-
nginx通常被用作后端服务器的反向代理,这样就可以很方便的实现动静分离以及负载均衡,从而大大提高服务器的处理能力。
-
nginx实现动静分离,其实就是在反向代理的时候,如果是静态资源,就直接从nginx发布的路径去读取,而不需要从后台服务器获取了。
-
但是要注意,这种情况下需要保证后端跟前端的程序保持一致,可以使用Rsync做服务端自动同步或者使用NFS、MFS分布式共享存储。
-
Http Proxy模块,功能很多,最常用的是proxy_pass和proxy_cache
-
如果要使用proxy_cache,需要集成第三方的ngx_cache_purge模块,用来清除指定的URL缓存。这个集成需要在安装nginx的时候去做,如:
./configure --add-module=../ngx_cache_purge-1.0… -
nginx通过upstream模块来实现简单的负载均衡,upstream需要定义在http段内
-
在upstream段内,定义一个服务器列表,默认的方式是轮询,如果要确定同一个访问者发出的请求总是由同一个后端服务器来处理,可以设置ip_hash,如:
upstream idfsoft.com { #此字段要写在server字段的前面
ip_hash;
server 127.0.0.1:9080 weight=5;
server 127.0.0.1:8080 weight=5;
server 127.0.0.1:1111;
}
upstream webservers{
server 192.168.200.151 weight=3; #weight表示访问三次151的web页面后访问一次145的web页面
server 192.168.200.145;
}
//这个方法本质还是轮询,而且由于客户端的ip可能是不断变化的,比如动态ip,代理,翻墙等,因此ip_hash并不能完全保证同一个客户端总是由同一个服务器来处理。
//定义好upstream后,需要在server段内添加如下内容
server {
location / {
proxy_pass http://webservers; #这里要和upstream段配置的域名一致
}
}
2. Nginx实现负载均衡和动静分离
环境说明:
| 主机 | IP | 服务 |
|---|---|---|
| LB | 192.168.200.144 | nginx |
| RS1 | 192.168.200.145 | lnmp |
| RS2 | 192.168.200.151 | apache |
- RS1上安装apache可参考:lamp部署
- RS2上安装lnmp可参考:lnmp部署
在RS1上测试是否能够访问到apache页面
3在RS1上安装LNMP 3.1 安装nginx//关闭防火墙 [root@RS1 ~]# systemctl disable --now firewalld Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@RS1 ~]# sed -ri 's/^(SELINUX=).*/1disabled/g' /etc/selinux/config [root@RS1 ~]# setenforce 0 安装nginx //创建系统用户nginx [root@RS1 ~]# useradd -r -M -s /sbin/nologin nginx //安装依赖环境 [root@RS1 ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make [root@RS1 ~]# yum -y groups mark install 'Development Tools' //创建日志存放目录 [root@RS1 ~]# mkdir -p /var/log/nginx [root@RS1 ~]# chown -R nginx.nginx /var/log/nginx //编译安装nginx [root@RS1 ~]# cd /usr/src/ [root@RS1 src]# ls debug mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz php-8.0.10.tar.xz kernels nginx-1.20.1.tar.gz [root@RS1 src]# tar xf nginx-1.20.1.tar.gz [root@RS1 src]# cd nginx-1.20.1 [root@RS1 nginx-1.20.1]#./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log [root@RS1 nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install //配置环境变量 [root@RS1 ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh [root@RS1 ~]# source /etc/profile.d/nginx.sh //启动nginx [root@RS1 ~]# /usr/local/nginx/sbin/nginx //默认启动文件 [root@RS1 ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*3.2 安装mysql
//安装依赖包
[root@RS1 ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs
//创建用户和组
[root@RS1 ~]# useradd -r -M -s /sbin/nologin mysql
//解压mysql软件包
[root@RS1 ~]# cd /usr/src/
[root@RS1 src]# tar xf mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@RS1~]# cd /usr/local/
[root@RS1 local]# ls
bin games lib libexec nginx share
etc include lib64 mysql-5.7.35-linux-glibc2.12-x86_64 sbin src
[root@RS1 local]# ln -sv mysql-5.7.35-linux-glibc2.12-x86_64/ mysql
'mysql' -> 'mysql-5.7.35-linux-glibc2.12-x86_64/'
[root@RS1 local]# chown -R mysql.mysql /usr/local/mysql*
//添加环境变量
[root@RS1 ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@RS1 ~]# source /etc/profile.d/mysql.sh
[root@RS1 ~]# echo $PATH
