实现WWW服务的常用web软件:nginx、apache。
经典流行的web组合lamp(linux apache mysql php)、lnmp(linux nginx mysql php)。
Nginx本身是一款静态(html、js、css、jpg等)的www软件,不能解析动态的PHP、JSP、DO。
最大的特点:
1、静态小文件(1M),支持高并发,同时占用的资源很少。30000并发,10个进程,内存消耗150M。
Nginx在windows、linux、unix都可以。
Nginx服务最大的功能:
1、www web服务、邮件服务、邮件代理。
2、负载均衡(反向代理proxy)。
3、web cache(web缓存),squid(CDN主要使用squid)。
Nginx特点:
1、配置简单、灵活、轻量。
2、高并发(静态小文件),静态几万的并发。
3、占用资源少。
4、功能种类比较多(web、cache、proxy),每一功能都不是特别强。
5、支持epoll模型。使得nginx可以支持高并发。apache使用select模型。
6、nginx可以配合动态PHP服务(fastcgi接口)。
7、利用nginx可以对IP限速,可限制连接数。
Nginx的应用场合
1、提供静态服务(图片、视频服务),另一个lighttpd。几万并发。
2、提供动态服务,nginx+fastcgi的方式运行PHP、JSP。动态并发500-1500。(apache+php、lighttpd+fastcgi php)
3、反向代理、负载均衡。日PV2000万以下,都可以直接用nginx做反向代理。(haproxy、F5、A10)
4、缓存服务。类似squid、varnish、ats。
nginx支持虚拟主机
一个server标签段就是一个虚拟主机。
1、基于域名的虚拟主机。通过域名来区分虚拟主机。应用:外部网站。
2、基于端口的虚拟主机。通过端口来区分虚拟主机。应用:公式内部网站,网站后台。
3、基于IP的虚拟主机。几乎不用。不支持ifconfig别名,配置文件可以。
Nginx安装
安装PCRE
Pcre全称(Perl Compatible Regular Expressions),中文perl兼容正则表达式。
- [root@lnmp ~]# cat /etc/redhat-release
- CentOS release 6.6 (Final)
- [root@lnmp ~]# uname -r
- 2.6.32-504.el6.x86_64
- [root@lnmp ~]# uname -m
- x86_64
- [root@lnmp ~]# rpm -qa pcre pcre-devel
- pcre-7.8-6.el6.x86_64
- [root@lnmp ~]# yum install pcre pcre-devel -y
- [root@lnmp ~]# rpm -qa pcre pcre-devel
- pcre-7.8-7.el6.x86_64
- pcre-devel-7.8-7.el6.x86_64
安装OpenSSL
- [root@lnmp ~]# rpm -qa openssl openssl-devel
- openssl-1.0.1e-30.el6.x86_64
- [root@lnmp ~]# yum install openssl-devel -y
- [root@lnmp ~]# rpm -qa openssl openssl-devel
- openssl-devel-1.0.1e-48.el6_8.3.x86_64
- openssl-1.0.1e-48.el6_8.3.x86_64
安装nginx
- [root@lnmp nginx-1.6.3]# useradd nginx -s /sbin/nologin -M
- [root@lnmp nginx-1.6.3]# id nginx
- uid=503(nginx) gid=503(nginx) groups=503(nginx)
- [root@lnmp ~]# cd /home/oldboy/tools/
- [root@lnmp tools]# wget -q http://nginx.org/download/nginx-1.6.3.tar.gz
- [root@lnmp tools]# ls nginx-1.6.3.tar.gz -lk
- -rw-r--r--. 1 root root 787 Apr 8 2015 nginx-1.6.3.tar.gz
- [root@lnmp tools]# tar xf nginx-1.6.3.tar.gz
- [root@lnmp tools]# cd nginx-1.6.3
- [root@lnmp nginx-1.6.3]# ll
- total 624
- drwxr-xr-x. 6 1001 1001 4096 Feb 16 02:42 auto
- -rw-r--r--. 1 1001 1001 236608 Apr 7 2015 CHANGES
- -rw-r--r--. 1 1001 1001 360501 Apr 7 2015 CHANGES.ru
- drwxr-xr-x. 2 1001 1001 4096 Feb 16 02:42 conf
- -rwxr-xr-x. 1 1001 1001 2369 Apr 7 2015 configure
- drwxr-xr-x. 4 1001 1001 4096 Feb 16 02:42 contrib
- drwxr-xr-x. 2 1001 1001 4096 Feb 16 02:42 html
- -rw-r--r--. 1 1001 1001 1397 Apr 7 2015 LICENSE
- drwxr-xr-x. 2 1001 1001 4096 Feb 16 02:42 man
- -rw-r--r--. 1 1001 1001 49 Apr 7 2015 README
- drwxr-xr-x. 8 1001 1001 4096 Feb 16 02:42 src
- [root@lnmp nginx-1.6.3]# tree|wc -l
- 404
- [root@lnmp nginx-1.6.3]# ./configure --prefix=/application/nginx-1.6.3 --user=nginx --group=nginx --with-http_stub_status_module
- [root@lnmp nginx-1.6.3]# echo $?
