lighttpd

  应用程序服务器:    IIS    tomcat,jetty,jboss,resin    webshpere,weblogic,oc4j

HTTPD installation configuration and use:
Httpd:apache
A patchy Server=apache
Asf:apache Software Foundation

Features of the httpd:
Highly modular (DSO mechanism): Core + Modules
Dso:dynamic Shared Object
Mpm:multi-processing Modules (Multi-path processing module)
Prefork: A multi-process model in which each process responds to a request.
A master process is responsible for generating n child processes, which are also known as worker processes, and each child process processes a user request that, even without a user request, will pre-generate multiple idle processes, waiting for the request to arrive at any time, with a maximum of 1024.
Worker: Multithreaded model, multi-process generation, one process generating multiple threads, one thread responding to a request.
Event: Events-driven mode, one thread responds to multiple requests

Install Apache:
Installation method:
Rpm
Compile
centos6:2.2
centos7:2.4
Program Environment:
Configuration file:
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
Service script:
/etc/rc.d/init.d/httpd
Configuration file:
/etc/sysconfig/httpd
Main Program Files:
/usr/sbin/httpd
/usr/sbin/httpd.event
/usr/sbin/httpd.worker
Log file directory:
/var/log/httpd
Access.log: Access log.
Error.log: Error log.
Site Files directory:
/var/www/html
module file path;
/usr/lib64/

Common configuration:
1. Modify the listening IP and port.
Listen [IP:] Port
Omitting IP means listening to all IP on the machine; Listen can recur multiple times.
2. Persistent connection.
Persistent Connection: Connection is established, each resource gets completed and does not disconnect, but continues to wait for other requests to complete.
Any disconnection?
Quantity limit: Default 100
Time-out: Configurable
Side effects: For servers with a large number of concurrent accesses, the persistent connection feature causes some requests to be unresponsive.
Tradeoff: Use shorter persistent connection features.
The httpd-2.4 supports millisecond-level persistence time.
KeepAlive on| OFF: Whether long connections are allowed.
Maxkeepaliverequests #: Maximum number of persistent connections.
KeepAliveTimeout #: Number of seconds to wait for the next connection.
The default is/USR/SBIN/HTTPD. Its use prefork
To view a list of modules:
To view statically compiled modules:
Httpd-l: viewing statically compiled modules
View modules for static compilation and dynamic loading.
Httpd-m

Replace the HTTPD program used:
Open a row about a worker in/etc/sysconfig/httpd

Options for Mpm_profork:
<ifmodule prefork.c>
Startservers 8: The number of processes started at startup, that is, the child processes of several master processes.
Minspareservers 5: Minimum number of idle processes.
Maxspareservers 20: Maximum number of idle processes.
Serverlimit 256: The number of server processes that can be prepared for maxclients.
MaxClients 256: Maximum number of requests that allow simultaneous connections.
Maxrequestsperchild 4000: The maximum number of requests a server process can request, equivalent to the life cycle.
</IfModule>
Options for Mpm_worker:
<ifmodule worker.c>
Startservers 4: The process that is started when the server starts.
MaxClients 300: The maximum number of threads started on the server side.
Minsparethreads 25: Minimum number of idle threads.
Maxsparethreads 75: Maximum number of idle threads.
Threadsperchild 25: The number of threads each process can start.
Maxrequestsperchild 0: The number of requests per thread that can be received.
</IfModule>

Pv,uv
Pv:page View: Page traffic.
Uv:user View: Number of user visits.
Independent IP Volume

DSO (Dynamic shared object)
Configuration Directives Implement module loading
LoadModule <mod_name> <mod_path>

模块路径可使用相对地址  相对于ServerRoot执行的路径而言的.

Define ' Main ' server.
DocumentRoot
Document PATH Mapping:
The path that DocumentRoot points to is the starting position of the URL path.
DocumentRoot "/var/www/html"
Index.html-->http://host:port/index.html

Site access Control
Access control for those resources can be directed based on two types of paths
File system path
<direcotry "" ></Direcotry>
<file "" ></File>
<filematch "" ></FileMatch>
URL path
<location "" ></Location>

访问控制机制   基于来源地址   基于用户账号密码

Access control based on source address in 7.Directory
(1) Options
All available features: Indexes includes followsymlinks symlinksifownermatch execcgi multiviews
Indexes: Index
FollowSymLinks: Allow tracking of symbolic link files
SymLinksIfOwnerMatch: Symbolic link of the file and the original file belongs to the same owner is allowed
EXECCGI: Allow CGI scripts to be executed
MultiViews: Performing implied file name matching
(2) Access control based on source address
Order: Check Order
Order Allow,deny
Order Deny,allow
The following is the default mechanism.
Order Allow,deny
Allow from
Deny All
Source Address:
Ip
Netadd
172.16
172.16.0.0
172.16.0.0/16
172.16.0.0/255.255.0.0

