一、基本环境搭建
1)查看服务器
[root@Myjumpserver ~]# cat /etc/sysconfig/selinux SELINUX=disabled SELINUXTYPE=targeted [root@Myjumpserver ~]# cat /etc/redhat-release CentOS release 6.6 (Final) [root@Myjumpserver ~]# uname -r 2.6.32-504.el6.x86_64
2)安装基本的依赖包
yum -y install gcc yum -y install gcc-c++ yum -y install glibc.i686 yum -y install dos2unix yum -y install vsftpd yum install -y redhat-lsb yum -y install zlib* yum install nss -y
二、搭建mysql,nginx,python环境
1.1)安装mysql5.6版本
rpm -ivh http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm yum install -y mysql-server mysql-devel
1.2)设置mysql
修改my.cnf文件 vim /etc/my.cnf [mysqld] innodb_file_per_table #独立表空间模式 service mysqld start #启动 mysql_secure_installation #MySQL安全配置向导 Enter current password for root (enter for none): <–初次运行直接回车 Set root password? [Y/n] <– 是否设置root用户密码,输入y并回车或直接回车 Remove anonymous users? [Y/n] <– 是否删除匿名用户,生产环境建议删除,所以直接回车 Disallow root login remotely? [Y/n] <–是否禁止root远程登录,根据自己的需求选择Y/n并回车,建议禁止 Remove test database and access to it? [Y/n] <– 是否删除test数据库,直接回车 Reload privilege tables now? [Y/n] <– 是否重新加载权限表,直接回车 mysql -uroot -p # 进入mysql CREATE DATABASE myjumpserver CHARACTER SET utf8 COLLATE utf8_bin; GRANT ALL PRIVILEGES ON myjumpserver.* TO user@'%' IDENTIFIED BY '123456'; FLUSH PRIVILEGES; 创建库 myjumpserver 授权用户 user 用户密码 123456 连接地址 任意网段
1.3)测试连接
2.1)安装nginx
yum install -y gcc-c++ autoconf automake zlib zlib-devel openssl openssl-devel pcre pcre-devel 安装依赖包 cd /opt/ wget http://nginx.org/download/nginx-1.9.9.tar.gz cd nginx-1.9.9 useradd nginx -s /sbin/nologin -M ./configure --user=nginx --group=nginx # 编译参数 make && make install [root@Myjumpserver nginx]# ll /usr/local/nginx/ total 36 drwx------ 2 nginx root 4096 Nov 16 14:17 client_body_temp drwxr-xr-x 2 root root 4096 Nov 16 14:17 conf drwx------ 2 nginx root 4096 Nov 16 14:17 fastcgi_temp drwxr-xr-x 2 root root 4096 Nov 16 14:17 html drwxr-xr-x 2 root root 4096 Nov 16 14:17 logs drwx------ 2 nginx root 4096 Nov 16 14:17 proxy_temp drwxr-xr-x 2 root root 4096 Nov 16 14:17 sbin drwx------ 2 nginx root 4096 Nov 16 14:17 scgi_temp drwx------ 2 nginx root 4096 Nov 16 14:17 uwsgi_temp [root@Myjumpserver nginx-1.9.9]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
2.2)常用的编译参数
./configure \ --prefix=/home/nginx \ --sbin-path=/usr/sbin/nginx \ --user=nginx \ --group=nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/home/log/nginx/error.log \ --http-log-path=/home/log/nginx/access.log \ --with-http_ssl_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --with-http_realip_module \ --pid-path=/home/run/nginx.pid \ --with-pcre=/home/software/pcre-8.35 \ --with-zlib=/home/software/zlib-1.2.8 \ --with-openssl=/home/software/openssl-1.0.1i
编译参数说明
-prefix=/home/nginx \ Nginx安装的根路径,所有其它路径都要依赖该选项 --sbin-path=/usr/sbin/nginx \ nginx的可执行文件的路径(nginx) --user=nginx \ worker进程运行的用户 --group=nginx \ worker进程运行的组 --conf-path=/etc/nginx/nginx.conf \ 指向配置文件(nginx.conf) --error-log-path=/var/log/nginx/error.log \ 指向错误日志目录 --http-log-path=/var/log/nginx/access.log \ 设置主请求的HTTP服务器的日志文件的名称 --with-http_ssl_module \ 使用https协议模块。默认情况下,该模块没有被构建。前提是openssl与openssl-devel已安装 --with-http_gzip_static_module \ 启用ngx_http_gzip_static_module支持(在线实时压缩输出数据流) --with-http_stub_status_module \ 启用ngx_http_stub_status_module支持(获取nginx自上次启动以来的工作状态) --with-http_realip_module \ 启用ngx_http_realip_module支持(这个模块允许从请求标头更改客户端的IP地址值,默认为关) --pid-path=/var/run/nginx.pid \ 指向pid文件(nginx.pid) 设置PCRE库的源码路径,如果已通过yum方式安装,使用–with-pcre自动找到库文件。使用–with-pcre=PATH时,需要从PCRE网站下载pcre库的源码(版本4.4 – 8.30)并解压, 剩下的就交给Nginx的./configure和make来完成。perl正则表达式使用在location指令和 ngx_http_rewrite_module模块中。 --with-pcre=/home/software/pcre-8.35 \ 指定 zlib(版本1.1.3 – 1.2.5)的源码解压目录。在默认就启用的网络传输压缩模块ngx_http_gzip_module时需要使用zlib 。 --with-zlib=/home/software/zlib-1.2.8 \ 指向openssl安装目录 --with-openssl=/home/software/openssl-1.0.1i
