LNMP is the website server architecture of Nginx, MySQL, and PHP in Linux. The LAMP architecture is also implemented in the previous blog. We will mainly introduce Nginx.
Nginx is a small and efficient Web server software in Linux. It was developed by the Rambler.ru site, where Igor Sysoev is the second highest traffic in Russia. It has been running on large Russian websites for many years, relatively stable
Nginx is one of the servers that solve the C10K problem. Unlike traditional servers, Nginx does not rely on threads to process requests. Instead, it uses a more scalable event-driven asynchronous) architecture.
Nginx server features
Basic server features
Process static files, index files, and automatic indexing; open file descriptor cache;
Use cache to accelerate reverse proxy; simple load balancing and fault tolerance;
Remote FastCGI, uwsgi, SCGI, and memcached service cache acceleration support; simple load balancing and fault tolerance;
Modular architecture. Filters include gzip compression, ranges support, chunked response, XSLT, SSI, and image scaling. In the SSI filter, a page containing multiple SSI can be processed in parallel through FastCGI or reverse proxy;
Supports SSL and tls sni.
Name-based and IP-based VM;
Support for Keep-alive and pipelined connections;
Flexible configuration;
During configuration reload and online upgrade, the processing request does not need to be interrupted;
Customize the access log format, write operations with cache, and fast log rotation;
3xx-5xx error code redirection;
Rewrite) module: Use a regular expression to change the URI;
Perform different functions based on the client address;
Access Control Based on the Client IP address and basic HTTP authentication mechanism;
Supports HTTP referer verification;
Supports PUT, DELETE, MKCOL, COPY, and MOVE methods;
Supports FLV streams and MP4 streams;
Speed limit;
Number of concurrent connections or requests from the same address;
Embedded in the Perl language.
Mail proxy server features
Use an external HTTP authentication server to redirect users to the IMAP/POP3 backend;
Use an external HTTP authentication server to authenticate the user and redirect to the internal SMTP backend;
Supported authentication methods:
POP3: USER/PASS, APOP, auth login/PLAIN/CRAM-MD5;
IMAP: LOGIN, auth login/PLAIN/CRAM-MD5;
SMTP: auth login/PLAIN/CRAM-MD5;
SSL support;
STARTTLS and STLS support.
LNMP architecture advantagesAs a Web server: Compared with Apache, Nginx uses less resources and supports more concurrent connections, reflecting higher efficiency.
As a Server Load balancer: Nginx can support both Rails and PHP internally, or serve as an HTTP proxy server. Nginx is written in C. Both system resource overhead and CPU usage are much more efficient than Perlbal.
As a mail proxy server: Nginx is also a very good mail proxy server. One of the first reasons for developing this product is also as a mail proxy server.) Last. fm describes the success and wonderful use experience.
Create nginx users and groups
# groupadd –r –g 108 naginx#useradd –r –g 108 nginx
Compilation process
# tar xf nginx-1.4.1.tar.gz# cd nginx-1.4.1# ./configure \ --prefix=/usr \ --sbin-path=/usr/sbin/nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx/nginx.pid \ --lock-path=/var/lock/nginx.lock \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_flv_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --http-client-body-temp-path=/var/tmp/nginx/client/ \ --http-proxy-temp-path=/var/tmp/nginx/proxy/ \ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \ --http-scgi-temp-path=/var/tmp/nginx/scgi \ --with-pcrePrepare service scripts
# Vim/etc/init. d/nginx
#!/bin/sh## nginx - this script starts and stops thenginx daemon## chkconfig: - 85 15# description: Nginx is an HTTP(S) server, HTTP(S) reverse \# proxy and IMAP/POP3 proxy server# processname: nginx# config: /etc/nginx/nginx.conf# config: /etc/sysconfig/nginx# pidfile: /var/run/nginx.pid# Source function library.. /etc/rc.d/init.d/functions# Source networking configuration.. /etc/sysconfig/network# Check that networking is up.