Installing Varnish, Pound, Apache, PHP-FPM, Letsencrypt Free SSL, Percona on CentOS 7

This is a basic tutorial on how to setup in the quickest manner possible a high end performance ready to be tuned server for your website.  The reason I say ready to be tuned is because this tutorial only covers the basics of installing each component in an efficient manner.  I don't really dive into the nuts and bolts.  I discuss how to configure each component in the next post.

Getting Started:

  • At the very minimum, you need root or sudo privileges, and this guide goes under the assumption you have root access (think VPS).  If you do not, add a 'sudo' before each command.
  • You need CentOS7 installed (Basic server configuration ideal)
  • You need to be comfortable using ssh / the command line

After finishing the install of the base OS (beyond the scope of this tutorial), you can proceed to install the repositories you will need to proceed with this install.

You will need the EPEL Repository, Percona Repository, and remi Repository.

yum install -y epel-release && rpm -Uvh

This will grab the EPEL Repository, install the Percona Latest Repository, and install remi.  With remi, you need to perform one extra step to enable it so we can use php 5.6 instead of the outdated 5.4 that comes with EPEL.

From the console / ssh terminal, do the following:

vi /etc/yum.repos.d/remi.repo

find the [remi] section and [remi-php56] section, and make sure both are set to enabled=1 (by default, both are off)

It should look similar to this:

[remi] name=Remi's RPM repository for Enterprise Linux 7 - $basearch #baseurl=$basearch/ #mirrorlist= mirrorlist= enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi [remi-php56] name=Remi's PHP 5.6 RPM repository for Enterprise Linux 7 - $basearch #baseurl=$basearch/ #mirrorlist= mirrorlist= # NOTICE: common dependencies are in "remi-safe" enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

Once those changes are made, let's install the Acmetool which will automate the entire SSL process for us, including getting a free SSL certificate from LetsEncrypt CA.

wget --quiet -O /etc/yum.repos.d/hlandau-acmetool-epel-7.repo ''

This will install the repo needed to get Acmetool


Installing Required Software

Now that we have all the repositories we need to get the software packages, let's start installing all the packages. The quick command is:

yum update -y && yum install -y httpd php-fpm php-cli php-mysqlnd php-pdo php-gd Percona-Server-server-57 varnish Pound acmetool

This line will install the Apache 2.4 web server if it's not already installed, php-fpm for PHP processing, php-pdo and php-mysqlnd to communicate with the database, php-gd for image processing, Percona-Server-server-57 which is the Percona high performance mysqld replacement, varnish which is the http high performance reverse proxy and cache, and of course we need Pound which is our SSL reverse proxy (so we can sent encrypted traffic / SSL / port 443 to our caching server), and acmetool lets us grab SSL certificates.

Read how to configure all the software you installed in this next post