本站的后台之前使用的Tengine+HHVM环境, 前段时间更新了 HHVM 之后,感觉访问 Blog 的速度慢了很多,不知道是不是与使用的某些插件不兼容的原因,正好 Aliyun 添加了 Ubuntu14.04镜像,趁这次更新系统的机会,重新采用Tengine+PHP-FPM的架构来运行 Wordpress.下面记录一下安装的过程.

备份好数据之后,在 Aliyun 后台更新系统盘,选择 Ubuntu 14.04这个镜像.

完成之后,登录到服务器.

先进行一些系统参数的优化设置.

#Synchronization time
rm -rf /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

apt-get install -y ntpdate
ntpdate -u pool.ntp.org
date

#Disable SeLinux
if [ -s /etc/selinux/config ]; then
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
fi

if [ -s /etc/ld.so.conf.d/libc6-xen.conf ]; then
sed -i 's/hwcap 1 nosegneg/hwcap 0 nosegneg/g' /etc/ld.so.conf.d/libc6-xen.conf
fi
#set sysctl
\cp /etc/sysctl.conf /etc/sysctl.conf.bak

sed -i 's/net\.ipv4\.tcp_syncookies.*/net\.ipv4\.tcp_syncookies = 1/' /etc/sysctl.conf

if cat /etc/sysctl.conf | grep "aliyun web add" > /dev/null ;then
echo ""
else
cat >> /etc/sysctl.conf < /dev/null;then
	echo ""
else
	echo "* soft nofile 65535" >> /etc/security/limits.conf
fi

if cat /etc/security/limits.conf | grep "* hard nofile 65535" > /dev/null ;then
	echo ""
else
	echo "* hard nofile 65535" >> /etc/security/limits.conf
fi

然后更新系统,安装必要的系统组件.

apt-get update
apt-get autoremove -y
apt-get -fy install
apt-get install -y build-essential gcc g++ make
for packages in build-essential gcc g++ make cmake automake autoconf re2c wget cron bzip2 libzip-dev libperl-dev libc6-dev iptables file libaio* rcconf flex vim nano bison m4 gawk less make cpp binutils diffutils unzip tar bzip2 unrar p7zip libncurses5-dev libncurses5 libncurses5-dev libncurses5-dev libtool libevent-dev libpcre3 libpcre3-dev libpcrecpp0  zlibc openssl libsasl2-dev libltdl3-dev libltdl-dev libmcrypt-dev zlib1g zlib1g-dev libbz2-1.0 libbz2-dev libglib2.0-0 libglib2.0-dev libpng3 libjpeg62 libjpeg62-dev libpng-dev libpng12-0 libpng12-dev curl libcurl3 libmhash2 libmhash-dev libpq-dev libpq5 gettext libncurses5-dev libjpeg-dev libxml2-dev libfreetype6 libfreetype6-dev libssl-dev libcurl3 libcurl4-openssl-dev libcurl4-gnutls-dev mcrypt libcap-dev diffutils ca-certificates debian-keyring debian-archive-keyring;
do apt-get install -y $packages --force-yes;apt-get -fy install;apt-get -y autoremove; done

接着下载Tengine并编译安装,我使用的是截至到当前的最新版本2.0.3.

wget -c http://tengine.taobao.org/download/tengine-2.0.3.tar.gz
tar zxf tengine-2.0.3.tar.gz
cd tengine-2.0.3
./configure --prefix=/usr/local/nginx \
--user=www-data \
--group=www-data \
--with-http_stub_status_module \
--without-http-cache \
--with-http_ssl_module \
--with-http_gzip_static_module \
--with-http_concat_module
CPU_NUM=$(cat /proc/cpuinfo | grep processor | wc -l)
if [ $CPU_NUM -gt 1 ];then
    make -j$CPU_NUM
else
    make
fi
make install

Tengine安装过程还是很快的,用不了几分钟,就安装完成.接着下载一个 Tengine 的控制脚本,用于使用 service nginx start/stop/reload 等操作,并添加nginx 开机启动.

wget https://raw.github.com/JasonGiedymin/nginx-init-ubuntu/master/nginx -O /etc/init.d/nginx
chmod +x /etc/init.d/nginx
service nginx status  # to poll for current status
sudo update-rc.d -f nginx defaults

至此,Tengine已经安装结束,使用 service nginx start启动Tengine之后,使用浏览器访问网站就可以看到相关的 Welcome 界面了.接下来我们开始安装 PHP.同样,我使用的也是当前的最新版本,PHP 5.5.17.

