Preparing the Environment
two front end of the scheduling server nginx:
nginx1: 192.168.0.1
nginx2: 192.168.0.2
nginx backend server page 8:
web1: 192.168.0.10
web2: 192.168.0.11
Web3: 192.168.0.12
WEB4: 192.168.0.13
WEB5: 192.168.0.14
Web 6: 192.168.0.15
web7: 192.168.0.16
web8: 192.168.0.17
keepaliveip a
keepalive: 192.168.0.3
ansible ready
Faster build using ansible
1. First, the host installation ansible
yum the install ansible -Y
2. configure the hosts address
vim / etc / ansible / hosts
[nginx]
nginx[1:2]
[web]
web[1:8]
[web-php]
web[1:4]
[web-nginx]
web[5:8]
NOTE: ssh port are all 22, or need another port configuration information
Address Configuration hosts ansible machine
vim / etc / hosts
192.168.0.1 nginx1
192.168.0.2 nginx2
192.168.0.10 web1
192.168.0.11 web2
192.168.0.12 web3
192.168.0.13 web4
192.168.0.14 web5
192.168.0.15 web6
192.168.0.16 web7
192.168.0.17 web8
Configuring public and private keys
ssh-keygen -t rsa -b 4096
where the private key is id_rsa
id_rsa.pub this is the public key
Copy the public key to the client and create permissions for the authorized_keys 600
and modify the / etc / ssh / sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication no
Configuring ansible first time you log yes do not enter
vim ansible.cfg
host_key_checking = False
5. Test environment preparation ansible
ansible web -m ping
all green returns a through, single fault single check.
The machine configuration repository yum, and rpm package produced nginx (basic operations, do not write here)
Repo will be configured to pass all the hosts file and install nginx
ansible all -m copy -a 'src=**.repo dest=/etc/yum.repo.d/'
6. edited nginx.conf transferred to the proxy server
ansible nginx -m copy -a '/usr/local/nginx/conf/'
Configuration is as follows
http {
.. ..
#使用upstream定义后端服务器集群,集群名称任意(如webserver)
#使用server定义集群中的具体服务器和端口
upstream webserver {
#通过ip_hash设置调度规则为:相同客户端访问相同服务器
#ip_hash;
#server 192.168.0.10:weight=1 max_fails=1 fail_timeout=30;
server 192.168.0.10:80;
server 192.168.0.11:80;
server 192.168.0.12:80;
server 192.168.0.13:80;
server 192.168.0.14:80;
server 192.168.0.15:80;
server 192.168.0.16:80;
server 192.168.0.17:80;
#weight设置服务器权重值,默认值为1
#max_fails设置最大失败次数
#fail_timeout设置失败超时时间,单位为秒
#down标记服务器已关机,不参与集群调度
}
.. ..
server {
listen 80;
server_name localhost;
location / {
#通过proxy_pass将用户的请求转发给webserver集群
proxy_pass http://webserver;
}
}
6. Restart nginx
/usr/local/nginx/sbin/nginx -s reload
7. Use curl to access test
8. The back-end web server configuration
back-end server need to install nginx, four front mounting php
front four packages need to be installed:
nginx, php, FPM-php, php-MySQL
the need to install four nginx
The first four file servers to be configured nginx.conf
location / {
root html;
index index.php index.html index.htm;
#设置默认首页为index.php,当用户在浏览器地址栏中只写域名或IP,不说访问什么页面时,服务器会把默认首页index.php返回给用户
}
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000; #将请求转发给本机9000端口,PHP解释器
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi.conf;
}
Create a php test page:
vim /usr/local/nginx/html/test1.php
<?php
$i="This is a test Page";
echo $i;
?>
Tuning configuration:
nginx.conf file
http {
client_header_buffer_size 1k; //默认请求包头信息的缓存
large_client_header_buffers 4 4k; //大请求包头部信息的缓存个数与容量
gzip on; //开启压缩
gzip_min_length 1000; //小文件不压缩
gzip_comp_level 4; //压缩比率
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
//对特定文件压缩,类型参考mime.types
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
//设置服务器最大缓存2000个文件句柄,关闭20秒内无请求的文件句柄
//文件句柄的有效时间是60秒,60秒后过期
//只有访问次数超过5次会被缓存
.. ..
}
worker_processes 2; ##与CPU核心数量一致
events {
worker_connections 65535; ##每个worker最大并发连接数
use epoll;
}
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 30d; //定义客户端缓存时间为30天
}
error_page 404 /40x.html; //自定义错误页面
Optimize the kernel:
ulimit -a // view all property values
ulimit -Hn 100000 // set a hard limit (temporary rule)
ulimit -Sn 100000 // Set the limit (temporary rule)
vim /etc/security/limits.conf
... ...
-
soft nofile 100000
-
hard nofile 100000
Tuning configuration must restart nginx
Cutting logs
1. Manually execute
mv access.log access2.log
the kill -USR1 $ (CAT /usr/local/nginx/logs/nginx.pid)
Note: /usr/local/nginx/logs/nginx.pid file is stored in nginx process PID number.
or
AutoComplete
vim /usr/local/nginx/logbak.sh
#!/bin/bash
date=`date +%Y%m%d`
logpath=/usr/local/nginx/logs
mv $logpath/access.log $logpath/access-$date.log
mv $logpath/error.log $logpath/error-$date.log
kill -USR1 $(cat $logpath/nginx.pid)
crontab -e
03 03 * * 5 /usr/local/nginx/logbak.sh
Additional
View server status:
you need to add modules -with-http_stub_status_module compile the installation
to modify the configuration file defines the status page
vim /usr/local/nginx/conf/nginx.conf
… …
location /status {
stub_status on;
#allow IP地址;
#deny IP地址;
}
… …
Restart nginx
curl HTTP: // ip / Status can see the access to the information
details are as follows:
the Active Connections: number of connections currently active.
Accepts: has accepted the total number of connections clients.
Handled: the total number of connections has been handling clients.
(Consistent with generally accepts, unless the server limits the number of connections).
Requests: number of requests sent by the client.
Reading: The current server is reading the number of head of client requests.
Writing: The current server is written in response to the amount of information.
Waiting: The current number of customers waiting for the server-side response.
Address Rewriting
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name localhost;
#rewrite /a.html /b.html;
#访问a.html重定向到b.html
或
#rewrite /a.html /b.html redirect;
#访问a.html重定向到b.html(跳转地址栏)
或者
#访问192.168.0.5的请求重定向至www.ccc.cn
#rewrite ^/ http://www.ccc.cn/;
或
#rewrite ^/(.*)$ http://www.dd.cn/$1;
#修改配置文件(访问192.168.0.5/下面子页面,重定向至www.dd.cn/下相同的页面)
location / {
root html;
index index.html index.htm;
}
#这里,~符号代表正则匹配,*符号代表不区分大小写
if ($http_user_agent ~* firefox) { //识别客户端firefox浏览器
rewrite ^(.*)$ /firefox/$1;
#实现curl和火狐访问相同链接返回的页面不同
}
Address Rewriting format [summary]
rewrite the old address of the new address [Options];
Last no longer read other rewrite
BREAK no longer read other statements, the end of the request
redirect temporary redirect
permament permanent redirects