- 0
- [root@lnmp nginx-1.6.3]# make && make install
- [root@lnmp nginx-1.6.3]# cd ..
- [root@lnmp tools]# ll /application/nginx-1.6.3/ -ld
- drwxr-xr-x. 6 root root 4096 Feb 16 02:50 /application/nginx-1.6.3/
- [root@lnmp tools]# ln -s /application/nginx-1.6.3/ /application/nginx
- [root@lnmp tools]# ls -l /application/
- total 4
- lrwxrwxrwx. 1 root root 25 Feb 16 02:53 nginx -> /application/nginx-1.6.3/
- drwxr-xr-x. 6 root root 4096 Feb 16 02:50 nginx-1.6.3
启动nginx
- [root@lnmp tools]# /application/nginx/sbin/nginx
- [root@lnmp tools]# ps -ef|grep nginx|grep -v grep
- root 1362 1231 0 01:44 pts/0 00:00:00 wget -q http://nginx.org/download/nginx-1.6.3.tar.gz
- root 1364 1231 0 01:46 pts/0 00:00:00 wget -q http://nginx.org/download/nginx-1.6.3.tar.gz
- root 3853 1 0 02:59 ? 00:00:00 nginx: master process /application/nginx/sbin/nginx
- nginx 3854 3853 0 02:59 ? 00:00:00 nginx: worker process
- [root@lnmp tools]# ss -lntup|grep nginx
- tcp LISTEN 0 128 *:80 *:* users:(("nginx",3853,6),("nginx",3854,6))
- [root@lnmp tools]# curl 127.0.0.1
- <!DOCTYPE html>
- <html>
- <head>
- <title>Welcome to nginx!</title>
- <style>
- body {
- 35em;
- margin: 0 auto;
- font-family: Tahoma, Verdana, Arial, sans-serif;
- }
- </style>
- </head>
- <body>
- <h1>Welcome to nginx!</h1>
- <p>If you see this page, the nginx web server is successfully installed and
- working. Further configuration is required.</p>
- <p>For online documentation and support please refer to
- <a href="http://nginx.org/">nginx.org</a>.<br/>
- Commercial support is available at
- <a href="http://nginx.com/">nginx.com</a>.</p>
- <p><em>Thank you for using nginx.</em></p>
- </body>
- </html>
浏览器访问
- [root@lnmp nginx]# ls -l|grep -v temp
- total 36
- drwxr-xr-x. 2 root root 4096 Feb 16 02:50 conf #配置
- drwxr-xr-x. 2 root root 4096 Feb 16 02:50 html #默认网站目录
- drwxr-xr-x. 2 root root 4096 Feb 16 02:59 logs #错误,访问日志
- drwxr-xr-x. 2 root root 4096 Feb 16 02:50 sbin #启动命令
部署站点
新建一个index2.html。
- [root@lnmp html]# cat index2.html
- <html>
- <head><title>Golden,s Nginx server blog.</title></head>
- <body>
- Hi,I am golden.My blog address is
- <a href="http://www.cnblogs.com/yinshoucheng-golden">http://www.cnblogs.com/yinshoucheng-golden</a>
- </body>
- </html>
浏览器访问:http://192.168.31.134/index2.html
Nginx http功能模块汇总
ngx_http_core_module:包括一些核心的http参数配置,对应nginx的配置为http区块部分。
ngx_http_access_module:访问控制模块,用来控制网站用户对nginx的访问。
ngx_http_gzip_module:压缩模块,对nginx返回的数据压缩,属于性能优化模块。
ngx_http_fastcgi_module:fastcgi模块和动态应用相关的模块,例如PHP。
ngx_http_proxy_module:proxy代理模块。
ngx_http_upstream_module:负载均衡模块,可以实现网站的负载均衡功能及节点的健康检查。
ngx_http_rewrite_module:URL地址重写模块。
ngx_http_limit_conn_module:限制用户并发连接数及请求数模块。
ngx_http_limit_req_module:限制Nginx request processing rate根据定义的key。
ngx_http_log_module:访问日志模块,以指定的格式记录nginx客户访问日志等信息。
ngx_http_anth_basic_module:web认证模块,设置web用户通过账号密码访问nginx。
ngx_http_ssl_module:ssl模块,用于加密的http连接,如https。
ngx_http_stub_status_module:记录nginx基本访问状态信息等的模块。
nginx.conf
- [root@lnmp conf]# cat nginx.conf
- #user nobody;
- worker_processes 1; # 4 – 10行main区,nginx核心功能模块
- #error_log logs/error.log;
- #error_log logs/error.log notice;
- #error_log logs/error.log info;
- #pid logs/nginx.pid;
- events { # 13 – 15 行 events区,nginx核心功能模块
- worker_connections 1024;
- }
- http { # http区,nginx http核心模块
- include mime.types;
- default_type application/octet-stream;
- #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- # '$status $body_bytes_sent "$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
- #access_log logs/access.log main;
- sendfile on;
- #tcp_nopush on;
- #keepalive_timeout 0;
- keepalive_timeout 65;
- #gzip on;
- server { # server标签
