Apache 2.4をソース(tarball)からインストールしてCentOS 7 のsystemd配下で動かす

わざわざこんな面倒くさいことをやる人が居るかはわかりませんが、備忘録としてメモしておきます。
※各ソフトウェアのバージョン番号は作業時点の最新版です。適宜読み替えてください。

systemd-develのインストール

未インストールの場合(このケースがほとんどだと思いますが)、root権限で以下のyumコマンドを実行します。

[root@localhost ~]# yum -y install systemd-devel
(-snip-)
[root@localhost ~]#

Apache(httpd)/apr/apr-utilのダウンロード

wgetコマンドやcurlコマンドを使ってインターネットからソース(tarball)をダウンロードします。

[user@localhost ~]$ wget http://www.apache.org/dist/httpd/httpd-2.4.25.tar.bz2{,.asc}
[user@localhost ~]$ wget http://www.apache.org/dist/apr/apr-1.5.2.tar.bz2{,.asc}
[user@localhost ~]$ wget http://www.apache.org/dist/apr/apr-util-1.5.4.tar.bz2{,.asc}
[user@localhost ~]$ tar -xjf httpd-2.4.25.tar.bz2
[user@localhost ~]$ tar -xjf apr-1.5.2.tar.bz2
[user@localhost ~]$ tar -xjf apr-util-1.5.4.tar.bz2
[user@localhost ~]$ cp -r ./apr-1.5.2 ./httpd-2.4.25/srclib/apr
[user@localhost ~]$ cp -r ./apr-util-1.5.4 ./httpd-2.4.25/srclib/apr-util

systemd対応パッチの作成と適用

パッチファイルを作成してpatchコマンドで適用させます。
※中身はCentOS7用httpdのSRPM内にあるパッチファイルとほぼ同じです。

[user@localhost ~]$ cd httpd-2.4.25
[user@localhost httpd-2.4.25]$ cat > mod_systemd.patch <<'_EOF_'
--- ./modules/arch/unix/config5.m4.systemd
+++ ./modules/arch/unix/config5.m4
@@ -18,6 +18,19 @@ APACHE_MODULE(privileges, Per-virtualhos
   fi
 ])

+
+APACHE_MODULE(systemd, Systemd support, , , $unixd_mods_enabled, [
+  AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon")
+  AC_CHECK_HEADERS(systemd/sd-daemon.h, [ap_HAVE_SD_DAEMON_H="yes"], [ap_HAVE_SD_DAEMON_H="no"])
+  if test $ap_HAVE_SD_DAEMON_H = "no" || test -z "${SYSTEMD_LIBS}"; then
+    AC_MSG_WARN([Your system does not support systemd.])
+    enable_systemd="no"
+  else
+    APR_ADDTO(MOD_SYSTEMD_LDADD, [$SYSTEMD_LIBS])
+    enable_systemd="yes"
+  fi
+])
+
 APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current])

