第一章nginx
安装软件
yum install -y gcc gcc-c++ autoconf pcre pcre-devel make automake wget httpd-tools vim tree
nginx功能
1.web服务器 (http请求 http响应)
2.nginx负载均衡
3.nginx缓存
nginx网站服务软件功能作用
支持网站页面请求处理功能
支持反向代理负载均衡功能
支持前端业务数据缓存功能
nginx和apache的区别
image.png
nginx网站服务软件有时特点(与apache对比)
apache 网站服务处理用户请求方法:
select 模型 便利方式处理用户请求
nginx 网站服务处理用户请求方法:
epoll 模型 精准方式处理用户请求
第二章编译安装nginx
官网http://nginx.org/en/download.html
配置官方源
[10:35 root@web01 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
检查是否配置成功
[10:41 root@web01 ~]# yum list nginx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Installed Packages
nginx.x86_64 1:1.16.0-1.el7.ngx @nginx-stabl
查看软件包内容
[10:42 root@web01 ~]# rpm -ql nginx
/etc/logrotate.d/nginx
/etc/nginx #跟nginx有关的配置文件
/etc/nginx/conf.d #nginx主配置文件(最主要的)
/etc/nginx/conf.d/default.conf #与conf.d类似
/etc/nginx/fastcgi_params
/etc/nginx/koi-utf
/etc/nginx/koi-win
/etc/nginx/mime.types #媒体类型
/etc/nginx/modules
/etc/nginx/nginx.conf
/etc/nginx/scgi_params
/etc/nginx/uwsgi_params
/etc/nginx/win-utf
/etc/sysconfig/nginx #systemctl 管理nginx的使用的文件
/usr/lib/systemd/system/nginx.service #systemctl 管理nginx(开 关 重启 reload) 配置文件
/usr/sbin/nginx #nginx的命令
/usr/sbin/nginx-debug #调试
/usr/share/nginx
/usr/share/nginx/html #站点目录 网站的根目录 www.linuxcx.cn/lcx.jpg
/usr/share/nginx/html/50x.html
/usr/share/nginx/html/index.html
/var/cache/nginx
/var/log/nginx #nginx日志 access.log(核心访问日志)
查看nginx版本方法
[10:49 root@web01 ~]# nginx -v \\小v 查看版本
nginx version: nginx/1.16.0
[10:49 root@web01 ~]# nginx -V \\查看编译安装的命令
nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
启动nginx服务并设置开机自启动,查看进程
[10:51 root@web01 ~]# systemctl start nginx
[10:51 root@web01 ~]# ps -ef|grep nginx
root 8598 1 0 00:53 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 8599 8598 0 00:53 ? 00:00:00 nginx: worker process
root 10711 10118 0 10:51 pts/0 00:00:00 grep --color=auto nginx
nginx命令
systemctl start nginx ===== nginx 开启
systemctl reload nginx ===== nginx -s reload 平滑重启
systemctl stop nginx ===== ngnx -s stop 关闭
nginx -t 检查语法
nginx -h 查看帮助
服务配置软件
https://www.processon.com/view/link/5cf5e2cae4b0bc8329e71aad
配置文件编写
[11:18 root@web01 ~]# vim /etc/nginx/nginx.conf
user nginx; \\指定nginx进程属于用户nginx
worker_processes 1; \\worker进程数量 所有核心数或x2
error_log /var/log/nginx/error.log warn; \\指定错误日志 warn日志格式 只显示警告信息
pid /var/run/nginx.pid; \\pid进程文件
events { \\events模块(区域)
worker_connections 1024; \\每个进程数最大连接数量
}
http { \\#http区域#
include /etc/nginx/mime.types; \\媒体类型http协议中的文件类型 include(把其他位置的文件加入到这个位置)
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' \\定义了nginx访问日志的格式
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main; \\指定访问日志的位置和使用什么格式
sendfile on; \\开启高效传输模式
#tcp_nopush on;
keepalive_timeout 65; \\超时时间
#gzip on;
include /etc/nginx/conf.d/*.conf; \\#指定的服务配置文件(接下文)
}
虚拟主机的配置
认识
1个虚拟主机 相当于是1个网站
Nginx多个server标签
不同虚拟主机
虚拟主机(必备)
不同的域名不同的网站
不同的虚拟主机
基于域名的虚拟主机(必备)
不同的域名访问不同虚拟主机(网站)
基于端口的虚拟主机
不同的端口访问不同的虚拟主机
