nginx
来源:互联网 发布:winpe装linux 编辑:程序博客网 时间:2024/05/20 03:04
nginx
1.nginx工具的安装与配置
(1)先down一个nginx的安装包 【 nginx-1.12.0.tar.gz 】
(2)解压并更改配置
[root@server1 ~]# tar zxf nginx-1.12.0.tar.gz
[root@server1 ~]# ls
anaconda-ks.cfg install.log.syslog varnish-3.0.5-1.el6.x86_64.rpm
bansys.zip nginx-1.12.0 varnish-libs-3.0.5-1.el6.x86_64.rpm
install.log nginx-1.12.0.tar.gz
[root@server1 ~]# cd nginx-1.12.0
[root@server1 nginx-1.12.0]# cd src
[root@server1 src]# ls
core event http mail misc os stream
[root@server1 src]# cd core/
[root@server1 core]# ls
[root@server1 core]# vim nginx.h
12 #define nginx_version 1012000
13 #define NGINX_VERSION "1.12.0"
14 #define NGINX_VER "nginx" ##去掉我们所装的nginx的版本,提高安全性
[root@server1 cc]# vim gcc
171 # debug
172 #CFLAGS="$CFLAGS -g" ##忽略编译信息
[root@server1 nginx-1.12.0]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE man README src
[root@server1 nginx-1.12.0]# ./configure --prefix=/usr/local/lnmp/nginx--user=nginx --group=nginx --with-threads --with-file-aio--with-http_ssl_module --with-http_stub_status_module ##创建Makefile文件并且检查makelile是否设置正确
##################################################################################
其输出结果如下,则是需要安装相应的依赖包:
./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path>option.
##################################################################################
[root@server1 nginx-1.12.0]# yum install -y pcre-devel
[root@server1 nginx-1.12.0]# ./configure --prefix=/usr/local/lnmp/nginx--user=nginx --group=nginx --with-threads --with-file-aio--with-http_ssl_module --with-http_stub_status_module ##重新创建
##################################################################################
其输出结果如下,则是需要安装相应的依赖包:
./configure: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.
##################################################################################
[root@server1 nginx-1.12.0]# yum install -y openssl-devel
[root@server1 nginx-1.12.0]# ./configure --prefix=/usr/local/lnmp/nginx--user=nginx --group=nginx --with-threads --with-file-aio--with-http_ssl_module --with-http_stub_status_module ##再重新再次创建
一般情况下,将相应的依赖包安装完应该就可以安装成功
[root@server1 nginx-1.12.0]# make && make install ## make根据Makefile的内容编译出符合平台的可执行文件
## makeinstall 安装编译成功的软件
[root@server1 nginx-1.12.0]# cd /usr/local/lnmp/nginx/
[root@server1 nginx]# ls
conf html logs sbin
[root@server1 nginx]# du -sh
960K .
[root@server1 nginx]# cd sbin/
[root@server1 sbin]# ls
nginx
[root@server1 sbin]# ./nginx
[root@server1 sbin]# ln -s /usr/local/lnmp/nginx/sbin /sbin/ ##做一个软连接,使其在此目录外也可执行
(3)nginx的使用需要指定的用户
[root@server1 nginx-1.12.0]# useradd -M -d /usr/local/lnmp/nginx -s/sbin/nologin -u 800 nginx
[root@server1 nginx-1.12.0]# id nginx
uid=800(nginx) gid=800(nginx) groups=800(nginx)
2.简单应用
(1)配置一个域
服务端:
[root@server1 nginx-1.12.0]# cd conf/
[root@server1 conf]# vim nginx.conf
3 worker_processes 2;
4
5 work_cup_affinity 01 10;
13 events {
14 worker_connections 65535;
15 }
[root@server1 conf]# sysctl -a |grep file
fs.file-nr = 512 0 98869
fs.file-max = 98869
[root@server1 conf]# vim /etc/security/limits.conf
50 # End of file
51 nginx - nofile 65535
[root@server1 conf]# vim nginx.conf
120 server {
121 listen 80;
122 server_namewww.westos.org;
123
124 location / {
125 root /web1;
126 indexindex.html;
127
128 }
[root@server1 conf]# mkdir /web1
[root@server1 conf]# cd /web1/
[root@server1 web1]# ls
[root@server1 web1]# vimindex.html
<h1>ttttttttoooooooo</h1>
[root@server1 conf]# nginx -t
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test issuccessful
[root@server1 conf]# nginx -s reload
测试端:
[root@foundation78 ~]# vim /etc/hosts ##加注本地解析
172.25.78.1 server1www.westos.org
[root@foundation78 ~]# curl www.westos.org
<h1>ttttttttoooooooo</h1>
[root@foundation78 ~]# curl www.westos.org -I
HTTP/1.1 200 OK
Server: nginx/
Date: Thu, 20 Jul 2017 08:12:51 GMT
Content-Type: text/html
Content-Length: 26
Last-Modified: Thu, 20 Jul 2017 08:11:57 GMT
Connection: keep-alive
ETag: "597065cd-1a"
Accept-Ranges: bytes
(2)https的设定
[root@server1 sbin]# cd /usr/local/lnmp/nginx/
[root@server1 nginx]# ls
client_body_temp fastcgi_temp logs sbin uwsgi_temp
conf html proxy_temp scgi_temp
[root@server1 nginx]# cd conf/
[root@server1 conf]# vim nginx.conf 编辑主配置文件,开启443端口,实现https
