<服务>Apache服务

时间:Nov. 15, 2016 分类:

目录:

Apache服务器安装方式

  1. 编译安装,可以根据自己想要的参数进行编译安装
  2. rpm或yum安装,简单方便,不够灵活
  3. 还有一种就是编译完后打出rpm包放到yum仓库,不过需要把编译完成的包制作成rpm包

Apache和Nginx

Apache稳定性和安全性更好,nginx并发性高,但Nginx在1M一下的小文件上有着很高的效率,但是超过1M的情况下,还是Apache性能强一些。

图片来源:https://w3techs.com/technologies/overview/web_server/all 时间:16年11月12日

Apache特点

功能强大,配置简单,速度快,应用广泛,性能稳定可靠,并可以做代理和负载均衡

Apache应用场合

  1. 运行静态网页,图片
  2. 结合PHP引擎运行PHP和Perl,Python,LAMP则成为经典组合
  3. 结合Tomcat/Resin运行jsp,java程序
  4. 做代理,负载均衡,rewrite规则过滤

Apachea安装

yum 安装

CentOS6.5光盘镜像中自带http [root@why-2 ~]# yum install -y httpd

编译安装

需要制定参数

--prefix=/usr/local/apache-2.2.31 #指定编译完成的目录
--enable-deflate    #消耗CPU,整体上提高传输速率,一般只压缩文本
--enable-expires    #浏览器缓存
--enable-headers    #头文件
--enable-modules=most       #使用大多数模块
--enable-so     #
--with-mpm=worker       #模式,worker是一个进程,然后由线程提供服务,系统开销小,并发大一些,缺点是线程崩溃会导致整个线程,或者整个进程崩溃,另一个模式prefork由进程派生子进程提供服务,这样系统稳定性强,开销会大一些,缺点是并发数较小
--enable-rewrite    #伪静态

下载源码包

[root@why-2 opt]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.2.31.tar.gz
--2016-11-12 22:34:32--  https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.2.31.tar.gz
Resolving mirrors.tuna.tsinghua.edu.cn... 166.111.206.63, 2402:f000:1:416:166:111:206:63
Connecting to mirrors.tuna.tsinghua.edu.cn|166.111.206.63|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7583841 (7.2M) [application/octet-stream]
Saving to: “httpd-2.2.31.tar.gz”

100%[=====================================================================================================================================================>] 7,583,841   18.6M/s   in 0.4s    

2016-11-12 22:34:34 (18.6 MB/s) - “httpd-2.2.31.tar.gz” saved [7583841/7583841]

解压

[root@why-2 opt]# tar xf httpd-2.2.31.tar.gz 

编译

[root@why-2 opt]# cd httpd-2.2.31
[root@why-2 httpd-2.2.31]# ./configure --prefix=/usr/local/apache-2.2.31 --enable-deflate --enable-expires --enable-headers --enable-modules=most --enable-so --with-mpm=worker --enable-rewrite

[root@why-2 httpd-2.2.31]# echo $?
0

可能会遇到的问题,在CentOS6.5下编译, 缺少zlib包,yum安装一下zlib和zlib-devel包 还有就是缺gcc,或者缺少Development tool包,需要yum groupinstall Development tool

[root@why-2 httpd-2.2.31]# make
make[1]: Leaving directory `/opt/httpd-2.2.31'
[root@why-2 httpd-2.2.31]# echo $?
0
[root@why-2 httpd-2.2.31]# make install
mkdir /usr/local/apache-2.2.31/man
mkdir /usr/local/apache-2.2.31/man/man1
mkdir /usr/local/apache-2.2.31/man/man8
mkdir /usr/local/apache-2.2.31/manual
make[1]: Leaving directory `/opt/httpd-2.2.31'
[root@why-2 httpd-2.2.31]# echo $?
0

创建软链

[root@why-2 httpd-2.2.31]# ln -s /usr/local/apache-2.2.31/ /usr/local/apache
[root@why-2 httpd-2.2.31]# ll !$/
ll /usr/local/apache/
total 60
drwxr-xr-x  2 root root  4096 Nov 13 00:10 bin
drwxr-xr-x  2 root root  4096 Nov 13 00:10 build
drwxr-xr-x  2 root root  4096 Nov 13 00:10 cgi-bin
drwxr-xr-x  4 root root  4096 Nov 13 00:10 conf
drwxr-xr-x  3 root root  4096 Nov 13 00:10 error
drwxr-xr-x  2 root root  4096 Jul 16  2015 htdocs
drwxr-xr-x  3 root root  4096 Nov 13 00:10 icons
drwxr-xr-x  2 root root  4096 Nov 13 00:10 include
drwxr-xr-x  3 root root  4096 Nov 13 00:10 lib
drwxr-xr-x  2 root root  4096 Nov 13 00:10 logs
drwxr-xr-x  4 root root  4096 Nov 13 00:10 man
drwxr-xr-x 14 root root 12288 Jul 16  2015 manual
drwxr-xr-x  2 root root  4096 Nov 13 00:10 modules

