Tengine 2.2.2 移植指南
介紹
簡要介紹
Tengine是由淘寶網發起的Web伺服器項目。它在Nginx的基礎上,針對大通路量網站的需求,添加了很多進階功能和特性。它的目的是打造一個高效、安全的Web平台。
開發語言:C
一句話描述:輕量級Web伺服器
建議的版本
建議使用版本為“Tengine 2.2.2”。
說明:
本文檔适用于Tengine 2.2.2,其他版本的Tengine移植步驟也可參考本文檔。
環境要求
硬體要求
| 項目 | 說明 |
|---|---|
| 伺服器 | TaiShan 200伺服器(型号2280) |
| CPU | 鲲鵬920 5250處理器 |
| 磁盤分區 | 對磁盤分區無要求 |
作業系統要求
| 項目 | 版本 |
|---|---|
| openEuler | openEuler 20.03 LTS SP1 aarch64 |
| Kernel | 4.19.90-2003.4.0.0036.oe1.aarch64 |
安裝作業系統
請參考:20.03 LTS SP1 安裝指南
檢查目前系統版本資訊
[root@localhost ~]# cat /etc/os-release
NAME="openEuler"
VERSION="20.03 (LTS-SP1)"
ID="openEuler"
VERSION_ID="20.03"
PRETTY_NAME="openEuler 20.03 (LTS-SP1)"
ANSI_COLOR="0;31"
說明:
如果是全新安裝作業系統,安裝方式建議不要使用最小化安裝,否則很多軟體包需要手動安裝,可選擇“Server with GUI”安裝方式。
安裝Tengine
配置dns解析檔案
[root@localhost ~]# echo "nameserver 114.114.114.114" >> /etc/resolv.conf
安裝依賴包
[root@localhost ~]# yum install gcc gcc-c++ make libtool zlib zlib-devel pcre pcre-devel perl-devel perl-ExtUtils-Embed wget vim -y
鏡像站RPM方式安裝tengine
說明:
鏡像站中的RPM包都是通過開源代碼編譯打包而成,然後将其上傳到鏡像站。
擷取Tengine 2.2.2的RPM包。
[root@localhost ~]# cd /home
[root@localhost home]# wget https://mirrors.huaweicloud.com/kunpeng/yum/el/7/aarch64/Packages/web/tengine-2.2.2-1.el7_4.ngx.aarch64.rpm
相容性評估
下載下傳x2openEuler工具
下載下傳指引:https://www.openeuler.org/zh/other/migration/
部署工具
rpm -ivh x2openEuler-2.0.0-1.x86_64.rpm
注意:安裝rpm時需要使用root使用者,且目前需要網絡(用于下載下傳安裝依賴)
注意:根據提示安裝依賴包如bzip2-devel等
su x2openEuler
x2openEuler redis-db -init
依次錄入redis資料庫的ip:127.0.0.1
端口:6379
資料庫索引号(0-16):0
密碼(工具會對密碼加密處理):如果redis密碼沒有設定或者為空時,直接回車即可
x2openEuler init source_centos7.6-openEuler20.03-LTS-SP1.tar.gz
備注:x2openEuler使用rpm安裝完成後會在/opt/x2openEuler目錄下帶有source_centos7.6-openEuler20.03-LTS-SP1.tar.gz這個預設資源包
需要支援centos8.2到openEuler20.03-LTS-SP1的評估,則需擷取對應的靜态資源包導入,如對應的資源包為source_centos8.2-openEuler20.03-LTS-SP1.tar.gz,導入此包指令:
,請示情況選擇對應的資源包x2openEuler init source_centos8.2-openEuler20.03-LTS-SP1.tar.gz
掃描軟體
x2openEuler scan tengine-2.2.2-1.el7_4.ngx.aarch64.rpm
注意要分析的移植檔案需要有能夠讓x2openEuler使用者可以讀取的權限
掃描完成後會在/opt/x2openEuler/output目錄生成html格式的報告
檢視評估結果
軟體相容性評估報告分三塊内容展示軟體相容性,分别是依賴包相容性、C/C++接口相容性、java接口相容性,依賴包相容性反映了軟體包安裝過程中的直接依賴,非100%表明無法正确安裝;接口相容性反映的是單個軟體運作過程中對其他軟體包、動态庫或系統接口的調用變化,非100%表明在某個功能調用時可能會觸發異常,未調用到時可能表現正常;部分結果建議人工複核,最終軟體包使用建優先級建議 openEuler已移植包>openEuler上人工重編譯包>centos軟體包。
安裝Tengine
[root@localhost home]# rpm -ivh tengine-2.2.2-1.el7_4.ngx.aarch64.rpm
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:tengine-1:2.2.2-1.el7_4.ngx ################################# [100%]
檢視安裝目錄。
[root@localhost home]# cd /usr/local/tengine-nginx/
[root@localhost tengine-nginx]# ls
conf html include logs modules sbin
運作和驗證
配置HTTPS功能
生成證書