#######去掉注释,打开443端口,并更改密钥的相对路径,后期重新生成有效的密钥#########
####### 当前路径为 /usr/local/lnmp/nginx/conf/ #########
server { listen 443 ssl; server_name localhost; ssl_certificate cert.pem; ssl_certificate_key cert.pem; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } [root@server1 conf]# cd /etc/pki/tls/private/
[root@server1 private]# pwd
/etc/pki/tls/private
[root@server1 certs]# make cert.pem 生成认证证书(或许同时生成了密钥)
[root@server1 certs]# mv cert.pem /usr/local/lnmp/nginx/conf/ 将生成的密钥与证书放入相应的路径
[root@server1 certs]# cd /usr/local/lnmp/nginx/
[root@server1 nginx]# nginx -t 检查更改后的配置文件是否有语法错误
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax isok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test issuccessful
[root@server1 nginx]# nginx -s reload 检查没有语法错误后进行刷新
[root@server1 nginx]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1092/nginx
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 912/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 988/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1092/nginx
tcp 0 0 172.25.42.1:22 172.25.42.250:49543 ESTABLISHED 1039/sshd
tcp 0 0172.25.42.1:22 172.25.42.250:49544 ESTABLISHED 1073/sshd
tcp 0 0 :::22 :::* LISTEN 912/sshd
tcp 0 0 ::1:25 :::* LISTEN 988/master
(3)网页重写
[root@server1 conf]# vim nginx.conf
server { listen 443 ssl; server_name localhost; ssl_certificate cert.pem; ssl_certificate_key cert.pem; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root /web1; index index.html index.htm; }server { listen 80; server_name www.westos.org; rewrite ^(.*)$https://www.westos.org$1 permanent; #location / { # proxy_pass http://westos; #}}[root@server1 conf]# nginx -t
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax isok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test issuccessful
[root@server1 conf]# nginx -s reload
[root@server1 conf]# vim nginx.conf
[root@server1 conf]# cd /web1/
[root@server1 web1]# ls
index.html
[root@server1 web1]# mkdir admin
[root@server1 web1]# cd admin/
[root@server1 admin]# vim index.html
(4)负载均衡
[root@server1 admin]# cd /usr/local/lnmp/nginx/
[root@server1 nginx]# cd conf/
[root@server1 conf]# vim nginx.conf
http { upstream westos { ip_hash; server 172.25.42.2:80; server 172.25.42.3:8080; #server 127.0.0.1:8000backup;}server { listen 443 ssl; server_name localhost; ssl_certificate cert.pem; ssl_certificate_key cert.pem; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root /web1; index index.html index.htm; } }server { listen 80; server_name www.westos.org; # rewrite ^(.*)$https://www.westos.org$1 permanent; location / { proxy_passhttp://westos; }}[root@server1 conf]# vim nginx.conf
[root@server1 conf]# vim nginx.conf
[root@server1 conf]# nginx -t
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test issuccessful
[root@server1 conf]# nginx -s reload
(查看端口是否开启)
server2:
[root@server2 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 888/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 964/master
tcp 0 0 172.25.42.2:22 172.25.42.250:44168 ESTABLISHED 1083/sshd
tcp 0 0 :::80 :::* LISTEN 1103/httpd
tcp 0 0 :::22 :::* LISTEN 888/sshd
tcp 0 0 ::1:25 :::* LISTEN 964/master
server3:
[root@server3 ~]# vim /etc/httpd/conf/httpd.conf
[root@server3 ~]# /etc/init.d/httpd start
Starting httpd:
[root@server3 ~]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliably determine the server's fullyqualified domain name, using 172.25.42.3 for ServerName
[ OK ]
[root@server3 ~]# netstat -atnlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 889/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 965/master
tcp 0 0 172.25.42.3:22 172.25.42.250:43417 ESTABLISHED 1015/sshd
tcp 0 0 :::8080 :::* LISTEN 1063/httpd
tcp 0 0:::22 :::* LISTEN 889/sshd
tcp 0 0 ::1:25 :::* LISTEN 965/master
[root@server3 ~]#
(测试:)
[root@foundation78 ~]# curl www.westos.org
<h1>server2</h2>
[root@foundation78 ~]# curl www.westos.org
<h1>server3-www.westos.org</h1>
[root@foundation78 ~]# curl www.westos.org
<h1>server2</h2>
[root@foundation78 ~]# curl www.westos.org
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/</center>
</body>
</html>
[root@foundation78 ~]# for i in {1..10}; do curl www.westos.org ; done
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
网页正在维护,请稍后再试 ........