2.3)nginx文件夹说明
conf: 配置文件夹,最重要文件是nginx.conf
html: 静态网页文件夹
logs: 日志文件夹
sbin: nginx 的可执行文件,启动、停止等操作
2.4)nginx启动命令
/usr/local/nginx/sbin/nginx 启动 /usr/local/nginx/sbin/nginx -s stop 停止 /usr/local/nginx/sbin/nginx -s reload 平滑重启
2.5)修改nginx配置文件
user nginx; worker_processes 4; worker_cpu_affinity 00000001 00000010 00000100 00001000; worker_rlimit_nofile 204800; pid /var/run/nginx.pid; events { worker_connections 204800; use epoll; multi_accept off; } http { include /usr/local/nginx/conf/mime.types; default_type application/octet-stream; log_format main '$remote_addr --- $remote_user --- [$time_local] --- $request --- ' '"$status" --- $body_bytes_sent --- "$http_referer" --- ' '"$http_user_agent" --- "$http_x_forwarded_for"'; log_format mtr '$remote_addr [$time_local] "$request_uri" ' '$status "$http_referer" ' '"$http_user_agent" "$host"'; sendfile on; keepalive_timeout 30; client_header_timeout 30; client_body_timeout 40; server_tokens off; tcp_nodelay on; gzip on; include /usr/local/nginx/conf/vhost/*.conf; fastcgi_send_timeout 300; fastcgi_read_timeout 300; #fastcgi_buffer_size 16k; #fastcgi_buffers 16 16k; #fastcgi_busy_buffers_size 16k; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; server_names_hash_bucket_size 128; client_header_buffer_size 2k; large_client_header_buffers 4 4k; client_max_body_size 100k; open_file_cache max=51200 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; }
在子文件夹(vhost),创建jumpserver.conf
[root@Myjumpserver vhost]# cat jumpserver.conf server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; access_log /data/log/nginx/myjumpserver_access.log main; error_log /data/log/nginx/myjumpserver_error.log; location / { uwsgi_pass 192.168.10.13:8888; include uwsgi_params; } location /static { alias /opt/wwwroot/MyJumpserver/static/; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }
语法测试
[root@Myjumpserver vhost]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: [emerg] open() "/data/log/nginx/myjumpserver_access.log" failed (2: No such file or directory) nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed [root@Myjumpserver vhost]# mkdir -p /data/log/nginx/ [root@Myjumpserver vhost]# touch myjumpserver_access.log [root@Myjumpserver vhost]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
关于jumpserver.conf配置文件说明
[root@Myjumpserver vhost]# cat jumpserver.conf server { listen 80; server_name localhost; access_log /data/log/nginx/myjumpserver_access.log main; error_log /data/log/nginx/myjumpserver_error.log; location / { uwsgi_pass 192.168.10.13:8888; include uwsgi_params; } # django项目文件, MyJumpserver,静态资源这里加载 location /static { alias /opt/wwwroot/MyJumpserver/static/; } # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } # 访问localhost:80 ===>192.168.10.13:8888(uwsgi服务提供的)
3.1)python3环境的安装
python3 安装文档:https://www.cnblogs.com/linu/articles/9879572.html
[root@Myjumpserver Python-3.6.2]# python3 -V Python 3.6.2 [root@Myjumpserver Python-3.6.2]# pip3 -V pip 9.0.1 from /usr/local/python3/lib/python3.6/site-packages (python 3.6)
3.2)python3模块安装
pip3 install django==1.11.7 -i http://pypi.douban.com/simple --trusted-host pypi.douban.com pip3 install pymysql -i http://pypi.douban.com/simple --trusted-host pypi.douban.com pip3 install uwsgi -i http://pypi.douban.com/simple --trusted-host pypi.douban.com ln -s /usr/local/python3/bin/uwsgi /usr/bin/uwsgi # 特别重要
三、拷贝代码到nginx代码目录测试
1)python测试
[root@Myjumpserver wwwroot]# ls /opt/wwwroot/ MyJumpserver [root@Myjumpserver wwwroot]# cd MyJumpserver/ [root@Myjumpserver MyJumpserver]# python3 manage.py runserver 192.168.10.13:888 Performing system checks... System check identified no issues (0 silenced). November 16, 2018 - 07:55:29 Django version 1.11.7, using settings 'MyJumpserver.settings' Starting development server at http://192.168.10.13:888/ Quit the server with CONTROL-C.
