Nginx deployment and configuration
table of Contents
Nginx deployment and configuration
2. Nginx installation and configuration
3.Detailed explanation of Nginx configuration file
4. Problem record caused by Nginx installation
1. Nginx download address
http://nginx.org/en/download.html
2. Nginx installation and configuration
##安装Nginx依赖,pcre、openssl、gcc、zlib(推荐使⽤yum源⾃动安装)
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel
##解包Nginx软件包
tar -xvf nginx-1.17.8.tar
##进⼊解压之后的⽬录 nginx-1.17.8
cd nginx-1.17.8
##命令⾏执⾏
./configure
##命令⾏执⾏
make
##命令⾏执⾏
make install ##完毕之后在/usr/local/下会产⽣⼀个nginx⽬录
##进⼊sbin⽬录中,执⾏启动nginx命令
./nginx ##启动Nginx
./nginx -s stop ## 终止Nginx
./nginx -s reload ## 重新加载Nginx.conf的配置文件
3.Detailed explanation of Nginx configuration file
#=================================start,全局块,从开始到evennts块之间的内容==================================================
# 运行用户
#user nobody;
# worker 进程数量,通常设置于cpu的数量相等
worker_processes 1;
# 全局错误日志以及pid文件位置
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#====指的是marst主进程pid
#pid logs/nginx.pid;
#================================ end全集块 ===================================================================================
#===============================start,events事件块(影响nginx服务器和用户的网络连接)==========================================
events {
#单个worker进程的最大并发连接数
worker_connections 1024;
}
#==============================end,events事件块===============================================================================
#==============================start,http块(nginx服务器中配置最频繁的部分,端口监听,请求转发等)===========================
http {
#以内mime类型定义文件
include mime.types;
default_type application/octet-stream;
# 设定日志格式
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#连接超时时间
#keepalive_timeout 0;
keepalive_timeout 65;
#开启gzip压缩
#gzip on;
#负载均衡配置
upstream wanServer{
server 127.0.0.1:8080;
server 127.0.0.1:8081;
}
server {
#监听端口
listen 9003;
#定义localhost访问
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
#默认请求
location / {
proxy_pass http://wanServer;
#root html; #默认网站根目录位置
#index index.html index.htm; #索引页,欢迎页
}
location /abb {
proxy_pass http://127.0.0.1:8081/;
#root html; #默认网站根目录位置
#index index.html index.htm; #索引页,欢迎页
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#错误提示页面
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
4. Problem record caused by Nginx installation
4.1. Starting Nginx can be accessed locally but the remote call does not respond
Troubleshooting
Check whether the firewall is closed:
#查看防火墙是否关闭 适用于CentOS 6.5版本
service iptable status
#查看防火墙是否关闭 适用于CentOS 7.2版本
firewall-cmd --state
systemctl status firewalld.service
#关闭防火墙 适用于CentOS 6.5版本
servcie iptables stop #临时关闭
chkconfig iptables off #永久关闭
#关闭防火墙 适用于CentOS 7.2版本
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
#CentOS 7 以下版本 iptables 命令
#如要开放80,22,8080 端口,输入以下命令即可
/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
#然后保存:
/etc/rc.d/init.d/iptables save