Nginx安装使用及高可用
一.nginx安装
1.创建一个文件夹,存放安装的nginx文件
mkdir /nginx
2.安装nginx依赖包
yum -y install gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel
3.解压下载好的nginx源码包
tar -zxvf nginx-1.18.0.tar.gz
cd nginx-1.18.0
4.配置编译并安装
./configure --prefix=/nginx
make
make install
5.启动nginx
/nginx/sbin/nginx
6.设置开机自启
vim /lib/systemd/system/nginx.service
[Unit]
Description=nginx service
After=network.target
[Service]
Type=forking
ExecStart=/nginx/sbin/nginx
ExecReload=/nginx/sbin/nginx -s restart
ExecStop=/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target
7.关闭nginx设置开机自启
systemctl enable nginx.service
systemctl start nginx
8.nginx进程模型
master 主进程
master用于管理worker
worker 工作进程
worker是为master进行服务的
二.Nginx配置文件
1.nginx.conf配置结构
main 全局配置
event 连接数
http http模块配置
server 具体的服务
location 路由规则表达式
upstream 集群,内网服务器
2.默认配置文件内容
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
三.Nginx日志切割
1.手动
#!/bin/bash
log_path="/nginx/logs/"
recode_time=$(date -d "yesterday" +%y-%m-%d+%H:%M)
pid=/nginx/logs/nginx.pid
mv ${log_path}/access.log ${log_path}/accwss.${recode_time}.log
mv ${log_path}/error.log ${log_path}/error.${recode_time}.log
kill -USR1 `cat $pid`
2.自动
crontab -e
*/1 * * * * /nginx/sbin/qg_log.sh
四.静态资源服务
1.举例
server {
listen 81;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
location /www {
root /home;
}
location /start {
alias /home/www;
}
五.gzip
1.gzip配置
gzip on;
gzip_min_length 1;
gzip_comp_level 3;
gzip_types text/plain text/css;
六.Nginx静态资源防盗链
1.配置nginx防盗链
valid_referers none *.heber.com;
if ($invalid_referer){
return 404;
}
七.nginx集群Tomcat
1.集群配置
upstream heber{
server 192.168.0.118:8080;
server 192.168.0.119:8080;
}
server {
listen 80;
server_name www.he_ber.com;
location / {
proxy_pass http://heber;
}
}
2.upstream参数指令
max_conns 最大连接数 slow_start 让集群缓慢启动
down 不参与负载 backup 表示备用机
max_fails 最大失败次数 fail_timeout 失败时间段
3.配置加权轮巡
upstream heber{
server 192.168.0.118:8080 weigth=3;
server 192.168.0.119:8080 weigth=1;
}
八.nginx控制缓存
1.浏览器缓存
expires 10s;
expires @22h30m;
2.上游服务器缓存
upstream heber{
server 192.168.0.118:8080;
server 192.168.0.119:8080;
}
proxy_cache_path /nginx/upsteam_cache keys_zone=mycache:5m max_size=1g inactive=1h use_temp_path=off;
server {
listen 80;
server_name www.he_ber.com;
proxy_cache mycache;
proxy_cache_valid 200 304 8h;
location / {
proxy_pass http://heber;
}
}
九.nginx高可用
1.安装keepalived
#解压安装包
tar -zxvf keepalived-2.0.18.tar.gz
#创建一个文件夹存放安装的应用
mkdir /nginx/keepalived
#安装依赖包
yum -y install libnl libnl-devel
#配置keepalived安装路径
./configure --prefix=/nginx/keepalived --sysconf=/etc
#开始安装
make && make install
#查看keepalived在什么位置
whereis keepalived
2.配置keepalived
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id keep_118
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx_alived {
script "/etc/keepalived/check_nginx_alivd_or_not.sh"
interval 2
weigth 10
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx_alived
}
virtual_ipaddress {
192.168.0.120
}
}
3.启动keepalived
cd /nginx/keepalived/sbin
./keepalived
4.设置开机自启
cd /opt/keepalived-2.0.18/keepalived/etc
cp init.d/keepalived /etc/init.d/
cp sysconfig/keepalived /etc/sysconfig/
systemctl daemon-reload
systemctl enable keepalived
5.备用节点配置
! Configuration File for keepalived
global_defs {
router_id keep_119
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.120
}
}
6.配置keepalived重启nginx
vim check_nginx_alivd_or_not.sh
ng=`ps -C nginx --no-header |wc -l`
if [ $ng -eq 0 ];then
/nginx/sbin/nginx
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
7.双主热备
vrrp_instance VI_2 {
state MASTER
interface ens3
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.121
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.121
}
}