CentOS Build LNMP Environment

Source: Internet
Author: User
Tags fpm geoip gettext gopher mysql version openssl zend git clone
1, first do the preparatory work: ①, the basic components required to install the LNMP environment:
Yum-y Install yum-fastestmirror yum-y install glibc-static libstdc++-static glibc-devel geoip geoip-devel sqlite-devel y Um-y Install patch make Flex Bison tar pcre pcre-devel screen vsftpd ftp mailx jwhois postfix cronie yum-y Install OL libtool-libs kernel-devel autoconf yum-y install libjpeg libjpeg-devel libpng libpng-devel yum-y Install Libtiff libt Iff-devel gettext gettext-devel yum-y install freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel yum-y instal L file glib2 glib2-devel bzip2 openldap-devel yum-y install bzip2-devel ncurses ncurses-devel Curl curl-devel e2fsprogs y  Um-y Install e2fsprogs-devel krb5-devel libidn libidn-devel yum-y install OpenSSL openssl-devel vim-minimal unzip yum-y Install libevent mcrypt mash libssh2 libssh2-devel libmetalink libmetalink-devel nghttp2 yum-y install GD recode recode- Devel libatomic_ops-devel yum-y Install libxpm libxpm-devel GMP gmp-devel gd-devel yum-y Update Export PHP_AUTOCONF=/USR /bin/autoconf Export PHP_autoheader=/usr/bin/autoheader 
②, CentOS set the firewall changed from iptables to Firewall,firewall use method:
#安装firewalld
yum-y Install firewalld
#开启firewalld
systemctl start firewalld
#开机启动firewalld
Systemctl Enable Firewalld
#关闭firewalld
systemctl stop firewalld
#取消开机启动firewalld
systemctl Disable Firewalld
#为public域开放tcp协议的8080端口
firewall-cmd--zone=public--add-port=8080/tcp--permanent
# Add an HTTP service to the public domain
firewall-cmd--zone=public--add-service=http--permanent
#重启firewall服务
Firewall-cmd--reload
2, install MySQL:

PS. The official has detailed installation instructions, details please stamp: MySQL installation method detailed ①, add MySQL Yum Repository:

Go to MySQL Yum Repository download page, page address: MySQL Yum Repository download page, according to the server version information and the required MySQL version information, download the corresponding MySQL Yum Repository, the server is CENTOS7 64-bit operating system, want to use MySQL5.7, can be used is: http://repo.mysql.com//mysql57-community-release-el7-9.noarch.rpm, the command is as follows:

CD ~ && wget http://repo.mysql.com//mysql57-community-release-el7-9.noarch.rpm
sudo yum-y localinstall mysql57-community-release-el7-9.noarch.rpm
②, install MySQL:
sudo yum-y install mysql-devel mysql-community-server
③, start MySQL:
sudo service mysqld start
④, modify root password, create User:

Ps. MySQL5.7 will create a random password at startup to view the set root password:

sudo grep ' temporary password '/var/log/mysqld.log

Find the password hint in the display result:

[Note] A temporary password is generated for root@localhost:xxxxx

: After that is the system assigned random password, according to the random password login mysql:

Mysql-uroot-pxxxxx

After you log in to MySQL, use the command line to modify the root password:

ALTER USER ' root ' @ ' localhost ' identified by ' mynewpass4! ';

When setting a password, be sure to set a strong password, if not a strong password, you will have the following prompts:

ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

Regarding the password strength judgment and the strong password rule, the official has the following explanation:

Note
MySQL ' s Validate_password plugin are installed by default.  This would require that passwords contain in least one upper case letter, one lower case letter, one digit, and one special character, and that's total password length are at least 8 characters.

For ease of use, we often create arbitrarily connected root users:

GRANT all privileges in *.* to ' root ' @ '% ' identified by ' mynewpass4! ' With GRANT OPTION;

Refresh permissions to make the command effective:

Flush privileges;

Exit MySQL:

Exit

Next, modify the system configuration, ⑤, if the system's firewall is open (or behind a hardware firewall or NAT) You must release the TCP port that MySQL uses, the default is 3306;

#为public域开放tcp协议的3306端口
firewall-cmd--zone=public--add-port=3306/tcp--permanent
#为public域添加mysql服务
firewall-cmd--zone=public--add-service=mysql--permanent
#重启firewall服务
firewall-cmd--reload
⑥, modify settings, remove the case sensitivity in MySQL:

After logging in with the root account, set the case-insensitive in/ETC/MY.CNF:

