|
中 小
[
2010-3-4 20:10 | by
張宴]
[文章作者:張宴 本文版本:v6.3 最後修改:2010.07.26 轉載請注明原文連結:
http://blog.zyan.cc/nginx_php_v6/]
前言:本文是我撰寫的關于搭建“Nginx + PHP(FastCGI)”Web伺服器的第6篇文章。本系列文章作為國内最早詳細介紹 Nginx + PHP 安裝、配置、使用的資料之一,為推動 Nginx 在國内的發展産生了積極的作用。本文可能不斷更新小版本,請記住原文連結“
”,擷取最新内容。第6篇文章主要介紹了Nginx 0.8.x新的平滑重新開機方式,将PHP更新到了5.2.14,修正了PEAR問題。另将MySQL 5.1.x更新到了5.5.x系列,配置檔案變更較大。
連結:《
2007年9月的第1版》、《
2007年12月的第2版 2008年6月的第3版 2008年8月的第4版 2009年5月的第5版》
("engine x") 是一個高性能的 HTTP 和反向代理伺服器,也是一個 IMAP/POP3/SMTP 代理伺服器。 Nginx 是由 Igor Sysoev 為俄羅斯通路量第二的 Rambler.ru 站點開發的,它已經在該站點運作超過三年了。Igor 将源代碼以類BSD許可證的形式釋出。
Nginx 超越 Apache 的高性能和穩定性,使得國内使用 Nginx 作為 Web 伺服器的網站也越來越多,其中包括
新浪部落格、
新浪播客 網易新聞 騰訊網 搜狐部落格等門戶網站頻道,
六間房 56.com等視訊分享網站,
Discuz!官方論壇 水木社群等知名論壇,
盛大線上 金山逍遙網等網絡遊戲網站,
豆瓣 人人網 YUPOO相冊 金山愛詞霸 迅雷線上等新興Web 2.0網站。
Nginx 的官方中文維基:
http://wiki.nginx.org/NginxChs在高并發連接配接的情況下,Nginx是Apache伺服器不錯的替代品。Nginx同時也可以作為7層負載均衡伺服器來使用。根據我的測試結果,Nginx 0.8.46 + PHP 5.2.14 (FastCGI) 可以承受3萬以上的并發連接配接數,相當于同等環境下Apache的10倍。
根據我的經驗,4GB記憶體的伺服器+Apache(prefork模式)一般隻能處理3000個并發連接配接,因為它們将占用3GB以上的記憶體,還得為系統預留1GB的記憶體。我曾經就有兩台Apache伺服器,因為在配置檔案中設定的MaxClients為4000,當Apache并發連接配接數達到3800時,導緻伺服器記憶體和Swap空間用滿而崩潰。
而這台 Nginx 0.8.46 + PHP 5.2.14 (FastCGI) 伺服器在3萬并發連接配接下,開啟的10個Nginx程序消耗150M記憶體(15M*10=150M),開啟的64個php-cgi程序消耗1280M記憶體(20M*64=1280M),加上系統自身消耗的記憶體,總共消耗不到2GB記憶體。如果伺服器記憶體較小,完全可以隻開啟25個php-cgi程序,這樣php-cgi消耗的總記憶體數才500M。
在3萬并發連接配接下,通路Nginx 0.8.46 + PHP 5.2.14 (FastCGI) 伺服器的PHP程式,仍然速度飛快。下圖為Nginx的狀态監控頁面,顯示的活動連接配接數為28457(關于Nginx的監控頁配置,會在本文接下來所給出的Nginx配置檔案中寫明):
我生産環境下的兩台Nginx + PHP5(FastCGI)伺服器,跑多個一般複雜的純PHP動态程式,單台Nginx + PHP5(FastCGI)伺服器跑PHP動态程式的處理能力已經超過“700次請求/秒”,相當于每天可以承受6000萬(700*60*60*24=60480000)的通路量(
更多資訊見此),而伺服器的系統負載也不高:
2009年9月3日下午2:30,金山遊戲《劍俠情緣網絡版叁》臨時維護1小時(
http://kefu.xoyo.com/gonggao/jx3/2009-09-03/750438.shtml),大量玩家上官網,論壇、評論、客服等動态應用Nginx伺服器叢集,每台伺服器的Nginx活動連接配接數達到2.8萬,這是筆者遇到的Nginx生産環境最高并發值。
下面是用100個并發連接配接分别去壓生産環境中同一負載均衡器VIP下、提供相同服務的兩台伺服器,一台為Nginx,另一台為Apache,Nginx每秒處理的請求數是Apache的兩倍多,Nginx伺服器的系統負載、CPU使用率遠低于Apache:
你可以将連接配接數開到10000~30000,去壓Nginx和Apache上的phpinfo.php,這是用浏覽器通路Nginx上的phpinfo.php一切正常,而通路Apache伺服器的phpinfo.php,則是該頁無法顯示。4G記憶體的伺服器,即使再優化,Apache也很難在“webbench -c 30000 -t 60
http://xxx.xxx.xxx.xxx/phpinfo.php”的壓力情況下正常通路,而調整參數優化後的Nginx可以。
webbench 下載下傳位址:
http://blog.zyan.cc/post/288/注意:webbench 做壓力測試時,該軟體自身也會消耗CPU和記憶體資源,為了測試準确,請将 webbench 安裝在别的伺服器上。
測試結果:##### Nginx + PHP #####
引用
[root@localhost webbench-1.5]# webbench -c 100 -t 30
http://192.168.1.21/phpinfo.phpWebbench - Simple Web Benchmark 1.5
Copyright (c) Radim Kolar 1997-2004, GPL Open Source Software.
Benchmarking: GET
100 clients, running 30 sec.
Speed=102450 pages/min, 16490596 bytes/sec.
Requests: 51225 susceed, 0 failed.
top - 14:06:13 up 27 days, 2:25, 2 users, load average: 14.57, 9.89, 6.51
Tasks: 287 total, 4 running, 283 sleeping, 0 stopped, 0 zombie
Cpu(s): 49.9% us, 6.7% sy, 0.0% ni, 41.4% id, 1.1% wa, 0.1% hi, 0.8% si
