Nginx基本配置与应用
一、准备
1.1 环境准备
1.2 tomcat多实例
把/etc/profile.d/tomcat.sh中的变量注释了
#export TOMCAT_HOME=/usr/local/tomcat
#export CATALINA_HOME=/usr/local/tomcat
#export CATALINA_BASE=/usr/local/tomcat
#export CATALINA_TMPDIR=/usr/local/tomcat/temp
#export TOMCAT_USER=tomcat
unset TOMCAT_HOME
unset CATALINA_HOME
unset CATALINA_BASE
unset CATALINA_TMPDIR
复制tomcat目录
cd /opt/tomcat
cp -a apache-tomcat-8.5.16 tomcat8180
cp -a apache-tomcat-8.5.16 tomcat8280
cp -a apache-tomcat-8.5.16 tomcat8380
修改配置
# 创建部署目录
mkdir -p /data/webapps
chown -R tomcat:tomcat /data/webapps
# 修改配置,通过脚本修改如下内容
# 行号 替换前 替换后
# 22 8005 => 8105
# 69 8080 => 8180
# 116 8009 => 8109
# 148 appBase="webapps" => appBase="/data/webapps"
# 执行脚本a.sh
sh a.sh
# 查看修改后的不同
diff /opt/tomcat/apache-tomcat-8.5.16/conf/server.xml /opt/tomcat/tomcat8180/conf/server.xml
a.sh
#!/bin/sh
for i in {1..3}
do
file=/opt/tomcat/tomcat8"$i"80/conf/server.xml
sed -i '22s/8005/8'"$i"'05/' $file
sed -i '69s/8080/8'"$i"'80/' $file
sed -i '116s/8009/8'"$i"'09/' $file
#sed -i '148s#appBase=".*"#appBase="/data/webapps"#' $file
done
启动多实例
# 以普通用户运行tomcat
# for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/daemon.sh start;done
for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/startup.sh;done
netstat -tunlp | grep 80
# 关闭
for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/shutdown.sh;done
1.3 配置hosts
# 查看服务器ip
ifconfig
# 修改hosts
C:\Windows\System32\drivers\etc
192.168.5.210 test.com
192.168.5.210 beijing.test.com
192.168.5.210 shanghai.test.com
二、负载均衡
2.2 流程
2.2 nginx配置
http://nginx.org/en/docs/http/ngx_http_upstream_module.html
/etc/nginx.conf
/usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
# http最外层模块
http {
# 全局变量参数
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pool {
server 127.0.0.1:8180 weight=1;
server 127.0.0.1:8280 weight=1;
server 127.0.0.1:8380 weight=2;
}
# server相当于虚拟站点
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://web_pool;
index index.html index.htm;
}
}
}
解析
http:根元素
upstream:反向代理的域
server:虚拟站点
location # 请求的一个节点
location参数
root # 站点根路径
index # 首页
proxy_pass # 代理服务
proxy_redirect off; # 是否允许重写向
proxy_set_header Host $host; # 传header参数至后台端服务
proxy_set_header X-Forwarded-For $remote_addr;
proxy_connect_timeout 90; # 连接代理服务超时时间
proxy_send_timeout 90; # 请求改善最大时间
proxy_read_timeout 90; # 读取最大时间
upstream参数
service # 反向服务地址加端口
weight # 权重
max_fails # 失败多少次后认为主机已经挂掉,踢出
fail_timeout # 踢出后重新探测时间
backup # 备用服务
max_conns # 允许最大连接数
slow_start # 当节点恢复,不立即加入
max_fails注重用户体验好就要配置低
server 127.0.0.1:8180 fail_timeout=5s slow_start=10s;
2.3 负载算法
ll+weight:根据权重轮询
ip_hash:hash(client_ip)%2=index,解决session一致性
url_hash:hash(url)%2=index,资源缓存服务
least_conn:最少连接
least_time:请求时间越少,权重越高
三、应用实战
在修改nginx.conf配置文件后
# 验证配置是否正确
nginx -t
# 平滑启动
nginx -s reload
3.1 动静分离
nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pool {
server 127.0.0.1:8180 weight=1;
server 127.0.0.1:8280 weight=1;
}
upstream static_resource {
server 127.0.0.1:8380;
}
server {
listen 80;
server_name localhost;
# 动态服务
location / {
proxy_pass http://web_pool;
index index.html index.htm;
}
# 静态服务
location ~* \.(gif|css|png|jpg|js|swf)(.*) {
proxy_pass http://static_resource;
}
}
}
tomcat内容
基中index.html
cat /opt/tomcat/tomcat8180/webapps/ROOT/index.html
<html>
<head>
<title>index</title>
</head>
<body>
<h1>Hello 8180</h1>
<img src="one-piece.png"/>
</body>
</html>
cat /opt/tomcat/tomcat8280/webapps/ROOT/index.html
<html>
<head>
<title>index</title>
</head>
<body>
<h1>Hello 8280</h1>
<img src="one-piece.png"/>
</body>
</html>
浏览器访问test.com, Hello 8180与Hello 8280循环出现
3.2 防盗链
原理就是根据Referer防盗链
nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pool {
server 127.0.0.1:8180 weight=1;
server 127.0.0.1:8280 weight=1;
}
upstream static_resource {
server 127.0.0.1:8380;
}
server {
listen 80;
server_name localhost;
# 动态服务
location / {
proxy_pass http://web_pool;
index index.html index.htm;
}
# 静态服务
location ~* \.(gif|css|png|jpg|js|swf)(.*) {
# 防盗链设置
valid_referers none blocked *.test.com;
if ($invalid_referer) {
rewrite ^/ http://7xkmkl.com1.z0.glb.clouddn.com/404.jpg;
}
proxy_pass http://static_resource;
}
}
}
用IP访问:重新打开浏览器或Chrome用隐身模式打开
3.3 城市静态站点实现
server {
listen 80;
server_name *.test.com;
root /data/www/$host;
access_log logs/$host.access.log;
location / {
index index.html;
}
}
静态站点目录如下
index.html
cat /data/www/beijing.test.com/index.html
beijing
cat /data/www/shanghai.test.com/index.html
shanghai
流量器访问beijing.test.com shanghai.test.com