目录
Nginx
定义
一款高性能、轻量级Web服务软件
- 稳定性高
- 系统资源消耗低
- 对HTTP并发连接的处理能力高
单台物理服务器可支持30000~50000个并发请求
安装并配置Nginx
安装依赖包
[root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel zlib-devel
创建不可登录用户
[root@localhost ~]# useradd -M -s /sbin/nologin nginx
解nginx-1.12.2包
[root@localhost ~]# tar zxvf nginx-1.12.2.tar.gz -C /opt/
进入nginx目录,配置文件,编译安装
[root@localhost ~]# cd /opt/nginx-1.12.2/
[root@localhost nginx-1.12.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
[root@localhost ~]# make && make install
创建软连接
[root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
检查配置文件
[root@localhost ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
语法正确
启动服务
[root@localhost ~]# nginx
附:
[root@localhost ~]# killall -1 nginx //安全重启
[root@localhost ~]# killall -3 nginx //停止服务
制作管理脚本
[root@localhost ~]# vim /etc/init.d/nginx
#!/bin/bash
#chkconfig: 35 80 20
#description: Nginx HTTP Server
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$PROG
;;
stop)
kill -s QUIT $(cat $PIDF)
;;
reload)
kill -s HUP $(cat $PIDF)
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit 0
脚本赋权
[root@localhost ~]# chmod +x /etc/init.d/nginx
服务开启并查看
[root@localhost ~]# chkconfig --add nginx
[root@localhost ~]# chkconfig --list
nginx选项3、5开启,服务开启成功
创建软连接,方便默认路径下执行
[root@localhost ~]# ln -s /usr/local/nginx/conf/nginx.conf /etc/
修改配置文件
[root@localhost ~]# vi /etc/nginx.conf
#user nobody
修改为
user nginx nginx //运行用户名 运行组名
worker_processes 1; //错误日志记录数
events {
use epoll; //添加,支持高并发
worker_connections 4096; //并发连接数
}
......
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
//井号注释去掉
注:如有多台虚拟主机,需添加多台server模块
server {
listen 80;
server_name localhost;
#charset utf-8;默认站点,中文则修改为utf-8
#access_log logs/aa.com.access.log main;
location / {
root html;
index index.html index.htm;
}
检查语法,并修改数值
[root@localhost ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# ulimit -n
1024
[root@localhost ~]# ulimit -n 65535 >> /etc/rc.local
[root@localhost ~]# ulimit -n
65535
开启并配置统计模块功能
[root@localhost ~]# vi /etc/nginx.conf
location / {
root html;
index index.html index.htm;
}
location ~ /status { //添加内容
stub_status on; //功能开启
access_log off; //不记录日志
}
服务重启
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# systemctl start nginx
网页查看验证
注:
- active connections -活跃的连接数量
- server accepts handled requests 一总共处理了n个连接,成功创建n次握手,总共处理了n个请求
- reading 一读取客户端的连接数.writing 一响应数据到客户端的数量
- waiting一开启keep-alive的情况下,这个值等于active-(reading+writing),意思就是Nginx已经处理完正在等候下一次请求指令的驻留连接.
配置Nginx验证功能
安装验证工具
[root@localhost ~]# yum -y install httpd-tools
建立设置用户密码
[root@localhost ~]# htpasswd -c /usr/local/nginx/passwd.db jack
New password:
Re-type new password:
Adding password for user jack
设置权限
[root@localhost ~]# chown nginx /usr/local/nginx/passwd.db
[root@localhost ~]# chmod 400 /usr/local/nginx/passwd.db
配置文件
[root@localhost ~]# vi /etc/nginx.conf
location / {
root html;
index index.html index.htm;
auth_basic "secret"; //添加
auth_basic_user_file /usr/local/nginx/passwd.db; //添加
}
重启服务
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# systemctl start nginx
验证
限制用户登录,重启服务
[root@localhost ~]# vi /etc/nginx.conf
location / {
root html;
index index.html index.htm;
deny 192.168.100.0/24;
allow all;
auth_basic "secret";
auth_basic_user_file /usr/local/nginx/passwd.db;
}
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# systemctl start nginx
验证无法登录
建立并配置虚拟主机
方法一:基于域名
修改配置文件
//修改
server {
listen 80;
server_name www.aa.com;
//修改
location / {
root /var/www/bb;
index index.html index.htm;
deny 192.168.100.0/24;
allow all;
auth_basic "secret";
auth_basic_user_file /usr/local/nginx/passwd.db;
}
//添加
server {
listen 80;
server_name www.bb.com;
charset utf-8;
access_log logs/ab.com.access.log;
location / {
root /var/www/ab;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
创建目录
[root@localhost ~]# echo "<h1>this is bb</h1>" > /var/www/bb/index.html
[root@localhost ~]# echo "<h1>this is ab</h1>" > /var/www/ab/index.html
添加映射
[root@localhost ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.10 www.bb.com www.ab.com //添加映射
验证
[root@localhost ~]# curl http://www.bb.com
<h1>this is bb</h1>
[root@localhost ~]# curl http://www.ab.com
<h1>this is ab</h1>
方法二:基于IP地址
创建虚拟ip地址
[root@localhost ~]# ifconfig ens33:1 192.168.1.11/24
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::870e:e0eb:22d0:5b16 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:e7:68:34 txqueuelen 1000 (Ethernet)
RX packets 13889 bytes 2221446 (2.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8617 bytes 1166204 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
ether 00:0c:29:e7:68:34 txqueuelen 1000 (Ethernet)
配置文件并重启服务
[root@localhost ~]# vi /etc/nginx.conf
//修改
server {
listen 192.168.100.10:80;
//修改
server {
listen 192.168.1.11:80;
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# systemctl start nginx
验证
[root@localhost ~]# curl http://192.168.100.10
<h1>this is bb</h1>
[root@localhost ~]# curl http://192.168.1.11
<h1>this is ab</h1>
方法三:基于端口
配置文件并重启服务
[root@localhost ~]# vi /etc/nginx.conf
server {
listen 192.168.1.11:8080; //修改第二个server端口为8080
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# systemctl start nginx
验证
[root@localhost ~]# curl http://192.168.100.10
<h1>this is bb</h1>
[root@localhost ~]# curl http://192.168.1.11:8080
<h1>this is ab</h1>
注:进行下面项目需删除配置文件中所添加的第二个server