1.1安装pcre
解压缩pcre-8.34.tar.gz包。
进入解压缩目录,执行./configure。
make & make install
1.2安装openssl
解压缩openssl-1.0.2q.tar.gz包
进入解压缩目录,执行./config
make & make install
1.3安装zlib
解压缩zlib-1.2.11.tar.gz包。
进入解压缩目录,执行./configure。
make & make install
1.4编译安装nginx
1)解压缩nginx-xx.tar.gz包,并编译
参数设置如下:
./configure
--prefix=/usr/local/nginx \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/temp/nginx/client \
--http-proxy-temp-path=/var/temp/nginx/proxy \
--http-fastcgi-temp-path=/var/temp/nginx/fastcgi \
--http-uwsgi-temp-path=/var/temp/nginx/uwsgi \
--http-scgi-temp-path=/var/temp/nginx/scgi
2)安装
make & make install
1.5修改nginx 文件配置
user nobody nobody; #所有用户都可以启动Nginx进程
worker_processes 8; #允许生成的进程数
#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log debug; #指定日志路径 级别
pid logs/nginx.pid; #指定nginx 进程运行文件存放地址
events {
use epoll; #使用epoll 模型作为事件驱动模型
worker_connections 1024; #支持的最大连接数设置为 1024
accept_mutex on; #设置网络序列化,当一个新连接到到时,多个worker串行执行,只有一个worker 被唤醒,避免资源浪费
multi_accept on; #设置一个进程可以同时接受多个网络连接
}
http {
include mime.types; #文件扩展名与文件类型映射表
default_type application/octet-stream; #如果web程序未设置,映射表中也没有文件扩展名,使用默认的未知程序类型,流文件
log_format myformat '$remote_addr-$remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for'; #自定义日志格式
access_log logs/access.log myformat; #定义服务日志路径及格式
client_header_buffer_size 1k; #(请求头+请求行)的大小不能超过1K
large_client_header_buffers 4 1m; 请求行不能超过1M,(请求头+请求行)不超过 4*1M
client_max_body_size 10m; #设置nginx 上传文件大小限制
client_body_buffer_size 128k;
proxy_connect_timeout 360;
proxy_send_timeout 360;
proxy_read_timeout 360;
#proxy_buffer_size 4k;
#proxy_buffers 4 32k;
#proxy_busy_buffers_size 64k;
#proxy_temp_file_write_size 64k;
#proxy_temp_path /opt/nginxproxy/temp_dir;
#proxy_cache_path /opt/nginxproxy/cache levels=1:2 keys_zone=cache_one:50m inactive=20m max_size=30g;
#proxy_hide_header Set-Cookie;
sendfile on; #使用sendfile 的方式传输文件
keepalive_timeout 65; #连接超时时间
tcp_nodelay on;
upstream teis_server {
ip_hash;
server 10.2.4.55:9090 max_fails=3 weight=1 fail_timeout=60s;
server 10.2.4.56:9090 max_fails=3 weight=1 fail_timeout=60s;
keepalive 256;
}
server {
listen 80;
server_name teis_server;
location / {
proxy_pass http:// teis_server;
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
1.6启动nginx
cd /usr/local/nginx/sbin/
./nginx
查询nginx进程:
15098是nginx主进程的进程id,15099是nginx工作进程的进程id
注意:执行./nginx启动nginx,这里可以-c指定加载的nginx配置文件,如下:
./nginx -c /usr/local/nginx/conf/nginx.conf
如果不指定-c,nginx在启动时默认加载conf/nginx.conf文件,此文件的地址也可以在编译安装nginx时指定./configure的参数(--conf-path= 指向配置文件(nginx.conf))
1.7停止nginx
1)方式1,快速停止:
cd /usr/local/nginx/sbin
./nginx -s stop
此方式相当于先查出nginx进程id再使用kill命令强制杀掉进程。
2)方式2,完整停止(建议使用):
cd /usr/local/nginx/sbin
./nginx -s quit
./nginx -s quit
./nginx
2)方式2,重新加载配置文件:
当nginx的配置文件nginx.conf修改后,要想让配置生效需要重启nginx,使用-s reload不用先停止nginx再启动nginx即可将配置信息在nginx中生效,如下:
./nginx -s reload
1.9 安装keepalived
1.9.1编译安装keepalived
tar -zxvf keepalived-1.2.7.tar.gz
yum install -y openssl openssl-devel
yum install popt-devel
cd keepalived-1.2.7
./configure --prefix=/usr/local/keeplived
如果配置执行报错:
open-devel 安装失败,需要重新安装
make
make install
cp /usr/local/keeplived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keeplived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/keeplived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keeplived/sbin/keepalived /usr/sbin/
加入启动服务
echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.local
echo "/etc/init.d/keepalived start" >> /etc/rc.local
1.9.2配置keepalived
! Configuration File for keepalived
global_defs {
router_id NGINX_DEVEL #标识节点的字符串,通常为hostname
}
#定义虚拟路由 VI_1 为自定义标识
vrrp_instance VI_1 {
state MASTER #主节点为Master,备节点为BACKUP
interface eth0 #绑定虚拟IP的网络接口,与本机IP地址所在的网络接口相同
virtual_router_id 51 #虚拟路由ID号
priority 101 #优先级配置(0-254的值)
advert_int 1 #组播信息发送间隔,两个节点必须配置一致,默认1s
authentication {
auth_type PASS
auth_pass 1111 ##真实环境下对密码进行匹配
}
virtual_ipaddress {
192.168.1.100
}
}
Backup:
! Configuration File for keepalived
global_defs {
router_id NGINX_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
1.9.3 keepalived监控NginX的状态
#!/bin/bash
# check nginx server status
NGINX=/usr/local/nginx/sbin/nginx
PORT=8080
nmap localhost -p $PORT | grep "$PORT/tcp open"
#echo $?
if [ $? -ne 0 ];then
$NGINX -s stop
$NGINX
sleep 3
nmap localhost -p $PORT | grep "$PORT/tcp open"
[ $? -ne 0 ] && /etc/init.d/keepalived stop
fi
不要忘了设置脚本的执行权限,否则不起作用。
假设上述脚本放在/opt/chk_nginx.sh,则keepalived.conf中增加如下配置:
主keepalived
vrrp_script chk_http_port {
script "/opt/chk_nginx.sh"
interval 1
weight -2
}
track_script {
chk_http_port
}
例子:
! Configuration File for keepalived
global_defs {
router_id NGINX_UPSTEAM
}
vrrp_script chk_http_port {
script "/opt/chk_nginx.sh"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
track_script {
chk_http_port
}
}
更进一步,为了避免启动keepalived之前没有启动nginx , 可以在/etc/init.d/keepalived的start中首先启动nginx:
start() {
/usr/local/nginx/sbin/nginx
sleep 3
echo -n $"Starting $prog: "
daemon keepalived ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}