题目1:httpd所支持的处理模型有哪些,他们的分别使用于哪些环境。
(1)prefork模型:
功能:多进程模型,每个进程响应一个请求
工作方式:
①一个主进程:负责生成子进程及回收子进程(工作进程),负责创建套接字,负责接收请求,并将其派发给某子进程进行处理
②n个子进程:每个子进程一个请求
主控进程会预先生成几个空闲子进程,随时等待用于响应用户请求。根据处理过程,可能会改变空闲进程的数量,需要定义最大空闲和最小空闲
(2)worker模型:
功能:多进程多线程模型,每个线程处理一个用户请求
工作方式:
①一个主进程:负责生成子进程,负责创建套接字,负责接收请求,并将其派发给某子进程进行处理
②多个子进程:每个子进程负责生成多个线程
③每个线程:负责响应用户请求
并发响应数量:m*n (其中m表示子进程数量,n表示每个子进程所能创建的最大线程数量)
(3)event模型:
功能:事件驱动模型,多进程模型,每个进程响应多个请求
工作方式:
①一个主进程:负责生成子进程负责创建套接字负责接收请求,并将其派发给某子进程进行处理
②子进程:基于事件驱动机制直接响应多个请求
并发响应数量:m*n (其中m表示子进程数量,n表示每个进程所能响应的最大请求数量)
题目2:源码编译安装LAMP环境(基于wordpress程序),并写出详细的安装、配置、测试过程。
源码编译安装LAMP环境:
httpd-2.4:prefork模型
mariadb-5.5:通用二进制格式(被php5依赖,需要先编译安装)
php-5.4:编译为httpd的module
安装编译环境
# yum -y groupinstall "Development Tools" "Server Platform Development"
(1)安装httpd
# yum -y install pcre-devel apr-devel apr-util-devel openssl-devel # tar xf httpd-2.4.23.tar.bz2 # cd httpd-2.4.23 # ./configure --prefix=/usr/local/apache24 --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local /apr --with-apr-util=/usr/local/apr-util --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork # make && make install 导出httpd程序路径: # vim /etc/profile.d/httpd.sh export PATH=/usr/local/apache24/bin:$PATH # . /etc/profile.d/httpd.sh 导出httpd头文件: # ln -sv /usr/local/apache24/include /usr/include/httpd 启动服务: # apachectl start
(2)使用通用二进制格式安装mariadb
# useradd -r mysql # tar xf mariadb-VERSION.tar.xz -C /usr/local # cd /usr/local # ln -sv mariadb-VERSION mysql # cd /usr/local/mysql # chown -R root:mysql # scripts/mysql_install_db --user=mysql --datadir=/mydata/data # cp support-files/mysql.server /etc/init.d/mysqld # chkconfig --add mysqld 准备数据目录: # mkdir /mydata/data 提供配置文件: # cp support-files/my-large.cnf /etc/my.cnf # vim /etc/my.cnf [mysqld] datadir = /mydata/data innodb_file_per_table = ON skip_name_reslove = ON 启动mysql服务: # service mysqld start 导出mysql程序路径: # vim /etc/profile.d/mysql.sh export PATH=/usr/local/mysql/bin:$PATH 导出mysql库文件: # vim /etc/ld.so.conf.d/mysql.conf /usr/local/mysql/lib # ldconfig 导出mysql头文件: # ln -sv /usr/local/mysql/include /usr/include/mysql
(3)安装php
# yum install libxml2-devel libmcrypt-devel bzip2-devel # ./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-openssl --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring --with-png-dir --with-jpeg-dir --with-freetype-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-apxs2=/usr/local/apache24/bin/apxs --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 # make && make install 为了使httpd能够识别php动态资源并能够提交给httpd的php模块(引擎),需要编辑httpd的配置文件 /etc/httpd24/httpd.conf,在相应位置添加AddType配置: # cp php-5.4.45/php.ini-production /etc/php.ini # vim /etc/httpd24/httpd.conf AddType application/x-httpd-php .php DirectoryIndex index.php index.html 检查httpd配置文件语法: # apachectl -t 重启httpd服务: # apachectl restart
(4)部署wordpress
# tar xf wordpress-4.7-zh_CN.tar.gz -C /usr/local/apache/htdocs # chmod -R 777 /usr/local/apache/htdocs/wordpress 创建wordpress数据库、用户名及密码: # mysql mysql> CREATE DATABASE wpdb; mysql> GRANT ALL ON wpdb.* TO [email protected]‘192.168.%.%‘ IDENTIFIED BY ‘wppass‘; mysql> FLUSH PRIVILEGES; 在浏览器进行访问及部署wordpress: http://192.168.10.101/wordpress
题目3:建立httpd服务器(基于编译的方式进行),要求:
提供两个基于名称的虚拟主机:
(a)www1.stuX.com,页面文件目录为/web/vhosts/www1;错误日志为/var/log/httpd/www1.err,访问日志为/var/log/httpd/www1.access;
