nginx

作者: 北疆07 | 来源:发表于2019-06-14 14:10 被阅读0次

第一章nginx

安装软件

yum install -y gcc gcc-c++ autoconf pcre pcre-devel make automake wget httpd-tools vim tree

nginx功能

1.web服务器 (http请求 http响应)
2.nginx负载均衡
3.nginx缓存

nginx网站服务软件功能作用

支持网站页面请求处理功能
支持反向代理负载均衡功能
支持前端业务数据缓存功能

nginx和apache的区别

image.png

nginx网站服务软件有时特点(与apache对比)

apache 网站服务处理用户请求方法:
select 模型 便利方式处理用户请求

nginx 网站服务处理用户请求方法:
epoll 模型 精准方式处理用户请求

第二章编译安装nginx

官网http://nginx.org/en/download.html

配置官方源

[10:35 root@web01 ~]# vim /etc/yum.repos.d/nginx.repo 
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

检查是否配置成功

[10:41 root@web01 ~]# yum list nginx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Installed Packages
nginx.x86_64            1:1.16.0-1.el7.ngx             @nginx-stabl

查看软件包内容

[10:42 root@web01 ~]# rpm -ql nginx
/etc/logrotate.d/nginx
/etc/nginx    #跟nginx有关的配置文件
/etc/nginx/conf.d   #nginx主配置文件(最主要的)
/etc/nginx/conf.d/default.conf      #与conf.d类似
/etc/nginx/fastcgi_params
/etc/nginx/koi-utf
/etc/nginx/koi-win
/etc/nginx/mime.types      #媒体类型
/etc/nginx/modules
/etc/nginx/nginx.conf
/etc/nginx/scgi_params
/etc/nginx/uwsgi_params
/etc/nginx/win-utf
/etc/sysconfig/nginx   #systemctl 管理nginx的使用的文件
/usr/lib/systemd/system/nginx.service  #systemctl 管理nginx(开 关 重启 reload) 配置文件
/usr/sbin/nginx  #nginx的命令
/usr/sbin/nginx-debug  #调试
/usr/share/nginx
/usr/share/nginx/html  #站点目录 网站的根目录  www.linuxcx.cn/lcx.jpg
/usr/share/nginx/html/50x.html
/usr/share/nginx/html/index.html
/var/cache/nginx
/var/log/nginx  #nginx日志 access.log(核心访问日志)

查看nginx版本方法

[10:49 root@web01 ~]# nginx -v  \\小v 查看版本
nginx version: nginx/1.16.0
[10:49 root@web01 ~]# nginx -V  \\查看编译安装的命令
nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

启动nginx服务并设置开机自启动,查看进程

[10:51 root@web01 ~]# systemctl start nginx
[10:51 root@web01 ~]# ps -ef|grep nginx
root       8598      1  0 00:53 ?        00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx      8599   8598  0 00:53 ?        00:00:00 nginx: worker process
root      10711  10118  0 10:51 pts/0    00:00:00 grep --color=auto nginx

nginx命令

systemctl start  nginx     ===== nginx                开启
systemctl reload nginx     ===== nginx -s reload    平滑重启
systemctl stop   nginx     ===== ngnx -s stop         关闭
nginx -t   检查语法
nginx -h   查看帮助

服务配置软件

https://www.processon.com/view/link/5cf5e2cae4b0bc8329e71aad

配置文件编写

[11:18 root@web01 ~]# vim /etc/nginx/nginx.conf 
user  nginx;  \\指定nginx进程属于用户nginx
worker_processes  1;    \\worker进程数量 所有核心数或x2
error_log  /var/log/nginx/error.log warn;   \\指定错误日志 warn日志格式 只显示警告信息
pid        /var/run/nginx.pid;  \\pid进程文件
events {    \\events模块(区域)
    worker_connections  1024;   \\每个进程数最大连接数量
}
http {  \\#http区域#
    include       /etc/nginx/mime.types;    \\媒体类型http协议中的文件类型 include(把其他位置的文件加入到这个位置)
    default_type  application/octet-stream; 
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '   \\定义了nginx访问日志的格式
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;    \\指定访问日志的位置和使用什么格式
    sendfile        on; \\开启高效传输模式
    #tcp_nopush     on;
    keepalive_timeout  65;  \\超时时间
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;   \\#指定的服务配置文件(接下文)
}