wget -c http://cn2.php.net/distributions/php-5.5.17.tar.gz
tar zxf php-5.5.17.tar.gz
cd php-5.5.17
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm \
--with-fpm-user=www-data \
--with-fpm-group=www-data \
--with-mysql=mysqlnd \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--enable-opcache \
--enable-static \
--enable-inline-optimization \
--enable-sockets \
--enable-wddx \
--enable-zip \
--enable-calendar \
--enable-bcmath \
--enable-soap \
--with-zlib \
--with-iconv \
--with-gd \
--with-xmlrpc \
--enable-mbstring \
--with-curl \
--enable-ftp \
--with-mcrypt  \
--disable-ipv6 \
--disable-debug \
--with-openssl \
--disable-maintainer-zts \
--disable-fileinfo
CPU_NUM=$(cat /proc/cpuinfo | grep processor | wc -l)
echo "make php"
if [ $CPU_NUM -gt 1 ];then
    make ZEND_EXTRA_LIBS='-liconv' -j$CPU_NUM
else
    make ZEND_EXTRA_LIBS='-liconv'
fi
make install

PHP的编译时间比Tengine要长一些,耐心等待 PHP 编译安装完全之后,需要进入一些软链接操作.同时对 php.ini 和 php-fpm.conf 进行一些优化设置.

ln -s /usr/local/php/bin/php /usr/bin/php
ln -s /usr/local/php/bin/phpize /usr/bin/phpize
ln -s /usr/local/php/sbin/php-fpm /usr/bin/php-fpm

mkdir -p /usr/local/php/etc
cp php.ini-production /usr/local/php/etc/php.ini

sed -i 's@expose_php = On@expose_php = Off@g' /usr/local/php/etc/php.ini
sed -i 's/post_max_size = 8M/post_max_size = 50M/g' /usr/local/php/etc/php.ini
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /usr/local/php/etc/php.ini
sed -i 's/;date.timezone =/date.timezone = PRC/g' /usr/local/php/etc/php.ini
sed -i 's/short_open_tag = Off/short_open_tag = On/g' /usr/local/php/etc/php.ini
sed -i 's/; cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /usr/local/php/etc/php.ini
sed -i 's/; cgi.fix_pathinfo=0/cgi.fix_pathinfo=0/g' /usr/local/php/etc/php.ini
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /usr/local/php/etc/php.ini
sed -i 's/max_execution_time = 30/max_execution_time = 300/g' /usr/local/php/etc/php.ini
sed -i 's/register_long_arrays = On/;register_long_arrays = On/g' /usr/local/php/etc/php.ini
sed -i 's/magic_quotes_gpc = On/;magic_quotes_gpc = On/g' /usr/local/php/etc/php.ini
sed -i 's/disable_functions =.*/disable_functions = passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsockopen/g' /usr/local/php/etc/php.ini

#enable opcache
sed -i '/;opcache.enable=0/i\zend_extension=opcache.so' /usr/local/php/etc/php.ini
sed -i 's/;opcache.enable=0/opcache.enable=1/g' /usr/local/php/etc/php.ini
sed -i 's/;opcache.enable_cli=0/opcache.enable_cli=1/g' /usr/local/php/etc/php.ini
sed -i 's/;opcache.memory_consumption=64/opcache.memory_consumption=128/g' /usr/local/php/etc/php.ini
sed -i 's/;opcache.interned_strings_buffer=4/opcache.interned_strings_buffer=8/g' /usr/local/php/etc/php.ini
sed -i 's/;pcache.max_accelerated_files=2000/pcache.max_accelerated_files=4000/g' /usr/local/php/etc/php.ini
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=60/g' /usr/local/php/etc/php.ini
sed -i 's/;opcache.fast_shutdown=0/opcache.fast_shutdown=1/g' /usr/local/php/etc/php.ini


cat >/usr/local/php/etc/php-fpm.conf<<EOF
[global]
pid = /usr/local/php/var/run/php-fpm.pid
error_log = /usr/local/php/var/log/php-fpm.log
log_level = notice

[www]
listen = /var/run/php5-fpm.sock
listen.backlog = -1
listen.allowed_clients = 127.0.0.1
listen.owner = www-data
listen.group = www-data
listen.mode = 0666
user = www-data
group = www-data
pm = dynamic
pm.max_children = 10
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 6
request_terminate_timeout = 100
request_slowlog_timeout = 0
slowlog = var/log/slow.log
EOF
cp ./php-5.5.17/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm

最后,挂载备份的数据盘.从备份盘恢复网站数据,并修改 Nginx 的配置,恢复网站的正常访问.

mkdir -p /backup
echo '/dev/xvdb1 /backup ext4 barrier=0 0 0' >> /etc/fstab mount -a

我已经将上面的过程编写成了一个脚本,可下载后查看(install.zip),也可以直接下载到服务器运行.完成之后,只需要添加 vhost的配置reload 一下 nginx 就可以正常访问了. 需要说明的是由于我使用了阿里云的 RDS,所以没有在服务器上安装 MySql.