nginx基礎知識
簡介
- nginx是主流的web伺服器
- LNMP是創業公司的主要架構
- nginx的官網: http://nginx.org
源碼編譯安裝nginx
- 環境:centos7
- 關閉selinux,firewalld
[root@centos7-node8 ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
[root@centos7-node8 ~]# systemctl stop firewalld && systemctl disable firewalld && reboot -f
- 下載下傳位址:http://nginx.org/download/nginx-1.18.0.tar.gz
- 安裝
[root@centos7-node8 ~]# yum -y install gcc make pcre-devel pcre zlib openssl openssl-devel zlib-devel tree
[root@centos7-node8 ~]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@centos7-node8 ~]# mkdir /data/applications -p
[root@centos7-node8 ~]# tar xf nginx-1.18.0.tar.gz && cd nginx-1.18.0
[root@centos7-node8 nginx-1.18.0]# ./configure --prefix=/data/applications/nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
[root@centos7-node8 nginx-1.18.0]# make && make install
[root@centos7-node8 nginx-1.18.0]# /data/applications/nginx/sbin/nginx -V # 檢視版本
- 配置
[root@centos7-node8 ~]# vim /etc/profile
export NGINX_HOME="/data/applications/nginx"
export PATH=$PATH:$NGINX_HOME/sbin
[root@centos7-node8 ~]# source /etc/profile
- 服務管理
[root@centos7-node8 ~]# nginx #啟動nginx
[root@centos7-node8 ~]# nginx -t #測試配置
[root@centos7-node8 ~]# nginx -s reload #重載配置
[root@centos7-node8 ~]# nginx -s stop #關閉nginx
[root@centos7-node8 ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/data/applications/nginx/sbin/nginx
[Install]
WantedBy=multi-user.target
[root@centos7-node8 ~]# systemctl start nginx #啟動nginx
[root@centos7-node8 ~]# systemctl status nginx
[root@centos7-node8 ~]# systemctl restart nginx && systemctl enable nginx #開機自啟動
- 測試
浏覽器通路http://nginxIP 即可
制作nginxRPM安裝包
- 環境準備
[root@centos7-node8 ~]# yum -y install rpmbuild rpmdevtools #工具安裝
[root@centos7-node8 ~]# systemctl stop nginx && rm -fr /data/applications/nginx/ #關閉并删除之前的nginx
[root@centos7-node8 ~]# rpmdev-setuptree #生成rpm制作環境目錄
[root@centos7-node8 ~]# cd ~/rpmbuild/ #進入目錄
[root@centos7-node8 rpmbuild]# tree ./
./
├── BUILD
├── RPMS
├── SOURCES
├── SPECS
└── SRPMS
- 開始制作RPM
[root@centos7-node8 ~]# cd ~/rpmbuild/SOURCES/ && wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@centos7-node8 SOURCES]# cd ~/rpmbuild/SPECS/
[root@centos7-node8 SPECS]# vim nginx.spec
Name: nginx
Version: 1.18.0
Release: el7
Summary: nginx
Group: DevlopMent/Tools
License: GPL
URL: http://127.0.0.1
Source0: %{name}-%{version}.tar.gz
BuildRequires: gcc make
Requires: pcre pcre-devel openssl openssl-devel zlib zlib-devel
%description
%prep
%setup -q
%build
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
make
%install
make DESTDIR=%{buildroot} install
%files
/usr/local/nginx/*
%doc
%changelog
[root@centos7-node8 SPECS]# rpmbuild -bb nginx.spec #生成rpm包
[root@centos7-node8 SPECS]# ls ~/rpmbuild/RPMS/x86_64/ #生成到的位置
[root@centos7-node8 SPECS]# cd ~/rpmbuild/RPMS/x86_64/
[root@centos7-node8 x86_64]# yum -y localinstall nginx-1.18.0-el7.x86_64.rpm #本地安裝
nginx配置檔案解析
user nobody;
worker_processes auto;
error_log logs/error.log warn;
events {
worker_connections 60000;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