Mem: 6230016k total, 2959468k used, 3270548k free, 635992k buffers
Swap: 2031608k total, 3696k used, 2027912k free, 1231444k cached
測試結果:##### Apache + PHP #####
http://192.168.1.27/phpinfo.phpSpeed=42184 pages/min, 31512914 bytes/sec.
Requests: 21092 susceed, 0 failed.
top - 14:06:20 up 27 days, 2:13, 2 users, load average: 62.15, 26.36, 13.42
Tasks: 318 total, 7 running, 310 sleeping, 0 stopped, 1 zombie
Cpu(s): 80.4% us, 10.6% sy, 0.0% ni, 7.9% id, 0.1% wa, 0.1% hi, 0.9% si
Mem: 6230016k total, 3075948k used, 3154068k free, 379896k buffers
Swap: 2031608k total, 12592k used, 2019016k free, 1117868k cached
為什麼Nginx的性能要比Apache高得多?這得益于Nginx使用了最新的epoll(Linux 2.6核心)和kqueue(freebsd)網絡I/O模型,而Apache則使用的是傳統的select模型。目前Linux下能夠承受高并發通路的Squid、Memcached都采用的是epoll網絡I/O模型。
處理大量的連接配接的讀寫,Apache所采用的select網絡I/O模型非常低效。下面用一個比喻來解析Apache采用的select模型和Nginx采用的epoll模型進行之間的差別:
假設你在大學讀書,住的宿舍樓有很多間房間,你的朋友要來找你。select版宿管大媽就會帶着你的朋友挨個房間去找,直到找到你為止。而epoll版宿管大媽會先記下每位同學的房間号,你的朋友來時,隻需告訴你的朋友你住在哪個房間即可,不用親自帶着你的朋友滿大樓找人。如果來了10000個人,都要找自己住這棟樓的同學時,select版和epoll版宿管大媽,誰的效率更高,不言自明。同理,在高并發伺服器中,輪詢I/O是最耗時間的操作之一,select和epoll的性能誰的性能更高,同樣十分明了。
安裝步驟:
(系統要求:Linux 2.6+ 核心,本文中的Linux作業系統為CentOS 5.3,另在RedHat AS4上也安裝成功)
一、擷取相關開源程式:
1、【适用CentOS作業系統】利用CentOS Linux系統自帶的yum指令安裝、更新所需的程式庫(RedHat等其他Linux發行版可從安裝CD光牒中找到這些程式庫的RPM包,進行安裝):
sudo -s
LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers
2、【适用RedHat作業系統】RedHat等其他Linux發行版可從安裝CD光牒中找到這些程式庫的RPM包(事先可通過類似“rpm -qa | grep libjpeg”的指令檢視所需的RPM包是否存在,通常是“xxx-devel”不存在,需要安裝)。RedHat可以直接利用CentOS的RPM包安裝,以下是RPM包下載下傳網址:
①、RedHat AS4 & CentOS 4
http://mirrors.163.com/centos/4/os/i386/CentOS/RPMS/ http://mirrors.163.com/centos/4/os/x86_64/CentOS/RPMS/②、RedHat AS5 & CentOS 5
http://mirrors.163.com/centos/5/os/i386/CentOS/ http://mirrors.163.com/centos/5/os/x86_64/CentOS/③、RPM包搜尋網站
http://rpm.pbone.net/ http://www.rpmfind.net/④、RedHat AS4 系統環境,通常情況下缺少的支援包安裝:
Ⅰ、i386 系統
wget
http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/libjpeg-devel-6b-33.i386.rpmrpm -ivh libjpeg-devel-6b-33.i386.rpm
http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/freetype-devel-2.1.9-1.i386.rpmrpm -ivh freetype-devel-2.1.9-1.i386.rpm
http://blog.zyan.cc/soft/linux/nginx_php/rpm/i386/libpng-devel-1.2.7-1.i386.rpmrpm -ivh libpng-devel-1.2.7-1.i386.rpm
Ⅱ、x86_64 系統
http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/libjpeg-devel-6b-33.x86_64.rpmrpm -ivh libjpeg-devel-6b-33.x86_64.rpm
http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/freetype-devel-2.1.9-1.x86_64.rpmrpm -ivh freetype-devel-2.1.9-1.x86_64.rpm
http://blog.zyan.cc/soft/linux/nginx_php/rpm/x86_64/libpng-devel-1.2.7-1.x86_64.rpmrpm -ivh libpng-devel-1.2.7-1.x86_64.rpm
3、【适用CentOS、RedHat及其它Linux作業系統】下載下傳程式源碼包:
本文中提到的所有開源軟體為截止到2010年07月26日的最新穩定版。
①、從軟體的官方網站下載下傳:
mkdir -p /data0/software
cd /data0/software
