I. Introduction
This article mainly introduces the tutorial for downloading, installing, configuring and using Nginx in CentOS 7.6 environment. Friends who are learning nginx can refer to it.
2. Download
Use the following command to download
wget http://nginx.org/download/nginx-1.23.3.tar.gz
3. Install the environment libraries required by nginx
First of all, we need to install gcc, gcc-c++, zlib, pcre and openssl.
Determine? Whether the package name is installed
rpm -q ?Package name
3.1 Install gcc gcc-c++
yum install -y gcc gcc-c++
3.2 Download and install pcre
cd /usr/local/
wget http://downloads.sourceforge.net/project/pcre/pcre/8.45/pcre-8.45.tar.gz
tar -zxvf pcre-8.45.tar.gz
cd pcre-8.45
./configure
make && make install
3.3 Download and install openssl
cd /usr/local/
wget https://www.openssl.org/source/openssl-1.1.1t.tar.gz --no-check-certificate
tar -zxvf openssl-1.1.1t.tar.gz
cd openssl-1.1.1t
./config
make && make install
Note: Remember to add –no-check-certificate after wget https://www.openssl.org/source/openssl-1.1.1t.tar.gz, otherwise an error will be reported. It shows that the certificate issued on www.openssl.org has expired and cannot be verified.
3.4 Download and install zlib
cd /usr/local/
wget http://zlib.net/zlib-1.2.13.tar.gz
tar -zxvf zlib-1.2.13.tar.gz
cd zlib-1.2.13
./configure
make && make install
4. Install nginx
4.1 Installation configuration
cd /usr/local/
wget http://nginx.org/download/nginx-1.23.3.tar.gz
tar -zxvf nginx-1.23.3.tar.gz -C /usr/local/
cd nginx-1.25.2
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/pcre-8.45 --with-openssl=/usr/local/openssh
make && make install
4.2 Create an SSL soft link, otherwise an error will be reported when starting nginx
ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
5. Start Nginx
5.1 Start Nginx
/usr/local/nginx/sbin/nginx
Test nginx and access the server's IP from another machine. If the "Welcome to nginx!" page appears, it means success; if the page cannot be accessed but the server can be pinged, the firewall may be turned on, just turn it off.
5.2 Turn off the firewall
systemctl stop firewalld.service
5.3 Turn off the firewall and start it automatically at boot
systemctl disable firewalld.service
5.4 Stop nginx service
/usr/local/nginx/sbin/nginx –s stop
5.5 Forcefully close the nginx service
pkill nginx
5.6 Configure nginx to start automatically at boot
Create an nginx service name under the /usr/lib/systemd/system path, here set to nginx.service
cd /usr/lib/systemd/system
vim nginx.service
Configure the following
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid #更换成自己安装nginx的路径
ExecStartPre=/usr/local/nginx/sbin/nginx -t #更换成自己安装nginx的路径
ExecStart=/usr/local/nginx/sbin/nginx #更换成自己安装nginx的路径
ExecReload=/usr/local/nginx/sbin/nginx -s reload #更换成自己安装nginx的路径
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
Just save the configuration.
Configure automatic startup at boot
systemctl enable nginx.service
Check whether the setting is successful
systemctl list-unit-files | grep nginx
启动:systemctl start nginx.service
关闭:systemctl stop nginx.service
6. Introduce the configuration of Nginx
6.1 Introduction to nginx.conf configuration file
#nginx配置
#user nobody;
worker_processes 1; #服务器并发处理服务关键配置
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024; #最大连接数为 1024.