- user: 指定work程序使用者,不要使用root
- worker_processes: work程序數,用于處理請求,auto會根據伺服器核心數建立work程序
- error_log: 錯誤日志定義,級别設定成warn
- worker_connections: work程序連結數設定,根據伺服器配置盡量大點
[root@centos7-node8 conf]# vim /etc/security/limits.conf
* soft noproc 65535
* hard noproc 65535
* soft nofile 65535
* hard nofile 65535
-
指定網頁解析類型,(mime.types會制定不同類型的檔案供浏覽器請求解析)include mime.types;
-
預設格式則不會被浏覽器解析,直接解析,這個取決于mime.types 檔案的定義default_type application/octet-stream;
-
: 請求完成65秒斷開連結,也可以設定成0。保證更多的請求keepalive_timeout 65;
[root@centos7-node8 x86_64]# tcpdump -i any -nn 'port 80 and host 192.168.56.1' #請求抓包測試
- server: 配置虛拟主機
- location: 請求定位
nginx日志定義
Nginx日志變量
- $remote_addr表示用戶端IP,$time_local表示請求時間
- $request包含請求方法、請求的url、請求的協定
- $status表示響應狀态碼,$body_bytes_sent表示 響應的body的大小
- $http_referer表示請求的referer, $http_user_agent表示請求的用戶端類型
- $http_x_forwarded_for可記錄代理IP
更多的日志變量
- http://nginx.org/en/docs/varindex.html
- $remote_port、$time_iso8601、$uri
- $request_time、$upstream_response_time
Nginx使用Json格式日志
- 友善elk日志采集
log_format main '$remote_addr - $remote_user [$time_iso8601] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format json '{"@timestamp":"$time_iso8601",'
'"remote_ip":"$remote_addr",'
'"status":$status,'
'"bytes":$body_bytes_sent,'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"request_time":$request_time,'
'"request":"$uri"}';
nginx 的location
- 屬于server容器
- location 正則比對規則
- 以
開頭:cropy
location ~ /^cropy {}
-
結尾:php
location ~ \.php$ {}
-
png,jpg
location ~ \.(png|jpg)$ {}
- 忽略大小寫:
location ~* \.(png|jpg)$ {}
- 以
-
- 通用比對:第二種的優先級比較高
1. location / {} 2. location /abc {} #高優先級
- 通用比對和正則比對的優先級: 2的優先級比較高
1. location /abc {} 2. location ~ ^/abc {} #高優先級
- 通用比對之間的優先級: 第一個優先級比較高
1. location ~ /^abc {} #高優先級 2. location ~/^abc/def {}
- 精準比對和正則比對的優先級: 精準比對的優先級會高(但是必須要精準)
1. location ~ /^abc {} 2. location = /abc/def {} #優先級
- 總結
- 精準比對
正則比對>
通用比對>
- 正則多次命中,選第一個命中的location, 後面不在比對
- 通用多個命中,選比對度最高的
- 精準比對
nginx的root和alias配置
- root配置: 用戶端請求http://www.baidu.com/img/a.html, 對應伺服器的html/img/a.html
- alias配置: 用戶端請求http://www.baidu.com/img/a.html,對應伺服器的html/a.html
# root配置
location /img/ {
root html/img/ ;
}
#alias配置
location /img/ {
alias html/;
}
nginx虛拟主機配置
-
- 一台伺服器可以配置多特域名
- 每個域名的網站内容是獨立的
- nginx配置檔案簡化
[root@centos7-node8 nginx]# cat conf/nginx.conf
user nobody;
worker_processes auto;
error_log logs/error.log warn;
events {
worker_connections 60000;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_iso8601] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format json '{"@timestamp":"$time_iso8601",'
'"remote_ip":"$remote_addr",'
'"status":$status,'
'"bytes":$body_bytes_sent,'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"request_time":$request_time,'
'"request":"$uri"}';
access_log logs/access.log json;
sendfile on;
keepalive_timeout 0;
gzip on;
include vhosts/*.conf; #多配置檔案
}
- 在nginx安裝目錄下建立vhosts目錄,然後寫入配置檔案即可
[root@centos7-node8 nginx]# mkdir vhosts
[root@centos7-node8 nginx]# vim vhosts/localhost.conf
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}