检查语法

[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -t
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Syntax OK

启动http

[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl start
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
[root@why-2 httpd-2.2.31]# lsof -i:80
COMMAND    PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
AliYunDun  897   root   11u  IPv4   8977      0t0  TCP 120.27.115.123:34575->140.205.140.205:http (ESTABLISHED)
httpd     1635   root    3u  IPv4 309616      0t0  TCP *:http (LISTEN)
httpd     1637 daemon    3u  IPv4 309616      0t0  TCP *:http (LISTEN)
httpd     1638 daemon    3u  IPv4 309616      0t0  TCP *:http (LISTEN)
httpd     1639 daemon    3u  IPv4 309616      0t0  TCP *:http (LISTEN)
[root@why-2 httpd-2.2.31]# ps -ef | grep httpd
root      1635     1  0 00:28 ?        00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon    1636  1635  0 00:28 ?        00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon    1637  1635  0 00:28 ?        00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon    1638  1635  0 00:28 ?        00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon    1639  1635  0 00:28 ?        00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
root      1727  9931  0 00:30 pts/4    00:00:00 grep httpd

也可以通过http -k start启动

web页面访问

出现It works!即可,表示正常

[root@why-2 httpd-2.2.31]# curl 120.27.115.123
<html><body><h1>It works!</h1></body></html>

apachectl 选项列表

[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl 
Usage: /usr/local/apache-2.2.31/bin/httpd [-D name] [-d directory] [-f file]
                                          [-C "directive"] [-c "directive"]
                                          [-k start|restart|graceful|graceful-stop|stop]
                                          [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S]
Options:
  -D name            : define a name for use in <IfDefine name> directives
  -d directory       : specify an alternate initial ServerRoot
  -f file            : specify an alternate ServerConfigFile
  -C "directive"     : process directive before reading config files
  -c "directive"     : process directive after reading config files
  -e level           : show startup errors of level (see LogLevel)
  -E file            : log startup errors to file
  -v                 : show version number
  -V                 : show compile settings
  -h                 : list available command line options (this page)
  -l                 : list compiled in modules
  -L                 : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed settings (currently only vhost settings)
  -S                 : a synonym for -t -D DUMP_VHOSTS
  -t -D DUMP_MODULES : show all loaded modules 
  -M                 : a synonym for -t -D DUMP_MODULES
  -t                 : run syntax check for config files
  -T                 : start without DocumentRoot(s) check

检查编译模块

[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -l|egrep "deflate|expires|headers|so|worker|rewrite"
  mod_deflate.c
  mod_expires.c
  mod_headers.c
  worker.c
  mod_rewrite.c
  mod_so.c
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -M

httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Loaded Modules:
 core_module (static)
 authn_file_module (static)
 authn_dbm_module (static)
 authn_anon_module (static)
 authn_dbd_module (static)
 authn_default_module (static)
 authz_host_module (static)
 authz_groupfile_module (static)
 authz_user_module (static)
 authz_dbm_module (static)
 authz_owner_module (static)
 authz_default_module (static)
 auth_basic_module (static)
 auth_digest_module (static)
 dbd_module (static)
 dumpio_module (static)
 reqtimeout_module (static)
 ext_filter_module (static)
 include_module (static)
 filter_module (static)
 substitute_module (static)
 deflate_module (static)
 log_config_module (static)
 logio_module (static)
 env_module (static)
 expires_module (static)
 headers_module (static)
 ident_module (static)
 setenvif_module (static)
 version_module (static)
 mpm_worker_module (static)
 http_module (static)
 mime_module (static)
 dav_module (static)
 status_module (static)
 autoindex_module (static)
 asis_module (static)
 info_module (static)
 cgid_module (static)
 dav_fs_module (static)
 vhost_alias_module (static)
 negotiation_module (static)
 dir_module (static)
 imagemap_module (static)
 actions_module (static)
 speling_module (static)
 userdir_module (static)
 alias_module (static)
 rewrite_module (static)
 so_module (static)
Syntax OK