[Mysqld]
Lower_case_table_names=1

Ps.lower_case_table_names parameter detailed: 0: case-sensitive, 1: Case-insensitive ⑦, update MySQL:

Yum-y Update Mysql-community-server
⑧, boot mysql:
sudo chkconfig mysqld on
3, installation PHP7: ①, creating folders in/usr/local PHP7:
Mkdir-p/usr/local/php7
mkdir ~/php7 && cd ~/PHP7
②, download and unzip the PHP7 installation package:

To https://secure.php.net Select the PHP7 version, the current distribution is 7.1.0, find php7.1.0 download package address for download:
Domestic recommendations for the use of http://cn2.php.net/distributions/php-7.1.0.tar.gz,
Foreign suggestions to use https://secure.php.net/distributions/php-7.1.0.tar.gz,

wget https://secure.php.net/distributions/php-7.1.0.tar.gz
tar-zxvf php-7.1.0.tar.gz
cd php-7.1.0/
③, configuring compilation PHP7:

Ⅰ, when using the server I will open and use SSL, so compile and install PHP will be installed in the environment of the SSL module, because the openssl1.0.1 version will have a heart drop of blood leak, so you need to replace the OpenSSL version ①, download the openssl1.0.2 version:

CD ~ && wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
②, decompression installation package:
TAR-ZXVF openssl-1.0.2-latest.tar.gz
③, compile and install openssl-1.0.2:
CD  openssl-1.0.2j
./config shared zlib make
depend make
&& make install
④, modify the history of the OpenSSL file to set up a backup:
Mv/usr/bin/openssl/usr/bin/openssl.old
Mv/usr/include/openssl/usr/include/openssl.old
⑤, set up a soft connection to use the new OpenSSL version of the OpenSSL that you just installed is installed under/usr/local/ssl by default:
Ln-s/usr/local/ssl/bin/openssl/usr/bin/openssl
ln-s/usr/local/ssl/include/openssl/usr/include/openssl
⑥, update dynamic link library data:
echo "/usr/local/ssl/lib/" >>/etc/ld.so.conf
export ld_library_path=/usr/local/ssl/lib/
ldconfig-v

View OpenSSL versions OpenSSL version:

OpenSSL 1.0.2j  SEP 2016

Execute command to see if the OpenSSL dependent library version is 1.0.2j:

strings/usr/local/ssl/lib/libssl.so |grep OpenSSL

Ⅱ, when compiling configuration PHP needs to install MCrypt, because the copyright reason CentOS Source does not have mcrypt, so need to install manually, installation method has two:
①, the use of Third-party sources, the advantage of this approach is easy to manage, the disadvantage is unsafe:

CD ~ && wget http://www.atomicorp.com/installers/atomic
Sh./atomic

The protocol description is displayed when you install it, you need to enter Yes pass, and then go directly to the installation source and install MCrypt after successful installation:

Yum-y Install Libmcrypt  libmcrypt-devel

The directly installed version is 2.5.8
②, download source code compilation installation (recommended):

CD ~ && wget http://jaist.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
tar -ZXVF libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure--prefix=/usr/local make
&& make Install

PS. The difference between using these two methods is the--with-mcrypt path problem when compiling PHP: use yum Source to install, path is--with-mcrypt=/usr/include, compile installation with source code, path is--with-mcrypt=/ Usr/local

Ⅲ, modify the installation of the curl to enable it to support OpenSSL:
PS. If you do not support openssl,curl and cannot access HTTPS, you cannot use Curl to access HTTPS in PHP as well:
View Current Curl Version:

Curl-v

You can see the results as follows:

Curl 7.29.0 (X86_64-REDHAT-LINUX-GNU) libcurl/7.29.0 nss/3.19.1 Basic ECC zlib/1.2.7
libidn/1.28 libssh2/1.4.3 Protocols:dict file ftp FTPs Gopher HTTP HTTPS IMAP imaps LDAP ldaps POP3 pop3s rtsp SCP sftp smtp Smtps telnet tftp 
Features:asynchdns gss-negotiate IDN IPv6 largefile NTLM ntlm_wb SSL libz

It is obvious that NSS mode is visible, OpenSSL is not supported, then reinstall Curl: ①, download, extract Curl installation package:

