记一次php源码安装/升级(5.3到5.6)
1.问题
升级php 5.3版本到5.6
php -v PHP 5.3.3 (cli) (built: Apr 25 2016 06:50:23) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
2.准备文件
php-5.6.37.tar.gz
libmcrypt-2.5.8.tar.gz
下载地址:
http://php.net/downloads.php
https://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/
3.准备安装环境
yum install -y libxml2-devel openssl-devel libcurl-devel libjpeg-devel libpng-devel libicu-devel openldap-devel yum install gcc gcc-c++ # 编译工具 tar -xvf libmcrypt-2.5.8.tar.gz # 这里我们使用了mcrypt扩展 cd libmcrypt-2.5.8 ./configure make && make install
4.安装参数说明
- tar -xvf php-5.6.37.tar.gz
- cd php-5.6.37
./configure --prefix=/usr/local/php5637 --with-config-file-path=/usr/local/php5637/etc --enable-fpm --with-fpm-user=apache --with-fpm-group=apache --enable-mysqlnd --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --enable-opcache --enable-pcntl --enable-mbstring --enable-intl --enable-soap --enable-zip --enable-bcmath --with-openssl --with-zlib --with-curl --with-mcrypt --with-gd --with-zlib-dir=/usr/lib --with-png-dir=/usr/lib --with-jpeg-dir=/usr/lib --with-mhash
当出现下面这些输出后,说明./configure这一步成功,可以进行编译安装
Generating files configure: creating ./config.status creating main/internal_functions.c creating main/internal_functions_cli.c +--------------------------------------------------------------------+ | License: | | This software is subject to the PHP License, available in this | | distribution in the file LICENSE. By continuing this installation | | process, you are bound by the terms of this license agreement. | | If you do not agree with the terms of this license, you must abort | | the installation process at this point. | +--------------------------------------------------------------------+ Thank you for using PHP. config.status: creating php5.spec config.status: creating main/build-defs.h config.status: creating scripts/phpize config.status: creating scripts/man1/phpize.1 config.status: creating scripts/php-config config.status: creating scripts/man1/php-config.1 config.status: creating sapi/cli/php.1 config.status: creating sapi/fpm/php-fpm.conf config.status: creating sapi/fpm/init.d.php-fpm config.status: creating sapi/fpm/php-fpm.service config.status: creating sapi/fpm/php-fpm.8 config.status: creating sapi/fpm/status.html config.status: creating sapi/cgi/php-cgi.1 config.status: creating ext/phar/phar.1 config.status: creating ext/phar/phar.phar.1 config.status: creating main/php_config.h config.status: executing default commands
- make && make install # 这一步需要等待一些时间
当编译完成以后会出现以下输出:
Build complete. Don't forget to run 'make test'. Installing shared extensions: /usr/local/php5637/lib/php/extensions/no-debug-non-zts-20131226/ Installing PHP CLI binary: /usr/local/php5637/bin/ Installing PHP CLI man page: /usr/local/php5637/php/man/man1/ Installing PHP FPM binary: /usr/local/php5637/sbin/ Installing PHP FPM config: /usr/local/php5637/etc/ Installing PHP FPM man page: /usr/local/php5637/php/man/man8/ Installing PHP FPM status page: /usr/local/php5637/php/php/fpm/ Installing PHP CGI binary: /usr/local/php5637/bin/ Installing PHP