 APACHE_MODPATH_FINISH
--- ./modules/arch/unix/mod_systemd.c.systemd
+++ ./modules/arch/unix/mod_systemd.c
@@ -0,0 +1,138 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <stdint.h>
+#include <ap_config.h>
+#include "ap_mpm.h"
+#include <http_core.h>
+#include <http_log.h>
+#include <apr_version.h>
+#include <apr_pools.h>
+#include <apr_strings.h>
+#include "unixd.h"
+#include "scoreboard.h"
+#include "mpm_common.h"
+
+#include "systemd/sd-daemon.h"
+
+#if APR_HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+#define KBYTE 1024
+
+static pid_t pid;      /* PID of the main httpd instance */
+static int server_limit, thread_limit, threads_per_child, max_servers;
+static time_t last_update_time;
+static unsigned long last_update_access;
+static unsigned long last_update_kbytes;
+
+static int systemd_pre_mpm(apr_pool_t *p, ap_scoreboard_e sb_type)
+{
+    int rv;
+    last_update_time = time(0);
+
+    ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit);
+    ap_mpm_query(AP_MPMQ_HARD_LIMIT_DAEMONS, &server_limit);
+    ap_mpm_query(AP_MPMQ_MAX_THREADS, &threads_per_child);
+    /* work around buggy MPMs */
+    if (threads_per_child == 0)
+        threads_per_child = 1;
+    ap_mpm_query(AP_MPMQ_MAX_DAEMONS, &max_servers);
+
+    pid = getpid();
+
+    rv = sd_notifyf(0, "READY=1\n"
+                    "STATUS=Processing requests...\n"
+                    "MAINPID=%lu",
+                    (unsigned long) pid);
+    if (rv < 0) {
+        ap_log_perror(APLOG_MARK, APLOG_ERR, 0, p,
+                     "sd_notifyf returned an error %d", rv);
+    }
+
+    return OK;
+}
+
+static int systemd_monitor(apr_pool_t *p, server_rec *s)
+{
+    int i, j, res, rv;
+    process_score *ps_record;
+    worker_score *ws_record;
+    unsigned long access = 0;
+    unsigned long bytes = 0;
+    unsigned long kbytes = 0;
+    char bps[5];
+    time_t now = time(0);
+    time_t elapsed = now - last_update_time;
+
+    for (i = 0; i < server_limit; ++i) {
+        ps_record = ap_get_scoreboard_process(i);
+        for (j = 0; j < thread_limit; ++j) {
+            ws_record = ap_get_scoreboard_worker_from_indexes(i, j);
+            if (ap_extended_status && !ps_record->quiescing && ps_record->pid) {
+                res = ws_record->status;
+                if (ws_record->access_count != 0 ||
+                    (res != SERVER_READY && res != SERVER_DEAD)) {
+                    access += ws_record->access_count;
+                    bytes += ws_record->bytes_served;
+                    if (bytes >= KBYTE) {
+                        kbytes += (bytes >> 10);
+                        bytes = bytes & 0x3ff;
+                    }
+                }
+            }
+        }
+    }
+
+    apr_strfsize((unsigned long)(KBYTE *(float) (kbytes - last_update_kbytes)
+                                 / (float) elapsed), bps);
+
+    rv = sd_notifyf(0, "READY=1\n"
+                    "STATUS=Total requests: %lu; Current requests/sec: %.3g; "
+                    "Current traffic: %sB/sec\n", access,
+                    ((float)access - last_update_access) / (float) elapsed, bps);
+    if (rv < 0) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(00000)
+                     "sd_notifyf returned an error %d", rv);
+    }
+
+    last_update_access = access;
+    last_update_kbytes = kbytes;
+    last_update_time = now;
+
+    return DECLINED;
+}
+
+static void systemd_register_hooks(apr_pool_t *p)
+{
+    /* We know the PID in this hook ... */
+    ap_hook_pre_mpm(systemd_pre_mpm, NULL, NULL, APR_HOOK_LAST);
+    /* Used to update httpd's status line using sd_notifyf */
+    ap_hook_monitor(systemd_monitor, NULL, NULL, APR_HOOK_MIDDLE);
+}
+
+module AP_MODULE_DECLARE_DATA systemd_module =
+{
+    STANDARD20_MODULE_STUFF,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    systemd_register_hooks,
+};
_EOF_
[user@localhost httpd-2.4.25]$ patch -p0 < mod_systemd.patch
patching file ./modules/arch/unix/config5.m4
patching file ./modules/arch/unix/mod_systemd.c
[user@localhost httpd-2.4.25]$

configureコマンドの作り直し

configureコマンドの素の状態は、mod_systemdモジュールを認識していないので(--enable-systemdオプションが無い)、削除して作り直します。

[user@localhost httpd-2.4.25]$ rm configure
[user@localhost httpd-2.4.25]$ ./buildconf
(-snip-)
[user@localhost httpd-2.4.25]$

configureコマンドの実行

※configureコマンドのオプションは環境に合わせて適宜変更すること。

[user@localhost httpd-2.4.25]$ ./configure \
--prefix=/opt/apache-2.4 \
--enable-pie \
--enable-modules=all \
--enable-mods-static=all \
--enable-authn-dbm \
--enable-authn-dbd \
--enable-authz-dbm \
--enable-auth-digest \
--enable-file-cache \
--enable-cache \
--enable-cache-disk \
--enable-cache-socache \
--enable-so \
--enable-deflate \
--enable-expires \
--enable-usertrack \
--enable-unique-id \
--enable-proxy \
--enable-proxy-connect \
--enable-proxy-ftp \
--enable-proxy-http \
--enable-proxy-fcgi \
--enable-proxy-fdpass \
--enable-ssl \
--enable-systemd \
--enable-mpms-shared=all \
--enable-suexec \
--enable-cgid \
--enable-negotiation \
--enable-rewrite \
--with-pcre \
--with-z \
--with-ssl \
--with-mpm=event \
--with-suexec-caller=nobody \
--with-suexec-userdir=public_html \
--with-suexec-docroot=/home \
--with-suexec-uidmin=100 \
--with-suexec-gidmin=100
(-snip-)
[user@localhost httpd-2.4.25]$

