升东运维是一家专业从事Linux/Freebsd Unix/Windows平台网站维护业务的公司,专业提供Linux(CentOS Redhat Ubuntu等),Unix(Freebsd),Nginx,Apache等系统及网站维护,七年从业经验

Posts Tagged ‘centos’

centos下webalizer使用

星期一, 三月 19th, 2012

首先安装

yum install webalizer gd gd-devel

生成分析结果

 #日志名字自己查询下,可以分析nginx,apache,varnishncsa

webalizer -c /etc/webalizer.conf -o /www/html/webalizer /var/log/nginx/access.log

 

分析配置文件(部分)/etc/webalizer.conf

默认分析log的位置LogFile

/var/log/httpd/access_log

默认输出结果的目录

OutputDir      /var/www/usage

视为页面的文件后缀

PageType htm*
PageType cgi
PageType php
PageType shtml

varnish3 yum安装介绍

星期三, 一月 11th, 2012

Varnish 3.02 yum方式 安装:

yum方式安装比编译安装要简单简洁很多,而且还可以平滑升级,优点很多

Varnish-2.1.2 安装与配置pdf文件(版本:2.1.2,与本文所用varnish3.02有差异,仅供参考)

Varnish[‘vɑ:niʃ]  官网 http://www.varnish-cache.org 高性能,高并发 squid替代缓存服务器 

本文介绍的是最新版本号3的安装,进入url https://www.varnish-cache.org/releases/varnish-cache-3.0.2,选择对应的操作系统版本.

 

centos6.2编译方式安装

wget http://repo.varnish-cache.org/source/varnish-3.0.2.tar.gz

tar -zxf varnish-3.0.2.tar.gz

cd varnish-3.0.2

yum -y  install gcc gcc-c++ pcre pcre-devel

./configure

make

make install

本文使用centos5.7 ,选择 Red Hat Enterprise Linux 5

安装源:

rpm –nosignature -i http://repo.varnish-cache.org/redhat/varnish-3.0/el5/noarch/varnish-release-3.0-1.noarch.rpm

安装:

yum  install gcc gcc-c++ pcre pcre-devel

yum install varnish

重启: service varnish restart

查看进程 ps aux|grep varnish  结果如下

root 14296 0.0 0.0 61172 756 pts/1 S+ 15:16 0:00 grep varnish
root 22708 0.0 0.0 111924 1112 ? Ss 14:37 0:00 /usr/sbin/varnishd -P /var/run/varnish.pid -a :8000 -f /etc/varnish/default.vcl -T 127.0.0.1:6082 -t 120 -w 1,1000,120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1G
varnish 22709 0.0 0.0 1293716 3672 ? Sl 14:37 0:00 /usr/sbin/varnishd -P /var/run/varnish.pid -a :8000 -f /etc/varnish/default.vcl -T 127.0.0.1:6082 -t 120 -w 1,1000,120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1

 

需要开启防火墙相应端口

其他文档:

1.深入探讨Varnish缓存命中率

2.Varnish权威指南(中文)

3.使用Varnish代替Squid做网站缓存加速器的详细解决方案[张宴原创]

4. varnish3英文文档

 

内核调优参数:

vi /etc/sysctl.conf  最下面加入

 

#—-for varnish
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 1024 65536
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.ipv4.tcp_fin_timeout = 3
net.core.netdev_max_backlog = 30000
net.ipv4.tcp_no_metrics_save=1
net.core.somaxconn = 262144
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

使参数生效  sysctl -p

配置文件:

访问控制,我自己的一例:/etc/varnish/default.vcl

# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
backend default {
.host = “localhost”;
.port = “88”;
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
sub vcl_recv {
#路由

if (req.request == “GET” && req.url ~ “\.(css|mp3|jpg|png|gif|swf|jpeg|ico)$”)
{
unset req.http.cookie; #删除图片cookie提高命中率,否则命中率对于论坛等会很低
}
if (req.request == “GET” && req.url ~ “\.(php|html)($|\?)”) {
return (pass); #不缓存含php,html url的缓存
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + “, ” + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != “GET” &&
req.request != “HEAD” &&
req.request != “PUT” &&
req.request != “POST” &&
req.request != “TRACE” &&
req.request != “OPTIONS” &&
req.request != “DELETE”) {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != “GET” && req.request != “HEAD”) {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}