[ "$NETWORKING" = "no"] && exit 0nginx="/usr/sbin/nginx"prog=$(basename $nginx)NGINX_CONF_FILE="/etc/nginx/nginx.conf"[ -f /etc/sysconfig/nginx ] && ./etc/sysconfig/nginxlockfile=/var/lock/subsys/nginxmake_dirs() { #make required directories user=`nginx -V 2>&1 | grep "configure arguments:" | sed's/[^*]*--user=\([^ ]*\).*/\1/g' -` options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating"$value mkdir -p $value && chown-R $user $value fi fi done}start() { [ -x $nginx ] || exit 5 [-f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [$retval -eq 0 ] && touch $lockfile return $retval}stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [$retval -eq 0 ] && rm -f $lockfile return $retval}restart() { configtest || return $? stop sleep 1 start}reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo}force_reload() { restart}configtest() { $nginx -t -c $NGINX_CONF_FILE}rh_status() { status $prog}rh_status_q() { rh_status >/dev/null 2>&1}case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0{start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2esac
Add to Service Control List
# chmod +x /etc/init.d/nginx# chkconfig --add nginx# chkconfig nginx on
Start nginx for testing
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H02624-0.png "title =" 15.png"/>
Create a mysql user
# groupadd -g 3306 mysql# useradd -g 3306 -u 3306 mysql
Create a data directory
# mkdir /mydata/data -pv# cd /mydata/# chown mysql.mysql data –R
Decompress the Binary Package
# tar xf mysql-5.6.10-linux-glibc2.5-i686.tar.gz -C /usr/local# cd /usr/local/# ln -sv mysql-5.6.10-linux-glibc2.5-x86_64mysql# chown .mysql * -R
Initialize mysql
# scripts/mysql_install_db --user=mysql--datadir=/mydata/data
Prepare service scripts
# cp support-files/mysql.server/etc/init.d/mysqld# chkconfig --add mysqld
After initialization, a my. cnf configuration file is automatically created in the current directory and can be directly modified.
Modify the configuration file my. cnf and add necessary content
log-bin=master-bin.logport=3306datadir=/mydata/datasocket=/tmp/mysql.sock
Start mysql5.6
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H02F6-1.jpg "title =" 1.jpg"/>
In order to use mysql installation to comply with the system usage specifications, and export its development components to the system for use
Output the mysql man manual to the man command search path
Edit/etc/man. config and add the following lines: MANPATH/usr/local/mysql/man.
Output the mysql header file to the system header file path/usr/include
# Ln-sv/usr/local/mysql/include/usr/include/mysql
Output the mysql database file to the system database to find the path.
# Echo '/usr/local/mysql/lib'>/etc/ld. so. conf. d/mysql. conf to reload the system library # ldconfig
Modify the PATH environment variable so that the system can directly use mysql-related commands. The specific implementation process is not provided here.
# Vim/etc/profile. d/mysql. d --- Add the following export PATH = $ PATH:/usr/local/mysql/bin #. /etc/profile. d/mysql. dCompile and install PHP
Install libmcrypt and mhash in the same way as during LAMP compilation and installation. Download these packages to/root/soft)
#yum --nogpgcheck localinstall -y libmcrypt-2.5.7-5.el5.i386.rpm libmcrypt-devel-2.5.7-5.el5.i386.rpm mhash-0.9.2-6.el5.i386.rpm mhash-devel-0.9.2-6.el5.i386.rpm
Install the component packages on which compilation depends
libcurl-devel.i686bzip2-devel.i686openssl-devel.i686libxml2-devel.i686
Start compilation and Installation
# tar xf php-5.4.13.tar.bz2^C# cd php-5.4.13./configure--prefix=/usr/local/php--with-mysql=/usr/local/mysql--with-openssl --enable-fpm--enable-sockets --enable-sysvshm--with-mysqli=/usr/local/mysql/bin/mysql_config--enable-mbstring --with-freetype-dir --with-jpeg-dir--with-png-dir --with-zlib-dir --with-libxml-dir=/usr--enable-xml --with-mhash --with-mcrypt --with-config-file-path=/etc--with-config-file-scan-dir=/etc/php.d --with-bz2 --with-curl# make# make install
Prepare the PHP configuration file
# cd php-5.4.8# cp php.ini-production /etc/php.ini
Provide the Sysv init script for php-fpm and add it to the service list.
