LNMP基于PHP-FPM(nginx/1.8.1 PHP 5.6.35 PHP 5.3.27 php多版本)-2
Nginx Rewrite(需PCRE支持)
1、指令语法(perl正则)
指令语法rewrite regex replacement [flag]
默认值 none
应用位置 server,location,if
实践:
1、增加rewrite规则
root@node83 extra]# cat /usr/local/nginx/conf/extra/www.conf#www.conf
server {
listen 80;
server_name black.org;
rewrite^/(.*) http://www.gtms.org/$1 permanent;
}
server
{
listen 80;
server_name www.gtms.org;
location / {
root html/www;
index index.html index.htm;
}
}
2、在www目录下创建此文件
[root@node83 www]# cat gtms.html
rewrite
3、重新加载
root@node83 www]#/usr/local/nginx/sbin/nginx -s reload
4、配置好hosts文件,在浏览器输入black.org/gtms.html
==>网址跳转至http://www.gtms.org/gtms.html
==>显示gtms.html的内容
flag标记:
1.last 相当于apache里面的[L]标记,表示rewrite,继续向下匹配新的locationURI规则
2.break 本条规则匹配完成后,终止匹配,不再匹配后面的规则。
3.redirect 返回302临时重定向,浏览器地址会显示跳转后的URL地址。
4.permanent 返回301永久重定向, 浏览器地址会显示跳转后的URL地址。
Nginx Rewrite的应用场景,在企业里应用非常广泛(一般开发搞给运维)
1、可以调整用户浏览的url,看起来更规范
2、便于搜索引擎及用户体验,动态url转成伪静
3、旧域名访问跳转到新域名 ,301跳转
4、根据特殊变量、目录、客户端的信息(安卓?苹果?)进行url跳转
NGINX之动态服务
CGI & FastCGI
CGI
Common Gateway Interface通用网关接口,用于HTTP服务与其他服务通信交流的一种工具,必须运行在网络服务器上。
性能差,每次http遇到动态程序都需要重新启动解释器,之后结果返回http,高并发不可用,安全性也差,因此诞生了FastCGI
FastCGI
是一个可伸缩的,高速的在http服务器和动态脚本语言间通信的接口(FastCGI在linux下是socket,这个socket可以是文件socket,也可以是ipscoket),主要优点是把动态语言和http服务器分离。
特点:
1、是http服务器和动态脚本语言间通信的接口或者工具
2、优点是把动态解析和http服务器分离开来,使Ninx专一处理静态请求和向后转发动态请求
3、Nginx、Apache、lighted都支持
4、接口方式采用C/S结构,分为客户端(http服务器)和服务器端(动态语言解析服务器)
5、php动态语言服务端可以启动多个FastCGI守护进程(例如php-fpm)
6、http服务器通过FastCGI客户端(例如Nginxfastcgi_pass)和动态语言FastCGI服务端通信(例如 php-fpm)
Nginx FastCGI运行原理
Nginx不支持对外部程序的直接调用或者解析,所有的外部程序(包括PHP)必须通过FastCGI接口来调用。
FastCGI接口在Linux下是socket(这个socket可以是文件socket,也可以是ip socket)。
为了调用CGI程序,还需要一个FastCGI的wrapper(wrapper可以理解为用于启动另一个程序的程序),这个wrapper绑定在某个固定socket上,如端口或者文件socket。
当Nginx将CGI请求发送给这个socket的时候,通过FastCGI接口,wrapper接收到请求,然后派生出一个新的线程,这个线程调用解释器或者外部程序处理脚本并读取返回数据;
接着,wrapper再将返回的数据通过FastCGI接口,沿着固定的socket传递给Nginx;最后,Nginx将返回的数据发送给客户端。这就是Nginx+FastCGI的整个运作过程,如图
php 5.3.27安装(一般由开发选择版本)
php5.3及以上 编译参数--enable-fpm
php5.2 编译参数--enable-fastcgi --enable-fpm--enable-force-cgi
php5.2 参考http://blog.zyan.cc/nginx_php_v6
1、安装lib库
yum install zlib-devel libxml2-devellibjpeg-turbo-devel libiconv-devel -y
yum install freetype-devel libpng-develgd-devel libcurl-devel libxslt-devel -y
=======================如下包改名了
libjpeg-devel====>libjpeg-turbo-devel-1.2.1-3.el6_5.x86_64
curl-devel ====>libcurl-devel-7.19.7-40.el6_6.4.x86_64
=======================检查安装情况
#rpm -qa freetype-devel libjpeg-turbo-devellibpng-devel gd-devel libcurl-devel libxslt-devel
libiconv-devel:没有被yum安装,需要需要手动安装 (GNU的libiconv是字符编码转换库。)
mkdir -p /home/tools
cd /home/tools
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
tar -zxflibiconv-1.14.tar.gz
cd libiconv-1.14
./configure--prefix=/usr/local/libiconv
make
make install
cd ../
安装libmcrypt-devel mhash mhash-devel mcrypt
#wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo (官方libmcrypt-devel的yum源没有)
#yum install libmcrypt-devel mhash mhash-devel mcrypt -y libmcrypt库非必需安装,但是可能会用
编译安装php php-5.3.29(附5.6编译参数)
tar xf php-5.3.29.tar.gz
cd php-5.3.29
./configure \
./configure --prefix=/usr/local/php5.3.27--with-mysql=/usr/local/mysql --with-mysql=mysqlnd --with-iconv-dir=/usr/local/libiconv--with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib--with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode--enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization--with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring--with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash--enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap--enable-short-tags --enable-zend-multibyte --enable-static --with-xsl--with-fpm-user=nginx --with-fpm-group=nginx --enable-ftp
before make:(如果报错,在make之前做)
find / -name libmysqlclient.so.18
ln -s/usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib64/
touch ext/phar/phar.phar
==========================
或
echo"/usr/local/mysql/lib">>/etc/ld.so.conf
ldconfig
==========================
#make
#make install
查看PHP编译参数
# /usr/local/php/bin/php -i |grep configure
Configure Command => './configure' '--prefix=/usr/local/php5.3.29' '--with-mysql=mysqlnd''--with-iconv-dir=/usr/local/libiconv'
