centos 7.6 —— 部署Nginx和设置统计并发量
文章目录
一、部署Nginx
[root@localhost opt]# cd nginx-1.12.2/
[root@localhost nginx-1.12.2]# useradd -M -s /sbin/nologin nginx //新建用户Nginx ,——M是指不产生家目录
[root@localhost nginx-1.12.2]# ./configure \
> --prefix=/usr/local/nginx \ // 安装路径
> --user=nginx \ //指定用户来管理Nginx
> --group=nginx \ // 用户组
> --with-http_stub_status_module //添加统计并发量模块
[root@localhost nginx-1.12.2]# make && make install
[root@localhost nginx-1.12.2]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin //配置文件软链接
[root@localhost nginx-1.12.2]# ls -l /usr/local/sbin/
总用量 0
lrwxrwxrwx. 1 root root 27 8月 6 22:01 nginx -> /usr/local/nginx/sbin/nginx
[root@localhost nginx-1.12.2]# ng
ngettext nginx
[root@localhost nginx-1.12.2]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost nginx-1.12.2]# cd /lib/systemd/system
在/etc/init.d 目录下新建Nginx文件为启动脚本
[root@localhost init.d]# vim nginx
#!/bin/bash
#chkconfig:- 99 20
#description:Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$PROG
;;
stop)
kill -s QUIT $(cat $PIDF)
;;
restart)
$0 stop
$0 start
;;
reload)
kill -s HUP $(cat $PIDF)
;;
*)
echo "Usage:$0{start|stop|restart|reload}"
exit 1
esac
exit 0
[root@localhost init.d]# chmod +x nginx //添加权限
[root@localhost init.d]# chkconfig --add nginx //添加到systemctl启动文件设置中
[root@localhost init.d]# service nginx stop
cat: /usr/local/nginx/logs/nginx.pid: No such file or directory
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]
[root@localhost init.d]# sudo fuser -k 80/tcp //重启出现错误,提示端口被占用,使用该命令
80/tcp: 12826 12827
[root@localhost init.d]# service nginx stop
[root@localhost init.d]# service nginx start //修改主配置文件之后需要重启Nginx服务
二、设置访问状态统计
*********************************设置统计网页访问并发量********************************
[root@localhost init.d]# vim /usr/local/nginx/conf/nginx.conf
location /status {
stub_status on;
access_log off;
}
[root@localhost init.d]# service nginx stop
[root@localhost init.d]# service nginx start //修改主配置文件之后需要重启Nginx服务
三、虚拟机win 10 验证
四、虚拟主机应用
4.1 配置DNS服务
[root@localhost /]# yum -y install bind
[root@localhost /]# vim /etc/named.conf
listen-on port 53 { any; };
allow-query { any; };
[root@localhost /]# vim /etc/named.rfc1912.zones
zone "kgc.com" IN {
type master;
file "kgc.com.zone";
allow-update { none; };
};
zone "benet.com" IN {
type master;
file "benet.com.zone";
allow-update { none; };
};
[root@localhost /]# cd /var/named/
[root@localhost named]# ll
总用量 16
drwxrwx---. 2 named named 6 6月 1 23:26 data
drwxrwx---. 2 named named 6 6月 1 23:26 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx---. 2 named named 6 6月 1 23:26 slaves
[root@localhost named]# cp -p named.localhost kgc.com.zone
[root@localhost named]# vim kgc.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.75.134
~
[root@localhost named]# cp -p kgc.com.zone benet.com.zone
[root@localhost named]# vim benet.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.75.134
[root@localhost named]# systemctl restart named
4.2 虚拟机win10 验证
- nslookup www.kgc.com
- nslookup www.benet.com
4.3 基于域名构建虚拟主机
- 修改Nginx主配置文件 Nginx.conf
[root@localhost conf]# cd /var/
[root@localhost var]# ls
account crash games lib log nis run tmp
adm db gopher local mail opt spool yp
cache empty kerberos lock named preserve target
[root@localhost var]# mkdir www
[root@localhost var]# cd www/
[root@localhost www]# mkdir benet kgc
[root@localhost www]# ls
benet kgc
[root@localhost www]# cd benet/
[root@localhost benet]# vim index.html
<h1> welcom to benet !!!! </h1>
[root@localhost benet]# cd /var/www/benet/
[root@localhost benet]# cd /var/www/kgc/
[root@localhost kgc]# vim index.html
<h1> welcom to kgc !!!! </h1>
[root@localhost conf]# vim nginx.conf
server {
server_name www.kgc.com;
location / {
root /var/www/kgc;
index index.html index.php;
}
}
server {
server_name www.benet.com;
location / {
root /var/www/benet;
index index.html index.php;
}
}
[root@localhost conf]# service nginx stop
[root@localhost conf]# service nginx start
[root@localhost conf]#
- win10 验证
4.4 基于ip地址构建web虚拟主机
(1)添加网卡ens37
[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens37
[root@localhost network-scripts]# vim ifcfg-ens37
[root@localhost network-scripts]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 00:0c:29:19:10:39 brd ff:ff:ff:ff:ff:ff
inet 192.168.75.134/24 brd 192.168.75.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::fe87:39da:fd06:77e9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 00:0c:29:19:10:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.75.137/24 brd 192.168.75.255 scope global noprefixroute ens37
valid_lft forever preferred_lft forever
inet6 fe80::38f5:b5fa:cb05:fd3f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:f0:4b:cb brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:f0:4b:cb brd ff:ff:ff:ff:ff:ff
[root@localhost network-scripts]# ping 192.168.75.137
PING 192.168.75.137 (192.168.75.137) 56(84) bytes of data.
