<服务>Apache服务
目录:
Apache服务器安装方式
- 编译安装,可以根据自己想要的参数进行编译安装
- rpm或yum安装,简单方便,不够灵活
- 还有一种就是编译完后打出rpm包放到yum仓库,不过需要把编译完成的包制作成rpm包
Apache和Nginx
Apache稳定性和安全性更好,nginx并发性高,但Nginx在1M一下的小文件上有着很高的效率,但是超过1M的情况下,还是Apache性能强一些。
图片来源:https://w3techs.com/technologies/overview/web_server/all
时间:16年11月12日
Apache特点
功能强大,配置简单,速度快,应用广泛,性能稳定可靠,并可以做代理和负载均衡
Apache应用场合
- 运行静态网页,图片
- 结合PHP引擎运行PHP和Perl,Python,LAMP则成为经典组合
- 结合Tomcat/Resin运行jsp,java程序
- 做代理,负载均衡,rewrite规则过滤
Apachea安装
yum 安装
CentOS6.5光盘镜像中自带http [root@why-2 ~]# yum install -y httpd
编译安装
需要制定参数
--prefix=/usr/local/apache-2.2.31 #指定编译完成的目录
--enable-deflate #消耗CPU,整体上提高传输速率,一般只压缩文本
--enable-expires #浏览器缓存
--enable-headers #头文件
--enable-modules=most #使用大多数模块
--enable-so #
--with-mpm=worker #模式,worker是一个进程,然后由线程提供服务,系统开销小,并发大一些,缺点是线程崩溃会导致整个线程,或者整个进程崩溃,另一个模式prefork由进程派生子进程提供服务,这样系统稳定性强,开销会大一些,缺点是并发数较小
--enable-rewrite #伪静态
下载源码包
[root@why-2 opt]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.2.31.tar.gz
--2016-11-12 22:34:32-- https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.2.31.tar.gz
Resolving mirrors.tuna.tsinghua.edu.cn... 166.111.206.63, 2402:f000:1:416:166:111:206:63
Connecting to mirrors.tuna.tsinghua.edu.cn|166.111.206.63|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7583841 (7.2M) [application/octet-stream]
Saving to: “httpd-2.2.31.tar.gz”
100%[=====================================================================================================================================================>] 7,583,841 18.6M/s in 0.4s
2016-11-12 22:34:34 (18.6 MB/s) - “httpd-2.2.31.tar.gz” saved [7583841/7583841]
解压
[root@why-2 opt]# tar xf httpd-2.2.31.tar.gz
编译
[root@why-2 opt]# cd httpd-2.2.31
[root@why-2 httpd-2.2.31]# ./configure --prefix=/usr/local/apache-2.2.31 --enable-deflate --enable-expires --enable-headers --enable-modules=most --enable-so --with-mpm=worker --enable-rewrite
[root@why-2 httpd-2.2.31]# echo $?
0
可能会遇到的问题,在CentOS6.5下编译, 缺少zlib包,yum安装一下zlib和zlib-devel包 还有就是缺gcc,或者缺少Development tool包,需要yum groupinstall Development tool
[root@why-2 httpd-2.2.31]# make
make[1]: Leaving directory `/opt/httpd-2.2.31'
[root@why-2 httpd-2.2.31]# echo $?
0
[root@why-2 httpd-2.2.31]# make install
mkdir /usr/local/apache-2.2.31/man
mkdir /usr/local/apache-2.2.31/man/man1
mkdir /usr/local/apache-2.2.31/man/man8
mkdir /usr/local/apache-2.2.31/manual
make[1]: Leaving directory `/opt/httpd-2.2.31'
[root@why-2 httpd-2.2.31]# echo $?
