分布式部署LAMP

分主機(jī)部署lamp

httpd主機(jī)：192.168.152.140

php-fpm主機(jī)：192.168.152.141

mariadb主機(jī)：192.168.152.142

httpd

yum -y install httpd

vim /etc/httpd/conf.d/vhosts.conf

AddType application/x-httpd-php .php
DirectoryIndex index.php index.html
<VirtualHost *:80>
    ServerName www.test.com.
    DocumentRoot /http/vhosts/test.com
    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test.com/$1     #192.168.152.141為php-fpm主機(jī)地址

    <Directory "/http/vhosts/test.com">
            Options none
            AllowOverride none
            Require all granted
    </Directory>
</Virtualhost>

<VirtualHost *:80>
    ServerName www.test1.com
    DocumentRoot /http/vhosts/test1.com
    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test1.com/$1

    <Directory "/http/vhosts/test1.com">
            Options FollowSymLinks
            AllowOverride none
            Require all granted
    </Directory>
</Virtualhost>

注釋掉/etc/httpd/conf/httpd.conf中的DocumentRoot

mkdir -pv /http/vhosts/test.com

php

yum -y install php php-fpm php-mysql

vim /etc/php-fpm.d/www.conf

listen = 192.168.152.141:9000   #此ip為監(jiān)聽(tīng)php-fpm本機(jī)的9000端口，如只保留端口號(hào)即為監(jiān)聽(tīng)任意ip的9000端口

listen.allowed_clients = 192.168.152.140   #此ip為允許訪問(wèn)php-fpm的主機(jī)，即httpd主機(jī)，注釋掉表示允許任意主機(jī)訪問(wèn)

mkdir -pv /var/www/test.com

vim /var/www/test.com/index.php

<?php
    phpinfo();
?>

訪問(wèn)140主機(jī)出現(xiàn)php信息頁(yè)說(shuō)明httpd和php部署成功

mariadb

yum -y install mariadb-server

vim /etc/my.cnf

[mysqld]

innodb_file_per_table = ON
skip_name_resolve = ON

mysql

GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.152.141' IDENTIFIED BY PASSWORD 'passwd'  #ip為需要訪問(wèn)mysql的php-fpm的主機(jī)地址，即授權(quán)php-fpm主機(jī)可以訪問(wèn)mariadb

編輯141主機(jī),測(cè)試php-mysql連通性

vim /var/www/test.com/index.php

<?php
    $link = mysql_connect('192.168.152.142','root','12345678');
    if($link)
            echo "Success...";
    else
            echo "Failed....";
    mysql_close;
?>

頁(yè)面出現(xiàn)Success即為成功

xcache

yum -y groupinstall "Development Tools" "Server Platform Development"

yum install php-devel

wget xcache-3.2

tar xf xcache-3.2.tar.bz2

cd xcache-3.2.0

phpize   #generate configure script to php environment

./configure --enable-xcache --with-php-config=/usr/bin/php-config

make && make install

cp xcache.ini /etc/php.d/

vim /etc/php.d/xcache.ini   #makesure xcache.admin.enable_auth = ON;xcache.size = 60M

systemctl restart httpd.service

wordpress

192.168.152.140

cd /http/vhosts/test.com

wget https://cn.wordpress.org/wordpress-4.5-zh_CN.tar.gz

tar xf wordpress-4.5-zh_CN.tar.gz

cd wordpress/

cp wp-config-sample.php wp-config.php

vim wp-config.php

/** WordPress數(shù)據(jù)庫(kù)的名稱 */
define('DB_NAME', 'wordpressdb');

/** MySQL數(shù)據(jù)庫(kù)用戶名 */
define('DB_USER', 'wpuser');

/** MySQL數(shù)據(jù)庫(kù)密碼 */
define('DB_PASSWORD', '12345678');

/** MySQL主機(jī) */
define('DB_HOST', '127.0.0.1');

