單主機(jī)LAMP部署
10年積累的成都網(wǎng)站建設(shè)、成都做網(wǎng)站經(jīng)驗(yàn)���,可以快速應(yīng)對(duì)客戶對(duì)網(wǎng)站的新想法和需求��。提供各種問題對(duì)應(yīng)的解決方案���。讓選擇我們的客戶得到更好��、更有力的網(wǎng)絡(luò)服務(wù)����。我雖然不認(rèn)識(shí)你��,你也不認(rèn)識(shí)我���。但先建設(shè)網(wǎng)站后付款的網(wǎng)站建設(shè)流程����,更有富陽免費(fèi)網(wǎng)站建設(shè)讓你可以放心的選擇與我們合作�。
要求:在一個(gè)主機(jī)上一個(gè)虛擬主機(jī)提供phpMyAdmin,另一個(gè)虛擬主機(jī)提供wordpress����,且為phpMyAdmim提供https服務(wù):
一.安裝所需rpm包
yuminstall -y httpd php php-MySQL php-gd php-mbstring php-xml mariadb-servermod_ssl
二.開啟并檢測(cè)服務(wù),配置數(shù)據(jù)庫����,測(cè)試網(wǎng)頁是否聯(lián)通
啟動(dòng)httpd服務(wù):systemctl start htppd.service
檢查服務(wù)開啟狀態(tài):systemctlstatus httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded(/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon2016-07-18 22:59:32 CST
將服務(wù)設(shè)置為默認(rèn)開啟狀態(tài):systemctl enablehttpd.service
查看80端口狀態(tài):ss -tnl
LISTEN 0 128 :::80 :::*
檢查httpd進(jìn)程:ps -aux | grep httpd
root 1709 0.0 1.6 468464 16304 ? Ss 22:59 0:00 /usr/sbin/httpd-DFOREGROUND
apache 2013 0.0 0.8 470680 8560 ? S 22:59 0:00 /usr/sbin/httpd -DFOREGROUND
apache 2014 0.0 0.8 470680 8560 ? S 22:59 0:00 /usr/sbin/httpd -DFOREGROUND
apache 2015 0.0 0.8 470680 8560 ? S 22:59 0:00 /usr/sbin/httpd -DFOREGROUND
apache 2017 0.0 0.8 470680 8560 ? S 22:59 0:00 /usr/sbin/httpd -DFOREGROUND
apache 2018 0.0 0.8 470680 8560 ? S 22:59 0:00 /usr/sbin/httpd -DFOREGROUND
root 4499 0.0 0.0 112644 952 pts/1 R+ 23:05 0:00 grep --color=auto httpd
查看是否是prefork模塊:httpd -M | grep mpm:
mpm_prefork_module(shared)
確認(rèn)ssl模塊是否啟用成功:httpd -M |grep ssl
ssl_module(shared)
啟動(dòng)mysql服務(wù)�����;systemctl start mariadb.service
Mysql數(shù)據(jù)庫初始化:mysql_secure_installation
授權(quán)創(chuàng)建用戶
[root@zq~]# mysql
mysql>GRANT ALL ON qqdb.* TO 'qquser'@'172.16.%.%' IDENTIFIED BY 'qqpass';
mysql>FLUSH PRIVILEGES;
mysql>CREATE DATABASE qqdb;
為虛擬主機(jī)建FQDN的資源映射路徑��,并配置默認(rèn)測(cè)試頁面:
[root@zq~]# mkdir -p /data/vhost/www{1,2}
配置默認(rèn)頁1:vim /data/vhost/www1/index.php
number1
$conn =mysql_connect('172.16.35.1','qquser','qqpass');
if($conn)
echo"OK";
else
echo"Failure";
phpinfo();
?>
配置默認(rèn)頁2:cp /data/vhost/www1/index.php/data/vhost/www2/index.php
vim/data/vhost/www2/index.php
改1為2即可
改httpd的配置文件
vim /etc/httpd/conf.d/vhost1.conf
ServerNamewww1.test.com
DocumentRoot"/data/vhost/www1"
ProxyRequestson
DirectoryIndexindex.php
OptionsNone
AllowOverrideNone
Requireall granted
vim/etc/httpd/conf.d/vhost2.conf
ServerNamewww2.test.com
DocumentRoot"/data/vhost/www2"
ProxyRequestson
DirectoryIndexindex.php
OptionsNone
AllowOverrideNone
Requireall granted
修改DNS指向自己并添加本地域名解析
vim/etc/resolv.conf
DNS=172.16.35.1
vim/etc/hosts
172.16.100.31www1.test.comwww2.test.com
輸入網(wǎng)址www1.test.com或www2.test.com顯示ok則說明以上步驟正確
且加速器以啟用:
三.安裝wordpress和php-myadmin
在教室服務(wù)器上用lftp下載wordpress放在/data/vhost/www1中�����,php-myadmin放在/data/vhost/www2中
1.安裝wordpress :
[root@zq~]# unzip wordpress-4.3.1-zh_CN.zip
修改配置文件��;
[root@zq~]# vim /data/vhost/www1/wp-config-sample.php
// **MySQL設(shè)置 -具體信息來自您正在使用的主機(jī) ** //
/**WordPress數(shù)據(jù)庫的名稱 */
define('DB_NAME','qqdb');
/** MySQL數(shù)據(jù)庫用戶名 */
define('DB_USER','qquser');
/** MySQL數(shù)據(jù)庫密碼 */
define('DB_PASSWORD','qqpass');
/** MySQL主機(jī) */
define('DB_HOST','172.16.35.1');
/**創(chuàng)建數(shù)據(jù)表時(shí)默認(rèn)的文字編碼 */
define('DB_CHARSET','utf8');
/**數(shù)據(jù)庫整理類型��。如不確定請(qǐng)勿更改 */
define('DB_COLLATE','');
2.安裝php-myadmin:
[root@zq ~]# unzipphpMyAdmin-4.4.14.1-all-languages.zip
[root@zq ~]#mv /data/vhost/www2/config.sample.inc.php /data/vhost/www2/config.inc.php
[root@zq~]# vim /data/vhost/www2/config.inc.php
