反向代理与负载均衡与动静分离
反向代理与负载均衡
nginx
通常被用作后端服务器的反向代理,这样就可以很方便的实现动静分离以及负载均衡,从而大大提高服务器的处理能力。
nginx
实现动静分离,其实就是在反向代理的时候,如果是静态资源,就直接从nginx
发布的路径去读取,而不需要从后台服务器获取了。
但是要注意,这种情况下需要保证后端跟前端的程序保持一致,可以使用Rsync
做服务端自动同步或者使用NFS
、MFS
分布式共享存储。
Http Proxy`模块,功能很多,最常用的是`proxy_pass`和`proxy_cache
1
如果要使用proxy_cache
,需要集成第三方的ngx_cache_purge
模块,用来清除指定的URL缓存。这个集成需要在安装nginx
的时候去做,如:
./configure --add-module=../ngx_cache_purge-1.0 ......
nginx
通过upstream
模块来实现简单的负载均衡,upstream
需要定义在http
段内
在upstream
段内,定义一个服务器列表,默认的方式是轮询,如果要确定同一个访问者发出的请求总是由同一个后端服务器来处理,可以设置ip_hash,如:
upstream idfsoft.com {
ip_hash;
server 127.0.0.1:9080 weight=5;
server 127.0.0.1:8080 weight=5;
server 127.0.0.1:1111;
}
123456
注意:这个方法本质还是轮询,而且由于客户端的ip可能是不断变化的,比如动态ip,代理,翻墙等,因此ip_hash并不能完全保证同一个客户端总是由同一个服务器来处理。
定义好upstream
后,需要在server
段内添加如下内容:
server {
location / {
proxy_pass http://idfsoft.com;
}
}
部署反向代理与负载均衡
环境说明
主机名 | IP | 服务 |
---|---|---|
nginx | 192.168.129.3 | nginx |
proxy | 192.168.129.33 | nginx |
httpd | 192.168.129.133 | httpd |
注:nginx服务都是源码安装 、httpd为yum安装
nginx安装(3、33主机)
nginx安装两遍:3主机与33主机各安装一遍nginx
//关闭防火墙与SELINUX
[root@nginx ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@nginx ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/sysconfig/selinux
[root@nginx ~]# setenforce 0
//创建用户和组
[root@nginx ~]# useradd -r -M -s /sbin/nologin nginx
//安装依赖、工具、所需包组
[root@nginx ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++
[root@nginx ~]# yum -y groups mark install 'Development Tools'
//创建日志存放目录
[root@nginx ~]# mkdir -p /var/log/nginx
[root@nginx ~]# chown -R nginx.nginx /var/log/nginx
//下载nginx
[root@nginx ~]# cd /usr/src/
[root@nginx src]# wget http://nginx.org/download/nginx-1.20.1.tar.gz
//编译安装
[root@nginx src]# ls
debug kernels nginx-1.20.1.tar.gz
[root@nginx src]# tar xf nginx-1.20.1.tar.gz
[root@nginx src]# cd nginx-1.20.1
[root@nginx nginx-1.20.1]# ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log
[root@nginx nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//配置环境变量
[root@nginx ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@nginx ~]# . /etc/profile.d/nginx.sh
[root@nginx ~]# which nginx
/usr/local/nginx/sbin/nginx
//启动nginx
[root@nginx ~]# nginx
[root@nginx ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
在proxy主机上修改配置
[root@proxy ~]# vim /usr/local/nginx/conf/nginx.conf
......
#gzip on;
#在以下添加这一段
upstream webservers { #配置负载均衡
server 192.168.129.3;
server 192.168.129.133;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / { #配置反向代理
proxy_pass http://webservers;
}
#error_page 404 /404.html;
......
