Amazon Linux AMI安装Linux,nginx,MySQL,PHP(LEMP)
时间:2020-01-09 10:37:06 来源:igfitidea点击:
如何在运行于AWS的Amazon Linux AMI上安装Linux,nginx,MySQL,PHP(LEMP)堆栈?
LEMP是Linux,nginx,MySQL和PHP的首字母缩写。
本页说明如何在运行于EC2或Lightsail的Amazon Linux AMI上设置PHP 7.3,MySQL数据库服务器和nginx堆栈,以运行动态Web应用程序。
Amazon Linux AMI LEMP堆栈安装
步骤如下:
- 更新Amazon Linux AMI,运行
sudo yum update - 安装Nginx,执行:``sudo yum install nginx`
- 让我们安装MySQL数据库服务器,执行:``sudo yum install mysql57-server`
- 设置PHP版本7.3,执行:
- 使用iptables防火墙打开端口80
- 测试在Amazon AMI Linux上运行的LEMP堆栈
让我们详细查看所有步骤和示例。
1.更新您的Amazon Linux AMI系统
使用yum命令检查更新,然后在Amazon Linux AMI上应用安全更新:
yum check-update sudo yum update -y
如果已安装内核更新,请重新引导由Amazon Linux AMI驱动的Linux系统:
sudo reboot
2.安装Nginx Web服务器
Nginx是用于HTTP/HTTPS等的Web服务器和反向代理服务器。
它是LEAP堆栈的一部分。
只需键入以下yum命令即可将其安装在Amazon Linux AMI上:
sudo yum search nginx sudo yum info nginx sudo yum install nginx
像往常一样,nginx Web服务器不会在Amazon Linux AMI上启动。
要启动nginx服务器运行,请执行以下服务命令:
sudo service nginx start
在启动时使用chkconfig命令启用服务
sudo chkconfig nginx on
在pgrep命令/ss命令/netstat命令命令的帮助下验证nginx服务是否正在运行:
sudo service nginx status pgrep nginx ss -tlpn | grep :80
打开端口TCP端口80
编辑文件:
sudo vi /etc/sysconfig/iptables
在最终DROP规则之前,添加以下行以打开TCP端口80:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
保存并关闭文件。
重新启动防火墙:
sudo service iptables restart
有关IPv4和IPv6防火墙的更多信息,请参阅在Amazon Linux AMI上设置基本的Iptables防火墙。
测试一下
触发网络浏览器,然后输入您的公共IPv4地址,例如:
http://1.2.3.4/ http://your-domain-mapped-to-public-ip-com/ http://202.1.2.3/
3.安装MySQL数据库服务器
第一步是搜索MySQL数据库版本,运行:
yum list mysql*-server
输出示例:
Loaded plugins: priorities, update-motd, upgrade-helper Available Packages mysql-server.noarch 5.5-1.6.amzn1 amzn-main mysql51-server.x86_64 5.1.73-8.72.amzn1 amzn-main mysql55-server.x86_64 5.5.62-1.23.amzn1 amzn-updates mysql56-server.x86_64 5.6.45-1.34.amzn1 amzn-updates mysql57-server.x86_64 5.7.27-1.13.amzn1 amzn-updates
现在您已了解MySQL版本的所有知识,让我们在Amazon Linux AMI上安装MySQL DB版本5.7.x,以将数据存储在LEMP堆栈中:
sudo yum info mysql57-server sudo yum install mysql57-server
启用MySQL服务
sudo chkconfig mysqld on
启动MySQL服务
sudo service mysqld start
确保服务器正在运行,请运行:
sudo service mysqld status
安全的MySQL服务器
接下来,通过以下方式运行以下命令以提高MySQL安装的安全性:
- 为root帐户设置密码。
- 删除可从本地主机外部访问的root帐户。
- 删除匿名用户帐户。
- 擦除测试数据库(默认情况下,所有用户,甚至匿名用户都可以访问该数据库)以及特权,该特权允许任何人访问名称以test_开头的数据库。
sudo /usr/bin/mysql_secure_installation
会话示例:
New password: Re-enter new password: Estimated strength of the password: 100 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y Success. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y Success. All done!
