上線前準備

購買服務器，目前選擇的是阿里雲服務器，選擇的是入門型1核1G實例

目前沒什麼活動，三年1400軟妹幣

配置SSH連接

增加本機ssh連接配置，一般激活實例後，ssh的22端口是默認開放的，可以直接通過root用戶進行登錄配置部署環境

登錄到服務器後，將自己的公鑰加入到 ~/.ssh/authorized_keys 配置文件中就可直接通過祕鑰進行登錄

服務器配置

服務器系統版本：CentOS Linux release 7.4.1708 (Core)

內存：1G

CPU：1核

硬盤：40G

上線流程 - 環境搭建

安裝Mysql5.5

因爲服務器配置有點低，所以這邊選擇安裝比較低的mysql版本。從CentOS 7.0發佈以來，yum源中開始使用mariadb來代替MySQL的安裝。即使你輸入的是yum install mysql , 顯示的也是mariadb的安裝內容，因此，如果使用yum安裝MySQL的話，就需要去下載官方指定的yum源。
網址： https://dev.mysql.com/downloads/repo/yum/。

先卸載mariadb，查看mariadb是否已經安裝

[root@iZbp17dq2xryqoixibq5u1Z ~]#  yum list installed | grep mariadb
mariadb-libs.x86_64                     1:5.5.56-2.el7                 @anaconda

進行卸載

[root@iZbp17dq2xryqoixibq5u1Z ~]# yum -y remove mariadb*
Loaded plugins: fastestmirror
Resolving Dependencies
......     **省略過程**

Removed:
  mariadb-libs.x86_64 1:5.5.56-2.el7

Dependency Removed:
  postfix.x86_64 2:2.10.1-6.el7                                                                redhat-lsb-core.x86_64 0:4.1-27.el7.centos.1

Complete!

獲取yum源和數據庫安裝（官方指南）

wget http://repo.mysql.com/yum/mysql-5.5-community/el/6/x86_64/mysql-community-release-el6-5.noarch.rpm     #MySQL5.5yum源

安裝yum源

rpm -ivh mysql-5.5-community/el/6/x86_64/mysql-community-release-el6-5.noarch.rpm

安裝好yum源後，需要修改一下配置文件，文件路徑在 /etc/yum.repos.d/mysql-community.repo，要將5.5的enabled改爲1，而5.6的enabled改爲0

# Enable to use MySQL 5.5
[mysql55-community]
name=MySQL 5.5 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.5-community/el/6/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

# Enable to use MySQL 5.6
[mysql56-community]
name=MySQL 5.6 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.6-community/el/6/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

# Note: MySQL 5.7 is currently in development. For use at your own risk.
# Please read with sub pages: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/
[mysql57-community-dmr]
name=MySQL 5.7 Community Server Development Milestone Release
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/6/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

修改後保存退出，開始安裝MySQL。在安裝之前，可以查看下是否已有MySQL可安裝文件

[root@iZbp17dq2xryqoixibq5u1Z ~]# yum repolist enabled | grep "mysql.*-community.*"
mysql-connectors-community/x86_64 MySQL Connectors Community                  49
mysql-tools-community/x86_64      MySQL Tools Community                       61
mysql55-community/x86_64          MySQL 5.5 Community Server                 449

安裝mysql

# 安裝client，devel，server
yum install mysql-community-client mysql-community-devel mysql-community-server

安裝完畢後，可以查看下當前mysql版本

[root@iZbp17dq2xryqoixibq5u1Z ~]# rpm -qi mysql-community-server
Name        : mysql-community-server
Version     : 5.5.60
Release     : 2.el6
Architecture: x86_64
Install Date: 2018年05月05日 星期六 16:26:00
......

啓動mysql

執行 service mysqld start 啓動mysql

[root@iZbp17dq2xryqoixibq5u1Z ~]# service mysqld start
Starting mysqld (via systemctl):                           [  OK  ]

