Lab Requirements:
1, CentOS 7, NPM rpm package, php-fpm;
A) a virtual host to provide WordPress, another virtual host to provide phpmysamin;
b) Providing HTTPS services to Phpmyadmim;
Lab Environment:
Linux Server OS version: CentOS Linux release 7.2.1511 (Core) ip:172.16.252.113
WIN7 System client: ip:172.16.250.100
Experimental Prerequisites:
1) Turn off firewall and SELinux
~]# Service Iptables Stop
~]# Setenforce 0
Experimental process:
First, install the AMP environment
1.yum Package Installation NMP
# yum Install nginx php-fpm php-mysql mariadb-server-y
1) Check whether the package was successfully installed
# Rpm-qa Nginx php-fpm php-mysql mariadb-server
2) Start the service
# Nginx
# Systemctl Start mariadb
3) See if the service starts properly
# SS-NLT
# PS aux | grep nginx
# PS aux | grep MYSLQ
# PS aux | grep php-fpm
4) Set boot auto start
# Systemctl Enable httpd
# Systemctl Enable MARIADB
5) Check whether it is set to boot from start
# Systemctl is-enabled httpd
# Systemctl is-enabled mariadb
2. Configure the virtual host
1) Create the virtual host directory and configuration file/conf.d/vhosts.conf
# mkdir-pv/etc/nginx/conf.d/vhosts.conf
2) Add the following to the HTTP segment in nginx.conf
Include conf.d/*.conf; Contains a custom virtual host path
fastcgi_cache_path/var/cache/nginx/fastcgi levels=1:1 keys_zone=fcgicache:10m max_size=1g;
Define cache path, level, cache space name, disk cache maximum Cache count
3) Create a cache directory
# mkdir-pv/var/cache/nginx/fastcgi
4) Configure the virtual host/conf.d/vhosts.conf
server {
Listen 80;
server_name www.yang.com;
gzip on;
Gzip_disable Chrome;
Gzip_types text/plain text/css text/xml application/xml Application/json application/x-javascript;
Location/{
root/web/host1/wordpress;
Index index.php index.html index.htm;
}
Location ~ \.php$ {
root/web/host1/wordpress;
Fastcgi_pass 127.0.0.1:9000;
Fastcgi_index index.php;
Fastcgi_param script_filename/web/host1/wordpress/$fastcgi _script_name;
Fastcgi_cache Fcgicache;
Fastcgi_cache_key $request _uri;
Fastcgi_cache_valid 10m;
Fastcgi_cache_valid 301 302 2m;
Fastcgi_cache_valid 404m;
Include fastcgi.conf;
}
}
server {
Listen 80;
server_name web.yang.com;
Root/web/host2/phpmyadmin;
Location/{
Index index.php index.html index.html;
}
Location ~ \.php$ {
Fastcgi_pass 127.0.0.1:9000;
Fastcgi_index index.php;
Fastcgi_param script_filename/web/host2/phpmyadmin/$fastcgi _script_name;
Fastcgi_cache Fcgicache;
Fastcgi_cache_key $request _uri;
Fastcgi_cache_valid 10m;
Fastcgi_cache_valid 301 302 2m;
Fastcgi_cache_valid 404 2m;
Include fastcgi.conf;
}
}
server {
SSL on;
Listen 443 SSL;
server_name web.yang.com;
Root/web/host2/phpmyadmin;
SSL_CERTIFICATE/ETC/NGINX/SSL/NGINX.CRT;
Ssl_certificate_key/etc/nginx/ssl/nginx.key;
Ssl_session_cache shared:ssl:5m;
Ssl_session_timeout 10m;
Ssl_ciphers high:!anull:! MD5;
Ssl_prefer_server_ciphers on;
Location/{
Index index.php index.html index.htm;
}
Location ~ \.php$ {
Fastcgi_pass 127.0.0.1:9000;
Fastcgi_index index.php;
Fastcgi_param script_filename/web/host2/phpmyadmin/$fastcgi _script_name;
Fastcgi_cache Fcgicache;
Fastcgi_cache_key $request _uri;
Fastcgi_cache_valid 10m;
Fastcgi_cache_valid 301 302 2m;
Fastcgi_cache_valid 404 3m;
Include fastcgi.conf;
}
}
Second, the deployment of the WordPress environment:
1) Create a site Directory
# mkdir/web/host1/-PV
2) Unzip the WordPress package
# Unzip Wordpress-4.3.1-zh_cn.zip
3) Copy to the site Directory WWW1
# Cp-r wordpress/web/host1/
4) Modification of the site owners and genera Group
# Chown-r Nginx.nginx/web/host1/wordpress
5) Modify the www.conf under php-fpm.conf
user = Nginx
Group = Nginx
6) Log in to the database
# mysql-uroot-p
7) Create a database for Bolg named: WordPress
MariaDB [(None)]> CREATE DATABASE WordPress;
8) Check whether the database was created successfully
MariaDB [(None)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| Information_schema |