/usr/local/mysql/bin:/usr/local/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
//头文件软连接
[root@RS1 ~]# ln -s /usr/local/mysql/include /usr/include/mysql
//帮助文档
[root@RS1 ~]# vim /etc/man_db.conf
MANDATORY_MANPATH /usr/local/mysql/man
//库文件
[root@RS1 ~]# vim /etc/ld.so.conf.d/mysql.conf
/usr/local/mysql/lib
[root@lnmp ~]# ldconfig
//建立数据存放目录
[root@RS1 ~]# mkdir -p /opt/data
[root@RS1 ~]# chown -R mysql.mysql /opt/data/
[root@RS1 ~]# ll /opt/
总用量 0
drwxr-xr-x. 2 mysql mysql 6 10月 26 01:02 data
//初始化数据库
[root@RS1 ~]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/data
//生成配置文件
[root@RS1 ~]# cat /etc/my.cnf #如果这个文件存在,请先备份再修改
[mysqld]
basedir = /usr/local/mysql
datadir = /data
socket = /tmp/mysql.sock
port = 3306
pid-file = /data/mysql.pid
user = mysql
skip-name-resolve
//配置启动服务
[root@RS1 ~]# sed -ri 's#^(basedir=).*#1/usr/local/mysql#g' /usr/local/mysql/support-files/mysql.server
[root@RS1 ~]# sed -ri 's#^(datadir=).*#1/opt/data#g' /usr/local/mysql/support-files/mysql.server
[root@RS1 ~]# cat /usr/lib/systemd/system/mysqld.service
[Unit]
Description=Mysql server daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
// 启动mysql
[root@RS1 ~]# systemctl daemon-reload
[root@RS1 ~]# systemctl enable --now mysqld
Created symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.
[root@RS1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 80 *:3306 *:*
//设置数据库密码
mysql> set password = password('123456');
Query OK, 0 rows affected, 1 warning (0.00 sec)
3.3 安装PHP
//先下载epel源 [root@RS1 ~]# yum -y install epel-release //下载依赖包 [root@RS1 ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd libzip-devel.x86_64 libsqlite3x-devel [root@RS1 ~]# yum -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm //解压编译PHP [root@RS1 ~]# cd /usr/src/ [root@RS1 src]# tar xf php-8.0.10.tar.xz [root@RS1 src]# cd php-8.0.10 [root@RS1 php-8.0.10]#./configure --prefix=/usr/local/php8 --with-config-file-path=/etc --enable-fpm --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix [root@RS1 php-8.0.10]# make && make install //设置环境变量 [root@RS1 php-8.0.10]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php.sh [root@RS1 php-8.0.10]# source /etc/profile.d/php.sh //配置php-fpm [root@RS1 php-8.0.10]# cp php.ini-production /etc/php.ini cp:是否覆盖'/etc/php.ini'? y [root@RS1 php-8.0.10]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm [root@RS1 php-8.0.10]# chmod +x /etc/init.d/php-fpm [root@RS1 php-8.0.10]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf [root@RS1 php-8.0.10]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf //启动php-fpm [root@RS1 ~]# service php-fpm start Starting php-fpm done [root@RS1 ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 127.0.0.1:9000 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 80 *:3306 *:*
在RS1上测试是否能够访问到php动态页面
