基于Centos7.2的nginx部署

基于Centos7.2的nginx部署

部署背景：使用Nginx作为Tomcat的负载平衡器。

部署步骤：

安装zlib-devel、pcre-devel等依赖包

<a href="https://s1.51cto.com/wyfs02/M02/98/CE/wKiom1lAz3yTBFXFAAEAvinh_ZY555.png" target="_blank"></a>

[root@nginx ~]#  yum install -y gcc gcc-c++ make libtool zlib zlib-devel pcre pcre-devel openssl openssl-devel

注：结合proxy和upstream模块实现后端web负载均衡

结合nginx默认自带的ngx_http_proxy_module模块 和ngx_http_upstream_module模块实现后端服务器的健康检查。

Proxy:实现反向代理

Upstream：实现负载均衡

Nginx在使用HTTPS服务时要用到openssl-devel模块，如果不安装openssl相关包，安装Nginx的过程会报错。

创建nginx用户

[root@nginx ~]# useradd -s /sbin/nologin www

[root@nginx ~]# grep www /etc/passwd  ##查看nginx用户www是否建立

www:x:1000:1000::/home/www:/sbin/nologin

编译安装nginx

[root@nginx src]# tar -zxvf nginx-1.13.0.tar.gz

[root@nginx src]# cd nginx-1.13.0

[root@nginx nginx-1.13.0]# ./configure --prefix=/usr/local/nginx1.10 --user=www  --group=www --with-http_stub_status_module --with-http_realip_module --with-http_ssl_module --with-http_gzip_static_module --with-pcre --with-http_flv_module &amp;&amp; make &amp;&amp; make install

其中：--prefix=/usr/local/nginx1.10表示nginx包安装路径

创建nginx软连接，方便nginx程序的执行

[root@nginx nginx-1.13.0]# ln -s /usr/local/nginx1.10/sbin/nginx /usr/local/sbin/

nginx语法检查

[root@nginx nginx-1.13.0]# nginx -t

<a href="https://s1.51cto.com/wyfs02/M02/98/68/wKiom1k7fUTzvmuBAAAVBS2bH3M096.png" target="_blank"></a>

编写nginx服务脚本

[root@nginx ~]# vim /etc/init.d/nginx

#!/bin/sh

#

# nginx - this script starts and stops the nginx daemon

# chkconfig:   - 85 15 

# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \

#               proxy and IMAP/POP3 proxy server

# processname: nginx

# config:      /usr/local/nginx1.10/conf/nginx.conf

# pidfile:     /usr/local/nginx1.10/logs/nginx.pid

nginxd=/usr/local/nginx1.10/sbin/nginx

nginx_config=/usr/local/nginx1.10/conf/nginx.conf

nginx_pid=/usr/local/nginx1.10/logs/nginx.pid

RETVAL=0

prog="nginx"

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ "$NETWORKING" = "no" ] &amp;&amp; exit 0

nginx="/usr/local/sbin/nginx"

prog=$(basename $nginx)

NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"

lockfile=/var/lock/subsys/nginx

start() {

    [ -x $nginx ] || exit 5

    [ -f $NGINX_CONF_FILE ] || exit 6

    echo -n $"Starting $prog: "

    daemon $nginx -c $NGINX_CONF_FILE

    retval=$?

    echo

    [ $retval -eq 0 ] &amp;&amp; touch $lockfile

    return $retval

}

stop() {

    echo -n $"Stopping $prog: "

    killproc $prog -QUIT

    [ $retval -eq 0 ] &amp;&amp; rm -f $lockfile

restart() {

    configtest || return $?

    stop

    start

reload() {

    echo -n $"Reloading $prog: "

    killproc $nginx -HUP

    RETVAL=$?

force_reload() {

    restart

configtest() {

  $nginx -t -c $NGINX_CONF_FILE

rh_status() {

    status $prog

rh_status_q() {

    rh_status &gt;/dev/null 2&gt;&amp;1

case "$1" in

    start)

        rh_status_q &amp;&amp; exit 0

        $1

        ;;

    stop)

        rh_status_q || exit 0

    restart|configtest)

    reload)

        rh_status_q || exit 7

    force-reload)

        force_reload

    status)

 rh_status

    condrestart|try-restart)

            ;;

    *)

