nginx常用模块二及location配置说明

一、nginx常用模块

1.目录索引模块 ngx_http_autoindex_module

1)配置

[root@web02 /etc/nginx/conf.d]# vim test.conf 
server {
    listen 80;
    server_name www.test.com;

    location / {
        root /code;
        index index.html;
    }
    location /download {
        root /code;
        index index.html;
        autoindex on;
    }
}

2)优化参数

#显示文件大小,使用off
autoindex_exact_size off;

#显示确切文件修改时间
autoindex_localtime on;

2.访问限制模块 ngx_http_access_module

[root@web02 /etc/nginx/conf.d]# vim test.conf 

server {
    listen 80;
    server_name www.test.com;

    location / {
        root /code;
        index index.html;
    }
    location /download {
        root /code;
        index index.html;
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;
        #allow 10.0.0.0/24;
        allow 10.0.0.1;
        deny all;
    }
}

3.访问控制模块

1)语法

#开启认证控制,没有任何作用就是为了开启
Syntax:	auth_basic string | off;
Default:	auth_basic off;
Context:	http, server, location, limit_except

#指定用户认证的文件
Syntax:	auth_basic_user_file file;
Default:	—
Context:	http, server, location, limit_except

4. 请求头参数说明

proxy_set_header X-Forwarded-Proto $scheme
# 配置 X-Forwarded-Proto 就是为了正确地识别实际用户发出的协议是 http 还是 https。

2)配置密码文件

#生成密码文件
[root@web02 /etc/nginx/conf.d]# htpasswd -c /etc/nginx/auth_basic lhd
New password: 
Re-type new password: 
Adding password for user lhd

#生成密码,在命令行输入密码
[root@web02 /etc/nginx/conf.d]# htpasswd -b -c /etc/nginx/auth_basic lhd linux
Adding password for user lhd

#查看
[root@web02 /etc/nginx/conf.d]# vim /etc/nginx/auth_basic
lhd:$apr1$JmblF9to$jDnvQn1w7oETPYyvaL2OG.

3)配置nginx

[root@web02 /etc/nginx/conf.d]# cat test.conf 
server {
	listen 80;
	server_name www.test.com;

	location / {
		root /code;
		index index.html;
	}
	location /download {
		root /code;
		index index.html;
		autoindex on;
		autoindex_exact_size off;
		autoindex_localtime on;
		allow 10.0.0.1;
		deny all;
		auth_basic "输入用户名和密码";
		auth_basic_user_file /etc/nginx/auth_basic;
    }
}

4)添加多用户

#不添加-c参数可以添加多个用户
[root@web02 /etc/nginx/conf.d]# htpasswd /etc/nginx/auth_basic lhd
New password: 
Re-type new password: 
Adding password for user lhd

[root@web02 /etc/nginx/conf.d]# vim /etc/nginx/auth_basic
qiudao:$apr1$UL89inf6$.59e04v5ILGHpkMs2xZzF.
lhd:$apr1$9fOQ/hLl$DEugqKzv.0SNBziFMLdVZ1

4.nginx状态模块

1)语法

Syntax:	stub_status;
Default:	—
Context:	server, location

2)配置

[root@web02 /etc/nginx/conf.d]# cat test.conf 
server {
	listen 80;
	server_name www.test.com;

	location / {
		root /code;
		index index.html;
	}
	location /download {
		root /code;
		index index.html;
		autoindex on;
		autoindex_exact_size off;
		autoindex_localtime on;
		allow 10.0.0.1;
		deny all;
		auth_basic "输入用户名和密码";
		auth_basic_user_file /etc/nginx/auth_basic;
    }
	location /status {
		stub_status;
    }
}

3)状态页

#访问 http://www.test.com/status

#返回内容
Active connections: 2 
server accepts handled requests
 		  2 	 2 	   	 1 
Reading: 0 Writing: 1 Waiting: 1 