(b)www2.stuX.com,页面文件目录为/web/vhosts/www2;错误日志为/var/log/httpd/www2.err,访问日志为/var/log/httpd/www2.access;
(c)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名;
(d)通过www1.stuX.com/server-status输出httpd工作状态相关信息,且只允许提供帐号密码才能访问(status:status);
创建站点目录: # mkdir -pv /web/vhosts/{www1,www2} # mkdir /var/log/httpd # echo "<h1>www1.stuX.com</h1>" > /web/vhosts/www1/index.html # echo "<h1>www2.stuX.com</h1>" > /web/vhosts/www2/index.html # vim /etc/apache/httpd.conf 注释中心主机: #DocumentRoot "/usr/local/apache/htdocs" 引用虚拟主机配置文件: Include /etc/httpd24/extra/httpd-vhosts.conf # vim /etc/httpd24/httpd.conf 配置添加如下两个虚拟主机: <VirtualHost *:80> ServerName www1.stuX.com DocumentRoot "/web/vhosts/www1" ErrorLog "/var/log/httpd/www1.err" CustomLog "/var/log/httpd/www1.access" combined <Directory "/web/vhosts/www1"> Options None AllowOverride None Require all granted </Directory> <Location /server-status> SetHandler server-status AuthType Basic AuthName "server-status" AuthUserFile "/etc/apache/.status_pwd" Require valid-user </Location> </VirtualHost> <VirtualHost *:80> ServerName www2.stuX.com DocumentRoot "/web/vhosts/www2" ErrorLog "/var/log/httpd/www2.err" CustomLog "/var/log/httpd/www2.access" combined <Directory "/web/vhosts/www2"> Options None AllowOverride None Require all granted </Directory> </VirtualHost> # htpasswd -cm /etc/httpd24/.htpasswd status # apachectl -t # apachectl restart 测试主机: # vim /etc/hosts 192.168.10.101 www1.stuX.com www2.stuX.com 在浏览器进行访问测试: http://www1.stuX.com http://www2.stuX.com
题目4:为第4题中的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点;
(1)要求使用证书认证,证书中要求使用的国家(CN)、州(HA)、城市(ZZ)和组织(MageEdu);
(2)设置部门为Ops,主机名为www2.stuX.com,邮件为[email protected];
构建私有CA颁发SSL证书 # (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 4096) # openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3650 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.‘, the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HA Locality Name (eg, city) [Default City]:ZZ Organization Name (eg, company) [Default Company Ltd]:MageEdu Organizational Unit Name (eg, section) []:Ops Common Name (eg, your name or your server‘s hostname) []:www2.stuX.com Email Address []:[email protected] # mkdir -pv /etc/pki/CA/{certs,crl,newcerts} # touch /etc/pki/CA/{serial,index.txt} # echo 01 > /etc/pki/CA/serial 在请求主机生成私钥,并向CA申请签署证书 # (umask 077; openssl genrsa -out /etc/apache/ssl/httpd.key 2048) # openssl req -new -key /etc/apache/ssl/httpd.key -out /etc/apache/ssl/httpd.csr -days 365 CA签署证书 # openssl ca -in /etc/httpd24/ssl/httpd.csr -out /etc/pki/CA/certs/httpd.crt # cp /etc/pki/CA/certs/httpd.crt /etc/apache/ssl/ # vim /etc/httpd24/httpd.conf 引用SSL配置文件: Include /etc/apache/extra/httpd-ssl.conf 加载如下模块: LoadModule ssl_module modules/mod_ssl.so 编辑配置文件: # vim /etc/httpd24/extra/httpd-ssl.conf <VirtualHost _default_:443> DocumentRoot "/web/vhosts/www2" ServerName www2.stuX.com ErrorLog "/var/log/httpd/www2.ssl.err" TransferLog "/var/log/httpd/www2.ssl.access" <Directory "/web/vhosts/www2"> Options None AllowOverride None Require all granted </Directory> SSLEngine on SSLCertificateFile "/etc/httpd24/ssl/httpd.crt" SSLCertificateKeyFile "/etc/httpd24/ssl/httpd.key" </VirtualHost> # apachectl -t # apachectl restart 在浏览器进行访问测试: https://www2.stuX.com
题目5:在LAMP架构中,请分别以php编译成httpd模块形式和php以fpm工作为独立守护进程的方式来支持httpd,列出详细的过程。