0
创建软链
[root@why-2 httpd-2.2.31]# ln -s /usr/local/apache-2.2.31/ /usr/local/apache
[root@why-2 httpd-2.2.31]# ll !$/
ll /usr/local/apache/
total 60
drwxr-xr-x 2 root root 4096 Nov 13 00:10 bin
drwxr-xr-x 2 root root 4096 Nov 13 00:10 build
drwxr-xr-x 2 root root 4096 Nov 13 00:10 cgi-bin
drwxr-xr-x 4 root root 4096 Nov 13 00:10 conf
drwxr-xr-x 3 root root 4096 Nov 13 00:10 error
drwxr-xr-x 2 root root 4096 Jul 16 2015 htdocs
drwxr-xr-x 3 root root 4096 Nov 13 00:10 icons
drwxr-xr-x 2 root root 4096 Nov 13 00:10 include
drwxr-xr-x 3 root root 4096 Nov 13 00:10 lib
drwxr-xr-x 2 root root 4096 Nov 13 00:10 logs
drwxr-xr-x 4 root root 4096 Nov 13 00:10 man
drwxr-xr-x 14 root root 12288 Jul 16 2015 manual
drwxr-xr-x 2 root root 4096 Nov 13 00:10 modules
检查语法
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -t
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Syntax OK
启动http
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl start
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
[root@why-2 httpd-2.2.31]# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
AliYunDun 897 root 11u IPv4 8977 0t0 TCP 120.27.115.123:34575->140.205.140.205:http (ESTABLISHED)
httpd 1635 root 3u IPv4 309616 0t0 TCP *:http (LISTEN)
httpd 1637 daemon 3u IPv4 309616 0t0 TCP *:http (LISTEN)
httpd 1638 daemon 3u IPv4 309616 0t0 TCP *:http (LISTEN)
httpd 1639 daemon 3u IPv4 309616 0t0 TCP *:http (LISTEN)
[root@why-2 httpd-2.2.31]# ps -ef | grep httpd
root 1635 1 0 00:28 ? 00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon 1636 1635 0 00:28 ? 00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon 1637 1635 0 00:28 ? 00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon 1638 1635 0 00:28 ? 00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
daemon 1639 1635 0 00:28 ? 00:00:00 /usr/local/apache-2.2.31/bin/httpd -k start
root 1727 9931 0 00:30 pts/4 00:00:00 grep httpd
也可以通过http -k start启动
web页面访问
出现It works!即可,表示正常
[root@why-2 httpd-2.2.31]# curl 120.27.115.123
<html><body><h1>It works!</h1></body></html>
apachectl 选项列表
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl
Usage: /usr/local/apache-2.2.31/bin/httpd [-D name] [-d directory] [-f file]
[-C "directive"] [-c "directive"]
[-k start|restart|graceful|graceful-stop|stop]
[-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S]
Options:
-D name : define a name for use in <IfDefine name> directives
-d directory : specify an alternate initial ServerRoot
-f file : specify an alternate ServerConfigFile
-C "directive" : process directive before reading config files
-c "directive" : process directive after reading config files
-e level : show startup errors of level (see LogLevel)
-E file : log startup errors to file
-v : show version number
-V : show compile settings
-h : list available command line options (this page)
-l : list compiled in modules
-L : list available configuration directives
-t -D DUMP_VHOSTS : show parsed settings (currently only vhost settings)
-S : a synonym for -t -D DUMP_VHOSTS
-t -D DUMP_MODULES : show all loaded modules
-M : a synonym for -t -D DUMP_MODULES
-t : run syntax check for config files
-T : start without DocumentRoot(s) check
检查编译模块
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -l|egrep "deflate|expires|headers|so|worker|rewrite"
mod_deflate.c
mod_expires.c
mod_headers.c
worker.c
mod_rewrite.c
mod_so.c
[root@why-2 httpd-2.2.31]# /usr/local/apache/bin/apachectl -M
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_dbm_module (static)
authn_anon_module (static)
authn_dbd_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_dbm_module (static)
authz_owner_module (static)
authz_default_module (static)
auth_basic_module (static)
auth_digest_module (static)
dbd_module (static)
dumpio_module (static)
reqtimeout_module (static)
ext_filter_module (static)
include_module (static)
filter_module (static)
substitute_module (static)
deflate_module (static)
log_config_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
ident_module (static)
setenvif_module (static)
version_module (static)
mpm_worker_module (static)
http_module (static)
mime_module (static)
dav_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
info_module (static)
cgid_module (static)
dav_fs_module (static)
vhost_alias_module (static)
negotiation_module (static)
dir_module (static)
imagemap_module (static)
actions_module (static)
speling_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
Syntax OK
可以看到所有的模块,是静态的还是动态的
如果缺少模块可以通过bin下apxs -i -a -c 添加,例如mod_foo.c,可以使用命令apxs -i -a -c mod_foo.c,然后apachectl restart即可http根目录
[root@why-2 httpd-2.2.31]# cd /usr/local/apache/conf
[root@why-2 conf]# grep -i documentroot httpd.conf
# DocumentRoot: The directory out of which you will serve your
DocumentRoot "/usr/local/apache-2.2.31/htdocs"