虚拟主机的配置

认识
1个虚拟主机 相当于是1个网站
Nginx多个server标签

不同虚拟主机
虚拟主机(必备)
不同的域名不同的网站

不同的虚拟主机

基于域名的虚拟主机(必备)
    不同的域名访问不同虚拟主机(网站)
基于端口的虚拟主机
    不同的端口访问不同的虚拟主机
    正常端口   80 443
    网站后台人员 使用特殊端口
基于ip的虚拟主机

基于端口的虚拟主机配置

server   {
     listen       81;
     server_name  www.oldboy.com;

     location / {
        root   /usr/share/nginx/html/www;
        index  index.html index.htm;
                }
              }
     server   {
     listen       82;
     server_name  blog.oldboy.com;

     location / {
        root   /usr/share/nginx/html/blog;
        index  index.html index.htm;
                }
              }
}

[10:14 root@web01 ~]# curl http://10.0.0.7
curl: (7) Failed connect to 10.0.0.7:80; Connection refused
[10:14 root@web01 ~]# curl http://10.0.0.7:81
www.oldboy.com
[10:14 root@web01 ~]# curl http://10.0.0.7:82
blog.oldboy.com

基于ip的虚拟主机

server   {
     listen       10.0.0.9:80;
     server_name  blog.oldboy.com;

     location / {
        root   /usr/share/nginx/html/blog;
        index  index.html index.htm;
                }
              }

###需要添加ip地址
[10:30 root@web01 ~]# ip addr add 10.0.0.9/24 dev eth0 label eth0:1
[10:31 root@web01 ~]# ip a
.....
....
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:68:78:4f brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.7/24 brd 10.0.0.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 10.0.0.9/24 scope global secondary eth0:1
       valid_lft forever preferred_lft forever


[10:31 root@web01 ~]# systemctl restart nginx
[10:35 root@web01 ~]# curl 10.0.0.9:80
blog.oldboy.com
[10:38 root@web01 ~]# curl 10.0.0.7
www.oldboy.com

nginx日志文件/var/log/nginx/accrss.log

'$remote_addr             客户端ip地址
$remote_user              远程用户(空) 
[$time_local]             时间 
"$request"                请求报文的起始行 $request_uri 只取出uri
'$status                  状态码 
$body_bytes_sent          身体 字节 发送 服务端发给客户端大小(每个文件的大小)
"$http_referer"           记录着用户从哪里跳转过来的
'"$http_user_agent"       用户浏览器 
"$http_x_forwarded_for"'; 负载均衡: web服务器用来记录用户真实ip地址
日志格式:
10.0.0.7 - - [05/Jun/2019:11:06:14 +0800] "GET /index.html HTTP/1.1" 200 15 "-" "curl/7.29.0" "-"

ip访问量

awk '{print $1}' /var/log/nginx/access.log |sort |uniq -c

在nginx配置文件中添加日志文件

[11:48 root@web01 ~]# vim /etc/nginx/nginx.conf 
....
     server   {
     listen       80;
     server_name  www.oldboy.com;
   access_log /var/log/nginx/access_www.log main;  \\日志
     location / {
        root   /usr/share/nginx/html/www;
        index  index.html index.htm;
                }
              }
     server   {
     listen       80;
     server_name  blog.oldboy.com;
   access_log /var/log/nginx/access_blog.log main;   \\日志
     location / {
        root   /usr/share/nginx/html/blog;
        index  index.html index.htm;
                }
              }
}



[11:52 root@web01 ~]# systemctl reload nginx.service 
[11:52 root@web01 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[11:52 root@web01 ~]# ll /var/log/nginx/access*
-rw-r--r-- 1 root  root     0 Jun  5 11:48 /var/log/nginx/access_blog.log
-rw-r----- 1 nginx adm  12983 Jun  5 11:36 /var/log/nginx/access.log
-rw-r--r-- 1 root  root     0 Jun  5 11:48 /var/log/nginx/access_www.log

服务配置文件中的server区域

/etc/nginx/conf.d/default.conf
搭建1个网站  虚拟主机
默认每一行都有";"结尾

[11:36 root@web01 ~]# egrep -v '^$|#' /etc/nginx/conf.d/default.conf 
server {
    listen       80;    \\指定监听端口
    server_name  localhost; \\域名 www.linuxcx.cn
    location / {
        root   /usr/share/nginx/html;   \\指定站点目录
        index  index.html index.htm;    \\首页文件(默认展示的文件)
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

