Nginx日常学习
k8s简单搭建
[root@tom config]# pwd
/test/nginx-test/config
[root@tom config]#
[root@tom config]#
[root@tom config]#
[root@tom config]# ll
total 4
-rw-r--r-- 1 root root 3300 Dec 21 19:11 nginx.conf
[root@tom config]# cat nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
log_format myFormat '
remote_addr => $remote_addr
binary_remote_addr => $binary_remote_addr
remote_port => $remote_port
remote_user => $remote_user
host => $host
request => $request
request_filename => $request_filename
status => $status
body_bytes_sent => $body_bytes_sent
content_length => $content_length
content_type => $content_type
http_referer => $http_referer
http_user_agent => $http_user_agent
args => $args
document_uri => $document_uri
document_root => $document_root
hostname => $hostname
http_cookie => $http_cookie
cookie_COOKIE => $cookie_COOKIE
is_args => $is_args
limit_rate => $limit_rate
query_string => $query_string
realpath_root => $realpath_root
request_body => $request_body
request_body_file => $request_body_file
request_method => $request_method
request_uri => $request_uri
scheme => $scheme
uri => $uri
request_completion => $request_completion
server_protocol => $server_protocol
server_addr => $server_addr
server_name => $server_name
server_port => $server_port';
# access_log logs/access.log myFormat;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
access_log /var/log/nginx/host.access.log myFormat;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
}
[root@tom config]# cd ../logs/
[root@tom logs]# pwd
/test/nginx-test/logs
[root@tom logs]#
[root@tom logs]#
[root@tom logs]#
[root@tom logs]# ll
total 40
-rw-r--r-- 1 101 root 3820 Dec 21 19:10 access.log
-rw-r--r-- 1 101 root 320 Dec 21 19:08 error.log
-rw-r--r-- 1 101 root 28828 Dec 21 19:16 host.access.log
[root@tom logs]#
[root@tom logs]#
deploy.yml&svc.yml
[root@tom nginx-test]# cat deploy.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nginx100
spec:
selector:
matchLabels:
app: web_server
replicas: 1
serviceName: nginx-test
template:
metadata:
labels:
app: web_server
spec:
containers:
- name: nginx
image: nginx:1.17.6
command: ["nginx", "-c","/etc/nginx/conf.d/nginx.conf", "-g", "daemon off;"]
ports:
- containerPort: 80
# hostPort: 18888
volumeMounts:
- mountPath: /etc/nginx/conf.d
name: conf
- mountPath: /var/log/nginx
name: logs
volumes:
- hostPath:
path: /test/nginx-test/config
name: conf
- hostPath:
path: /test/nginx-test/logs
name: logs
[root@tom nginx-test]# cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service-nodeport
spec:
ports:
- port: 8000
targetPort: 80
protocol: TCP
nodePort: 30080
type: NodePort
selector:
app: web_server
[root@tom nginx-test]#
1、nginx的常用变量
remote_addr #客户端ip,如:192.168.4.2
binary_remote_addr #客户端ip(二进制)
remote_port #客户端port,如:50472
remote_user #已经经过Auth Basic Module验证的用户名
host #请求主机头字段,否则为服务器名称,如:dwz.stamhe.com
request #用户请求信息,如:GET /?_a=index&_m=show&count=10 HTTP/1.1
request_filename #当前请求的文件的路径名,由root或alias和URI request组合而成,如:/webserver/htdocs/dwz/index.php
status #请求的响应状态码,如:200
body_bytes_sent #响应时送出的body字节数数量。即使连接中断,这个数据也是精确的,如:40
content_length #请求头中的Content-length字段
content_type #请求头中的Content-Type字段
http_referer #引用地址
http_user_agent #客户端agent信息,如:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11
args #如:_a=index&_m=show&count=10
document_uri #与$uri相同,如:/index.php
document_root #针对当前请求的根路径设置值,如:/webserver/htdocs/dwz
hostname #如:centos53.localdomain
http_cookie #客户端cookie信息
cookie_COOKIE #cookie COOKIE变量的值
is_args #如果有$args参数,这个变量等于”?”,否则等于”",空值,如?