ok，mysql安裝完畢

常用命令：
systemctl start mysqld #啓動mysqld

systemctl stop mysqld #停止mysqld

systemctl restart mysqld #重啓mysqld

systemctl enable mysqld #設置開機啓動

systemctl status mysqld #查看 MySQL Server 狀態

數據庫安全設置
設置mysql root賬戶密碼

# mysqladmin -u root password 'new password'

重新登錄mysql報如下錯誤

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

執行如下命令進行解決

[root@iZbp17dq2xryqoixibq5u1Z ~]# systemctl stop mysqld        **關閉mysql服務**
[root@iZbp17dq2xryqoixibq5u1Z ~]# mysqld --user=root --skip-grant-tables &        **關閉skip-grant-tables**
[1] 32163
[root@iZbp17dq2xryqoixibq5u1Z ~]# 180505 16:57:08 [Note] mysqld (mysqld 5.5.60) starting as process 32163 ...
180505 16:57:08 [Note] Plugin 'FEDERATED' is disabled.
180505 16:57:08 InnoDB: The InnoDB memory heap is disabled
180505 16:57:08 InnoDB: Mutexes and rw_locks use GCC atomic builtins
180505 16:57:08 InnoDB: Compressed tables use zlib 1.2.3
180505 16:57:08 InnoDB: Using Linux native AIO
180505 16:57:08 InnoDB: Initializing buffer pool, size = 128.0M
180505 16:57:08 InnoDB: Completed initialization of buffer pool
180505 16:57:08 InnoDB: highest supported file format is Barracuda.
180505 16:57:08  InnoDB: Waiting for the background threads to start
180505 16:57:09 InnoDB: 5.5.60 started; log sequence number 1595675
180505 16:57:09 [Note] Server hostname (bind-address): '0.0.0.0'; port: 3306
180505 16:57:09 [Note]   - '0.0.0.0' resolves to '0.0.0.0';
180505 16:57:09 [Note] Server socket created on IP: '0.0.0.0'.
180505 16:57:09 [Note] mysqld: ready for connections.
Version: '5.5.60'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  MySQL Community Server (GPL)
mysql -u root mysql        **空密碼登入**
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.5.60 MySQL Community Server (GPL)

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> UPDATE user SET authentication_string=PASSWORD('new password') where USER='root';        **重新設置root密碼**
Query OK, 4 rows affected (0.00 sec)
Rows matched: 4  Changed: 4  Warnings: 0

mysql> FLUSH PRIVILEGES;        **刷新設置**
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

安裝PHP環境

開始安裝PHP和PHP-FPM
首先安裝EPEL。EPEL即Extra Packages for Enterprise Linux的簡稱，是爲企業級Linux提供的一組高質量的額外軟件包

yum -y install epel-release

安裝PHP和PHP-FPM

yum -y install php php-fpm

查看PHP版本

[root@iZbp17dq2xryqoixibq5u1Z ~]# php -v
PHP 5.4.16 (cli) (built: Mar  7 2018 13:34:47)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies

這時發現PHP版本是5.4的，原因是yum默認的epel-release源太低了，而我需要部署的網站是基於Laravel5.5開發的，環境要求：

PHP >= 7.0.0 需要重新安裝PHP7

PHP OpenSSL 擴展

PHP PDO 擴展

PHP Mbstring 擴展

PHP Tokenizer 擴展

PHP XML 擴展

刪除之前安裝的PHP版本

yum remove php* php-common

我們需要更換下rpm源，搜索epel-release源並刪除後進行更新

[root@iZbp17dq2xryqoixibq5u1Z ~]# rpm -qa | grep epel
epel-release-7-11.noarch
[root@iZbp17dq2xryqoixibq5u1Z ~]# rpm -e epel-release-7-11.noarch
warning: /etc/yum.repos.d/epel.repo saved as /etc/yum.repos.d/epel.repo.rpmsave
[root@iZbp17dq2xryqoixibq5u1Z ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm
Retrieving https://mirror.webtatic.com/yum/el7/epel-release.rpm
warning: /var/tmp/rpm-tmp.PHnPwl: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:epel-release-7-5                 ################################# [100%]
[root@iZbp17dq2xryqoixibq5u1Z ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Retrieving https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
warning: /var/tmp/rpm-tmp.ohTozh: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:webtatic-release-7-3             ################################# [100%]

重新安裝PHP和一些相關擴展

yum install php72w-cli.x86_64 php72w-common.x86_64 php72w-gd.x86_64 php72w-ldap.x86_64 php72w-mbstring.x86_64 php72w-pdo.x86_64

安裝PHP-FPM

yum install php72w-fpm

再次查看PHP版本

[root@iZbp17dq2xryqoixibq5u1Z ~]# php -v
PHP 7.2.4 (cli) (built: Mar 30 2018 08:49:13) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

啓動PHP-FPM

systemctl start php-fpm
systemctl enable php-fpm.service        **開機自啓動**

常用命令：

systemctl start php-fpm # 啓動
systemctl stop php-fpm # 停止

systemctl restart php-fpm # 重啓

systemctl enable php-fpm #開機自啓動

安裝Nginx

開始安裝Nginx

yum install nginx

安裝完畢後，啓動Nginx

systemctl start nginx
systemctl enable nginx        **系統啓動時自動啓動Nginx**

常用命令：

fuser -k 80/tcp # 殺死80端口
nginx -s stop # 停止

nginx -s reopen # 重啓

nginx -s reload # 重新載入配置文件

網站部署

生成祕鑰

ssh-keygen -t rsa

提示一直回車就行，將生成的祕鑰添加到項目託管的git庫網站上，因爲我的網站是放在Coding上，我直接添加在了項目部署祕鑰

克隆項目

通過 git clone 命令將項目拉取到服務器上，我這邊因爲是Nginx，所以我拉取到 /var/www/ 目錄下，

安裝composer

[root@iZbp17dq2xryqoixibq5u1Z project_fjylhjjsyxgs]# curl -sS https://getcomposer.org/installer | php
All settings correct for using Composer
Downloading...

