安装nginx
[root@nginx ~]# tar zxf nginx-1.24.0.tar.gz
[root@nginx ~]# cd nginx-1.24.0/
[root@nginx nginx-1.24.0]# ls
auto CHANGES.ru configure html Makefile objs src
CHANGES conf contrib LICENSE man README
[root@nginx nginx-1.24.0]# dnf install gcc pcre-devel zlib-devel openssl-devel -y
[root@nginx nginx-1.24.0]# ./configure --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_ssl_module \
> --with-http_v2_module \
> --with-http_realip_module \
> --with-http_gzip_static_module \
> --with-http_stub_status_module \
> --with-pcre \
> --with-stream \
> --with-stream_ssl_module
[root@nginx nginx-1.24.0]#./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module
[root@nginx nginx-1.24.0]# make && make install
[root@nginx nginx-1.24.0]# ls /usr/local/nginx/
conf html logs sbin
[root@nginx nginx]# vim ~/.bash_profile
export PATH=$PATH:/usr/local/nginx/sbin
[root@nginx nginx]# source ~/.bash_profile
[root@nginx nginx]# nginx
平滑升级和回滚
[root@nginx ~]# ls
anaconda-ks.cfg echo-nginx-module-0.63.tar.gz nginx-1.24.0 nginx-1.24.0.tar.gz nginx-1.26.1 nginx-1.26.1.tar.gz
[root@nginx ~]# tar zxf nginx-1.26.1.tar.gz
[root@nginx ~]# tar zxf echo-nginx-module-0.63.tar.gz
[root@nginx ~]# ls
anaconda-ks.cfg nginx-1.24.0 nginx-1.26.1.tar.gz
echo-nginx-module-0.63 nginx-1.24.0.tar.gz
echo-nginx-module-0.63.tar.gz nginx-1.26.1
[root@nginx ~]# cd nginx-1.26.1
[root@nginx nginx-1.26.1]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --add-module=/root/echo-nginx-module-0.63 #添加echo模块
[root@nginx nginx-1.26.1]# make
[root@nginx objs]# cd /usr/local/nginx/sbin/
[root@nginx sbin]# nginx -s stop
[root@nginx ~]# rm -rf /usr/local/nginx/
[root@nginx ~]# cd /root/nginx-1.24.0/
[root@nginx nginx-1.24.0]# ls
auto conf html man src
CHANGES configure LICENSE objs
CHANGES.ru contrib Makefile README
[root@nginx nginx-1.24.0]# make install
}
#先把nginx备份
[root@nginx sbin]# cp nginx nginx.old
[root@nginx sbin]# ls
nginx nginx.old
#把新版本的nginx命令复制过去
[root@nginx sbin]# \cp -f /root/nginx-1.26.1/objs/nginx /usr/local/nginx/sbin
[root@nginx sbin]# killall -9 nginx
[root@nginx sbin]# curl -I 172.25.254.100
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 19 Aug 2024 23:05:39 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 16 Aug 2024 13:02:49 GMT
Connection: keep-alive
ETag: "66bf4df9-267"
Accept-Ranges: bytes
[root@nginx sbin]# curl -I 172.25.254.100
HTTP/1.1 200 OK
Server: nginx/1.26.1
Date: Mon, 19 Aug 2024 23:06:30 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 16 Aug 2024 13:02:49 GMT
Connection: keep-alive
ETag: "66bf4df9-267"
Accept-Ranges: bytes
回滚
[root@nginx sbin]# killall -9 nginx
#此时已经回滚成功
[root@nginx sbin]# curl -I 172.25.254.100
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 19 Aug 2024 23:07:38 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 16 Aug 2024 13:02:49 GMT
Connection: keep-alive
ETag: "66bf4df9-267"
Accept-Ranges: bytes
nginx的启动文件
[root@Nginx ~]# vim /lib/systemd/system/nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@Nginx ~]# systemctl daemon-reload
[root@Nginx ~]# systemctl start nginx
Nginx 核心配置详解
[root@nginx ~]# mkdir -p /usr/local/nginx/conf.d
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
server {
listen 80;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
}
[root@nginx ~]# mkdir -p /data/web/html
[root@nginx ~]# echo www.jingwen.org > /data/web/html/index.html
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx ~]# nginx -s reload
#查看日志
[root@nginx ~]# tail -f /usr/local/nginx/logs/error.log
[root@nginx ~]# mkdir /data/web/test1 -p
[root@nginx ~]# vi /usr/local/nginx/conf.d/vhost.conf
server {
listen 80;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
location /test1/ {
root /data/web;