# This should be changed to whatever you set DocumentRoot to.
# access content that does not live under the DocumentRoot.
这个documentroot是http服务的根目录,其实看提示是在htdocs中的
[root@why-2 conf]# cd ../htdocs
[root@why-2 htdocs]# cat index.html
<html><body><h1>It works!</h1></body></html>
这就是我们查看浏览器的时候看到的文件,如果要部署网站,把网站文件拷到这个目录下即可。
顺便说一下yum安装
yum安装也会有httpd和apachectl命等命令但是安装的模块少,
一些目录也是分散到各个目录。
yum安装http的模块
[root@why-1 ~]# apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
[root@why-2 apache]# cd bin/
ab #性能测试工具,类似的有jmeter,loadrunner和webbench
apachectl #apache启动命令
apxs #编译安装扩展模块,编译php软件可能会用到
htcacheclean #清理磁盘缓冲区
htpasswd #建立或者更新基本认证文件,如配置nagion监控
httpd #apache服务控制命令,apachectl也是调用测此命令
rotatelogs #日志轮询命令,不过生产环境下会用cronolog命令替代
[root@why-2 bin]# cd ../conf/
httpd.conf #主配置文件
extra #辅助配置文件
[root@why-2 conf]# cd ../logs/
access_log #默认访问日志,记录用户访问网站的信息
cgisock.1635
error_log #错误日志,http启动故障等都在这个文件下
httpd.pid #进程文件
主页文件问题
[root@why-2 htdocs]# mv index.html index2.html 我们再次访问120.27.115.123看到的是主页目录结构
需要修改主配置文件
[root@why-2 conf]# vi /usr/local/apache/conf/httpd.conf
查找DirectoryIndex
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
修改为DirectoryIndex index2.html index.html
检查语法
[root@why-2 conf]# ../bin/apachectl -t
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
Syntax OK
平滑重启
[root@why-2 conf]# ../bin/apachectl graceful
httpd: Could not reliably determine the server's fully qualified domain name, using 10.174.201.126 for ServerName
详解配置文件
详解主配置文件
注释去除,空行去除
[root@why-2 conf]# grep -Ev "#|^$" httpd.conf > httpd.conf.org
[root@why-2 conf]# cat httpd.conf.org
ServerRoot "/usr/local/apache-2.2.31"#服务根目录
Listen 80#监听端口,这个根据安全可以修改,默认为本机所有ip地址
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User daemon#用户
Group daemon#组 编译安装一般为daemon
</IfModule>
</IfModule>
ServerAdmin you@example.com#管理员邮箱
DocumentRoot "/usr/local/apache-2.2.31/htdocs"#站点目录
<Directory />#权限控制
Options FollowSymLinks#可以带符号链接
AllowOverride None#禁止一些功能,例如重载
Order deny,allow
Deny from all #这两条不让任何人访问根目录
</Directory>
<Directory "/usr/local/apache-2.2.31/htdocs">#新添加站点时候的目录
Options Indexes FollowSymLinks#Indexes如果配置为这个,就会显示目录结构,不安全,可改成-Indexes,或者删掉
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>#主页面,如果有多个用空格隔开
DirectoryIndex index2.html index.html
</IfModule>
<FilesMatch "^\.ht">#以.开头的html处理方式
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
ErrorLog "logs/error_log"#错误日志配置
LogLevel warn#日志级别
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/apache-2.2.31/cgi-bin/"#支持cgi,现在的配置基本没有人用,可以删掉
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/usr/local/apache-2.2.31/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain#缺省类型
<IfModule mime_module>#压缩配置,对什么样的类型进行什么样的压缩
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule ssl_module>#ssl相关内容
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
扩展文件(扩展文件使用需要在主配置文件中配置才能生效)
httpd-vhosts.conf
NameVirtualHost *:80#多个域名在一台服务器上,*代表所有IP地址
<VirtualHost *:80>#辐射的域名配置
