一、续
1.限制连接 limit_conn
场景: 下载
[root@oldboy-pythonedu mirror]# cat /etc/nginx/conf.d/mirror.oldboyedu.com.conf
limit_conn_zone $binary_remote_addr zone=addr:10m; # 定义限制的key, 分配区域大小
server {
listen 80;
server_name mirror.oldboyedu.com;
charset utf8;
limit_conn addr 1; # 调用区域限制,限制key只可以出现1次, 相当于限制来源客户端IP的连接数为1
limit_conn_status 500; # 限制成功后,会返回500的错误状态码,默认返回503
limit_rate_after 200m; # 全速下载200m资源
limit_rate 300k; # 达到200m以后,限制300k的速度
error_page 500 = @testerror; # 如果 出现500错误,则让其跳转到内部的 @testerror
location @testerror { # 定义 @testerror, 返回具体的动作
default_type text/html;
return 200 '$remote_addr 你超过了最大连接限制, 请充值VIP解封!';
}
location / {
root /code/mirror;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
}
dd if=/dev/zero of=./bigdata bs=1M count=500 # 产生一个500M文件
tail -f /var/log/nginx/error.log
2.状态监控 stub_status [ 7种状态 ]
location = /status {
stub_status;
}
Active connections: 2
server accepts handled requests
2 2 3
Reading: 0 Writing: 1 Waiting: 1
Active connections: # 活跃的连接数
accepts: # 接受的总TCP连接数
handled: # 总处理的TCP连接数
requests: # 总的 http 请求数
3.location
作用: 控制用户请求 uri 的具体路径
用法: location [ = | ~ | ~* | ^~ ] uri { … }
多个location时会用上, 但多个location会出现优先级的问题.
1).Location优先级:
# 匹配符 匹配规则 优先级
# = 精确匹配 1
# ^~ 以某个字符串开头 2
# ~ 区分大小写的正则匹配 3
# ~* 不区分大小写的正则匹配 4
# / 通用匹配,任何请求都会匹配到 5
server {
listen 80;
server_name location.oldboyedu.com;
location = / {
default_type text/html;
return 200 'location = /';
}
location / {
default_type text/html;
return 200 'location /';
}
location /documents/ {
default_type text/html;
return 200 'location /documents/';
}
location ^~ /images/ {
default_type text/html;
return 200 'location ^~ /images/';
}
location ~* \.(gif|jpg|jpeg)$ {
default_type text/html;
return 200 'location ~* \.(gif|jpg|jpeg)';
}
}
http://location.oldboyedu.com/index.html location /
http://location.oldboyedu.com/documents/1.html location /documents/
http://location.oldboyedu.com/images/1.gif location ^~ /images/
[root@cwj-python ~]# curl -HHost:location.oldboyedu.com http://10.0.0.200/images/1.gif
location ^~ /images/
http://location.oldboyedu.com/documents/1.jpg location ~* \.(gif|jpg|jpeg)
[root@cwj-python ~]# curl -HHost:location.oldboyedu.com http://10.0.0.200/documents/1.jpg
location ~* \.(gif|jpg|jpeg)
2).Location具体如何使用:
server {
listen 80;
server_name location.oldboyedu.com;
# 通用匹配,任何请求都会匹配到
location / {
root html;
index index.html;
}
# 精准匹配,必须请求的uri是/nginx_status
location = /nginx_status {
stub_status;
}
# 严格区分大小写,匹配以.php结尾的都走这个location
location ~ \.php$ {
default_type text/html;
return 200 'php访问成功';
}
# 严格区分大小写,匹配以.jsp结尾的都走这个location
location ~ \.jsp$ {
default_type text/html;
return 200 'jsp访问成功';
}
# 不区分大小写匹配,只要用户访问.jpg,gif,png,js,css 都走这条location
location ~* \.(jpg|gif|png|js|css)$ {
return 403;
}
# 不区分大小写匹配
location ~* \.(sql|bak|tgz|tar.gz|.git)$ {
deny all;
}
}
二、nginx+php
1.wordpress(博客)
LNMP 架构:
1) 什么是LNMP架构
L = Linux
N = Nginx
M ~= MySQL | Mariadb
p ~= PHP | Python
2) LNMP架构如何工作
3) LNMP架构安装
nginx:
php:
[root@oldboy-pythonedu ~]# rpm -e $(rpm -qa |grep php) #卸载php5版本
[root@oldboy-pythonedu ~]# wget http://cdn.xuliangwei.com/php.zip
[root@oldboy-pythonedu ~]# unzip php.zip
[root@oldboy-pythonedu ~]# yum localinstall php/*.rpm -y
# 修改进程运行的身份
[root@oldboy-pythonedu ~]# sed -i 's#user = apache#user = nginx#g' /etc/php-fpm.d/www.conf
[root@oldboy-pythonedu ~]# sed -i 's#group = apache#group = nginx#g' /etc/php-fpm.d/www.conf
# 启动php-fpm
[root@oldboy-pythonedu ~]# systemctl enable php-fpm