Go to the official website to view the latest version of Curl is already 7.51.0, and support HTTP2, so it is recommended to recompile curl and to support HTTP2, in order to curl support HTTP2 we need to install NGHTTP2 (HTTP2 of the C language library), NGHTTP2 Address: Nghttp2,git warehouse: NGHTTP2 git repository, using source to install NGHTTP2:

cd ~ && git clone https://github.com/nghttp2/nghttp2.git
cd NGHTTP2
autoreconf-i
automake
Autoconf
./configure make
&& make install
②, installation CURL7.51.0:
CD ~ && wget https://curl.haxx.se/download/curl-7.51.0.tar.gz
tar-zxvf curl-7.51.0.tar.gz
CD curl-7.51.0/
./configure--prefix=/usr/local/curl--without-nss--with-ssl=/usr/local/ssl--with-nghttp2=/usr/ Local--with-gssapi--with-libmetalink--with-libssh2--enable-tls-srp--enable-sspi make
&& make install< C4/>echo '/usr/local/lib ' >/etc/ld.so.conf.d/local.conf
ldconfig
mv/usr/bin/curl/usr/bin/curl.old
ln-s/usr/local/curl/bin/curl/usr/bin/

Now looking at the Curl version curl-v, the results are as follows:

Curl 7.51.0 (X86_64-PC-LINUX-GNU) libcurl/7.51.0 openssl/1.0.2j
zlib/1.2.7 libssh2/1.4.3 Nghttp2/1.18.0-dev Protocols:dict file ftp FTPs Gopher HTTP HTTPS IMAP imaps LDAP ldaps POP3 pop3s rtsp SCP sftp SMB SMBs SMTP Smtps telnet TFTP
Features:ipv6 largefile gss-api Kerberos spnego NTLM ntlm_wb SSL libz tls-srp HTTP2 unixsockets

IV: Start compiling and installing PHP:

CD ~/php7/php-7.1.0

PS. Memory 1G below please add at the end: –disable-fileinfo,

./configure--PREFIX=/USR/LOCAL/PHP7--EXEC-PREFIX=/USR/LOCAL/PHP7--bindir=/usr/local/php7/bin--sbindir=/usr/ Local/php7/sbin--includedir=/usr/local/php7/include--libdir=/usr/local/php7/lib/php--mandir=/usr/local/php7/ Php/man--with-config-file-path=/usr/local/php7/etc--enable-rpath--enable-bcmath--enable-calendar--enable-debug --enable-exif--enable-fileinfo--enable-filter--enable-fpm--enable-ftp--enable-gd-jis-conv-- Enable-gd-native-ttf--enable-hash--enable-inline-optimization--enable-json--enable-libxml-- Enable-maintainer-zts--enable-mbregex--enable-mbstring--enable-mysqlnd--enable-opcache--enable-opcache-file-- Enable-pcntl--enable-pdo--enable-session--enable-shared--enable-shmop--enable-simplexml-- Enable-sockets--enable-sysvmsg--enable-sysvsem--enable-sysvshm--enable-wddx--enable-xml-- Enable-ctype--with-bz2--with-curl=/usr/local/curl--with-fpm-user=www--with-fpm-group=www--with-freetype-dir=/ usr/include/freetype2/fReetype--with-gd--with-gettext--with-gmp--with-iconv--with-iconv-dir=/usr--with-jpeg-dir=/usr--with-mcrypt=/ Usr/local--with-mhash--with-mysql-sock=/var/lib/mysql/mysql.sock--with-mysqli=mysqlnd--with-openssl=/usr/local  /ssl--with-pdo-mysql=mysqlnd--with-pear--with-png-dir=/usr--with-xmlrpc--with-zlib

Installation:

Make && make install make
test

After the installation is complete, refer the PHP program to/usr/bin:

Ln-s/usr/local/php7/bin/*/usr/bin/
ln-s/usr/local/php7/sbin/*/usr/sbin/

To view the version of PHP installed:

Php-v

The results appear as follows:

PHP 7.1.0 (CLI) (Built:dec  2 2016 19:07:57) (Zts DEBUG)
Copyright (c) 1997-2016 the PHP Group
Zend Engine V 3.1.0-dev, Copyright (c) 1998-2016 Zend Technologies

Now that the PHP7 has been installed, start setting up the PHP7 profile php.ini, setting php.ini:

CP Php.ini-production/usr/local/php7/etc/php.ini
ln-s/usr/local/php7/etc/php.ini/etc/php.ini
cp/usr/ local/php7/etc/php-fpm.conf.default/usr/local/php7/etc/php-fpm.conf
ln-s/usr/local/php7/etc/php-fpm
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.