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache-2.2.31/docs/dummy-host.example.com"
ServerName dummy-host.example.com
ServerAlias www.dummy-host.example.com
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>
httpd-mpm.conf
<IfModule !mpm_netware_module>#pid文件
PidFile "logs/httpd.pid"
</IfModule>
<IfModule !mpm_winnt_module>#锁文件
<IfModule !mpm_netware_module>
LockFile "logs/accept.lock"
</IfModule>
</IfModule>
<IfModule mpm_prefork_module>#prefork模式
StartServers 5 #启动服务数,一般25个
MinSpareServers 5 #最小空闲服务,一般与启动服务数相等
MaxSpareServers 10 #最大空闲服务
MaxClients 150 #每个进程的最大请求数
MaxRequestsPerChild 0 #每个子进程可处理最大请求数,如果超过这个数量就会自动销毁并重启
</IfModule>
<IfModule mpm_worker_module>#work模式
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
httpd-default.conf
Timeout 300#超时时间,单位为s
KeepAlive On#连接保持
MaxKeepAliveRequests 100#最大接受多少永久连接
KeepAliveTimeout 5#同一个连接等待下一个请求的时间
AccessFileName .htaccess#伪静态语法写在这个下面,要在主配置中 AllowOverride None改为all才生效。
ServerTokens Full#
ServerSignature On#以上两项可以隐藏版本
编译过程隐藏版本号
一般攻击都是特定的服务器特定的版本号
一种方法我们可以通过修改源码隐藏版本号
修改源码中的include/ap_release.h
#define AP_SERVER_BASEVENDOR "Apache Software Foundation"
#define AP_SERVER_BASEPROJECT "Apache HTTP Server"
#define AP_SERVER_BASEPRODUCT "Apache"
#define AP_SERVER_MAJORVERSION_NUMBER 2
#define AP_SERVER_MINORVERSION_NUMBER 2
#define AP_SERVER_PATCHLEVEL_NUMBER 31
#define AP_SERVER_DEVBUILD_BOOLEAN 0
可以修改为
define AP_SERVER_BASEVENDOR "Apache Software Foundation"
define AP_SERVER_BASEPROJECT "Apache HTTP Server"
define AP_SERVER_BASEPRODUCT "IIS"
define AP_SERVER_MAJORVERSION_NUMBER 7
define AP_SERVER_MINORVERSION_NUMBER 0
define AP_SERVER_PATCHLEVEL_NUMBER 0
define AP_SERVER_DEVBUILD_BOOLEAN 0
修改源码中的httpd-2.2.31/os/unix/os.h
#define PLATFORM "Unix"
改为
#define PLATFORM "Win32"
另一种方法是
- 在主配置文件中取消Include conf/extra/httpd-default.conf注释
- httpd-default.conf中 ServerSignature On改为off ServerTokens Full改为Prod
防止根目录暴露
根据主配置文件 如果改为-Indexes,把index2.html修改名字,重启apache服务会报403
apache日志
主配置文件中apache日志记录方式
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
combined比较详细,而common就少一些
这个在配置中每个日志文件后配置 ,例如vhost中的:
<VirtualHost *:80>#辐射的域名配置
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache-2.2.31/docs/dummy-host.example.com"
ServerName dummy-host.example.com
ServerAlias www.dummy-host.example.com
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>
这个common就是配置项
日志轮询
cronolog
只需要./configure,make,make install 安装完成后会在 /usr/local/sbin/下生成cronolog和cronosplit
修改
[root@why-2 conf]# vi extra/httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin 93216193@qq.com
DocumentRoot "/var/html/www"
ServerName www.why.cn
ServerAlias why.com
ErrorLog "logs/www.why.com-error_log"
CustomLog "|/usr/local/sbin/cronolog /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined
</VirtualHost>
[root@why-2 conf]# mkdir -p /var/log/www.why.cn
重启apache 后反复进入www.why.cn页面生成日志
[root@why-2 www.why.cn]# cd /var/log/www.why.cn
[root@why-2 www.why.cn]# cat www.why.cn_20161102.log