# cd php-5.4.8# cp sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm# cp sapi/fpm/init.d.php-fpm/etc/init.d/php-fpm# chmod +x /etc/init.d/php-fpm# chkconfig --add php-fpm# chkconfig php-fpm on
Prepare the php_fpm configuration file
# cp php.ini-production /etc/php.ini# cd /usr/local/php/etc/# cp php-fpm.conf.default php-fpm.conf# vim php-fpm.conf
Modify php-fpm.conf profile content
pm.max_children =50pm.start_servers = 5pm.min_spare_servers = 2pm.max_spare_servers = 8pid = /usr/local/php/var/run/php-fpm.pid
Start php-fpm
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H0N91-2.png "title =" 1.png"/>
Edit the nginx configuration file and integrate nginx and php
Note: The default nginx page path has been changed to/web/bbs;
location ~ \.php$ { root /web/bbs; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; include fastcgi_params;}
Add default page
index index.php index.htmlindex.htm;
Edit the fastcgi_params File
# Vim/etc/nginx/fastcgi_params -- change the original content to fastcgi_param GATEWAY_INTERFACE CGI/1.1; using SERVER_SOFTWARE nginx; using QUERY_STRING $ query_string; using REQUEST_METHOD $ request_method; CONTENT_TYPE $ content_type; response CONTENT_LENGTH $ content_length; Response SCRIPT_FILENAME $ document_root $ response; Response SCRIPT_NAME $ response; Response REQUEST_URI $ request_uri; Response DOCUMENT_URI $ document_uri; Response DOCUMENT_ROOT $ document_root; Response SERVER_PROTOCOL $ server_protocol; incluremote_addr $ REMOTE_ADDR; incluremote_port $ REMOTE_PORT; fastcgi_param SERVER_ADDR $ server_addr; fastcgi_param SERVER_PORT $ server_port; fastcgi_param SERVER_NAME $ server_name;
Change index. php page content
# Vim/web/bbs/beifen/index. php shows the php information.): <? Phpphpinfo ();?>
Restart nginx
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H04003-3.png "title =" 2.png"/>
Verify whether Nginx is integrated with PHP
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H02464-4.png "title =" 3.png"/>
Add accelerator xcache
# tar xf xcache-3.0.1.tar.bz2# cd xcache-3.0.1# /usr/local/php/bin/phpize
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H04294-5.png "title =" 5.png"/>
Compile and install
# ./configure --enable-xcache--with-php-config=/usr/local/php/bin/php-config# make && make install
After the installation is complete, the path shown in the figure is displayed.
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H03F2-6.png "title =" 4.png"/>
Edit php. ini and integrate php and xcache
# mkdir /etc/php.d# cp xcache.ini /etc/php.d/# vim /etc/php.d/xcache.ini
Change content
extension = /usr/local/php/lib/php/extensions/no-debug-zts-20100525/xcache.so
Configure SSL for encrypted connections
The CA generates the key and completes self-signed # (umask 077; openssl genrsa 2048> private/cakey. pem) # openssl req-new-x509-keyprivate/cakey. pem-out cacert. pem # echo 01> serial # touch index.txt the server generates the key, generate a certificate request # mkdir/etc/nginx/ssl-pv # cd/etc/nginx/ssl/# (umask 077; openssl genrsa2048> nginx. key) # openssl req-new-keynginx. key-out nginx. csrca signs the certificate # openssl ca-in nginx. csr-out nginx. * crt-days 3665
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H0D19-7.png "title =" 8.png"/>
Modify nginx configuration file
#HTTPS server # server { listen 443; server_name www.test.com; ssl on; ssl_certificate /etc/nginx/ssl/nginx.crt; ssl_certificate_key /etc/nginx/ssl/nginx.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location ~ \.php$ { root /web/bbs; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; include fastcgi_params; } location / { root /web/bbs; index index.php index.htmlindex.htm; }}
Restart php-fpm
# Service php-fpm restart
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H01K7-8.png "title =" 6.png"/>
Verify whether xcache is successfully added and whether ss encrypted connection can be completed
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/012H06260-9.png "title =" 7.png"/>
Now the LNMP compilation and installation are complete, and the ssl-based connection is implemented. You may wish to give it a try.
This article from "Deng junyang's Blog" Blog, please be sure to keep this source http://djy0000.blog.51cto.com/5816828/1212884
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
