|
1. Nginx介绍 Nginx ("engine x") 是一个高性能的 HTTP 和 反向代理 服务器,也是一个 IMAP/POP3/SMTP 代理服务器,其兼具apache和squid代理服务器的一款高性能、低消耗的开源服务,具有很好的研究价值。Nginx 是由 Igor Sysoev 为俄罗斯访问量第二的 Rambler.ru 站点开发的,第一个公开版本0.1.0发布于2004年10月4日。其将源代码以类BSD许可证的形式发布,因它的稳定性、丰富的功能集、示例配置文件和低系统资源的消耗而闻名。 注:本文只对安装和反向代理做简单介绍便于相关人员对Nginx有一个简单的认识,更详细的配置及优化请查阅相关资料,参考文献http://www.nginx.cn等 2. 安装环境准备1) 两台设备分别用作Nginx服务器和被代理服务器(比如启动一个apache服务) 2) Linux RedHat 5.4(2.6内核均可) 3) 安装包nginx-1.2.3.tar.gz 4) 环境库文件zlib-1.2.7.tar.gz, pcre-8.21.tar.gz(可选,视环境情况选择安装,高版本的pcre对正则表达能更好的支持) 注:安装包可到http://www.nginx.cn/nginx-download进行选择下载; 3. 安装步骤1) 上传安装包、库文件等至Nginx服务器; 2) tar xzvf nginx-1.2.3.tar.gz;cd nginx-1.2.3 3) ./configure --prefix=/usr/local/nginx --with-http_ssl_module #默认安装的路径是/usr/local/nginx 更多的安装配置 ./configure --prefix=/usr/local/nginx --with-openssl=/usr/include (启用ssl) --with-pcre=/usr/include/pcre/ (启用正规表达式) --with-http_stub_status_module (安装可以查看nginx状态的程序) --with-http_memcached_module (启用memcache缓存) --with-http_rewrite_module (启用支持url重写) 4) make&&make install 4. 安装目录介绍安装目录PREFIX=/usr/local/nginx 配置文件 PREFIX/conf/nginx.conf 执行文件 PREFIX/sbin/nginx 日志文件 PREFIX/logs/ 文档目录 PREFIX/html/ 5. 启动/停止Nginx服务Ø 启动:/usr/local/nginx/sbin/nginx & Ø 关闭:killall -9 nginx 注:可将nginx添加至系统服务采用serivce nginx start/restart/stop来启动/重启/停止nginx服务,可查阅相关/init.d文献; 6. Nginx基本配置配置项介绍如下,具体配置可参考实例附件nginx.conf; #运行用户 user nobody nobody; #启动进程 worker_processes 5; #全局错误日志及PID文件 error_log logs/error.log notice; pid logs/nginx.pid; #工作模式及连接数上限 events { #工作模式有:select(标准模式),poll(标准模式),kqueue(高效模式,适用FreeBSD 4.1+, OpenBSD 2.9+, NetBSD 2.0 and MacOS X), #epoll(高效模式,本例用的。适用Linux 2.6+,SuSE 8.2,),/dev/poll(高效模式,适用Solaris 7 11/99+, HP/UX 11.22+ (eventport), IRIX 6.5.15+ 和Tru64 UNIX 5.1A+) use epoll; worker_connections 1024; } #设定http服务器,利用它的反向代理功能提供负载均衡支持 http { #设定mime类型 include conf/mime.types; default_type application/octet-stream; #设定日志格式 log_format main '$remote_addr - $remote_user [$time_local] ' '"$request" $status $bytes_sent ' '"$http_referer" "$http_user_agent" ' '"$gzip_ratio"'; log_format download '$remote_addr - $remote_user [$time_local] ' '"$request" $status $bytes_sent ' '"$http_referer" "$http_user_agent" ' '"$http_range" "$sent_http_content_range"'; #设定请求缓冲 client_header_buffer_size 10k; large_client_header_buffers 4 4k; #开启gzip模块,要求安装gzip 在运行./config时要指定 gzip on; gzip_min_length 1100; gzip_buffers 4 8k; gzip_types text/plain; output_buffers 1 32k; postpone_output 1460; #设定访问日志 access_log logs/access.log main; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; #设定负载均衡的服务器列表 upstream backserver { #weigth参数表示权值,权值越高被分配到的几率越大 #本例是指在同一台服务器,多台服务器改变ip即可 server 127.0.0.1:8081 weight=5; server 127.0.0.1:8082; server 127.0.0.1:8083; } #设定虚拟主机,默认为监听80端口,改成其他端口会出现问题 server { listen 80; server_name test.com www.test.com; charset utf8; #设定本虚拟主机的访问日志 access_log logs/test.com.log main; #如果访问 /images/*, /js/*, /css/* 资源,则直接取本地文件,不用转发。但如果文件较多效果不是太好。 location ~ ^/(images|js|css)/ { root /usr/local/testweb; expires 30m; } #对 "/" 启用负载均衡 location / { proxy_pass http://backserver; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } #设定查看Nginx状态的地址,在运行./config 要指定,默认是不安装的。 