1.简述CGI与FASTCGI区别
CGI(Common Gateway Interface),即通用网关接口,是WWW技术中最重要的技术之一,是外部应用程序(即CGI程序)与WEB服务器之间的接口标准,负责在CGI程序和Web服务器之间传递信息。而FastCGI 则是在CGI的基础上增加了一些扩展功能,属于 CGI 的改良版,致力于减少Web服务器与CGI程序之间进行互动的开销,从而使Web服务器可以同时处理更多的Web请求。与 CGI 为每个Web请求创建一个新的进程不同, FastCGI 使用持续的进程来处理一连串的Web请求,这些进程由FastCGI进程管理器管理,而不是Web服务器。
2. 编译安装基于fastcgi模式的多虚拟主机的wordpress和discuz的LAMP架构
2.1环境准备:
两台主机:
一台主机:httpd+php(fastcgi模式)
一台主机:mariadb 服务器
软件版本:
mariadb-10.3.36-linux-x86_64.tar.gz
apr-1.7.0.tar.bz2
apr-util-1.6.1.tar.bz2
httpd-2.4.46.tar.bz2
php-7.3.10.tar.gz
wordpress-5.4.2-zh_CN.tar.gz
Discuz_X3.4_SC_UTF8_20220811.zip
2.2二进制安装 mariadb
#创建相关目录并更改权限
useradd -r -s /sbin/nologin mysql
tar xvf mariadb-10.3.36-linux-x86_64.tar.gz -C /usr/local
cd /usr/local
ln -sv mariadb-10.3.36-linux-x86_64 mysql
cd mysql
chown -R root.root ./*
mkdir /data/mysql -p
chown -R mysql.mysql /data/mysql
mkdir /etc/mysql
vim /etc/mysql/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
skip_name_resolve = on
[mysqld_safe]
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
port=3306
socket=/data/mysql/mysql.sock
#准备PATH变量
vim /etc/profile.d/lamp.sh
PATH=/usr/local/mysql/bin/:$PATH
. /etc/profile.d/lamp.sh
yum install libaio -y
cd /usr/local/mysql
scripts/mysql_install_db --user=mysql --datadir=/data/mysql
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
chkconfig --add mysqld
service mysqld start
#为wordprss和discuz应用准备数据库和用户帐号
mysql -uroot
mysql> create database blog;
mysql> create database forum;
mysql> grant all on blog.* to blog@'10.0.0.%' identified by "123456";
mysql> grant all on forum.* to forum@'10.0.0.%' identified by '123456';
2.3编译安装httpd2.4
#安装相关包
yum install gcc pcre-devel openssl-devel expat-devel -y
#编译安装httpd
tar xvf apr-1.7.0.tar.bz2
tar xvf apr-util-1.6.1.tar.bz2
tar xvf httpd-2.4.46.tar.gz
mv apr-1.7.0 httpd-2.4.46/srclib/apr
mv apr-util-1.6.1 httpd-2.4.46/srclib/apr-util
cd httpd-2.4.46/
./configure \
--prefix=/apps/httpd \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-included-apr \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=event
make && make install
#准备PATH变量
vim /etc/profile.d/lamp.sh
PATH=/apps/httpd/bin:$PATH
. /etc/profile.d/lamp.sh
#创建和配置用户和组
useradd -s /sbin/nologin -r -u 88 apache
vim /apps/httpd/conf/httpd.conf
user apache
group apache
httpd -M |grep mpm
mpm_event_module (shared)
apachectl start
2.4编译安装 fastcgi 方式的 php 7.3
#安装php 7.3 相关包
yum -y install gcc libxml2-devel bzip2-devel libmcrypt-deve
#编译安装php 7.3
tar xvf php-7.3.10.tar.bz2
cd php-7.3.10
./configure --prefix=/apps/php \
--enable-mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-openssl \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--with-config-file-path=/etc \
--with-config-file-scan-dir=/etc/php.d \
--enable-mbstring \
--enable-xml \
--enable-sockets \
--enable-fpm \
--enable-maintainer-zts \
--disable-fileinfo
make -j 4 && make install
#准备PATH变量
#php7.3
vim /etc/profile.d/lamp.sh
PATH=/apps/php/bin:/apps/httpd/bin:$PATH
. /etc/profile.d/lamp.sh