http://sysoev.ru/nginx/nginx-0.8.46.tar.gz http://www.php.net/get/php-5.2.14.tar.gz/from/this/mirror http://php-fpm.org/downloads/php-5.2.14-fpm-0.5.14.diff.gz http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.3-m3.tar.gz/from/http://mysql.he.net/ http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gzwget "http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0"
wget "http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.8.tar.gz?modtime=1194463373&big_mirror=0"
http://pecl.php.net/get/memcache-2.2.5.tgzwget "http://downloads.sourceforge.net/mhash/mhash-0.9.9.9.tar.gz?modtime=1175740843&big_mirror=0"
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2 http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz http://blog.zyan.cc/soft/linux/nginx_php/imagick/ImageMagick.tar.gz http://pecl.php.net/get/imagick-2.3.0.tgz②、從
blog.zyan.cc下載下傳(比較穩定,隻允許在本站,或者在Linux/Unix下通過Wget、Curl等指令下載下傳以下軟體):
http://blog.zyan.cc/soft/linux/nginx_php/nginx/nginx-0.8.46.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/php/php-5.2.14.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/phpfpm/php-5.2.14-fpm-0.5.14.diff.gz http://blog.zyan.cc/soft/linux/nginx_php/mysql/mysql-5.5.3-m3.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/libiconv/libiconv-1.13.1.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/mcrypt/libmcrypt-2.5.8.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/mcrypt/mcrypt-2.6.8.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/memcache/memcache-2.2.5.tgz http://blog.zyan.cc/soft/linux/nginx_php/mhash/mhash-0.9.9.9.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/pcre/pcre-8.10.tar.gz http://blog.zyan.cc/soft/linux/nginx_php/eaccelerator/eaccelerator-0.9.6.1.tar.bz2 http://blog.zyan.cc/soft/linux/nginx_php/pdo/PDO_MYSQL-1.0.2.tgz http://blog.zyan.cc/soft/linux/nginx_php/imagick/imagick-2.3.0.tgz二、安裝PHP 5.2.14(FastCGI模式)
1、編譯安裝PHP 5.2.14所需的支援庫:
tar zxvf libiconv-1.13.1.tar.gz
cd libiconv-1.13.1/
./configure --prefix=/usr/local
make
make install
cd ../
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
cd ../../
tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config
tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
2、編譯安裝MySQL 5.5.3-m3
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql
tar zxvf mysql-5.5.3-m3.tar.gz
cd mysql-5.5.3-m3/
./configure --prefix=/usr/local/webserver/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innobase,myisammrg
make && make install
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
附:以下為附加步驟,如果你想在這台伺服器上運作MySQL資料庫,則執行以下幾步。如果你隻是希望讓PHP支援MySQL擴充庫,能夠連接配接其他伺服器上的MySQL資料庫,那麼,以下兩步無需執行。
①、建立MySQL資料庫存放目錄
mkdir -p /data0/mysql/3306/data/
mkdir -p /data0/mysql/3306/binlog/
mkdir -p /data0/mysql/3306/relaylog/
chown -R mysql:mysql /data0/mysql/
②、以mysql使用者帳号的身份建立資料表:
/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/data0/mysql/3306/data --user=mysql
③、建立my.cnf配置檔案:
vi /data0/mysql/3306/my.cnf
輸入以下内容:
[client]
character-set-server = utf8
