源代码:https://gitee.com/jiaodacailei/nginx-demo.git
文章目录
1.安装
1.检查并安装所需的依赖软件
1).gcc:nginx编译依赖gcc环境
安装命令:yum install gcc-c++
2).pcre:(Perl Compatible Regular Expressions)是一个Perl库,包括 perl 兼容的正则表达式库。nginx的http模块使用pcre来解析正则表达式.
安装命令:yum install -y pcre pcre-devel
3).zlib:该库提供了很多种压缩和解压缩的方式,nginx使用zlib对http包的内容进行gzip。
安装命令:yum install -y zlib zlib-devel
4).openssl:一个强大的安全套接字层密码库,囊括主要的密码算法、常用的密钥和证书封装管理功能及SSL协议,并提供丰富的应用程序供测试或其它目的使用。nginx不仅支持http协议,还支持https(即在ssl协议上传输http).
安装命令:yum install -y openssl openssl-devel
2.下载nginx源码包
下载命令:wget http://nginx.org/download/nginx-1.15.8.tar.gz
3.解压缩源码包并进入
1).解压缩:tar -zxvf nginx-1.15.8.tar.gz
2).进入解压缩后文件夹:cd nginx-1.15.8
4.配置编译参数命令:(可以使用./configure --help查询详细参数)
mkdir -p /var/temp/nginx
mkdir -p /var/run/nginx
./configure
–prefix=/usr/local/nginx
–pid-path=/var/run/nginx/nginx.pid
–lock-path=/var/lock/nginx.lock
–error-log-path=/var/log/nginx/error.log
–http-log-path=/var/log/nginx/access.log
–with-http_gzip_static_module
–http-client-body-temp-path=/var/temp/nginx/client
–http-proxy-temp-path=/var/temp/nginx/proxy
–http-fastcgi-temp-path=/var/temp/nginx/fastcgi
–http-uwsgi-temp-path=/var/temp/nginx/uwsgi
–http-scgi-temp-path=/var/temp/nginx/scgi
注:安装之前需要手动创建上面指定的nginx文件夹,即/var/temp、/var/temp/nginx、/var/run/nginx/文件夹,否则启动时报错
5.编译并安装
命令:make && make install
可以进入/usr/local/nginx查看文件是否存在conf、sbin、html文件夹,若存在则安装成功
2.使用
2.1.启动
执行命令启动nginx:
/usr/local/nginx/sbin/nginx
2.2.查看nginx进程并停止:
2.3.静态资源访问控制
修改 /usr/local/nginx/conf/nginx.conf文件:
红框中的配置表示:
对于该网站80端口的所有请求,都会映射到nginx安装目录下的html目录(/usr/local/nginx/html)
2.4.Location配置说明
location [=|||^~] uri {…}
功能:允许根据用户请求的URI来匹配定义的个location,匹配到时,此请求将被相应的location配置块中的配置所处理
=:表示精确匹配检查
~:正则表达式模式匹配检查,区分字符大小写
~:正则表达式模式匹配检查,不区分字符大小写
^~:URI的前半部分匹配,不支持正则表达式
!~:开头表示区分大小写的不匹配的正则
!~*:开头表示不区分大小写的不匹配的正则
/:通用匹配,任何请求都会被匹配到
3.采用动静分离发布一个springboot项目
https://gitee.com/jiaodacailei/nginx-demo.git
3.1.完成反向代理配置
实现简单的反向代理
修改nginx配置文件:/usr/local/nginx/conf/nginx.conf
红框中的配置,表示将对nginx主机80端口的所有请求,反向代理到http://localhost:8080/
需要将nginxapp在本机8080端口启动
Nginx配置文件:
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://localhost:8080/;
}
location ~ .*\.(html|js|css|png|jpeg|jpg|icon) {
root /root/hz1808/nginxappstatic;
index index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
配置完成后,需要重新加载nginx或者重启
/usr/local/nginx/sbin/nginx -s reload
注意:
3.2.上传资源
将项目的静态资源拷贝到linux的/root/hz1808/nginxappstatic目录下
将项目jar文件,上传至linux服务器并启动
运行命令:
java -jar /root/nginxapp/nginx-0.0.1-SNAPSHOT.jar
3.3.测试
3.4.总结
将一个springboot应用发布到linux,并采用nginx实现动静分离的步骤:
打包应用为jar文件
将项目中的静态资源上传至linux,例如将/nginx/src/main/resources/static的内容,上传至linux的/root/hz1808/nginxappstatic目录;
将jar文件上传至linux,并以非阻塞方式启动springboot应用;
配置nginx,并重新加载nginx配置
4.核心概念
4.1.代理
所有请求都需要经过代理,由代理转发所有请求给提供服务的系统
4.2.正向代理
用户的目标是请求目标服务器,但是自己无法达到,所以通过代理来达到。
4.3.反向代理
用户的目标就是代理,用户并不知道后面提供服务的目标服务器
5.动静分离
静态资源直接映射本地文件(或者访问另一台静态资源的nginx),动态资源采用反向代理映射到相应的服务器上
6.负载均衡(Load Balance)
6.1.物理架构
对192.168.23.144:80服务器(nginx)的同一url的请求,根据不同的策略,分发到192.168.23.144:8080或者192.168.23.144:8081服务器(tomcat)处理
6.2.代码修改
/nginx/src/main/java/com/qfedu/demo/springboot/nginx/MainController.java
6.3.发布应用
用8080端口发布应用
用8081发布应用,具体参照8080
将jar上传至linux
分别启动cmd命令行窗口连接linux服务器,以阻塞方式运行这两个程序
java -jar /root/nginxapp/nginx-8080-0.0.1-SNAPSHOT.jar
java -jar /root/nginxapp/nginx-8081-0.0.1-SNAPSHOT.jar
6.4.Nginx配置不同负载均衡策略
6.4.1.默认策略
配置:
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#配置负载均衡
upstream nginx_lb {
server localhost:8080;
server localhost:8081;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://nginx_lb/;
}
location ~ .*\.(html|js|css|png|jpeg|jpg|icon) {
root /root/hz1808/nginxappstatic;
index index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
测试:
现在访问如下url 30次:
http://192.168.23.144/lb
结果:
192.168.23.144:8080提供服务的次数:30 / 2
192.168.23.144:8081提供服务的次数:30 / 2
6.4.2.权重策略
在默认策略基础上配置红色部分即可:
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#配置负载均衡
upstream nginx_lb {
server localhost:8080 weight=10;
server localhost:8081 weight=5;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://nginx_lb/;
}
location ~ .*\.(html|js|css|png|jpeg|jpg|icon) {
root /root/hz1808/nginxappstatic;
index index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
测试:
现在访问如下url 30次:
http://192.168.23.144/lb
结果:
Tomcat1提供服务的次数:30 * 10 / (5 + 10) = 20
Tomcat2依次提供服务次数:30 * 5 / (5 + 10) = 10
6.4.3.iphash策略
在默认配置的基础上配置红色部分即可:
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#配置负载均衡
upstream nginx_lb {
ip_hash;
server localhost:8080;
server localhost:8081;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://nginx_lb/;
}
location ~ .*\.(html|js|css|png|jpeg|jpg|icon) {
root /root/hz1808/nginxappstatic;
index index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
测试:
现在访问如下url 30次:
http://192.168.23.144/lb
结果:
Tomcat1或者Tomcat2提供服务次数:30
7.高可用性(HA- high availablity)
保证提供的服务不间断
failover-故障切换
8.Session同步
1.Nginx采用iphash策略
2.tomcat配置session同步
3.不再使用session,而将用户信息放在redis中