1500字范文 > 编译安装nginx实现反向代理负载均衡缓存功能

编译安装nginx实现反向代理负载均衡缓存功能

时间：2018-10-25 05:20:09

一、编译安装nginx

1、下载

[root@ns1~]#wget/download/nginx-1.10.0.tar.gz

2、解压

[root@ns1~]#tarxfnginx-1.10.0.tar.gz[root@ns1~]#cdnginx-1.10.0

3、安装依赖组件

[root@ns1nginx-1.10.0]#yuminstallpcre-devel#url重写需要的组件[root@ns1nginx-1.10.0]#yuminstallzlib-devel#gzip所依赖组件[root@ns1nginx-1.10.0]#yuminstallopenssl-devel#openssl依赖的组件[root@ns1nginx-1.10.0]#groupadd-rnginx#创建一个nginx系统组[root@ns1nginx-1.10.0]#useradd-gnginx-rnginx#在nginx组中加入nginx用户[root@ns1nginx-1.10.0]#idnginxuid=996(nginx)gid=994(nginx)组=994(nginx

4、编译安装

【注意】因为nginx部分模块不支持动态加载，所以需要什么模块一定要提前指定好，淘宝的tengine则支持动态加载模块。

[root@ns1nginx-1.10.0]#./configure--prefix=/usr/local/nginx--conf-path=/etc/nginx/nginx.conf--user=nginx--group=nginx--error-log-path=/var/log/nginx/error.log--http-log-path=/var/log/nginx/access.log--pid-path=/var/run/nginx/nginx.pid--lock-path=/var/lock/nginx.lock--with-http_ssl_module--with-http_stub_status_module--with-http_gzip_static_module--with-http_flv_module--with-http_mp4_module--http-client-body-temp-path=/var/tmp/nginx/client--http-proxy-temp-path=/var/tmp/nginx/proxy--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi[root@ns1nginx-1.10.0]#mkdir-pv/var/tmp/nginx/{client,proxy,fastcgi,uwsgi}[root@ns1nginx-1.10.0]#make&&makeinstall