limit_rate #这个变量可以限制连接速率,0表示不限速
query_string #与$args相同,如:_a=index&_m=show&count=10
realpath_root #如:/webserver/htdocs/dwz
request_body #记录POST过来的数据信息
request_body_file #客户端请求主体信息的临时文件名
request_method #客户端请求的动作,通常为GET或POST,如:GET
request_uri #包含请求参数的原始URI,不包含主机名,如:”/foo/bar.php?arg=baz”。不能修改。如:/index.php?_a=index&_m=show&count=10
scheme #HTTP方法(如http,https),如:http
uri #如:/index.php
request_completion #如果请求结束,设置为OK. 当请求未结束或如果该请求不是请求链串的最后一个时,为空(Empty),如:OK
server_protocol #请求使用的协议,通常是HTTP/1.0或HTTP/1.1,如:HTTP/1.1
server_addr #服务器地址,在完成一次系统调用后可以确定这个值,如:192.168.4.129
server_name #服务器名称,如:dwz.stamhe.com
server_port #请求到达服务器的端口号,如:80
log_format myFormat '
remote_addr => $remote_addr
binary_remote_addr => $binary_remote_addr
remote_port => $remote_port
remote_user => $remote_user
host => $host
request => $request
request_filename => $request_filename
status => $status
body_bytes_sent => $body_bytes_sent
content_length => $content_length
content_type => $content_type
http_referer => $http_referer
http_user_agent => $http_user_agent
args => $args
document_uri => $document_uri
document_root => $document_root
hostname => $hostname
http_cookie => $http_cookie
cookie_COOKIE => $cookie_COOKIE
is_args => $is_args
limit_rate => $limit_rate
query_string => $query_string
realpath_root => $realpath_root
request_body => $request_body
request_body_file => $request_body_file
request_method => $request_method
request_uri => $request_uri
scheme => $scheme
uri => $uri
request_completion => $request_completion
server_protocol => $server_protocol
server_addr => $server_addr
server_name => $server_name
server_port => $server_port';
access_log logs/access.log myFormat;
通过nginx的日志答应出来有:
remote_addr => 172.17.0.1
binary_remote_addr => \xAC\x11\x00\x01
remote_port => 61407
remote_user => -
host => 192.168.11.110
request => GET /index.html?fdfdfdf HTTP/1.1
request_filename => /usr/share/nginx/html/index.html
status => 304
body_bytes_sent => 0
content_length => -
content_type => -
http_referer => -
http_user_agent => Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
args => fdfdfdf
document_uri => /index.html
document_root => /usr/share/nginx/html
hostname => nginx100-0
http_cookie => csrftoken=rXoZQHT46CphFKh1Ozy0RYKIUB3xKM8DvTXMQQzvV8GfQvhn41JYdeOs10IIlOTb; sessionid=s3wwrn1erqsdmsx9tdnqjuxlmurcpz0h
cookie_COOKIE => -
is_args => ?
limit_rate => 0
query_string => fdfdfdf
realpath_root => /usr/share/nginx/html
request_body => -
request_body_file => -
request_method => GET
request_uri => /index.html?fdfdfdf
scheme => http
uri => /index.html
request_completion => OK
server_protocol => HTTP/1.1
server_addr => 172.17.0.5
server_name => localhost
server_port => 80
使用http_cookie和cookie_COOKIE可以打印出cookie的信息哦
request_uri是整个URL的值,包括查询字符串的值
2、Controlling nginx
[root@tom ~]# nginx -h
nginx version: nginx/1.16.1
Usage: nginx [-?hvVtTq] [-s signal] [-c filename] [-p prefix] [-g directives]
Options:
-?,-h : this help
-v : show version and exit
-V : show version and configure options then exit
-t : test configuration and exit
-T : test configuration, dump it and exit
-q : suppress non-error messages during configuration testing
-s signal : send signal to a master process: stop, quit, reopen, reload
-p prefix : set prefix path (default: /usr/share/nginx/)
-c filename : set configuration file (default: /etc/nginx/nginx.conf)
-g directives : set global directives out of configuration file
[root@tom ~]#
[root@tom ~]#
使用 kill -HUP pid == nginx -s reload
使用 kill -USR1 pid == nginx -s reopen重新打开日志文件
3、default_server 侦听端口的属性
server {
listen 80;
server_name example.org www.example.org;
...
