nginx的安装及基本配置

Posted 无为

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了nginx的安装及基本配置相关的知识,希望对你有一定的参考价值。

 

在CentOS7(mini)上安装:

[root@~ localhost]#lftp 172.16.0.1
lftp 172.16.0.1:/pub/Sources/7.x86_64/nginx> pwd
ftp://172.16.0.1/pub/Sources/7.x86_64/nginx
#偶数版本号为稳定版
lftp 172.16.0.1:/pub/Sources/7.x86_64/nginx> get nginx-1.10.2-1.el7.ngx.x86_64.rpm nginx-module-geoip-1.10.2-1.el7.ngx.x86_64.rpm 
670448 bytes transferred                                            
Total 2 files transferred
[root@~ localhost]#ls
anaconda-ks.cfg  nginx-1.10.2-1.el7.ngx.x86_64.rpm  nginx-module-geoip-1.10.2-1.el7.ngx.x86_64.rpm
[root@~ localhost]#yum install ./nginx-1.10.2-1.el7.ngx.x86_64.rpm
#80端口没启动,即可启动Nginx
[root@~ localhost]#ss -ntl
[root@~ localhost]#systemctl start nginx.service

 

 

 

 

[root@etc localhost]#cd /etc/nginx/
[root@nginx localhost]#vim nginx.conf
[root@nginx localhost]#cd conf.d/
[root@conf.d localhost]#ls
default.conf
[root@conf.d localhost]#vim test.conf
server {
    listen 8080;
    server_name www.magedu.com;
    location / {
        index index.html index.htm;
        root /data/www;
        }    

}

[root@conf.d localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
#重载
[root@conf.d localhost]#nginx -s reload
[root@conf.d localhost]#mkdir -pv /data/www
mkdir: created directory ‘/data’
mkdir: created directory ‘/data/www’
[root@conf.d localhost]#vim /data/www/index.html

<h1>test page</h1>
[root@conf.d localhost]#ss -ntl
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      128     *:8080                *:* 

 

动态装载动态模块:

  load_module files;

#动态装载Geoip模块
[root@~ localhost]#yum -y install ./nginx-module-geoip-1.10.2-1.el7.ngx.x86_64.rpm 
#查看安装完成生成的文件
[root@~ localhost]#rpm -ql nginx-module-geoip
/usr/lib64/nginx/modules/ngx_http_geoip_module-debug.so
/usr/lib64/nginx/modules/ngx_http_geoip_module.so      #此文件是需要加载的模块
/usr/share/doc/nginx-module-geoip
/usr/share/doc/nginx-module-geoip/COPYRIGHT
#编辑主配置文件,将需要加载的文件放到全局配置中(main配置)
[root@~ localhost]#vim /etc/nginx/nginx.conf
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

load_module /usr/lib64/nginx/modules/ngx_http_geoip_module.so;     #装载模块

#配置文件语法检查
[root@~ localhost]#nginx -t
#重载
[root@~ localhost]#nginx -s reload

 性能优化的相关配置:

#进程数量和进程绑定CPU
[root@~ localhost]#vim /etc/nginx/nginx.conf
user  nginx;
worker_processes  4;         #按CPU的颗数-lscpu
#将worker进程绑定在指定的CPU上
worker_cpu_affinity 0001 0010 0100 1000;
[root@~ localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

#将进程没有绑定在CPU和绑定进行压测
#没有绑定CPU
[root@nginx localhost]#vim nginx.conf
worker_processes  4;
#worker_cpu_affinity 0001 0010 0100 1000;
[root@nginx localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@nginx localhost]#nginx -s reload
#检测
#-n:每0.5秒检测一次
#psr:运行进程的CPU
[root@nginx localhost]#watch -n 0.5 \'ps axo pid,comm,psr|grep "nginx"\'

Every 0.5s: ps axo pid,comm,psr|grep "nginx"                      Mon Jun  5 13:59:29 2017

 20628 nginx             0
 20766 nginx             3
 20767 nginx             1
 20768 nginx             0
 20769 nginx             0


#另一台服务器测试:
[root@~ localhost]#yum -y install httpd-tools
#-n:发起的请求数
#-c:并发数
[root@~ localhost]#ab -n 100000 -c 20 http://172.16.250.89/index.html

Benchmarking 172.16.250.89 (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests

Document Path:          /index.html
Document Length:        612 bytes

Concurrency Level:      20
Time taken for tests:   189.948 seconds
Complete requests:      100000
Failed requests:        0
Write errors:           0
Total transferred:      84500000 bytes
HTML transferred:       61200000 bytes
Requests per second:    526.46 [#/sec] (mean)
Time per request:       37.990 [ms] (mean)
Time per request:       1.899 [ms] (mean, across all concurrent requests)
Transfer rate:          434.43 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        1   16   6.9     16     423
Processing:     2   21   9.4     20     552
Waiting:        0   15   8.9     15     407
Total:          6   37  13.7     36     652

Percentage of the requests served within a certain time (ms)
  50%     36
  66%     37
  75%     39
  80%     40
  90%     43
  95%     46
  98%     53
  99%     77
 100%    652 (longest request)

#进程绑定CPU:
[root@nginx localhost]#vim nginx.conf
user  nginx;
worker_processes  4;
worker_cpu_affinity 0001 0010 0100 1000;


[root@nginx localhost]#watch -n 0.5 \'ps axo pid,comm,psr|grep "nginx"\'
[root@nginx localhost]#vim nginx.conf
[root@nginx localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@nginx localhost]#nginx -s reload
[root@nginx localhost]#watch -n 0.5 \'ps axo pid,comm,psr|grep "nginx"\'

Every 0.5s: ps axo pid,comm,psr|grep "nginx"                      Mon Jun  5 14:03:10 2017

 20628 nginx             0
 23847 nginx             0
 23848 nginx             1
 23849 nginx             2
 23850 nginx             3

#压测:
[root@~ localhost]#ab -n 100000 -c 20 http://172.16.250.89/index.html

Benchmarking 172.16.250.89 (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests

Document Path:          /index.html
Document Length:        612 bytes

Concurrency Level:      20
Time taken for tests:   186.953 seconds
Complete requests:      100000
Failed requests:        0
Write errors:           0
Total transferred:      84500000 bytes
HTML transferred:       61200000 bytes
Requests per second:    534.89 [#/sec] (mean)
Time per request:       37.391 [ms] (mean)
Time per request:       1.870 [ms] (mean, across all concurrent requests)
Transfer rate:          441.39 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        1   17   4.9     16     194
Processing:     3   20   6.6     19     308
Waiting:        0   14   5.7     14     204
Total:         12   37   9.9     35     457

Percentage of the requests served within a certain time (ms)
  50%     35
  66%     37
  75%     38
  80%     39
  90%     43
  95%     48
  98%     55
  99%     66
 100%    457 (longest request)

 配置文件中映射目录测试:

[root@images localhost]#vim /etc/nginx/conf.d/test.conf 
server {
    listen 8080;
    server_name www.magedu.com;
    location / {
        index index.html index.htm;
        root /data/www;
        }    
    location /images/ {           #此处的路径实际上是/data/pictures/images;
        root /data/pictures/;        
        }

}

[root@images localhost]#nginx -t 
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@images localhost]#nginx -s reload
[root@images localhost]#mkdir /data/pictures
[root@images localhost]#cd /data/pictures
[root@pictures localhost]#ls
[root@pictures localhost]#mkdir images
[root@pictures localhost]#ls
images
[root@pictures localhost]#cd images/
[root@images localhost]#ls
tulips.jpg
[root@images localhost]#pwd
/data/pictures/images
[root@images localhost]#ls
tulips.jpg
    

 

 

#将root换成alias时
[root@pictures localhost]#vim /etc/nginx/conf.d/test.conf 
[root@images localhost]#cd /data/pictures/
[root@pictures localhost]#ls
images  lighthouse.jpg
[root@pictures localhost]#vim /etc/nginx/conf.d/test.conf 
server {
        listen 8080;
        server_name www.magedu.com;
        location / {
                index index.html index.htm;
                root /data/www;
                }
        location /images/ {
                alias /data/pictures/;        #别名,实际上相当于/images/与/data/pictures同级
                }

}
[root@pictures localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@pictures localhost]#nginx -s reload

 

 没有location的测试:

[root@conf.d localhost]#pwd
/etc/nginx/conf.d
[root@conf.d localhost]#vi test2.conf
server {
    listen 8088;            #开启8088端口
    root /data/www2;
    server_name www2.magedu.com;
}

[root@conf.d localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@conf.d localhost]#nginx -s reload
[root@conf.d localhost]#mkdir /data/www2
[root@conf.d localhost]#vim /data/www2/index.html
<h1>www2</h1>

 

错误页面的重定向:

[root@conf.d localhost]#cat test2.conf 
server {
    listen 8088;
    server_name www2.magedu.com;
#错误页面定位到如下路径;即在/data/www2/下得有这个图片文件
    error_page 404  http://172.16.250.89:8088/error.jpg;
    location / {
        root /data/www2;
        
    }
}
[root@www localhost]#cd /data/www2/
[root@www2 localhost]#ls
error.jpg  images  index.html

 

 输入http://172.16.250.89:8088/index2.html:

用Telnet测试keepalive:

[root@conf.d localhost]#cat test2.conf 
server {
    listen 8088;
    server_name www2.magedu.com;
    error_page 404 =200  http://172.16.250.89:8088/error.jpg;
    keepalive_timeout 60;           #60s后断开长连接
    keepalive_requests 10;          #在单个长连接上最多响应10个资源
    location / {
        root /data/www2;
        
    }
}

[root@~ localhost]#telnet 172.16.250.89 8088     #指明ip和端口
Trying 172.16.250.89...
Connected to 172.16.250.89.
Escape character is \'^]\'.
GET /index.html HTTP/1.1    #Telnet测试语法
Host: 172.16.250.89  
Connection closed by foreign host. #超过60s自动断开长连接

 basic认证:

[root@nginx localhost]#vim /etc/nginx/conf.d/test.conf 

server {
        listen 8080;
        server_name www.magedu.com;
        location / {
                index index.html index.htm;
                root /data/www;
                }
        location /images/ {
                alias /data/pictures/;
                }
        location /bbs/ {
                root /data/;                    #需要认证的文件
                auth_basic "BBS internal";        #认证说明
                auth_basic_user_file /etc/nginx/.ngxpasswd;    #认证文件
        }
}
#安装httpd-tools使用htpasswd生成认证文件和用户
[root@nginx localhost]#yum -y install httpd-tools
[root@nginx localhost]#htpasswd -c -m /etc/nginx/.ngxpasswd tom
#-c:创建认证文件
#-m:md5的算法加密
[root@nginx localhost]#htpasswd  -m /etc/nginx/.ngxpasswd jerry
[root@nginx localhost]#nginx -t
[root@nginx localhost]#nginx -s reload
[root@nginx localhost]#mkdir /data/bbs
[root@nginx localhost]#vim /data/bbs/index.html
<h1>FBI area</h1>

 

 

输入tom 和密码:

输出stub_status:

[root@nginx localhost]#vim /etc/nginx/conf.d/test.conf
 location /ngxstatus {
                stub_status;
        }
 [root@nginx localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@nginx localhost]#nginx -s reload
   

 

 启用压缩功能:

[root@nginx localhost]#vim nginx.conf
 gzip  on;             #启用压缩
[root@nginx localhost]#nginx -t 
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@nginx localhost]#nginx -s reload
[root@www localhost]#curl -I --compressed http://172.16.250.89:8080/access_log.html
HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Wed, 14 Jun 2017 13:13:19 GMT
Content-Type: text/html
Last-Modified: Wed, 14 Jun 2017 12:43:59 GMT
Connection: keep-alive
ETag: W/"59412f8f-14ea216"
Content-Encoding: gzip               #已压缩

[root@nginx localhost]#vim nginx.conf
gzip  on;
    gzip_types text/css text/plain application/javascript;
    gzip_comp_level 5;             #压缩比
    gzip_min_length 64;             #启用压缩的最小长度
[root@nginx localhost]#nginx -t
[root@nginx localhost]#nginx -s reload

  

 ngx_http_rewrite_module:

[root@conf.d localhost]#vim test.conf 
error_page 404 =200 /images/error.jpg;
        location / {
                index index.html index.htm;
                root /data/www;
                if ($http_user_agent ~* curl) {
                        rewrite ^(.*)$ /curl/$1;        #curl测试重定向
                        }
                }
        location /curl/ {
                alias /data/textagent;              #curl重定向后的文件路径,需要手动创建
                }
#对error_page做重定向,到百度首页,临时的重定向(redirect:302)
        location = /images/error.jpg {
                rewrite ^(.*)$ http://www.baidu.com/ redirect;
                }
#新疆curl重定向的页面
[root@conf.d localhost]#cd /data/
[root@data localhost]#cat textagent/index.html 
<h1>hello,this is rewrite page</h1>

[root@conf.d localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@conf.d localhost]#nginx -s reload

测试效果:

 

输入:

ngx_http_referer_module:防盗链机制;