Composer (version 1.6.5) successfully installed to: /var/www/project_fjylhjjsyxgs/composer.phar
Use it: php composer.phar

移動composer.phar文件到/usr/local/bin目錄下，使命令全局可用，並更換Packagist中國全量鏡像

mv composer.phar /usr/local/bin/composer
composer config -g repo.packagist composer https://packagist.phpcomposer.com

通過composer安裝項目依賴，但是出現了報錯

[root@iZbp17dq2xryqoixibq5u1Z project_fjylhjjsyxgs]# composer install
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Installation request for phar-io/manifest 1.0.1 -> satisfiable by phar-io/manifest[1.0.1].
    - phar-io/manifest 1.0.1 requires ext-dom * -> the requested PHP extension dom is missing from your system.
  Problem 2
    - Installation request for phpunit/php-code-coverage 5.3.0 -> satisfiable by phpunit/php-code-coverage[5.3.0].
    - phpunit/php-code-coverage 5.3.0 requires ext-dom * -> the requested PHP extension dom is missing from your system.
  Problem 3
    - Installation request for phpunit/phpunit 6.5.7 -> satisfiable by phpunit/phpunit[6.5.7].
    - phpunit/phpunit 6.5.7 requires ext-dom * -> the requested PHP extension dom is missing from your system.
  Problem 4
    - Installation request for theseer/tokenizer 1.1.0 -> satisfiable by theseer/tokenizer[1.1.0].
    - theseer/tokenizer 1.1.0 requires ext-dom * -> the requested PHP extension dom is missing from your system.

  To enable extensions, verify that they are enabled in your .ini files:
    - /etc/php.ini
    - /etc/php.d/bz2.ini
    - /etc/php.d/calendar.ini
    - /etc/php.d/ctype.ini
    - /etc/php.d/curl.ini
    - /etc/php.d/exif.ini
    - /etc/php.d/fileinfo.ini
    - /etc/php.d/ftp.ini
    - /etc/php.d/gd.ini
    - /etc/php.d/gettext.ini
    - /etc/php.d/gmp.ini
    - /etc/php.d/iconv.ini
    - /etc/php.d/json.ini
    - /etc/php.d/ldap.ini
    - /etc/php.d/mbstring.ini
    - /etc/php.d/pdo.ini
    - /etc/php.d/pdo_sqlite.ini
    - /etc/php.d/phar.ini
    - /etc/php.d/shmop.ini
    - /etc/php.d/simplexml.ini
    - /etc/php.d/sockets.ini
    - /etc/php.d/sqlite3.ini
    - /etc/php.d/tokenizer.ini
    - /etc/php.d/xml.ini
    - /etc/php.d/zip.ini
  You can also run `php --ini` inside terminal to see which files are used by PHP in CLI mode.

Google後發現，php-xml擴展有以上需要的相關軟件包

yum install php72w-xml.x86_64

重新執行composer install命令，依賴下載成功

設置Nginx配置文件

我本機homestead中的Nginx是通過 /etc/nginx/sites-available 目錄設置對應多域名的nginx配置文件，但是不知道服務器上安裝的Nginx，卻沒有這個目錄，所以查看了下Nginx.conf文件，發現http模塊中有如下一條配置

    本機homestead中Nginx.conf
    ##
    # Virtual Host Configs
    ##
    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
    
    服務器上安裝的Nginx.conf
    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

那好吧，我估計sites-available也是軟連接的conf.d或者sites-enabled目錄吧，所以我就直接將官方手冊中Nginx配置複製了一份到/etc/nginx/conf.d/域名.conf，修改了一些配置

server {
    listen 80;
    server_name 域名或公網IP;
    root 項目地址指向到public目錄;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;        **這裏有個坑下面講**
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

配置完畢，保存退出，通過域名訪問，發現報502錯誤，查看下Nginx的錯誤日誌，發現報如下錯誤

2018/05/06 20:17:37 [crit] 5898#0: *66 connect() to unix:/var/run/php/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream,