port = 3306
socket = /tmp/mysql.sock
[mysqld]
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
basedir = /usr/local/webserver/mysql
datadir = /data0/mysql/3306/data
log-error = /data0/mysql/3306/mysql_error.log
pid-file = /data0/mysql/3306/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 614
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 1M
join_buffer_size = 1M
thread_cache_size = 300
#thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 192K
transaction_isolation = READ-COMMITTED
tmp_table_size = 246M
max_heap_table_size = 246M
long_query_time = 3
log-slave-updates
log-bin = /data0/mysql/3306/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 1G
relay-log-index = /data0/mysql/3306/relaylog/relaylog
relay-log-info-file = /data0/mysql/3306/relaylog/relaylog
relay-log = /data0/mysql/3306/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 256M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
innodb_additional_mem_pool_size = 16M
innodb_buffer_pool_size = 512M
innodb_data_file_path = ibdata1:256M:autoextend
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 90
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0
#log-slow-queries = /data0/mysql/3306/slow.log
#long_query_time = 10
[mysqldump]
quick
④、建立管理MySQL資料庫的shell腳本:
vi /data0/mysql/3306/mysql
輸入以下内容(這裡的使用者名admin和密碼12345678接下來的步驟會建立):
#!/bin/sh
mysql_port=3306
mysql_username="admin"
mysql_password="12345678"
function_start_mysql()
{
printf "Starting MySQL...\n"
/bin/sh /usr/local/webserver/mysql/bin/mysqld_safe --defaults-file=/data0/mysql/${mysql_port}/my.cnf 2>&1 > /dev/null &
}
function_stop_mysql()
printf "Stoping MySQL...\n"
/usr/local/webserver/mysql/bin/mysqladmin -u ${mysql_username} -p${mysql_password} -S /tmp/mysql.sock shutdown
function_restart_mysql()
printf "Restarting MySQL...\n"
function_stop_mysql
sleep 5
function_start_mysql
function_kill_mysql()
kill -9 $(ps -ef | grep 'bin/mysqld_safe' | grep ${mysql_port} | awk '{printf $2}')
kill -9 $(ps -ef | grep 'libexec/mysqld' | grep ${mysql_port} | awk '{printf $2}')
if [ "$1" = "start" ]; then
elif [ "$1" = "stop" ]; then
elif [ "$1" = "restart" ]; then
function_restart_mysql
elif [ "$1" = "kill" ]; then
function_kill_mysql
else
printf "Usage: /data0/mysql/${mysql_port}/mysql {start|stop|restart|kill}\n"
fi
⑤、賦予shell腳本可執行權限:
chmod +x /data0/mysql/3306/mysql
⑥、啟動MySQL:
/data0/mysql/3306/mysql start
⑦、通過指令行登入管理MySQL伺服器(提示輸入密碼時直接回車):
/usr/local/webserver/mysql/bin/mysql -u root -p -S /tmp/mysql.sock
⑧、輸入以下SQL語句,建立一個具有root權限的使用者(admin)和密碼(12345678):
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' IDENTIFIED BY '12345678';
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'127.0.0.1' IDENTIFIED BY '12345678';
⑨、(可選)停止MySQL:
/data0/mysql/3306/mysql stop
3、編譯安裝PHP(FastCGI模式)
tar zxvf php-5.2.14.tar.gz
gzip -cd php-5.2.14-fpm-0.5.14.diff.gz | patch -d php-5.2.14 -p1
cd php-5.2.14/
