Nginx的特性

  1. 支持高并发:能支持几万并发连接(特别是静态小文件业务环境)
  2. 资源消耗少:在3万并发连接下,开启10哥Nginx线程消耗的内存不到200MB
  3. 可以做HTTP反向代理及加速缓存,即负载均衡功能,内置对RS节点服务器健康检查功能,这相当于专业的Haproxy软件或LVS的功能
  4. 具备Squid等专业缓存软件等的缓存功能。
  5. 支持异步网络I/O事件模型epoll(linux2.6+)。

1.安装Nginx所需要的pcre库和openssl  #pcre兼容正则表达    openssl在使用https会用到此模块不装会报错

yum install -y pcre-devel openssl-devel
apt-get install -y openssl libssl-dev libpcre3 libpcre3-dev

2.下载Nginx源码包   到官网http://nginx.org/下载 企业应用建议下载半年以前的稳定版  #wget 可以加-q参数不显示过程

wget http://nginx.org/download/nginx-1.14.0.tar.gz

3.创建nginx程序用户

useradd -s /sbin/nologin -M www

4.解压源码包编译安装 并做软连接启动  #停止nginx -s stop  重启nginx -s reload 检测配置文件nginx -t    查看状态信息nginx -V

tar xf nginx-1.14.0.tar.gz -C /usr/src/
cd /usr/src/nginx-1.14.0/
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module;make;make install ln -s /usr/local/nginx/sbin/* /usr/local/sbin/ /usr/local/nginx/sbin/nginx

5.初步了解nginx主配置文件 #在/usr/local/nginx/conf/nginx.conf  nginx的优化主要在于修改nginx的主配文件

egrep -v "#|^$" nginx.conf

user nginx nginx;               #用户和组为nginx 

worker_processes 1;           #worker进程的数量
error_log logs/error.log info;          #错误日志及纪录级别(默认没开)
pid logs/nginx.pid;             #进程号存储位置(默认没开)
events {                 #事件区块开始

use epoll;                #工作模式为epoll  io异步 可不设定系统自动选择最佳模式
worker_connections 1024;         #每个worker进程支持的最大连接数
}                    #事件区块结束
http {                 #http区块开始
include mime.types;           #Nginx支持的媒体类型库文件包含
default_type application/octet-stream;    #默认的媒体类型
sendfile on;                #开启高效传输模式
keepalive_timeout 65;           #连接超时。
server {                 #网站配置区域(第一个server第一个虚拟主机站点)
listen 80;                #提供服务的端口,默认80
server_name www.wk.org;       #提供服务的域名主机名
location / {                 #第一个Location区块开始
root html;                  #站点的根目录(相对于nginx安装路径)
index index.html index.htm;          #默认的首页文件,多个用空格分开
}
error_page 500 502 503 504 /50x.html;     #出现对应的http状态码时,使用50x.html回应客户
location = /50x.html {             #Location区块开始,访问50x.html
root html;                    #指定对应的站点目录为html
}
}
server {                   #网站配置区域(第二个server第二个虚拟主机站点)
listen 80;                   #提供服务的端口,默认80
server_name bbs.wk.org;         #提供服务的域名主机名
location / {                  #服务区块
root html;                   #相对路径(nginx安装路径)
index index.html index.htm;
}
location = /50x.html {             #发生错误访问的页面
root html;
}
}
}

Nginx模块

 

规范化虚拟主机

nginx主配置文件

worker_processes  1;

events {

    worker_connections  1024;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    include extra/www.conf;   #虚拟网站配置信息统一放在了当前的extra目录下

    include extra/mail.conf;

    include extra/status.conf;

}

extra目录下的文件

cat extra/www.conf

server {

        listen       80;

server_name  www.wk.com;

location / {

            root   /var/www/html/wwwcom;

index  index.html index.htm;

}

        error_page   500 502 503 504  /50x.html;

location = /50x.html {

            root   /var/www/html;

}

}

 

Nginx状态信息功能

/usr/local/nginx/sbin/nginx -V #查看是否编译了信息状态模块

nginx version: nginx/1.14.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module   #标红为信息状态模块

cat /usr/local/nginx/conf/extra/status.conf

server{

listen 80;
server_name status.wk.com;
location / {
stub_status on;     #开启信息功能模块    
access_log off;     #不做日志访问记录
}
}

增加错误日志

在主配文件 加入error_log  logs/error.log;

 

 

nginx访问日志切割

mkdir -p /server/scripts/

cd /server/scripts/

vim cut_nginx.log.sh

#!/bin

#日志切割脚本

Date=`date +%Y%m%d`

Bdir="/usr/local/nginx"

