nginx反向代理配置
36套java进阶高级架构师视频+38套大数据视频 保证全是硬货需要的
+微信:
du13797566440
1.在windows7上安装Nginx
Nginx 安装配置
Nginx("engine x")是一款是由俄罗斯的程序设计师Igor Sysoev所开发高性能的 Web和 反向代理 服务器,也是一个 IMAP/POP3/SMTP 代理服务器。
在高连接并发的情况下,Nginx是Apache服务器不错的替代品。
Nginx 安装
系统平台:CentOS release 6.6 (Final) 64位。
一、安装编译工具及库文件
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel
二、首先要安装 PCRE
PCRE 作用是让 Nginx 支持 Rewrite 功能。
1、下载 PCRE 安装包,下载地址: http://downloads.sourceforge.net/project/pcre/pcre/8.35/pcre-8.35.tar.gz
[[email protected] src]# wget http://downloads.sourceforge.net/project/pcre/pcre/8.35/pcre-8.35.tar.gz
2、解压安装包:
[[email protected] src]# tar zxvf pcre-8.35.tar.gz
3、进入安装包目录
[[email protected] src]# cd pcre-8.35
4、编译安装
[[email protected] pcre-8.35]# ./configure [[email protected] pcre-8.35]# make && make install
5、查看pcre版本
[[email protected] pcre-8.35]# pcre-config --version
安装 Nginx
1、下载 Nginx,下载地址:http://nginx.org/download/nginx-1.6.2.tar.gz
[[email protected] src]# wget http://nginx.org/download/nginx-1.6.2.tar.gz
2、解压安装包
[[email protected] src]# tar zxvf nginx-1.6.2.tar.gz
3、进入安装包目录
[[email protected] src]# cd nginx-1.6.2
4、编译安装
[[email protected] nginx-1.6.2]# ./configure --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/usr/local/src/pcre-8.35 [[email protected] nginx-1.6.2]# make [[email protected] nginx-1.6.2]# make install
5、查看nginx版本
[[email protected] nginx-1.6.2]# /usr/local/webserver/nginx/sbin/nginx -v
到此,nginx安装完成。
Nginx 配置
创建 Nginx 运行使用的用户 www:
[[email protected] conf]# /usr/sbin/groupadd www [[email protected] conf]# /usr/sbin/useradd -g www www
配置nginx.conf ,将/usr/local/webserver/nginx/conf/nginx.conf替换为以下内容
[[email protected] conf]# cat /usr/local/webserver/nginx/conf/nginx.conf user www www; worker_processes 2; #设置值和CPU核心数一致 error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; #日志位置和日志级别 pid /usr/local/webserver/nginx/nginx.pid; #Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" $http_x_forwarded_for'; #charset gb2312; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 8m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; #limit_zone crawler $binary_remote_addr 10m; #下面是server虚拟主机的配置 server { listen 80;#监听端口 server_name localhost;#域名 index index.html index.htm index.php; root /usr/local/webserver/nginx/html;#站点目录 location ~ .*\.(php|php5)?$ { #fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$ { expires 30d; # access_log off; } location ~ .*\.(js|css)?$ { expires 15d; # access_log off; } access_log off; } }
检查配置文件ngnix.conf的正确性命令:
[[email protected] conf]# /usr/local/webserver/nginx/sbin/nginx -t
启动 Nginx
Nginx 启动命令如下:
[[email protected] conf]# /usr/local/webserver/nginx/sbin/nginx
访问站点
从浏览器访问我们配置的站点ip:
Nginx 其他命令
以下包含了 Nginx 常用的几个命令:
/usr/local/webserver/nginx/sbin/nginx -s reload # 重新载入配置文件 /usr/local/webserver/nginx/sbin/nginx -s reopen # 重启 Nginx /usr/local/webserver/nginx/sbin/nginx -s stop # 停止 Nginx
2.centos7关闭防火墙 命令:
2.1 systemctl stop firewalld.service 关闭
2.2 systemctl disable firewalld.service 禁止开启自动启动
2.3 firewall-cmd --state 查看是否关闭
3.配置反向代理
3.1 在/usr/local/webserver/nginx/conf 的nginx.conf中配置如下
user www www; #运行的用户名
worker_processes 1; #设置值和CPU核心数一致
error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; #日志位置和日志级别
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
upstream cluster {
server 10.94.46.102:8089 weight=1; #被代理的ip
server 10.94.46.102:8088 weight=1; #被代理的ip
#ip_hash; #解决session共享问题
}
#下面是server虚拟主机的配置
server {
listen 80;
server_name www.test.com; #外界访问的url
charset utf8;
location / {
root html;
index index.html index.htm;
proxy_pass http://cluster; #指定需要代理的URL,
proxy_redirect off; #如果需要从后端打开location和Refresh字段,可以开启。
proxy_set_header X-Real-IP $remote_addr; #允许将发送到后端的服务器请求重新定义或者增加一个字段,这个可以是变量也是文本组合。
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #联系下面PS中所写,在后端web中就算加上$http_x_Forwarded_for这条,也得不到用户的IP,所以在nginx反向代理添加Header头信息 X-Forwarded-For在配合后端服务器日志文件的$http_x_Forwarded_for这条就可以获得用户的IP地址了。
proxy_set_header Host $host; #首先说明 proxy_set_header 指令在向反向代理的后端Web服务器发起请求时添加指定的 Header头信息,后端web服务器有多个基于域名的虚拟主机时,通过头信息Host,用于指定请求的域名,这样后端web才能识别反向代理请求哪个虚拟主机处理。
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503
http_504 http_404; #服务器头部超时相应的各种状态
}
}
}
worker_processes 1; #设置值和CPU核心数一致
error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; #日志位置和日志级别
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events
{
use epoll;
worker_connections 65535;
}
http
{
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
upstream cluster {
server 10.94.46.102:8089 weight=1; #被代理的ip
server 10.94.46.102:8088 weight=1; #被代理的ip
#ip_hash; #解决session共享问题
}
#下面是server虚拟主机的配置
server {
listen 80;
server_name www.test.com; #外界访问的url
charset utf8;
location / {
root html;
index index.html index.htm;
proxy_pass http://cluster; #指定需要代理的URL,
proxy_redirect off; #如果需要从后端打开location和Refresh字段,可以开启。
proxy_set_header X-Real-IP $remote_addr; #允许将发送到后端的服务器请求重新定义或者增加一个字段,这个可以是变量也是文本组合。
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #联系下面PS中所写,在后端web中就算加上$http_x_Forwarded_for这条,也得不到用户的IP,所以在nginx反向代理添加Header头信息 X-Forwarded-For在配合后端服务器日志文件的$http_x_Forwarded_for这条就可以获得用户的IP地址了。
proxy_set_header Host $host; #首先说明 proxy_set_header 指令在向反向代理的后端Web服务器发起请求时添加指定的 Header头信息,后端web服务器有多个基于域名的虚拟主机时,通过头信息Host,用于指定请求的域名,这样后端web才能识别反向代理请求哪个虚拟主机处理。
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503
http_504 http_404; #服务器头部超时相应的各种状态
}
}
}