[root@foundation78 ~]#
(哈希轮询:)
[root@server1 admin]# cd /usr/local/lnmp/nginx/
[root@server1 nginx]# cd conf/
[root@server1 conf]# vim nginx.conf
http { upstream westos { ip_hash; server 172.25.42.2:80; server 172.25.42.3:8080; #server 127.0.0.1:8000backup;}(测试:)
[root@foundation78 ~]# for i in {1..10}; do curl www.westos.org ; done
<h1>server3-www.westos.org</h1>
<h1>server2</h2>
<h1>server3-www.westos.org</h1>
<h1>server3-www.westos.org</h1>
<h1>server2</h2>
<h1>server2</h2>
<h1>server3-www.westos.org</h1>
<h1>server2</h2>
<h1>server3-www.westos.org</h1>
<h1>server3-www.westos.org</h1>
3.异常情况
出现问题:
[root@server1 web1]# nginx -s reload
nginx: [error] invalid PID number "" in"/usr/local/lnmp/nginx/logs/nginx.pid"
出现问题的原因;
nginx 的PID出现了问题
nginx 服务没有开启,就不能进行 reload 刷新
但是使用 netstat -antlp 命令查询,发现nginx的端口开启着
此时判断出是服务异常,使用 killall nginx 结束掉所有nginx的进程
此时再重新开启 nginx 服务 【 .nginx 】
再次进行 nginx -sreload 刷新就可以了
问题的解决过程:
[root@server1 nginx]# cd sbin/[root@server1 sbin]# lsnginx[root@server1 sbin]# ./nginxnginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)^C[root@server1 sbin]# netstat -antlpActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6754/nginx tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 909/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 985/master tcp 0 0 172.25.78.1:22 172.25.78.250:43931 ESTABLISHED 14622/sshd tcp 0 0 172.25.78.1:22 172.25.78.250:43802 ESTABLISHED 1034/sshd tcp 0 0 :::22 :::* LISTEN 909/sshd tcp 0 0 ::1:25 :::* LISTEN 985/master [root@server1 sbin]# ./nginx -sreloadnginx: [error] invalid PID number "" in"/usr/local/lnmp/nginx/logs/nginx.pid"[root@server1 sbin]# killall nginx[root@server1 sbin]# ./nginx[root@server1 sbin]# ./nginx -s reload[root@server1 sbin]#
- nginx
- Nginx
- Nginx
- Nginx
- Nginx
- nginx
- nginx
- nginx
- nginx
- nginx
- nginx
- nginx
- nginx
- Nginx
- nginx
- nginx
- nginx
- nginx
- 数据库分页实现
- Linux管道符"|"
- Android运行时异常“Binary XML file line # : Error inflating class”
- 【MySQL】基础知识
- Aizu
- nginx
- jsp自定义标签(时间格式化包括Long转时间)
- laravel的 容器container(ioc)
- A1036
- 稳定排序
- 12. Integer to Roman
- redis集群命令
- hadoop2.x入门:编写mapreduce对气象数据集求每日最高气温和最低气温
- Android—(通知、闹钟)