[root@oldboy-pythonedu ~]# systemctl start php-fpm
nginx+ php 检查:
[root@oldboy-pythonedu ~]# cat /etc/nginx/conf.d/php.oldboyedu.com.conf
server {
listen 80;
server_name php.oldboyedu.com;
root /code;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# 代码:
[root@oldboy-pythonedu ~]# cat /code/index.php
<?php
phpinfo();
?>
mysql:
[root@oldboy-pythonedu ~]# yum install mariadb mariadb-server -y
[root@oldboy-pythonedu ~]# systemctl enable mariadb
[root@oldboy-pythonedu ~]# systemctl start mariadb
[root@oldboy-pythonedu ~]# mysqladmin password '123456'
[root@oldboy-pythonedu ~]# mysql -uroot -p123456
MariaDB [(none)]>
MariaDB [(none)]> create database wordpress charset utf8;
测试php+mysql是否成功:
[root@oldboy-pythonedu ~]# cat /code/mysql.php
<?php
$servername = "localhost";
$username = "root";
$password = "123456";
// 创建连接
$conn = mysqli_connect($servername, $username, $password);
// 检测连接
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "php连接MySQL数据库成功";
?>
[root@oldboy-pythonedu ~]# php /code/mysql.php
php连接MySQL数据库成功
4) 部署Wordpress
第一步: 下载代码,存储至指定位置,变更权限
[root@oldboy-pythonedu ~]# cd /code/
[root@oldboy-pythonedu code]# wget https://cn.wordpress.org/latest-zh_CN.tar.gz
[root@oldboy-pythonedu code]# tar xf latest-zh_CN.tar.gz
[root@oldboy-pythonedu code]# chown -R nginx.nginx wordpress/
第二步: 编写Nginx配置文件
[root@oldboy-pythonedu code]# cat /etc/nginx/conf.d/blog.oldboyedu.com.conf
server {
listen 80;
server_name blog.oldboyedu.com;
root /code/wordpress;
client_max_body_size 50m;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@oldboy-pythonedu code]# nginx -t
[root@oldboy-pythonedu code]# systemctl reload nginx
第三步: 配置域名解析.访问浏览器.安装该产品
10.0.0.200 blog.oldboyedu.com
2.部署edusoho项目(网络课堂)
1).安装EduSoho
mkdir /code
cd /code
rz #上传文件
tar xf edusoho-8.2.17.tar.gz
#注意:我们的进程能够以什么方式去访问一个文件或目录,取决于进程所运行的用户身份对该文件有什么权限
chown -R nginx.nginx edusoho
2)增加EduSoho nginx配置
vim /etc/nginx/conf.d/edu.oldboyedu.com.conf
server {
listen 80;
server_name edu.oldboyedu.com;
root /code/edusoho/web;
client_max_body_size 1024m; #允许上传视频大小限制
client_body_buffer_size 100m; #缓冲区大小(太小会提示a client request body is buffered to a temporary)
location / {
index app.php;
try_files $uri @rewriteapp;
}
location @rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
location ~ ^/udisk {
internal;
root /code/edusoho/app/data/;
}
location ~ ^/(app|app_dev)\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
fastcgi_param HTTP_X-Sendfile-Type X-Accel-Redirect;
fastcgi_param HTTP_X-Accel-Mapping /udisk=/code/edusoho/app/data/udisk;
fastcgi_buffer_size 128k;
fastcgi_buffers 8 128k;
}
location ~* \.(jpg|jpeg|gif|png|ico|swf)$ {
expires 3y;
access_log off;
gzip off;
}
location ~* \.(css|js)$ {
access_log off;
expires 3y;
}
location ~ ^/files/.*\.(php|php5)$ {
deny all;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
include fastcgi_params;
}
}
3)重启nginx服务
nginx -t
systemctl restart nginx
4)修改php.ini 配置文件,调整解析器支持的最大上传限制
tail -f /var/log/nginx/error.log
vim /etc/php.ini
upload_max_filesize = 1024M
post_max_size = 1024M
systemctl restart php-fpm
5)上传视频
课程->创建课程
课程->管理课程-->
课程文件-->添加视频
计划任务-->添加章节-->添加视频-->发布
6)修改图片
运营->编辑区管理->首页顶部.轮播图
系统->站点设置->网站Logo
系统->站点设置->主题->管理
->组件调整
->配色方案
3.kodcloud (网盘) 【+ oss 对象存储 ( 花钱 )】
1) Nginx + PHP 环境
2) kodcloud代码
[root@oldboy-pythonedu ~]# cd /code
[root@oldboy-pythonedu code]# wget http://static.kodcloud.com/update/download/kodbox.1.13.zip
[root@oldboy-pythonedu code]# mkdir kodcloud