./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap
make ZEND_EXTRA_LIBS='-liconv'
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
4、編譯安裝PHP5擴充子產品
tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
tar jxvf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
./configure --with-php-config=/usr/local/webserver/php/bin/php-config --with-pdo-mysql=/usr/local/webserver/mysql
tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
tar zxvf imagick-2.3.0.tgz
cd imagick-2.3.0/
5、修改php.ini檔案
手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"
修改為extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行後增加以下幾行,然後儲存:
extension = "memcache.so"
extension = "pdo_mysql.so"
extension = "imagick.so"
再查找output_buffering = Off
修改為output_buffering = On
再查找; cgi.fix_pathinfo=0
修改為cgi.fix_pathinfo=0,防止Nginx檔案類型錯誤解析漏洞。
自動修改:若嫌手工修改麻煩,可執行以下shell指令,自動完成對php.ini檔案的修改:
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\nextension = "pdo_mysql.so"\nextension = "imagick.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
sed -i "s#; always_populate_raw_post_data = On#always_populate_raw_post_data = On#g" /usr/local/webserver/php/etc/php.ini
sed -i "s#; cgi.fix_pathinfo=0#cgi.fix_pathinfo=0#g" /usr/local/webserver/php/etc/php.ini
6、配置eAccelerator加速PHP:
mkdir -p /usr/local/webserver/eaccelerator_cache
vi /usr/local/webserver/php/etc/php.ini
按shift+g鍵跳到配置檔案的最末尾,加上以下配置資訊:
[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
7、建立www使用者群組,以及供blog.zyan.cc和
www.zyan.cc兩個虛拟主機使用的目錄:
/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /data0/htdocs/blog
chmod +w /data0/htdocs/blog
chown -R www:www /data0/htdocs/blog
mkdir -p /data0/htdocs/www
chmod +w /data0/htdocs/www
chown -R www:www /data0/htdocs/www
8、建立php-fpm配置檔案(php-fpm是為PHP打的一個FastCGI管理更新檔,可以平滑變更php.ini配置而無需重新開機php-cgi):
在/usr/local/webserver/php/etc/目錄中建立php-fpm.conf檔案:
rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf
輸入以下内容(如果您安裝 Nginx + PHP 用于程式調試,請将以下的<value name="display_errors">0</value>改為<value name="display_errors">1</value>,以便顯示PHP錯誤資訊,否則,Nginx 會報狀态為500的空白錯誤頁):
<?xml version="1.0" ?>
<configuration>
All relative paths in this config are relative to php's install prefix
<section name="global_options">
Pid file
<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>
Error log file
<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>
Log level
<value name="log_level">notice</value>
When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>
... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>
Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>
Set to 'no' to debug fpm
<value name="daemonize">yes</value>
</section>
<workers>
<section name="pool">
Name of pool. Used in logs and stats.
<value name="name">default</value>
Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
<value name="listen_address">127.0.0.1:9000</value>
<value name="listen_options">