5、./configure选项说明

[root@ns1nginx-1.10.0]#./configure--help--helpprintthismessage#帮助--prefix=PATHsetinstallationprefix#安装路径--sbin-path=PATHsetnginxbinarypathname#主程序安装路径--modules-path=PATHsetmodulespath#模块安装路径--conf-path=PATHsetnginx.confpathname#主配置文件安装路径--error-log-path=PATHseterrorlogpathname#错误日志路径--pid-path=PATHsetnginx.pidpathname#pid文件路径--lock-path=PATHsetnginx.lockpathname#锁文件路径--user=USERsetnon-privilegeduserfor#nginx启动时work进程以什么身份运行workerprocesses--group=GROUPsetnon-privilegedgroupfor#nginx启动时work进程以什么组运行workerprocesses--build=NAMEsetbuildname#指定编译的名称--builddir=DIRsetbuilddirectory#指定编译的目录#with的是默认没启用的模块，with后启用#without的是默认启动的模块，without后关闭--with-select_moduleenableselectmodule#开起select模块--without-select_moduledisableselectmodule#关闭select模块--with-poll_moduleenablepollmodule#开起poll模块--without-poll_moduledisablepollmodule#关闭poll模块--with-threadsenablethreadpoolsupport#启用线程池--with-file-aioenablefileAIOsupport#开起文件AIO功能，一般用来提高图片站读i/o操作--with-ipv6enableIPv6support#开起ipv6支持--with-http_ssl_moduleenablengx_http_ssl_module#启用ssl模块--with-http_v2_moduleenablengx_http_v2_module#源自spdy协议，优先请求浏览器最继续的内容--with-http_realip_moduleenablengx_http_realip_module#反向代理时把真实访问ip传给后端--with-http_addition_moduleenablengx_http_addition_module#在页面后添加文本--with-http_xslt_moduleenablengx_http_xslt_module#在响应XML文件时，转为一个或多个XSLT样式--with-http_xslt_module=dynamicenabledynamicngx_http_xslt_module#动态的xslt模块--with-http_p_w_picpath_filter_moduleenablengx_http_p_w_picpath_filter_module#开启图片转换功能，依赖libgd库，能够对图片进行转换格式，尺寸等--with-http_p_w_picpath_filter_module=dynamic#动态的p_w_picpath_filter模块enabledynamicngx_http_p_w_picpath_filter_module--with-http_geoip_moduleenablengx_http_geoip_module#开启GeoIP功能，需要geoIP数据库的支持--with-http_geoip_module=dynamicenabledynamicngx_http_geoip_module#动态geoip模块--with-http_sub_moduleenablengx_http_sub_module#sub模块，用来替换相应包指定内容--with-http_dav_moduleenablengx_http_dav_module#开启WebDAV功能，此方法可以开启PUT、DELETE、COPY、MKCOL、MOVE等HTTP方法，建议关闭--with-http_flv_moduleenablengx_http_flv_module#流媒体模块--with-http_mp4_moduleenablengx_http_mp4_module#mp4模块--with-http_gunzip_moduleenablengx_http_gunzip_module#开启gzip方式传输模式，能够大大减少带宽消耗--with-http_gzip_static_moduleenablengx_http_gzip_static_module#压缩静态页面的gizp模块--with-http_auth_request_moduleenablengx_http_auth_request_module#基于请求的返回结果来控制用户鉴权--with-http_random_index_moduleenablengx_http_random_index_module#响应用户以“/”结尾的请求，并在该目录下随机选择一个文件作为index文件。此模块先于ngx_http_index_module被执行--with-http_secure_link_moduleenablengx_http_secure_link_module#开启安全链接功能。防盗链用--with-http_degradation_moduleenablengx_http_degradation_module#内存不足时，Nginx将返回204或444给客户端--with-http_slice_moduleenablengx_http_slice_module#开启切片模块，对大文件切片用--with-http_stub_status_moduleenablengx_http_stub_status_module#nginx状态页面模块--without-http_charset_moduledisablengx_http_charset_module#下面都是默认安装的模块，有需要可以关闭--without-http_gzip_moduledisablengx_http_gzip_module--without-http_ssi_moduledisablengx_http_ssi_module--without-http_userid_moduledisablengx_http_userid_module--without-http_access_moduledisablengx_http_access_module--without-http_auth_basic_moduledisablengx_http_auth_basic_module--without-http_autoindex_moduledisablengx_http_autoindex_module--without-http_geo_moduledisablengx_http_geo_module--without-http_map_moduledisablengx_http_map_module--without-http_split_clients_moduledisablengx_http_split_clients_module--without-http_referer_moduledisablengx_http_referer_module--without-http_rewrite_moduledisablengx_http_rewrite_module--without-http_proxy_moduledisablengx_http_proxy_module--without-http_fastcgi_moduledisablengx_http_fastcgi_module--without-http_uwsgi_moduledisablengx_http_uwsgi_module--without-http_scgi_moduledisablengx_http_scgi_module--without-http_memcached_moduledisablengx_http_memcached_module--without-http_limit_conn_moduledisablengx_http_limit_conn_