nginx 安装、配置、负载均衡、反向代理<二>

nginx 配置

本文主讲nginx的配置
nginx的安装，详见：nginx 安装、配置、负载均衡、反向代理<一>

准备工作: 一台能联公网的CentOS 7.x服务器

    # root 登录(因为要使用80端口，一般情况下需要root权限)    cd /etc/nginx    # 备份一下原来的nginx.conf文件__很重要！！！__    cp nginx.conf nginx.conf.cp    # 检查一下nginx安装正确    systemctl status mginx    # 编辑nginx.conf配置文件    # 在此重申一遍，一定要做好备份工作，不然自己配置的有问题只能找别人要一份备份文件(文末有)或者重装了    vi nginx.conf

nginx.conf配置文件可配置项说明

全局配置项 主要功能 配置说明 user 配置nginx用户 直接使用root操作nginx可以不配置 worker_processes 开启的nginx进程数 一般根据自己服务器内核数的1~2倍设置 error_log 日志文件存放的地方 需要查看日志的才需要去配置 pid 存放nginx进程pid的地方 worker_connections 单个进程允许的最大并发连接数 根据服务器性能配置 upstream nginx负载均衡配置 具体配置如下 http web服务器配置 具体配置项如下 http(s)配置项 值 配置说明 gzip on/off 是否打开gzip压缩，具体gzip压缩下面详述 server 虚拟主机的web服务配置 具体配置见下面负载均衡和反向代理 listen 80/443 监听服务器实体主机的访问端口 server_name 域名 可以访问到这台主机的域名 location server代理的内部服务或者其他域的服务

负载均衡配置

    upstream <命名，eg:backend_test> {        #ip_hash;   # 当负载两台以上用ip来hash解决session的问题        server 192.168.10.100:8080 max_fails=2 fail_timeout=30s ;        server 192.168.10.101:8080 max_fails=2 fail_timeout=30s ;    }    # server段配合负载均衡的设置    server {        listen       80;        server_name  www.aliyuntest.com;    #要访问的域名，这里用的测试域名，如果有多个，用逗号分开        charset utf8;        location / {            proxy_pass       http://backend_test;    #这里backend_test是上面的负载的名称，映射到代理服务器            proxy_set_header Host      $host;            proxy_set_header X-Real-IP $remote_addr;            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        }    }

• 以上，配置完负载均衡，在浏览器访问www.aliyuntest.com会被均衡到我们配置的两个IP上的服务上

反向代理配置

    server {        listen       80;        server_name  app.aliyuntest.com;    #反向代理到另一个域名（可以使同一个域名下的多个二级域名）        charset utf8;            #charset koi8-r;            #access_log  logs/host.access.log  main;            location / {    # 这里的 / 表示的是访问的 app.aliyuntest.com/                 proxy_pass       http://110.110.110.110:8000; #这里可以填本机开启的服务，也可以填其他机器开启的服务，格式http://Ip:port或者http://域名:port  （端口为80的不用写，为443的也不写，但要把http改为https）                proxy_set_header Host      $host;                proxy_set_header X-Real-IP $remote_addr;                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        }    }

• 以上，负载均衡配置的server部分，其实也是一个反向代理的过程
• 反向代理中比较重要的就是 location 字段的配置，一般情况下，这些配置足够了，更多详细的配置请百度

gzip 压缩

    gzip  on;   # 开启gzip压缩    gzip_min_length 1k;     # 压缩的临界值，大于1K的才压缩    gzip_buffers 4 512k;    # gzip压缩的内存大小    #gzip_http_version 1.0;     # 用了nginx反向代理的默认是http/1.1，需要http:/1.0的取消注释    gzip_comp_level 6;      # 压缩级别，越大压缩的越小，服务器压力越大    gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/javascript;  # 压缩文件格式，浏览器-控制台-network-http请求的Respose-Headers中查看content-type字段    gzip_vary off;    gzip_disable "MSIE [1-6]\.";    # IE6不使用gzip压缩

