您的位置:首页 > 运维架构 > Nginx

Nginx的编译安装以及简单配置

2018-02-22 00:50 645 查看

编译环境

操作系统 
rhel6.5
;

内核版本 
2.6.32-431.el6.x86_64
;

使用软件包为 
nginx-1.10.1.tar.gz
;

主机为
172.25.23.6
;

hostname:server6.com
;

虚拟机类型:
kvm
;

[root@server6 ~]# tar xvf nginx-1.10.1.tar.gz


编译选项:

–prefix=/usr/local/lnmp/nginx

–with-http_ssl_module

–with-http_stub_status_module

可能出现的错误

Linux 2.6.32-431.el6.x86_64 x86_64

checking for C compiler … not found

./configure: error: C compiler cc is not found

解决的办法:

[root@server6 nginx-1.10.1]# yum install gcc make -y


可能出现的错误2

./configure: error: the HTTP rewrite module requires the PCRE library.

You can either disable the module by using –without-http_rewrite_module

option, or install the PCRE library into the system, or build the PCRE library

statically from the source with nginx by using –with-pcre= option.

解决的办法

[root@server6 nginx-1.10.1]# yum install -y pcre-devel


可能出现的错误3

./configure: error: SSL modules require the OpenSSL library.

You can either do not enable the modules, or install the OpenSSL library

into the system, or build the OpenSSL library statically from the source

with nginx by using –with-openssl= option.

解决的办法

[root@server6 nginx-1.10.1]# yum install -y openssl-devel


执行编译命令:

[root@server6 nginx-1.10.1]#  ./configure \
--prefix=/usr/local/lnmp/nginx  \
--with-http_ssl_module \
--with-http_stub_status_module


认真检查
MakeFile
文件生成的过程没有错误,并且出现:

configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ md5: using OpenSSL library
+ sha1: using OpenSSL library
+ using system zlib library

nginx path prefix: "/usr/local/lnmp/nginx"
nginx binary file: "/usr/local/lnmp/nginx/sbin/nginx"
nginx modules path: "/usr/local/lnmp/nginx/modules"
nginx configuration prefix: "/usr/local/lnmp/nginx/conf"
nginx configuration file: "/usr/local/lnmp/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/lnmp/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/lnmp/nginx/logs/error.log"
nginx http access log file: "/usr/local/lnmp/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"


执行
make
命令

[root@server6 nginx-1.10.1]# make


执行 
make install
命令

[root@server6 nginx-1.10.1]# make install


配置软链接,方便进行访问

[root@server6 sbin]# ln -sv /usr/local/lnmp/nginx/sbin/nginx /usr/local/sbin/
`/usr/local/sbin/nginx' -> `/usr/local/lnmp/nginx/sbin/nginx'


关闭可能会影响nginx正常访问的服务,这里是测试环境,生产环境中不建议进行关闭:

root@server6 sbin]# setenforce 0
[root@server6 sbin]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@server6 sbin]# chkconfig iptables off


通过浏览器查看
Nginx
的欢迎页面



由于
Nginx
工作的用户是
nobody
,需要添加
nginx
用户



[root@server6 conf]# useradd -u 1000 -d /usr/local/lnmp/nginx/ nginx
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@server6 conf]# id nginx
uid=1000(nginx) gid=1000(nginx) groups=1000(nginx)


修改CPU的上限为两个,启动多线程,首先需要修改虚拟机的配置,这里是用的虚拟机是
KVM




修改
CPU
通过命令

[root@server6 ~]# lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                2
On-line CPU(s) list:   0,1
Thread(s) per core:    1
Core(s) per socket:    1




修改
Nginx
的配置文件

[root@server6 conf]# vim nginx.conf
user  nginx;
worker_processes  2;
worker_cpu_affinity 01 10;


查看修改之后的结果



修改对于资源的限制

[root@server6 conf]# su - nginx
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 3771
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited


编辑系统对于资源的限制文件;

[root@server6 conf]# vim /etc/security/limits.conf
添加:
# End of file
#
nginx           -       nofile          4096
nginx           -       nproc           4096


再次查看修改后的资源限制情况

[root@server6 conf]# su - nginx
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 3771
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 4096
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited




使用
ab
命令对
nginx
进行一次测试

[root@my Desktop]# ab -n 5000 -c 100 http://172.25.23.6/index.html This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ 
Benchmarking 172.25.23.6 (be patient)
Completed 500 requests
Completed 1000 requests
Completed 1500 requests
Completed 2000 requests
Completed 2500 requests
Completed 3000 requests
Completed 3500 requests
Completed 4000 requests
Completed 4500 requests
Completed 5000 requests
Finished 5000 requests

Server Software:        nginx/1.10.1
Server Hostname:        172.25.23.6
Server Port:            80

Document Path:          /index.html
Document Length:        612 bytes

Concurrency Level:      100
Time taken for tests:   0.467 seconds
Complete requests:      5000
Failed requests:        0
Write errors:           0
Total transferred:      4225000 bytes
HTML transferred:       3060000 bytes
Requests per second:    10703.20 [#/sec] (mean)
Time per request:       9.343 [ms] (mean)
Time per request:       0.093 [ms] (mean, across all concurrent requests)
Transfer rate:          8832.23 [Kbytes/sec] received

Connection Times (ms)
min  mean[+/-sd] median   max
Connect:        0    2   1.3      2       7
Processing:     1    7   3.8      6      17
Waiting:        1    7   4.0      6      17
Total:          5    9   3.0      8      18

Percentage of the requests served within a certain time (ms)
50%      8
66%     10
75%     12
80%     12
90%     15
95%     15
98%     15
99%     16
100%     18 (longest request)


通过浏览器查看
Nginx
的工作状态信息

[root@server6 nginx]# vim conf/nginx.conf
location /status {
stub_status on;
access_log off;

}
[root@server6 nginx]# nginx -t
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test is successful




配置
Nginx
支持
HTTPS
的访问方式

[root@server6 nginx]# vim conf/nginx.conf
HTTPS server

server {
listen       443 ssl;
server_name  server6.com;

ssl_certificate      cert.pem;
ssl_certificate_key  cert.pem;

ssl_session_cache    shared:SSL:1m;
ssl_session_timeout  5m;

ssl_ciphers  HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers  on;

location / {
root   html;
index  index.html index.htm;
}
}


需要生成密钥文件

[root@server6 nginx]# cd /etc/pki/tls/certs/
[root@server6 certs]# ls
ca-bundle.crt  ca-bundle.trust.crt  make-dummy-cert  Makefile  renew-dummy-cert
[root@server6 certs]# make cert.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 >  cert.pem ; \
echo ""    >> cert.pem ; \
cat $PEM2 >> cert.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
.....................+++
....................................+++
writing new private key to '/tmp/openssl.HhyS3f'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shaanxi
Locality Name (eg, city) [Default City]:Xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:server6.com
Email Address []:root@server6.com
[root@server6 certs]# mv cert.pem /usr/local/lnmp/nginx/conf/
[root@server6 nginx]# nginx -t
nginx: the configuration file /usr/local/lnmp/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/lnmp/nginx/conf/nginx.conf test is successful

[root@server6 nginx]# nginx -s reload


通过浏览器通过
HTTPS
的方式进行访问





配置域名主机

[root@server6 nginx]# vim conf/nginx.conf
server {
listen 80;
server_name server6.westos.org;
location / {
root /web1;
index index.html;
}
}
server {
listen 80;
server_name server6.westos.org;
location / {
root /web2;
index index.html;
}
}

[root@server3 ~]# mkdir /web1
[root@server3 ~]# echo server6.westos.com > /web1/index.html
[root@server3 ~]# chown nginx.nginx /web1/ -R
[root@server3 ~]# mkdir /web2
[root@server3 ~]# echo server6.linux.com > /web2/index.html
[root@server3 ~]# chown nginx.nginx /web2/ -R
[root@server3 ~]# nginx -s reload


需要在真机上面配置域名解析,这里通过
/etc/hosts
进行配置

[root@my Desktop]# vim /etc/hosts
添加
172.25.23.6 server6.com server6 server6.linux.org server6.westos.org