[root@10 ~]#php --version
PHP 7.3.10 (cli) (built: Sep 13 2022 17:54:37) ( ZTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.10, Copyright (c) 1998-2018 Zend Technologies
#准备php配置文件和启动文件
cp php.ini-production /etc/php.ini·
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
cd /apps/php/etc
cp php-fpm.conf.default php-fpm.conf
cd php-fpm.d/
cp www.conf.default www.conf
#修改进程所有者
vim /apps/php/etc/php-fpm.d/www.conf
user apache
group apache
#支持status和ping页面
pm.status_path = /fpm_status
ping.path = /ping
#支持opcache加速
mkdir /etc/php.d/
vim /etc/php.d/opcache.ini
[opcache]
zend_extension=opcache.so
opcache.enable=1
systemctl daemon-reload
systemctl status php-fpm.service
systemctl enable --now php-fpm.service
2.5准备wordpress和discuz! 相关文件
#准备wordpress程序文件
mkdir /data/
tar xvf wordpress-5.4.2-zh_CN.tar.gz
mv wordpress/ /data
chown -R apache.apache /data/wordpress
mv /data/wordpress /data/blog
#准备discuz!程序文件
unzip Discuz_X3.4_SC_UTF8【20191201】.zip
mv upload/ /data/discuz
chown -R apache.apache /data/discuz
mv /data/discuz /data/forum
2.6修改配置 httpd 支持 php-fpm
vim /apps/httpd/conf/httpd.conf
#取消下面两行的注释
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#修改下面行
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
#加下面三行
AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps
ProxyRequests Off
#实现第一个虚拟主机
<virtualhost *:80>
servername blog.ceshi.org
documentroot /data/blog
<directory /data/blog>
require all granted
</directory>
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/blog/$1
#实现status和ping页面
ProxyPassMatch ^/(fpm_status|ping)$ fcgi://127.0.0.1:9000/$1
CustomLog "logs/access_blog_log" common
</virtualhost>
#第二个虚拟主机
<virtualhost *:80>
servername forum.ceshi.org
documentroot /data/forum
<directory /data/forum/>
require all granted
</directory>
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/forum/$1
CustomLog "logs/access_forum_log" common
</virtualhost>
apachectl restart
#上述"/data/wordpress" "logs/access_wordpress_log" 等文件夹与日志文件名可以进行相应更改,便于区分管理
2.7测试访问
vim /etc/hosts
10.0.0.8 blog.ceshi.org forum.ceshi.org
#在windows主机上修改hosts文件来替代DNS解析
打开浏览器访问 http://blog.magedu.org 和http://forum.magedu.org 分别进行初始化和安装
2.8修改成UDS模式
vim /apps/php/etc/php-fpm.d/www.conf
listen = 127.0.0.1:9000
listen = /run/php-fpm.sock
listen.owner = apache
listen.group = apache
listen.mode = 0660
systemctl restart php-fpm
ll /run/php-fpm.sock
vim /apps/httpd/conf/httpd.conf
<virtualhost *:80>
servername blog.ceshi.org
documentroot /data/blog
<directory /data/blog>
require all granted
</directory>
#ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/wordpress/$1
ProxyPassMatch ^/(.*\.php)$ "unix:/run/php�fpm.sock|fcgi://localhost/data/wordpress/"
#ProxyPassMatch ^/(fpm_status|ping)$ fcgi://127.0.0.1:9000/$1
ProxyPassMatch ^/(fpm_status|ping)$ "unix:/run/php-fpm.sock|fcgi://localhost/"
CustomLog "logs/access_wordpress_log" common
</virtualhost>
<virtualhost *:80>
servername forum.ceshi.org
documentroot /data/forum
<directory /data/forum>
require all granted
