一、编译安装
下载nginx-1.12.1放到任意目录下(传送门:http://t.cn/RpElw8S)
[root@server1 ~] cd /root/nginx-1.12.1/src/core
[root@server1 core] vim nginx.h
#define nginx_ver "nginx/" ##把版本号注释掉,这是为了防止针对特定版本的恶意攻击
[root@server1 cc] cd /root/nginx-1.12.1/auto/cc/
[root@server1 cc] vim gcc
#debug
#CFLAGS="$CFLAGS -g" ##这一行注释起来,关闭编译时的调试模式,这样编译得到的源码包的大小会减少很多
[root@server1 nginx-1.12.1] ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-file-aio --with-threads --with-http_stub_status_module
[root@server1 nginx-1.12.1] make
[root@server1 nginx-1.12.1] make install
[root@server1 nginx-1.12.1] cd /usr/local/nginx/sbin/
[root@server1 sbin] ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@server1 sbin] nginx
[root@server1 sbin] netstat -antlp
[root@server1 sbin] curl localhost
https和虚拟主机
[root@server1 nginx]# useradd -M -d /usr/local/nginx/ -s /sbin/nologin -u 800 nginx
[root@server1 nginx]# id nginx
uid=800(nginx) gid=800(nginx) groups=800(nginx)
[root@server1 nginx]# lscpu ##查看系统拥有几个cpu,配置文件中绑定cpu时需要保存一致
[root@server1 nginx]# vim /usr/local/nginx/conf/nginx.conf
2 user nginx nginx;
3 worker_processes 2;
4 worker_cpu_affinity 01 10;
12 events {
13 worker_connections 65535;
14 }
98 server { ##https
99 listen 443 ssl;
100 server_name localhost;
101
102 ssl_certificate cert.pem;
103 ssl_certificate_key cert.pem;
104
105 ssl_session_cache shared:SSL:1m;
106 ssl_session_timeout 5m;
107
108 ssl_ciphers HIGH:!aNULL:!MD5;
109 ssl_prefer_server_ciphers on;
110
111 location / {
112 root html;
113 index index.html index.htm;
114 }
115 }
117 server{ ##虚拟主机
118 listen 80;
119 server_name www.westos.org;
120
121 location / {
122 root /www;
123 index index.html;
124
125 }
126 }
127
128 server{ ##虚拟主机
129 listen 80;
130 server_name bbs.westos.org;
131
132 location / {
133 root /bbs;
134 index index.html;
135
136 }
137 }
[root@server1 nginx]# vim /etc/security/limits.conf
52 nginx - nofile 65535
[root@server1 nginx]# echo "www.westos.org_nginx" >/www/index.html
[root@server1 nginx]# echo "bbs.westos.org_nginx" >/bbs/index.html
[root@server1 nginx]# cd /etc/pki/tls/certs/
[root@server1 certs]# make cert.pem
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:server1
Email Address []:fangrong@163.com
[root@server1 certs]#
[root@server1 certs]# cp cert.pem /usr/local/nginx/conf/
[root@server1 certs]# nginx -t
[root@server1 certs]# nginx -s reload
测试:
https://172.25.20.1/
http://www.westos.org/
http://bbs.westos.org/
负载均衡
stacky 粘滞 同一cookie不进行负载均衡
[root@server1 nginx]# vim /usr/local/nginx/conf/nginx.conf
12 events {
13 worker_connections 65535;
14 }
15
16
17 http {
18
19 upstream westos{
20 #ip_hash; ##ip哈希
20 #hash $request_uri consistent; ##域名哈希
20 server 172.25.8.2:80;
21 server 172.25.8.3:80 weight=3; ##3的权重为3,2和3 的比例为1:3,不加默认均衡
22 server 127.0.0.1:80 backup; ##2和3 全挂掉之后,读自己的
23 }
24
25 include mime.types;
26 default_type application/octet-stream;
--------------------------------------------
124 server{
125 listen 80;
126 server_name www.westos.org;
127
128 location / {
129 # root /www;
130 # index index.html;
131 proxy_pass http://westos; ##代理,将所有的westos域名的请求转发到num:19 的upstream里
132
133 }
134 }
重定向
[root@server1 nginx]# vim /usr/local/nginx/conf/nginx.conf
149 server{
150 listen 80;
151 server_name westos.org ;
152 rewrite ^(.*) http://bbs.westos.org$1 permanent; ##westos.org -->http://bbs.westos.org permanent--永久;redirect:临时
153 }
139 server{
140 listen 80;
141 server_name bbs.westos.org;
142 rewrite ^(.*) https://bbs.westos.org$1 permanent; ##bbs.westos.org -->https://bbs.westos.org
143 location / {
144 root /bbs;
145 index index.html;
146
147 }
148 }
120
121 location / { ##默认的根 https://bbs.westos.org
122 root html;
123 index index.html index.htm;
124 }
125 location /images{ ##https://bbs.westos.org/images/lvs-dr.jpg 访问的目录
126 alias /www/images; ##重定向到/www/images/ 目录下
127 }
128 }
##/www/images/lvs-dr.png ##目标文件位置
浏览器测试:
浏览器输入westos.org,自动调转到http://bbs.westos.org
浏览器输入westos.org/images/lvs-dr.png,自动调转到https://bbs.westos.org/images/lvs-dr.png
westos.org/images/lvs-dr.png—>http://bbs.westos.org/images/lvs-dr.png—>https://bbs.westos.org/images/lvs-dr.png
实际最后读取的并不是 /bbs/images/lvs-dr.png 而是/www/images/lvs-dr.png