| MySQL |
| Performance_schema |
| WordPress |
+--------------------+
4 rows in Set (0.00 sec)
9) Authorized Users
MariaDB [(None)]> GRANT all on wordpress.* to [email protected] ' localhost ' identified by ' Liyang ';
Query OK, 0 rows affected (0.03 sec)
MariaDB [(None)]> GRANT all on wordpress.* to [e-mail protected] ' 172.16.%.% ' identified by ' Liyang ';
Query OK, 0 rows Affected (0.00 sec)
10) renamed WordPress config file for wp-config.php
# CP wp-config-sample.php wp-config.php
11) Modify the wp-config.php File connection database
# sed-n ' 22,38p '/web/host1/wordpress/wp-config.php
/** Name of WordPress database */
Define (' db_name ', ' WordPress ');
/** MySQL Database user name */
Define (' Db_user ', ' Liyang ');
/** MySQL Database password */
Define (' Db_password ', ' Liyang ');
/** MySQL Host */
Define (' db_host ', ' localhost ');
/** The default text encoding when creating data tables */
Define (' Db_charset ', ' UTF8 ');
/** the database collation type. If you are unsure do not change */
Define (' db_collate ', ');
Third, testing
1) Add domain name resolution on server side
# echo "172.16.66.60 www.yang.com" >>/etc/hosts
2) Add the Hosts file in the PC
172.16.66.60 www.yang.com
3) Whether httpd-->php can access
# Cat Admin.php
<?php
Phpinfo ();
?>
4) Whether httpd-->php--mariadb can access
5) In the browser, follow the prompts to install the http://www.yang.com/index.php
6) See if the database generates data
~]# mysql-uliyang-p
MariaDB [(None)]> show databases;
MariaDB [(None)]> use WordPress;
MariaDB [wordpress]> Show tables;
+-----------------------+
| tables_in_wordpress |
+-----------------------+
| Wp_commentmeta |
| wp_comments |
| Wp_links |
| wp_options |
| Wp_postmeta |
| wp_posts |
| Wp_term_relationships |
| wp_term_taxonomy |
| wp_terms |
| Wp_usermeta |
| Wp_users |
+-----------------------+
Rows in Set (0.00 sec)
Iv. deployment of the phpMyAdmin environment:
1) Create a site Directory
# Mkdir/web/host2
2) Unpack the phpMyAdmin package
# Unzip Phpmyadmin-4.4.14.1-all-languages.zip
3) Copy to the site Directory WWW2
# Cp-r phpmyadmin-4.4.14.1-all-languages/web/host2/
4) Create a soft connection phpMyAdmin
# LN-SV Phpmyadmin-4.4.14.1-all-languages/phpmyadmin
5) Modification of the site owners and genera Group
# Chown-r Nginx.nginx/web/host2/phpmyadmin
6) Modify the configuration file
# CP config.sample.inc.php config.inc.php
7) Generate random numbers
~]# OpenSSL Rand-hex 8
640b56f72820ace8
8) Modify the configuration file config.inc.php
# Vim config.inc.php
$cfg [' blowfish_secret '] = ' 640b56f72820ace8 '
7) test in the browser, according to the prompt to enter the database name and password (Host account and password is authorized WordPress users)
Test in PC Browser: http://web.yang.com/index.php access via 80 port
8) phpMyAdmin Error: The mbstring extension is missing. Please check your PHP configuration.
Workaround:
# yum Install Php-mbstring-y
9) phpMyAdmin errors: Error during session start; Please check your PHP and/or webserver log file and configure your PHP I
Workaround:
# mkdir-pv/var/lib/php/session
# Chown-r nginx.nginx/var/lib/php/session/
3. Providing HTTPS services for Phpmyadmim
Working directory:/etc/pki/ca/
First, establish a private CA
1) Generate private key
[[Email protected] ca]# (umask 077; OpenSSL genrsa-out Private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
..............................................................................+++
............+++
E is 65537 (0x10001)
2) Generate self-signed certificate
[email protected] ca]# OpenSSL req-new-x509-key private/cakey.pem-out Cacert.pem
You is about-to is asked to-enter information that'll be incorporated
into your certificate request.
What's about-to-enter is called a distinguished Name or a DN.
There is quite a few fields but can leave some blank
For some fields there would be a default value,
If you enter '. ', the field would be a left blank.