2)使用uwsgi测试,http方式启动
[root@Myjumpserver MyJumpserver]# ls backup manage.py MyJumpserver static static_time.py templates test.py uwsgi.ini uwsgi.log uwsgi.pid web01 [root@Myjumpserver MyJumpserver]# vim uwsgi.ini [root@Myjumpserver MyJumpserver]# pwd /opt/wwwroot/MyJumpserver [root@Myjumpserver MyJumpserver]# ls backup manage.py MyJumpserver static static_time.py templates test.py uwsgi.ini uwsgi.log uwsgi.pid web01 [root@Myjumpserver MyJumpserver]# cat uwsgi.ini [uwsgi] # 使用nginx 连接时使用 # socket=192.168.10.13:8888 # 直接做web服务器使用 http=192.168.10.13:8888 # 项目目录 chdir=/opt/wwwroot/MyJumpserver # 项目中wsgi.py 文件的目录,相对于项目目录 wsgi-file=MyJumpserver/wsgi.py processes=4 threads=2 master=True pidfile=uwsgi.pid daemonize=uwsgi.log
启动命令
uwsgi --ini uwsgi.ini ps ajx|grep uwsgi 停止 1、uwsgi --stop uwsgi.pid(不好用,经常报pid找不到) 2、sudo pkill -f uwsgi -9(不好用,有可能报错,无效的-9) 3、killall -9 uwsgi(该命令最好用) yum install psmisc -y 安装killall命令
启动程序
[root@Myjumpserver MyJumpserver]# uwsgi --ini uwsgi.ini [uWSGI] getting INI configuration from uwsgi.ini [root@Myjumpserver MyJumpserver]# ps -ef|grep uwsgi root 17709 1 2 16:35 ? 00:00:00 uwsgi --ini uwsgi.ini root 17711 17709 0 16:35 ? 00:00:00 uwsgi --ini uwsgi.ini root 17712 17709 0 16:35 ? 00:00:00 uwsgi --ini uwsgi.ini root 17713 17709 0 16:35 ? 00:00:00 uwsgi --ini uwsgi.ini root 17714 17709 0 16:35 ? 00:00:00 uwsgi --ini uwsgi.ini root 17720 1418 0 16:35 pts/0 00:00:00 grep uwsgi
没有加载静态文件,说明成功。因为uwsgi不能使用Django的路径加载
3)使用socket方式启动,并配合nginx检查
访问网页
四、重点总结
1)uwsgi.ini文件
[root@Myjumpserver MyJumpserver]# cat uwsgi.ini [uwsgi] # 使用nginx 连接时使用 socket=192.168.10.13:8888 # 直接做web服务器使用 #http=192.168.10.13:8888 # 项目目录 chdir=/opt/wwwroot/MyJumpserver # 项目中wsgi.py 文件的目录,相对于项目目录 wsgi-file=MyJumpserver/wsgi.py processes=4 threads=2 master=True pidfile=uwsgi.pid daemonize=uwsgi.log
2)nginx的配置文件,
[root@Myjumpserver vhost]# cat jumpserver.conf server { listen 80; server_name localhost; access_log /data/log/nginx/myjumpserver_access.log main; error_log /data/log/nginx/myjumpserver_error.log; location / { uwsgi_pass 192.168.10.13:8888; include uwsgi_params; } # django项目文件, MyJumpserver,静态资源这里加载 location /static { alias /opt/wwwroot/MyJumpserver/static/; } # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } # 访问localhost:80 ===>192.168.10.13:8888(uwsgi服务提供的)
3) django的后台静态资源加载
server { listen 8000; server_name localhost; access_log /data/log/nginx/pvzstar_access.log main; error_log /data/log/nginx/pvzstar_error.log; location / { uwsgi_pass 192.168.2.155:8888; include uwsgi_params; } # django项目文件, MyJumpserver,静态资源这里加载 location /static { alias /usr/local/python3/lib/python3.6/site-packages/django/contrib/admin/static/; } # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
实质
返回nginx的80端口实质指向了uwsgi的socket连接对象
即 http:192.168.10.13 ==>socket 192.168.10.13:8888