Nginx 介绍
l Nginx是俄罗斯人编写的十分轻量级的HTTP服务器 l 高性能的HTTP和反向代理服务器,同时也代理IMAP/POP3/SMTP服务器 l Nginx 发布以来,Nginx 已经因为它的稳定性、丰富的功能集、示例配置文件和低系统资源的消耗而闻名 l Nginx专为性能优化而开发,性能是其最重要的考量,实现上非常注重效率. l 能经受高负载的考验,有报告表明能支持高达 50,000个并发连接数. l Nginx具有很高的稳定性,其它HTTP服务器当遇到访问的峰值,或者有人恶意发起慢速连接时,也很可能会导致服务器物理内存耗尽频繁交换,失去响应只能重启服务器. l 成本低廉 购买F5 Big-IP NetScaler硬件负载均衡交换机几十万
Nginx基于BSD开源协议 免费的、可商用
l 支持rewrite重写规则 能够根据域名、URL的不同 将HTTP请求分发到不同的后端服务器群组
l 内置的健康检查功能 如果Nginx Proxy后端的某Web服务器宕机了,不会影响前端访问
节省带宽
l 支持GZIP压缩 可以添加浏览本地缓存的Header头
l 稳定性高 使用反向代理、几乎不会宕机
l 支持热部署 不断服务 进行更新
Nginx的安装
仍然是采用最新源代码方式安装
nginx的安装
安装前的准备
# useradd -r -M nginx
解包
# tar zxf nginx-1.4.4.tar.gz
# ./configure --help
# ./configure --prefix=/usr/local --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --with-poll_module --with-pcre
./configure: error: the HTTP rewrite module requires the PCRE library.
缺少pcre库文件
# yum -y install pcre-devel
再继续配置
# ./configure --prefix=/usr/local --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --with-poll_module --with-pcre
./configure: error: SSL modules require the OpenSSL library.
# yum -y install openssl-devel
再继续配置
# ./configure --prefix=/usr/local --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --with-poll_module --with-pcre
编译安装
# make && make install
启动服务进行测试
# /usr/sbin/nginx
# ps -ef | grep nginx
root 12052 1 0 19:49 ? 00:00:00 nginx: master process /usr/sbin/nginx
nginx 12053 12052 0 19:49 ? 00:00:00 nginx: worker process
root 12055 7380 0 19:49 pts/1 00:00:00 grep nginx
浏览器中输入http://192.168.32.128/
停止服务
# killall -9 nginx
重启
# pkill -1 nginx
配置相关的选项
# cat /etc/nginx/nginx.conf | grep -v "#" | grep -v "^$"
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
nginx常见的应用场景
1.使用虚拟目录访问站点
# mkdir /myweb
在配置中添加以下的项
location /web {
alias /myweb;
index index.html index.htm;
}
输入http://192.168.32.128/web/测试
2.基于IP的虚拟主机
# ifconfig eth0:1 192.168.32.140 netmask 255.255.255.0 up
# mkdir /aaa /bbb
# cat /aaa/index.html
<html>
<head><title>Tile</title></head>
<body>
<h1 style="font-size:80px;color:#FF0000">aaaa</h1>
</body>
</html>
# cat /bbb/index.html
<html>
<head><title>Tile</title></head>
<body>
<h1 style="font-size:80px;color:#FF0000">bbbb</h1>
</body>
</html>
修改配置
server {
listen 192.168.32.128:80;
server_name 128.com;
access_log /var/log/128.log;
error_log /var/log/128error.log;
root /aaa;
index index.html index.htm;
}
server {
listen 192.168.32.140:80;
server_name 140.com;
access_log /var/log/140.log;
error_log /var/log/140error.log;
root /aaa;
index index.html index.htm;
}
检查语法:
# nginx -t -c /etc/nginx/nginx.conf
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
重启服务
# pkill -1 nginx
测试
http://192.168.32.128/
http://192.168.32.140/
3.基于域名的虚拟主机
server {
listen 192.168.32.128:80;
server_name www.oracle.com;
access_log /var/log/128.log;
error_log /var/log/128error.log;
root /aaa;
index index.html index.htm;
}
server {
listen 192.168.32.128:80;
server_name www.ibm.com;
access_log /var/log/128.log;
error_log /var/log/128error.log;
root /bbb;
index index.html index.htm;
}
输入:
http://www.oracle.com/
http://www.ibm.com/
安全的连接https
颁发证书
# cd /etc/nginx/
生成私钥
# openssl genrsa -out key.pem 2048
颁发公钥
# openssl req -new -x509 -nodes -out server.crt -keyout server.key
配置nginx
server {
listen 443;
server_name www.oracle.com;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
输入:
https://www.oracle.com/
进行访问
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2016-2-25 08:39:30
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