Set listen(2) backlog
<value name="backlog">-1</value>
Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
<value name="owner"></value>
<value name="group"></value>
<value name="mode">0666</value>
</value>
Additional php.ini defines, specific to this pool of workers.
<value name="php_defines">
<value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
<value name="display_errors">0</value>
Unix user of processes
<value name="user">www</value>
Unix group of processes
<value name="group">www</value>
Process manager settings
<value name="pm">
Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
<value name="style">static</value>
Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
<value name="max_children">128</value>
Settings group for 'apache-like' pm style
<value name="apache_like">
Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
<value name="StartServers">20</value>
Sets the desired minimum number of idle server processes.
<value name="MinSpareServers">5</value>
Sets the desired maximum number of idle server processes.
<value name="MaxSpareServers">35</value>
</value>
The timeout (in seconds) for serving a single request after which the worker process will be terminated
Should be used when 'max_execution_time' ini option does not stop script execution for some reason
'0s' means 'off'
<value name="request_terminate_timeout">0s</value>
The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
<value name="request_slowlog_timeout">0s</value>
The log file for slow requests
<value name="slowlog">logs/slow.log</value>
Set open file desc rlimit
<value name="rlimit_files">65535</value>
Set max core size rlimit
<value name="rlimit_core">0</value>
Chroot to this directory at the start, absolute path
<value name="chroot"></value>
Chdir to this directory at the start, absolute path
<value name="chdir"></value>
Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
<value name="catch_workers_output">yes</value>
How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
<value name="max_requests">1024</value>
Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
<value name="allowed_clients">127.0.0.1</value>
Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
<value name="environment">
<value name="HOSTNAME">$HOSTNAME</value>
<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
<value name="TMP">/tmp</value>
<value name="TMPDIR">/tmp</value>
<value name="TEMP">/tmp</value>
<value name="OSTYPE">$OSTYPE</value>
<value name="MACHTYPE">$MACHTYPE</value>
<value name="MALLOC_CHECK_">2</value>
</section>
</workers>
</configuration>
9、啟動php-cgi程序,監聽127.0.0.1的9000端口,程序數為128(如果伺服器記憶體小于3GB,可以隻開啟64個程序),使用者為www:
ulimit -SHn 65535
/usr/local/webserver/php/sbin/php-fpm start
注:/usr/local/webserver/php/sbin/php-fpm還有其他參數,包括:start|stop|quit|restart|reload|logrotate,修改php.ini後不重新開機php-cgi,重新加載配置檔案使用reload。
三、安裝Nginx 0.8.46