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
#gzip on; #http头压缩
#正向代理配置
server {
listen 8080; # 代理监听端口
resolver 114.114.114.114; #代理DNS配置
#charset koi8-r;
access_log /home/lich/logs/fproxy.access.log; #accesslog输出路径
error_log /home/lich/logs/fproxy.error.log; #errorlog输出路径
location / {
proxy_pass $scheme://$host$request_uri; # 配置正向代理参数
proxy_set_header Host $http_host; # 解决如果URL中带"."后Nginx 503错误
proxy_buffers 256 4k; # 配置缓存大小
proxy_max_temp_file_size 0; # 关闭磁盘缓存读写减少I/O
proxy_connect_timeout 30; # 代理连接超时时间
# 配置代理服务器HTTP状态缓存时间
proxy_cache_valid 200 302 10m;
proxy_cache_valid 301 1h;
proxy_cache_valid any 1m;
}
}
#反向代理配置
server {
listen 80;
server_name test.test.com; #代理转发域名配置
access_log /home/lich/logs/rproxy.access.log;
error_log /home/lich/logs/rproxy.error.log;
location / {
proxy_pass http://172.16.113.1:8001; #代理到后段实际应用服务器地址
index index.html index.htm index.jsp;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
6.2 Monitoring configuration usage
listen *:80 | *:8080 #监听所有80端口和8080端口
listen IP_address:port #监听指定的地址和端口号
listen IP_address #监听指定ip地址所有端口
listen port #监听该端口的所有IP连接
6.3 server_name: Name-based virtual host configuration
The syntax format is as follows:
server_name name ...;
For name, there can be only one name or multiple names, separated by spaces. Each name consists of two or three paragraphs, separated by "." between each paragraph.
server_name test.com www.test.com
The wildcard character "*" can be used, but the wildcard character can only be used in the first or last paragraph consisting of three characters, or in the last paragraph consisting of two characters.
server_name *.test.com www.test.*
You can also use regular expressions, using "~" as the start tag of the regular expression string.
server_name ~^www\d+\.test\.com$;
6.4 server_name: Virtual host configuration based on IP address
#The syntactic structure is the same as matching based on domain name, and there is no need to consider wildcards and regular expressions.
server_name 192.168.1.1
6.5 proxy_pass
This command is used to set the address of the proxy server. It can be in the form of host name, IP address and port number.
# proxy_pass URL;
# URL 为被代理服务器的地址,可以包含传输协议、主机名称或IP地址加端口号,URI等。
proxy_pass http://www.test.com/uri;
6.6 index
This directive is used to set the default homepage of the website.
#index filename ...;
#后面的文件名称可以有多个,中间用空格隔开。
index index.html index.jsp;
7. ngxin load balancing
7.1 Polling algorithm load balancing
upstream OrdinaryPolling {
server 172.16.113.1:8081;
server 172.16.113.1:8082;
}
server {
listen 80;
server_name test.test.com;
access_log /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;
location / {
proxy_pass http://OrdinaryPolling;
index index.html index.htm index.jsp;
# deny ip
# allow ip
}
}
7.2 Proportionally weighted polling load balancing
upstream OrdinaryPolling {
server 172.16.113.1:8081 weight=2;
server 172.16.113.1:8082 weight=5;
}
server {
listen 80;
server_name test.test.com;
access_log /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;
location / {
proxy_pass http://OrdinaryPolling;
# index index.html index.htm index.jsp;
# deny ip
# allow ip
}
}
7.3 Load balancing based on IP routing
Added ip_hash directive to upstream directive block. This instruction tells the nginx server that requests sent by clients with the same IP address will be distributed to the same Tomcat server for processing.
upstream OrdinaryPolling {
server 172.16.113.1:8081 weight=2;
server 172.16.113.1:8082 weight=5;
ip_hash;
}
server {
listen 80;
server_name test.test.com;
access_log /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;
location / {
proxy_pass http://OrdinaryPolling;
# index index.html index.htm index.jsp;
# deny ip
# allow ip
}
}
7.4 Load balancing based on server response time
The load is carried out according to the time it takes for the server to process the request. The faster the request is processed, that is, the shorter the response time is, the priority is allocated.
upstream OrdinaryPolling {
server 172.16.113.1:8081 weight=2;
server 172.16.113.1:8082 weight=5;
fair;
}
server {
listen 80;
server_name test.test.com;
access_log /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;
location / {
proxy_pass http://OrdinaryPolling;
# index index.html index.htm index.jsp;
# deny ip
# allow ip
}
}