验证上述的结果





接下来需要两台主机实现
Nginx
httpd
服务的调度

实验主机: server3.com 172.25.23.3

实验主机: server4.com 172.25.23.4

* 首先需要在
server3
以及
server4
上面配置好httpd服务

* server3主机配置

[root@server3 ~]# cat  /var/www/html/index.html
<h2>Server 3 Linux Virtual server</h2>
[root@server3 ~]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@server3 ~]# chkconfig iptables off
[root@server3 ~]# setenforce 0
[root@server3 ~]# /etc/init.d/httpd start
Starting httpd:                                            [  OK  ]


server4主机配置

[root@server4 ~]# echo server4.com >> /var/www/html/index.html
[root@server4 ~]# setenforce 0
[root@server4 ~]# /etc/init.d/httpd start
Starting httpd:                                            [  OK  ]


server6 Nginx主机上面的服务配置

[root@server6 ~]# vim /usr/local/lnmp/nginx/conf/nginx.conf
http {
upstream westos {
server 172.25.23.3:80;
server 172.25.23.4:80;
}

server {
listen 80;
server_name server6.westos.org;
location / {
#       root /web1;
#       index index.html;
proxy_pass http://westos; }
}


可以查看
Nginx
对于两台主机的调度情况



F5
刷新页面之后,看到的是这个页面



在停止某一个节点的服务后,查看nginx是否会将服务调度到关闭服务的节点上面:

[root@server3 ~]# /etc/init.d/httpd stop
Stopping httpd:                                            [  OK  ]




再次刷新之后,看到的仍然是这个页面;

验证
weight
对于调度过程的影响:

验证之前(需要说明一下,为了对比明显,分别将server3 server4上面的index.html进行修改)

[root@my Desktop]# for i in $(seq 10);do curl server6.westos.org ;done
server4.com
server3.com
server4.com
server3.com
server4.com
server3.com
server4.com
server3.com
server4.com
server3.com


修改配置文件,增加权值
weight


[root@server6 ~]# vim /usr/local/lnmp/nginx/conf/nginx.conf
http {
upstream westos {
server 172.25.23.3:80 weight=2;
server 172.25.23.4:80;
}

}

[root@my Desktop]# ssh 172.25.23.6 'nginx -s reload'


同样使用上述的命令进行查看

[root@my Desktop]# for i in $(seq 10);do curl server6.westos.org ;done
server3.com
server4.com
server3.com
server3.com
server4.com
server3.com
server3.com
server4.com
server3.com
server3.com


验证
ip_hash
算法的过程

修改配置文件,增加
ip_hash
选项

[root@server6 ~]# vim /usr/local/lnmp/nginx/conf/nginx.conf
http {
upstream westos {
ip_hash;
server 172.25.23.3:80 weight=2;
server 172.25.23.4:80;
}

[root@server6 ~]# nginx -s reload


使用命令访问,查看结果

[root@my Desktop]# for i in $(seq 10);do curl server6.westos.org ;done
server3.com
server3.com
server3.com
server3.com
server3.com
server3.com
server3.com
server3.com
server3.com
server3.com


关闭
server3
上面的
httpd
服务 ,调度的
hash
算法将失效

[root@my Desktop]# ssh 172.25.23.3 '/etc/init.d/httpd stop'
X11 forwarding request failed on channel 0
Stopping httpd: [  OK  ]
[root@my Desktop]# for i in $(seq 10);do curl server6.westos.org ;done
server4.com
server4.com
server4.com
server4.com
server4.com
server4.com
server4.com
server4.com
server4.com
server4.com


验证
backup
算法,并且将
Nginx
所在的主机作为
server3
server4
主机宕机后的备用提示节点

[root@server6 ~]# yum install httpd -y
nginx已经占用80端口,修改httpd为8080
[root@server6 ~]# vim /etc/httpd/conf/httpd.conf
#Listen 12.34.56.78:80
Listen 8080
[root@server6 ~]# /etc/init.d/httpd start
[root@server6 ~]# echo "the server is testing please try again later" > /var/www/html/index.html


修改
Nginx
的配置文件,将本机作为备用节点

http {
upstream westos {
server 172.25.23.3:80;
server 172.25.23.4:80;
server 172.25.23.6:8080 backup;

}
}


停止两台主机上面的服务,并且查看备用节点是否正常工作

[root@my Desktop]# ssh 172.25.23.4 '/etc/init.d/httpd stop'
X11 forwarding request failed on channel 0
Stopping httpd: [  OK  ]
[root@my Desktop]# ssh 172.25.23.3 '/etc/init.d/httpd stop'
X11 forwarding request failed on channel 0
Stopping httpd: [  OK  ]

[root@my Desktop]# for i in $(seq 10);do curl server6.westos.org ;done
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
the server is testing please try again later
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  Nginx Nginx 编译 Nginx基础配置
相关文章推荐
新的分享
章节导航