nginx基础知识
简介
- nginx是主流的web服务器
- LNMP是创业公司的主要架构
- nginx的官网: http://nginx.org
源码编译安装nginx
- 环境:centos7
- 关闭selinux,firewalld
[root@centos7-node8 ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
[root@centos7-node8 ~]# systemctl stop firewalld && systemctl disable firewalld && reboot -f
- 下载地址:http://nginx.org/download/nginx-1.18.0.tar.gz
- 安装
[root@centos7-node8 ~]# yum -y install gcc make pcre-devel pcre zlib openssl openssl-devel zlib-devel tree
[root@centos7-node8 ~]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@centos7-node8 ~]# mkdir /data/applications -p
[root@centos7-node8 ~]# tar xf nginx-1.18.0.tar.gz && cd nginx-1.18.0
[root@centos7-node8 nginx-1.18.0]# ./configure --prefix=/data/applications/nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
[root@centos7-node8 nginx-1.18.0]# make && make install
[root@centos7-node8 nginx-1.18.0]# /data/applications/nginx/sbin/nginx -V # 查看版本
- 配置
[root@centos7-node8 ~]# vim /etc/profile
export NGINX_HOME="/data/applications/nginx"
export PATH=$PATH:$NGINX_HOME/sbin
[root@centos7-node8 ~]# source /etc/profile
- 服务管理
[root@centos7-node8 ~]# nginx #启动nginx
[root@centos7-node8 ~]# nginx -t #测试配置
[root@centos7-node8 ~]# nginx -s reload #重载配置
[root@centos7-node8 ~]# nginx -s stop #关闭nginx
[root@centos7-node8 ~]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/data/applications/nginx/sbin/nginx
[Install]
WantedBy=multi-user.target
[root@centos7-node8 ~]# systemctl start nginx #启动nginx
[root@centos7-node8 ~]# systemctl status nginx
[root@centos7-node8 ~]# systemctl restart nginx && systemctl enable nginx #开机自启动
- 测试
浏览器访问http://nginxIP 即可
制作nginxRPM安装包
- 环境准备
[root@centos7-node8 ~]# yum -y install rpmbuild rpmdevtools #工具安装
[root@centos7-node8 ~]# systemctl stop nginx && rm -fr /data/applications/nginx/ #关闭并删除之前的nginx
[root@centos7-node8 ~]# rpmdev-setuptree #生成rpm制作环境目录
[root@centos7-node8 ~]# cd ~/rpmbuild/ #进入目录
[root@centos7-node8 rpmbuild]# tree ./
./
├── BUILD
├── RPMS
├── SOURCES
├── SPECS
└── SRPMS
- 开始制作RPM
[root@centos7-node8 ~]# cd ~/rpmbuild/SOURCES/ && wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@centos7-node8 SOURCES]# cd ~/rpmbuild/SPECS/
[root@centos7-node8 SPECS]# vim nginx.spec
Name: nginx
Version: 1.18.0
Release: el7
Summary: nginx
Group: DevlopMent/Tools
License: GPL
URL: http://127.0.0.1
Source0: %{name}-%{version}.tar.gz
BuildRequires: gcc make
Requires: pcre pcre-devel openssl openssl-devel zlib zlib-devel
%description
%prep
%setup -q
%build
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
make
%install
make DESTDIR=%{buildroot} install
%files
/usr/local/nginx/*
%doc
%changelog
[root@centos7-node8 SPECS]# rpmbuild -bb nginx.spec #生成rpm包
[root@centos7-node8 SPECS]# ls ~/rpmbuild/RPMS/x86_64/ #生成到的位置
[root@centos7-node8 SPECS]# cd ~/rpmbuild/RPMS/x86_64/
[root@centos7-node8 x86_64]# yum -y localinstall nginx-1.18.0-el7.x86_64.rpm #本地安装
nginx配置文件解析
user nobody;
worker_processes auto;
error_log logs/error.log warn;
events {
worker_connections 60000;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
