nginx实现动静分离

nginx实现动静分离

  • 1. 什么是动静分离
  • 2. nginx反向代理与负载均衡
  • 3. nginx实现负载均衡
  • 4. nginx实现动静分离

1. 什么是动静分离

动静分离主要是通过nginx+PHP-FPM来实现,其中nginx处理图片,html等静态的文件,PHP处理动态程序。

动静分离是指在web服务器架构中,将静态页面与动态页面或者静态内容接口和动态内容接口分开不同系统访问的架构设计方法,进而提升整个服务访问性能和可维护性。

简单点来说,就是用户在请求的时候,如果只是简单的访问图片,html等静态的请求时,nginx直接返回,如果是发送动态请求时候,需要程序进行就由nginx把请求发送给程序,进行动态处理。

2. nginx反向代理与负载均衡

  • nginx通常被用作后端服务器的反向代理,这样就可以很方便的实现动静分离以及负载均衡,从而大大提高服务器的处理能力。

  • nginx实现动静分离,其实就是在反向代理的时候,如果是静态资源,就直接从nginx发布的路径去读取,而不需要从后台服务器获取了。

  • 但是要注意,这种情况下需要保证后端跟前端的程序保持一致,可以使用Rsync做服务端自动同步或者使用NFS、MFS分布式共享存储。

  • Http Proxy模块,功能很多,最常用的是proxy_pass和proxy_cache

  • 如果要使用proxy_cache,需要集成第三方的ngx_cache_purge模块,用来清除指定的URL缓存。这个集成需要在安装nginx的时候去做,如:
    ./configure --add-module=…/ngx_cache_purge-1.0 …

  • nginx通过upstream模块来实现简单的负载均衡,upstream需要定义在http段内

  • 在upstream段内,定义一个服务器列表,默认的方式是轮询,如果要确定同一个访问者发出的请求总是由同一个后端服务器来处理,可以设置ip_hash,如:

upstream idfsoft.com {
  ip_hash;
  server 127.0.0.1:9080 weight=5;
  server 127.0.0.1:8080 weight=5;
  server 127.0.0.1:1111;
}

注意:这个方法本质还是轮询,而且由于客户端的ip可能是不断变化的,比如动态ip,代理,等,因此ip_hash并不能完全保证同一个客户端总是由同一个服务器来处理。

定义好upstream后,需要在server段内添加如下内容:

server {
  location / {
    proxy_pass http://idfsoft.com;
  }
}

3. nginx实现负载均衡

环境说明

系统 IP 服务 主机名
Redhat8.2 192.168.182.141 nginx LB
Redhat8.2 192.168.182.142 nginx rs1
Redhat8.2 192.168.182.143 httpd rs2

先在rs1和rs2上部署web服务器

[root@RS1 ~]# yum -y install nginx
[root@RS2 ~]# yum -y install httpd
[root@RS1 ~]# systemctl start nginx.service
[root@RS2 ~]# systemctl start httpd.service

nginx实现动静分离_第1张图片

nginx实现动静分离_第2张图片

修改LB主机上nginx的配置文件


upstream webserver {
        server 192.168.182.142;
        server 192.168.182.143;
     }

location / {
 44            proxy_pass http://webservers;
 45         }
[root@LB conf]# nginx -s reload

输入LB主机上的IP实现负载均衡
nginx实现动静分离_第3张图片

nginx实现动静分离_第4张图片

4. nginx实现动静分离

环境说明

系统 IP 服务 主机名
Redhat8.2 192.168.182.141 nginx dr
Redhat8.2 192.168.182.143 lnmp rs1
Redhat8.2 192.168.182.142 httpd rs2

首在rs1和rs2部署web服务的服务

rs1上部署lnmp
创建系统用户nginx
[root@RS1 ~]# useradd -r -M -s /sbin/nologin nginx

安装依赖环境
[root@RS1 ~]# yum -y install pcre-devel pcre gcc gcc-c++ openssl-devel zlib zlib-devel make vim wget openssl openssl-devel gd-devel

创建日志存放目录
[root@RS1 ~]# mkdir -p /var/log/nginx
[root@RS1 ~]# chown nginx.nginx /var/log/nginx/

下载nginx
[root@RS1 ~]# wget http://nginx.org/download/nginx-1.20.1.tar.gz

[root@RS1 ~]#  tar xf nginx-1.20.1.tar.gz 
[root@RS1 ~]# cd nginx-1.20.1/
[root@RS1 nginx-1.20.1]#  ./configure  --prefix=/usr/local/nginx  --user=nginx  --group=nginx  --with-debug  --with-http_ssl_module  --with-http_realip_module  --with-http_image_filter_module  --with-http_gunzip_module  --with-http_gzip_static_module  --with-http_stub_status_module  --http-log-path=/var/log/nginx/access.log  --error-log-path=/var/log/nginx/error.log

[root@RS1 nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install

[root@RS1 nginx-1.20.1]# cat > /usr/lib/systemd/system/nginx.service << EOF
[Unit]
Description=Nginx server daemon
After=network.target 

