基于Centos7.2的nginx部署
成都創(chuàng)新互聯(lián)公司是一家專注于成都做網(wǎng)站、網(wǎng)站設(shè)計(jì)與策劃設(shè)計(jì),郯城網(wǎng)站建設(shè)哪家好?成都創(chuàng)新互聯(lián)公司做網(wǎng)站,專注于網(wǎng)站建設(shè)10年,網(wǎng)設(shè)計(jì)領(lǐng)域的專業(yè)建站公司;建站業(yè)務(wù)涵蓋:郯城等地區(qū)。郯城做網(wǎng)站價(jià)格咨詢:13518219792
部署背景:使用Nginx作為Tomcat的負(fù)載平衡器。
部署步驟:
安裝zlib-devel、pcre-devel等依賴包
[root@nginx ~]# yum install -y gcc gcc-c++ make libtool zlib zlib-devel pcre pcre-devel openssl openssl-devel
注:結(jié)合proxy和upstream模塊實(shí)現(xiàn)后端web負(fù)載均衡
結(jié)合nginx默認(rèn)自帶的ngx_http_proxy_module模塊 和ngx_http_upstream_module模塊實(shí)現(xiàn)后端服務(wù)器的健康檢查。
Proxy:實(shí)現(xiàn)反向代理
Upstream:實(shí)現(xiàn)負(fù)載均衡
Nginx在使用HTTPS服務(wù)時(shí)要用到openssl-devel模塊,如果不安裝openssl相關(guān)包,安裝Nginx的過(guò)程會(huì)報(bào)錯(cuò)。
創(chuàng)建nginx用戶
[root@nginx ~]# useradd -s /sbin/nologin www
[root@nginx ~]# grep www /etc/passwd ##查看nginx用戶www是否建立
www:x:1000:1000::/home/www:/sbin/nologin
編譯安裝nginx
[root@nginx src]# tar -zxvf nginx-1.13.0.tar.gz
[root@nginx src]# cd nginx-1.13.0
[root@nginx nginx-1.13.0]# ./configure --prefix=/usr/local/nginx1.10 --user=www --group=www --with-http_stub_status_module --with-http_realip_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_flv_module && make && make install
其中:--prefix=/usr/local/nginx1.10表示nginx包安裝路徑
創(chuàng)建nginx軟連接,方便nginx程序的執(zhí)行
[root@nginx nginx-1.13.0]# ln -s /usr/local/nginx1.10/sbin/nginx /usr/local/sbin/
nginx語(yǔ)法檢查
[root@nginx nginx-1.13.0]# nginx -t
編寫nginx服務(wù)腳本
[root@nginx ~]# vim /etc/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /usr/local/nginx1.10/conf/nginx.conf
# pidfile: /usr/local/nginx1.10/logs/nginx.pid
nginxd=/usr/local/nginx1.10/sbin/nginx
nginx_config=/usr/local/nginx1.10/conf/nginx.conf
nginx_pid=/usr/local/nginx1.10/logs/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/local/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
lockfile=/var/lock/subsys/nginx
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
添加開(kāi)機(jī)自啟動(dòng)服務(wù)
[root@nginx ~]# chmod +x /etc/init.d/nginx
[root@nginx ~]# chkconfig --add nginx
[root@nginx ~]# chkconfig nginx on
[root@nginx ~]# chkconfig --list |grep nginx
nginx 0:off 1:off 2:on 3:on 4:on 5:on 6:off
啟動(dòng)nginx服務(wù)
[root@nginx ~]# /usr/local/sbin/nginx start
nginx: invalid option: "start"
[root@nginx ~]# /etc/init.d/nginx start
Starting nginx (via systemctl): Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
[FAILED]
以上我們可以看出,nginx啟動(dòng)失敗!以下是解決方法:
[root@nginx ~]# /usr/local/sbin/nginx
[root@nginx ~]# /etc/init.d/nginx start
Starting nginx (via systemctl): [ OK ]
配置nginx反向代理:作用是(反向代理+負(fù)載均衡+健康探測(cè))
修改nginx主配置文件:
[root@nginx ~]# vim /usr/local/nginx1.10/conf/nginx.conf
user www www;
worker_processes 2;
worker_cpu_affinity 0101 1010;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
worker_rlimit_nofile 10240;
pid logs/nginx.pid;
events{
use epoll;
worker_connections 4096;
}
http{
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent"$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
server_tokens off;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#Compression Settings
gzip on;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 1k;
gzip_buffers 16 8k;
gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascriptapplication/xml;
gzip_vary on;
#end gzip
# http_proxy Settings
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 75;
proxy_send_timeout 75;
proxy_read_timeout 75;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
#load balance Settings
upstream backend_tomcat {
server 192.168.100.126:8080 weight=1 max_fails=2 fail_timeout=10s; ##需要更改為tomcat的ip
server 192.168.100.127:8080 weight=1 max_fails=2 fail_timeout=10s; ##需要更改為tomcat的ip
}
#virtual host Settings
server{
listen 80;
server_name www.benet.com;
charset utf-8;
location / {
root html;
index index.jsp index.html index.htm;
}
location ~* \.(jsp|do)$ {
proxy_pass http://backend_tomcat;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
}
location /nginx_status {
stub_status on;
access_log off;
allow 192.168.100.0/24; ##需要更改tomcat的ip段
deny all;
}
}
}
重啟使其生效
[root@nginx conf]# /usr/local/sbin/nginx
[root@nginx conf]# service nginx restart
Restarting nginx (via systemctl): [ OK ]
[root@nginx ~]# firewall-cmd --permanent --add-port=80/tcp
success
[root@nginx ~]# firewall-cmd --reload
success
以上就是nginx部署的基本步驟!
擴(kuò)展:
除了nginx語(yǔ)法檢查nginx安裝和瀏覽是否正常外,還有兩種常用的方法:
1.使用wget命令檢查
[root@nginx ~]# wget 127.0.0.1
2.使用curl命令檢查
[root@nginx ~]# curl 127.0.0.1