module--without-http_limit_req_moduledisablengx_http_limit_req_module--without-http_empty_gif_moduledisablengx_http_empty_gif_module--without-http_browser_moduledisablengx_http_browser_module--without-http_upstream_hash_moduledisablengx_http_upstream_hash_module--without-http_upstream_ip_hash_moduledisablengx_http_upstream_ip_hash_module--without-http_upstream_least_conn_moduledisablengx_http_upstream_least_conn_module--without-http_upstream_keepalive_moduledisablengx_http_upstream_keepalive_module--without-http_upstream_zone_moduledisablengx_http_upstream_zone_module--with-http_perl_moduleenablengx_http_perl_module#开起perl模块--with-http_perl_module=dynamicenabledynamicngx_http_perl_module#动态perl模块--with-perl_modules_path=PATHsetPerlmodulespath--with-perl=PATHsetperlbinarypathname--http-log-path=PATHsethttpaccesslogpathname#访问日志路径--http-client-body-temp-path=PATHsetpathtostore#客户端上传内容临时存放位置，路径不存在则必须先创建httpclientrequestbodytemporaryfiles--http-proxy-temp-path=PATHsetpathtostore#作为代理服务器代理内容临时存放位置httpproxytemporaryfiles--http-fastcgi-temp-path=PATHsetpathtostore#fastcgi协议工作时所需临时目录httpfastcgitemporaryfiles--http-uwsgi-temp-path=PATHsetpathtostore#uwsgi协议工作时所需临时目录httpuwsgitemporaryfiles--http-scgi-temp-path=PATHsetpathtostore#scgi协议工作时所需临时目录httpscgitemporaryfiles--without-httpdisableHTTPserver--without-http-cachedisableHTTPcache--with-mailenablePOP3/IMAP4/SMTPproxymodule#开起mail模块--with-mail=dynamicenabledynamicPOP3/IMAP4/SMTPproxymodule#开起mail动态模块--with-mail_ssl_moduleenablengx_mail_ssl_module--without-mail_pop3_moduledisablengx_mail_pop3_module--without-mail_imap_moduledisablengx_mail_imap_module--without-mail_smtp_moduledisablengx_mail_smtp_module--with-streamenableTCP/UDPproxymodule#stream模块用于tcp/udp和负载均衡--with-stream=dynamicenabledynamicTCP/UDPproxymodule#动态stream模块--with-stream_ssl_moduleenablengx_stream_ssl_module--without-stream_limit_conn_moduledisablengx_stream_limit_conn_module--without-stream_access_moduledisablengx_stream_access_module--without-stream_upstream_hash_moduledisablengx_stream_upstream_hash_module--without-stream_upstream_least_conn_moduledisablengx_stream_upstream_least_conn_module--without-stream_upstream_zone_moduledisablengx_stream_upstream_zone_module--with-google_perftools_moduleenablengx_google_perftools_module#内存管理模块合理调配系统内存资源给服务器--with-cpp_test_moduleenablengx_cpp_test_module#启用ngx_cpp_test_module支持--add-module=PATHenableexternalmodule#启用外部模块支持--add-dynamic-module=PATHenabledynamicexternalmodule#动态加载外部模块--with-cc=PATHsetCcompilerpathname#用于C编译环境非默认的情况，指向C编译器路径--with-cpp=PATHsetCpreprocessorpathname#指向C预处理路径--with-cc-opt=OPTIONSsetadditionalCcompileroptions#设置C编译器参数--with-ld-opt=OPTIONSsetadditionallinkeroptions#设置连接文件参数--with-cpu-opt=CPUbuildforthespecifiedCPU,validvalues:#指定编译的CPUpentium,pentiumpro,pentium3,pentium4,athlon,opteron,sparc32,sparc64,ppc64--without-pcredisablePCRElibraryusage--with-pcreforcePCRElibraryusage#url重写时所需模块，有更强大的正则引擎--with-pcre=DIRsetpathtoPCRElibrarysources--with-pcre-opt=OPTIONSsetadditionalbuildoptionsforPCRE--with-pcre-jitbuildPCREwithJITcompilationsupport--with-md5=DIRsetpathtomd5librarysources--with-md5-opt=OPTIONSsetadditionalbuildoptionsformd5--with-md5-asmusemd5assemblersources--with-sha1=DIRsetpathtosha1librarysources--with-sha1-opt=OPTIONSsetadditionalbuildoptionsforsha1--with-sha1-asmusesha1assemblersources--with-zlib=DIRsetpathtozliblibrarysourcesgzip--with-zlib-opt=OPTIONSsetadditionalbuildoptionsforzlib--with-zlib-asm=CPUusezlibassemblersourcesoptimizedforthespecifiedCPU,validvalues:pentium,pentiumpro--with-libatomicforcelibatomic_opslibraryusage--with-libatomic=DIRsetpathtolibatomic_opslibrarysources--with-openssl=DIRsetpathtoOpenSSLlibrarysources#openssl所在位置--with-openssl-opt=OPTIONSsetadditionalbuildoptionsforOpenSSL--with-debugenabledebuglogging