正常端口 80 443
网站后台人员 使用特殊端口
基于ip的虚拟主机
基于端口的虚拟主机配置
server {
listen 81;
server_name www.oldboy.com;
location / {
root /usr/share/nginx/html/www;
index index.html index.htm;
}
}
server {
listen 82;
server_name blog.oldboy.com;
location / {
root /usr/share/nginx/html/blog;
index index.html index.htm;
}
}
}
[10:14 root@web01 ~]# curl http://10.0.0.7
curl: (7) Failed connect to 10.0.0.7:80; Connection refused
[10:14 root@web01 ~]# curl http://10.0.0.7:81
www.oldboy.com
[10:14 root@web01 ~]# curl http://10.0.0.7:82
blog.oldboy.com
基于ip的虚拟主机
server {
listen 10.0.0.9:80;
server_name blog.oldboy.com;
location / {
root /usr/share/nginx/html/blog;
index index.html index.htm;
}
}
###需要添加ip地址
[10:30 root@web01 ~]# ip addr add 10.0.0.9/24 dev eth0 label eth0:1
[10:31 root@web01 ~]# ip a
.....
....
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:68:78:4f brd ff:ff:ff:ff:ff:ff
inet 10.0.0.7/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 10.0.0.9/24 scope global secondary eth0:1
valid_lft forever preferred_lft forever
[10:31 root@web01 ~]# systemctl restart nginx
[10:35 root@web01 ~]# curl 10.0.0.9:80
blog.oldboy.com
[10:38 root@web01 ~]# curl 10.0.0.7
www.oldboy.com
nginx日志文件/var/log/nginx/accrss.log
'$remote_addr 客户端ip地址
$remote_user 远程用户(空)
[$time_local] 时间
"$request" 请求报文的起始行 $request_uri 只取出uri
'$status 状态码
$body_bytes_sent 身体 字节 发送 服务端发给客户端大小(每个文件的大小)
"$http_referer" 记录着用户从哪里跳转过来的
'"$http_user_agent" 用户浏览器
"$http_x_forwarded_for"'; 负载均衡: web服务器用来记录用户真实ip地址
日志格式:
10.0.0.7 - - [05/Jun/2019:11:06:14 +0800] "GET /index.html HTTP/1.1" 200 15 "-" "curl/7.29.0" "-"
ip访问量
awk '{print $1}' /var/log/nginx/access.log |sort |uniq -c
在nginx配置文件中添加日志文件
[11:48 root@web01 ~]# vim /etc/nginx/nginx.conf
....
server {
listen 80;
server_name www.oldboy.com;
access_log /var/log/nginx/access_www.log main; \\日志
location / {
root /usr/share/nginx/html/www;
index index.html index.htm;
}
}
server {
listen 80;
server_name blog.oldboy.com;
access_log /var/log/nginx/access_blog.log main; \\日志
location / {
root /usr/share/nginx/html/blog;
index index.html index.htm;
}
}
}
[11:52 root@web01 ~]# systemctl reload nginx.service
[11:52 root@web01 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[11:52 root@web01 ~]# ll /var/log/nginx/access*
-rw-r--r-- 1 root root 0 Jun 5 11:48 /var/log/nginx/access_blog.log
-rw-r----- 1 nginx adm 12983 Jun 5 11:36 /var/log/nginx/access.log
-rw-r--r-- 1 root root 0 Jun 5 11:48 /var/log/nginx/access_www.log
服务配置文件中的server区域
/etc/nginx/conf.d/default.conf
搭建1个网站 虚拟主机
默认每一行都有";"结尾
[11:36 root@web01 ~]# egrep -v '^$|#' /etc/nginx/conf.d/default.conf
server {
listen 80; \\指定监听端口
server_name localhost; \\域名 www.linuxcx.cn
location / {
root /usr/share/nginx/html; \\指定站点目录
index index.html index.htm; \\首页文件(默认展示的文件)
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
配置网站设置域名为www.oldboy.com,并添加hosts解析
[ root@web01 ~]# vim /etc/nginx/nginx.conf
.....