[root@proxy ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@proxy ~]# nginx -s reload
httpd安装(133主机)
[root@httpd ~]# yum -y install httpd
测试
使用proxy主机IP地址访问,并刷新测试
动静分离
动态页面与静态页面区别
静态资源:
可以理解为前端的固定页面,这里面包含HTML、CSS、JS、图片等等,不需要查数据库也不需要程序处理,直接就能够显示的页面,如果想修改内容则必须修改页面,但是访问效率相当高。动态资源:
需要程序处理或者从数据库中读数据,能够根据不同的条件在页面显示不同的数据,内容更新不需要修改页面但是访问速度不及静态页面。
什么是动静分离
- 动静分离是让动态网站里的动态网页根据一定规则把不变的资源和经常变的资源区分开来,动静资源做好了拆分以后,我们就可以根据静态资源的特点将其做缓存操作,这就是网站静态化处理的核心思路
- 动静分离简单的概括是:动态文件与静态文件的分离。
- 伪静态:网站如果想被搜索引擎搜素到,动态页面静态技术freemarker等模版引擎技术
为什么要用动静分离
- 在我们的软件开发中,有些请求是需要后台处理的(如:.jsp,.do等等),有些请求是不需要经过后台处理的(如:css、html、jpg、js等等文件),这些不需要经过后台处理的文件称为静态文件,否则动态文件。因此我们后台处理忽略静态文件。这会有人又说那我后台忽略静态文件不就完了吗。当然这是可以的,但是这样后台的请求次数就明显增多了。在我们对资源的响应速度有要求的时候,我们应该使用这种动静分离的策略去解决。
- 动静分离将网站静态资源(HTML,JavaScript,CSS,img等文件)与后台应用分开部署,提高用户访问静态代码的速度,降低对后台应用访问。这里我们将静态资源放到nginx中,动态资源转发到tomcat服务器中。
- 因此,动态资源转发到tomcat服务器我们就使用到了前面讲到的反向代理了。
部署动静分离
环境说明
主机名 | IP | 服务 |
---|---|---|
lnmp | 192.168.129.135 | lnmp架构 |
proxy | 192.168.129.33 | nginx |
httpd | 192.168.153.133 | httpd |
lnmp(135主机)
- nginx部署
//关闭防火墙与SELINUX
[root@lnmp ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@lnmp ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/sysconfig/selinux
[root@lnmp ~]# setenforce 0
//创建用户和组
[root@lnmp ~]# useradd -r -M -s /sbin/nologin nginx
//安装依赖、工具、所需包组
[root@lnmp ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++
[root@lnmp ~]# yum -y groups mark install 'Development Tools'
//创建日志存放目录
[root@lnmp ~]# mkdir -p /var/log/nginx
[root@lnmp ~]# chown -R nginx.nginx /var/log/nginx
//下载nginx
[root@lnmp ~]# cd /usr/src/
[root@nginx src]# wget http://nginx.org/download/nginx-1.20.1.tar.gz
//编译安装
[root@lnmp src]# ls
debug kernels nginx-1.20.1.tar.gz
[root@lnmp src]# tar xf nginx-1.20.1.tar.gz
[root@lnmp src]# cd nginx-1.20.1
[root@lnmp nginx-1.20.1]# ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log
[root@lnmp nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//配置环境变量
[root@lnmp ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@lnmp ~]# . /etc/profile.d/nginx.sh
[root@lnmp ~]# which nginx
/usr/local/nginx/sbin/nginx
//启动nginx
[root@lnmp ~]# nginx
[root@lnmp ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//创建PHP访问页面
[root@lnmp ~]# cat > /usr/local/nginx/html/index.php <<EOF
<?php
phpinfo();
?>
EOF
//修改nginx配置文件
[root@lnmp ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.php index.html index.htm; #在45行中添加index.php
}
......
#取消location ~ .php$ 大括号前的注释(65~71)行
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; #将/script改为$document_root
include fastcgi_params;
}
//重启nginx服务
[root@lnmp ~]# nginx -s reload
- mysql部署
//创建用户和组
[root@lnmp ~]# useradd -r -M -s /sbin/nologin mysql
//安装依赖包
[root@lnmp ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
//下载二进制格式的mysql软件包
[root@lnmp ~]# cd /usr/src/
[root@lnmp src]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
[root@lnmp src]# ls mysql*
mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
//解压
[root@lnmp src]# tar xf mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@lnmp src]# ls /usr/local/
bin etc games include lib lib64 libexec mysql-5.7.34-linux-glibc2.12-x86_64 nginx sbin share src
//创建软连接
[root@lnmp src]# cd /usr/local/
[root@lnmp local]# ln -s mysql-5.7.34-linux-glibc2.12-x86_64/ mysql
//修改属主属组
[root@lnmp ~]# chown -R mysql.mysql /usr/local/mysql
//添加环境变量
[root@lnmp ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@lnmp ~]# source /etc/profile.d/mysql.sh
[root@lnmp ~]# which mysql
/usr/local/mysql/bin/mysql
//头文件(include)、读取lib
[root@lnmp ~]# ln -s /usr/local/mysql/include/ /usr/local/include/mysql
[root@lnmp ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@lnmp ~]# ldconfig
//创建数据存放目录
[root@lnmp ~]# mkdir -p /opt/data
[root@lnmp ~]# chown -R mysql.mysql /opt/data/
[root@lnmp ~]# ll /opt/data/
总用量 0
//初始化数据库
[root@localhost ~]# /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/ #这种方法初始化完成后是没有密码
2021-10-26T13:44:15.653137Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2021-10-26T13:44:15.802617Z 0 [Warning] InnoDB: New log files created, LSN=45790
2021-10-26T13:44:15.877996Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2021-10-26T13:44:15.934051Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: cf9a66e7-3662-11ec-b2ef-000c29aa87a6.