}
server {
listen 80;
server_name example.net www.example.net;
...
}
server {
listen 80;
server_name example.com www.example.com;
...
}
nginx 会判断请求头中的Host字段。如果它的值与任何服务器名称不匹配,或者请求根本没有包含这个头域,那么nginx会将请求路由到这个端口的默认服务器。 在上面的配置中,默认服务器是第一个 - 这是nginx的标准默认行为。 它也可以明确地设置哪个服务器应该是默认的,在listen指令中使用default_server参数:
server {
listen 80 default_server;
server_name example.net www.example.net;
...
}
请注意,默认服务器是侦听端口的属性,而不是服务器名称的属性。
4、location
Note that locations of all types test only a URI part of request line without arguments. This is done because arguments in the query string may be given in several ways, for example:
/index.php?user=john&page=1
/index.php?page=1&user=john
Besides, anyone may request anything in the query string:
/index.php?page=1&something+else&user=john
请注意,所有类型的位置仅测试没有参数的请求行的URI部分。这是因为查询字符串中的参数可能以多种方式给出,例如:
/index.php?user=john&page=1
/index.php?page=1&user=john
此外,任何人都可以在查询字符串中请求任何内容
/index.php?page=1&something+else&user=john
那如何验证呢?
# 验证location是测试没有查询字符串的uri
location ~ /noQueryTest {
default_type text/html ;
return 601 '============================== /noQueryTest 验证location是测试没有查询字符串的uri ==============================';
}
# 验证location是测试没有查询字符串的uri
location ~ /noQueryTest/ {
default_type text/html ;
return 601 '============================== /noQueryTest/ 验证location是测试没有查询字符串的uri 但是上一个location会先返回 ==============================';
}
注意,正则一旦匹配上就立刻回去了
因此,如果还有正则比这个location匹配返回还广,nginx也不会去处理,他立刻就返回咯。
location匹配规则
盗图来自location匹配规则
小结
location 的^~和正则我的理解是他两干上了,只要谁排队排到了前面,一旦匹配上了,就回到浏览器咯。
看看我上面的错误理解。。。。。我觉得nginx是不是在内存中先把各种location按照类型先排序,在同一个类型中,按照先后顺序排序
location ~ ^/public/first\.html$ {
default_type text/html ;
return 633 '============================== 正则匹配633_1【location ~ \/public\/first\.html】 ==============================';
}
location ^~ /public/first.html {
default_type text/html ;
return 623 '============================== 优于正则匹配623_1【location ^~ /public/first.html】 ==============================';
}
5.中文乱码
修改字符集为charset utf-8;
server {
listen 8080;
server_name localhost;
#charset koi8-r;
charset utf-8;
6.日志切割
#!/bin/bash
base_path='/usr/local/nginx/logs'
log_path=$(date -d yesterday +"%Y%m")
day=$(date -d yesterday +"%d")
mkdir -p $base_path/$log_path
mv $base_path/access.log $base_path/$log_path/access_$day.log
#echo $base_path/$log_path/access_$day.log
kill -USR1 `cat /usr/local/nginx/logs/nginx.pid`
#Crontab 编辑定时任务
01 00 * * * /xxx/path/b.sh 每天0时1分(建议在02-04点之间,系统负载小)