-----
Country Name (2 letter code) [XX]:CN
State or province name (full name) []:beijing
Locality Name (eg, city) [Default city]:beijing
Organization Name (eg, company) [Default company Ltd]:liyang
Organizational Unit Name (eg, section) []:ops
Common name (eg, your name or your server ' s hostname) []:web.yang.com
Email Address []:[email protected]
3) provide supporting documents
[email protected] ca]# Touch index.txt
[Email protected] ca]# echo > serial
[Email protected] ca]# tree
.
├──cacert.pem
├──certs
├──crl
├──index.txt
├──index.txt.attr
├──index.txt.old
├──newcerts
├──private
│└──cakey.pem
├──serial
└──serial.old
Second, the node application certificate
1) Generate private key
# Mkdir-pv/etc/httpd/ssl
ssl]# (umask 077; OpenSSL genrsa-out nginx.key 1024)
2) Generate Certificate signing request:
[email protected] ssl]# OpenSSL req-new-key nginx.key-out NGINX.CSR
You is about-to is asked to-enter information that'll be incorporated
into your certificate request.
What's about-to-enter is called a distinguished Name or a DN.
There is quite a few fields but can leave some blank
For some fields there would be a default value,
If you enter '. ', the field would be a left blank.
-----
Country Name (2 letter code) [XX]:CN
State or province name (full name) []:beijing
Locality Name (eg, city) [Default city]:beijing
Organization Name (eg, company) [Default company Ltd]:liyang
Organizational Unit Name (eg, section) []:ops
Common name (eg, your name or your server ' s hostname) []:web.yang.com
Email Address []:[email protected]
Please enter the following ' extra ' attributes
To is sent with your certificate request
A Challenge Password []:
An optional company name []:
ssl]# CP nginx.csr/tmp/
Third, CA issued certificate
1) Signing certificate
[email protected] ~]# OpenSSL CA-IN/TMP/NGINX.CSR-OUT/ETC/PKI/CA/CERTS/NGINX.CRT
Using Configuration From/etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature OK
Certificate Details:
Serial number:1 (0x1)
Validity
Not Before:jul 11:11:37 GMT
Not After:jul 11:11:37 GMT
Subject:
CountryName = CN
Stateorprovincename = Beijing
OrganizationName = Liyang
Organizationalunitname = Ops
CommonName = web.yang.com
EmailAddress = [email protected]
X509v3 Extensions:
X509v3 Basic Constraints:
Ca:false
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
F5:73:f0:f1:7f:b6:b6:5d:41:f1:ed:7a:69:fe:6f:8e:a6:59:41:42
X509v3 Authority Key Identifier:
keyid:91:41:da:d3:44:05:36:98:14:a7:81:d6:64:ac:d5:8e:eb:6e:d3:97
Certificate is to be certified until Jul 11:11:37 GMT (365 days)
Sign the certificate? [Y/n]:y
1 out of 1 certificate requests certified, commit? [Y/n]y
Write out database with 1 new entries
Data Base Updated
2) Send the signed certificate back to the requestor.
# cp/etc/pki/ca/certs/nginx.crt/etc/nginx/ssl/
Note: This private build CA and node request certificates are completed on the same machine.
Iv. Test Results:
1) test in PC Browser: https://web.yang.com/index.php access via 443 port
4. Stress test:
First, the normal test
1) test WordPress concurrency
# # Ab-c 100-n http://www.yang.com/index.php
Requests per second:389.38 [#/sec] (mean)
Requests per second:6949.27 [#/sec] (mean)
2) Test phpMyAdmin http concurrency
# ab-c 100-n http://web.yang.com/index.php
Requests per second:5641.91 [#/sec] (mean)
Requests per second:54.74 [#/sec] (mean)
3) test phpMyAdmin HTTPS concurrency
# ab-c 100-n https://web.yang.com/index.php
Requests per second:44.32 [#/sec] (mean)
Requests per second:45.28 [#/sec] (mean)
Second, install XCache Accelerator test data for PHP:
1) Yum Installation Php-xcache
~]# Yum Install Php-xcache
2) test concurrency
# ab-c 100-n http://web.yang.com/index.php
Requests per second:44.77 [#/sec] (mean)
# ab-c 100-n https://web.yang.com/index.php
Requests per second:44.12 [#/sec] (mean)
# ab-c 100-n http://www.yang.com/index.php
Requests per second:109.11 [#/sec] (mean)
This article is from the "8752057" blog, please be sure to keep this source http://yang90.blog.51cto.com/8752057/1833487
Centos7.2 lnmp RPM Package, php-fpm build wordpress Blog