千家信息网

CentOS 7, apm+xcache, rpm包, php module

发表于:2024-11-23 作者:千家信息网编辑
千家信息网最后更新 2024年11月23日,实验需求:1、CentOS 7, apm+xcache, rpm包, php module;a) 一个虚拟主机提供phpMyAdmin,另一个虚拟主机提供wordpress;b) 为phpMyAdmi
千家信息网最后更新 2024年11月23日CentOS 7, apm+xcache, rpm包, php module
  1. 实验需求:

    1、CentOS 7, apm+xcache, rpm包, php module;
    a) 一个虚拟主机提供phpMyAdmin,另一个虚拟主机提供wordpress;
    b) 为phpMyAdmim提供https服务;

  2. 实验环境:

    Linux服务器操作系统版本:CentOS Linux release 7.2.1511 (Core) IP:172.16.252.113
    WIN7系统客户机:IP:172.16.250.100


  3. 实验前提:
    1)关闭防火墙和SELinux
    ~]# service iptables stop
    ~]# setenforce 0

  4. 实验过程:


一、安装amp环境

1.yum包安装amp

~]# yum install httpd php php-mysql mariadb

1)检查是否成功安装包
~]# rpm -qa httpd php php-mysql mysql-server

2)启动服务
~]# systemctl start httpd
~]# systemctl start mariadb

3)查看服务是否正常启动
~]# ss -nlt
~]# ps aux | grep httpd
~]# ps aux |grep myslq

4)设置开机自动启动
~]# systemctl enable httpd
~]# systemctl enable mariadb

5)检查是否设置成开机自启动
~]# systemctl is-enabled httpd
~]# systemctl is-enabled mariadb

2.一个虚拟主机提供phpMyAdmin,另一个虚拟主机提供wordpress;

二、配置虚拟主机

1)vhosts www1


ServerName www1.magedu.com
DocumentRoot /data/vhosts/www1
ErrorLog logs/www1-error_log
CustomLog logs/www1-access_log combiend

Options None
AllowOverride None
Require all granted



2)vhosts www2


ServerName www2.magedu.com
DocumentRoot /data/vhosts/www2
ErrorLog logs/www2-error_log
CustomLog logs/www2-access_log combiend

Options None
AllowOverride None
Require all granted



二、部署wordpress环境:

1)创建站点目录
~]# mkdir /data/vhosts/www1

2)解压wordpress包
tools]# unzip wordpress-4.3.1-zh_CN.zip

3)拷贝到站点目录www1中
# cp wordpress /data/vhosts/www1

4)登录数据库
~]# mysql -uroot -p

5)为bolg创建数据库名为:wordpress
MariaDB [(none)]> CREATE DATABASE wordpress;

6)查数据库是否创建成功
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wordpress |
+--------------------+
4 rows in set (0.00 sec)

7)授权用户
MariaDB [(none)]> GRANT ALL ON wordpress.* TO ly@'localhost' IDENTIFIED BY 'liyang';
Query OK, 0 rows affected (0.03 sec)

MariaDB [(none)]> GRANT ALL ON wordpress.* TO ly@'127.0.0.1' IDENTIFIED BY 'liyang';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> GRANT ALL ON wordpress.* TO ly@'172.16.%.%' IDENTIFIED BY 'liyang';
Query OK, 0 rows affected (0.00 sec)

8)改名wordpress配置文件为wp-config.php
]# cp wp-config-sample.php wp-config.php

9)修改wp-config.php文件连接数据库
~]# sed -n '22,38p' /data/vhosts/www1/wordpress/wp-config.php
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'ly');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'liyang');
/** MySQL主机 */
define('DB_HOST', '172.16.252.113');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');

三、测试
1)在服务器端添加域名解析
]# echo "172.16.252.113 www1.magedu.com" >> /etc/hosts

2)在PC中的hosts文件中添加
172.16.252.113 www1.magedu.com

3)httpd-->php是否可以访问
www1]# cat admin.php
phpinfo();
?>
4)httpd-->php--mariadb是否可以访问

$conn = mysql_connect('172.16.100.71','testuser','testpass');
if($conn)
echo "OK";
else
echo "Failure";

?>

5)在浏览器中,根据提示安装http://www2.magedu.com/wordpress/index.php

6)查看数据库是否生成数据
~]# mysql -uly -p
MariaDB [(none)]> show databases;

MariaDB [(none)]> use wordpress;

MariaDB [wordpress]> show tables;
+-----------------------+
| Tables_in_wordpress |
+-----------------------+
| wp_commentmeta |
| wp_comments |
| wp_links |
| wp_options |
| wp_postmeta |
| wp_posts |
| wp_term_relationships |
| wp_term_taxonomy |
| wp_terms |
| wp_usermeta |
| wp_users |
+-----------------------+
11 rows in set (0.00 sec)

四、部署phpMyAdmin环境:

1)创建站点目录
~]# mkdir /data/vhosts/www2

2)解压phpMyAdmin包
tools]# unzip phpMyAdmin-4.4.14.1-all-languages.zip

3)拷贝到站点目录www2中
~]# cp -r phpMyAdmin-4.4.14.1-all-languages /data/vhosts/www1


4)配置phpMyAdmin软件
www1]# ln -sv phpMyAdmin-4.4.14.1-all-languages/ phpMyAdmin
~]# cp config.sample.inc.php config.inc.php


5)生成随机数
~]# openssl rand -hex 8
640b56f72820ace8


6修改配置文件config.inc.php
]# vim config.inc.php
$cfg['blowfish_secret'] = '640b56f72820ace8'

7)在浏览器中测试,根据提示输入数据库名和密码(主机账号和密码是授权wordpress中用户)
在PC机浏览器中测试:http://www1.magedu.com/phpMyAdmin-4.4.14.1-all-languages/ 通过80端口访问