8. Define default Main Page
Directoryindexes index.html Index.html.var

9. Log Settings
Error log:
Errorlog Logs/error_log
Errorlog warn
Debug,info,notice,warn,erro,crit,alert,emerg

Access log
Customlog Logs/access_log combined

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined    LogFormat "%h %l %u %t \"%r\" %>s %b" common    LogFormat "%{Referer}i -> %U" referer    LogFormat "%{User-agent}i" agent      %h:客户端地址      %l:remote logname (from identd,if supplied). -表示为空      %u:remote user,登录的用户名      %t:time the request was received ,服务器收到请求的时间      %r:first line ofrequest,请求报文的首部的信息.      %>s:响应状态码      %b:响应报文的大小,单位是字节,不包括响应报文首部      %{Referer}i:请求报文当中"referer"首部的值,当前资源的访问入口,即从哪个页面中的超链接跳转而来      %{User-Agent}i:请求报文当中"User-Agent"首部的值,即发出请求的应用程序

Path aliases
DocumentRoot "/var/www/html"
Http://www.zeng.com/fang
-->/www/apache/fang
alias/url/"/path/to/somedir"

  Alias /bbs/  "/www/apache/fang"

Set the default encoding format
Adddefaultcharset UTF-8
gbk,gb2312,gb18030

User-based access control
Certification Challenge
Www-authenicate: The response code is 401, rejecting the client request and stating that the customer is required to provide the account number and password.
Certification:
Authorization: Client mail fill in the account and password to send the request message again, authentication through, the server sends the response of the resource
Authentication type:
Basic: Clear Text
Digest: Message Digest

  Security Domain: A path that requires user authentication to be accessed should be identified by name and used to inform the user of the reason for authentication where the user's account and password are stored: text file SQL database LDAP NIS Basic certification: (1) Define Security Domain <directory "" > Options none allowoverride none Aut  Htype Basic authname "STRING" AuthUserFile "/path/to/httpd_user_passwd_file" Require USER            UserName1 username2 ... AuthGroupFile "/path/to/httpd_group_passwd_file" <Directory> allow all users in the account file to log in to access Re                 Quire Valid-user You need to define user and group files when using groups to log on. Group files: Each row defines a group group_name:user1 user2 User3 (2) provides account and password storage htpasswd commands for Management htpasswd [ Options] Passwdfile username-c: Automatically create passwdfile, use-m:md5 Encrypt user password-S:SHA1 encryption only the first time you add a user              User Password-D: Delete specified user example: <directory "/var/www/fang" > Options Indexes AllowOverride None AuthType Basic authname "Fang" AuthUserFile "/etc/httpd/conf/.htpasswd" Require valid-user AuthGroupFile "/etc/httpd/conf/.htgroup" </Directory>

Virtual Host
Three implementation scenarios:
IP based:
Prepare at least one IP address for each virtual host
Based on host name:
Prepare a host name for each virtual host
Port-based:
Prepare at least one dedicated port for each virtual host, rarely used in practice
Note: The hub host does not work with the virtual host
Method: Comment DocumentRoot

Each virtual host has a dedicated configuration:
<virtualhost "Ip:port" >
ServerName
DocumentRoot ""
</VirtualHost>
Serveralias: Aliases for Virtual hosts
Errorlog: Error Log
Accesslog: Access Log
<directory "" >
</Directory>
Example 1: IP-based virtual host
<virtualhost 192.168.137.143:80>
ServerName web1.zeng.com
DocumentRoot "/vhost/web1/htdocs"
</VirtualHost>

<VirtualHost 192.168.137.129:80>     ServerName web2.zeng.com     DocumentRoot "/vhost/web2/htdocs"</VirtualHost>

Built-in Status page
<Location/server-status>
SetHandler Server-status
Order Deny,allow
Deny from all
Allow from. example.com
</Location>
Meaning expressed in the interface:
"_" waits for the connection, "S" to Start, "R" to read the request,
"W" sends a reply, "K" Keepalive (Read), "D" DNS lookup,
"C" Closes the connection, "L" record, "G" successfully completed,
"I" leisure workers, "." Open a slot with no current process
If you want to display more detailed information, you can open extendedstatus on this option.

Apache's Learning Notes