Tutorial on downloading, installing, configuring and using Nginx1.23.3 in CentOS 7.6 environment

I. Introduction

This article mainly introduces the tutorial for downloading, installing, configuring and using Nginx in CentOS 7.6 environment. Friends who are learning nginx can refer to it.

2. Download

Use the following command to download

wget http://nginx.org/download/nginx-1.23.3.tar.gz

3. Install the environment libraries required by nginx

First of all, we need to install gcc, gcc-c++, zlib, pcre and openssl.

Determine? Whether the package name is installed

rpm -q ?Package name

3.1 Install gcc gcc-c++

yum install -y gcc gcc-c++

3.2 Download and install pcre

 cd /usr/local/
 wget http://downloads.sourceforge.net/project/pcre/pcre/8.45/pcre-8.45.tar.gz
 tar -zxvf pcre-8.45.tar.gz
 cd pcre-8.45
 ./configure
 make && make install

3.3 Download and install openssl

 cd /usr/local/
 wget https://www.openssl.org/source/openssl-1.1.1t.tar.gz --no-check-certificate
 tar -zxvf openssl-1.1.1t.tar.gz
 cd openssl-1.1.1t
 ./config
 make && make install

Note: Remember to add –no-check-certificate after wget https://www.openssl.org/source/openssl-1.1.1t.tar.gz, otherwise an error will be reported. It shows that the certificate issued on www.openssl.org has expired and cannot be verified.

3.4 Download and install zlib

 cd /usr/local/
 wget http://zlib.net/zlib-1.2.13.tar.gz
 tar -zxvf zlib-1.2.13.tar.gz
 cd zlib-1.2.13
 ./configure
 make && make install

4. Install nginx

4.1 Installation configuration

 cd /usr/local/
wget http://nginx.org/download/nginx-1.23.3.tar.gz
 tar -zxvf nginx-1.23.3.tar.gz -C /usr/local/
 cd nginx-1.25.2
 ./configure  --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/pcre-8.45  --with-openssl=/usr/local/openssh
 make && make install

4.2 Create an SSL soft link, otherwise an error will be reported when starting nginx

ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1

5. Start Nginx

5.1 Start Nginx

/usr/local/nginx/sbin/nginx

Test nginx and access the server's IP from another machine. If the "Welcome to nginx!" page appears, it means success; if the page cannot be accessed but the server can be pinged, the firewall may be turned on, just turn it off.

5.2 Turn off the firewall

systemctl stop firewalld.service

5.3 Turn off the firewall and start it automatically at boot

systemctl disable firewalld.service

5.4 Stop nginx service

/usr/local/nginx/sbin/nginx –s stop

5.5 Forcefully close the nginx service

pkill nginx

5.6 Configure nginx to start automatically at boot

Create an nginx service name under the /usr/lib/systemd/system path, here set to nginx.service

cd /usr/lib/systemd/system
vim nginx.service

Configure the following

[Unit]
Description=The NGINX HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid  #更换成自己安装nginx的路径
ExecStartPre=/usr/local/nginx/sbin/nginx -t #更换成自己安装nginx的路径
ExecStart=/usr/local/nginx/sbin/nginx #更换成自己安装nginx的路径
ExecReload=/usr/local/nginx/sbin/nginx -s reload #更换成自己安装nginx的路径
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Just save the configuration.

Configure automatic startup at boot

systemctl enable nginx.service

Check whether the setting is successful

systemctl list-unit-files | grep nginx

启动：systemctl start nginx.service
关闭：systemctl stop nginx.service

6. Introduce the configuration of Nginx

6.1 Introduction to nginx.conf configuration file

#nginx配置
#user  nobody;
worker_processes  1;    #服务器并发处理服务关键配置

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    
    
    worker_connections  1024;   #最大连接数为 1024.
}

http {
    
    
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    tcp_nopush     on;
    keepalive_timeout  65;

    #gzip  on;  #http头压缩
    
    #正向代理配置
    server {
    
        
        listen       8080;  # 代理监听端口
        resolver 114.114.114.114; #代理DNS配置
        
        #charset koi8-r;

        access_log  /home/lich/logs/fproxy.access.log;  #accesslog输出路径
        error_log /home/lich/logs/fproxy.error.log;     #errorlog输出路径
        
        location / {
    
    
           
            proxy_pass $scheme://$host$request_uri;     # 配置正向代理参数
            proxy_set_header Host $http_host;           # 解决如果URL中带"."后Nginx 503错误

            proxy_buffers 256 4k;   # 配置缓存大小
            proxy_max_temp_file_size 0;     # 关闭磁盘缓存读写减少I/O
            proxy_connect_timeout 30;       # 代理连接超时时间

