Nginx+PHP(FastCGI)+MySQL在小内存VPS(t1.micro)上的安装配置与优化


参考资料:
http://blog.s135.com/nginx_php_v6/
http://blog.s135.com/post/375/

背景介绍:
以前,因为AWS EC2的价格比较昂贵而租用了其它国外小厂商的VPS,在使用了3年多之后,发现AWS EC2的价格居然比现在正在使用的VPS还要便宜。
全球线路与速度最理想的日本节点的t1.micro型号,选择3年长期合约的价格在3000元人民币左右,一年下来也不到1000元,所以就打算将Blog迁移到AWS EC2上。
ec2_tokyo_t1_micro

之前在部署VPS环境的时候,基本上是完整的参考了张宴的两篇文档,包括操作系统的选择也是相同的。
但这一次我想采用目前较新的CentOS 6.4 minimal x86_64
同时选择版本最新的Nginx,PHP以及MySQL,引入EPEL仓库来简化安装与部署过程中对额外的依赖软件的安装,优化一些原来的工作方式,比如创建服务管理脚本来启动/停止Nginx与MySQL,使用logrotate来切割日志等;
经过了一番折腾,在填了不少的坑之后,终于成功的完成了新环境的部署,感觉非常不错。

下面,就是此次的整个安装配置过程:
1. 安装常用工具
yum install -y vim wget unzip screen tree mlocate

2. 安装编译工具
yum install -y gcc gcc-c++ autoconf patch cmake automake

3. 安装EPEL仓库
yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

4. 安装所有必需的软件包
yum install -y libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel freetype freetype-devel
yum install -y libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel gmp gmp-devel
yum install -y bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel unixODBC unixODBC-devel
yum install -y krb5-libs krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel
yum install -y libgcrypt libgcrypt-devel libtool
yum install -y libmcrypt libmcrypt-devel mhash mhash-devel mcrypt pcre pcre-devel
yum install -y ImageMagick ImageMagick-devel

5. 下载所有必需的软件源码包
mkdir /root/packages
cd /root/packages
wget http://nginx.org/download/nginx-1.4.7.tar.gz
wget http://museum.php.net/php5/php-5.2.17.tar.gz
wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
wget http://mirrors.sohu.com/mysql/MySQL-5.5/mysql-5.5.36.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
wget http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
wget http://pecl.php.net/get/imagick-3.2.0RC1.tgz
wget https://github.com/downloads/eaccelerator/eaccelerator/eaccelerator-0.9.6.1.tar.bz2

6. 编译安装iconv
cd /root/packages
tar xzvf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure
make
make install

7. 编译安装并配置MySQL
7.1 编译安装MySQL
cd /root/packages
tar xzvf mysql-5.5.36.tar.gz
cd mysql-5.5.36
cmake -DCMAKE_INSTALL_PREFIX=/webserver/mysql \
-DSYSCONFDIR=/webserver/mysql/etc \
-DMYSQL_DATADIR=/webserver/mysql/data \
-DMYSQL_TCP_PORT=3306 \
-DMYSQL_UNIX_ADDR=/webserver/mysql/run/mysqld.sock \
-DMYSQL_USER=mysql \
-DEXTRA_CHARSETS=all \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_EMBEDDED_SERVER=1 \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1
make
make install

7.2 创建mysql用户
useradd mysql -d /webserver/mysql/data

7.3 创建MySQL所需目录
mkdir -p /webserver/mysql/{etc,data,tmp,run,binlogs,log}
chown mysql:mysql -R /webserver/mysql/{etc,data,tmp,run,binlogs,log}

7.4 创建my.cnf配置文件
vim /webserver/mysql/etc/my.cnf

[mysqld]
# basic settings
datadir = /webserver/mysql/data
tmpdir = /webserver/mysql/tmp
socket = /webserver/mysql/run/mysqld.sock
port = 3306
pid-file = /webserver/mysql/run/mysqld.pid

skip-external-locking
max_allowed_packet = 16M

# innodb settings
default-storage-engine = INNODB
binlog_format = ROW
innodb_file_per_table = 1
log-bin = /webserver/mysql/binlogs/bin-log-mysqld
log-bin-index = /webserver/mysql/binlogs/bin-log-mysqld.index
innodb_data_home_dir = /webserver/mysql/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /webserver/mysql/data