Nginxlogdir="$Bdir/logs"

Logname="access"

[ -d $Nginxlogdir ] && cd $Nginxlogdir ||exit 2

[ -f "$Logname".log ] ||exit 3

/bin/mv "$Logname".log "$Date"_"$Logname".log

$Bdir/sbin/nginx -s reload

find "$Nginxlogdir" -name "$Logname*" -type f -mtime +7|xargs /bin/rm

放入定时任务   

#!/bin/bash
#日志切割脚本
log_path=/var/log/nginx/
log_file=/var/log/nginx/`date +%Y`/`date +%m`
pid_file='/usr/local/nginx/logs/nginx.pid'
old_access_log='/usr/local/nginx/logs/www.amber.com.access.log'
access_log=`echo $old_access_log |awk -F'/' '{print $NF}'`
err_log='/usr/local/nginx/logs/error.log'

if [ -f $pid_file ];then
    [ -d $log_file ] || mkdir -p $log_file
    mv $old_access_log ${log_file}/${access_log}-$(date +%d)
    kill -USR1 `cat $pid_file`
    find $log_path -mtime +30 |xargs rm -rf
else
    echo "nginx未运行!" |tee -a $err_log
fi

 二者都可用

 


#!/bin/bash
read -p "请将nginx包放入/root下并输入nginx的版本号:(例1.12.0)" Nginx
/etc/init.d/iptables stop
setenforce 0 &>/dev/null
ping -c 3 -i 0.1 -w 0.1  www.baidu.com &>/dev/null
[ $? -eq 0 ] || {
echo "请确保公网能用"
exit
}
rm -rf /etc/yum.repos.d/*
echo '# CentOS-Base.repo
# unless you are manually picking other mirrors.
#
# remarked out baseurl= line instead.
#
#

# CentOS-Base.repo
# unless you are manually picking other mirrors.
#
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever - Base - 163.com
baseurl=http://mirrors.163.com/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

#released updates 
[updates]
name=CentOS-$releasever - Updates - 163.com
baseurl=http://mirrors.163.com/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - 163.com
baseurl=http://mirrors.163.com/centos/$releasever/extras/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - 163.com
baseurl=http://mirrors.163.com/centos/$releasever/centosplus/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - 163.com
baseurl=http://mirrors.163.com/centos/$releasever/contrib/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6
'>/etc/yum.repos.d/CentOS6-Base-163.repo
yum -y clean all &>/dev/null
yum makecache  &>/dev/null
yum -y install pcre-devel openssl-devel    wget gcc gcc-c++ make >&/dev/null
[ $? -eq 0 ] || {
echo “yum安装失败”
exit 2
}
grep www /etc/passwd &>/dev/null
[ $? -eq 0 ] || useradd -s /sbin/nologin -M www
cd /root/
[ -f nginx-"$Nginx".tar.gz ] ||{
echo "root下没有nginx-"$Nginx".tar.gz包"
exit 3
}
[ -d /usr/src/nginx-$Nginx/ ] && rm -rf /usr/src/nginx-$Nginx/
tar xf nginx-"$Nginx".tar.gz -C /usr/src/ &>/dev/null
cd /usr/src/nginx-$Nginx/
[ -d /usr/local/nginx/ ] && rm -rf /usr/local/nginx 
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module  &>/dev/null;make  &>/dev/null;make install  &>/dev/null
[ -L /usr/local/sbin/nginx ] && rm -rf /usr/local/sbin/nginx
ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
echo '
#!/bin/bash
# chkconfig: 200 80 80
#!nginx bash
. /etc/init.d/functions                       
Nginx=/usr/local/nginx/sbin/nginx
case $1 in
start)
$Nginx &>/dev/null    
[ $? -eq 0 ]&& action "启动成功.................." /bin/true ||action "启动失败....................." /bin/false
;;
stop)
$Nginx -s stop &>/dev/null 
[ $? -eq 0 ]&& action "服务已关闭.................." /bin/true || action "服务未开启....................." /bin/false
;;
restart)
$0 stop
$0 start
;;
reload)
$Nginx -s reload &>/dev/null
[ $? -eq 0 ]&& action "服务已重启.................." /bin/true || action "请先开启服务....................." /bin/false
;;
status)
netstat -anput |grep 'LISTEN' |grep 'nginx'
[ $? -eq 0 ] && echo "服务已启动" || echo "服务未启动" 
;;
*)
echo "请输入status|stop|start|restart|reload"
esac
'>/etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
/etc/init.d/nginx restart

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

posted on 2018-07-26 21:56  临渊慕鱼不如退而结网  阅读(206)  评论(0编辑  收藏  举报