可以看到所有的模块,是静态的还是动态的
如果缺少模块可以通过bin下apxs -i -a -c 添加,例如mod_foo.c,可以使用命令apxs -i -a -c mod_foo.c,然后apachectl restart即可

http根目录

[root@why-2 httpd-2.2.31]# cd /usr/local/apache/conf
[root@why-2 conf]# grep -i documentroot httpd.conf 
# DocumentRoot: The directory out of which you will serve your
DocumentRoot "/usr/local/apache-2.2.31/htdocs"
# This should be changed to whatever you set DocumentRoot to.
    # access content that does not live under the DocumentRoot.

这个documentroot是http服务的根目录,其实看提示是在htdocs中的

[root@why-2 conf]# cd ../htdocs
[root@why-2 htdocs]# cat index.html 
<html><body><h1>It works!</h1></body></html>

这就是我们查看浏览器的时候看到的文件,如果要部署网站,把网站文件拷到这个目录下即可。

顺便说一下yum安装

yum安装也会有httpd和apachectl命等命令但是安装的模块少, 一些目录也是分散到各个目录。

yum安装http的模块

[root@why-1 ~]# apachectl -l
Compiled in modules:
  core.c
  prefork.c
  http_core.c
  mod_so.c
[root@why-2 apache]# cd bin/
ab          #性能测试工具,类似的有jmeter,loadrunner和webbench
apachectl       #apache启动命令
apxs            #编译安装扩展模块,编译php软件可能会用到
htcacheclean    #清理磁盘缓冲区
htpasswd        #建立或者更新基本认证文件,如配置nagion监控
httpd       #apache服务控制命令,apachectl也是调用测此命令
rotatelogs  #日志轮询命令,不过生产环境下会用cronolog命令替代
[root@why-2 bin]# cd ../conf/
httpd.conf  #主配置文件
extra       #辅助配置文件 
[root@why-2 conf]# cd ../logs/
access_log  #默认访问日志,记录用户访问网站的信息
cgisock.1635
error_log       #错误日志,http启动故障等都在这个文件下
httpd.pid       #进程文件

主页文件问题

[root@why-2 htdocs]# mv index.html index2.html 我们再次访问120.27.115.123看到的是主页目录结构

需要修改主配置文件

[root@why-2 conf]# vi /usr/local/apache/conf/httpd.conf 
查找DirectoryIndex
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>
修改为DirectoryIndex index2.html index.html

检查语法

[root@why-2 conf]# ../bin/apachectl -t
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Syntax OK

平滑重启

[root@why-2 conf]# ../bin/apachectl graceful
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName

详解配置文件

详解主配置文件

注释去除,空行去除

[root@why-2 conf]# grep -Ev "#|^$" httpd.conf > httpd.conf.org
[root@why-2 conf]# cat httpd.conf.org 
ServerRoot "/usr/local/apache-2.2.31"#服务根目录
Listen 80#监听端口,这个根据安全可以修改,默认为本机所有ip地址
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User daemon#用户
Group daemon#组  编译安装一般为daemon
</IfModule>
</IfModule>
ServerAdmin you@example.com#管理员邮箱
DocumentRoot "/usr/local/apache-2.2.31/htdocs"#站点目录
<Directory />#权限控制
    Options FollowSymLinks#可以带符号链接
    AllowOverride None#禁止一些功能,例如重载
    Order deny,allow
    Deny from all       #这两条不让任何人访问根目录
</Directory>
<Directory "/usr/local/apache-2.2.31/htdocs">#新添加站点时候的目录
    Options Indexes FollowSymLinks#Indexes如果配置为这个,就会显示目录结构,不安全,可改成-Indexes,或者删掉
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
<IfModule dir_module>#主页面,如果有多个用空格隔开
    DirectoryIndex index2.html index.html
</IfModule>
<FilesMatch "^\.ht">#以.开头的html处理方式
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>
ErrorLog "logs/error_log"#错误日志配置
LogLevel warn#日志级别
<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>
<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/usr/local/apache-2.2.31/cgi-bin/"#支持cgi,现在的配置基本没有人用,可以删掉
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/usr/local/apache-2.2.31/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>
DefaultType text/plain#缺省类型
<IfModule mime_module>#压缩配置,对什么样的类型进行什么样的压缩
    TypesConfig conf/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule ssl_module>#ssl相关内容
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