- listen 80; # 端口
- server_name localhost; # 域名
- #charset koi8-r;
- #access_log logs/host.access.log main;
- location / { # 根据uri进行跳转
- root html;
- index index.html index.htm; # 首页
- }
- #error_page 404 /404.html;
- # redirect server error pages to the static page /50x.html
- #
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- # proxy the PHP scripts to Apache listening on 127.0.0.1:80
- #
- #location ~ .php$ {
- # proxy_pass http://127.0.0.1;
- #}
- # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
- #
- #location ~ .php$ {
- # root html;
- # fastcgi_pass 127.0.0.1:9000;
- # fastcgi_index index.php;
- # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
- # include fastcgi_params;
- #}
- # deny access to .htaccess files, if Apache's document root
- # concurs with nginx's one
- #
- #location ~ /.ht {
- # deny all;
- #}
- }
- # another virtual host using mix of IP-, name-, and port-based configuration
- #
- #server {
- # listen 8000;
- # listen somename:8080;
- # server_name somename alias another.alias;
- # location / {
- # root html;
- # index index.html index.htm;
- # }
- #}
- # HTTPS server
- #
- #server {
- # listen 443 ssl;
- # server_name localhost;
- # ssl_certificate cert.pem;
- # ssl_certificate_key cert.key;
- # ssl_session_cache shared:SSL:1m;
- # ssl_session_timeout 5m;
- # ssl_ciphers HIGH:!aNULL:!MD5;
- # ssl_prefer_server_ciphers on;
- # location / {
- # root html;
- # index index.html index.htm;
- # }
- #}
- }
- [root@lnmp conf]# egrep -v "#|^$" nginx.conf.default
- worker_processes 1;
- events {
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- server {
- listen 80;
- server_name localhost;
- location / {
- root html;
- index index.html index.htm;
- }
- error_page 500 502 503 504 /50x.html; #出现对应的http状态码使用50x.html回应
- location = /50x.html { #location区块开始,访问50x.html
- root html; #指定对应的站点目录为html
- }
- }
- }
- [root@lnmp conf]# egrep -v "#|^$" nginx.conf.default >nginx.conf
搭建基于域名的虚拟主机
- [root@lnmp conf]# cat nginx.conf
- worker_processes 1; #worker进程的数量
- events { #事件区块开始
- worker_connections 1024; #每个worker进程支持的最大连接数
- } #事件区块开始
- http { #http区块开始
- include mime.types; #nginx支持的媒体类型库文件包含
- default_type application/octet-stream; #默认的媒体类型
- sendfile on; #开启高效传输模式
- keepalive_timeout 65; #连接超时
- server { #第一个server区块开始,表示一个独立的虚拟主机站点
- listen 80; #提供服务的端口,默认80
- server_name www.etiantian.org; #提供服务的域名主机名
- location / { #第一个location区块开始
- root html/www; #站点的根目录,相对于nginx安转目录
- index index.html index.htm; #默认的首页文件,多个用空格分开
- } #第一个localtion区块结果
- }
- server {
- listen 80;
- server_name bbs.etiantian.org;
- location / {
- root html/bbs;
- index index.html index.htm;
- }
- }
- }
- [root@lnmp conf]# mkdir ../html/{www,bbs} -p
- [root@lnmp conf]# tree ../html/
- ../html/
- ├── 50x.html
- ├── bbs
- ├── index2.html
- ├── index.html
- └── www
- [root@lnmp conf]# echo "www.etiantian.org" >../html/www/index.html
- [root@lnmp conf]# echo "bbs.etiantian.org" >../html/bbs/index.html
- [root@lnmp conf]# cat ../html/{www,bbs}/index.html
- www.etiantian.org
- bbs.etiantian.org
- [root@lnmp conf]# /application/nginx/sbin/nginx -t #检查语法
- nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
- nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
- [root@lnmp conf]# /application/nginx/sbin/nginx -s reload #重启
- [root@lnmp conf]# cat /etc/hosts
- 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
- ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
- 192.168.31.132 server
- 192.168.31.133 lamp
- 192.168.31.134 lnmp www.etiantian.org bbs.etiantian.org
- 192.168.31.136 backup
- [root@lnmp conf]# ping www.etiantian.org
- PING lnmp (192.168.31.134) 56(84) bytes of data.