二、启动脚本

[root@ns1init.d]#vim/etc/init.d/nginx#编写启动脚本#!/bin/bash##nginx-thisscriptstartsandstopsthenginxdaemon##chkconfig:-8515#description:NginxisanHTTP(S)server,HTTP(S)reverse\#proxyandIMAP/POP3proxyserver##processname:nginx#config:/etc/nginx/nginx.conf#pidfile:/var/run/nginx/nginx.pid#Sourcefunctionlibrary../etc/rc.d/init.d/functions#Sourcenetworkingconfiguration../etc/sysconfig/network#Checkthatnetworkingisup.["$NETWORKING"="no"]&&exit0nginx="/usr/local/nginx/sbin/nginx"#根据自己的安装位置修改这里prog=$(basename$nginx)NGINX_CONF_FILE="/etc/nginx/nginx.conf"#修改这里[-f/etc/sysconfig/nginx]&&./etc/sysconfig/nginxlockfile=/var/lock/nginx.lock#修改这里start(){[-x$nginx]||exit5[-f$NGINX_CONF_FILE]||exit6echo-n$"Starting$prog:"daemon$nginx-c$NGINX_CONF_FILEretval=$?echo[$retval-eq0]&&touch$lockfilereturn$retval}stop(){echo-n$"Stopping$prog:"killproc$prog-QUITretval=$?echo[$retval-eq0]&&rm-f$lockfilereturn$retval}restart(){configtest||return$?stopsleep1start}reload(){configtest||return$?echo-n$"Reloading$prog:"killproc$nginx-HUPRETVAL=$?echo}force_reload(){restart}configtest(){$nginx-t-c$NGINX_CONF_FILE}rh_status(){status$prog}rh_status_q(){rh_status>/dev/null2>&1}case"$1"instart)rh_status_q&&exit0$1;;stop)rh_status_q||exit0$1;;restart|configtest)$1;;reload)rh_status_q||exit7$1;;force-reload)force_reload;;status)rh_status;;condrestart|try-restart)rh_status_q||exit0;;*)echo$"Usage:$0{start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"exit2esac[root@localhostnginx-1.10.0]#chmod755/etc/init.d/nginx[root@localhostnginx-1.10.0]#servicenginxrestart#开机启动[root@localhostnginx-1.10.0]#chkconfig--addnginx[root@localhostnginx-1.10.0]#chkconfignginxon[root@localhostnginx-1.10.0]#chkconfig--listnginxnginx0:关1:关2:开3:开4:开5:开6:关

三、配置2个基于nginx的web

（172.16.22.39）（172.16.22.40）

[root@ns2~]#vim/etc/nginx/nginx.confusernginx;#以哪个用户的身份运行nginxworker_processes1;#运行几个worker进程error_log/var/log/nginx/error.log;#错误日志位置#error_loglogs/error.lognotice;#error_loglogs/error.loginfo;pid/var/run/nginx/nginx.pid;#pid文件位置events{worker_connections1024;#一个worker进程的最大并发数量}http{includemime.types;default_typeapplication/octet-stream;log_formatmain'$remote_addr-$remote_user[$time_local]"$request"'#日志格式'$status$body_bytes_sent"$http_referer"''"$http_user_agent""$http_x_forwarded_for"';access_log/var/log/nginx/access.logmain;#访问日志位置和应用上面的格式sendfileon;#tcp_nopushon;#keepalive_timeout0;keepalive_timeout65;#持久连接时间gzipon;#开起gzip压缩server{listen80;;#charsetkoi8-r;#access_loglogs/host.access.logmain;location/{root/var/www/html;#根目录位置indexindex.htmlindex.htm;#首页索引文件}#error_page404/404.html;#redirectservererrorpagestothestaticpage/50x.html#error_page500502503504/50x.html;#错误页面位置location=/50x.html{roothtml;}｝[root@ns2~]#vim/var/www/html/index.html<h1></h1>[root@ns2~]#servicenginxstart[root@ns3~]#vim/var/www/html/index.html<h1></h1>[root@ns3~]#vim/var/www/html/ds.html<h1>Thereisds.</h1>[root@ns3~]#servicenginxstart