[root@localhost tengine-nginx]# openssl genrsa -des3 -out server_2048.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
...................................+++++
..................+++++
e is 65537 (0x010001)
Enter pass phrase for server_2048.key:
Verifying - Enter pass phrase for server_2048.key:
[root@localhost tengine-nginx]# openssl rsa -in server_2048.key -out server_2048.key
Enter pass phrase for server_2048.key:
writing RSA key
[root@localhost tengine-nginx]# openssl req -new -key server_2048.key -out server_2048.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@localhost tengine-nginx]# openssl rsa -in server_2048.key -out server_2048.key
writing RSA key
[root@localhost tengine-nginx]# openssl x509 -req -days 365 -in server_2048.csr -signkey server_2048.key -out server_2048.crt
Signature ok
subject=C = CN, ST = Some-State, O = Internet Widgits Pty Ltd
Getting Private key
[root@localhost tengine-nginx]# ls
conf html include logs modules sbin server_2048.crt server_2048.csr server_2048.key
配置Tengine
vim /usr/local/tengine-nginx/conf/nginx.conf
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# <== 修改這裡: 證書位置 ==>
# ssl_certificate /usr/local/tengine-nginx/server_2048.crt;
# ssl_certificate_key /usr/local/tengine-nginx/server_2048.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
運作Tengine
[root@localhost tengine-nginx]# /usr/local/tengine-nginx/sbin/nginx -c /usr/local/tengine-nginx/conf/nginx.conf
[root@localhost tengine-nginx]# ps -ef | grep nginx
root 5710 1 0 17:25 ? 00:00:00 nginx: master process /usr/local/tengine-nginx/sbin/nginx -c /usr/local/tengine-nginx/conf/nginx.conf
nobody 5711 5710 0 17:25 ? 00:00:00 nginx: worker process
root 5713 1407 0 17:25 pts/0 00:00:00 grep --color=auto nginx
- 報
http upstream check_shm_size is too small
[root@localhost tengine-nginx]# /usr/local/tengine-nginx/sbin/nginx -c /usr/local/tengine-nginx/conf/nginx.conf
nginx: [crit] ngx_slab_alloc() failed: no memory
nginx: [emerg] http upstream check_shm_size is too small, you should specify a larger size.
[root@localhost tengine-nginx]#
[root@localhost tengine-nginx]# sed -i "/http {/a\check_shm_size 50m;" /usr/local/tengine-nginx/conf/nginx.conf
[root@localhost tengine-nginx]# /usr/local/tengine-nginx/sbin/nginx -c /usr/local/tengine-nginx/conf/nginx.conf
[root@localhost tengine-nginx]# ps -ef | grep nginx
root 5710 1 0 17:25 ? 00:00:00 nginx: master process /usr/local/tengine-nginx/sbin/nginx -c /usr/local/tengine-nginx/conf/nginx.conf
nobody 5711 5710 0 17:25 ? 00:00:00 nginx: worker process
root 5713 1407 0 17:25 pts/0 00:00:00 grep --color=auto nginx
![linux-svn解除安裝與安裝[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)