Article Directory
=====================================================
Basic knowledge of Nginx virtual host
Virtual host
Virtual host is a special software and hardware technology. It can divide each computer on the network into multiple virtual hosts. Each virtual host can independently provide www services to the outside world, so that one host can provide multiple external Each web service is independent of each virtual host, and
nginx can realize virtual host configuration without affecting each other . Nginx supports three types of virtual host configuration.
1. Virtual host based on domain name (server_name to distinguish virtual host-application: external website)
2. IP-based virtual host (a host is bound to multiple ip addresses)
3. Port-based virtual host (port to distinguish virtual Host-application: the company's internal website, external website management background)
Based on one, the other two will be the same, not even writing
Supplement: If the configuration cannot be accessed normally, the
problem description: After configuring the two virtual machines of nginx, the client can access the original server, the newly added server virtual machine cannot access, and the error page 403 denies access, troubleshooting ideas
View the error log (found the error log)
Check permissions
Check nginx startup process
Modify the nginx.conf file and reload the nginx process
Nginx virtual host experiment operation
[root@sun conf.d]# nginx -v
nginx version: nginx/1.18.0
First do the simple port, then
copy the default.conf for the ip and domain name to do the experiment, and then restore. When you specify the website home directory, do not specify the system directory such as /mnt/opt to prevent errors.
Three virtual host pages, web , Doc, download
1. Virtual host based on port division, 80, 81, 82
[root@sun ~]# cd /etc/nginx/conf.d/
[root@sun conf.d]# ls
default.conf
[root@sun conf.d]# cp default.conf default.conf.bak
[root@sun conf.d]# ls
default.conf.bak
[root@sun conf.d]# mv default.conf port.conf
[root@sun conf.d]# ls
default.conf.bak port.conf
[root@sun conf.d]# vim port.conf
Sub-configuration file, only dry goods
server {
listen 80;
location / {
¦ root /mnt/web;
¦ index index.html index.htm;
}
}
server {
listen 81;
location / {
¦ root /mnt/doc;
¦ index index.html index.htm;
}
}
server {
listen 82;
location / {
¦ root /mnt/download;
¦ index index.html index.htm;
}
}
[root@sun conf.d]# mkdir /mnt/web
[root@sun conf.d]# touch /mnt/web/index.html
[root@sun conf.d]# echo "<p>web界面</p>" > /mnt/web/index.html
[root@sun conf.d]# cat /mnt/web/index.html
<p>web界面</p>
[root@sun conf.d]# mkdir /mnt/doc
[root@sun conf.d]# touch /mnt/doc/index.html
[root@sun conf.d]# echo "<p>doc界面</p>" > /mnt/doc/index.html
[root@sun conf.d]# cat /mnt/doc/index.html
<p>doc界面</p>
[root@sun conf.d]# mkdir /mnt/download
[root@sun conf.d]# touch /mnt/download/index.html
[root@sun conf.d]# echo "<p>download界面</p>" > /mnt/download/index.html
[root@sun conf.d]# cat /mnt/download/index.html
<p>download界面</p>
[root@sun conf.d]# nginx -s reload
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81 *:*
LISTEN 0 128 *:82 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
Browser access verification (don't care about Chinese garbled characters)
2. Dividing virtual hosts based on ip
There are multiple network cards with multiple king network cards, if not, add more ip
[root@sun conf.d]# ifconfig enp0s25:0 10.11.67.219/24
[root@sun conf.d]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:21:cc:61:f9:57 brd ff:ff:ff:ff:ff:ff
inet 10.11.67.119/24 brd 10.11.67.255 scope global noprefixroute dynamic enp0s25
valid_lft 385sec preferred_lft 385sec
inet 10.11.67.31/24 brd 10.11.67.255 scope global secondary noprefixroute enp0s25
valid_lft forever preferred_lft forever
inet 10.11.67.219/24 brd 10.11.67.255 scope global secondary enp0s25:0
valid_lft forever preferred_lft forever
inet6 fe80::221:ccff:fe61:f957/64 scope link
valid_lft forever preferred_lft forever
临时加ip不要重启网络
My three ip
10.11.67.31
10.11.67.119
10.11.67.219
What must be done is to complete the sub-configuration file and release the port
sub-configuration file
[root@sun conf.d]# mv port.conf ip.conf
[root@sun conf.d]# vim ip.conf
server {
listen 10.11.67.31:80;
location / {
¦ root /mnt/web;
¦ index index.html index.htm;
}
}
server {
listen 10.11.67.119:80;
location / {
¦ root /mnt/doc;
¦ index index.html index.htm;
}
}
server {
listen 10.11.67.219:80;
location / {
¦ root /mnt/download;
¦ index index.html index.htm;
}
}
[root@sun conf.d]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81 *:*
LISTEN 0 128 *:82 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@sun conf.d]# nginx -s reload
[root@sun conf.d]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81 *:*
LISTEN 0 128 *:82 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
重新加载配置文件,不能释放端口
nginx -s reopen
nginx s stop
都失败
只能来点狠招数
[root@sun conf.d]# killall -9 nginx
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@sun conf.d]# nginx
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 10.11.67.219:80 *:*
LISTEN 0 128 10.11.67.119:80 *:*
LISTEN 0 128 10.11.67.31:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
Browser access verification
3. Dividing virtual hosts based on domain names
The client does domain name resolution (liunx as an example)
web.com
doc.com
download.com
vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.11.67.31 web.com doc.com download.com
Child profile
[root@sun conf.d]# mv ip.conf download.conf
[root@sun conf.d]# ls
default.conf.bak download.conf
[root@sun conf.d]# vim download.conf
server {
listen 80;
¦ server_name web.com;
location / {
¦ root /mnt/web;
¦ index index.html index.htm;
}
}
server {
listen 80;
¦ server_name doc.com;
location / {
¦ root /mnt/doc;
¦ index index.html index.htm;
}
}
server {
listen 80;
¦ server_name download.com;
location / {
¦ root /mnt/download;
¦ index index.html index.htm;
}
}
[root@sun conf.d]# nginx -s reload
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 10.11.67.219:80 *:*
LISTEN 0 128 10.11.67.119:80 *:*
LISTEN 0 128 10.11.67.31:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@sun conf.d]# killall -9 nginx
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@sun conf.d]# nginx
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
Browser access verification
Clean up the environment
[root@sun conf.d]# ls
default.conf.bak download.conf
[root@sun conf.d]# rm -rvf download.conf
已删除"download.conf"
[root@sun conf.d]# mv default.conf.bak default.conf
[root@sun conf.d]# killall -9 nginx
[root@sun conf.d]# nginx
[root@sun conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 32 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*