//先安装开发工具包 [root@RS2 ~]# yum groups mark install 'Development Tools' -y //创建apache用户 [root@RS2 ~]# useradd -r -M -s /sbin/nologin apache [root@RS2 ~]# id apache uid=994(apache) gid=991(apache) 组=991(apache) //安装依赖包 [root@RS2 ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ make //下载apache所需要的包 [root@RS2 src]# wget https://dlcdn.apache.org/httpd/httpd-2.4.49.tar.gz [root@RS2 src]# wget https://dlcdn.apache.org/apr/apr-1.7.0 [root@RS2 src]# wget https://dlcdn.apache.org/apr/apr-util-1.6.1.tar.gz [root@RS2 src]# ls apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz debug httpd-2.4.49.tar.gz kernels wget https://dlcdn.apache.org/apr/apr-util-1.6.1.tar.gz //解压所有包 [root@RS2 src]# tar xf httpd-2.4.49.tar.gz [root@RS2 src]# tar xf apr-1.7.0.tar.gz [root@RS2 src]# tar xf apr-util-1.6.1.tar.gz [root@RS2 src]# ls apr-1.7.0 apr-util-1.6.1 debug httpd-2.4.49.tar.gz apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.49 kernels [root@RS2 src]# //修改apr-1.7.0/configure里面的配置文件,进行编译安装 [root@RS2 ~]# cd /usr/src/apr-1.7.0 [root@RS2 apr-1.7.0]# vim configure ## 删除此行或添加注释 $RM "$cfgfile" //编译安装apr [root@RS2 apr-1.7.0]# ./configure --prefix=/usr/local/apr [root@RS2 apr-1.7.0]# make && make install //编译安装apr-util [root@RS2 apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr [root@RS2 apr-util-1.6.1]# make && make install //编译安装htpd [root@RS2 httpd-2.4.49]# ./configure --prefix=/usr/local/apache --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork [root@RS2 httpd-2.4.49]# make && make install //安装后所需要做的配置 //设置环境变量 [root@RS2 ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh [root@RS2 ~]# source /etc/profile.d/httpd.sh [root@RS2 ~]# which httpd /usr/local/apache/bin/httpd //做一个软链接,让其能直接访问/usr/include/apache [root@RS2 ~]# ln -s /usr/local/apache/include /usr/include/apache [root@RS2 ~]# ls /usr/local/apache/ bin cgi-bin error icons logs manual build conf htdocs include man modules [root@RS2 ~]# vim /etc/man_db.conf //修改此行内容为下,让其能找到帮助文档 MANDATORY_MANPATH /usr/local/apache/man [root@RS2 ~]# vim /usr/local/apache/conf/httpd.conf //取消掉此行注释 ServerName www.example.com:80 //设置开机自启 [root@RS2 ~]# cat /usr/lib/systemd/system/sshd.service > /usr/lib/systemd/system/httpd.service [root@RS2 ~]# vim /usr/lib/systemd/system/httpd.service //修改成此配置文件 [Unit] Description=Httpd server daemon After=network.target [Service] Type=forking ExecStart=/usr/local/apache/bin/apachectl start ExecStop=/usr/local/apache/bin/apachectl stop ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target [root@RS2 ~]# systemctl daemon-reload [root@RS2 ~]# systemctl enable --now httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@RS2 ~]# systemctl status httpd [root@RS2 ~]# echo "hello world!!!" >/var/www/html/index.html
在RS2上测试是否能够访问到apache页面
[root@LB ~]# vim /usr/local/nginx/conf/nginx.conf
upstream webservers {
server 192.168.200.145;
server 192.168.200.151;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://webservers; #webservers要与上面的upstream后面所跟的一样
}
在浏览器上访问192.168.200.144
root@LB ~]# vim /usr/local/nginx/conf/nginx.conf
upstream static {
server 192.168.200.151;
}
upstream dynamic {
server 192.168.25.145;
}
server {
listen 80;
server_name localhost;
......
location / {
proxy_pass http://static; #访问根目录下的静态资源会自动跳转到192.168.200.151上进行访问
}
......
location ~ .php$ {
proxy_pass http://dynamic; #访问根目录下的.php动态资源会自动跳转到192.168.200.145上进行访问
访问测试
