Help Center> Elastic Cloud Server> Best Practices> Manually Deploying LNMP (CentOS 7.2, PHP 7.0)
Updated on 2023-11-13 GMT+08:00

Manually Deploying LNMP (CentOS 7.2, PHP 7.0)

Overview

The best practices for Huawei Cloud ECS guide you through the deployment of LNMP on a Linux ECS. The CentOS 7.2 64bit OS is used as an example in this section.

Prerequisites

  1. The ECS has an EIP bound.
  2. The rule listed in the following table has been added to the security group to which the target ECS belongs. For details, see Adding a Security Group Rule.
    Table 1 Security group rule

    Transfer Direction

    Protocol/Application

    Port/Range

    Source End

    Inbound

    HTTP (80)

    80

    0.0.0.0/0

  3. To obtain and update the system and software, update the image source to a Huawei Cloud image source. For details, see How Can I Use an Automated Tool to Configure a Huawei Cloud Image Source (x86_64 and Arm)?

Resource Planning

Table 2 lists the resource configuration and software versions used in this practice. The commands and parameters may vary according to the hardware specifications or software versions you would use.

Table 2 Resources and costs

Resource

Description

Cost

ECS

  • Billing mode: pay-per-use
  • AZ: AZ1
  • Flavor: s6.large.2
  • Image: CentOS 7.2 64bit
  • System disk: 40 GB
  • EIP: Auto assign
  • EIP type: Dynamic BGP
  • Billed by: Traffic
  • Bandwidth: 5 Mbit/s

The following resources generate costs:

  • ECSs
  • EVS disks
  • EIPs

For billing details, see Billing.

Nginx

A high-performance HTTP and reverse proxy server.

Download URL:

http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

Free

MySQL

An open-source relational database software.

Download URL:

http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm

Free

PHP

An open-source software used for web development.

Download URL:

https://mirror.webtatic.com/yum/el7/epel-release.rpm

https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Free

Procedure

  1. Install Nginx.

    1. Log in to the ECS.
    2. Run the following command to download the Nginx package:

      wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

    3. Run the following command to create the Nginx yum repository:

      rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm

    4. Run the following command to install Nginx:

      yum -y install nginx

    5. Run the following commands to start Nginx and configure automatic Nginx enabling upon ECS startup:

      systemctl start nginx

      systemctl enable nginx

    6. Check the startup status.

      systemctl status nginx.service

    7. Enter http://IP address of the Nginx server in the address bar to visit Nginx. If the following page is displayed, Nginx has been installed.
      Figure 1 Accessing Nginx

  2. Install MySQL.

    1. Run the following commands to install MySQL:

      wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm

      yum -y install mysql57-community-release-el7-10.noarch.rpm

      yum -y install mysql-community-server --nogpgcheck

    2. Run the following commands to start MySQL and configure automatic MySQL enabling upon ECS startup:

      systemctl start mysqld

      systemctl enable mysqld

    3. Run the following command to query the running status of MySQL:

      systemctl status mysqld.service

      [root@ecs-adc3 ~]# systemctl status mysqld.service
      ● mysqld.service - MySQL Server
         Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
         Active: active (running) since Mon 2021-08-16 19:33:40 CST; 36s ago
           Docs: man:mysqld(8)
                 http://dev.mysql.com/doc/refman/en/using-systemd.html
       Main PID: 7916 (mysqld)
         CGroup: /system.slice/mysqld.service
                 └─7916 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
      
      Aug 16 19:33:35 ecs-adc3 systemd[1]: Starting MySQL Server...
      Aug 16 19:33:40 ecs-adc3 systemd[1]: Started MySQL Server.
    4. Run the following command to obtain the password of user root that is automatically set during MySQL installation:

      grep 'temporary password' /var/log/mysqld.log

      Information similar to the following is displayed:
      2018-08-29T07:27:37.541944Z 1 [Note] A temporary password is generated for root@localhost: 2YY?3uHUA?Ys
    5. Run the following command and perform operations as prompted to harden MySQL:

      mysql_secure_installation

      Securing the MySQL server deployment.
      
      Enter password for user root:    #Enter the obtained password of user root.
      The existing password for the user account root has expired. Please set a new password.
      
      New password:  #Enter the new password.
      
      Re-enter new password:   #Enter the new password again.
      The 'validate_password' plugin is installed on the server.
      The subsequent steps will run with the existing configuration of the plugin.
      Using existing password for root.
      
      Estimated strength of the password: 100
      Change the password for root ? ((Press y|Y for Yes, any other key for No) : N   #Asks you whether to change the password of user root. Press n.
      
       ... skipping.
      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      
      Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y   #Asks you whether to remove anonymous users. Press y.
      Success.
      
      Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network.
      
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y   #Asks you whether to forbid remote login of user root. Press y.
      Success.
      
      By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.
      
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y   #Asks you whether to delete the test database and cancel access permissions to it. Press y.
       - Dropping test database...
      Success.
      
       - Removing privileges on test database...
      Success.
      
      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y   #Asks you whether to reload privilege tables. Press y.
      Success.
      
      All done!

  3. Install PHP.

    1. Run the following commands to install PHP 7 and required PHP extensions:

      rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm

      rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

      yum -y install php70w-tidy php70w-common php70w-devel php70w-pdo php70w-mysql php70w-gd php70w-ldap php70w-mbstring php70w-mcrypt php70w-fpm

    2. Run the following command to check the PHP installation:

      php -v

      If information similar to the following is displayed, PHP has been installed:

      PHP 7.0.31 (cli) (built: Jul 20 2018 08:55:22) ( NTS )
      Copyright (c) 1997-2017 The PHP Group
      Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    3. Start PHP and configure PHP automatic start upon ECS startup:

      systemctl start php-fpm

      systemctl enable php-fpm

    4. Modify the Nginx configuration file to support PHP.
      1. Run the following command to open the /etc/nginx/nginx.conf file:
        vim /etc/nginx/nginx.conf
        Figure 2 nginx.conf

        According to the nginx.conf, the configuration file is directed to /etc/nginx/conf.d/*.conf.

      2. Enter :quit to exit nginx.conf.
      3. Run the following command to open the /etc/nginx/conf.d/default.conf file:

        vim /etc/nginx/conf.d/default.conf

      4. Press i to enter insert mode.
      5. Modify the default.conf file.
        Find the server paragraph and configure it as follows:
            server {
                listen       80;
                server_name  localhost;
        
                #access_log /var/log/nginx/host.access.log  main;
        
            location / {
                root   /usr/share/nginx/html;
                index  index.php index.html index.htm;    }
        
            location ~ \.php$ {
                root           html;
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
                include        fastcgi_params;
            }
          }

        Figure 3 shows the configuration after modification.

        Figure 3 Configuration after modification
      6. Press Esc to exit insert mode. Then, enter :wq to save the settings and exit.
    5. Run the following command to reload the Nginx configuration file:

      service nginx reload

  4. Test the LNMP deployment.

    1. Create the info.php test page in /usr/share/nginx/html/.
      1. Run the following command to create and open the info.php test file:

        vim /usr/share/nginx/html/info.php

      2. Press i to enter insert mode.
      3. Modify the info.php file and add the following data to the file:
        <?php
         phpinfo();
        ?>
      4. Press Esc to exit insert mode. Then, enter :wq to save the settings and exit.
    2. Enter http://Server IP address/info.php in the address bar. If the following page is displayed, the LNMP environment has been deployment.