模块介绍
upstream_check_module
监控Nginx-upstream节点状态,将异常节点提出负载均衡
下载地址:https://github.com/yaoweibin/nginx_upstream_check_module/archive/refs/tags/v0.4.0.tar.gz
nginx-module-vts
监控Nginx各个vhost的通讯状态和统计数据
下载地址:
https://github.com/vozlt/nginx-module-vts/archive/refs/tags/v0.2.2.tar.gz
Nginx
Nginx (engine x) 是一个高性能的HTTP和反向代理web服务器 [13] ,同时也提供了IMAP/POP3/SMTP服务。
下载地址:
http://nginx.org/download/nginx-1.21.0.tar.gz
源码安装
安装依赖
yum -y install wget gcc pcre pcre-devel zlib zlib-devel openssl openssl-devel GeoIP-devel.x86_64 libxml2 libxml2-dev libxslt-devel gd-devel ncurses-devel perl perl-ExtUtils-Embed gperftools ncurses-devel patch
下载安装包
wget http://nginx.org/download/nginx-1.21.0.tar.gz
wget https://github.com/yaoweibin/nginx_upstream_check_module/archive/refs/tags/v0.4.0.tar.gz
wget https://github.com/vozlt/nginx-module-vts/archive/refs/tags/v0.2.2.tar.gz
解压安装包
tar -zxf nginx-1.21.0.tar.gz -C /usr/local/src
tar -zxf v0.2.2.tar.gz -C /usr/local/src
tar -zxf v0.4.0.tar.gz -C /usr/local/src
添加nginx_upstream_check_module模块
cd /usr/local/src/nginx-1.21.0/
patch -p1 < /usr/local/src/nginx_upstream_check_module-0.4.0/check_1.20.1+.patch
编译Nginx
cd /usr/local/src/nginx-1.21.0/
./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --add-module=/usr/local/src/nginx_upstream_check_module-0.4.0 --add-module=/usr/local/src/nginx-module-vts-0.2.2
make&&make install
创建Nginx用户
groupadd nginx&&useradd nginx -g nginx
启动nginx
#后台启动
nginx
#前台启动
nginx -g "daemon off;"
#检查配置文件
nginx -t
Docker安装
下载所需服务包
mkdir /data/nginxdocker/
cd /data/nginxdocker/
wget http://nginx.org/download/nginx-1.21.0.tar.gz
wget https://github.com/yaoweibin/nginx_upstream_check_module/archive/refs/tags/v0.4.0.tar.gz
wget https://github.com/vozlt/nginx-module-vts/archive/refs/tags/v0.2.2.tar.gz
编写启动脚本
vim /data/nginxdocker/run.sh
#!/bin/bash
nginx -g "daemon off;"
编写Dockerfile文件
vim /data/nginxdocker/Dockerfile
FROM hub.v-call.cn/vcall/centos:7
ADD nginx-1.21.0.tar.gz /usr/local/src/
ADD v0.2.2.tar.gz /usr/local/src/
ADD v0.4.0.tar.gz /usr/local/src/
#RUN yum -y update
RUN yum -y install gcc pcre pcre-devel zlib zlib-devel openssl openssl-devel GeoIP-devel.x86_64 libxml2 libxml2-dev libxslt-devel gd-devel ncurses-devel perl perl-ExtUtils-Embed gperftools ncurses-devel&&yum install patch -y
RUN cd /usr/local/src/nginx-1.21.0/&&patch -p1 < /usr/local/src/nginx_upstream_check_module-0.4.0/check_1.20.1+.patch&&./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --add-module=/usr/local/src/nginx_upstream_check_module-0.4.0 --add-module=/usr/local/src/nginx-module-vts-0.2.2&&make&&make install&&groupadd nginx&&useradd nginx -g nginx&&rm -rf /usr/local/src/nginx-1.21.0&&rm -rf /usr/local/src/nginx-module-vts-0.2.2&&rm -rf /usr/local/src/nginx_upstream_check_module-0.4.0&&mkdir /var/cache/nginx/&&yum clean all
copy run.sh /
RUN chmod +x /run.sh
EXPOSE 80 443
ENTRYPOINT ["/run.sh"]
构建镜像
docker build -t nginx:1.21.0.vts.ck .
创建Nginx容器所需配置文件
mkdir /data/nginx/{conf.d,html,log,ssl}
vim /data/nginx/nginx.conf
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 102400;
}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
vhost_traffic_status_zone;
vhost_traffic_status_zone shared:vhost_traffic_status:10m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format cdy '[$time_local]-$remote_addr-$scheme/$server_port-"$request_method"-"$uri"-($status)-$request_time s-$body_bytes_sent(bytes) $upstream_addr-($upstream_status)-$upstream_response_time s 第($connection_requests)次请求'
'body大小:$body_bytes_sent 请求长度:$request_length 发送长度:$bytes_sent';
#limit_conn_zone $binary_remote_addr zone=addr:10m;
access_log /var/log/nginx/access.log cdy;
#access_log off;
sendfile on;
#tcp_nopush on;
proxy_ignore_client_abort on;
keepalive_timeout 120;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
vim /data/nginx/conf.d/default.conf
client_max_body_size 100m;
client_header_timeout 3600s;
client_body_timeout 3600s;
send_timeout 3600s;
proxy_connect_timeout 3600s;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 5;
gzip_types text/plain application/x-javascript application/javascript text/javascript text/css application/xml application/x-httpd-php application/json image/png;
add_header r-Upstream $upstream_addr;
proxy_next_upstream http_503;
upstream upstream_test {
server 192.168.0.158:21002 weight=1 max_fails=2 fail_timeout=10s;
server 192.168.0.159:21002 weight=1 max_fails=2 fail_timeout=10s;
check interval=5000 rise=1 fall=3 timeout=4000 type=http default_down=false;
check_http_send "HEAD /test.jsp HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx http_4xx;
}
server {
listen 80;
listen 443;
server_name www.test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
vhost_traffic_status_filter_by_set_key $status $server_name;
location /vcall-nginx-status {
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
}
location /upstream_status {
check_status;
access_log off;
#allow IP;
#deny all;
}
location /test {
proxy_pass http://upstream_test;
}
编写YML文件
vim /data/nginx/docker-compose-nginx.yml
version: '3'
services:
nginx:
image: nginx:1.21.0.vts.ck
container_name: nginx
restart: always
ports:
- 80:80
volumes:
- /data/nginx/nginx.conf:/etc/nginx/nginx.conf
- /data/nginx/log/:/var/log/nginx
- /data/nginx/conf.d/:/etc/nginx/conf.d
- /data/nginx/ssl/:/ssl
- /data/nginx/html/:/usr/share/nginx/html
environment:
- TZ=Asia/Shanghai
- HOST_UID=$HOST_UID
- HOST_GID=$HOST_GID
logging:
options:
max-size: '100m'
max-file: '10'
启动容器
docker-compose -f docker-compose-nginx.yml up -d
验证服务
静态页面验证
[root@localhost test]# curl 127.0.0.1
hello word
upsteam状态检测验证
127.0.0.1/upstream_status
vhost监控验证
127.0.0.1/vcall-nginx-status