- 64 bytes from lnmp (192.168.31.134): icmp_seq=1 ttl=64 time=0.084 ms
- 64 bytes from lnmp (192.168.31.134): icmp_seq=2 ttl=64 time=0.050 ms
- ^Z
- [5]+ Stopped ping www.etiantian.org
- [root@lnmp conf]# ping bbs.etiantian.org
- PING lnmp (192.168.31.134) 56(84) bytes of data.
- 64 bytes from lnmp (192.168.31.134): icmp_seq=1 ttl=64 time=0.034 ms
- 64 bytes from lnmp (192.168.31.134): icmp_seq=2 ttl=64 time=0.050 ms
- ^Z
- [6]+ Stopped ping bbs.etiantian.org
- [root@lnmp conf]# curl www.etiantian.org
- www.etiantian.org
- [root@lnmp conf]# curl bbs.etiantian.org
- bbs.etiantian.org
通过浏览器访问需要修改windows hosts文件(C:WindowsSystem32driversetc),加入192.168.31.134 www.etiantian.org bbs.etiantian.org。
基于域名的虚拟主机配置步骤
1、修改配置文件nginx.conf。
2、创建站点目录
3、检查语法,重新加载nginx。
4、配置hosts,测试。
基于端口的虚拟主机
- [root@lnmp conf]# cat nginx.conf
- worker_processes 1;
- events {
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- server {
- listen 8001;
- server_name www.etiantian.org;
- location / {
- root html/www;
- index index.html index.htm;
- }
- }
- server {
- listen 8002;
- server_name www.etiantian.org;
- location / {
- root html/bbs;
- index index.html index.htm;
- }
- }
- server {
- listen 8003;
- server_name www.etiantian.org;
- location / {
- root html/blog;
- index index.html index.htm;
- }
- }
- }
- [root@lnmp conf]# /application/nginx/sbin/nginx -t
- nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
- nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
- [root@lnmp conf]# /application/nginx/sbin/nginx -s reload
- [root@lnmp conf]# netstat -lntup|grep nginx
- tcp 0 0 0.0.0.0:8001 0.0.0.0:* LISTEN 3853/nginx
- tcp 0 0 0.0.0.0:8002 0.0.0.0:* LISTEN 3853/nginx
- tcp 0 0 0.0.0.0:8003 0.0.0.0:* LISTEN 3853/nginx
- [root@lnmp conf]# curl http://www.etiantian.org:8001
- www.etiantian.org
- [root@lnmp conf]# curl http://www.etiantian.org:8002
- bbs.etiantian.org
- [root@lnmp conf]# curl http://www.etiantian.org:8003
- blog.etiantian.org
基于IP的虚拟主机
- [root@lnmp conf]# ip addr add 192.168.31.135/24 dev eth0
- [root@lnmp conf]# ip addr
- 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
- link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
- inet 127.0.0.1/8 scope host lo
- inet6 ::1/128 scope host
- valid_lft forever preferred_lft forever
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
- link/ether 00:0c:29:03:06:08 brd ff:ff:ff:ff:ff:ff
- inet 192.168.31.134/24 brd 192.168.31.255 scope global eth0
- inet 192.168.31.135/24 scope global secondary eth0
- inet6 fe80::20c:29ff:fe03:608/64 scope link
- valid_lft forever preferred_lft forever
- [root@lnmp conf]# cat nginx.conf
- worker_processes 1;
- events {
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- server {
- listen 192.168.31.134:80;
- server_name www.etiantian.org;
- location / {
- root html/www;
- index index.html index.htm;
- }
- }
- server {
- listen 192.168.31.135:80;
- server_name www.etiantian.org;
- location / {
- root html/bbs;
- index index.html index.htm;
- }
- }
- }
- [root@lnmp conf]# /application/nginx/sbin/nginx -t
- nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
- nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
- [root@lnmp conf]# /application/nginx/sbin/nginx -s reload
- [root@lnmp conf]# curl 192.168.31.134
- www.etiantian.org
- [root@lnmp conf]# curl 192.168.31.135
- bbs.etiantian.org
删除添加的IP
- [root@lnmp conf]# ip addr del 192.168.31.135/24 dev eth0
- [root@lnmp conf]# ip addr
- 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
- link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
- inet 127.0.0.1/8 scope host lo
- inet6 ::1/128 scope host
- valid_lft forever preferred_lft forever
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
- link/ether 00:0c:29:03:06:08 brd ff:ff:ff:ff:ff:ff
- inet 192.168.31.134/24 brd 192.168.31.255 scope global eth0
- inet6 fe80::20c:29ff:fe03:608/64 scope link
- valid_lft forever preferred_lft forever