return (lookup);
}
#
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = “close”;
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
#
# sub vcl_pass {
# return (pass);
# }
#
# sub vcl_hash {
# hash_data(req.url);
# if (req.http.host) {
# hash_data(req.http.host);
# } else {
# hash_data(server.ip);
# }
# return (hash);
# }
#
#sub vcl_hit {
# return (deliver);
#}
#
# sub vcl_miss {
# return (fetch);
# }
#
sub vcl_fetch {
if (beresp.http.Content-Length ~ “[0-9]{7,}”) {
set req.http.x-pipe = “1”;
return (restart);
}
if (req.request == “GET” && req.url ~ “\.(css|mp3|jpg|png|gif|swf|jpeg|ico)$” )
{
unset req.http.cookie;
set beresp.ttl = 7d; #设置图片缓存时间7天
}
return (deliver);
}
#
sub vcl_deliver {
set resp.http.x-hits=obj.hits;
if(obj.hits>0){
set resp.http.X-Cache=”HIT”;
}
else{
set resp.http.X-Cache=”MISS”;
}
set resp.http.Site-Support-By=”ppkj.net”;
return (deliver);
}
#
# sub vcl_error {
# set obj.http.Content-Type = “text/html; charset=utf-8”;
# set obj.http.Retry-After = “5”;
# synthetic {”
# <?xml version=”1.0″ encoding=”utf-8″?>
# <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN”
# “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
# <html>
# <head>
# <title>”} + obj.status + ” ” + obj.response + {“</title>
# </head>
# <body>
# <h1>Error “} + obj.status + ” ” + obj.response + {“</h1>
# <p>”} + obj.response + {“</p>
# <h3>Guru Meditation:</h3>
# <p>XID: “} + req.xid + {“</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# “};
# return (deliver);
# }
#
# sub vcl_init {
# return (ok);
# }
#
# sub vcl_fini {
# return (ok);
# }

端口等配置:/etc/sysconfig/varnish

# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#

# Maximum number of open files (for ulimit -n)
NFILES=131072

# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
MEMLOCK=82000

# Maximum size of corefile (for ulimit -c). Default in Fedora is 0
# DAEMON_COREFILE_LIMIT=”unlimited”

# Set this to 1 to make init script reload try to switch vcl without restart.
# To make this work, you need to set the following variables
# explicit: VARNISH_VCL_CONF, VARNISH_ADMIN_LISTEN_ADDRESS,
# VARNISH_ADMIN_LISTEN_PORT, VARNISH_SECRET_FILE, or in short,
# use Alternative 3, Advanced configuration, below
RELOAD_VCL=1

# This file contains 4 alternatives, please use only one.

## Alternative 1, Minimal configuration, no VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# content server on localhost:8080. Use a fixed-size cache file.
#
#DAEMON_OPTS=”-a :6081 \
# -T localhost:6082 \
# -b localhost:8080 \
# -u varnish -g varnish \
# -s file,/var/lib/varnish/varnish_storage.bin,1G”
## Alternative 2, Configuration with VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# one content server selected by the vcl file, based on the request. Use a
# fixed-size cache file.
#
#DAEMON_OPTS=”-a :6081 \
# -T localhost:6082 \
# -f /etc/varnish/default.vcl \
# -u varnish -g varnish \
# -S /etc/varnish/secret \
# -s file,/var/lib/varnish/varnish_storage.bin,1G”
## Alternative 3, Advanced configuration
#
# See varnishd(1) for more information.
#
# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/etc/varnish/default.vcl
#
# # Default address and port to bind to
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
# varnish监听端口,正常部署后应该是80  VARNISH_LISTEN_ADDRESS=
VARNISH_LISTEN_PORT=8000
#
# # Telnet admin interface listen address and port
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
#
# # Shared secret file for admin interface
VARNISH_SECRET_FILE=/etc/varnish/secret
#
# # The minimum number of worker threads to start
VARNISH_MIN_THREADS=1
#
# # The Maximum number of worker threads to start
VARNISH_MAX_THREADS=1000
#
# # Idle timeout for worker threads
VARNISH_THREAD_TIMEOUT=120
#
# # Cache file location
VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
#
# # Cache file size: in bytes, optionally using k / M / G / T suffix,
# # or in percentage of available disk space using the % suffix.

