安装
useradd -r -s /sbin/nologin nginx yum -y install gcc* pcre pcre-devel perl perl-devel openssl openssl-devel ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx make && make install
状态统计
a、安装 nginx 时将 --with-http_stub_status_module 模块开启
b、修改 nginx 配置 server 标签中添加如下内容
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module make && make install
location /nginx-status{
stub_status on;
access_log off;
}
c、客户端访问网址:http://IP/nginx_status
反向代理
a、在另外一台机器上安装 apache,并填写测试页面
b、在 nginx 服务器的配置文件 server 标签中添加如下三行,ip 指向被代理的服务器
location ~ \.php$ { proxy_pass http://192.168.99.4:80; }
c、重启 nginx,并使用客户端访问测试
负载均衡
a、使用默认的rr轮训算法,修改nginx配置文件
在server标签前添加:
upstream bbs { server 192.168.99.4:80; server 192.168.99.16:80; }
在server标签中修改下面3行
location ~ \.php$ { proxy_pass http://bbs; }
添加反向代理,代理地址填写upstream声明的名字
upstream bbs { server 192.168.99.14:80; server 192.168.99.16:80; } server { listen 80; server_name localhost; location / { root html; index index.php index.htm; } error_page 500 502 503 504 /50x.html; location = 50x.html { root html; } location ~ \.php$ { proxy_pass http://bbs; } location ~ .* { proxy_pass http://bbs; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
c、开启并设置两台99.4 & 99.16的主机
安装apache并设置不同的index.html页面内容
d、重启nginx,并使用客户端访问测试
补充:使用rr轮训算法实现加权轮询
upstream itxdl.com { server 192.168.88.100:80 weight=1; server 192.168.88.200:80 weight=2; }
展示目录文件
server { listen 80; server_name localhost; root /home/; # 目录路径 location / { autoindex on; # 打开目录浏览功能 autoindex_exact_size off; # on、off:以可读的方式显示文件大小 autoindex_localtime on; # on、off:是否以服务器的文件时间作为显示的时间 charset utf-8,gbk; # 展示中文文件名 index index.html; } }
http2.0
开启http2.0必须使用https协议
./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-openssl=/root/openssl-1.0.2h #指定该软件位置,且软件版本高于 1.0.1
make && make install
创建自签证书
mkdir /usr/local/nginx/ssl cd /usr/local/nginx/ssl openssl genrsa -out pan.key 2048 openssl req -new -x509 -key pan.key -out pan.crt -subj /C=CN/ST=BJ/L=BJ/O=DEVOPS/CN=nginx.yong.com
修改server区域,并实现https加密。
server { listen 443 ssl http2; #固定顺序 server_name nginx.yong.com; ssl_certificate /usr/local/nginx/ssl/pan.crt; ssl_certificate_key /usr/local/nginx/ssl/pan.key; }
说明:
http2.0测试方法
模板网站:https://http2.akamai.com/demo
1:chrome浏览器:下载插件:HTTP/2 and SPDY indicator
2:firefox浏览器: 下载插件:HTTP/2 and SPDY indicator 2.3
HTTP 的性能优化的关键不在于高带宽而是低延迟。
TCP 连接会随着时间进行自我协调,起初会限制连接的最大速度,如果数据传输成功,会随着时间的推移提高传输的速度。
这种调谐则被称为 TCP 慢启动,由于这种原因,让原本具有突发性和短时性的 HTTP 连接变的十分低效。
HTTP2.0 通过让所有的数据流共用一个连接,可以有效的使用 TCP 连接,让高带宽也能真正的服务性能的提升。
1、但连接多资源的方式,减少服务器的连接压力,内存占用更少,连接吞吐量更大
2、由于 TCP 连接的减少而使网络拥堵状况得以改善,同时 TCP 慢启动时间减少,使拥塞和丢包恢复速度更快
配置文件
摘自Nginx 1.13.8.
user nginx; worker_processes auto; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘ # ‘$status $body_bytes_sent "$http_referer" ‘ # ‘"$http_user_agent" "$http_x_forwarded_for"‘; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
创建systenctl脚本
注意打开nginx.conf中的pid选项
cat << EOF > /usr/lib/systemd/system/nginx.service [Unit] Description=nginx - high performance web server Documentation=http://nginx.org/en/docs/ After=network.target remote-fs.target nss-lookup.target [Service] Type=forking ExecStartPre=/usr/local/nginx/sbin/nginx -t PIDFile=/usr/local/nginx/logs/nginx.pid ExecStart=/usr/local/nginx/sbin/nginx ExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/usr/local/nginx/sbin/nginx -s stop [Install] WantedBy=multi-user.target EOF
相关命令
systemctl daemon-reload
systemctl start nginx.service
systemctl status nginx.service
systemctl enable nginx.service
原文:https://www.cnblogs.com/outsrkem/p/11745848.html