192.168.152.141

cd /var/www/test.com

wget https://cn.wordpress.org/wordpress-4.5-zh_CN.tar.gz

tar xf wordpress-4.5-zh_CN.tar.gz

cd wordpress/

cp wp-config-sample.php wp-config.php

vim wp-config.php

/** WordPress數(shù)據(jù)庫(kù)的名稱 */
define('DB_NAME', 'wordpressdb');

/** MySQL數(shù)據(jù)庫(kù)用戶名 */
define('DB_USER', 'wpuser');

/** MySQL數(shù)據(jù)庫(kù)密碼 */
define('DB_PASSWORD', '12345678');

/** MySQL主機(jī) */
define('DB_HOST', '127.0.0.1');

phpmyadmin

192.168.152.141

yum -y install php-mbstring

cd /var/www/test1.com

wget https://files.phpmyadmin.net/phpMyAdmin/4.4.15.5/phpMyAdmin-4.4.15.5-all-languages.tar.bz2

tar xf phpMyAdmin-4.4.15.5-all-languages.tar.bz2

ln -sv phpMyAdmin-4.4.15.5-all-languages pma

cd phpMyAdmin-4.4.15.5-all-languages/

cp config.sample.inc.php config.inc.php

yum -y install php-mbstring

openssl rand -base64 20

vim config.inc.php

$cfg['blowfish_secret'] = '4Nf696qH4QG/rZM5EOkkSJyXFBs'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

192.168.152.140

cd /http/vhosts/test.com

wget https://files.phpmyadmin.net/phpMyAdmin/4.4.15.5/phpMyAdmin-4.4.15.5-all-languages.tar.bz2

tar xf phpMyAdmin-4.4.15.5-all-languages.tar.bz2

ln -sv phpMyAdmin-4.4.15.5-all-languages pma

cd phpMyAdmin-4.4.15.5-all-languages/

cp config.sample.inc.php config.inc.php

yum -y install php-mbstring

openssl rand -base64 20

vim config.inc.php

$cfg['blowfish_secret'] = '4Nf696qH4QG/rZM5EOkkSJyXFBs'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

https

為phpmyadmin添加https訪問(wèn)

192.168.152.141作CA

192.168.152.140作SERVER

CA

cd /etc/pki/CA

(umask 077;openssl genrsa -out private/cakey.pem 2048)

openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3655

country name
state or province name
locality name
organization name
organization unit name
common name
email address

touch serial index.txt

echo 01 > serial

SERVER

cd /etc/httpd/

mkdir ssl

(umask 077;openssl genrsa -out httpd.key 1024)

openssl req -new -key httpd.key -out httpd.csr

country name
state or province name
locality name
organization name
organization unit name
common name
email address

把生成的證書簽署請(qǐng)求httpd.csr發(fā)送到CA端作簽署

CA端簽署證書

openssl ca -in /任意目錄/httpd.csr -out /etc/pki/CA/certs/httpd.crt

把簽署完的證書發(fā)還到SERVER

在SERVER端

yum -y install mod_ssl  #安裝支持ssl的模塊

vim /etc/httpd/conf.d/ssl.conf  #編輯ssl配置文件 編輯前做好備份

<VirtualHost _default_:443>

    ServerName www.test1.com
    DocumentRoot /http/vhosts/test1.com
    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.152.141:9000/var/www/test1.com/$1

    <Directory "/http/vhosts/test1.com">
            Options FollowSymLinks
            AllowOverride none
            Require all granted
    </Directory>

    SSLEngine on

    SSLCertificateFile /etc/httpd/ssl/httpd.crt

    SSLCertificateKeyFile /etc/httpd/ssl/httpd.key

</VirtualHost>

把/etc/httpd/conf.d/vhosts.conf配置文件中第二個(gè)VirtualHost注釋掉避免沖突

httpd -t    #檢查語(yǔ)法錯(cuò)誤

systemctl restart httpd.service   #重啟httpd服務(wù)使配置生效