コンパイル・インストール

[user@localhost httpd-2.4.25]$ make
(-snip-)
[user@localhost httpd-2.4.25]$ su
Password: 
[root@localhost httpd-2.4.25]# make install
(-snip-)
[root@localhost httpd-2.4.25]# echo "/opt/apache-2.4/lib" > /etc/ld.so.conf.d/httpd.conf
[root@localhost httpd-2.4.25]# /sbin/ldconfig
[root@localhost httpd-2.4.25]#

httpd(apache)用systemdファイルの作成

[root@localhost httpd-2.4.25]# cat > /etc/systemd/system/httpd.service <<'EOF'
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/opt/apache-2.4/bin/httpd $OPTIONS -DFOREGROUND
ExecReload=/opt/apache-2.4/bin/httpd $OPTIONS -k graceful
ExecStop=/bin/kill -WINCH ${MAINPID}
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF
[root@localhost httpd-2.4.25]#

EnvironmentFileの作成

今までの慣例に習って以下のように書いてみましたが...

[root@localhost httpd-2.4.25]# cat > /etc/sysconfig/httpd <<'EOF'
# Currently, you can use the following options:
# OPTIONS="whatever" -- These additional options will be passed to httpd
#                       at startup. Don't add -k here.
HTTPD="/opt/apache-2.4/bin/httpd"
PIDFILE="/opt/apache-2.4/logs/httpd.pid"
OPTIONS="-DSSL"
EOF
[root@localhost httpd-2.4.25]#

SRPMに含まれているhttpd.sysconfは以下のオプションしかありませんでした。環境変数HTTPDやPIDFILEを記載する必要はないようです。

#OPTIONS=
LANG=C

httpd(apache)設定ファイル(httpd.conf)へモジュールをロードする設定をする

configureオプションでhttpd本体へ静的に組み込もう(static build)と試行錯誤しましたが、標準モジュールではないためなのか?自分のスキルでは出来ませんでした。
※外部ファイルとして作成して、httpd.confから読み込ませる(includeさせる)設定でも可です。

[root@localhost httpd-2.4.25]# sed -i \
-e '/#LoadModule mpm_worker_module modules\/mod_mpm_worker.so/a\
LoadModule systemd_module modules/mod_systemd.so' \
/opt/apache-2.4/conf/httpd.conf
[root@localhost httpd-2.4.25]# 

自動起動有効化

システム起動と一緒にサービスが起動するように設定します。

[root@localhost httpd-2.4.25]# systemctl list-unit-files --type=service | grep httpd
httpd.service                                 disabled
[root@localhost httpd-2.4.25]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /etc/systemd/system/httpd.service.
[root@localhost httpd-2.4.25]# systemctl list-unit-files --type=service | grep httpd
httpd.service                                 enabled
[root@localhost httpd-2.4.25]#

手動起動

※httpd(apache)設定ファイル(httpd.conf)へモジュールをロードする設定をするの作業を忘れると、コマンドプロンプトが返ってこなくなります。

[root@localhost httpd-2.4.25]# systemctl start httpd
[root@localhost httpd-2.4.25]#
[root@localhost httpd-2.4.25]# systemctl status httpd
* httpd.service - The Apache HTTP Server
   Loaded: loaded (/etc/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2017-04-26 13:03:31 JST; 35min ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 14563 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           |-14563 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           |-14567 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           |-14568 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           |-14570 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           |-14571 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           |-14572 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND
           `-14573 /opt/apache-2.4/bin/httpd -DSSL -DFOREGROUND

Apr 26 13:03:29 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
Apr 26 13:03:31 localhost.localdomain systemd[1]: Started The Apache HTTP Server.
[root@localhost httpd-2.4.25]#