}
}
[root@nginx ~]# echo hahaha > /data/web/test1/index.html
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx ~]# nginx -s reload
[root@nginx ~]# cat /usr/local/nginx/conf.d/vhost.conf
server {
listen 80;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
location /test1/ {
root /data/web;
}
location /test2 {
alias /data/web/test1;
}
}
[root@nginx ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local
#判断优先级
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
[root@nginx ~]# nginx -s reload
[root@nginx ~]# mkdir -p /data/web{1..5}
[root@nginx ~]# mkdir -p /data/web{1..5}/test
[root@nginx ~]# echo web1 > /data/web1/test/index.html
[root@nginx ~]# echo web2 > /data/web2/test/index.html
[root@nginx ~]# echo web3 > /data/web3/test/index.html
[root@nginx ~]# echo web4 > /data/web4/test/index.html
[root@nginx ~]# echo web5 > /data/web5/test/index.html
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
server {
listen 80;
server_name lee.timinglee.org;
root /data/web/html;
index index.html;
#location /test1 {
# root /data/web;
#}
#location /test2 {
# alias /data/web/test1;
#}
location /test {
root /data/web1;
}
location = /test {
root /data/web2;
}
location ^~ /t {
root /data/web3;
}
location ~* .html$ {
root /data/web5;
}
location ~.html$ {
root /data/web4;
}
}
#自定义错误日志
[root@nginx ~]# mkdir /var/log/timinglee.org
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
server {
error_log /var/log/timinglee.org/error.log;
access_log /var/log/timinglee.org/access.log;
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl www.timinglee.org
[root@nginx ~]# cat /var/log/timinglee.org/access.log
[root@nginx ~]# curl www.timinglee.org/aaa
[root@nginx ~]# cat /var/log/timinglee.org/error.log
#检测文件是否存在
[root@nginx ~]# rm -rf /data/web/html/index.html
[root@nginx ~]# rm -rf /data/web/html/error/
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
server {
error_log /var/log/timinglee.org/error.log;
access_log /var/log/timinglee.org/access.log;
try_files $uri $uri.html $uri/index.html /error/default.html;
}
[root@nginx ~]# nginx -s reload;
#测试
[root@nginx ~]# curl www.timinglee.org
500
[root@nginx ~]# mkdir /data/web/html/error
[root@nginx ~]# echo error default > /data/web/html/error/default.html
#测试
[root@nginx ~]# curl www.timinglee.org
error default
#长链接
[root@nginx ~]# echo www.timinglee.org > /data/web/html/index.html
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
http {
keepalive_timeout 65;
keepalive_requests 2;
}
[root@nginx ~]# nginx -s reload
# 长链接测试工具
[root@nginx ~]#dnf install telnet -y
# 测试
[root@nginx ~]#telnet www.timinglee.org 80
GET / HTTP/1.1
Host: www.timinglee.org
Server: nginx/1.24.0
Date: Fri, 16 Aug 2024 06:45:42 GMT
Content-Type: text/html
Content-Length: 18
Last-Modified: Fri, 16 Aug 2024 06:45:22 GMT
Connection: keep-alive
ETag: "66bef582-12"
Accept-Ranges: bytes
www.timinglee.org
#下载工具
[root@Nginx ~]# mkdir /data/web/download
[root@Nginx ~]# dd if=/dev/zero of=/data/web/download/leefile bs=1M count=100
[root@Nginx ~]# vim /usr/local/nginx/conf.d/vhosts.conf
server {
location /download {
autoindex on; #自动索引功能
autoindex_exact_size on;
autoindex_localtime on;
limit_rate 1024k; #限速,默认不限速
}
}
#重启Nginx并访问测试下载页面
http://www.timinglee.org/download/
#nginx压缩
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
http {
gzip on;
gzip_comp_level 5;
gzip_min_length 1k;
gzip_http_version 1.1;
gzip_vary on;
gzip_types text/plain application/javascript application/x-javascript text/css
application/xml text/javascript application/x-httpd-php image/gif image/png;
}
[root@nginx ~]# nginx -s reload
[root@nginx ~]# echo hello timinglee > /data/web/html/small.html
[root@nginx ~]# du -sh /usr/local/nginx/loges/access.log #查看这个文件多大