#nginx七种状态
Active connections		#活跃的连接数
accepts				   #接受的TCP连接数
handled				   #已处理的TCP连接数
requests			   #请求数
Reading				   #读取的请求头的数量
Writing				   #响应的请求头的数量
Waiting				   #等待的请求数量

#可以用作监控日PV
[root@web02 /etc/nginx/conf.d]# curl -s http://www.test.com/status | awk 'NR==3 {print $3}'

5.连接限制模块 ngx_http_limit_conn_module

1)语法

#设置限制的空间
Syntax:	limit_conn_zone key zone=name:size;
Default:	—
Context:	http

limit_conn_zone 	#调用限制模块
key 			   #存储的内容
zone=			   #空间
name:			   #空间的名字
size;			   #空间的大小

#调用空间
Syntax:	limit_conn zone number;
Default:	—
Context:	http, server, location

limit_conn 			#调用空间
zone 				#空间名字
number;				#同一个信息可以保存的次数

2)配置

[root@web02 /etc/nginx/conf.d]# cat test.conf 

limit_conn_zone $remote_addr zone=conn_zone:1m;
server {
	listen 80;
	server_name www.test.com;
	limit_conn conn_zone 1;

	location / {
		root /code;
		index index.html;
	}
	location /download {
		root /code;
		index index.html;
		autoindex on;
		autoindex_exact_size off;
		autoindex_localtime on;
		allow 10.0.0.1;
		deny all;
		auth_basic "输入用户名和密码";
		auth_basic_user_file /etc/nginx/auth_basic;
    }
	location /status {
		stub_status;
    }
}

6.请求限制模块

1)语法

#设置请求限制的空间
Syntax:	limit_req_zone key zone=name:size rate=rate [sync];
Default:	—
Context:	http

limit_req_zone 		#调用模块
key 				#空间存储的内容
zone=				#指定空间
name:				#空间的名字
size 				#空间的大小
rate=rate;			#读写速率

#调用空间
Syntax:	limit_req zone=name [burst=number] [nodelay | delay=number];
Default:	—
Context:	http, server, location

limit_req 					#调用空间
zone=name 					#指定空间名字
[burst=number] 				#扩展
[nodelay | delay=number];	  #延时

2)配置

[root@web02 /etc/nginx/conf.d]# cat test.conf 
limit_conn_zone $remote_addr zone=conn_zone:1m;
limit_req_zone $remote_addr zone=req_zone:1m rate=1r/s;

server {
	listen 80;
	server_name www.test.com;
	limit_conn conn_zone 1;
	limit_req zone=req_zone;
	location / {
		root /code;
		index index.html;
	}
	location /download {
		root /code;
		index index.html;
		autoindex on;
		autoindex_exact_size off;
		autoindex_localtime on;
		allow 10.0.0.1;
		deny all;
		auth_basic "输入用户名和密码";
		auth_basic_user_file /etc/nginx/auth_basic;
    }
	location /status {
		stub_status;
    }
}

3)测试请求限制

[root@web02 /etc/nginx/conf.d]# ab -n 200 -c 2 http://www.test.com/
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking www.test.com (be patient)
Completed 100 requests
Completed 200 requests
Finished 200 requests


Server Software:        nginx/1.18.0
Server Hostname:        www.test.com
Server Port:            80

Document Path:          /
Document Length:        13 bytes

Concurrency Level:      2
Time taken for tests:   0.036 seconds
Complete requests:      200
Failed requests:        199
   (Connect: 0, Receive: 0, Length: 199, Exceptions: 0)
Write errors:           0
Non-2xx responses:      199
Total transferred:      73674 bytes
HTML transferred:       39216 bytes
Requests per second:    5492.24 [#/sec] (mean)
Time per request:       0.364 [ms] (mean)
Time per request:       0.182 [ms] (mean, across all concurrent requests)
Transfer rate:          1975.76 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.8      0      12
Processing:     0    0   0.6      0       4
Waiting:        0    0   0.5      0       4
Total:          0    0   1.0      0      12

