两台server: 注意这里没有防火墙规则,防火墙和selinux 都是关闭状态!!
1. 192.168.10.118 做转发;
2. 192.168.10.145 是web server;
安装nginx,注意编译安装或yum安装都要加载模块 :--with-http_realip_module ,完整的例子:
./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre --with-file-aio --with-http_image_filter_module --with-stream --with-http_realip_module
make -j$physical && make install
mkdir -p /var/tmp/nginx/client
mkdir -p /etc/nginx/vhosts
\cp -rf ../nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
/etc/init.d/nginx start
netstat -antlp |grep nginx
---------------------------------------------------
完整的目录文件结构:
[root@haproxycentos1 nginx_zf]# ls
conf nginx nginx.sh work
conf里是配置文件示例,不是必须的;nginx是启动脚本; nginx.sh 是安装脚本,运行脚本必须; work是存放依赖包的目录-也不是必须,没有的话,会去网上下载;
完整的安装脚本:
[root@haproxycentos1 nginx_zf]# cat nginx.sh
#!/bin/sh
clear
physical=`cat /proc/cpuinfo |grep "processor" | wc -l`
platform=`uname -i`
#nginx 编译图像处理模块及PHP需要
yum install -y gd-devel libxml2 libxml2-devel curl-devel gcc gcc-c++ make
yum -y install pam-devel openssl-devel make
groupadd -r -g 110 nginx #添加一个nginx组为系统组
useradd -r -u 110 -g 110 nginx #添加一个用户为系统用户 专门管理nginx
cd work
if [ ! -f pcre-8.37.tar.gz ];then
echo -e "pcre-8.37.tar.gz [\031[32;1mnot found!\033[0m]"
exit 1
fi
tar -zxvf pcre-8.37.tar.gz
cd pcre-8.*
./configure
make -j$physical && make install
cd ..
rm -rf pcre-8.37
if [ $platform = "x86_64" ]; then
cp /usr/local/lib/libpcre.so.1 /lib64
else
cp /usr/local/lib/libpcre.so.1 /lib
fi
#iconv 安装
#wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
if [ ! -f pcre-8.37.tar.gz ];then
if ! wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz;then
echo -e "libiconv-1.14.tar.gz [\031[32;1m download fail!\033[0m]"
exit 1
fi
fi
tar zxvf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv
make -j$physical && make install
cd ..
rm -rf libiconv-1.14
if [ ! -f nginx-1.11.7.tar.gz ];then
if ! wget http://nginx.org/download/nginx-1.11.7.tar.gz -O nginx-1.11.7.tar.gz;then
echo -e "nginx-1.11.7.tar.gz [\031[32;1m download fail!\033[0m]"
exit 1
fi
fi
#编译nginx
tar zxvf nginx-1.11.7.tar.gz;
cd nginx-1.*
./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre --with-file-aio --with-http_image_filter_module --with-stream --with-http_realip_module
make -j$physical && make install
cd ..
rm -rf nginx-1.11.7
mkdir -p /var/tmp/nginx/client
mkdir -p /etc/nginx/vhosts
\cp -rf ../nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
/etc/init.d/nginx start
netstat -antlp |grep nginx
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
service iptables save
service iptables restart
nginx的启动脚本:
[root@haproxycentos1 nginx_zf]# cat nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=http://my.oschina.net/kcw/blog/`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
1. 192.168.10.118 做转发;
2. 192.168.10.145 是web server;
安装nginx,注意编译安装或yum安装都要加载模块 :--with-http_realip_module ,完整的例子:
./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre --with-file-aio --with-http_image_filter_module --with-stream --with-http_realip_module
make -j$physical && make install
mkdir -p /var/tmp/nginx/client
mkdir -p /etc/nginx/vhosts
\cp -rf ../nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
/etc/init.d/nginx start
netstat -antlp |grep nginx
---------------------------------------------------
完整的目录文件结构:
[root@haproxycentos1 nginx_zf]# ls
conf nginx nginx.sh work
conf里是配置文件示例,不是必须的;nginx是启动脚本; nginx.sh 是安装脚本,运行脚本必须; work是存放依赖包的目录-也不是必须,没有的话,会去网上下载;
完整的安装脚本:
[root@haproxycentos1 nginx_zf]# cat nginx.sh
#!/bin/sh
clear
physical=`cat /proc/cpuinfo |grep "processor" | wc -l`
platform=`uname -i`
#nginx 编译图像处理模块及PHP需要
yum install -y gd-devel libxml2 libxml2-devel curl-devel gcc gcc-c++ make
yum -y install pam-devel openssl-devel make
groupadd -r -g 110 nginx #添加一个nginx组为系统组
useradd -r -u 110 -g 110 nginx #添加一个用户为系统用户 专门管理nginx
cd work
if [ ! -f pcre-8.37.tar.gz ];then
echo -e "pcre-8.37.tar.gz [\031[32;1mnot found!\033[0m]"
exit 1
fi
tar -zxvf pcre-8.37.tar.gz
cd pcre-8.*
./configure
make -j$physical && make install
cd ..
rm -rf pcre-8.37
if [ $platform = "x86_64" ]; then
cp /usr/local/lib/libpcre.so.1 /lib64
else
cp /usr/local/lib/libpcre.so.1 /lib
fi
#iconv 安装
#wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz
if [ ! -f pcre-8.37.tar.gz ];then
if ! wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz;then
echo -e "libiconv-1.14.tar.gz [\031[32;1m download fail!\033[0m]"
exit 1
fi
fi
tar zxvf libiconv-1.14.tar.gz
cd libiconv-1.14
./configure --prefix=/usr/local/libiconv
make -j$physical && make install
cd ..
rm -rf libiconv-1.14
if [ ! -f nginx-1.11.7.tar.gz ];then
if ! wget http://nginx.org/download/nginx-1.11.7.tar.gz -O nginx-1.11.7.tar.gz;then
echo -e "nginx-1.11.7.tar.gz [\031[32;1m download fail!\033[0m]"
exit 1
fi
fi
#编译nginx
tar zxvf nginx-1.11.7.tar.gz;
cd nginx-1.*
./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre --with-file-aio --with-http_image_filter_module --with-stream --with-http_realip_module
make -j$physical && make install
cd ..
rm -rf nginx-1.11.7
mkdir -p /var/tmp/nginx/client
mkdir -p /etc/nginx/vhosts
\cp -rf ../nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
/etc/init.d/nginx start
netstat -antlp |grep nginx
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
service iptables save
service iptables restart
nginx的启动脚本:
[root@haproxycentos1 nginx_zf]# cat nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
make_dirs() {
# make required directories
user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
options=`$nginx -V 2>&1 | grep 'configure arguments:'`
for opt in $options; do
if [ `echo $opt | grep '.*-temp-path'` ]; then
value=http://my.oschina.net/kcw/blog/`echo $opt | cut -d "=" -f 2`
if [ ! -d "$value" ]; then
# echo "creating" $value
mkdir -p $value && chown -R $user $value
fi
fi
done
}
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
make_dirs
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2