# include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name www.oldboy.com;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
}
##### 为[www.oldboy.com](https://links.jianshu.com/go?to=http%3A%2F%2Fwww.oldboy.com)添加/etc/hosts本地域名解析
[ root@web01 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.local
domain4
::1 localhost localhost.localdomain localhost6 localhost6.local
domain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01 www.oldboy.com \\# 此虚拟机ip为10.0.0.7
172.16.1.8 web02
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.51 db01 db01.etiantian.org
172.16.1.61 m01
查看是否解析成功
[root@web01 /etc/nginx]# ping www.oldboy.com
PING web01 (172.16.1.7) 56(84) bytes of data.
64 bytes from web01 (172.16.1.7): icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from web01 (172.16.1.7): icmp_seq=2 ttl=64 time=0.055 ms
^C
--- web01 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.036/0.045/0.055/0.011 ms
给站点目录的主页写入此网址
[root@web01 /etc/nginx]# echo www.oldboy.com >/usr/share/nginx/html/index.html
[root@web01 /etc/nginx]#
[root@web01 /etc/nginx]# curl www.oldboy.com
www.oldboy.com
nginx和php的联系
[root@web01 ~]# cat /etc/nginx/conf.d/02-blog.conf
server {
listen 80;
server_name blog.oldboy.com;
access_log /var/log/nginx/access_blog.log main;
root /usr/share/nginx/html/blog;
location / {
index index.php index.html index.htm;
}
location ~* \.(php|php5)$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
fastcgi_pass 127.0.0.1:9000; 通过php(9000端口)静态的资源自己处理 动态的通过fastcgi_pass给中介(fastcgi)
fastcgi_index index.php; 站点目录
fastcgi_param
SCRIPT_FILENAME 脚本名字
document_root 网站站点目录
fastcgi_script_name 请求连接的URI
nginx状态模块及权限控制,添加status.conf文件
[12:22 root@web01 /etc/nginx]# cat conf.d/status.conf
server {
listen 80;
server_name status.oldboy.com;
stub_status on;
access_log off;
}
[12:22 root@web01 /etc/nginx]# ll conf.d/
total 16
-rw-r--r-- 1 root root 233 Jun 5 12:04 01-www.conf
-rw-r--r-- 1 root root 254 Jun 5 12:04 02-blog.conf
-rw-r--r-- 1 root root 488 Apr 23 22:34 default.conf.gz
-rw-r--r-- 1 root root 90 Jun 5 12:21 status.conf
[12:26 root@web01 /etc/nginx]# systemctl restart nginx
[12:26 root@web01 /etc/nginx]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[12:26 root@web01 /etc/nginx]# curl status.oldboy.com
Active connections: 1
server accepts handled requests
1 1 1
Reading: 0 Writing: 1 Waiting: 0
添加allow允许网段
[12:36 root@web01 /etc/nginx]# vim conf.d/status.conf
server {
listen 80;
server_name status.oldboy.com;
stub_status on;
access_log off;
allow 172.16.1.0/24; \\添加允许网段
deny all; \\除了172网段其他的全部拒绝
}
[12:37 root@web01 /etc/nginx]# nginx -t
nginx: [emerg] unexpected "}" in /etc/nginx/conf.d/status.conf:8
nginx: configuration file /etc/nginx/nginx.conf test failed
[12:37 root@web01 /etc/nginx]# systemctl reload nginx
[12:37 root@web01 /etc/nginx]# curl status.oldboy.com
Active connections: 1
server accepts handled requests
7 7 7
Reading: 0 Writing: 1 Waiting: 0
重启服务后状态归零
[08:46 root@web01 ~]# systemctl reload nginx
[08:46 root@web01 ~]# curl -H Host:status.oldboy.com 172.16.1.7
Active connections: 1
server accepts handled requests
22 22 22
Reading: 0 Writing: 1 Waiting: 0
[08:46 root@web01 ~]# systemctl restart nginx
[08:46 root@web01 ~]# curl -H Host:status.oldboy.com 172.16.1.7
Active connections: 1
