CentOS7下搭建nginx反向代理服务器使得外网可以二级域名访问内网应用
2016-05-10 15:43
986 查看
创建nginx的本地yum源
[root@localhost ~]# yum list |grep nginx No package nginx available. [root@localhost ~]# //给跪了,什么鬼,怎么没有nginx的rpm?算了,直接自己手动配一个官网repo吧 [root@localhost ~]# //访问nginx官网,进入dowload页面,翻到底部的Pre-Build Package,选stable version --------------------------- To set up the yum repository for RHEL/CentOS, create the file named /etc/yum.repos.d/nginx.repo with the following contents: [nginx] name=nginx repo baseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1 Replace “OS” with “rhel” or “centos”, depending on the distribution used, and “OSRELEASE” with “5”, “6”, or “7”, for 5.x, 6.x, or 7.x versions, respectively. --------------------------- [root@localhost ~]# [root@localhost ~]# //大意就是:创建/etc/yum.repos.d/nginx.repo文件,贴入模板内容,替换相应的系统和软件版本号 [root@localhost ~]# [root@localhost ~]# cd /etc/yum.repos.d [root@localhost yum.repos.d]# vi nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 enabled=1 :wq
以yum方式安装nginx
[root@localhost yum.repos.d]# yum list |grep nginx nginx.x86_64 1:1.10.0-1.el7.ngx nginx nginx-debug.x86_64 1:1.8.0-1.el7.ngx nginx nginx-debuginfo.x86_64 1:1.10.0-1.el7.ngx nginx nginx-module-geoip.x86_64 1:1.10.0-1.el7.ngx nginx nginx-module-image-filter.x86_64 1:1.10.0-1.el7.ngx nginx nginx-module-njs.x86_64 1:1.10.0.0.0.20160414.1c50334fbea6-1.el7.ngx nginx nginx-module-perl.x86_64 1:1.10.0-1.el7.ngx nginx nginx-module-xslt.x86_64 1:1.10.0-1.el7.ngx nginx nginx-nr-agent.noarch 2.0.0-9.el7.ngx nginx pcp-pmda-nginx.x86_64 3.10.6-2.el7 base [root@localhost yum.repos.d]# yum install nginx.x86_64 Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * rpmforge: mirrors.neusoft.edu.cn Resolving Dependencies --> Running transaction check ---> Package nginx.x86_64 1:1.10.0-1.el7.ngx will be installed --> Finished Dependency Resolution Dependencies Resolved #################################################################################### Package Arch Version Repository Size #################################################################################### Installing: nginx x86_64 1:1.10.0-1.el7.ngx nginx 640 k Transaction Summary #################################################################################### Install 1 Package Total download size: 640 k Installed size: 2.1 M Is this ok [y/d/N]: y Downloading packages: nginx-1.10.0-1.el7.ngx.x86_64.rpm | 640 kB 00:00:18 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 1:nginx-1.10.0-1.el7.ngx.x86_64 1/1 ---------------------------------------------------------------------- Thanks for using nginx! Please find the official documentation for nginx here: * http://nginx.org/en/docs/ Commercial subscriptions for nginx are available on: * http://nginx.com/products/ ---------------------------------------------------------------------- Verifying : 1:nginx-1.10.0-1.el7.ngx.x86_64 1/1 Installed: nginx.x86_64 1:1.10.0-1.el7.ngx Complete! [root@localhost yum.repos.d]# nginx -v nginx version: nginx/1.10.0 [root@localhost yum.repos.d]# service nginx start Redirecting to /bin/systemctl start nginx.service ● nginx.service - nginx - high performance web server Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2016-05-10 10:19:20 CST; 3s ago Docs: http://nginx.org/en/docs/ Process: 29730 ExecStart#/usr/sbin/nginx -c /etc/nginx/nginx.conf (code#exited, status#0/SUCCESS) Process: 29729 ExecStartPre#/usr/sbin/nginx -t -c /etc/nginx/nginx.conf (code#exited, status#0/SUCCESS) Main PID: 29733 (nginx) CGroup: /system.slice/nginx.service ├─29733 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf └─29734 nginx: worker process May 10 10:19:20 localhost systemd[1]: Starting nginx - high performance web server... May 10 10:19:20 localhost nginx[29729]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok May 10 10:19:20 localhost nginx[29729]: nginx: configuration file /etc/nginx/nginx.conf test is successful May 10 10:19:20 localhost systemd[1]: Failed to read PID from file /run/nginx.pid: Invalid argument May 10 10:19:20 localhost systemd[1]: Started nginx - high performance web server. [root@localhost yum.repos.d]# curl localhost //或者打开浏览器访问http://localhost/ <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href#"http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href#"http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