配置网站设置域名为www.oldboy.com,并添加hosts解析


[ root@web01 ~]# vim /etc/nginx/nginx.conf 
.....
#    include /etc/nginx/conf.d/*.conf;
     server   {
     listen       80;
     server_name  www.oldboy.com;

     location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
                }
              }
}

 ##### 为[www.oldboy.com](https://links.jianshu.com/go?to=http%3A%2F%2Fwww.oldboy.com)添加/etc/hosts本地域名解析


[ root@web01 ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.local
domain4
::1         localhost localhost.localdomain localhost6 localhost6.local
domain6
172.16.1.5      lb01
172.16.1.6      lb02
172.16.1.7      web01 www.oldboy.com  \\# 此虚拟机ip为10.0.0.7
172.16.1.8      web02
172.16.1.31     nfs01
172.16.1.41     backup
172.16.1.51     db01 db01.etiantian.org
172.16.1.61     m01

查看是否解析成功

[root@web01 /etc/nginx]# ping www.oldboy.com 
PING web01 (172.16.1.7) 56(84) bytes of data.
64 bytes from web01 (172.16.1.7): icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from web01 (172.16.1.7): icmp_seq=2 ttl=64 time=0.055 ms
^C
--- web01 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.036/0.045/0.055/0.011 ms

给站点目录的主页写入此网址
[root@web01 /etc/nginx]# echo www.oldboy.com  >/usr/share/nginx/html/index.html 
[root@web01 /etc/nginx]# 
[root@web01 /etc/nginx]# curl  www.oldboy.com
www.oldboy.com 

nginx和php的联系

[root@web01 ~]# cat /etc/nginx/conf.d/02-blog.conf
server   {
    listen       80;
    server_name  blog.oldboy.com;
    access_log  /var/log/nginx/access_blog.log  main;
    root   /usr/share/nginx/html/blog; 
    location / {
    index  index.php index.html index.htm;
    }
   location ~* \.(php|php5)$ {
       fastcgi_pass   127.0.0.1:9000;
       fastcgi_index  index.php;
       fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
       include        fastcgi_params;
   }

}

fastcgi_pass   127.0.0.1:9000;  通过php(9000端口)静态的资源自己处理 动态的通过fastcgi_pass给中介(fastcgi)
fastcgi_index  index.php;  站点目录
fastcgi_param  
SCRIPT_FILENAME   脚本名字
document_root  网站站点目录
fastcgi_script_name  请求连接的URI

nginx状态模块及权限控制,添加status.conf文件

[12:22 root@web01 /etc/nginx]# cat conf.d/status.conf 
server {
    listen 80;
    server_name  status.oldboy.com;
    stub_status on;
    access_log off;
}
[12:22 root@web01 /etc/nginx]# ll conf.d/
total 16
-rw-r--r-- 1 root root 233 Jun  5 12:04 01-www.conf
-rw-r--r-- 1 root root 254 Jun  5 12:04 02-blog.conf
-rw-r--r-- 1 root root 488 Apr 23 22:34 default.conf.gz
-rw-r--r-- 1 root root  90 Jun  5 12:21 status.conf
[12:26 root@web01 /etc/nginx]# systemctl restart nginx
[12:26 root@web01 /etc/nginx]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[12:26 root@web01 /etc/nginx]# curl status.oldboy.com
Active connections: 1 
server accepts handled requests
 1 1 1 
Reading: 0 Writing: 1 Waiting: 0 

添加allow允许网段

[12:36 root@web01 /etc/nginx]# vim conf.d/status.conf 
server {
        listen 80;
        server_name  status.oldboy.com;
        stub_status on;
        access_log off;
        allow 172.16.1.0/24;   \\添加允许网段
        deny all;    \\除了172网段其他的全部拒绝
}
[12:37 root@web01 /etc/nginx]# nginx -t
nginx: [emerg] unexpected "}" in /etc/nginx/conf.d/status.conf:8
nginx: configuration file /etc/nginx/nginx.conf test failed
[12:37 root@web01 /etc/nginx]# systemctl reload nginx
[12:37 root@web01 /etc/nginx]# curl status.oldboy.com
Active connections: 1 
server accepts handled requests
 7 7 7 
Reading: 0 Writing: 1 Waiting: 0