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx 
ExecStop=/usr/local/nginx/sbin/nginx -s quit
ExecReload=/bin/kill -HUP $MAINPID
EOF

[root@RS1 ~]# systemctl daemon-reload 
[root@RS1 ~]# systemctl enable --now nginx.service 


部署mysql
安装依赖包
[root@RS1 ~]# yum -y install gcc gcc-c++ make zlib zlib-devel pcre pcre-devel openssl openssl-devel ncurses-compat-libs perl ncurses-devel cmake

创建用户和组
[root@RS1 ~]# useradd -r -M -s /sbin/nologin mysql

下载MySQL的tar包
[root@RS1 ~]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz -P /usr/local
[root@RS1 local]# tar xf mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
[root@RS1 local]# ln -s /usr/local/mysql-5.7.34-linux-glibc2.12-x86_64/ /usr/local/mysql

添加环境变量
[root@RS1 local]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@RS1 local]#  source /etc/profile.d/mysql.sh 

创建数据存放目录
[root@RS1 local]# mkdir -p /opt/data
[root@RS1 local]# chown -R mysql.mysql /opt/data/

初始化数据库
[root@RS1 local]# mysqld --initialize-insecure --user mysql --datadir /opt/data/

生成配置文件
[root@RS1 ~]#  cat /etc/my.cnf
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve

配置服务启动的脚本
[root@RS1 ~]# vim /usr/local/mysql/support-files/mysql.server
basedir=/usr/local/mysql
datadir=/opt/data

配置系统服务使用systemctl来管理MySQL
[Unit]
Description=Mysql server daemon
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

[root@RS1 ~]# systemctl daemon-reload 
[root@RS1 ~]# systemctl enable --now mysqld.service

安装php
需要网络仓库:curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo

[root@RS1 ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel  pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd libsqlite3x-devel libzip-devel http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm

[root@RS1 ~]# wget https://www.php.net/distributions/php-8.0.11.tar.gz
[root@RS1 ~]# tar xf packages/php-8.0.11.tar.xz -C /usr/local/

[root@RS1 php-8.0.11]# ./configure --prefix=/usr/local/php8  --with-config-file-path=/etc --enable-fpm --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif  --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enable-posix

[root@RS1 php-8.0.11]# make && make install

配置环境变量
[root@RS1 ~]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php.sh
[root@RS1 ~]# source /etc/profile.d/php.sh

[root@RS1 php-8.0.11]# cp php.ini-production /etc/php.ini
[root@RS1 php-8.0.11]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@RS1 php-8.0.11]#  chmod +x /etc/rc.d/init.d/php-fpm
[root@RS1 php-8.0.11]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf

[root@RS1 php-8.0.11]#cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf

[root@RS1 php-8.0.11]# service php-fpm start

配置系统服务使用systemctl来管理PHP
[root@RS1 ~]# cp /usr/lib/systemd/system/mysql.service /usr/lib/systemd/system/php-fpm.service

[root@RS1 ~]# cat /usr/lib/systemd/system/php-fpm.service
[Unit]
Description=php server daemon
After=network.target 

[Service]
Type=forking
ExecStart=/etc/init.d/php-fpm start
ExecStop=/etc/init.d/php-fpm stop
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

[root@RS1 ~]# pkill php-fpm 
[root@RS1 ~]# systemctl daemon-reload 
[root@RS1 ~]# systemctl enable --now php-fpm.service

创建php访问界面
[root@RS1 ~]# vim /usr/local/nginx/html/index.php
[root@RS1 ~]# cat /usr/local/nginx/html/index.php

[root@RS1 ~]# vim /usr/local/nginx/conf/nginx.conf
location / {
       root   html;
       index  index.php index.html index.htm;   //修改这一行
    }
location ~ \.php$ {
       root           html;
       fastcgi_pass   127.0.0.1:9000;
       fastcgi_index  index.php;
       fastcgi_param  SCRIPT_FILENAME  $Document_Root$fastcgi_script_name;   //修改这一行
       include        fastcgi_params;
}
[root@RS1 ~]# systemctl restart nginx.service 

nginx实现动静分离_第5张图片

在rs2上安装httpd

[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# systemctl start httpd

nginx实现动静分离_第6张图片

在LB主机上操作

[root@DR ~]# vim /usr/local/nginx/conf/nginx.conf
#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    upstream static {
        server 192.168.182.142;    //设置静态访问
     }

    upstream dynamic {
        server 192.168.182.143;  //设置动态访问
     }

    server {
        listen       80;
        server_name  localhost;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        location / {
            proxy_pass http://static;   //处理静态资源
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        location ~ \.php$ {
            proxy_pass   http://dynamic;  //处理以.php结尾的动态资源。
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}


[root@DR ~]# nginx -s reload

nginx实现动静分离_第7张图片

nginx实现动静分离_第8张图片

你可能感兴趣的:(服务与集群,运维,linux,负载均衡,nginx,动静分离)