ok安装好了,下面就是配置的事情
配置nginx为反向代理服务器
设置nginx开机自启动
[root@localhost yum.repos.d]# cd /etc/nginx [root@localhost nginx]# chkconfig nginx on Note: Forwarding request to 'systemctl enable nginx.service'. Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
设置nginx的反向代理规则
[root@localhost nginx]# vi nginx.conf user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; gzip on; #modify@2016-05-10 11:30 include /etc/nginx/conf.d/reverse-proxy.conf; client_max_body_size 50m; #缓冲区代理缓冲用户端请求的最大字节数,可以理解为保存到本地再传给用户 client_body_buffer_size 256k; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; proxy_connect_timeout 300s; #nginx跟后端服务器连接超时时间(代理连接超时) proxy_read_timeout 300s; #连接成功后,后端服务器响应时间(代理接收超时) proxy_send_timeout 300s; proxy_buffer_size 64k; #设置代理服务器(nginx)保存用户头信息的缓冲区大小 proxy_buffers 4 32k; #proxy_buffers缓冲区,网页平均在32k以下的话,这样设置 proxy_busy_buffers_size 64k; #高负荷下缓冲大小(proxy_buffers*2) proxy_temp_file_write_size 64k; #设定缓存文件夹大小,大于这个值,将从upstream服务器传递请求,而不缓冲到磁盘 proxy_ignore_client_abort on; #不允许代理端主动关闭连接 server { listen 80; server_name localhost; location / { root html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location # /50x.html { root html; } } #modification is done! } :wq [root@localhost nginx]# cd conf.d/ [root@localhost conf.d]# vi reverse-proxy.conf ## wiki.myweb.org -> http://10.1.1.230:8013 server { listen 80; server_name wiki.myweb.org; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://10.1.1.230:8013; } access_log /var/log/nginx/wiki_access.log; } ## zentao.myweb.org/zentao -> http://10.1.1.240:49017/zentao server { listen 80; server_name zentao.myweb.org; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://10.1.1.240:49017; } access_log /var/log/nginx/zentao_access.log; } ## trac.myweb.org -> http://10.1.1.240:8000/ server { listen 80; server_name trac.myweb.org; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://10.1.1.240:8000; } access_log /var/log/nginx/trac_access.log; } ## kb2.myweb.org -> http://10.1.1.230:8080/ server { listen 80; server_name kb2.myweb.org; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://10.1.1.230:8080; } access_log /var/log/nginx/iphmk_admin_kb2_access.log; } :wq [root@localhost conf.d]# service start nginx
最后一步
因为我们nginx的反向代理服务器是部署在10.1.1.230上,它本身也是内网服务器,所以需要在路由器上配一个路由转发规则:所有从外网80端口进来的请求,都转发到nginx所在的服务器,由nginx来负责转发。
路由器设置:虚拟服务器 WAN口 wan1 WAN端口 80 常用服务: DNS(53) LAN端口 80 内网IP 10.1.1.230 协议: 全部
ok,大公告成~
本文参考以下博文来实现部署:
/article/1475908.html (考虑做window的测试)
http://www.ttlsa.com/nginx/use-nginx-proxy/
/article/3693387.html
http://blog.csdn.net/xshalk/article/details/51313101 (后续我也要做证书授权的说)
后续的改进
我这种代理配置,看着不怎么美观,我记得有更优美的配置方式的,等悠闲的时候,可以继续优化。【重要补充:】
对了,还忘记了交代:还需要一个自己的域名(myweb.org),才可以这样去使用二级域名来解析内网应用。
如果没有,可以申请阿里云服务,然后在路由器上,来绑定内网入口的网络服务商分配给动态IP(这步很简单,就是路由器上设置填上申请的动态域名就好了)
这里的工作,属于准备期工作,申请啊备案啊,还是很繁琐的,本次没有记录下来~
相关文章推荐
- nginx反向代理多个tomcat 配置.解决因404问题js css无法加载问题
- 【转】NodeJS on Nginx: 使用nginx反向代理处理静态页面
- Cent OS 7.x下PHP JSP共存(使用Apache进行反向代理-vhost)
- Nginx之反向代理和负载均衡(模拟)
- squid实现正向代理实现上网
- windows中squid更改默认安装路径配置说明
- Nginx 反向代理、负载均衡、页面缓存、URL重写及读写分离详解
- Nginx反向代理服務器解析
- squid如何做正向代理,通过重定向器匹配正则重写url
- squid实现反向代理!!!
- 正向代理与反向代理的区别(清晰明了)
- 【Nginx-反向代理服务器】实践篇(三)之Tomcat+Nginx搭建集群
- 反向代理与web容器对比
- 利用nginx的反向代理和tomcat整合
- nginx反向代理
- nginux做反向代理配置文件
- Nginx反向代理
- nginx系列3——nginx反向代理、动静分离、负载均衡
- Nginx反向代理
- 简单实现nginx+tomcat的反向代理与动静分离