簡單的講下，php-fpm.sock文件就是讓Nginx和PHP-FPM的進程間進行通信的文件，具體的含義，這邊就不做詳細介紹了。進這個目錄查看下是否存在這個目錄或文件，發現兩個問題：

目錄錯誤，不是/var/run/php，而是/var/run/php-fpm
php7.2-fpm.sock這個文件未生成

未生成原因：php5.3之後的版本，php-fpm.conf裏的listen的默認配置是127.0.0.1:9000，也就是tcp的方式，不會生成php-fpm.sock。

因爲這次上線的網站沒有什麼併發量，unix socket方式要比tcp的方式快而且消耗資源少，所以我還是採用unix socket方式。定位到問題後，修改下 /etc/php-fpm.d/www.conf，也就是php-fpm的配置文件，關閉原來的listen方式，然後重啓下php-fpm

;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php7.2-fpm.sock

這個時候，由於職業習慣，想把Nginx也重啓下，然後就又碰到了一個問題

[root@iZbp17dq2xryqoixibq5u1Z project_fjylhjjsyxgs]# nginx -s stop
[root@iZbp17dq2xryqoixibq5u1Z project_fjylhjjsyxgs]# nginx -s reload
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)

這應該是因爲把Nginx進程殺死後pid丟失了，下一次再開啓nginx -s reload時無法啓動。再次面向Google編程，發現還有挺多人碰到這個問題，所以解決方法馬上就能搜索到了，執行如下命令

nginx -c /etc/nginx/nginx.conf
nginx -s reload

ok，接着Navicat遠程連接到服務器數據庫，source下數據庫完畢。現看起來應該是可以跑起網站來了。再次訪問域名，發現還是502，再次查看Nginx日誌，報如下錯誤：

2018/05/06 20:37:00 [crit] 6078#0: *1 connect() to unix:/var/run/php-fpm/php7.2-fpm.sock failed (13: Permission denied) while connecting to upstream,

和上面報錯看起來差不多，但是這次主要問題出在跑Nginx的用戶是Nginx，而php-fpm.sock這個文件，監聽的Nginx用戶沒有該權限，導致Nginx無法訪問php-fpm.sock這個文件，自然監聽就失去了效果，再次修改php-fpm配置文件和重啓下php-fpm

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

重新訪問下域名，發現訪問任何路由都是白屏，這次狀態碼都是200了，但是沒有任何輸出，再次面向Google編程……發現問題：

由於nginx與php-fpm之間的一個小bug，會導致這樣的現象：網站中的靜態頁面 .html 都能正常訪問，而 .php 文件雖然會返回200狀態碼，但實際輸出給瀏覽器的頁面內容卻是空白。簡而言之，原因是nginx無法正確的將 *.php 文件的地址傳遞給php-fpm去解析，相當於php-fpm接受到了請求，但這請求卻指向一個不存在的文件，於是返回空結果。爲了解決這個問題，需要改動nginx默認的fastcgiparams配置文件

在 /etc/nginx/fastcgi_params 文件的最後增加兩行：

fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;  
fastcgi_param PATH_INFO     $fastcgi_script_name;

再再再次訪問域名，終於正常顯示了，但是頁面上又出現了新的錯誤：

could not find driver（select * from users where deleted = 0）

任何有sql查詢的頁面都報如上錯誤，這個錯誤多半是因爲pdo_mysql未打開或者未安裝此模塊造成，執行 php -m 發現還真沒裝，安裝php72w-mysql又遇到一個坑

yum install php72w-mysql

報如下錯誤，說缺少libmysqlclient.so.18依賴

......
error: package: php72w-mysql 
requires: libmysqlclient.so.18(libmysqlclient_18)(64bit)
Available: 1:mariadb-libs-5.5.52-1.el7.x86_64 (base)
           libmysqlclient.so.18(libmysqlclient_18)(64bit)
......

這就很奇怪了，查看用戶庫文件目錄內libmysqlclient.so.18已經存在

[root@iZbp17dq2xryqoixibq5u1Z ~]# ll /usr/lib64/mysql/libmysqlclient.so.18
libmysqlclient.so.18      libmysqlclient.so.18.1.0

這個坑花了一個小時，Google多次嘗試無果後，認真思考下可能的原因，想了想可能是mysql版本的問題，修改下 /etc/yum.repos.d/mysql-community.repo 配置文件，將5.6的enabled設爲1，5.5設爲0，更新Mysql版本後，再次執行 yum install php72w-mysql 安裝pdo_mysql模塊成功…...

至此，網站訪問終於成功！

後續的部署優化，另外開篇記錄。

原文博客地址

這個週末上線一個幫朋友做的網站，遇到挺多坑，記錄一下