[root@conf.d localhost]#cat test.conf 
#在浏览器非手动键入网址访问或者referer值为空时,跳转
      valid_referers none blocked server_name *.magedu.com;
    if ($invalid_referer) {
            return 302 http://www.magedu.com/;
            }
[root@~ localhost]#curl -I -e http://www.baidu.com http://172.16.250.89:8080/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.10.2
Date: Wed, 14 Jun 2017 16:03:04 GMT
Content-Type: text/html
Content-Length: 161
Connection: keep-alive
Location: http://www.magedu.com/      #跳转到定义的网址
#-I:只显示请求头信息
#-e:模拟referer,从那个网址直接跳转到本网址

 

ngx_http_proxy_module:

[root@conf.d localhost]#cat default.conf
server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    proxy_pass http://192.168.2.129:80/bbs;   #此ip是被代理的主机ip
    }

输入:

 

#proxy_set_header:为了让被代理的的主机能保存真正访问的信息,如访问客户端的ip信息
[root@conf.d localhost]#vim default.conf   
 location ~* \\.(jpg|jpeg|gif|png)$ {
        proxy_pass http://192.168.2.129;
        proxy_set_header X-Real-IP $remote_addr;
        }
[root@~ localhost]#nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@~ localhost]#nginx -s reload
#在被代理主机上设置:
[root@html localhost]#vim /etc/httpd/conf/httpd.conf
 LogFormat "%{X-Real-IP}i %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined
[root@html localhost]#httpd -t
[root@html localhost]#systemctl restart httpd

[root@html localhost]#tail /var/log/httpd/access_log 
172.16.250.55 - - [06/Jun/2017:13:09:12 +0800] "GET /1.jpg HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
172.16.250.55 - - [06/Jun/2017:13:09:14 +0800] "GET /1.jpg HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
#172.16.250.55 是访问代理主机的客户端信息

代理缓存的设置:

[root@~ localhost]#cd /etc/nginx/
[root@nginx localhost]#vim nginx.conf
http {
#定义proxy的缓存路径必须在http下
#level是定义目录的格式,一级目录两个十六进制的值,二级是一个,三级是一个;keys_zone的名称是可以自由定义的,大小最大的1G
  proxy_cache_path /data/cache/ngnix levels=2:1:1 keys_zone=mycache:10m max_size=1g;
}
[root@nginx localhost]#mkdir /data/cache/ngnix -pv
mkdir: created directory ‘/data’
mkdir: created directory ‘/data/cache’
mkdir: created directory ‘/data/cache/ngnix’
[root@nginx localhost]#vim /etc/nginx/conf.d/default.conf
    location ~* \\.(jpg|jpeg|gif|png)$ {
    proxy_pass http://192.168.2.129;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_cache mycache;        #引用定义的缓存
    proxy_cache_key $request_uri;      #缓存key的内容
    proxy_cache_valid 200 301 302 10m;     #对于特定响应码的缓存时长  m分钟   h 小时
    proxy_cache_valid any 1m; 
 
    }

[root@nginx localhost]#nginx -t
[root@nginx localhost]#nginx -s reload

测试:

[root@conf.d localhost]#ll /data/cache/ngnix/ -h
total 16K
drwx------ 3 nginx nginx 4.0K Jun  6 00:22 60
drwx------ 3 nginx nginx 4.0K Jun  6 00:17 a4
drwx------ 3 nginx nginx 4.0K Jun  6 00:22 b3
drwx------ 3 nginx nginx 4.0K Jun  6 00:22 dd
[root@conf.d localhost]#ll /data/cache/ngnix/60/4/c/635450b5c68b27bfaa2e0065cb86c460 -h

 

 

[root@nginx localhost]#vim /etc/nginx/conf.d/default.conf

location ~* \\.(jpg|jpeg|gif|png)$ {
    proxy_pass http://192.168.2.129;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_cache mycache;
    proxy_cache_key $request_uri;
    proxy_cache_valid 200 301 302 10m;
    proxy_cache_valid any 1m; 
    proxy_hide_header Server;                 #隐藏的是后端服务器的首部信息,而不是Nginx代理服务器的首部信息
    add_header X-Proxy $server_addr;     #添加首部的展示信息
 
    }

 

输入:

 

以上是关于nginx的安装及基本配置的主要内容,如果未能解决你的问题,请参考以下文章

Nginx安装及配置

Ubuntu16.04安装及配置nginx

Nginx的stub_status模块的作用及配置文件修改

Nginx配置文件详细介绍

Nginx的安装及配置详解

Nginx的安装及配置详解