[root@nginx ~]# cat /usr/local/nginx/loges/access.log > /data/web/html/big.html
#测试,查看是否被压缩
[root@nginx ~]# curl --head --compressed 172.25.254.100/small.html
[root@nginx ~]# curl --head --compressed 172.25.254.100/big.html
#nginx 环境变量
#nginx的内置变量
server {
listen 80;
server_name var.timinglee.org;
root /data/web/html;
index index.html;
location /var {
default_type text/html;
echo $remote_addr;
echo $args;
echo $is_args;
echo $document_root;
echo $document_uri;
echo $host;
echo $remote_port;
echo $remote_user;
echo $request_method;
echo $request_filename;
echo $request_uri;
echo $scheme;
echo $server_protocol;
echo $server_addr;
echo $server_name;
echo $server_port;
echo $http_user_agent;
echo $http_cookie;
echo $cookie_key2;
}
}
#nginx自定义变量
server {
listen 80;
server_name var.timinglee.org;
root /data/web/html;
index index.html;
location /var {
default_type text/html;
set $timinglee lee;
echo $timinglee;
}
}
# 测试
curl -b "key1=lee,key2=lee1" -u lee:lee var.timinglee.org/var?name=lee&&id=6666
Nginx Rewrite相关功能
#if判定
[root@nginx ~]# mkdir /data/web/html/test2
[root@nginx ~]# echo test2 > /data/web/html/test2/index.html
[root@nginx ~]# vim /location /test2 {
if ( !-e $request_filename ){
echo "$request_filename is not exist";
}
}
/local/nginx/conf.d/vars.conf
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl var.timinglee.org/test2/index.html
test2
#break指令
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
location /break {
default_type text/html;
set $name lee;
echo $name;
if ( $http_user_agent = "curl/7.76.1" ){
break;
}
set $id 666;
echo $id;
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl var.timinglee.org/break
lee
3、return指令
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
location /return {
default_type text/html;
if ( !-e $request_filename){
return 301 http://www.baidu.com;
}
echo "$request_filename is exist";
}
[root@nginx ~]# nginx -s reload
#测试
#return不存在时
[root@nginx ~]# ll /data/web/html
total 24
-rw-r--r-- 1 root root 15423 Aug 16 16:16 big.html
drwxr-xr-x 2 root root 26 Aug 16 14:34 error
-rw-r--r-- 1 root root 18 Aug 18 11:04 index.html
-rw-r--r-- 1 root root 16 Aug 16 16:15 small.html
drwxr-xr-x 2 root root 24 Aug 18 11:45 test2
drwxr-xr-x 2 root root 24 Aug 18 10:41 var
[root@nginx ~]# curl -I var.timinglee.org/return
HTTP/1.1 301 Moved Permanently
Server: nginx/1.26.1
Date: Sun, 18 Aug 2024 03:54:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: http://www.baidu.com
[root@nginx ~]# mkdir -p /data/web/html/return
[root@nginx ~]# curl -I var.timinglee.org/return
HTTP/1.1 200 OK
Server: nginx/1.26.1
Date: Sun, 18 Aug 2024 03:54:33 GMT
Content-Type: text/html
Connection: keep-alive
[root@nginx ~]# curl var.timinglee.org/return
/data/web/html/return is exist
#临时和永久
# 前期准备
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
server {
listen 80;
server_name var.timinglee.org;
root /data/web/html;
index index.html;
location / {
root /data/web/var;
index index.html;
#rewrite / http://www.timinglee.com permanent;
#rewrite / http://www.timinglee.com redirect;
}
}
[root@nginx ~]# nginx -s reload
[root@nginx ~]# echo var page > /data/web/var/index.html
[root@nginx conf.d]# curl www.timinglee.org
www.timinglee.com
[root@nginx conf.d]# curl var.timinglee.org
var page
# 永久重定向301
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
location / {
root /data/web/var;
index index.html;
rewrite / http://www.timinglee.com permanent;
#rewrite / http://www.timinglee.com redirect;
}
[root@nginx ~]# nginx -s reload
[root@nginx conf.d]# curl -I var.timinglee.org
HTTP/1.1 301 Moved Permanently
Server: nginx/1.26.1
Date: Sun, 18 Aug 2024 12:13:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: http://www.timinglee.com
