快捷導(dǎo)航

歐拉部署nginx的實(shí)現(xiàn)步驟

更新時(shí)間：2024年08月06日 11:15:34 作者：運(yùn)維開發(fā)小白丶

本文主要介紹了歐拉部署nginx的實(shí)現(xiàn)步驟,文中通過示例代碼介紹的非常詳細(xì),對(duì)大家的學(xué)習(xí)或者工作具有一定的參考學(xué)習(xí)價(jià)值,需要的朋友們下面隨著小編來一起學(xué)習(xí)學(xué)習(xí)吧

1.下載nginx

下載地址：https://nginx.org/en/download.html

選擇穩(wěn)定版本下的鏡像文件進(jìn)行下載

在這里插入圖片描述

2.解壓Nginx包

cd /root/nginx
tar -zxvf nginx-1.26.0.tar.gz
cd nginx-1.26.0

3.安裝nginx相關(guān)依賴

yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel

4.生成 Makefile 可編譯文件

./configure --with-http_ssl_module --with-http_stub_status_module

參數(shù)說明：

–prefix=PATH：指定 nginx 的安裝目錄（默認(rèn)/usr/local/nginx）
–conf-path=PATH：指定 nginx.conf 配置文件路徑
–user=NAME：nginx 工作進(jìn)程的用戶
–with-pcre：開啟 PCRE 正則表達(dá)式的支持
with-http-realip_module：允許改變客戶端請(qǐng)求頭中客戶端 IP 地址
–with-file-aio：?jiǎn)⒂?File AIO
–add-module=PATH：添加第三方外部模塊

5.編譯和安裝

# 編譯
make
# 安裝
make install

默認(rèn)的安裝路徑為：/usr/local/nginx

6.啟動(dòng)

cd /usr/local/nginx/sbin
# 啟動(dòng)
./nginx
# 查看進(jìn)程
ps -ef | grep nginx
# 停止
/usr/local/nginx/sbin/nginx -s stop
# 重啟
/usr/local/nginx/sbin/nginx -s restart

7.配置

非https配置

worker_processes  1;
events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    #gzip  on;
    
    upstream reverseProxyServer{
        ip_hash;
        #負(fù)載均衡應(yīng)用服務(wù)器A: 權(quán)重為10,10s內(nèi)連接請(qǐng)求失敗2次,nginx在10s內(nèi)認(rèn)為server是不可用的，將不在發(fā)送請(qǐng)求給這臺(tái)服務(wù)器
        server xxx.xxx.xx.xxx:9090 weight=10 max_fails=2 fail_timeout=10s; 
        #負(fù)載均衡應(yīng)用服務(wù)器B: 代理服務(wù)器權(quán)重為5,10s內(nèi)連接請(qǐng)求失敗2次,nginx在10s內(nèi)認(rèn)為server是不可用的，將不在發(fā)送請(qǐng)求給這臺(tái)服務(wù)器
        server xxx.xxx.xx.xxx:9090 weight=5 fail_timeout=10s max_fails=2;
    }
  
  upstream reverseGrafanaServer{
        ip_hash;
        server xxx.xxx.xx.xxx:3000 weight=10 max_fails=2 fail_timeout=10s;
        server xxx.xxx.xx.xxx:3000 weight=8 max_fails=2 fail_timeout=10s;
    }
  
    server {
        listen       80;
        server_name  xxx.com;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout 30s;
        proxy_read_timeout 30s;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        location /{
            proxy_pass http://reverseProxyServer/;
        }
        location /grafana/{
            proxy_buffering on;
            proxy_buffer_size 4k;
            proxy_buffers 8 4M;
            proxy_busy_buffers_size 4M;
            proxy_pass http://reverseGrafanaServer/;
        }
    }
}

https配置

http {
  ...
  server {
        listen 80;
        server_name xxx.com;
        #將請(qǐng)求轉(zhuǎn)成https
        rewrite ^(.*)$ https://$host$1 permanent;
    }
  
    server {
        listen       443 ssl;
        server_name  xxx.com;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout 30s;
        proxy_read_timeout 30s;
        #charset koi8-r;
    
        #ssl證書的pem文件路徑
        ssl_certificate  /usr/local/nginx/cert/server.crt;
        #ssl證書的key文件路徑
        ssl_certificate_key /usr/local/nginx/cert/server.key;
            ....
    }
}

FAQ：遇到問題總結(jié)

問題1：nginx: [emerg] unknown directive “ssl”

解決方法

1.nginx生成 Makefile可編譯文件時(shí)沒有開啟ssl，請(qǐng)參考步驟4
2.舊版本配置ssl和新版本不一致

server{
listen 443;
xxx
ssl on;
#ssl證書的pem文件路徑
ssl_certificate /usr/local/nginx/cert/server.crt;
#ssl證書的key文件路徑
ssl_certificate_key /usr/local/nginx/cert/server.key;
}

應(yīng)改為

server{
listen 443 ssl;
xxx
#ssl證書的pem文件路徑
ssl_certificate /usr/local/nginx/cert/server.crt;
#ssl證書的key文件路徑
ssl_certificate_key /usr/local/nginx/cert/server.key;
}