- user: 指定work进程用户,不要使用root
- worker_processes: work进程数,用于处理请求,auto会根据服务器核心数创建work进程
- error_log: 错误日志定义,级别设置成warn
- worker_connections: work进程链接数设置,根据服务器配置尽量大点
[root@centos7-node8 conf]# vim /etc/security/limits.conf
* soft noproc 65535
* hard noproc 65535
* soft nofile 65535
* hard nofile 65535
include mime.types;
指定网页解析类型,(mime.types会制定不同类型的文件供浏览器请求解析)default_type application/octet-stream;
默认格式则不会被浏览器解析,直接解析,这个取决于mime.types 文件的定义keepalive_timeout 65;
: 请求完成65秒断开链接,也可以设置成0。保证更多的请求
[root@centos7-node8 x86_64]# tcpdump -i any -nn 'port 80 and host 192.168.56.1' #请求抓包测试
- server: 配置虚拟主机
- location: 请求定位
nginx日志定义
Nginx日志变量
- $remote_addr表示客户端IP,$time_local表示请求时间
- $request包含请求方法、请求的url、请求的协议
- $status表示响应状态码,$body_bytes_sent表示 响应的body的大小
- $http_referer表示请求的referer, $http_user_agent表示请求的客户端类型
- $http_x_forwarded_for可记录代理IP
更多的日志变量
- http://nginx.org/en/docs/varindex.html
- $remote_port、$time_iso8601、$uri
- $request_time、$upstream_response_time
Nginx使用Json格式日志
- 方便elk日志采集
log_format main '$remote_addr - $remote_user [$time_iso8601] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format json '{"@timestamp":"$time_iso8601",'
'"remote_ip":"$remote_addr",'
'"status":$status,'
'"bytes":$body_bytes_sent,'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"request_time":$request_time,'
'"request":"$uri"}';
nginx 的location
- 属于server容器
-
location 正则匹配规则
- 以
cropy
开头:location ~ /^cropy {}
- 以
php
结尾:location ~ \.php$ {}
- 以
png,jpg
结尾:location ~ \.(png|jpg)$ {}
- 忽略大小写:
location ~* \.(png|jpg)$ {}
- 以
-
location 优先级
- 通用匹配:第二种的优先级比较高
1. location / {} 2. location /abc {} #高优先级
- 通用匹配和正则匹配的优先级: 2的优先级比较高
1. location /abc {} 2. location ~ ^/abc {} #高优先级
- 通用匹配之间的优先级: 第一个优先级比较高
1. location ~ /^abc {} #高优先级 2. location ~/^abc/def {}
- 精准匹配和正则匹配的优先级: 精准匹配的优先级会高(但是必须要精准)
1. location ~ /^abc {} 2. location = /abc/def {} #优先级
- 总结
- 精准匹配
>
正则匹配>
通用匹配 - 正则多次命中,选第一个命中的location, 后面不在匹配
- 通用多个命中,选匹配度最高的
- 精准匹配
nginx的root和alias配置
两个配置的区别:
- root配置: 客户端请求http://www.baidu.com/img/a.html, 对应服务器的html/img/a.html
- alias配置: 客户端请求http://www.baidu.com/img/a.html,对应服务器的html/a.html
# root配置
location /img/ {
root html/img/ ;
}
#alias配置
location /img/ {
alias html/;
}
nginx虚拟主机配置
-
功能:
- 一台服务器可以配置多特域名
- 每个域名的网站内容是独立的
- nginx配置文件简化
[root@centos7-node8 nginx]# cat conf/nginx.conf
user nobody;
worker_processes auto;
error_log logs/error.log warn;
events {
worker_connections 60000;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_iso8601] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format json '{"@timestamp":"$time_iso8601",'
'"remote_ip":"$remote_addr",'
'"status":$status,'
'"bytes":$body_bytes_sent,'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"request_time":$request_time,'
'"request":"$uri"}';
access_log logs/access.log json;
sendfile on;
keepalive_timeout 0;
gzip on;
include vhosts/*.conf; #多配置文件
}
- 在nginx安装目录下创建vhosts目录,然后写入配置文件即可
[root@centos7-node8 nginx]# mkdir vhosts
[root@centos7-node8 nginx]# vim vhosts/localhost.conf
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}