#磁盘存储缓存文件大小,如果采用磁盘缓存取消下面的注释
#VARNISH_STORAGE_SIZE=1G
#
# # Backend storage specification
VARNISH_STORAGE=”file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}”
#
# # Default TTL used when the backend does not specify one
VARNISH_TTL=120
#
# # DAEMON_OPTS is used by the init script. If you add or remove options, make
# # sure you update this section, too.
DAEMON_OPTS=”-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-S ${VARNISH_SECRET_FILE} \

-s malloc,4G

#-s malloc,4G 此处改为内存存储,大小应该最大为剩余内存的80%,不能再大!!

#-s ${VARNISH_STORAGE}
#如果采用磁盘缓存,则用上面一行替换 -s malloc,4G
## Alternative 4, Do It Yourself. See varnishd(1) for more information.
#
# DAEMON_OPTS=””

CentOS yum只更新安全补丁

星期二, 十二月 20th, 2011

安装yum插件即可:

yum install yum-security

使用:

检查安全更新

yum –security check-update

只安装安全更新

yum update –security

检查特定软件有无安全更新

yum list-security software_name

列出更新的详细信息

yum info-security software_name

Centos6 yum搭建Linux+Nginx+PHP+MYSQL(LNMP)

星期五, 十一月 18th, 2011

最近接手维护一Linux服务器,Centos6版本,客户想要从Apache转换为Nginx.同时升级PHP到最新版本

如下操作配置Nginx1.0.10+PHP5.3.8(fastcgi)+Mysql5.5.17+eAccelerator(相关版本号是源软件包的最新版本)

使用Nginx官方源,Epel扩展库和remi源,remi源基于epel,必须先安装epel源,remi包含php-fpm,mysql-server5.5,如果只需要php-fpm可以单独安装php-fpm后禁用此源.
安装Nginx源:

rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

安装EPEL源:

(64位系统) rpm -ivh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
(32位系统) rpm -ivh http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm

安装REMI源:

rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

开启REMI,编辑 /etc/yum.repos.d/remi.repo

vi /etc/yum.repos.d/remi.repo
修改 enable=1
esc
:wq
yum -y install nginx mysql-server  php-fpm php-cli php-pdo php-mysql php-mcrypt php-mbstring php-gd php-tidy php-xml php-xmlrpc php-pear php-pecl-memcache php-eaccelerator

1.根据需求配置 nginx配置文件 (本博文不提供具体配置)
2.修改/etc/php-fpm.conf 用户组为nginx
3.修改/var/lib/php/session(使php能保存session),web用户组为nginx

chown -R nginx:nginx /var/lib/php/session(不存在则需要创建)
chown -R nginx:nginx /var/www/(web目录)
chmod -R 775 /var/www/ (同组可修改权限,方便配置ftp,ftp应该加入到nginx组,如果需要更高的安全设置,则不应当将只读的目录赋予nginx,php组可写权限)
service nginx start(start|stop|restart|reload)
service php-fpm start(start|stop|restart)
service mysqld start(start|stop|restart|reload)
设置自启动
chkconfig nginx on
chkconfig php-fpm on
chkconfig mysqld on

试用yaf框架(php c扩展开发的高性能框架)

星期六, 九月 17th, 2011

一直在使用几个轻量级的框架,原因就是速度问题,即便装上了加速器,在稍大点的项目里面仍然很慢,google搜索了下,发现竟然有个国人开发的yaf框架,下载安装在了windows上面初步测试hello world 开启视图,性能很不错,下面是第一次访问和第二次访问的基准测试时间,安装了eAccelerator加速器,所以第一次耗时较第二次长一点(时间取的都是多次刷新稳定后最接近的值)

第二次

性能很可观,不过目前功能还不是很完善,比较其他框架还有一段路要走,好在版本更新很快

之后也在centos 5.6 x64编译安装了yaf,暂时还没测试,不过1.0总体感觉不错 bootstrap也有,按照作者说法,这个框架是zendframework的C实现,感觉很有前景,其实smarty如果也是c扩展开发,就更加强大了

pecl里面的yaf最新测试版http://pecl.php.net/package/Yaf

下载后需要先安装php-devel和 pcre-devel (没这个编译会出错)