扩展文件(扩展文件使用需要在主配置文件中配置才能生效)

httpd-vhosts.conf

NameVirtualHost *:80#多个域名在一台服务器上,*代表所有IP地址
<VirtualHost *:80>#辐射的域名配置
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/usr/local/apache-2.2.31/docs/dummy-host.example.com"
    ServerName dummy-host.example.com
    ServerAlias www.dummy-host.example.com
    ErrorLog "logs/dummy-host.example.com-error_log"
    CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>

httpd-mpm.conf

<IfModule !mpm_netware_module>#pid文件
    PidFile "logs/httpd.pid"
</IfModule>
<IfModule !mpm_winnt_module>#锁文件
<IfModule !mpm_netware_module>
LockFile "logs/accept.lock"
</IfModule>
</IfModule>
<IfModule mpm_prefork_module>#prefork模式
    StartServers          5                     #启动服务数,一般25个
    MinSpareServers       5                     #最小空闲服务,一般与启动服务数相等
    MaxSpareServers      10                     #最大空闲服务
    MaxClients          150         #每个进程的最大请求数
    MaxRequestsPerChild   0                     #每个子进程可处理最大请求数,如果超过这个数量就会自动销毁并重启
</IfModule>
<IfModule mpm_worker_module>#work模式
    StartServers          2
    MaxClients          150
    MinSpareThreads      25
    MaxSpareThreads      75
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>

httpd-default.conf

Timeout 300#超时时间,单位为s
KeepAlive On#连接保持
MaxKeepAliveRequests 100#最大接受多少永久连接
KeepAliveTimeout 5#同一个连接等待下一个请求的时间
AccessFileName .htaccess#伪静态语法写在这个下面,要在主配置中 AllowOverride None改为all才生效。
ServerTokens Full#
ServerSignature On#以上两项可以隐藏版本

编译过程隐藏版本号

一般攻击都是特定的服务器特定的版本号

一种方法我们可以通过修改源码隐藏版本号

修改源码中的include/ap_release.h

#define AP_SERVER_BASEVENDOR "Apache Software Foundation"
#define AP_SERVER_BASEPROJECT "Apache HTTP Server"
#define AP_SERVER_BASEPRODUCT "Apache"

#define AP_SERVER_MAJORVERSION_NUMBER 2
#define AP_SERVER_MINORVERSION_NUMBER 2
#define AP_SERVER_PATCHLEVEL_NUMBER   31
#define AP_SERVER_DEVBUILD_BOOLEAN    0

可以修改为
define AP_SERVER_BASEVENDOR "Apache Software Foundation"
define AP_SERVER_BASEPROJECT "Apache HTTP Server"
define AP_SERVER_BASEPRODUCT "IIS"

define AP_SERVER_MAJORVERSION_NUMBER 7
define AP_SERVER_MINORVERSION_NUMBER 0
define AP_SERVER_PATCHLEVEL_NUMBER   0
define AP_SERVER_DEVBUILD_BOOLEAN    0

修改源码中的httpd-2.2.31/os/unix/os.h

#define PLATFORM "Unix"
改为
#define PLATFORM "Win32"

另一种方法是

  1. 在主配置文件中取消Include conf/extra/httpd-default.conf注释
  2. httpd-default.conf中 ServerSignature On改为off ServerTokens Full改为Prod

防止根目录暴露

根据主配置文件 如果改为-Indexes,把index2.html修改名字,重启apache服务会报403

apache日志

主配置文件中apache日志记录方式

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

combined比较详细,而common就少一些

这个在配置中每个日志文件后配置 ,例如vhost中的:

<VirtualHost *:80>#辐射的域名配置
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/usr/local/apache-2.2.31/docs/dummy-host.example.com"
    ServerName dummy-host.example.com
    ServerAlias www.dummy-host.example.com
    ErrorLog "logs/dummy-host.example.com-error_log"
    CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>

这个common就是配置项

日志轮询

cronolog

只需要./configure,make,make install 安装完成后会在 /usr/local/sbin/下生成cronolog和cronosplit

修改

[root@why-2 conf]# vi extra/httpd-vhosts.conf
<VirtualHost *:80>
    ServerAdmin 93216193@qq.com
    DocumentRoot "/var/html/www"
    ServerName www.why.cn
    ServerAlias why.com
    ErrorLog "logs/www.why.com-error_log"
    CustomLog "|/usr/local/sbin/cronolog  /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined
</VirtualHost>
[root@why-2 conf]# mkdir -p /var/log/www.why.cn