#临时重定向302
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
location / {
root /data/web/var;
index index.html;
#rewrite / http://www.timinglee.com permanent;
rewrite / http://www.timinglee.com redirect;
}
[root@nginx ~]# nginx -s reload
[root@nginx conf.d]# curl -I var.timinglee.org
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.26.1
Date: Sun, 18 Aug 2024 12:13:41 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://www.timinglee.com
# break 和last
[root@nginx ~]# mkdir /data/web/html/{test1,test2,break,last} -p[root@nginx ~]# echo test1 > /data/web/html/test1/index.html
[root@nginx ~]# echo test2 > /data/web/html/test2/index.html
[root@nginx ~]# echo last > /data/web/html/last/index.html
[root@nginx ~]# echo break > /data/web/html/break/index.html
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
server {
listen 80;
server_name var.timinglee.org;
root /data/web/html;
index index.html;
location /break {
root /data/web/html;
rewrite ^/break/(.*) /test1/$1 break;
rewrite ^/test1/(.*) /test1/$2;
}
location /last {
root /data/web/html;
rewrite ^/last/(.*) /test1/$1 last;
rewrite ^/test1/(.*) /test2/$1;
}
location /test1 {
default_type test/html;
return 666 "test1 hahahahahaha ";
}
location /test2 {
root /data/web/html;
}
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl var.timinglee.org/break/index.html
test1
[root@nginx ~]# curl var.timinglee.org/last/index.html
test1 hahahahahaha
#加密
cd /usr/local/nginx/
mkdir certs
openssl req -newkey rsa:2048 -nodes -sha256 -keyout /usr/local/nginx/certs/timinglee.org.key \ -x509 -days 365 -out /usr/local/nginx/certs/timinglee.org.crt
[root@nginx ~]# cd /usr/local/nginx/certs/
[root@nginx certs]# ls
timinglee.org.crt timinglee.org.key
[root@nginx certs]# cd ..
[root@nginx nginx]# cd conf.d/
[root@nginx conf.d]# vim vhosts.conf
server {
listen 80;
listen 443 ssl;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
ssl_certificate /usr/local/nginx/certs/timinglee.org.crt;
ssl_certificate_key /usr/local/nginx/certs/timinglee.org.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
}
[root@nginx conf.d]# nginx -s reload
[root@nginx conf.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#盗链的实现
[root@nginx ~]# mkdir -p /data/web/html/images
[root@nginx ~]# mv daolian.png /data/web/html
[root@nginx ~]# mv lee.png /data/web/html/images/
#node1
[root@node1 ~]# dnf install httpd -y
[root@node1 ~]# cd /var/www/html
[root@node1 html]# vim index.html
<html>
<head>
<meta http-equiv=Content-Type content="text/html;charset=utf-8">
<title>盗链</title>
</head>
<body>
<img src="http://www.timinglee.org/images/lee.png" >
<h1 style="color:red">欢迎大家</h1>
<p><a href=http://www.timinglee.org>狂点老李</a>出门见喜</p>
</body>
</html>
# 防盗链
[root@nginx ~]# vim /usr/local/nginx/conf.d/vars.conf
server {
listen 80;
listen 443 ssl;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
ssl_certificate /usr/local/nginx/certs/timinglee.org.crt;
ssl_certificate_key /usr/local/nginx/certs/timinglee.org.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
location /images {
valid_referers none blocked server_names *.timinglee.org ~/.baidu/.;
if ( $invalid_referer ) {
return 404;
}
}
}
[root@nginx ~]# nginx -s reload
HTTP反向代理
# node1、node2
[root@node1 ~]# dnf install httpd -y
[root@node1 ~]# systemctl enable --now httpd
[root@node1 ~]# echo 172.25.254.10 > /var/www/html/index.html
[root@node2 ~]# systemctl enable --now httpd
[root@node2 ~]# echo 172.25.254.20 > /var/www/html/index.html
[root@node2 ~]# vim /etc/httpd/conf/httpd.conf
Listen 8080
[root@node2 ~]# systemctl restart httpd
# 测试
[root@nginx ~]# curl 172.25.254.10
172.25.254.10
[root@nginx ~]# curl 172.25.254.20