64 bytes from 192.168.75.137: icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from 192.168.75.137: icmp_seq=2 ttl=64 time=0.047 ms
^C
--- 192.168.75.137 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.037/0.042/0.047/0.005 ms
[root@localhost network-scripts]#
(2) 修改主配置文件信息nginx.conf
[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
server {
listen 192.168.75.134:80;
server_name 192.168.75.134:80;
}
server {
listen 192.168.75.137:80;
server_name 192.168.75.137:80;
}
[root@localhost conf]# service nginx stop
cat: /usr/local/nginx/logs/nginx.pid: No such file or directory //出现这个问题开启Nginx服务就好
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]
[root@localhost conf]# nginx
[root@localhost conf]# service nginx stop
[root@localhost conf]# service nginx start
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost conf]#
(3) 虚拟机win10 验证
基于ip地址构建web虚拟主机
- 192.168.75.134
- 192.168.75.137
4.5 基于端口构建web虚拟主机
(1) 修改主配置文件Nginx.conf
[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# iptables -F
[root@localhost conf]# setenforce 0
[root@localhost conf]# vim nginx.conf
server {
listen 192.168.75.134:8888;
server_name 192.168.75.134:8888;
}
server {
listen 192.168.75.134:7777;
server_name 192.168.75.134:7777;
}
[root@localhost conf]# nginx
[root@localhost conf]# service nginx stop
[root@localhost conf]# service nginx start
[root@localhost conf]# netstat -antp | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 11950/nginx: master
tcp 0 0 192.168.75.134:8888 0.0.0.0:* LISTEN 11950/nginx: master
tcp 0 0 192.168.75.134:7777 0.0.0.0:* LISTEN 11950/nginx: master
(2) 虚拟机win10 验证
基于端口构建web虚拟主机
- 192.168.75.134:7777
- 192.168.75.134:8888
五、访问控制
5.1 基于授权访问控制
(1)生成用户密码认证文件
[root@localhost conf]# pwd
/usr/local/nginx/conf
[root@localhost conf]# htpasswd -c /usr/local/nginx/conf/passwd.db test
[root@localhost conf]# cat passwd.db
test:$apr1$x.5tswXC$qjCf3dj4jJYJZySwL3Wdn/
[root@localhost conf]#
(2)修改主配置文件对相应目录添加认证配置项`在这里插入代码片
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf //如下命令添加到http中的server服务中,不是新写一个server服务。这里 location是指站点,server是服务
server {
listen 80;
server_name localhost;
location / {
auth_basic "please input password";
auth_basic_user_file /usr/local/nginx/conf/passwd.db;
root html;
index index.html index.html;
}
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# systemctl restart nginx
(3)重启服务,访问测试
[root@localhost ~]# systemctl restart nginx
虚拟机win10验证
5.2 基于客户端访问控制
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf //如下命令写到server中
location / {
deny 192.168.75.30;
allow all;
root html;
index index.html index.htm;
}
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost conf]# systemctl restart nginx.service
win10 192.168.75.30 无法 访问Nginx 验证成功
win10 192.168.75.165 成功 访问Nginx 验证成功
