NGINX入门
这一篇是为了我们前后端分离项目的部署做准备的。
三大特点
这里只是大概原理,具体是如何配置的要看《NGINX的配置》小节
反向代理
先说反向代理,因为反向代理是负载均衡的前提,但是讲反向代理之前又不得不讲一下正向代理。
然后我们再来讲反向代理
负载均衡
负载均衡,上面的图我们看到了,有三台服务器,我们再新加一点东西
动静分离
比方说前后端分离的项目,有一个页面,纯静态的,啥也不请求后端,那这些内容返回给用户的时候,就是nginx直接返回不用请求后端的,加快了速度。
NGINX的安装
下载
传送门
[root@hecs-82454 nginx]# pwd
/usr/local/nginx
[root@hecs-82454 nginx]# ls
nginx-1.18.0.tar.gz
[root@hecs-82454 nginx]# tar -zxvf nginx-1.18.0.tar.gz
[root@hecs-82454 nginx]# mv nginx-1.18.0 /usr/local/nginx-1.18.0
[root@hecs-82454 local]# pwd
/usr/local
[root@hecs-82454 local]# cd nginx-1.18.0/
[root@hecs-82454 nginx-1.18.0]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE man README src
解压完成后再安装之前还需要安装一些其他的依赖
[root@hecs-82454 nginx-1.18.0]# yum install gcc-c++
[root@hecs-82454 nginx-1.18.0]# yum install -y openssl openssl-devel
[root@hecs-82454 nginx-1.18.0]# yum install -y pcre pcre-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Package pcre-8.32-17.el7.x86_64 already installed and latest version
Package pcre-devel-8.32-17.el7.x86_64 already installed and latest version
Nothing to do
[root@hecs-82454 nginx-1.18.0]# yum install -y zlib zlib-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Package zlib-1.2.7-19.el7_9.x86_64 already installed and latest version
Package zlib-devel-1.2.7-19.el7_9.x86_64 already installed and latest version
Nothing to do
为什么要执行这4个命令我也不清楚,只是教程里着么说的,咱就照做吧,但是吧,后两个命令,好像不用执行也可以,毕竟Nothing to do
使用nginx默认配置,为什么把日志都打印出来了,是因为我感觉最后面的那些配置的路径对我们熟悉nginx很有用
[root@hecs-82454 nginx-1.18.0]# ./configure
checking for OS
+ Linux 3.10.0-1160.15.2.el7.x86_64 x86_64
checking for C compiler ... found
+ using GNU C compiler
+ gcc version: 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
checking for gcc -pipe switch ... found
checking for -Wl,-E switch ... found
checking for gcc builtin atomic operations ... found
checking for C99 variadic macros ... found
checking for gcc variadic macros ... found
checking for gcc builtin 64 bit byteswap ... found
checking for unistd.h ... found
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for sys/param.h ... found
checking for sys/mount.h ... found
checking for sys/statvfs.h ... found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found
checking for EPOLLRDHUP ... found
checking for EPOLLEXCLUSIVE ... not found
checking for O_PATH ... found
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... found
checking for prctl(PR_SET_DUMPABLE) ... found
checking for prctl(PR_SET_KEEPCAPS) ... found
checking for capabilities ... found
checking for crypt_r() ... found
checking for sys/vfs.h ... found
checking for nobody group ... found
checking for poll() ... found
checking for /dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for F_READAHEAD ... not found
checking for posix_fadvise() ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for statfs() ... found
checking for statvfs() ... found
checking for dlopen() ... not found
checking for dlopen() in libdl ... found
checking for sched_yield() ... found
checking for sched_setaffinity() ... found
checking for SO_SETFIB ... not found
checking for SO_REUSEPORT ... found
checking for SO_ACCEPTFILTER ... not found
checking for SO_BINDANY ... not found
checking for IP_TRANSPARENT ... found
checking for IP_BINDANY ... not found
checking for IP_BIND_ADDRESS_NO_PORT ... found
checking for IP_RECVDSTADDR ... not found
checking for IP_SENDSRCADDR ... not found
checking for IP_PKTINFO ... found
checking for IPV6_RECVPKTINFO ... found
checking for TCP_DEFER_ACCEPT ... found
checking for TCP_KEEPIDLE ... found
checking for TCP_FASTOPEN ... found
checking for TCP_INFO ... found
checking for accept4() ... found
checking for eventfd() ... found
checking for int size ... 4 bytes
checking for long size ... 8 bytes
checking for long long size ... 8 bytes
checking for void * size ... 8 bytes
checking for uint32_t ... found