172.25.254.20
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
server {
listen 80;
server_name www.timinglee.org;
location / {
proxy_pass http://172.25.254.10:80;
}
location /static {
proxy_pass http://172.25.254.20:8080;
}
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
[root@nginx ~]# curl www.timinglee.org/static/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>
(node2没有static目录)
[root@node2 ~]# mkdir -p /var/www/html/static
[root@node2 ~]# echo static 172.25.254.20 > /var/www/html/static/index.html
#测试
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
[root@nginx ~]# curl www.timinglee.org/static/
static 172.25.254.20
#缓存功能
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
#gzip on;
proxy_cache_path /usr/local/nginx/proxy_cache levels=1:2:2 keys_zone=proxycache:20m inactive=120s max_size=1g;
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
location /static {
proxy_pass http://172.25.254.20:8080;
proxy_cache proxycache;
proxy_cache_key $request_uri;
proxy_cache_valid 200 302 301 10m;
proxy_cache_valid any 1m;
}
[root@nginx ~]# nginx -s reload
[root@node1 ~]# vim /etc/hosts
172.25.254.10 node1.timinglee.org www.timinglee.org
#测试
[root@node1 ~]# ab -n1000 -c100 http://www.timinglee.org/static/index.html
Requests per second: 8908.92 [#/sec] (mean) (未做缓存)
Requests per second: 12933.77 [#/sec] (mean)
#http反向代理负载均衡
#反向代理示例:后端多台web服务器
#机器
172.25.254.100 #Nginx 代理服务器
172.25.254.10 #后端web A,Apache部署
172.25.254.20 #后端web B,Apache部署
# 部署后端 Apache服务器
[root@node1 ~]# dnf install httpd -y
[root@node1 ~]# echo "172.25.254.10" > /var/www/html/index.html
[root@node1 ~]# systemctl enable --now httpd
[root@nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
upstream webcluster {
server 172.25.254.10:80 fail_timeout=15s max_fails=3;
server 172.25.254.20:8080 fail_timeout=15s max_fails=3;
server 172.25.254.100:80 backup;
}
server {
listen 80;
server_name www.timinglee.org;
location / {
proxy_pass http://webcluster;
}
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
[root@nginx ~]# curl www.timinglee.org
172.25.254.20
upstream webcluster {
ip_hash;
server 172.25.254.10:80 fail_timeout=15s max_fails=3;
server 172.25.254.20:8080 fail_timeout=15s max_fails=3;
#server 172.25.254.100:80 backup;
}
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
upstream webcluster {
#ip_hash;
hash $request_uri consistent;
server 172.25.254.10:80 fail_timeout=15s max_fails=3;
server 172.25.254.20:8080 fail_timeout=15s max_fails=3;
#server 172.25.254.100:80 backup;
}
[root@nginx ~]# curl www.timinglee.org
172.25.254.20
[root@nginx ~]# curl www.timinglee.org
172.25.254.20
# 基于Cookie 实现会话绑定
upstream webcluster {
#ip_hash;
#hash $request_uri consistent;
hash $cookie_lee;
server 172.25.254.10:80 fail_timeout=15s max_fails=3;
server 172.25.254.20:8080 fail_timeout=15s max_fails=3;
#server 172.25.254.100:80 backup;
}
[root@nginx ~]# curl www.timinglee.org
172.25.254.10
[root@nginx ~]# curl www.timinglee.org
172.25.254.20
[root@nginx ~]# curl -b "lee=1" www.timinglee.org
172.25.254.10
[root@nginx ~]# curl -b "lee=1" www.timinglee.org
172.25.254.10
#Nginx四层负载均衡
#DNS
# 环境 node1\node2
[root@node1 ~]# dnf install bind -y
[root@node1 ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
// allow-query { localhost; };
dnssec-validation no;
[root@node1 ~]# vim /etc/named.rfc1912.zones
zone "timinglee.org" IN {
type master;
file "timinglee.org.zone";
allow-update { none; };
};
[root@node1 ~]# cd /var/named
[root@node1 named]# cp named.localhost timinglee.org.zone -p
[root@node1 named]# vim timinglee.org.zone
$TTL 1D
@ IN SOA ns.timinglee.org root.timinglee.org. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns.timinglee.org.