2021-10-26T13:44:15.935817Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2021-10-26T13:44:16.451993Z 0 [Warning] CA certificate ca.pem is self signed.
2021-10-26T13:44:16.479129Z 1 [Warning] root@lnmp is created with an empty password ! Please consider switching off the --initialize-insecure option.
//生成配置文件
[root@lnmp ~]# cat > /etc/my.cnf <<EOF
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
EOF
//配置service服务启动文件
[root@lnmp ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /usr/local/mysql/support-files/mysql.server
[root@lnmp ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /usr/local/mysql/support-files/mysql.server
[root@lnmp ~]# cat > /usr/lib/systemd/system/mysqld.service <<EOF
[Unit]
Description=Mysqld server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
[Install]
WantedBy=multi-user.target
EOF
//重新加载
[root@lnmp ~]# systemctl daemon-reload
//启动mysql
[root@lnmp ~]# systemctl start mysqld
[root@lnmp ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
//修改密码
[root@lnmp ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.34 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = password('123456');
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
- PHP部署
//安装依赖包
[root@lnmp ~]# yum -y install sqlite-devel libzip-devel libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel
[root@lnmp ~]# yum -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
//下载php软件包并解压
[root@lnmp ~]# cd /usr/src/
[root@lnmp src]# wget https://www.php.net/distributions/php-8.0.10.tar.gz
[root@lnmp src]# tar xf php-8.0.10.tar.gz
//编译及安装
[root@lnmp ~]# cd /usr/src/php-8.0.10
[root@lnmp php-8.0.10]# ./configure --prefix=/usr/local/php8 \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--with-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix
[root@lnmp php-8.0.10]# make && make install
//配置环境变量
[root@lnmp ~]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php.sh
[root@lnmp ~]# source /etc/profile.d/php.sh
[root@lnmp ~]# which php
/usr/local/php8/bin/php
//配置php-fpm文件
[root@lnmp ~] # cd /usr/src/php-8.0.10
[root@lnmp php-8.0.10]# \cp php.ini-production /etc/php.ini
[root@lnmp php-8.0.10]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@lnmp php-8.0.10]# chmod +x /etc/init.d/php-fpm
[root@lnmp php-8.0.10]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@lnmp php-8.0.10]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf
//配置.service服务启动文件
[root@lnmp ~]# cat > /usr/lib/systemd/system/php-fpm.service <<EOF
[Unit]
Description=Php-fpm server daemon
After=network.target
[Service]
Type=forking
ExecStart=service php-fpm start
ExecStop=service php-fpm stop
[Install]
WantedBy=multi-user.target
EOF
//重新加载
[root@lnmp ~]# systemctl daemon-reload
//启动服务
[root@lnmp ~]# systemctl start php-fpm
[root@lnmp ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
proxy(33主机)
//关闭防火墙与SELINUX
[root@proxy ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@proxy ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/sysconfig/selinux
[root@proxy ~]# setenforce 0
//创建用户和组
[root@proxy ~]# useradd -r -M -s /sbin/nologin nginx
//安装依赖、工具、所需包组
[root@proxy ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++
[root@proxy ~]# yum -y groups mark install 'Development Tools'
//创建日志存放目录
[root@proxy ~]# mkdir -p /var/log/nginx
[root@proxy ~]# chown -R nginx.nginx /var/log/nginx
//下载proxy
[root@proxy ~]# cd /usr/src/
[root@nginx src]# wget http://nginx.org/download/nginx-1.20.1.tar.gz
//编译安装
[root@proxy src]# ls
debug kernels nginx-1.20.1.tar.gz
[root@proxy src]# tar xf nginx-1.20.1.tar.gz
[root@proxy src]# cd nginx-1.20.1
[root@proxy nginx-1.20.1]# ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log
[root@proxy nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//配置环境变量
[root@proxy ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@proxy ~]# . /etc/profile.d/nginx.sh
[root@proxy ~]# which nginx
/usr/local/nginx/sbin/nginx
//启动nginx
[root@proxy ~]# nginx
[root@proxy ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
httpd(133主机)
- apache部署
[root@httpd ~]# systemctl disable --now firewalld.service