# relay log settings
relay-log = /webserver/mysql/log/relay-log-mysqld
relay-log-index = /webserver/mysql/log/relay-log-mysqld.index

# increase the max connections
max_connections = 200

# the expiration time for logs, including binlogs
expire_logs_days = 7

# set the character as utf8
character-set-server = utf8
collation-server = utf8_unicode_ci

# server id
server-id=33061

# other settings
[mysqld_safe]
log-error = /webserver/mysql/log/mysqld.log
pid-file = /webserver/mysql/run/mysqld.pid
open-files-limit = 8192

[mysqlhotcopy]
interactive-timeout

[client]
port = 3306
socket = /webserver/mysql/run/mysqld.sock
default-character-set = utf8

chown mysql:mysql /webserver/mysql/etc/my.cnf

7.5 初始化MySQL系统数据库
chmod +x scripts/mysql_install_db
scripts/mysql_install_db --user=mysql --basedir=/webserver/mysql --datadir=/webserver/mysql/data/ --defaults-file=/webserver/mysql/etc/my.cnf

7.6 创建MySQL服务管理脚本
mkdir /webserver/init.d/
cp support-files/mysql.server /webserver/init.d/mysqld
chmod +x /webserver/init.d/mysqld

7.7 启动MySQL服务
/webserver/init.d/mysqld start

7.8 登陆MySQL命令行终端
/webserver/mysql/bin/mysql -uroot -p

8. 编译安装并配置PHP
8.1 编译安装PHP
cd /root/packages
tar xzf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | patch -d php-5.2.17 -p1

注:创建软链接以便PHP在编译时能顺利找到所需的库文件
ln -s /webserver/mysql/lib /webserver/mysql/lib64
ln -s /usr/local/lib/libiconv.so /usr/local/lib64/libiconv.so
ln -s /usr/lib64/libmhash.so.2 /usr/lib64/libmhash.so

cd php-5.2.17
./configure --prefix=/webserver/php \
--with-config-file-path=/webserver/php/etc \
--with-mysql=/webserver/mysql --with-mysqli=/webserver/mysql/bin/mysql_config \
--with-libdir=lib64 \
--with-iconv-dir=/usr/local \
--with-freetype-dir --with-jpeg-dir --with-png-dir \
--with-zlib --with-libxml-dir --enable-xml \
--disable-rpath --enable-discard-path \
--enable-safe-mode --enable-bcmath --enable-shmop \
--enable-sysvsem --enable-inline-optimization \
--with-curl --with-curlwrappers --enable-mbregex \
--enable-fastcgi --enable-fpm --enable-force-cgi-redirect \
--enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf \
--with-openssl --with-mhash --enable-pcntl --enable-sockets \
--with-ldap --with-ldap-sasl --with-xmlrpc \
--enable-zip --enable-soap

make ZEND_EXTRA_LIBS='-liconv'

注:创建软链接以便PHP在安装时能顺利找到所需的库文件
ln -s /webserver/mysql/lib/libmysqlclient.so.18 /usr/lib64/libmysqlclient.so.18
ln -s /usr/local/lib/libiconv.so.2 /usr/lib64/libiconv.so.2

make install
cp php.ini-dist /webserver/php/etc/php.ini

8.2 编译安装eaccelerator
cd /root/packages
tar xjf eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1/
/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/webserver/php/bin/php-config
make
make install
cd ../

8.3 编译安装PDO_MYSQL
tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/webserver/php/bin/phpize
./configure --with-php-config=/webserver/php/bin/php-config --with-pdo-mysql=/webserver/mysql
make
make install
cd ../

8.4 编译安装imagick
tar xzf imagick-3.2.0RC1.tgz
cd imagick-3.2.0RC1
/webserver/php/bin/phpize
./configure --with-php-config=/webserver/php/bin/php-config
make
make install