</directory>
#ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/discuz/$1
ProxyPassMatch ^/(.*\.php)$ "unix:/run/php�fpm.sock|fcgi://localhost/data/discuz/"
#ProxyPassMatch ^/(fpm_status|ping)$ fcgi://127.0.0.1:9000/$1
ProxyPassMatch ^/(fpm_status|ping)$ "unix:/run/php-fpm.sock|fcgi://localhost/"
CustomLog "logs/access_discuz_log" common
</virtualhost>
systemctl restart httpd
3.通过loganalyzer展示数据库中的日志
3.1环境准备
一台日志服务器,利用上一个案例实现,IP:10.0.0.8,
一台数据库服务器,利用上一个案例实现,IP:10.0.0.18
一台当httpd+php 服务器,并安装loganalyzer展示web图形,IP:10.0.0.28
3.2在rsyslog服务器上安装连接mysql模块相关的程序包
yum install rsyslog-mysql
rpm -ql rsyslog-mysql
/usr/lib/.build-id
/usr/lib/.build-id/d7
/usr/lib/.build-id/d7/77fc839aa07e92f0a8858cf3f122996436c7df
/usr/lib64/rsyslog/ommysql.so
/usr/share/doc/rsyslog/mysql-createDB.sql
#查看sql脚本文件内容
cat /usr/share/doc/rsyslog/mysql-createDB.sql
CREATE DATABASE Syslog;
USE Syslog;
CREATE TABLE SystemEvents
(
ID int unsigned not null auto_increment primary key,
CustomerID bigint,
ReceivedAt datetime NULL,
DeviceReportedTime datetime NULL,
Facility smallint NULL,
Priority smallint NULL,
FromHost varchar(60) NULL,
Message text,
NTSeverity int NULL,
Importance int NULL,
EventSource varchar(60),
EventUser varchar(60) NULL,
EventCategory int NULL,
EventID int NULL,
EventBinaryData text NULL,
MaxAvailable int NULL,
CurrUsage int NULL,
MinUsage int NULL,
MaxUsage int NULL,
InfoUnitID int NULL ,
SysLogTag varchar(60),
EventLogType varchar(60),
GenericFileName VarChar(60),
SystemID int NULL
);
CREATE TABLE SystemEventsProperties
(
ID int unsigned not null auto_increment primary key,
SystemEventID int NULL ,
ParamName varchar(255) NULL ,
ParamValue text NULL
);
#将sql脚本复制到数据库服库上
scp /usr/share/doc/rsyslog/mysql-createDB.sql 10.0.0.18:/data
#需在10.0.0.18上先创建目录/data
3.3准备MySQL Server
yum -y install mariadb-server
systemctl start mariadb
#在mariadb数据库服务器上创建相关数据库和表,并授权rsyslog能连接至当前服务器
mysql
MariaDB[(none)]>source /data/mysql-createDB.sql
MariaDB[(none)]>GRANT ALL ON Syslog.* TO 'rsyslog'@'10.0.0.%' IDENTIFIED BY '123456';
3.4配置日志服务器将日志发送至指定数据库
#配置rsyslog将日志保存到mysql中
vim /etc/rsyslog.conf
####MODULES####
#在 MODULES 语言下面,如果是 CentOS 8 加下面行
module(load="ommysql")
#在 MODULES 语言下面,如果是 CentOS 7,6 加下面行
$ModLoad ommysql
#在RULES语句块加下面行的格式
#facility.priority :ommysql:DBHOST,DBNAME,DBUSER, PASSWORD
*.info :ommysql:10.0.0.18,Syslog,rsyslog,123456
systemctl restart rsyslog.service
3.5测试
#在日志服务器上生成日志
logger "this is a test log"
#在数据库上查询到上面的测试日志
MariaDB[(Syslog)]>SELECT * FROM SystemEvents\G
3.6安装 LogAnalyzer
#安装 php和相关软件包
yum -y install httpd php-fpm php-mysqlnd php-gd
systemctl enable --now httpd php-fpm
#安装LogAnalyzer
wget https://loganalyzer.adiscon.com/downloads/loganalyzer-v4-1-10-v4-stable
tar xvf loganalyzer-4.1.10.tar.gz
mv loganalyzer-4.1.10/src/ /var/www/html/log
touch /var/www/html/log/config.php
chmod 666 /var/www/html/log/config.php
3.7基于 web 页面初始化
访问http://10.0.0.28/log 实现初始化
选择:MySQL Native, Syslog Fields, Monitorware
3.8安全加强
chmod 644 /var/www/html/log/config.php