4.安装PHP 7.3
现在我们已经安装了Nginx和MySQL,是时候安装PHP了。
再次,列出PHP版本,运行:
yum list php*-fpm
输出示例:
Loaded plugins: priorities, update-motd, upgrade-helper Available Packages php-fpm.x86_64 5.3.29-1.8.amzn1 amzn-main php54-fpm.x86_64 5.4.45-1.75.amzn1 amzn-main php55-fpm.x86_64 5.5.38-2.119.amzn1 amzn-main php56-fpm.x86_64 5.6.40-1.142.amzn1 amzn-updates php70-fpm.x86_64 7.0.33-1.32.amzn1 amzn-updates php71-fpm.x86_64 7.1.32-1.42.amzn1 amzn-updates php72-fpm.x86_64 7.2.22-1.16.amzn1 amzn-updates php73-fpm.x86_64 7.3.9-1.19.amzn1 amzn-updates
PHP-FPM(FastCGI流程管理器)是另一种PHP FastCGI实现,具有一些适用于任何规模的站点(尤其是繁忙站点)的附加功能。
建议您将php73-fpm与Nginx一起使用,运行:
sudo yum install php73-fpm
安装其他PHP模块
- php73-gd一个用于PHP应用程序的模块,用于使用gd图形库。
- php73-mysqlnd用于使用MySQL数据库的PHP应用程序的模块。
- php73-opcache Zend OPcache通过操作码缓存和优化提供了更快的PHP执行。通过将预编译的脚本字节码存储在共享内存中,可以提高PHP性能。
- php73-pdo php-pdo软件包包含一个动态共享对象,该对象将向PHP添加数据库访问抽象层。该模块提供了用于访问MySQL,PostgreSQL或其他数据库的通用接口。
- php73-xmlrpc php-xmlrpc软件包包含一个动态共享对象,该对象将为PHP添加对XML-RPC协议的支持。
要安装它们,请运行:
sudo yum install php73-gd php73-mysqlnd php73-opcache php73-xmlrpc php73-pdo
可以使用以下命令搜索和列出其他php模块:
yum list php73-*
启用PHP-fpm服务
sudo chkconfig php-fpm on
启动PHP-fpm服务
sudo service php-fpm start
检查PHP-fpm服务的状态
sudo service php-fpm status
使用ls命令验证Unix套接字已针对PHP-FPM启动并正在运行:
ls -l /var/run/php-fpm/www.sock
重新启动Nginx服务
使用cat命令列出配置:
cat /etc/nginx/conf.d/php-fpm.conf
您必须重新启动Nginx才能通过/var/run/php-fpm/www.sock套接字激活PHP支持:
sudo servive nginx restart
PHP配置
使用/etc/nginx/default.d/php.conf文件配置PHP,如下所示:
cat /etc/nginx/default.d/php.conf
输出示例:
# pass the PHP scripts to FastCGI server
#
# See conf.d/php-fpm.conf for socket configuration
#
index index.php index.html index.htm;
location ~ \.(php|phar)(/.*)?$ {
fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
fastcgi_intercept_errors on;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-fpm;
}
编辑/etc/php-fpm.d/www.conf文件:
sudo vi /etc/php-fpm.d/www.conf
在用户和组中找到apache:
user = apache group = apache
替换为nginx:
user = nginx group = nginx
确保在每次更改配置时重新启动/重新加载PHP-fpm:
sudo service php-fpm reload
在Amazon Linux AMI上测试PHP安装
在/usr/share/nginx/html中创建文件名test.php,运行:
sudo vi /usr/share/nginx/html/test.php
附加以下文本:
<?php
// test server with php support
phpinfo();
?>
触发网络浏览器(例如Firefox),然后输入您的公共IPv4地址,例如:
http://1.2.3.4/test.php http://your-domain-mapped-to-public-ip-com/test.php http://202.1.2.3/test.php
Nginx服务器配置
导入文件:
- 主配置文件/etc/nginx/nginx.conf
- PHP-FPM FastCGI套接字/服务器配置文件/etc/nginx/conf.d/php-fpm.conf
- 为Nginx /etc/nginx/default.d/php.conf启用FastCGI服务器的PHP 7.3脚本
- 虚拟域/etc/nginx/conf.d/(将每个域配置文件放入此目录中)
示例Nginx虚拟域配置:
server1.theitroad.local虚拟域的示例配置:
cat /etc/nginx/conf.d/server1.theitroad.local
#
# A virtual host
#
server {
listen 80;
server_name server1.theitroad.local server1;
location / {
root /www/domains/server1.theitroad.local/http;
index index.html index.htm;
}
}
确保在更改/更新Nginx配置文件时重新启动/重新加载Nginx:
sudo service nginx configtest sudo service nginx reload
自定义MySQL服务器
您需要编辑/etc/my.cnf文件:
cat /etc/my.cnf
输出示例:
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 # Settings user and group are ignored when systemd is used. # If you need to run mysqld under a different user or group, # customize your systemd unit file for mysqld according to the # instructions in http://fedoraproject.org/wiki/Systemd [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
同样,每当对config进行更改时,都重新启动/重新加载MySQL服务:
sudo service mysqld restart
