nginx 的作用,可以用来做静态资源的代理,反向代理,负载均衡等
今天的主题:使用 nginx 配置反向代理
1.用 vmware 搭建一个虚拟机 例如 CentOS
然后在虚拟机下安装 nginx 所需要的依赖
1、 gcc-c++ 安装命令: yum install gcc-c++
2、 pcre 安装命令: yum install pcre-devel
3、 zlib 安装命令: yum install zlib zlib-devel
4、 openssl 安装命令: yum install openssl openssl-devel
5、 下载 nginx 安装包 : wegt http://nginx.org/download/nginx-1.8.0.tar.gz
然后解压安装包 : tar -zxvf nginx-1.8.0.tar.gz
然后进入解压的目录下: cd nginx-1.8.0
运行脚本: ./configure --prefix=/usr/nginx
继续执行命令: make
继续执行命令: make install
这时 nginx 就安装好了
在进入 cd /usr/nginx/sbin/
执行程序 : ./nginx ,然后打开浏览器,输入 127.0.0.1:80
如果出现以下画面则安装并启动成功了
现在我们要让我们本地机器能够访问到虚拟机的话,先配置网络,确定在同一网段,且可以相互 ping 通,这里不多做解释
然后我们要改一下 防火墙的配置
vi /etc/sysconfig/iptables
输入以下内容,保存退出
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p TCP --dport 61001:62000 -j ACCEPT
-A OUTPUT -p TCP --sport 61001:62000 -j ACCEPT
-A INPUT -p TCP --dport 20 -j ACCEPT
-A OUTPUT -p TCP --sport 20 -j ACCEPT
-A INPUT -p TCP --dport 21 -j ACCEPT
-A OUTPUT -p TCP --sport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
COMMIT
重启防火墙服务
service iptables restart
这个时候我们就可以在本机输入虚拟机的ip访问到刚刚的画面了
现在我们来做反向代理
现在本机上修改 hosts 文件
然后进入我们的虚拟机 ,修改 nginx 配置,在修改前,先自行下载并安装好 tomcat,这里不多做解释
修改 nginx 配置
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
include vhost/*.conf;
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
这里都是默认的内容,只需要在上面添加
然后创建文件夹 mkdir /usr/nginx/conf/vhost
然后进入 vhost 文件夹
新建文件 vim www.test.com.conf
写入以下内容
server {
listen 80;
autoindex on;
server_name www.test.com;
access_log /usr/nginx/logs/access.log combined;
index index.html index.htm index.jsp index.php;
if ( $query_string ~* ".*[\;'\<\>].*" ){
return 404;
}
location / {
proxy_pass http://127.0.0.1:8080;
add_header Access-Control-Allow-Origin *;
}
}
保存退出
以上的配置意思就是,监听 80 端口,当有用户访问 80 端口且用的是 www.test.com 域名的时候,将请求转发给 127.0.0.1:8080 端口,也就是转到我们的 tomcat 服务上
/usr/nginx/sbin/nginx -s reload 重启 nginx
我们在本机输入 www.test.com
出现 tomcat 页面则配置成功