NS A 172.25.254.10
www A 172.25.254.10
[root@node1 named]# systemctl start named
[root@node1 named]# dig www.timinglee.org @172.25.254.10
[root@node1 named]# scp -p /etc/named.{conf,rfc1912.zones} root@172.25.254.20:/etc/
[root@node1 named]# scp -p /var/named/timinglee.org.zone root@172.25.254.20:/var/named/timinglee.org.zone
[root@node2 named]# chgrp named timinglee.org.zone
[root@node2 named]# systemctl restart named
[root@node2 named]# dig www.timinglee.org @172.25.254.20
[root@nginx ~]# vim /usr/local/nginx/conf/nginx.conf
include "/usr/local/nginx/tcpconf.d/*.conf";
[root@nginx ~]# mkdir -p /usr/local/nginx/tcpconf.d
[root@nginx ~]# vim /usr/local/nginx/tcpconf.d/dns.conf
stream {
upstream dns {
server 172.25.254.10:53 fail_timeout=15s max_fails=3;
server 172.25.254.20:53 fail_timeout=15s max_fails=3;
}
server {
listen 53 udp reuseport;
proxy_timeout 20s;
proxy_pass dns;
}
}
[root@nginx ~]# nginx -s reload
#测试
[root@nginx ~]# dig www.timinglee.org @172.25.254.100
; <<>> DiG 9.16.23-RH <<>> www.timinglee.org @172.25.254.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28013
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b7555ae27da74d590100000066c216da67395c8bb9e26570 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN A 172.25.254.10
[root@nginx ~]# dig www.timinglee.org @172.25.254.100
; <<>> DiG 9.16.23-RH <<>> www.timinglee.org @172.25.254.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56262
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 2a17fdf418eb234d0100000066c216e6f94e6503ec327810 (good)
;; QUESTION SECTION:
;www.timinglee.org. IN A
;; ANSWER SECTION:
www.timinglee.org. 86400 IN A 172.25.254.20
#数据库
# node1\node2
[root@node1 ~]# dnf install mariadb-server -y
[root@node1 ~]# vim /etc/my.cnf.d/mariadb-server.cnf
[mysqld]
server-id=10
[root@node1 ~]# systemctl start mariadb.service
# 授权
MariaDB [(none)]> CREATE USER lee@'%' identified by 'lee';
Query OK, 0 rows affected (0.002 sec)
MariaDB [(none)]> GRANT ALL ON *.* to lee@'%';
Query OK, 0 rows affected (0.001 sec)
[root@nginx ~]# vim /usr/local/nginx/tcpconf.d/dns.conf
stream {
upstream dns {
server 172.25.254.10:53 fail_timeout=15s max_fails=3;
server 172.25.254.20:53 fail_timeout=15s max_fails=3;
}
upstream mysql {
server 172.25.254.10:3306 fail_timeout=15s max_fails=3;
server 172.25.254.20:3306 fail_timeout=15s max_fails=3;
}
server {
listen 3306;
proxy_timeout 60s;
proxy_pass mysql;
}
server {
listen 53 udp reuseport;
proxy_timeout 20s;
proxy_pass dns;
}
}
[root@nginx ~]# nginx -s reload
[root@nginx ~]# dnf install mariadb -y #下载数据库的客户端
# 测试
[root@nginx ~]# mysql -u lee -p -h 172.25.254.100
lee
MariaDB [(none)]> SELECT @@server_id
-> ;
+-------------+
| @@server_id |
+-------------+
| 20 |
+-------------+
1 row in set (0.001 sec)
[root@nginx ~]# mysql -u lee -p -h 172.25.254.100
lee
MariaDB [(none)]> SELECT @@server_id;
+-------------+
| @@server_id |
+-------------+
| 10 |
+-------------+
1 row in set (0.002 sec)
#实现FastCGI
为什么会有FastCGI?