    # 检测gzip是否开启成功    curl -I -H "Accept-Encoding: gzip, deflate" "http://域名/路由"

初始状态的 nginx.conf 配置文件内容可免费复制使用-,-

    #user  nobody;    worker_processes  1;    #error_log  /var/log/nginx/error.log;    #error_log  /var/log/nginx/error.log  notice;    #error_log  /var/log/nginx/error.log  info;    #pid        /var/run/nginx/nginx.pid;    events {        worker_connections  1024;    }    http {        include       mime.types;        default_type  application/octet-stream;        #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '        #                  '$status $body_bytes_sent "$http_referer" '        #                  '"$http_user_agent" "$http_x_forwarded_for"';        #access_log  /var/log/nginx/access.log  main;        sendfile        on;        #tcp_nopush     on;        #keepalive_timeout  0;        keepalive_timeout  65;        #gzip  on;        server {            listen       80;            server_name  localhost;            #charset koi8-r;            #access_log  /var/log/nginx/host.access.log  main;            location / {                root   html;                index  index.html index.htm;            }            #error_page  404              /404.html;            # redirect server error pages to the static page /50x.html            #            error_page   500 502 503 504  /50x.html;            location = /50x.html {                root   html;            }            # proxy the PHP scripts to Apache listening on 127.0.0.1:80            #            #location ~ \.php$ {            #    proxy_pass   http://127.0.0.1;            #}            # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000            #            #location ~ \.php$ {            #    root           html;            #    fastcgi_pass   127.0.0.1:9000;            #    fastcgi_index  index.php;            #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;            #    include        fastcgi_params;            #}            # deny access to .htaccess files, if Apache's document root            # concurs with nginx's one            #            #location ~ /\.ht {            #    deny  all;            #}        }        # another virtual host using mix of IP-, name-, and port-based configuration        #        #server {        #    listen       8000;        #    listen       somename:8080;        #    server_name  somename  alias  another.alias;        #    location / {        #        root   html;        #        index  index.html index.htm;        #    }        #}        # HTTPS server        #        #server {        #    listen       443 ssl;        #    server_name  localhost;        #    ssl_certificate      cert.pem;        #    ssl_certificate_key  cert.key;        #    ssl_session_cache    shared:SSL:1m;        #    ssl_session_timeout  5m;        #    ssl_ciphers  HIGH:!aNULL:!MD5;        #    ssl_prefer_server_ciphers  on;        #    location / {        #        root   html;        #        index  index.html index.htm;        #    }        #}    }

配置了反向代理的 nginx.conf 配置文件内容仅供参考

    #user  nobody;    worker_processes  4;    #error_log  /var/log/nginx/error.log;    #error_log  /var/log/nginx/error.log  notice;    #error_log  /var/log/nginx/error.log  info;    #pid        /var/run/nginx/nginx.pid;    events {        worker_connections  1024;    }    http {        include       mime.types;        default_type  application/octet-stream;        #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '        #                  '$status $body_bytes_sent "$http_referer" '        #                  '"$http_user_agent" "$http_x_forwarded_for"';        #access_log  /var/log/nginx/access.log  main;        sendfile        on;        #tcp_nopush     on;        #keepalive_timeout  0;        keepalive_timeout  65;        gzip  on;        gzip_min_length 1k;        gzip_buffers 4 512k;        #gzip_http_version 1.0;        gzip_comp_level 6;        gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/javascript;        gzip_vary off;        gzip_disable "MSIE [1-6]\.";        server {            listen       80;            server_name  app.aliyun_test.com;            charset utf8;            #charset koi8-r;            #access_log  /var/log/nginx/host.access.log  main;            location / {                proxy_pass       http://110.110.110.110:8000; #这里proxy_test是上面的负载的名称，映射到代理服务器，可以是ip加端口,   或url                 proxy_set_header Host      $host;                proxy_set_header X-Real-IP $remote_addr;                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;            }        }        server {            listen       80;            server_name  www.aliyun_test.top;            charset utf8;            #charset koi8-r;            #access_log  /var/log/nginx/host.access.log  main;            location / {                    proxy_pass       http://www.my_aliyun_test.cn; #这里proxy_test是上面的负载的名称，映射到代理服务器，可以是ip加端口,   或url                     proxy_set_header Host      $host;                    proxy_set_header X-Real-IP $remote_addr;                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;            }            #error_page  404              /404.html;            # redirect server error pages to the static page /50x.html            #            error_page   500 502 503 504  /50x.html;                location = /50x.html {                    root   html;                }            # proxy the PHP scripts to Apache listening on 127.0.0.1:80            #            #location ~ \.php$ {            #    proxy_pass   http://127.0.0.1;            #}            # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000            #            #location ~ \.php$ {            #    root           html;            #    fastcgi_pass   127.0.0.1:9000;            #    fastcgi_index  index.php;            #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;            #    include        fastcgi_params;            #}            # deny access to .htaccess files, if Apache's document root            # concurs with nginx's one            #            #location ~ /\.ht {            #    deny  all;            #}        }        # another virtual host using mix of IP-, name-, and port-based configuration        #        #server {        #    listen       8000;        #    listen       somename:8080;        #    server_name  somename  alias  another.alias;        #    location / {        #        root   html;        #        index  index.html index.htm;        #    }        #}        # HTTPS server        #        #server {        #    listen       443 ssl;        #    server_name  localhost;        #    ssl_certificate      cert.pem;        #    ssl_certificate_key  cert.key;        #    ssl_session_cache    shared:SSL:1m;        #    ssl_session_timeout  5m;        #    ssl_ciphers  HIGH:!aNULL:!MD5;        #    ssl_prefer_server_ciphers  on;        #    location / {        #        root   html;        #        index  index.html index.htm;        #    }        #}    }

以上，初步使用nginx，欢迎大神拍砖指导，如有不明白的，欢迎随时交流