1、安裝Nginx所需的pcre庫:
tar zxvf pcre-8.10.tar.gz
cd pcre-8.10/
2、安裝Nginx
tar zxvf nginx-0.8.46.tar.gz
cd nginx-0.8.46/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
3、建立Nginx日志目錄
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
4、建立Nginx配置檔案
①、在/usr/local/webserver/nginx/conf/目錄中建立nginx.conf檔案:
rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf
user www www;
worker_processes 8;
error_log /data1/logs/nginx_error.log crit;
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
use epoll;
worker_connections 65535;
http
include mime.types;
default_type application/octet-stream;
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
server
{
listen 80;
server_name blog.zyan.cc;
index index.html index.htm index.php;
root /data0/htdocs/blog;
#limit_conn crawler 20;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
location ~ .*\.(js|css)?$
expires 1h;
}
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/access.log access;
}
server_name
www.zyan.cc;root /data0/htdocs/www;
log_format wwwlogs '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/wwwlogs.log wwwlogs;
}
listen 80;
server_name status.blog.zyan.cc;
location / {
stub_status on;
access_log off;
②、在/usr/local/webserver/nginx/conf/目錄中建立fcgi.conf檔案:
vi /usr/local/webserver/nginx/conf/fcgi.conf
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
5、啟動Nginx
/usr/local/webserver/nginx/sbin/nginx
四、配置開機自動啟動Nginx + PHP
vi /etc/rc.local
在末尾增加以下内容:
五、優化Linux核心參數
vi /etc/sysctl.conf
# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
使配置立即生效:
/sbin/sysctl -p
六、在不停止Nginx服務的情況下平滑變更Nginx配置
1、修改/usr/local/webserver/nginx/conf/nginx.conf配置檔案後,請執行以下指令檢查配置檔案是否正确:
/usr/local/webserver/nginx/sbin/nginx -t
如果螢幕顯示以下兩行資訊,說明配置檔案正确:
the configuration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok
the configuration file /usr/local/webserver/nginx/conf/nginx.conf was tested successfully
2、平滑重新開機:
①、對于Nginx 0.8.x版本,現在平滑重新開機Nginx配置非常簡單,執行以下指令即可:
/usr/local/webserver/nginx/sbin/nginx -s reload
②、對于Nginx 0.8.x之前的版本,平滑重新開機稍微麻煩一些,按照以下步驟進行即可。輸入以下指令檢視Nginx主程序号:
ps -ef | grep "nginx: master process" | grep -v "grep" | awk -F ' ' '{print $2}'
螢幕顯示的即為Nginx主程序号,例如:
6302
這時,執行以下指令即可使修改過的Nginx配置檔案生效:
kill -HUP 6302
或者無需這麼麻煩,找到Nginx的Pid檔案:
kill -HUP `cat /usr/local/webserver/nginx/nginx.pid`
七、編寫每天定時切割Nginx日志的腳本
1、建立腳本/usr/local/webserver/nginx/sbin/cut_nginx_log.sh
vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
2、設定crontab,每天淩晨00:00切割nginx通路日志
crontab -e
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
本文若有小的修改,會第一時間在以下網址釋出:
附:文章修改曆史
● [2010年03月04日] [Version 6.0] 建立
● [2010年04月16日] [Version 6.1] Nginx版本更新到0.8.35。
● [2010年05月14日] [Version 6.2] Nginx版本更新到0.8.36。MySQL版本更新到5.5.3-m3,my.cnf配置檔案中的thread_concurrency、master-connect-retry參數在新版本中不支援,已經注釋掉。
● [2010年07月26日] [Version 6.3] Nginx版本更新到0.8.46。PHP版本更新到5.2.14。其他軟體也做了相應的更新。開啟php.ini中的cgi.fix_pathinfo=0,防止Nginx檔案類型錯誤解析漏洞。
(全文完)