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system byte ordering ... little endian
checking for size_t size ... 8 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 8 bytes
checking for AF_INET6 ... found
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for pwritev() ... found
checking for sys_nerr ... found
checking for localtime_r() ... found
checking for clock_gettime(CLOCK_MONOTONIC) ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for POSIX semaphores ... not found
checking for POSIX semaphores in libpthread ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for ioctl(FIONREAD) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
checking for PCRE library ... found
checking for PCRE JIT support ... found
checking for zlib library ... found
creating objs/Makefile
Configuration summary
+ using system PCRE library
+ OpenSSL library is not used
+ using system zlib library
nginx path prefix: "/usr/local/nginx"
nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx modules path: "/usr/local/nginx/modules"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"
[root@hecs-82454 nginx-1.18.0]#
编译
make
make install
编译完成后,检查一下nginx安装在哪里了
[root@hecs-82454 sbin]# whereis nginx
nginx: /usr/local/nginx
因为压缩包解压后的名字为nginx-1.18.0,我没修改,直接在里面编译的,同级还有一个nginx目录是我上传压缩包的地方,但是他竟然将程序安装在了nginx下,好吧,下次长记性要最好只保留一个名为nginx的文件夹
[root@hecs-82454 local]# ls
apache-jmeter-5.3 bin etc games Idea include jdk1.8 jmeter.log lib lib64 libexec nginx nginx-1.18.0 sbin share src uniagent
[root@hecs-82454 local]# cd nginx-1.18.0/
[root@hecs-82454 nginx-1.18.0]# ls
auto CHANGES CHANGES.ru conf configure contrib html LICENSE Makefile man objs README src
[root@hecs-82454 nginx-1.18.0]# cd ..
[root@hecs-82454 local]# ls
apache-jmeter-5.3 bin etc games Idea include jdk1.8 jmeter.log lib lib64 libexec nginx nginx-1.18.0 sbin share src uniagent
[root@hecs-82454 local]# cd nginx
[root@hecs-82454 nginx]# ls
conf html logs sbin
然后我们来启动nginx
[root@hecs-82454 nginx]# cd sbin
[root@hecs-82454 sbin]# ls
nginx
[root@hecs-82454 sbin]# ./nginx
再来开放端口
然后在自己的电脑上请求一下,如下图,请求成功
url: http://xxx.xxx.xxx.xxx:80
在进入nginx目录的时候,就发现了变化
[root@hecs-82454 nginx]# ls
client_body_temp conf fastcgi_temp html logs proxy_temp sbin scgi_temp uwsgi_temp
NGINX的配置
我们再来看一下里面的配置文件
[root@hecs-82454 conf]# pwd
/usr/local/nginx/conf
[root@hecs-82454 conf]# cat nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
[root@hecs-82454 conf]#
然后我将我对这个配置浅薄的理解写在上面了
user root; #这个只对linux管用,就是我们用哪个用户登陆,我现在是root,那我就要修改成root并开放(经过尝试,当我用root用户安装的时候,这个开放不开放没什么关系)
worker_processes 1; #工作进程:数目。根据硬件调整,通常等于CPU数量或者2倍于CPU,我这个主机是1核的,那就是1了
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024; #工作进程的最大连接数量
}
# 这里是专门针对http请求的,80端口
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#upstream zhangsan{} 这个就是负载均衡的配置,默认是没有的是我新增的,里面每个服务器或者端口有一个weight的配置,就是权重,可以分配请求指向的比例
# 最重要的就是这个server,这个server是可以有多个同级server的,比如说被注释的83行,监听了8000端口,那么80端口请求过来的数据,就进入了一个server的配置,8000端口请求过来的数据,就进入了另一个server,也正是因为有这个功能才实现了反向代理
server {
listen 80; # 监听的端口
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {#这个location /的意思就是说所有http://servername:listen/下的请求都走下面的配置,servername和listen就是上面的配置,location可以一个server里有多个配置,比如说location /a和location /b,那就是http://servername:listen/a和http://servername:listen/b的请求走不同的配置
root html; #这个html其实是一个路径,就是nginx目录下和conf同级的html文件夹,以后我们的vue的文件就放在这里
index index.html index.htm; #我们vue项目打包出来的dict文件下会有一个index.html,这里的index.html其实指的是root/index.html,也就是nginx/html/index.html
proxy_pass http://localhost:8090; #这个原来是没有的,但是我们反向代理的时候需要,就是将http://server_name:listen/的请求代理到了http://localhost:8090上
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html; # nginx/html/下面有一个50x.html
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# 这里是针对https请求的,443端口
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
NGINX的常用命令
其实没啥,最重要的就是重启:nginx -s reload