CGI协议虽然解决了语言解析器和 Web Server 之间通讯的问题,但是它的效率很低,因为 Web Server每收到一个请求都会创建一个CGI进程,PHP解析器都会解析php.ini文件,初始化环境,请求结束的时候再关闭进程,对于每一个创建的CGI进程都会执行这些操作,所以效率很低,而FastCGI是用来提高CGI性能的,FastCGI每次处理完请求之后不会关闭掉进程,而是保留这个进程,使这个进程可以处理多个请求。这样的话每个请求都不用再重新创建一个进程了,大大提升了处理效率
什么是PHP-FPM?PHP-FPM(FastCGI Process Manager:
FastCGI进程管理器)是一个实现了Fastcgi的程序,并且提供进程管理的功能。
进程包括master进程和worker进程。master进程只有一个,负责监听端口,接受来自web server
的请求
worker进程一般会有多个,每个进程中会嵌入一个PHP解析器,进行PHP代码的处理。
Nginx与php-fpm在同一服务器
[root@nginx php-8.3.9]# ./configure --prefix=/usr/local/php \
>--with-config-file-path=/usr/local/php/etc \
> --enable-fpm \
> --with-fpm-user=nginx \
> --with-fpm-group=nginx \
> --with-curl \
> --with-iconv \
> --with-mhash \
> --with-zlib \
> --with-openssl \
> --enable-mysqlnd \
> --with-mysqli \
> --with-pdo-mysql \
> --disable-debug \
> --enable-sockets \
> --enable-soap \
> --enable-xml \
> --enable-ftp \
> --enable-gd \
> --enable-exif \
> --enable-mbstring \
> --enable-bcmath \
> --with-fpm-systemd
[root@nginx php-8.3.9]#./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-fpm-user=nginx --with-fpm-group=nginx --with-curl --with-iconv --with-mhash --with-zlib --with-openssl --enable-mysqlnd --with-mysqli --with-pdo-mysql --disable-debug --enable-sockets --enable-soap --enable-xml --enable-ftp --enable-gd --enable-exif --enable-mbstring --enable-bcmath --with-fpm-systemd
[root@nginx php-8.3.9]# make && make install
[root@Nginx ~]# cd /usr/local/php/etc
[root@Nginx etc]# cp php-fpm.conf.default php-fpm.conf
[root@Nginx etc]# vim php-fpm.conf
去掉注释
pid = run/php-fpm.pid #指定pid文件存放位置
[root@Nginx etc]# cd php-fpm.d/
[root@Nginx php-fpm.d]# cp www.conf.default www.conf
#生成主配置文件
[root@Nginx php-fpm.d]# cd /root/php-8.3.9/
[root@Nginx php-8.3.9]# cp php.ini-production /usr/local/php/etc/php.ini
[root@Nginx ~]# vim /usr/local/php/etc/php.ini
[Date]
; Defines the default timezone used by the date functions
; https://php.net/date.timezone
date.timezone = Asia/Shanghai #修改时区
#生成启动文件
[root@Nginx ~]# cd /root/php-8.3.9/
[root@Nginx php-8.3.9]# cp sapi/fpm/php-fpm.service /lib/systemd/system/
[root@nginx php-8.3.9]# cd sapi/
[root@nginx sapi]# cd fpm
[root@nginx fpm]# vim /lib/systemd/system/php-fpm.service
# Mounts the /usr, /boot, and /etc directories read-only for processes invoked by
this unit.