'--with-freetype-dir' '--with-jpeg-dir' '--with-png-dir' '--with-zlib''--with-libxml-dir=/usr' '--enable-xml' '--disable-rpath'
'--enable-safe-mode' '--enable-bcmath' '--enable-shmop' '--enable-sysvsem''--enable-inline-optimization' '--with-curl'
'--with-curlwrappers' '--enable-mbregex' '--enable-fpm' '--enable-mbstring''--with-mcrypt' '--with-gd' '--enable-gd-native-ttf'
'--with-openssl' '--with-mhash' '--enable-pcntl' '--enable-sockets''--with-xmlrpc' '--enable-zip' '--enable-soap' '--enable-short-tags'
'--enable-zend-multibyte''--enable-static' '--with-xsl' '--with-fpm-user=nginx' '--with-fpm-group=nginx''--enable-ftp'
#ln -s/usr/local/php5.3.29/ /usr/local/php
#cp/home/tools/php5.3.27/php.ini-production /usr/local/php/lib/php.ini
#cp/usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
#/usr/local/php/sbin/php-fpm
#lsof -i:9000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
php-fpm 127111 root 7u IPv4113033 0t0 TCP localhost:cslistener (LISTEN)
php-fpm 127112 nginx 0u IPv4113033 0t0 TCP localhost:cslistener(LISTEN)
php-fpm 127113 nginx 0u IPv4113033 0t0 TCP localhost:cslistener(LISTEN)
#grep -Ev"^;|^$" /usr/local/php/etc/php-fpm.conf |grep -v"^$"
[global]
[www]
user = nginx
group = nginx
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
调优参数php-fpm(可以作为生产标准)
[global]
pid = /app/logs/php-fpm.pid 默认注释(可不改)
error_log = /app/logs/php-fpm.log 默认注释(可不改)
log_level = error #notice改为error
rlimit_files = 32768 #主进程文件描述符
events.mechanism = epoll #使用epoll模型
[www]
user = nginx
group = nginx
listen = 127.0.0.1:9000
listen.owner = nginx
listen.group = nginx
pm = dynamic
pm.max_children = 1024 #可以创建的子进程的数量
pm.start_servers = 16 #初始的子进程个数
pm.min_spare_servers = 5 #空闲时最少子进程数
pm.max_spare_servers = 20 #最大的剩余空间
pm.process_idle_timeout= 15s; #子进程空闲超时退出时间
pm.max_requests = 2048 #每个子进程的最大请求
slowlog = /app/logs/$pool.log.slow
request_slowlog_timeout = 10
php_admin_value[sendmail_path] =/usr/sbin/sendmail -t -i -f 87014247@qq.com
fastcgi设置检测
在html/www下建立phpinfo.php
<?php
phpinfo();
?>
在html/www下建立mysql.php
<?php
$link_id=mysql_connect('192.168.0.80','root','rootabcd') or mysql_error();
if($link_id){
echo "mysqlsuccessful by gtms !";
}else{
echo mysql_error();
}
?>
fastcgi设置
#cat/usr/local/nginx/conf/extra/www.conf
server {
listen 80;
server_name www.gtms.org;
root html/www;
location / {
index index.html index.htm;
}
location ~ .*\.(php|php5)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
测试ok
网站安全设置
# chown -R root.root blog/
upload server(上传目录权限放给nginx)
# find ./blog/ -type f|xargschmod644
# find ./blog/ -type d|xargschmod755
PHP5.6.22 安装
yuminstall zlib-devel libxml2-devellibjpeg-turbo-devel libiconv-devel -y
yuminstall freetype-devel libpng-devel gd-devellibcurl-devel libxslt-devel -y
mkdir -p /home/tools
cd /home/tools
wgethttp://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
tar zxf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure--prefix=/usr/local/libiconv
make
makeinstall
cd ../
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
yum -y install libmcrypt-devel mhash mhash-develmcrypt -y
PHP5.6.22:
yuminstall openssl-devel -y
tar xf php-5.6.22.tar.gz
cd php-5.6.22
./configure--prefix=/usr/local/php5.6.35 --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd--with-mysqli=mysqlnd --enable-opcache --with-iconv-dir=/usr/local/libiconv--with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib--with-libxml-dir=/usr --enable-xml --disable-rpath --enable-bcmath--enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl--enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd--enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl--enable-sockets --with-xmlrpc --enable-soap --enable-short-tags--enable-static --with-xsl --with-fpm-user=nginx --with-fpm-group=nginx--enable-ftp
make
makeinstall
ln -s /usr/local/php5.6.22/ /usr/local/php
server {
listen 80;
server_name blog.gtms.org;
root html/blog;
location / {
index index.html index.htm;
}
location ~ .*\.(php|php5)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