8.5 修改php.ini配置文件
vim /webserver/php/etc/php.ini

; Directory in which the loadable extensions (modules) reside.
;extension_dir = "./"
extension_dir = "/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension = "imagick.so"
extension = "pdo_mysql.so"

;output_buffering = Off
output_buffering = On

; cgi.fix_pathinfo=0
cgi.fix_pathinfo=0

8.6 创建缓存目录
mkdir /webserver/eaccelerator_cache

8.7 在php.ini中添加eaccelerator支持
vim /webserver/php/etc/php.ini

[eaccelerator]
zend_extension="/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="1"
eaccelerator.cache_dir="/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
eaccelerator.keys = "disk_only"
eaccelerator.sessions = "disk_only"
eaccelerator.content = "disk_only"

8.8 创建www用户
useradd -r www

8.9 创建所需目录
mkdir -p /webserver/blog/{rainbow,eric,logs}
chown www:www /webserver/blog/{rainbow,eric,logs}
chmod +w /webserver/blog/{rainbow,eric,logs}
mkdir /webserver/php/run

8.10 创建php-fpm.con配置文件
rm -f /webserver/php/etc/php-fpm.conf
vim /webserver/php/etc/php-fpm.conf

 
<?xml version="1.0" ?>
<configuration>

  All relative paths in this config are relative to php's install prefix

  <section name="global_options">

    Pid file
    <value name="pid_file">/webserver/php/logs/php-fpm.pid</value>

    Error log file
    <value name="error_log">/webserver/php/logs/php-fpm.log</value>

    Log level
    <value name="log_level">notice</value>

    When this amount of php processes exited with SIGSEGV or SIGBUS ...
    <value name="emergency_restart_threshold">10</value>

    ... in a less than this interval of time, a graceful restart will be initiated.
    Useful to work around accidental curruptions in accelerator's shared memory.
    <value name="emergency_restart_interval">1m</value>

    Time limit on waiting child's reaction on signals from master
    <value name="process_control_timeout">5s</value>

    Set to 'no' to debug fpm
    <value name="daemonize">yes</value>

  </section>

  <workers>

    <section name="pool">

      Name of pool. Used in logs and stats.
      <value name="name">default</value>

      Address to accept fastcgi requests on.
      Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
      <value name="listen_address">/webserver/php/run/php-cgi.sock</value>

      <value name="listen_options">

        Set listen(2) backlog
        <value name="backlog">-1</value>

        Set permissions for unix socket, if one used.
        In Linux read/write permissions must be set in order to allow connections from web server.
        Many BSD-derrived systems allow connections regardless of permissions.
        <value name="owner"></value>
        <value name="group"></value>
        <value name="mode">0666</value>
      </value>

      Additional php.ini defines, specific to this pool of workers.
      <value name="php_defines">
        <value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
        <value name="display_errors">0</value>
      </value>

      Unix user of processes
      <value name="user">www</value>

      Unix group of processes
      <value name="group">www</value>

      Process manager settings
      <value name="pm">

        Sets style of controling worker process count.
        Valid values are 'static' and 'apache-like'
        <value name="style">static</value>

        Sets the limit on the number of simultaneous requests that will be served.
        Equivalent to Apache MaxClients directive.
        Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
        Used with any pm_style.
        <value name="max_children">5</value>

        Settings group for 'apache-like' pm style
        <value name="apache_like">

          Sets the number of server processes created on startup.
          Used only when 'apache-like' pm_style is selected
          <value name="StartServers">20</value>

          Sets the desired minimum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MinSpareServers">5</value>

          Sets the desired maximum number of idle server processes.
          Used only when 'apache-like' pm_style is selected
          <value name="MaxSpareServers">35</value>

        </value>

      </value>

      The timeout (in seconds) for serving a single request after which the worker process will be terminated
      Should be used when 'max_execution_time' ini option does not stop script execution for some reason
      '0s' means 'off'
      <value name="request_terminate_timeout">0s</value>