server accepts handled requests
1 1 1
Reading: 0 Writing: 1 Waiting: 0
状态模块详解
Active connections: 1
server accepts handled requests
22 22 22
Reading: 0 Writing: 1 Waiting: 0
Active connections: 1 当前的连接数量(已建立连接)
server accepts:22 服务器接收到的请求数量
server handled: 22 服务器接收处理的请求数量
server request:20 用户一共向服务器发出多少请求
Reading:0 当前nginx正在读取的用户请求头的数量
Writing:1 当前nginx正在响应用户请求的数量
Waiting:1 当前等待被nginx处理的 请求数量
虚拟主机简单验证
安装软件httpd-tools
[09:00 root@web01 /etc/nginx]# rpm -qa httpd-tools
httpd-tools-2.4.6-89.el7.centos.x86_64
修改status模块
[09:09 root@web01 /etc/nginx]# vim conf.d/status.conf
server {
listen 80;
server_name status.oldboy.com;
stub_status;
access_log off;
auth_basic "Auth access Blog Input your Passwd!";
auth_basic_user_file /etc/nginx/htpasswd;
# allow 172.16.1.0/24;
# deny all;
}
##创建密码文件,修改权限为600,属主属组为nginx
[09:14 root@web01 /etc/nginx]# htpasswd -b -c /etc/nginx/htpasswd oldboy oldboy
[09:15 root@web01 /etc/nginx]# ll htpasswd
-rw-r--r-- 1 root root 48 Jun 6 09:15 htpasswd
[09:24 root@web01 /etc/nginx]# chmod 600 htpasswd
[09:25 root@web01 /etc/nginx]# chown nginx.nginx htpasswd
[09:25 root@web01 /etc/nginx]# ll htpasswd
-rw------- 1 nginx nginx 45 Jun 6 09:19 htpasswd
##重启服务
去浏览器访问status.oldboy.com
location规则
image.png
image.png
将状态码取出来
第一种方法
[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Thu, 06 Jun 2019 01:55:13 GMT
Content-Type: text/html
Content-Length: 15
Last-Modified: Wed, 05 Jun 2019 01:00:48 GMT
Connection: keep-alive
ETag: "5cf71440-f"
Accept-Ranges: bytes
[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7|awk 'NR==1{print $2}'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 15 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
200
[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7 2>/dev/null|awk 'NR==1{print $2}'
200
第二种方法
[09:59 root@web01 /etc/nginx]# curl -sw "%{http_code}\n" -o /dev/null baidu.com
200
location优先级必备测试
[root@web01 /etc/nginx/conf.d]# cp 01-www.conf 01-www.conf.bak
[root@web01 /etc/nginx/conf.d]# vim 01-www.conf
server {
listen 80;
server_name www.oldboy.com;
root /usr/share/nginx/html/www;
location / {
return 200 "location / \n";
}
location = / {
return 200 "location = \n";
}
location /documents/ {
return 200 "location /documents/ \n";
}
location ^~ /images/ {
return 200 "location ^~ /images/ \n";
}
location ~* \.(gif|jpg|jpeg)$ {
return 200 "location ~* \.(gif|jpg|jpeg) \n";
}
access_log off;
}
[10:53 root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[10:54 root@web01 /etc/nginx/conf.d]# systemctl reload nginx
##############
= 精确
^~ 不匹配正则
~* 不区分大小写正则匹配
/documents 匹配路径
/ 默认
##############
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7
location =
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/
location =
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.html
location /
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/alex.txt
location /documents/
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/lidao/documents/alex.txt
location /
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.jpg
location ~* \.(gif|jpg|jpeg)
#验证/documents与~* 的优先级
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/oldboy.jpg
location ~* \.(gif|jpg|jpeg)
#验证 ~* 与 ^~ 优先级
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/images/oldboy.jpg
location ^~ /images/
网友评论