#ProtectSystem=full #注释该内容
[root@Nginx php-8.3.9]# systemctl start php-fpm.service
[root@Nginx php-8.3.9]# netstat -antlupe | grep php
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 0
820758 176202/php-fpm: mas
[root@nginx sapi]# cd /usr/local/php/etc/php-fpm.d/
[root@nginx sapi]# cd /usr/local/php/etc/php-fpm.d/
[root@nginx php-fpm.d]# vim www.conf
#省略
; Note: This value is mandatory.
listen = *:9000
#省略
[root@nginx php-fpm.d]# systemctl restart php-fpm.service
[root@nginx php-fpm.d]# netstat -antlupe | grep php
tcp6 0 0 ::1:9000 :::* LISTEN 0 434546 374128/php-fpm: mas
[root@Nginx ~]# mkdir /data/php -p
[root@centos8 ~]# cat /data/php/index.php #php测试页面
<?php
phpinfo();
?>
#Nginx配置转发
#Nginx安装完成之后默认生成了与fastcgi的相关配置文件,一般保存在nginx的安装路径的conf目录当
#中,比如/apps/nginx/conf/fastcgi.conf、/apps/nginx/conf/fastcgi_params。
[root@Nginx ~]# vim /usr/local/nginx/conf.d
server {
listen 80;
server_name php.timinglee.org;
root /data/php;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
#重启Nginx并访问web测试
[root@Nginx ~]# nginx -s reload
php的动态扩展模块(php的缓存模块)
安装memcache模块
#安装memcache模块
[root@Nginx ~]# tar zxf memcache-8.2.tgz
[root@Nginx ~]# cd memcache-8.2/
[root@Nginx memcache-8.2]# yum install autoconf
[root@Nginx memcache-8.2]# phpize
[root@Nginx memcache-8.2]# ./configure && make && make install
[root@Nginx memcache-8.2]# ls /usr/local/php/lib/php/extensions/no-debug-non-zts-20230831/
memcache.so opcache.so
复制测试文件到nginx发布目录中
#复制测试文件到nginx发布目录中
[root@Nginx ~]# cd memcache-8.2/
[root@Nginx memcache-8.2]# ls
[root@Nginx memcache-8.2]# cp example.php memcache.php /data/web/php/
[root@Nginx ~]# vim /data/web/php/memcache.php
define('ADMIN_USERNAME','admin'); // Admin Username
define('ADMIN_PASSWORD','lee'); // Admin Password
define('GRAPH_SIZE',200);
define('MAX_ITEM_DUMP',50);
$MEMCACHE_SERVERS[] = '127.0.0.1:11211'; // add more as an array
#$MEMCACHE_SERVERS[] = 'mymemcache-server2:11211'; // add more as an array
配置php加载memcache模块
# 配置php加载memcache模块
[root@Nginx ~]# vim /usr/local/php/etc/php.ini
;extension=zip
extension=memcache
;zend_extension=opcache
[root@Nginx ~]# systemctl reload php-fpm
# 因为没有指定路劲,所以要移动到默认路径
[root@Nginx ~]# cp /usr/local/php/etc/php.ini /usr/local/php/lib/
[root@Nginx no-debug-non-zts-20230831]# php -m | grep mem
memcache
部署memcached
# 部署memcached
[root@Nginx ~]# yum install memcached -y
[root@Nginx ~]# systemctl enable --now memcached.service
[root@Nginx ~]# netstat -antlupe | grep memcache
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN
976 1037243 186762/memcached
[root@Nginx ~]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1
测试:
# 测试
访问 http://www.timinglee.org/example.php 不断刷新
访问 http://www.timinglee.org/memcache.php 查看命中效果
php高速缓存
#php高速缓存
部署方法:
[root@Nginx ~]# vim /usr/local/nginx/conf.d/vhost.conf
upstream memcache {
server 127.0.0.1:11211;
keepalive 512;
}
server {
listen 80;
server_name www.timinglee.org;
root /data/web/html;
index index.html;
location /memc {
internal;
memc_connect_timeout 100ms;
memc_send_timeout 100ms;
memc_read_timeout 100ms;
set $memc_key $query_string; #使用内置变量$query_string来作为key
set $memc_exptime 300; #缓存失效时间300秒
memc_pass memcache;
}
location ~ \.php$ {
root /data/web/php;
set $key $uri$args; #设定key的值
srcache_fetch GET /memc $key; #检测mem中是否有要访问的php
srcache_store PUT /memc $key; #缓存为加载的php数据
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
[root@Nginx ~]# nginx -s reload
#测试
[root@nginx ~]# ab -n1000 -c10 http://www.timinglee.org/index.php
Failed requests: 0
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