192.168.0.105 - - [02/Nov/2016:14:47:13 +0800] "GET / HTTP/1.1" 200 19 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105 - - [02/Nov/2016:14:47:14 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105 - - [02/Nov/2016:14:47:15 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.0.105 来访ip
[02/Nov/2016:14:47:15 +0800] 来访时间
GET / HTTP/1.1 来访内容
304 状态码
轮询可以按照小时,天,或者周,例如%w,这样日志只保留7天
rotatelog也是一样的配置方式,不过它可能会丢失日志
CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined
可以同时配置两个日志轮询方式
还有一种方式就是通过crontab 0点切割
mv /var/log/www.why.cn/www.why.cn.log /var/log/www.why.cn/www.why.cn.$(date +%F).log
日志中不记录图片等文件的方法
主配置文件中配置
<FilesMatch "\.(css|js|gif|ico|swf)">
SetEnv IMAG 1
</FilesMatch>
vhosts中配置
CustomLog "|/usr/local/sbin/cronolog /var/log/www.why.cn/www.why.cn_%Y%m%d.log" combined env=!IMAG
日志查询的一些方法
[root@why-2 ~]# awk '{print $1}' /var/log/www.why.cn/www.why.cn_20161102.log |sort|uniq -c |sort -k1|head -10
4 192.168.0.105
8 192.168.0.192
或者
[root@why-2 ~]# awk '{++S[$1]} END {for (key in S) print S[key],key}' /var/log/www.why.cn/www.why.cn_20161102.log |sort -rn -k1|head -10
8 192.168.0.192
4 192.168.0.105
apache常用模式
- perfork
- worker 查看模式
[root@why-2 ~]# /usr/local/apache/bin/apachectl -l |sed -n '/worker\|prefork/p'
worker.c
查看模块
[root@why-2 ~]# /usr/local/apache/bin/apachectl -V
Server version: Apache/2.2.31 (Unix)
Server built: Nov 2 2016 12:17:42
Server's Module Magic Number: 20051115:40
Server loaded: APR 1.5.2, APR-Util 1.5.4
Compiled using: APR 1.5.2, APR-Util 1.5.4
Architecture: 64-bit
Server MPM: Worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/worker"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/usr/local/apache-2.2.31"
-D SUEXEC_BIN="/usr/local/apache-2.2.31/bin/suexec"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
查看编译参数
[root@why-2 ~]# cat ~/httpd-2.2.31/config.nice
#! /bin/sh
#
# Created by configure
"./configure" \
"--prefix=/usr/local/apache-2.2.31" \
"--enable-deflate" \
"--enable-expires" \
"--enable-headers" \
"--enable-modules=most" \
"--enable-so" \
"--with-mpm=worker" \
"--enable-rewrite" \
"$@"
Prefork模式
[root@why-2 ~]# sed -n '30,43p' /usr/local/apache/conf/extra/httpd-mpm.conf
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>#prefork模式
StartServers 5 #启动服务进程数,一般10个
MinSpareServers 5 #最小空闲服务进程,一般与启动服务进程数相等
MaxSpareServers 10 #最大空闲服务进程,参考值15~20
MaxClients 150 #每个进程的最大请求数,参考1000
MaxRequestsPerChild 0 #每个子进程可处理请求数,如果超过这个数量就会自动销毁并重启,参考5000
</IfModule>
查看启动的进程数,即并发连接数
[root@why-2 ~]# ps -ef|grep http|wc -l
[root@why-2 ~]# sed -n '44,58p' /usr/local/apache/conf/extra/httpd-mpm.conf
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2 #启动服务进程数
MaxClients 150 #每个进程处理的最大请求数
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25 #每个进程有多少个线程
MaxRequestsPerChild 0 #一个进程的处理的最大请求数
ServerLimit 20000 #如果配置了这个参数,就要满足MaxClients<=StartServers*ThreadsPerChild并且MaxClients%ThreadsPerChild=0,否则apache会根据配置调整到一个相应的值,而并非期望值。
</IfModule>
线程数可以通过
[root@why-2 ~]# pstree -a | grep http |wc -l
查看