四、配置反向代理,负载均衡,缓存

1、创建缓存目录和修改hosts文件（172.16.22.38）

#创建缓存目录(172.16.22.38)，修改hosts文件（全部主机）[root@ns1~]#mkdir-pv/cache/nginx[root@ns1~]#chownnginx:nginx/cache/nginx[root@ns1~]#vim/etc/hosts--------------------------------172.16.22.172.16.22.172.16.22.#另外两台也要修改

2、修改代理服务器配置文件（172.16.22.38）

[root@ns1~]#vim/etc/nginx/nginx.conf--------------------------------------------------usernginx;worker_processes1;error_log/var/log/nginx/error.logerror;pid/var/run/nginx/nginx.pid;events{worker_connections1024;}http{include/etc/nginx/mime.types;default_typeapplication/octet-stream;log_formatmain'$remote_addr-$remote_user[$time_local]"$request"''$status$body_bytes_sent"$http_referer"''"$http_user_agent""$http_x_forwarded_for"';access_log/var/log/nginx/access.logmain;proxy_cache_path/cache/nginx/levels=1:1keys_zone=mycache:32m;#缓存路径，1：1表示1级目录下有1个子目录，缓存key名称为mycache后面调用时要用，缓存大小为32msendfileon;#tcp_nopushon;keepalive_timeout65;gzipon;upstreamxinfengsvr{#定义一个负载均衡组，组名叫xinfengsvr，下面直接调用组名server172.16.22.39:80weight=1max_fails=2fail_timeout=1;#权重1，错误2次，每次超时1秒,就算健康状态,检测失败，还可以在后面街上backup将次服务器作为备用服务器server172.16.22.40:80weight=1max_fails=2fail_timeout=1;#}server{listen80;;location/{root/var/www/html;indexindex.htmlindex.htm;proxy_passhttp://xinfengsvr/;#将对本服务器首页的请求代理至负载均衡组xinfengsvr，以实现负载均衡}location/index/{proxy_cachemycache;#调用缓存key为mycaheproxy_cache_valid2001m;#返回值为200的缓存1分钟#root/var/www/html;proxy_passhttp://172.16.22.40/ds.html;#将url为/index/的代理至/ds.htmlproxy_set_headerHost$host;#把客户端真实主机名传递给后端服务器proxy_set_headerX-Real-IP$remote_addr;#把客户端真实ip传递给后端服务器indexindex.htmlindex.htm;}error_page500502503504/50x.html;location=/50x.html{root/var/www/html;}}}[root@ns1~]#servicenginxreload[root@ns1~]#servicenginxrestart

在把客户端ip发给后端服务器时，apache需要修改httpd.conf

LogFormat"%{X-Real-IP}i%l%u%t\"%r\"%>s%b\"%{Referer}i\"\"%{User-Agent}i\""combinedLogFormat"%h%l%u%t\"%r\"%>s%b"commonLogFormat"%{Referer}i->%U"refererLogFormat"%{User-agent}i"agent

如果是后端nginx，需要修改nginx.conf

--with-http_realip_module#需要安装时开起此模块set_real_ip_from192.168.1.0/24;#这里是前端代理服务器ip，可以是单个IP或者IP段set_real_ip_from192.168.2.1;real_ip_headerX-Real-IP;