Percentage of the requests served within a certain time (ms)
  50%      0
  66%      0
  75%      0
  80%      0
  90%      0
  95%      0
  98%      4
  99%      4
 100%     12 (longest request)
[root@web02 /etc/nginx/conf.d]#

二、nginx的location配置

使用Nginx Location可以控制访问网站的路径,但一个server可以有多个location配置, 多个location的优先级该如何区分

1.location语法

Syntax:	location [ = | ~ | ~* | ^~ ] uri { ... }
location @name { ... }
Default:	—
Context:	server, location

2.location匹配符

匹配符 匹配规则 优先级
= 精确匹配 1
^~ 以某个字符串开头 2
~ 区分大小写的正则匹配 3
~* 不区分大小写的正则匹配 3
/ 通用匹配,任何请求都会匹配到 4

3.优先级验证

[root@web02 /etc/nginx/conf.d]# cat location.conf 
server {
    listen 80;
    server_name www.location.com;
    #location / {
    #    default_type text/html;
    #    return 200 "location /";
    #}
 
    location =/ {
        default_type text/html;
        return 200 "location =/";
    }
 
    location ~* / {
        default_type text/html;
        return 200 "location ~* /";
    }
 
    location ^~ / {
      default_type text/html;
      return 200 "location ^~";
    }
}

4.location应用场景

#通用匹配,任何请求都会匹配到
location / {
    ...
}
 
#严格区分大小写,匹配以.php结尾的都走这个location    
location ~ \.php$ {
    ...
}
 
#严格区分大小写,匹配以.jsp结尾的都走这个location 
location ~ \.jsp$ {
    ...
}
 
#不区分大小写匹配,只要用户访问.jpg,gif,png,js,css结尾的都走这条location
location ~* .*\.(jpg|gif|png|js|css)$ {
    ...
}
 
#不区分大小写匹配
location ~* "\.(sql|bak|tgz|tar.gz|.git)$" {
    ...
}

三、LNMP架构

1.简介

LNMP是一套技术的组合,L=Linux、N=Nginx、M~=MySQL、P~=PHP
不仅仅包含这些,还有redis/ELK/zabbix/git/jenkins/kafka

2.LNMP工作方式

首先Nginx服务是不能处理动态请求,那么当用户发起动态请求时, Nginx又是如何进行处理的。
	1.静态请求:请求静态文件的请求
		静态文件:
		1)上传时什么样子,查看时就是什么样子
		2)html的页面都是静态的
	2.动态请求:请求动态内容,带参数的请求
		1)服务器上并不是真实存在的,需要都数据库等服务上去获取数据,组成的页面
	
当用户发起http请求,请求会被Nginx处理,如果是静态资源请求Nginx则直接返回,如果是动态请求Nginx则通过fastcgi协议转交给后端的PHP程序处理,具体如下图所示

1.访问流程

1.浏览器输入域名,浏览器拿着域名取DNS服务器解析
2.DNS服务器解析域名为IP
3.浏览器去请求该IP对应的服务器
4.浏览器请求nginx
5.nginx判断请求是动态请求还是静态请求
	#静态请求
	location / {
    	root /code;
    	index index.html;
	}
	#动态请求
	location ~* \.php$ {
    	fastcgi_pass 127.0.0.1:9000;
    	... ...
	}
6.如果是静态请求,nginx直接返回内容
7.如果是动态内容,nginx会通过fastcgi协议找php-fpm管理进程

8.php-fpm管理进程会去下发工作给wrapper工作进程
9.wrapper工作进程判断是不是php文件
10.如果只是php文件,可以直接解析然后返回结果
11.如果还需要读取数据库,wrapper进程会去读取数据库数据,然后返回数据
12.数据流转:
	1)请求:浏览器-->负载均衡-->nginx-->php-fpm-->wrapper-->mysql
	2)响应:mysql-->wrappe-->php-fpm-->nginx-->负载均衡-->浏览器
posted @ 2020-08-25 14:49  nick_xm  阅读(360)  评论(0编辑  收藏  举报