$cfg['blowfish_secret']= '4pfPnJU4R8pA4WMWaQxD'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/*
* Serversconfiguration
*/
$i = 0;
/*
* Firstserver
*/
$i++;
/*Authentication type */
$cfg['Servers'][$i]['auth_type']= 'cookie';
/* Serverparameters */
$cfg['Servers'][$i]['host']= '172.16.35.1';這里這指向mysql數(shù)據(jù)庫主機(jī)的地址
$cfg['Servers'][$i]['connect_type']= 'tcp';
$cfg['Servers'][$i]['compress']= false;
$cfg['Servers'][$i]['AllowNoPassword']= false;
3.測(cè)試wordpress和php-myadmin是否可以連接
第一次登陸要輸入認(rèn)證信息���。
四.簽署CA證書并為phpmyadmin提供https服務(wù);
1���、生成密鑰
進(jìn)入CA目錄下
[root@zq~]# cd /etc/pki/CA/
[root@zq CA]#(umask 077; openssl genrsa -out private/cakey.pem 1024)
GeneratingRSA private key, 1024 bit long modulus
............................................................................+++
...............+++
e is65537 (0x10001)
2����、生成自簽證書
[root@zq CA]# openssl req -new -x509 -keyprivate/cakey.pem -out cacert.pem
You are about to be asked to enterinformation that will be incorporated
into your certificate request.
What you are about to enter is what iscalled a Distinguished Name or a DN.
There are quite a few fields but you canleave some blank
For some fields there will be a defaultvalue,
If you enter '.', the field will be leftblank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name)[]:beijing
Locality Name (eg, city) [Default City]:haidian
Organization Name (eg, company) [DefaultCompany Ltd]:mage
Organizational Unit Name (eg, section)[]:magedu
Common Name (eg, your name or your
補(bǔ)充文件
[root@zq CA]# touch index.txt
[root@zq CA]# echo 01 > serial
3.在第2臺(tái)主機(jī)上生成請(qǐng)求簽署文件以及密鑰
在/etc/httpd/目錄下創(chuàng)建ssl目錄并cd進(jìn)入
生成密鑰:
[root@zqssl]# (umask 077; openssl genrsa -outhttpd.key 1024)
GeneratingRSA private key, 1024 bit long modulus
.++++++
........................................++++++
e is65537 (0x10001)
生成簽署請(qǐng)求文件:
[root@ssl]# openssl req -new -key httpd.key -outhttpd.csr
You areabout to be asked to enter information that will be incorporated
into yourcertificate request.
What youare about to enter is what is called a Distinguished Name or a DN.
There arequite a few fields but you can leave some blank
For somefields there will be a default value,
If youenter '.', the field will be left blank.
-----
CountryName (2 letter code) [XX]:CN
State orProvince Name (full name) []:beijing
LocalityName (eg, city) [Default City]:haidian
OrganizationName (eg, company) [Default Company Ltd]:mage
OrganizationalUnit Name (eg, section) []:magedu
CommonName (eg, your name or your server's hostname) []:www2.test.com這個(gè)要和客戶訪問要加密的主機(jī)名一樣
EmailAddress []:www1admin@test.com
Pleaseenter the following 'extra' attributes
to besent with your certificate request
A challengepassword []:
Anoptional company name []:
4.復(fù)制給CA主機(jī)簽署證書
[root@zqssl]# scp httpd.csr 172.16.35.2:/tmp
5.到centos7主機(jī)上簽署文件
[root@1 CA]# openssl ca -in /tmp/httpd.csr -out/etc/pki/CA/certs/httpd.crt
6.簽署完成后復(fù)制給請(qǐng)求主機(jī)
[root@1 CA]# scp certs/httpd.crt 172.16.35.1:/etc/httpd/ssl/
編輯這個(gè)文件
[root@zq~]# vim /etc/httpd/conf.d/ssl.conf
DocumentRoot"/data/vhost/www2/myadmin"
ServerNamewww2.test.com:443主機(jī)名也改成自己的
SSLCertificateFile/etc/httpd/ssl/httpd.crt指明簽署的證書文件路徑
SSLCertificateKeyFile/etc/httpd/ssl/httpd.key指明私鑰文件的路徑
7.重載配置文件
Systemctlreloadhttpd
8.查看443端口情況:
ss -tnl |grep 443
9.主配置文件中禁掉默認(rèn)根目錄:
#DocumentRoot"/var/www/html"
10.打開瀏覽器輸入myadmin地址訪問看看是否提供了https服務(wù)
五.對(duì)其做壓力測(cè)試:
ab -n 1000 -c 1000 -k www1.test.com
ab -n 1000 -c 1000 -k www2.test.com
網(wǎng)站標(biāo)題:?jiǎn)沃鳈C(jī)部署LAMP
當(dāng)前鏈接:
http://weahome.cn/article/ijjscj.html
重慶分公司
重慶分公司