[root@httpd ~]# sed -i s/SELINUX=enforing/SELINUX=disabled/g /etc/selinux/config
[root@httpd ~]# setenforce 0
//配置源和工具
[root@httpd ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@httpd ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@httpd ~]# curl -0 /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
//安装依赖包
[root@httpd ~]# yum -y install epel-release vim wget openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ make
//安装包组
[root@httpd ~]# yum groups mark install 'Development Tools'
[root@httpd ~]# yum clean all
[root@httpd ~]# yum makecache
//创建apache服务的用户和组
[root@httpd ~]# useradd -r -M -s /sbin/nologin apache
//依赖包apr
[root@httpd ~]# cd /usr/src/
[root@httpd src]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-1.7.0.tar.gz
[root@httpd src]# tar -xf apr-1.7.0.tar.gz
//依赖包apr-util
[root@httpd src]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-util-1.6.1.tar.gz
[root@httpd src]# tar -xf apr-util-1.6.1.tar.gz
//软件包httpd
[root@httpd src]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.49.tar.gz
[root@httpd src]# tar -xf httpd-2.4.49.tar.gz
//查看
[root@httpd src]# ls
apr-1.7.0 apr-util-1.6.1 debug httpd-2.4.49.tar.gz
apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.49 kernels
//删除configure中此行
[root@httpd src]# cd apr-1.7.0
[root@httpd apr-1.7.0]# sed -i '/$RM "$cfgfile"/d' configure\
//安装apr
[root@httpd apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@httpd apr-1.7.0]# make && make install
//安装apr-util
[root@httpd apr-1.7.0]# cd ../apr-util-1.6.1
[root@httpd apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@httpd apr-util-1.6.1]# make && make install
//安装httpd
[root@httpd apr-util-1.6.1]# cd ../httpd-2.4.49
[root@httpd httpd-2.4.49]# ./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork
[root@httpd httpd-2.4.49]# make && make install
//配置环境变量
[root@httpd ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@httpd ~]# source /etc/profile.d/httpd.sh
[root@httpd ~]# which httpd
/usr/local/apache/bin/httpd
//头文件、man帮助
[root@httpd ~]# ln -s /usr/local/apache/include/ /usr/include/httpd
[root@httpd ~]# echo 'MANPATH /usr/local/apache/man' >> /etc/man.config
//取消ServerName前面的注释,避免出现报错
[root@httpd ~]# sed -i '/#ServerName/s/#//g' /usr/local/apache/conf/httpd.conf
[root@httpd ~]# cat > /usr/lib/systemd/system/httpd.service <<EOF
[Unit]
Description=Httpd server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl start
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
EOF
//重新加载
[root@httpd ~]# systemctl daemon-reload
//启动
[root@httpd ~]# systemctl enable --now httpd
[root@httpd ~]# systemctl status httpd
● httpd.service - Httpd server daemon
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-09-24 00:43:27 CST; 4s ago
Process: 153508 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 153524 (httpd)
Tasks: 6 (limit: 11300)
Memory: 5.0M
CGroup: /system.slice/httpd.service
├─153524 /usr/local/apache/bin/httpd -k start
├─153525 /usr/local/apache/bin/httpd -k start
├─153526 /usr/local/apache/bin/httpd -k start
├─153527 /usr/local/apache/bin/httpd -k start
├─153528 /usr/local/apache/bin/httpd -k start
└─153529 /usr/local/apache/bin/httpd -k start
//查看端口
[root@httpd ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:
查看所有服务是否开启
//lnmp主机
[root@lnmp ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
//httpd主机
[root@httpd ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
//proxy主机
[root@proxy ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
修改proxy主机配置文件
[root@proxy ~]# vim /usr/local/nginx/conf/nginx.conf
......
#gzip on;
upstream static {
server 192.168.129.33; #httpd主机的ip
}
upstream dynamic {
server 192.168.129.135; #lnmp主机的ip
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://static; #访问静态资源会自动跳转到进行访问
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
location ~ \.php$ {
proxy_pass http://dynamic; #访问动态资源会自动跳转到进行访问
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
......
[root@proxy ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@proxy ~]#
[root@proxy ~]# nginx -s reload
测试
使用proxy主机IP地址访问测试
-
访问静态资源
-
访问动态资源