重启服务后状态归零

[08:46 root@web01 ~]# systemctl reload nginx
[08:46 root@web01 ~]# curl -H Host:status.oldboy.com 172.16.1.7
Active connections: 1 
server accepts handled requests
 22 22 22 
Reading: 0 Writing: 1 Waiting: 0 
[08:46 root@web01 ~]# systemctl restart nginx
[08:46 root@web01 ~]# curl -H Host:status.oldboy.com 172.16.1.7
Active connections: 1 
server accepts handled requests
 1 1 1 
Reading: 0 Writing: 1 Waiting: 0 

状态模块详解

Active connections: 1 
server accepts handled requests
 22 22 22 
Reading: 0 Writing: 1 Waiting: 0 


Active connections: 1  当前的连接数量(已建立连接)
server accepts:22    服务器接收到的请求数量
server handled: 22    服务器接收处理的请求数量
server request:20    用户一共向服务器发出多少请求
Reading:0  当前nginx正在读取的用户请求头的数量
Writing:1  当前nginx正在响应用户请求的数量
Waiting:1  当前等待被nginx处理的 请求数量

虚拟主机简单验证

安装软件httpd-tools
[09:00 root@web01 /etc/nginx]# rpm -qa httpd-tools
httpd-tools-2.4.6-89.el7.centos.x86_64
修改status模块
[09:09 root@web01 /etc/nginx]# vim conf.d/status.conf 
server {
        listen 80;
        server_name  status.oldboy.com;
        stub_status;
        access_log off;
        auth_basic "Auth access Blog Input your Passwd!";
        auth_basic_user_file /etc/nginx/htpasswd;

#       allow 172.16.1.0/24;
#       deny all;
}
##创建密码文件,修改权限为600,属主属组为nginx
[09:14 root@web01 /etc/nginx]# htpasswd -b -c /etc/nginx/htpasswd  oldboy oldboy
[09:15 root@web01 /etc/nginx]# ll htpasswd 
-rw-r--r-- 1 root root 48 Jun  6 09:15 htpasswd 
[09:24 root@web01 /etc/nginx]#  chmod 600 htpasswd 
[09:25 root@web01 /etc/nginx]# chown nginx.nginx htpasswd 
[09:25 root@web01 /etc/nginx]# ll htpasswd 
-rw------- 1 nginx nginx 45 Jun  6 09:19 htpasswd
##重启服务
去浏览器访问status.oldboy.com

location规则

image.png
image.png

将状态码取出来

第一种方法
[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Thu, 06 Jun 2019 01:55:13 GMT
Content-Type: text/html
Content-Length: 15
Last-Modified: Wed, 05 Jun 2019 01:00:48 GMT
Connection: keep-alive
ETag: "5cf71440-f"
Accept-Ranges: bytes

[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7|awk 'NR==1{print $2}'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0    15    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
200
[09:55 root@web01 /etc/nginx]# curl -I 10.0.0.7 2>/dev/null|awk 'NR==1{print $2}'
200
第二种方法
[09:59 root@web01 /etc/nginx]# curl -sw "%{http_code}\n" -o /dev/null baidu.com
200

location优先级必备测试

[root@web01 /etc/nginx/conf.d]# cp 01-www.conf 01-www.conf.bak
[root@web01 /etc/nginx/conf.d]# vim 01-www.conf
server {
    listen       80;
    server_name  www.oldboy.com;
    root   /usr/share/nginx/html/www;
    location / {
       return 200  "location / \n";
    }
    location = / {
        return 200 "location = \n";
    }
    location /documents/ {
        return 200 "location /documents/ \n";
    }
    location ^~ /images/ {
        return 200 "location ^~ /images/ \n";
    }
    location ~* \.(gif|jpg|jpeg)$ {
        return 200 "location ~* \.(gif|jpg|jpeg) \n";
    }
    access_log off;
}
[10:53 root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[10:54 root@web01 /etc/nginx/conf.d]# systemctl reload nginx 


##############
=     精确
^~    不匹配正则
~*    不区分大小写正则匹配
/documents    匹配路径
/      默认
##############
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7
location = 

[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/
location = 

[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.html
location / 

[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/alex.txt
location /documents/ 

[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/lidao/documents/alex.txt
location / 

[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.jpg
location ~* \.(gif|jpg|jpeg) 

#验证/documents与~* 的优先级
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/oldboy.jpg
location ~* \.(gif|jpg|jpeg) 

#验证 ~* 与 ^~ 优先级
[root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/images/oldboy.jpg
location ^~ /images/ 

相关文章

网友评论

      本文标题:nginx

      本文链接:https://www.haomeiwen.com/subject/ufovfctx.html