CGI man page: /usr/local/php5637/php/man/man1/ Installing build environment: /usr/local/php5637/lib/php/build/ Installing header files: /usr/local/php5637/include/php/ Installing helper programs: /usr/local/php5637/bin/ program: phpize program: php-config Installing man pages: /usr/local/php5637/php/man/man1/ page: phpize.1 page: php-config.1 Installing PEAR environment: /usr/local/php5637/lib/php/ [PEAR] Archive_Tar - installed: 1.4.3 [PEAR] Console_Getopt - installed: 1.4.1 [PEAR] Structures_Graph- installed: 1.1.1 [PEAR] XML_Util - installed: 1.4.2 [PEAR] PEAR - installed: 1.10.5 Wrote PEAR system config file at: /usr/local/php5637/etc/pear.conf You may want to add: /usr/local/php5637/lib/php to your php.ini include_path /data/home/snowwen/php-5.6.37/build/shtool install -c ext/phar/phar.phar /usr/local/php5637/bin ln -s -f phar.phar /usr/local/php5637/bin/phar Installing PDO headers: /usr/local/php5637/include/php/ext/pdo/
5.php多版本共存配置
这时候,机器上就有2个版本的php,一个是5.3的一个是5.6的,默认的还是5.3版本的
which php /usr/bin/php
/usr/local/php5637/bin/php -v PHP 5.6.37 (cli) (built: Dec 23 2018 15:36:55) Copyright (c) 1997-2016 The PHP Group Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
php -v PHP 5.3.3 (cli) (built: Apr 25 2016 06:50:23) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
通过设置软链接替换默认版本的PHP:
mv /usr/bin/php /usr/bin/php.old ln -s /usr/local/php5637/bin/php /usr/bin/php
php -v PHP 5.6.37 (cli) (built: Dec 23 2018 15:36:55) Copyright (c) 1997-2016 The PHP Group Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
好了php解释器的版本我们已经成功升级了,现在还需要对php-fpm进行升级,旧版本的php-fpm调用的依然还是php5.3版本
ps -ef|grep php-fpm root 30533 1 0 Oct19 ? 00:01:40 php-fpm: master process (/etc/php-fpm.conf) apache 30534 30533 0 Oct19 ? 03:01:39 php-fpm: pool www apache 30535 30533 0 Oct19 ? 03:00:54 php-fpm: pool www apache 30536 30533 0 Oct19 ? 03:00:54 php-fpm: pool www apache 30537 30533 0 Oct19 ? 03:01:04 php-fpm: pool www apache 30538 30533 0 Oct19 ? 03:01:00 php-fpm: pool www
6.php-fpm、php.ini 配置
(1)配置php-fpm服务
php5.3.3以后的版本php-fpm只需要在编译安装php源码的时候用–enable-fpm开启这个功能即可。
编译安装完成以后,我们需要把安装的etc目录下的php-fpm.conf.default配置示例文件复制并改名为php-fpm.conf配置文件
cd /usr/local/php5637/etc/ cp php-fpm.conf.default php-fpm.conf
php-fpm.conf配置:
;开启错误日志记录 error_log = /var/log/php-fpm/error.log log_level = error #错误级别. 可用级别为: alert(必须立即处理), error(错误情况), warning(警告情况), notice(一般重要信息), debug(调试信息). 默认: notice. ;启动进程的帐户和组 user = www group = www ;static(静态) :表示在fpm运行时直接fork出pm.max_chindren个worker进程 ;dynamic(动态):表示运行时fork出start_servers个进程,随着负载的情况,动态的调整,最多不超过max_children个进程。 ;这里推荐使用static,优点是不用动态判断负载情况,减少创建进程开销,提升性能。缺点是会多占用写系统内存资源。 pm = static ;原则上来说,php-fpm进程数量越多处理越快,因为排队的请求数量会很少。但是max_children还是需要跟进服务器的性能来进行设定 ;一般情况下,每个php-fpm所消耗的内存在20M左右,这里我设置成50,也就是大概1000M max_children=50 ;最大请求数max_requests:指一个php-fpm的worker进程在处理多少个请求之后就终止掉,master进程会重新rspawn一个新的worker进程。 ;它的作用主要是避免php解释器或程序引用的第三方库造成内存泄露,缺点是:在高并发场景下,php-fpm的重启可能会造成502错误(间歇性的502一般认为是php-fpm进程造成的)。所以这个值尽量设置大一些,减少master进程rspawn的次数,同时也可以提供总体性能。 pm.max_requests = 10240 ;最长执行时间request_terminate_timeout,可以设置单个请求的超时终止时间。该选项可能会对php.ini设置中的'max_execution_time'因为某些特殊原因没有中止运行的脚本有用。设置为 '0' 表示 'Off'。当经常出现502错误时可以尝试更改此选项。 request_terminate_timeout = 30s request_slowlog_timeout = 5s #当一个请求该设置的超时时间后,就会将对应的PHP调用堆栈信息完整写入到慢日志中, 设置为 '0' 表示 'Off'。这个在做性能调优分析的时候很有帮助。 slowlog = /var/log/php-fpm/$pool.log.slow #慢请求的记录日志,配合request_slowlog_timeout使用