[root@oldboy-pythonedu code]# unzip kodbox.1.13.zip -d kodcloud/
[root@oldboy-pythonedu code]# chown -R nginx.nginx /code/kodcloud/
3) Nginx配置文件
[root@oldboy-pythonedu code]# cat /etc/nginx/conf.d/kod.oldboyedu.com.conf
server {
listen 80;
server_name kod.oldboyedu.com;
root /code/kodcloud;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
chown -R nginx.nginx /code/kodcloud/
[root@oldboy-pythonedu code]# nginx -t
[root@oldboy-pythonedu code]# systemctl reload nginx
4) 域名解析
10.0.0.200 blog.oldboyedu.com
10.0.0.200 edu.oldboyedu.com
10.0.0.200 kod.oldboyedu.com
三、扩展应用节点及拆分数据库
1.扩展一台应用节点
1) 克隆一台全新的Linux主机,需要修改IP地址 node2(201)
sed -i 's#old#new#g' /etc/sysconfig/network-script/ifcfg-ens
# old: 旧的IP尾号
# new: 新的IP尾号
[root@oldboy-pythonedu ~]# hostnamectl set-hostname node2
2) 安装Nginx PHP环境
[root@node2 ~]# yum install vim net-tools unzip wget lrzsz -y # 基础工具
[root@node2 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@node2 ~]# wget http://cdn.xuliangwei.com/php.zip
# 安装Nginx
[root@node2 ~]# yum install nginx -y
# 安装PHP
[root@node2 ~]# unzip php.zip
[root@node2 ~]# yum localinstall php/*.rpm -y
3) 拷贝Nginx配置 PHP配置 scp
[root@node2 ~]# scp [email protected]:/etc/nginx/nginx.conf /etc/nginx/nginx.conf
[root@node2 ~]# scp -r [email protected]:/etc/nginx/conf.d/*.conf /etc/nginx/conf.d/
# php
[root@node2 ~]# scp [email protected]:/etc/php.ini /etc/php.ini
[root@node2 ~]# scp [email protected]:/etc/php-fpm.d/www.conf /etc/php-fpm.d/www.conf
4) 拷贝代码, 关闭防火墙
[root@node2 ~]# systemctl disable firewalld
[root@node2 ~]# systemctl stop firewalld
[root@node2 ~]# setenforce 0
[root@node2 ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
# 拷贝所有代码
[root@node2 ~]# scp -rp [email protected]:/code /
[root@node2 ~]# chown -R nginx.nginx /code/
5) 启动服务
[root@node2 ~]# systemctl enable nginx php-fpm
[root@node2 ~]# systemctl start nginx php-fpm
2.拆分数据库至独立服务器 ( 应用节点可以共享使用, 数据库还可以组集群架构. )
1) 准备基础环境, 修改IP地址,修改主机名称,关闭防火墙
sed -i 's#200#202#g' /etc/sysconfig/network-scripts/ifcfg-ens32
systemctl restart network
hostnamectl set-hostname node-mysql
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
yum install vim net-tools unzip wget lrzsz -y
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
2) 在202安装Mariadb
[root@node-mysql ~]# yum install mariadb mariadb-server -y
[root@node-mysql ~]# systemctl enable mariadb
[root@node-mysql ~]# systemctl start mariadb
[root@node-mysql ~]# mysql -u root -p
MariaDB [(none)]> grant all privileges on *.* to 'all'@'%' identified by '123456';
MariaDB [(none)]>
3) 在原有数据上,将库备份下来,然后恢复至 10.0.0.202 主机的MySQL上
[root@oldboy-pythonedu ~]# mysqldump -uroot -p123456 -B wordpress edusoho > bak.sql
[root@oldboy-pythonedu ~]# scp bak.sql [email protected]:~
4) 在新的数据库服务上恢复数据
[root@node-mysql ~]# mysql -u root -p123456 < bak.sql
5) 修改应用服务连接数据库的地址: ( 所有应用节点都需要操作 )
Wordpress:
[root@node2 ~]# vim /code/wordpress/wp-config.php
define( 'DB_NAME', 'wordpress' );
/** MySQL数据库用户名 */
define( 'DB_USER', 'all' );
/** MySQL数据库密码 */
define( 'DB_PASSWORD', '123456' );
/** MySQL主机 */
define( 'DB_HOST', '10.0.0.202' );
edusohu:
[root@node2 ~]# vim /code/edusoho/app/config/parameters.yml
parameters:
database_driver: pdo_mysql
database_host: 10.0.0.202
database_port: 3306
database_name: edusoho
database_user: all
database_password: '123456'
在200中也执行以上操作
edusoho存在缓存:
[root@node2 ~]# rm -rf /code/edusoho/app/cache/*
6)域名解析
10.0.0.201 kod.oldboyedu.com blog.oldboyedu.com edu.oldboyedu.com