Nginx实现动静分离
简介
反向代理与负载均衡
nginx通常被用作后端服务器的反向代理,这样就可以很方便的实现动静分离以及负载均衡,从而大大提高服务器的处理能力。
nginx实现动静分离,其实就是在反向代理的时候,如果是静态资源,就直接从nginx发布的路径去读取,而不需要从后台服务器获取了。
但是要注意,这种情况下需要保证后端跟前端的程序保持一致,可以使用Rsync做服务端自动同步或者使用NFS、MFS分布式共享存储。
Http Proxy模块,功能很多,最常用的是proxy_pass和proxy_cache
如果要使用proxy_cache,需要集成第三方的ngx_cache_purge模块,用来清除指定的URL缓存。这个集成需要在安装nginx的时候去做,如:
./configure --add-module=…/ngx_cache_purge-1.0 …
192.168.197.131 | nginx |
---|---|
192.168.197.128 | lnmp |
192.168.197.132 | httpd |
部署LNMP
[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz php-8.0.10.tar.gz
kernels nginx-1.20.1.tar.gz
解压
[root@localhost src]# tar xf nginx-1.20.1.tar.gz -C /usr/local/
[root@localhost src]# tar xf mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@localhost src]# tar xf php-8.0.10.tar.gz -C /usr/local/
关闭防火墙
[root@localhost ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/sysconfig/selinux
[root@localhost ~]# setenforce 0
nginx安装
创建系统用户nginx
[root@localhost ~]# useradd -r -M -s /sbin/nologin nginx
安装依赖环境
[root@localhost ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++
[root@localhost ~]# yum -y groups mark install 'Development Tools'
创建日志存放目录
[root@localhost ~]# mkdir -p /var/log/nginx
[root@localhost ~]# chown -R nginx.nginx /var/log/nginx
编译安装
[root@localhost ~]# mv /usr/local/nginx-1.20.1 /usr/local/nginx
[root@localhost ~]# cd /usr/local/nginx
[root@localhost nginx]# ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log && make && make install
配置环境变量
[root@localhost ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@localhost ~]# . /etc/profile.d/nginx.sh
mysql安装
创建MySQL用户
[root@localhost ~]# useradd -r -M -s /sbin/nologin mysql
下载依赖包
[root@localhost ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
创建软连接
[root@localhost local]# ln -sv mysql-5.7.34-linux-glibc2.12-x86_64/ mysql
'mysql' -> 'mysql-5.7.34-linux-glibc2.12-x86_64/'
修改目录/usr/local/mysql的属主属组
[root@localhost local]# chown -R mysql.mysql /usr/local/mysql
添加环境变量
[root@localhost local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@localhost local]# . /etc/profile.d/mysql.sh
[root@localhost local]# echo $PATH
/usr/local/mysql/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
创建数据存放目录
[root@localhost ~]# mkdir /opt/data
[root@localhost ~]# chown -R mysql.mysql /opt/data/
初始化数据存放目录
[root@localhost local]# mysqld --initialize-insecure --user mysql --datadir /opt/data
2021-10-26T08:44:19.180331Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2021-10-26T08:44:21.232317Z 0 [Warning] InnoDB: New log files created, LSN=45790
2021-10-26T08:44:21.505523Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2021-10-26T08:44:21.586577Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: ea22dfe8-3638-11ec-b1de-000c29e0e7fa.
2021-10-26T08:44:21.587932Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2021-10-26T08:44:22.801564Z 0 [Warning] CA certificate ca.pem is self signed.
2021-10-26T08:44:23.031816Z 1 [Warning] root@Dynamic is created with an empty password ! Please consider switching off the --initialize-insecure option.
配置mysql
[root@localhost ~]# ln -sv /usr/local/mysql/include/ /usr/local/include/mysql
'/usr/local/include/mysql' -> '/usr/local/mysql/include/'
[root@localhost ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
[root@localhost ~]# ldconfig
生成配置文件
[root@localhost ~]# vim /etc/my.cnf
[root@localhost ~]# cat /etc/my.cnf
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
配置服务启动脚本
[root@localhost ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@localhost ~]# sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
[root@localhost ~]# sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
启动
[root@localhost ~]# service mysqld start
Starting MySQL.Logging to '/opt/data/Dynamic.localdomain.err'.
. SUCCESS!