(2)配置php.ini文件
cd /xxx/php-5.6.37 # 进入源码目录
拷贝源码目录下的php.ini-production文件到编译安装时指定的配置文件目录:
cp php.ini-production /usr/local/php5637/etc/
php.ini关键配置:
# 为On时,则表示允许,也就是说,此时可以通过file_get_contents(),include(),require()等函数直接从远端获取数据
# 容易造成任意文件读取和包含问题,注意,此项默认就是开启的
allow_url_fopen = Off
# 容易造成远程包含,强烈建议关闭此项
allow_url_include = Off
# 禁用各种高危函数,尽可能让各种 webshell无法再靠php内置函数来执行各种系统命令。这里根据实际需求来控制
disable_functions = dl,eval,exec,system,readlink,symlink,chroot,chown,opendir,readdir,chdir,dir,unlink,delete,copy,rename
# 无论是现网环境还是测试环境,都要开启php错误日志记录
log_errors = On
# 指定php错误日志存放位置
error_log = /usr/local/php5637/var/log/php_errors.log
# 设置php的错误报告级别,只需要报告警告和错误即可
error_reporting = E_WARING & ERROR
# 现网环境一定要关闭错误显示,切记千万不让让php错误输出到前端页面上
display_errors = Off
# 限制php单脚本执行时长
max_execution_time = 30
(3)添加系统启动服务
cd /xxxxx/php-5.6.37 # 进入源码目录 cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm56 chmod +x /etc/init.d/php-fpm56 chkconfig --add php-fpm56 service php-fpm stop # 把旧版本的php-fpm进程关闭 service php-fpm56 start ss -tnl
我们在看下php-fpm进程,这时候php-fpm已经成功升级到新版本。
ps -ef|grep php-fpm root 22883 1 0 16:38 ? 00:00:00 php-fpm: master process (/usr/local/php5637/etc/php-fpm.conf) apache 22884 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22885 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22886 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22887 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22888 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22889 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22890 22883 0 16:38 ? 00:00:00 php-fpm: pool www apache 22891 22883 0 16:38 ? 00:00:00 php-fpm: pool www
7.nginx配置
(1)获取CPU核数
cat /proc/cpuinfo |grep processor processor : 0 processor : 1 processor : 2 processor : 3 processor : 4 processor : 5
将nginx.conf文件中 work_processes的值设置为机器的处理器核数。
同时增大worker_connections(每个处理器核可以处理的连接数量),如果使用的是Linux,则使用”epoll”:
events {
use epoll;
worker_connections 100000;
}
(2)禁用访问日志文件
access_log:把每个用户访问网站的日志信息记录到指定的日志文件里,用于后续分析用户浏览行为等 ,访问量高的网站改操作会造成频繁的日志IO操作,影响较大,建议关闭。
access_log off; log_not_found off; error_log /var/log/nginx-error.log warn;
如果需要记录用户访问行为,不能关闭访问日志文件,至少要使用缓冲:
access_log /var/log/nginx/access.log main buffer=16k;
(3)配置服务器
server {
listen 127.0.0.1:80;
server_name shuwoom.com;
index index.html index.htm index.php;
root /usr/local/services/nginx/html;
access_log /usr/local/services/nginx/log/shuwoom.com.access.log;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location / {
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php?$1 last;
}
}
}
参考:
https://klionsec.github.io/2017/11/23/phpsec/
https://www.cnblogs.com/52php/p/6123819.html
http://blog.51cto.com/dengxi/1710479
http://blog.xiayf.cn/2014/05/03/optimizing-nginx-and-php-fpm-for-high-traffic-sites/
https://www.kancloud.cn/digest/php-src/136260
微信扫一扫,打赏作者吧~相关文章...