重启apache 后反复进入www.why.cn页面生成日志

[root@why-2 www.why.cn]# cd /var/log/www.why.cn
[root@why-2 www.why.cn]# cat www.why.cn_20161102.log 
192.168.0.105 - - [02/Nov/2016:14:47:13 +0800] "GET / HTTP/1.1" 200 19 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105 - - [02/Nov/2016:14:47:14 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105 - - [02/Nov/2016:14:47:15 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105   来访ip
[02/Nov/2016:14:47:15 +0800]  来访时间
GET / HTTP/1.1  来访内容
304  状态码

轮询可以按照小时,天,或者周,例如%w,这样日志只保留7天

rotatelog也是一样的配置方式,不过它可能会丢失日志

CustomLog "|/usr/local/apache/bin/rotatelogs  /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined

可以同时配置两个日志轮询方式

还有一种方式就是通过crontab 0点切割

mv /var/log/www.why.cn/www.why.cn.log /var/log/www.why.cn/www.why.cn.$(date +%F).log

日志中不记录图片等文件的方法

主配置文件中配置

<FilesMatch "\.(css|js|gif|ico|swf)">
    SetEnv IMAG 1
</FilesMatch>

vhosts中配置

CustomLog "|/usr/local/sbin/cronolog  /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined env=!IMAG

日志查询的一些方法

[root@why-2 ~]# awk '{print $1}' /var/log/www.why.cn/www.why.cn_20161102.log |sort|uniq -c |sort -k1|head -10
      4 192.168.0.105
      8 192.168.0.192

或者

[root@why-2 ~]# awk '{++S[$1]} END {for (key in S) print S[key],key}' /var/log/www.why.cn/www.why.cn_20161102.log |sort -rn -k1|head -10
8 192.168.0.192
4 192.168.0.105

apache常用模式

  • perfork
  • worker 查看模式
[root@why-2 ~]# /usr/local/apache/bin/apachectl -l |sed -n '/worker\|prefork/p'
  worker.c

查看模块

[root@why-2 ~]# /usr/local/apache/bin/apachectl -V
Server version: Apache/2.2.31 (Unix)
Server built:   Nov  2 2016 12:17:42
Server's Module Magic Number: 20051115:40
Server loaded:  APR 1.5.2, APR-Util 1.5.4
Compiled using: APR 1.5.2, APR-Util 1.5.4
Architecture:   64-bit
Server MPM:     Worker
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/usr/local/apache-2.2.31"
 -D SUEXEC_BIN="/usr/local/apache-2.2.31/bin/suexec"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

查看编译参数

[root@why-2 ~]# cat ~/httpd-2.2.31/config.nice 
#! /bin/sh
#
# Created by configure

"./configure" \
"--prefix=/usr/local/apache-2.2.31" \
"--enable-deflate" \
"--enable-expires" \
"--enable-headers" \
"--enable-modules=most" \
"--enable-so" \
"--with-mpm=worker" \
"--enable-rewrite" \
"$@"

Prefork模式

[root@why-2 ~]# sed -n '30,43p' /usr/local/apache/conf/extra/httpd-mpm.conf
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves

<IfModule mpm_prefork_module>#prefork模式
    StartServers          5                     #启动服务进程数,一般10个
    MinSpareServers       5                     #最小空闲服务进程,一般与启动服务进程数相等
    MaxSpareServers      10                     #最大空闲服务进程,参考值15~20
    MaxClients          150         #每个进程的最大请求数,参考1000
    MaxRequestsPerChild   0                     #每个子进程可处理请求数,如果超过这个数量就会自动销毁并重启,参考5000
</IfModule>

查看启动的进程数,即并发连接数 [root@why-2 ~]# ps -ef|grep http|wc -l

[root@why-2 ~]# sed -n '44,58p' /usr/local/apache/conf/extra/httpd-mpm.conf 
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
    StartServers          2                   #启动服务进程数
    MaxClients          150                   #每个进程处理的最大请求数
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadsPerChild      25                   #每个进程有多少个线程
    MaxRequestsPerChild   0                   #一个进程的处理的最大请求数
    ServerLimit       20000                   #如果配置了这个参数,就要满足MaxClients<=StartServers*ThreadsPerChild并且MaxClients%ThreadsPerChild=0,否则apache会根据配置调整到一个相应的值,而并非期望值。
</IfModule>

线程数可以通过

[root@why-2 ~]# pstree -a | grep http |wc -l

查看