PHP安装
下载依赖包
[root@localhost ~]# yum -y install sqlite-devel libzip-devel libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel
[root@localhost ~]# yum -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
[root@localhost]# cd /usr/local/php-8.0.10/
[root@localhost php-8.0.10]# ./configure --prefix=/usr/local/php8 \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--with-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix
[root@localhost php-8.0.10]# make && make install
安装后配置
[root@localhost php-8.0.10]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php.sh
[root@localhost php-8.0.10]# source /etc/profile.d/php.sh
[root@localhost php-8.0.10]# which php
/usr/local/php8/bin/php
[root@localhost ~]# php -v
PHP 8.0.10 (cli) (built: Oct 26 2021 05:08:01) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.10, Copyright (c) Zend Technologies
配置php-fpm
[root@localhost php-8.0.10]# cp -f /usr/local/php-8.0.10/php.ini-production /etc/php.ini
[root@localhost php-8.0.10]# cp /usr/local/php-8.0.10/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm -f
[root@localhost php-8.0.10]# chmod +x /etc/init.d/php-fpm
[root@localhost php-8.0.10]# cp -f /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@localhost php-8.0.10]# cp -f /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf
[root@localhost ~]# service php-fpm start
Starting php-fpm done
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
nginx配置
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
·····此处省略·····
location / {
root html;
index index.php index.html index.htm; ##添加index。php
}
location ~ \.php$ {
root /usr/local/nginx/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root $fastcgi_script_name;
include fastcgi_params;
}
[root@localhost ~]# cd /usr/local/nginx/html/
[root@localhost html]# echo "<?php phpinfo(); ?>" >> index.php
[root@localhost html]# cat index.php
<?php phpinfo(); ?>
php配置
[root@localhost ~]# vim /usr/local/php8/etc/php-fpm.d/www.conf
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = nginx ##改为nginx用户
group = nginx ##改为nginx组
重启所有服务
[root@localhost ~]# nginx -s stop
[root@localhost ~]# nginx
[root@localhost ~]# service mysqld restart
Shutting down MySQL.. SUCCESS!
Starting MySQL. SUCCESS!
[root@localhost ~]# service php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
部署httpd
[root@localhost soft]# yum groups mark install 'Development Tools'
# 创建用户
[root@localhost soft]# useradd -r -M -s /sbin/nologin apache
# 安装依赖包
[root@localhost soft]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ make wget
[root@localhost ~]# mkdir /usr/src/soft
[root@localhost ~]# cd /usr/src/soft/
[root@localhost soft]# ls
apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.48.tar.gz
[root@localhost soft]# tar xf apr-1.7.0.tar.gz -C /usr/local/
[root@localhost soft]# tar xf apr-util-1.6.1.tar.gz -C /usr/local/
[root@localhost soft]# tar xf httpd-2.4.48.tar.gz -C /usr/local/
#编译安装apr
[root@localhost soft]# cd /usr/local/apr-1.7.0/
[root@localhost apr-1.7.0]# vi configure
31879 trap "$RM \"$cfgfile\"; exit 1" 1 2 15
31880 # $RM "$cfgfile" # 注释掉或删除
[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@localhost apr-1.7.0]# make && make install
[root@localhost apr-1.7.0]# cd ../apr-util-1.6.1/
[root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@localhost apr-util-1.6.1]# make && make install
[root@localhost apr-util-1.6.1]# cd ../httpd-2.4.48/
[root@localhost httpd-2.4.48]# ./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork
......
Server Version: 2.4.48
Install prefix: /usr/local/apache
C compiler: gcc
CFLAGS: -g -O2 -pthread
CPPFLAGS: -DLINUX -D_REENTRANT -D_GNU_SOURCE
LDFLAGS:
LIBS:
C preprocessor: gcc -E
[root@localhost httpd-2.4.48]# make && make install
[root@localhost httpd-2.4.48]# echo "export PATH=/usr/local/apache/bin:$PATH" > /etc/profile.d/httpd.sh
[root@localhost httpd-2.4.48]# bash
[root@localhost httpd-2.4.48]# which httpd
/usr/local/apache/bin/httpd
[root@localhost httpd-2.4.48]# sed -i 's/^#ServerName www.example.com:80/ServerName www.example.com:80/' /usr/local/apache/conf/httpd.conf
# 设置开机自启
[root@localhost httpd-2.4.48]# cd /usr/lib/systemd/system/
[root@localhost system]# cp sshd.service httpd.service
[root@localhost system]# vi httpd.service
[Unit]
Description=httpd server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
[Install]
WantedBy=multi-user.target
[root@localhost system]# systemctl daemon-reload
[root@localhost system]# systemctl start httpd
部署Nginx
[root@localhost ~]# useradd -r -M -s /sbin/nologin nginx
安装依赖环境
[root@localhost ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++
[root@localhost ~]# yum -y groups mark install 'Development Tools'
[root@localhost ~]# mkdir -p /var/log/nginx
[root@localhost ~]# chown -R nginx.nginx /var/log/nginx
[root@localhost ~]# cd /usr/src/
[root@localhost src]# wget http://nginx.org/download/nginx-1.12.0.tar.gz
[root@localhost src]# ls
debug kernels nginx-1.12.0.tar.gz
[root@localhost src]# tar xf nginx-1.12.0.tar.gz
[root@localhost src]# cd nginx-1.12.0
[root@localhost nginx-1.12.0]# ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log
[root@localhost nginx-1.12.0]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
配置动静分离
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
upstream Dynamic {
server 192.168.197.128 # 在server段上添加
}
upstream Static {
server 192.168.197.132
}
#location / {
# root html;
# index index.html index.html #将这段添加注释
;
#}
location ~ \.php$ {
proxy_pass http://Dynamic; # 在server段添加
}
location / {
proxy_pass http://Static;
}
[root@localhost ~]# nginx -s reload
访问根目录的时候默认是跳到静态的httpd上
访问动态资源时就自动跳到lnmp上