      The timeout (in seconds) for serving of single request after which a php backtrace will be dumped to slow.log file
      '0s' means 'off'
      <value name="request_slowlog_timeout">0s</value>

      The log file for slow requests
      <value name="slowlog">logs/slow.log</value>

      Set open file desc rlimit
      <value name="rlimit_files">65535</value>

      Set max core size rlimit
      <value name="rlimit_core">0</value>

      Chroot to this directory at the start, absolute path
      <value name="chroot"></value>

      Chdir to this directory at the start, absolute path
      <value name="chdir"></value>

      Redirect workers' stdout and stderr into main error log.
      If not set, they will be redirected to /dev/null, according to FastCGI specs
      <value name="catch_workers_output">yes</value>

      How much requests each process should execute before respawn.
      Useful to work around memory leaks in 3rd party libraries.
      For endless request processing please specify 0
      Equivalent to PHP_FCGI_MAX_REQUESTS
      <value name="max_requests">1024</value>

      Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
      Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
      Makes sense only with AF_INET listening socket.
      <value name="allowed_clients">127.0.0.1</value>

      Pass environment variables like LD_LIBRARY_PATH
      All $VARIABLEs are taken from current environment
      <value name="environment">
        <value name="HOSTNAME">$HOSTNAME</value>
        <value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
        <value name="TMP">/tmp</value>
        <value name="TMPDIR">/tmp</value>
        <value name="TEMP">/tmp</value>
        <value name="OSTYPE">$OSTYPE</value>
        <value name="MACHTYPE">$MACHTYPE</value>
        <value name="MALLOC_CHECK_">2</value>
      </value>

    </section>

  </workers>

</configuration>

8.11 创建php-fpm服务管理脚本
ln -s /webserver/php/sbin/php-fpm /webserver/init.d/php-fpm

8.12 启动php-fpm服务
/webserver/init.d/php-fpm start

9. 编译安装并配置Nginx
9.1 编译安装Nginx
cd /root/packages
tar xzf nginx-1.4.7.tar.gz
cd nginx-1.4.7/
./configure --user=www --group=www \
--prefix=/webserver/nginx \
--with-http_stub_status_module --with-http_ssl_module
make
make install

9.2 创建Nginx所需目录
mkdir /webserver/nginx/conf/conf.d
mkdir /webserver/nginx/run

9.3 创建fastcgi_params配置文件
vim /webserver/nginx/conf/fastcgi_params

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

9.4 创建Nginx.conf主配置文件
vim /webserver/nginx/conf/nginx.conf

user        www www;
worker_processes  1;

error_log  /webserver/nginx/logs/error.log;
pid        /webserver/nginx/run/nginx.pid;

worker_rlimit_nofile   65535;

events {
    use epoll;
    worker_connections 65535;
}

http {
    include       /webserver/nginx/conf/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log    /webserver/nginx/logs/access.log  main;

    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;

    sendfile        on;
    tcp_nopush      on;

    keepalive_timeout  60;

    tcp_nodelay     on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    gzip  on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

    include /webserver/nginx/conf/conf.d/*.conf;
}

9.5 创建附属配置文件
9.5.1 创建status.conf配置文件管理status页面
vim /webserver/nginx/conf/conf.d/status.conf

server
{
  listen 80;
  server_name status.nginxs.com status.heylinux.com;
  location / {
    stub_status on;
    access_log off;
  }
}

9.5.2 创建rainbow.conf配置文件管理heylinux.com
vim /webserver/nginx/conf/conf.d/rainbow.conf

log_format  rainbow_access  '$remote_addr - $remote_user [$time_local] "$request" '
            '$status $body_bytes_sent "$http_referer" '
            '"$http_user_agent" $http_x_forwarded_for';

server
{
  listen       80;
  server_name  heylinux.com *.heylinux.com;
  index index.html index.htm index.php;
  root  /webserver/blog/rainbow;
  access_log  /webserver/blog/logs/rainbow_access.log rainbow_access;

  location / {
      if (-f $request_filename/index.html){
              rewrite (.*) $1/index.html break;
      }
      if (-f $request_filename/index.php){
              rewrite (.*) $1/index.php;
      }
      if (!-f $request_filename){
              rewrite (.*) /index.php;
      }
  }

  location ~ .*\.(php|php5)?$
  {
    fastcgi_pass  unix:/webserver/php/run/php-cgi.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME /webserver/blog/rainbow$fastcgi_script_name;
    include /webserver/nginx/conf/fastcgi_params;
  }

