一、nginx简介
- 一款高性能、轻量级Web服务软件, 稳定性高,系统资源消耗低
- 对HTTP并发连接的处理能力高(能够处理高并发),单台物理服务器可支持30000~50000个并发请求
二、编译安装nginx
[root@localhost ~]# yum -y install pcre-devel zlib-devel
[root@localhost ~]# tar zxf nginx-1.12.2.tar.gz
[root@localhost ~]# cd nginx-1.12.2/
[root@localhost nginx-1.12.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module ###统计状态模块
[root@localhost nginx-1.12.2]# make && make install
[root@localhost ~]# useradd -M -s /sbin/nologin nginx ###创建一个不可登录的程序用户
[root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/bin ###优化执行路径
[root@localhost ~]# nginx ###启动服务
[root@localhost ~]# netstat -anpt | grep nginx ###查看nginx服务是否开启
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16429/nginx: master
[root@localhost ~]# killall -s QUIT nginx ###选项-s QUIT等于-3 停止服务
[root@localhost ~]# netstat -anpt | grep nginx
[root@localhost ~]# killall -s HUP nginx ###选项-s HUP等于-1 重新加载
[root@localhost ~]# netstat -anpt | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16488/nginx: master
[root@localhost ~]# vi /etc/init.d/nginx ###制作管理脚本
#!/bin/bash
#chkconfig: 35 20 80
#description: nginx server
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$PROG
;;
stop)
killall -3 $PROG
;;
restart)
$0 stop
$0 start
;;
reload)
killall -1 $PROG
;;
*)
echo "Usage: $0 {start|stop|reload|status}"
exit 1
esac
exit 0
[root@localhost ~]# chmod +x /etc/init.d/nginx
[root@localhost ~]# chkconfig --add nginx
[root@localhost ~]# systemctl start nginx
三、主配置文件分析
全局配置
#user nobody; ##指定用户,默认是匿名用户
worker_processes 1; ##工作进程,实现高并发可以增加值
#error_log logs/error.log; ##错误日志文件
#pid logs/nginx.pid; ##pid文件
I/O事件配置
events { ##一个进程包含多个线程
use epoll; #能显著提高程序在大量并发连接中只有少量活跃的情况下的系统CPU利用率
worker_connections 4096;
}
http配置
http{}:协议层面;server{}:服务层面;location{}:网页站点目录层面
http {
access_log logs/access.log main;
sendfile on; ##发送邮件
keepalive timeout 65; ##连接超时时间
server {
listen 80;
server_name localhost; ##域名
charset utf-8; ##字符集
location / {
root html; ##网页站点目录名称
index index.html index.php; } ##主页的相对路径
error_page 500 502 503 504 /50x.html; ##提示错误页面(500是服务器出错)
location = /50x.html {
root html; }
}
}
四、Nginx的访问状态统计
[root@localhost ~]# vi /usr/local/nginx/conf/nginx.conf
user nginx nginx ###修改#user nobody为user nginx nginx
error_log logs/error.log info ###去除#号
events {
use epoll; ###新增此行,默认使用select/poll
worker_connections 1024; ###表示一个工作进程允许1024个连接
}
location ~ /status { ###配置统计功能
stub_status on;
access_log off;
} ###在server模块里的error_page上面增加
[root@localhost ~]# nginx -t ###检查一下配置文件
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# nginx -V ###查看版本号及开启的模块
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
[root@localhost ~]# systemctl start nginx ###开启nginx服务
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0 ###关闭防火墙和核心防护
验证,访问192.168.247.160/status
nginx status 详解
active connections:活跃的连接数量;
server accepts handled requests:总共处理n个连接,成功创建n次握手,共处理n个请求;
reading:读取客户端的连接数;
writing:响应数据到客户端的数量;
waiting:开启keep-alive的情况下,这个值等于active-(reading+writing),意思就是Nginx已经处理完正在等候下一次指令的驻留地址。
五、nginx设置访问用户功能
修改配置文件
[root@localhost ~]# yum -y install httpd-tools ###安装需要的工具
[root@localhost ~]# htpasswd -c /usr/local/nginx/passwd.db lili ###创建访问用户
New password:
Re-type new password:
Adding password for user lili
[root@localhost ~]# vi /usr/local/nginx/conf/nginx.conf
location / {
root html;
index index.html index.htm;
allow 192.168.247.160/24; ###允许本机访问
#deny all; ###拒绝所有,会导致全部无法访问
auth_basic "secret"; ###验证方式为密码验证
auth_basic_user_file /usr/local/nginx/passwd.db; ###密码所在文件
}
[root@localhost ~]# nginx -t ###验证配置文件是否有错
nginx: [warn] low address bits of 192.168.247.160/24 are meaningless in /usr/local/nginx/conf/nginx.conf:48
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# systemctl restart nginx ###重启服务
验证,访问本地
输入lili和密码
进入网页
六、虚拟主机配置
6.1 基于域名
建立网页测试文件
[root@client1 ~]# mkdir -p /var/www/web1/index.html
[root@client1 ~]# mkdir -p /var/www/web2/index.html
[root@client1 ~]# echo "web1" > /var/www/web1/index.html
[root@client1 ~]# echo "web2" > /var/www/web2/index.html
修改配置文件
vi /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.aa.com;
charset utf-8;
location / {
root /var/www/web1;
index index.html index.htm;
}
}
server { #添加一个server模块
listen 80;
server_name www.ab.com;
charset utf-8;
location / {
root /var/www/web2;
index index.html index.htm;
}
}
[root@localhost ~]# nginx -t ###检查语法
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# systemctl restart nginx ###重启nginx服务
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# vi /etc/hosts ###增加映射
192.168.247.160 www.aa.com www.ab.com
验证(可能需要重启主机)
分别访问www.aa.com、www.ab.com
4.2 基于IP
新增一张网卡,添加网卡配置文件
修改配置文件
[root@www ~]# vi /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.247.160:80; ###修改IP地址
server_name www.aa.com;
charset utf-8;
#access_log logs/aa.access.log main;
location / {
root /var/www/web1;
index index.html index.htm;
}
}
server {
listen 192.168.247.166:80; ###修改IP地址
server_name www.aa.com;
charset utf-8;
#access_log logs/aa.access.log main;
location / {
root /var/www/web2;
index index.html index.htm;
}
}
[root@www ~]# nginx -t ###检查语法
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@www ~]# systemctl restart nginx
[root@www ~]# vi /etc/hosts
192.168.73.40 www.aa.com
192.168.73.134 www.aa.com
验证,分别访问192.168.247.160,192.168.247.166
4.3 基于端口
[root@www ~]# vi /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.247.160:80; ###更改端口号
server_name www.aa.com;
charset utf-8;
#access_log logs/aa.access.log main;
location / {
root /var/www/web1;
index index.html index.htm;
}
}
server {
listen 192.168.247.160:8080; ###更改端口号
server_name www.aa.com;
charset utf-8;
#access_log logs/aa.access.log main;
location / {
root /var/www/web2;
index index.html index.htm;
}
}
[root@www ~]# systemctl restart nginx
验证,分别访问192.168.247.160、192.168.247.160:8080