        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"

        exit 2

esac

添加开机自启动服务

[root@nginx ~]# chmod +x /etc/init.d/nginx

[root@nginx ~]# chkconfig --add nginx

[root@nginx ~]# chkconfig nginx on

[root@nginx ~]# chkconfig --list |grep nginx

nginx           0:off   1:off   2:on    3:on    4:on    5:on    6:off

启动nginx服务

[root@nginx ~]# /usr/local/sbin/nginx start

nginx: invalid option: "start"

[root@nginx ~]# /etc/init.d/nginx start

Starting nginx (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

                                                           [FAILED]

<a href="https://s1.51cto.com/wyfs02/M01/98/68/wKiom1k7gaDxsaw0AAAW5JbnBjo527.png" target="_blank"></a>

以上我们可以看出，nginx启动失败！以下是解决方法：

[root@nginx ~]# /usr/local/sbin/nginx

Starting nginx (via systemctl):                            [  OK  ]

<a href="https://s2.51cto.com/wyfs02/M00/98/68/wKiom1k7hlTT6fjhAAAqrks2LuA114.png" target="_blank"></a>

配置nginx反向代理：作用是（反向代理+负载均衡+健康探测）

修改nginx主配置文件：

[root@nginx ~]# vim /usr/local/nginx1.10/conf/nginx.conf

user  www www;

worker_processes     2;

worker_cpu_affinity 0101 1010;

error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

worker_rlimit_nofile 10240;

pid        logs/nginx.pid;

events{

use epoll;

worker_connections  4096;

http{

include mime.types;

default_type  application/octet-stream;

log_format  main '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent"$http_referer" '

                     '"$http_user_agent" "$http_x_forwarded_for"';

access_log  logs/access.log  main;

server_tokens off;

sendfile        on;

tcp_nopush     on;

    #keepalive_timeout  0;

keepalive_timeout  65;

    #Compression Settings

gzip on;

gzip_comp_level 6;

gzip_http_version 1.1;

gzip_proxied any;

gzip_min_length 1k;

gzip_buffers 16 8k;

gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascriptapplication/xml;

gzip_vary on;

    #end gzip

    # http_proxy Settings

client_max_body_size   10m;

client_body_buffer_size   128k;

proxy_connect_timeout   75;

proxy_send_timeout   75;

proxy_read_timeout   75;

proxy_buffer_size   4k;

proxy_buffers   4 32k;

proxy_busy_buffers_size   64k;

proxy_temp_file_write_size  64k;

    #load balance Settings

upstream backend_tomcat {

server 192.168.100.126:8080 weight=1 max_fails=2 fail_timeout=10s;    ##需要更改为tomcat的ip

server 192.168.100.127:8080 weight=1 max_fails=2 fail_timeout=10s;    ##需要更改为tomcat的ip

    }

    #virtual host Settings

server{

listen       80;

server_name  www.benet.com;

charset utf-8;

location / {

root html;

index  index.jsp index.html index.htm;

        }

location ~* \.(jsp|do)$ {

proxy_pass  http://backend_tomcat;

proxy_redirect off;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

location /nginx_status {

stub_status on;

access_log off;

allow 192.168.100.0/24;    ##需要更改tomcat的ip段

deny all;

重启使其生效

[root@nginx conf]# /usr/local/sbin/nginx

[root@nginx conf]# service nginx restart

Restarting nginx (via systemctl):                          [  OK  ]

[root@nginx ~]# firewall-cmd --permanent --add-port=80/tcp

success

[root@nginx ~]# firewall-cmd --reload

<a href="https://s2.51cto.com/wyfs02/M01/98/69/wKioL1k7j5mBCbPhAAANbmfbvFM574.png" target="_blank"></a>

以上就是nginx部署的基本步骤！

扩展：

除了nginx语法检查nginx安装和浏览是否正常外，还有两种常用的方法：

1.使用wget命令检查

[root@nginx ~]# wget 127.0.0.1

<a href="https://s3.51cto.com/wyfs02/M02/98/D0/wKioL1lA2djTtu5WAAArF0HGT7o108.png" target="_blank"></a>

2.使用curl命令检查

[root@nginx ~]# curl 127.0.0.1

<a href="https://s2.51cto.com/wyfs02/M02/98/D0/wKioL1lA2jLRT-EHAAAmpWgTvMo344.png" target="_blank"></a>

     本文转自品鉴初心51CTO博客，原文链接：http://blog.51cto.com/wutengfei/1934066，如需转载请自行联系原作者