A.安装
B.常规配置http、https(nginx负载均衡配置、nginx域名配置)
1.修改主配置
cd /usr/local/nginx/conf
vim nginx.conf
#user nobody;
worker_processes 1;
error_log /root/logs/nginx/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
# keepalive_timeout 65;
#gzip on;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$upstream_addr $upstream_response_time $request_time ';
include ./mime.types;
default_type application/octet-stream;
##加载自定义配置文件
include /usr/local/nginx/vhosts/*.conf;
2.各应用负载均衡配置(多机)
a.创建各应用配置目录
mkdir -p /usr/local/nginx/vhosts
cd /usr/local/nginx/vhosts
b.创建日志目录及日志空文件
mkdir -p /root/logs/nginx/application1
cd /root/logs/nginx/application1
touch access.log
mkdir -p /root/logs/nginx/application2
cd /root/logs/nginx/application2
touch access.log
c.编辑各应用负载均衡配置(以三台机器,2个应用负载均衡为例)
cd /usr/local/nginx/vhosts
vim application1.conf
upstream application1_stream {
server 192.168.1.1:9720;
server 192.168.1.2:9720;
server 192.168.1.3:9720;
}
server {
listen 8041;
server_name localhost;
#charset koi8 - r;
access_log /root/logs/nginx/application1/access.log main;
location / {
proxy_pass http://application1_stream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
cd /usr/local/nginx/vhosts
vim application2.conf
upstream application2_stream {
server 192.168.1.1:9920;
server 192.168.1.2:9920;
server 192.168.1.3:9920;
}
server {
listen 8051;
server_name localhost;
#charset koi8 - r;
access_log /root/logs/nginx/application2/access.log main;
location / {
proxy_pass http://application2_stream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
2.http配置
cd /usr/local/nginx/vhosts
vim web-http.conf
server {
listen 80;
server_name test.yuming.com;
#把http的域名请求转成https,若有需要直接打开下面注释即可
# rewrite ^(.*)$ https://$host$1 permanent;
#前端代码
location /{
root /usr/local/nginx/web/;
index index.html index.htm;
}
location /application1 {
proxy_pass http://localhost:8041/;
proxy_redirect default;
}
location /application2 {
proxy_pass http://localhost:8051/;
proxy_redirect default;
}
}
3.https加密访问配置
创建https密钥ssl文件目录
mkdir -p /usr/local/nginx/ssl/
cd /usr/local/nginx/ssl/
将server.crt、server.key放到此文件目录下
cd /usr/local/nginx/vhosts
vim web-https.conf
server {
# HTTPS 默认443端口
listen 443 ssl;
# 证书文件配置,指定证书的路径,除了证书路径其他配置都默认
ssl_certificate /usr/local/nginx/ssl/server.crt;
ssl_certificate_key /usr/local/nginx/ssl/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
server_name test.yuming.com;
#前端代码
location /{
root /usr/local/nginx/web/;
index index.html index.htm;
}
location /application1 {
proxy_pass http://localhost:8041/;
proxy_redirect default;
}
location /application2 {
proxy_pass http://localhost:8051/;
proxy_redirect default;
}
}
C.nginx配置websocket
1.配置websocket应用负载配置
mkdir -p /root/logs/nginx/websocket
cd /root/logs/nginx/websocket
touch access.log
cd /usr/local/nginx/vhosts
vim websocket.conf
upstream websocket_stream {
#此处楼主只用到一个websocket服务,故只打开一个
server 192.168.1.1:9715;
#server 192.168.1.2:9715;
#server 192.168.1.3:9715;
}
server {
listen 8071;
server_name localhost;
#charset koi8 - r;
access_log /root/logs/nginx/websocket/access.log main;
location / {
proxy_pass http://websocket_stream/ws;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /ws {
proxy_pass http://websocket_stream/ws;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120s;
proxy_set_header Upgrade websocket;
proxy_set_header Connection Upgrade;
}
}
2.http或者https配置,直接在web-http.conf或者web-https.conf中server里加配置即可
##之前已配置好的,保持不变,新增websocket拦截转发
server {
#...
#...
#...
#...
#新增websocket
location ^~ /ws {
proxy_pass http://localhost:8071/ws;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120s;
proxy_set_header Upgrade websocket;
proxy_set_header Connection Upgrade;
}
}
D.nginx配置activemq
1.配置websocket应用负载配置
mkdir -p /root/logs/nginx/activemq
cd /root/logs/nginx/activemq
touch access.log
cd /usr/local/nginx/vhosts
vim activemq.conf
upstream activemq_stream {
#此处楼主只用到一个activemq集群服务,故只打开一个
server 192.168.1.1:61614;
#server 192.168.1.2:61614;
#server 192.168.1.3:61614;
}
server {
listen 8091;
server_name localhost;
#charset koi8 - r;
access_log /root/logs/nginx/activemq/access.log main;
location / {
proxy_pass http://activemq_stream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /activemq {
proxy_pass http://activemq_stream;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120s;
proxy_set_header Upgrade websocket;
proxy_set_header Connection Upgrade;
}
}
2.http或者https配置,直接在web-http.conf或者web-https.conf中server里加配置即可
##之前已配置好的,保持不变,新增activemq拦截转发
server {
#...
#...
#...
#...
#新增activemq
location /activemq {
proxy_pass http://localhost:8091/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120s;
proxy_set_header Upgrade websocket;
proxy_set_header Connection Upgrade;
}
}
若有问题,可留言或者私信交流探讨!