タイプA-SSD・CentOS 7 64bit でインスタンス作成。
# yum -y groupinstall base # yum -y groupinstall development # cd /usr/local/src/ # wget http://ftp.meisei-u.ac.jp/mirror/apache/dist//apr/apr-1.5.2.tar.bz2 # tar xvf apr-1.5.2.tar.bz2 # cd apr-1.5.2/ # ./configure # make # make install # cd .. # wget http://ftp.meisei-u.ac.jp/mirror/apache/dist//apr/apr-util-1.5.4.tar.bz2 # tar xvf apr-util-1.5.4.tar.bz2 # cd apr-util-1.5.4/ # ./configure --with-apr=/usr/local/apr # make # make install # cd .. # wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.bz2 # tar xvf pcre-8.40.tar.bz2 # cd pcre-8.40 # ./configure --enable-pcre16 --enable-pcre32 --enable-utf --enable-pcregrep-libz --enable-pcregrep-libbz2
** Cannot --enable-pcregrep-libz because zlib.h was not found
と言われた。
# yum install zlib-devel # ./configure --enable-pcre16 --enable-pcre32 --enable-utf --enable-pcregrep-libz --enable-pcregrep-libbz2
今度は、
** Cannot --enable-pcregrep-libbz2 because bzlib.h was not found
と言われる。
# yum install bzip2-devel
# ./configure --enable-pcre16 --enable-pcre32 --enable-utf --enable-pcregrep-libz --enable-pcregrep-libbz2
pcre-8.40 configuration summary:
Install prefix .................. : /usr/local
C preprocessor .................. : gcc -E
C compiler ...................... : gcc
C++ preprocessor ................ : g++ -E
C++ compiler .................... : g++
Linker .......................... : /usr/bin/ld -m elf_x86_64
C preprocessor flags ............ :
C compiler flags ................ : -g -O2 -fvisibility=hidden
C++ compiler flags .............. : -O2 -fvisibility=hidden -fvisibility-inlines-hidden
Linker flags .................... :
Extra libraries ................. :
Build 8 bit pcre library ........ : yes
Build 16 bit pcre library ....... : yes
Build 32 bit pcre library ....... : yes
Build C++ library ............... : yes
Enable JIT compiling support .... : no
Enable UTF-8/16/32 support ...... : yes
Unicode properties .............. : no
Newline char/sequence ........... : lf
\R matches only ANYCRLF ......... : no
EBCDIC coding ................... : no
EBCDIC code for NL .............. : n/a
Rebuild char tables ............. : no
Use stack recursion ............. : yes
POSIX mem threshold ............. : 10
Internal link size .............. : 2
Nested parentheses limit ........ : 250
Match limit ..................... : 10000000
Match limit recursion ........... : MATCH_LIMIT
Build shared libs ............... : yes
Build static libs ............... : yes
Use JIT in pcregrep ............. : no
Buffer size for pcregrep ........ : 20480
Link pcregrep with libz ......... : yes
Link pcregrep with libbz2 ....... : yes
Link pcretest with libedit ...... : no
Link pcretest with libreadline .. : no
Valgrind support ................ : no
Code coverage ................... : no
通った。
# make # make install # cd .. # wget http://ftp.kddilabs.jp/infosystems/apache//httpd/httpd-2.4.25.tar.gz # tar xvf httpd-2.4.25.tar.gz # cd httpd-2.4.25 # ./configure --enable-mods-shared=all --with-apr=/usr/local/apr --enable-ssl --enable-http2 --enable-so
checking for OpenSSL version >= 0.9.8a... FAILED
configure: WARNING: OpenSSL version is too old
no
checking whether to enable mod_ssl... configure: error: mod_ssl has been requested but can not be built due to prerequisite failures
と言われる。
# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013
そんなことないので、openssl-devel をインストールする。
# yum install openssl-devel # ./configure --enable-mods-shared=all --with-apr=/usr/local/apr --enable-ssl --enable-http2 --enable-so
今度は、
checking for nghttp2... checking for user-provided nghttp2 base directory... none
checking for pkg-config along ... checking for nghttp2 version >= 1.2.1... FAILED
configure: WARNING: nghttp2 version is too old
no
checking whether to enable mod_http2... configure: error: mod_http2 has been requested but can not be built due to prerequisite failures
Nghttp2 のインストールを忘れていた。
# yum install libev-devel c-ares-devel # cd .. # wget https://github.com/nghttp2/nghttp2/releases/download/v1.22.0/nghttp2-1.22.0.tar.xz # tar xvf nghttp2-1.22.0.tar.xz # cd nghttp2-1.22.0 # ./configure
こんなWANING が出る。
configure: WARNING: Could not link test program to Python. Maybe the main Python library has been installed in some non-standard library path. If so, pass it to configure, via the LDFLAGS environment variable. Example: ./configure LDFLAGS="-L/usr/non-standard-path/python/lib" ============================================================================ ERROR! You probably have to install the development version of the Python package for your distribution. The exact name of this package varies among them. ============================================================================
気になるので、python-devel インストール。
# yum install python-devel # ./configure
WARNING 消えたので、
# make
# make install
# cd ../httpd-2.4.25
# ./configure --enable-mods-shared=all --with-apr=/usr/local/apr --enable-ssl --enable-http2 --enable-so
configure: summary of build options:
Server Version: 2.4.25
Install prefix: /usr/local/apache2
C compiler: gcc -std=gnu99
CFLAGS: -g -O2 -pthread
LDFLAGS:
LIBS:
CPPFLAGS: -DLINUX -D_REENTRANT -D_GNU_SOURCE
C preprocessor: gcc -E
ようやく通った。
# make # make install # /usr/local/apache2/bin/httpd -v Server version: Apache/2.4.25 (Unix) Server built: May 23 2017 10:12:23 # /usr/local/apache2/bin/apachectl -k start httpd (pid 10273) already running
既にうごいているらしい。
# curl 127.0.0.1 <html><body><h1>It works!</h1></body></html>
このサーバーは、デフォルトで、iptables によるアクセス制限が設定されている。
# iptables -vnL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
32 2288 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 16 packets, 2016 bytes)
pkts bytes target prot opt in out source destination
ので、80番ポートを空ける。
# iptables -A INPUT -p tcp -m state --state NEW --dport 80 -j ACCEPT
# iptables -vnL
Chain INPUT (policy DROP 1 packets, 40 bytes)
pkts bytes target prot opt in out source destination
198 14715 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
3 192 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 43 packets, 5302 bytes)
pkts bytes target prot opt in out source destination
# iptables-save > /etc/sysconfig/iptables
MPM を Prefork でコンパイルしたい
時は、
./configure --enable-mods-shared=all --with-apr=/usr/local/apr --enable-ssl --enable-http2 --enable-so --with-mpm=prefork
と、
--with-mpm=prefork
とする。
--with-mpm=MPM Choose the process model for Apache to use by
default. MPM={event|worker|prefork|winnt} This will
be statically linked as the only available MPM
unless --enable-mpms-shared is also specified.
とあり、指定しないと、event になるようだ。
PHPのコンパイル設定が合っていないと
apachectl[18341]: [Tue Oct 02 22:15:12.120518 2018] [php7:crit] [pid 18343:tid 140036045506368] Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe.
apachectl[18341]: AH00013: Pre-configuration failed
などといわれて、Apache が起動しない。