location /NginxStatus { stub_status on; access_log on; auth_basic "NginxStatus"; #是否要通过用户名和密码访问,测试时可以不加上。conf/htpasswd 文件的内容用 apache 提供的 htpasswd 工具来产生即可 #auth_basic_user_file conf/htpasswd; } } 7. 附件nginx.conf红色需重点关注;该配置文件分别对原始服务器http://122.193.14.88和http://218.108.85.62:8808的服务进行反向代理同时识别文件的后缀名称.ts的文件进行代理并缓存其他只代理不缓存,缓存文件在/usr/local/nginx/proxy_temp/; #user nobody; worker_processes 1; #error_log logs/error.log; error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; ## Proxy options proxy_buffering on; proxy_cache_min_uses 1; proxy_cache_path /usr/local/nginx/proxy_temp/ levels=1:2 keys_zone=cache:10m inactive=10m max_size=1000M; proxy_cache_valid any 10m; proxy_ignore_client_abort off; proxy_intercept_errors on; proxy_next_upstream error timeout invalid_header; proxy_redirect off; proxy_set_header X-Forwarded-For $remote_addr; proxy_connect_timeout 60; proxy_send_timeout 60; proxy_read_timeout 60; ## Backend servers (web1 is the primary and web2 will come up if web1 is down) upstream webbackend { server web1.domain.lan weight=10 max_fails=3 fail_timeout=30s; server web2.domain.lan weight=1 backup; } server { listen 8011; server_name localhost; #charset koi8-r; #access_log logs/access.log main; access_log logs/access.log; #location / { # root html; # index index.html index.htm; #} location / { #proxy_pass http://122.193.14.88; proxy_pass http://xx:8808; #proxy_cache cache; #proxy_cache_valid 200 24h; #proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; #proxy_ignore_headers Expires Cache-Control; } location ~ \.ts$ { #proxy_pass http://122.193.xx.xx; proxy_pass http://ip:8808; proxy_cache cache; proxy_cache_valid 200 24h; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; proxy_ignore_headers Expires Cache-Control; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 506 507 /50x.html; location = /50x.html { root html; } server { listen 8012; server_name localhost; #charset koi8-r; #access_log logs/access.log main; access_log logs/access2.log; #location / { # root html; # index index.html index.htm; #} location / { proxy_pass http://122.193.xx.xx; #proxy_pass http://ip:8808; #proxy_cache cache; #proxy_cache_valid 200 24h; #proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; #proxy_ignore_headers Expires Cache-Control; } location ~ \.ts$ { proxy_pass http://122.193.xx; #proxy_pass http://ip2:8808; proxy_cache cache; proxy_cache_valid 200 24h; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; proxy_ignore_headers Expires Cache-Control; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 506 507 /50x.html; location = /50x.html { root html; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } 8. 测试验证以一个服务为例,以下情况说明配置成功: a) 正常访问http://122.193.14.xx/1.ts 可以正常读取文件,配置代理后通过http://nginx-IP:8012/1.ts可以正常读取数据并且在PREFIX/proxy_temp/有相应的缓存文件; b) 正常访问http://122.193.14.xx/1.MP3等其他非ts文件可以正常读取文件,配置代理后通过http://nginx-IP:8012/1.mp3可以正常读取数据并且在PREFIX/proxy_temp/没有有相应的缓存文件; (责任编辑:IT) |