            # 配置代理服务器HTTP状态缓存时间
            proxy_cache_valid 200 302 10m;
            proxy_cache_valid 301 1h;
            proxy_cache_valid any 1m;
        }
    }

    
    #反向代理配置
    server {
    
    
        listen       80;
        server_name  test.test.com;   #代理转发域名配置

        access_log  /home/lich/logs/rproxy.access.log;
        error_log /home/lich/logs/rproxy.error.log;

        location / {
    
    
            proxy_pass http://172.16.113.1:8001;    #代理到后段实际应用服务器地址
            index  index.html index.htm index.jsp;
        }

        #error_page  404              /404.html;
        # redirect server error pages to the static page /50x.html
        
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }
}

6.2 Monitoring configuration usage

listen *:80 | *:8080        #监听所有80端口和8080端口
listen IP_address:port     #监听指定的地址和端口号
listen IP_address          #监听指定ip地址所有端口
listen port                 #监听该端口的所有IP连接

6.3 server_name: Name-based virtual host configuration

The syntax format is as follows:

 server_name   name ...;

For name, there can be only one name or multiple names, separated by spaces. Each name consists of two or three paragraphs, separated by "." between each paragraph.

server_name test.com www.test.com

The wildcard character "*" can be used, but the wildcard character can only be used in the first or last paragraph consisting of three characters, or in the last paragraph consisting of two characters.

server_name *.test.com www.test.*

You can also use regular expressions, using "~" as the start tag of the regular expression string.

server_name ~^www\d+\.test\.com$;

6.4 server_name: Virtual host configuration based on IP address

#The syntactic structure is the same as matching based on domain name, and there is no need to consider wildcards and regular expressions.

server_name 192.168.1.1

6.5 proxy_pass

This command is used to set the address of the proxy server. It can be in the form of host name, IP address and port number.

# proxy_pass URL;

# URL 为被代理服务器的地址，可以包含传输协议、主机名称或IP地址加端口号，URI等。
proxy_pass  http://www.test.com/uri;

6.6 index

This directive is used to set the default homepage of the website.

#index  filename ...;
#后面的文件名称可以有多个，中间用空格隔开。
index  index.html index.jsp;

7. ngxin load balancing

7.1 Polling algorithm load balancing

upstream OrdinaryPolling {
    
    
    server 172.16.113.1:8081;
    server 172.16.113.1:8082;
}
server {
    
    
listen       80; 
server_name  test.test.com;

access_log  /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;

location / {
    
    
             proxy_pass http://OrdinaryPolling;
             index  index.html index.htm index.jsp;
             # deny ip
             # allow ip
         
        }
}

7.2 Proportionally weighted polling load balancing

upstream OrdinaryPolling {
    
    
    server 172.16.113.1:8081 weight=2;
    server 172.16.113.1:8082 weight=5;
}
server {
    
    
listen       80; 
server_name  test.test.com;

access_log  /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;


location / {
    
    
             proxy_pass http://OrdinaryPolling;
             # index  index.html index.htm index.jsp;
             # deny ip
             # allow ip
         
        }
}

7.3 Load balancing based on IP routing

Added ip_hash directive to upstream directive block. This instruction tells the nginx server that requests sent by clients with the same IP address will be distributed to the same Tomcat server for processing.

upstream OrdinaryPolling {
    
    
    server 172.16.113.1:8081 weight=2;
    server 172.16.113.1:8082 weight=5;
    ip_hash;
}
server {
    
    
listen       80; 
server_name  test.test.com;
access_log  /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;
location / {
    
    
             proxy_pass http://OrdinaryPolling;
             # index  index.html index.htm index.jsp;
             # deny ip
             # allow ip
        }
}

7.4 Load balancing based on server response time

The load is carried out according to the time it takes for the server to process the request. The faster the request is processed, that is, the shorter the response time is, the priority is allocated.

upstream OrdinaryPolling {
    
    
    server 172.16.113.1:8081 weight=2;
    server 172.16.113.1:8082 weight=5;
    fair;
}
server {
    
    
listen       80; 
server_name  test.test.com;

access_log  /home/lich/logs/rproxy_slb.access.log;
error_log /home/lich/logs/rproxy_slb.error.log;


location / {
    
    
             proxy_pass http://OrdinaryPolling;
             # index  index.html index.htm index.jsp;
             # deny ip
             # allow ip
         
        }
}