Nginx V1.20.1部署
https://mp.weixin.qq.com/s/i8XmjuW9yRXwqtiSvACpxg
# 下载二进制安装包
wget http://nginx.org/download/nginx-1.20.1.tar.gz
# 解压
tar zxvf nginx-1.20.1.tar.gz
cd nginx-1.20.1
# 安装依赖包
yum install -y gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel gd-devel gb
# 安装所需模块
./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_gzip_static_module --with-http_image_filter_module --with-ipv6 --with-stream --with-http_v2_module --with-http_flv_module
==创建用户组==
/usr/sbin/groupadd -f nginx && /usr/sbin/useradd -g nginx nginx
# 如果报错则需要安装gb
yum -y install gd-devel gb
make && make install
# 创建软链接
$ ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx
# 启动nginx
$ nginx
# 卸载nginx
yum erase nginx -y
rm -rf /usr/local/nginx /usr/local/nginx/sbin/nginx /usr/share/nginx /usr/sbin/nginx /var/spool/mail/nginx
yum erase keepalived nginx -y
# 搜索文件夹
find / -name nginx
cat > /usr/local/nginx/conf/nginx.conf << "EOF"
user nginx;
worker_processes auto;
error_log /usr/local/nginx/logs/error.log;
pid /usr/local/nginx/logs/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
map $status $loggable {
~^[23] 0;
default 1;
}
access_log /usr/local/nginx/logs/access.log combined if=$loggable buffer=512k flush=1m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_types application/xml
application/json
text/css
text/javascript
application/javascript;
gzip_vary on;
gzip_comp_level 6;
gzip_min_length 500;
keepalive_timeout 65;
types_hash_max_size 2048;
include mime.types;
default_type application/octet-stream;
server {
listen 80 default_server;
server_name _;
location / {
}
location ~* \.(?:jpg|jpeg|gif|png|ico|woff2|js|css)$ {
access_log off;
}
}
include vhost/*.conf;
}
EOF
/usr/sbin/groupadd -f nginx
/usr/sbin/useradd -g nginx nginx
cat > /usr/local/nginx/conf/nginx.conf << "EOF"
user nginx;
worker_processes auto;
error_log /usr/local/nginx/logs/error.log;
pid /usr/local/nginx/logs/nginx.pid;
events {
worker_connections 1024;
}
# 四层负载均衡,为两台Master apiserver组件提供负载均衡
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /usr/local/nginx/logs/k8s-access.log main;
upstream k8s-apiserver {
server 172.30.0.14:6443; # Master1 APISERVER IP:PORT
server 172.30.0.8:6443; # Master2 APISERVER IP:PORT
}
server {
listen 6443; # 由于nginx与master节点复用,这个监听端口不能是6443,否则会冲突
proxy_pass k8s-apiserver;
}
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
map $status $loggable {
~^[23] 0;
default 1;
}
access_log /usr/local/nginx/logs/access.log combined if=$loggable buffer=512k flush=1m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_types application/xml
application/json
text/css
text/javascript
application/javascript;
gzip_vary on;
gzip_comp_level 6;
gzip_min_length 500;
keepalive_timeout 65;
types_hash_max_size 2048;
include mime.types;
default_type application/octet-stream;
gzip on; # 开启Gzip
gzip_min_length 500;
gzip_buffers 4 8k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; # ie6不提供gzip
gzip_proxied any;
gzip_vary on;
gzip_static on; # 如果有压缩好的,直接使用
gzip_types text/plain text/xml text/css text/javascript application/json application/javascript application/x-javascript application/xml image/jpeg image/gif image/png;
types_hash_max_size 2048
include vhost/*.conf;
}
EOF