Centos执行 yum install php-devel pcre-devel
Debian ubuntu执行 sudo apt-get install libpcre3 libpcre3-dev
Freebsd下:
cd /usr/ports/www/pecl-yaf
make instal clean
下载解压后
cd yaf-2.1.2
phpize
./configure --with-php-config=/usr/bin/php-config
make
make install

需要注意的是:控制器(如controllers/Index.php)文件第一个字母为大写,否则linux下面是无法运行的

小注:pcre是什么

Perl兼容正则表达式库,是一套和perl5有着相同语法语义的的正则表达式模式匹配实现

The PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. PCRE has its own native API, as well as a set of wrapper functions that correspond to the POSIX regular expression API. The PCRE library is free, even for building proprietary software.

CentOS,RedHat配置EPEL/REMI YUM源

星期三, 八月 24th, 2011

企业版 Linux 附加软件包(EPEL)

EPEL 项目主页地址https://fedoraproject.org/wiki/EPEL/zh-cn

EPEL只面向企业版RedHat 和CentOS,目前有版本5和版本6的支持,安装也很简单.

EPEL 包含一个叫做’epel-release’的包,这个包包含了 EPEL 源的 gpg 密钥和软件源信息。您可以通过 yum 安装到您的企业版 Linux 发行版上。除了 epel-release 源,还有一个叫做’epel-testing’的源,这个源包含最新的测试软件包,其版本很新但是安装有风险,请自行斟酌。

注意: 有些第三方软件源需要 EPEL 的’epel-testing’源来安装依赖组件,请务必在系统设置中启用本源。 (相关配置文件位于:/etc/yum.repos.d/epel-testing.repo)

CentOS6/RedHat6系列安装:

rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm

CentOS5/RedHat5系列安装:

rpm -ivh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

安装后编辑epel.repo

vi /etc/yum.repos.d/epel.repo

修改  enabled=1

 

扩展推荐:REMI源

地址:http://rpms.famillecollet.com/

REMI源有最新版本的PHP或MYSQL等软件,速度也不错,remi依赖于EPEL源

Fedora版本

Fedora 16 (Verne)

安装命令: rpm -ivh http://rpms.famillecollet.com/remi-release-16.rpm

Fedora 15 (Lovelock)

安装命令: rpm -ivh http://rpms.famillecollet.com/remi-release-15.rpm

企业版Linux (RHEL / CentOS / 及其他分支克隆版本)

Enterprise Linux 6 (RedHat6/CentOS6):

安装命令: rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Enterprise Linux 5 (RedHat5/CentOS5):

安装命令: rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

安装后编辑remi.repo

vi /etc/yum.repos.d/remi.repo

修改  enabled=1

CentOS5.5中文支持安装

星期四, 二月 10th, 2011

CentOS如果装英文版,如果在系统语言里改为汉语后会导致所有的显示都是乱码的方块。那么需要两个中文支持的包:

fonts-chinese-3.02-12.el5.noarch.rpm

fonts-ISO8859-2-75dpi-1.0-17.1.noarch.rpm

一个是中文字体,一个是字体显示,两个包。

可以在下面地址下载:

Centos 5.5   http://ftp.dc.volia.com/pub/CentOS/5.5/os/i386/CentOS/fonts-chinese-3.02-12.el5.noarch.rpm

http://ftp.dc.volia.com/pub/CentOS/5.5/os/i386/CentOS/fonts-ISO8859-2-75dpi-1.0-17.1.noarch.rpm

Centos 5.4

http://ftp.dc.volia.com/pub/CentOS/5.4/os/i386/CentOS/fonts-chinese-3.02-12.el5.noarch.rpm

http://ftp.dc.volia.com/pub/CentOS/5.4/os/i386/CentOS/fonts-ISO8859-2-75dpi-1.0-17.1.noarch.rpm

下载后,在命令行安装:

rpm -ivh fonts-chinese-3.02-12.el5.noarch.rpm

rpm -ivh fonts-ISO8859-2-75dpi-1.0-17.1.noarch.rpm

安装完成后,重新启动即可。

=============中文输入===============

这个简单只要使用yum安装SCIM即可。

命令行输入:

yum install scim

yum install scim-pinyin