  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
  {
    expires   15d;
  }

  location ~ .*\.(js|css)?$
  {
    expires   1d;
  }

}

9.5.3 创建eric.conf配置文件管理nginxs.com
vim /webserver/nginx/conf/conf.d/eric.conf

log_format  eric_access  '$remote_addr - $remote_user [$time_local] "$request" '
            '$status $body_bytes_sent "$http_referer" '
            '"$http_user_agent" $http_x_forwarded_for';

server
{
  listen       80;
  server_name  nginxs.com *.nginxs.com;
  index index.html index.htm index.php;
  root  /webserver/blog/eric;
  access_log  /webserver/blog/logs/eric_access.log eric_access;

  location / {
      if (-f $request_filename/index.html){
              rewrite (.*) $1/index.html break;
      }
      if (-f $request_filename/index.php){
              rewrite (.*) $1/index.php;
      }
      if (!-f $request_filename){
              rewrite (.*) /index.php;
      }
  }

  location ~ .*\.(php|php5)?$
  {
    fastcgi_pass  unix:/webserver/php/run/php-cgi.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME /webserver/blog/eric$fastcgi_script_name;
    include /webserver/nginx/conf/fastcgi_params;
  }

  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
  {
    expires   15d;
  }

  location ~ .*\.(js|css)?$
  {
    expires   1d;
  }

}

9.6 创建Nginx服务管理脚本
touch /webserver/init.d/nginx
chmod +x /webserver/init.d/nginx
vim /webserver/init.d/nginx

#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15 
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /etc/nginx/nginx.conf
# config:      /etc/sysconfig/nginx
# pidfile:     /var/run/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/webserver/nginx/sbin/nginx"
prog=$(basename $nginx)

NGINX_CONF_FILE="/webserver/nginx/conf/nginx.conf"

lockfile=/var/lock/subsys/nginx

make_dirs() {
   # make required directories
   user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
   if [ -z "`grep $user /etc/passwd`" ]; then
       useradd -M -s /bin/nologin $user
   fi
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}

start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    configtest || return $?
    stop
    sleep 1
    start
}

reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}

force_reload() {
    restart
}

configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}

rh_status() {
    status $prog
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac

9.7 启动Nginx服务
/webserver/init.d/nginx start

10. 优化系统内核参数
vim /etc/sysctl.conf

# For Nginx
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 65536
net.core.somaxconn = 65536
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65535

sysctl -p

vim /etc/security/limits.conf

*                -       nofile          65535
*                -       nproc           65535

vim /etc/security/limits.d/90-nproc.conf

*                -       nproc           65535
root             -       nproc           unlimited

11. 创建交换分区
dd if=/dev/zero of=/opt/swapfile bs=1M count=256
mkswap /opt/swapfile
swapon /opt/swapfile

vi /etc/fstab

/opt/swapfile           swap    swap    defaults        0 0

12. 配置logrotate切割日志
yum install -y logrotate
vim /etc/logrotate.d/blog

/webserver/blog/logs/rainbow_access.log
/webserver/blog/logs/eric_access.log
{
  daily
  rotate 7
  missingok
  notifempty
  dateext
  sharedscripts
  postrotate
    if [ -f /webserver/nginx/run/nginx.pid ]; then
      /webserver/init.d/nginx reload
    fi
  endscript
}

13. 结束

, , , , , ,

  1. #1 by app on 2014/05/16 - 14:11

    AWS 可以免费使用一年。

    • #2 by mcsrainbow on 2014/05/16 - 18:07

      新注册的账号才行,我的账号有些年头了。

(will not be published)
*