8)访问提示:没有扩展,安装 php-mbstring 可以解决
~]# yum install php-mbstring

3.为phpMyAdmim提供https服务

工作目录:/etc/pki/CA/

一、建立私有CA

1)生成私钥

[root@localhost CA]# (umask 077; openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
.....+++
...........+++
e is 65537 (0x10001)

2)生成自签证书
[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Beijing
Locality Name (eg, city) [Default City]:Beijing
Organization Name (eg, company) [Default Company Ltd]:liyang
Organizational Unit Name (eg, section) []:0ps
Common Name (eg, your name or your server's hostname) []:www2.magedu.com
Email Address []:admin@magedu.com

3)提供辅助文件

[root@localhost CA]# touch index.txt
[root@localhost CA]# echo 01 > serial
[root@localhost CA]# tree
.
├── cacert.pem
├── certs
├── crl
├── index.txt
├── index.txt.attr
├── index.txt.old
├── newcerts
├── private
│ └── cakey.pem
├── serial
└── serial.old


二、节点申请证书

1)生成私钥
~]# mkdir -pv /etc/httpd/ssl
ssl]# (umask 077; openssl genrsa -out httpd.key 1024)

2)生成证书签署请求:
ssl]# openssl req -new -key httpd.key -out httpd.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Beijing
Locality Name (eg, city) [Default City]:Beijing
Organization Name (eg, company) [Default Company Ltd]:liyang
Organizational Unit Name (eg, section) []:0ps
Common Name (eg, your name or your server's hostname) []:www1.magedu.com
Email Address []:admin@magedu.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:


ssl]# cp httpd.csr /tmp/


三、CA签发证书

1)签署证书
~]# openssl ca -in /tmp/httpd.csr -out /etc/pki/CA/certs/httpd.crt
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Jul 16 07:41:43 2016 GMT
Not After : Jul 16 07:41:43 2017 GMT
Subject:
countryName = CN
stateOrProvinceName = Beijing
organizationName = liyang
organizationalUnitName = 0ps
commonName = www2.magedu.com
emailAddress = admin@magedu.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
70:95:31:1F:E3:15:D0:EE:D1:8F:2E:DA:8C:64:95:F6:EA:80:8F:2D
X509v3 Authority Key Identifier:
keyid:79:B8:17:4E:7D:74:2D:CD:16:63:20:1D:D1:9F:AA:D1:5F:49:09:CA

Certificate is to be certified until Jul 16 07:41:43 2017 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

2)把签署好的证书发还给请求者。
~]# cp /etc/pki/CA/certs/httpd.crt /etc/httpd/ssl/

注意:本次私建CA和节点申请证书在同一台机器完成。

四、配置httpd支持使用ssl,及使用的证书

1)yum安装mod_ssl模块
~]# httpd -M | grep ssl
~]# yum install mod_ssl -y
~]# rpm -ql mod_ssl

2)配置虚拟主机ssh.conf
~]# vim /etc/httpd/conf.d/ss.conf

DocumentRoot "/data/vhosts/www2"
ServerName www1.magedu.com:443
SSLCertificateFile /etc/httpd/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key

SSLOptions +StdEnvVars
AllowOverride None
Require all granted




五、测试结果:

1)在PC机浏览器中测试:https://www1.magedu.com/phpMyAdmin-4.4.14.1-all-languages/ 通过443端口访问

4.压力测试:

一、正常测试


1)测试并发
~]# ab -c 10 -n 1000 www2.magedu.com/wordpress/index.php

Server Software: Apache/2.4.6
Server Hostname: www2.magedu.com
Server Port: 80

Document Path: /wordpress/index.php
Document Length: 0 bytes

Concurrency Level: 10
Time taken for tests: 79.144 seconds
Complete requests: 1000
Failed requests: 0
Write errors: 0
Non-2xx responses: 1000
Total transferred: 339000 bytes
HTML transferred: 0 bytes
Requests per second: 12.64 [#/sec] (mean)
Time per request: 791.438 [ms] (mean)
Time per request: 79.144 [ms] (mean, across all concurrent requests)
Transfer rate: 4.18 [Kbytes/sec] received

Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 0 0.1 0 2
Processing: 240 770 736.3 669 6496
Waiting: 240 768 731.3 668 6429
Total: 240 770 736.4 669 6497

Percentage of the requests served within a certain time (ms)
50% 669
66% 718
75% 747
80% 765
90% 805
95% 878
98% 4807
99% 6494
100% 6497 (longest request)

二、为php安装xcache加速器测试数据:


1)yum 安装php-xcache
~]# yum install php-xcache

2)测试并发
~]# ab -c 10 -n 1000 www2.magedu.com/wordpress/index.php
Server Software: Apache/2.4.6
Server Hostname: www2.magedu.com
Server Port: 80

Document Path: /wordpress/index.php
Document Length: 0 bytes

Concurrency Level: 10
Time taken for tests: 69.750 seconds
Complete requests: 1000
Failed requests: 0
Write errors: 0
Non-2xx responses: 1000
Total transferred: 339000 bytes
HTML transferred: 0 bytes
Requests per second: 14.34 [#/sec] (mean)
Time per request: 697.503 [ms] (mean)
Time per request: 69.750 [ms] (mean, across all concurrent requests)
Transfer rate: 4.75 [Kbytes/sec] received

Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 0 0.1 0 2
Processing: 139 683 1093.9 631 25635
Waiting: 139 682 1093.8 629 25635
Total: 139 683 1093.9 631 25635

Percentage of the requests served within a certain time (ms)
50% 631
66% 686
75% 713
80% 734
90% 785
95% 824
98% 907
99% 1450
100% 25635 (longest request

0