Centos7.3x64安装nginx与反向代理的应用

Centos 7.3 x64安装nginx-1.13.1

nginx-1.13.1 发布日期2017-05-30

测试完成日期：2017.6.22 by evan.li

一、安装必要所需环境：

# yum install autoconf automake gcc gcc-c++ libtool make pkgconfig zlib-devel 

# yum install pcre pcre-devel php-devel httpd-devel

# yum install zlib zlib-devel  

# yum install openssl openssl-devel  

#  groupadd nginx

#  useradd -g nginx nginx

#  mkdir /software

#  cd /software

# wget http://nginx.org/download/nginx-1.13.1.tar.gz

# tar xzf nginx-1.13.1.tar.gz   

# cd nginx-1.13.1  

安装相关依赖包

[root@ns1 nginx-1.13.1]#  yum install libxml2-devel libxslt-devel gd-devel

[root@ns1 nginx-1.13.1]#  yum install perl perl-devel perl-ExtUtils-Embed  libatomic_ops-devel

[root@ns1 nginx-1.13.1]# ./configure --user=nginx --group=nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --with-select_module --with-poll_module --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-http_perl_module --with-mail --with-mail_ssl_module --with-cpp_test_module  --with-cpu-opt=CPU --with-pcre  --with-pcre-jit  --with-zlib-asm=CPU --with-libatomic --with-debug --with-ld-opt="-Wl,-E" --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi

[root@ns1 nginx-1.13.1]# 

....成功结果如下

checking for atomic_ops library ... found

creating objs/Makefile

Configuration summary

  + using system PCRE library

  + using system OpenSSL library

  + using system zlib library

  + using system libatomic_ops library

  nginx path prefix: "/usr/local/nginx"

  nginx binary file: "/usr/sbin/nginx"

  nginx modules path: "/usr/local/nginx/modules"

  nginx configuration prefix: "/etc/nginx"

  nginx configuration file: "/etc/nginx/nginx.conf"

  nginx pid file: "/var/run/nginx.pid"

  nginx error log file: "/var/log/nginx/error.log"

  nginx http access log file: "/var/log/nginx/access.log"

  nginx http client request body temporary files: "/var/tmp/nginx/client/"

  nginx http proxy temporary files: "/var/tmp/nginx/proxy/"

  nginx http fastcgi temporary files: "/var/tmp/nginx/fcgi/"

  nginx http uwsgi temporary files: "/var/tmp/nginx/uwsgi"

  nginx http scgi temporary files: "/var/tmp/nginx/scgi"

./configure: warning: the "--with-ipv6" option is deprecated

[root@ns1 nginx-1.13.1]# make

[root@ns1 nginx-1.13.1]# make install

[root@ns1 nginx-1.13.1]# nginx -V

nginx version: nginx/1.13.1

将启动脚本（见附件）上传到/etc/init.d/ 目录下面

# chmod +x /etc/init.d/nginx  

# chkconfig --add nginx  

# chkconfig nginx on  

# chkconfig --list nginx  

# mkdir -p /var/tmp/nginx/client

编辑配置文件，红色字体为修改或添加后的项目

# vi /etc/nginx/nginx.conf

user  root;

worker_processes  1;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

    worker_connections  1024;

}

http {

    include       /etc/nginx/mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                 '$status $body_bytes_sent "$http_referer" '

                 '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;

    tcp_nopush      on;

    tcp_nodelay     on;

    types_hash_max_size 2048;

    client_max_body_size 20M;

    keepalive_timeout  65;

    gzip  on;

    gzip_disable "msie6";

    gzip_comp_level 6;

    gzip_min_length 1100;

    gzip_buffers 16 8k;

    gzip_proxied any;

    gzip_types text/plain text/css text/js text/xml text/Javascript application/Javascript application/x-Javascript application/json application/xml application/rss+xml image/svg+xml;

    server {

        listen       80;

        server_name  110.110.220.54;

        charset utf-8;

        location / {

            root  /var/www/html/dongying;

            index  index.html index.htm index.jsp login.jsp;

        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html

        #

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80

        #

        #location ~ \.php$ {

        #    proxy_pass   http://127.0.0.1;

        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

        #

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:9000;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

        # deny access to .htaccess files, if Apache's document root

        # concurs with nginx's one

        #

        #location ~ /\.ht {

        #    deny  all;

        #}

    }

    # another virtual host using mix of IP-, name-, and port-based configuration

    #

    #server {

    #    listen       8000;

    #    listen       somename:8080;

    #    server_name  somename  alias  another.alias;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

    # HTTPS server

    #

    #server {

    #    listen       443 ssl;

    #    server_name  localhost;

    #    ssl_certificate      cert.pem;

    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;

    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;

    #    ssl_prefer_server_ciphers  on;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

}

检测配置文件是否有语法错误

[root@host-cn tmp]# nginx -t -c  /etc/nginx/nginx.conf

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

加入防火墙允许

[root@ns1 nginx]# firewall-cmd --add-service=http --permanent 

[root@ns1 nginx]# firewall-cmd --reload

[root@ns1 nginx]# systemctl restart firewalld

启动nginx服务

[root@ns1 nginx]# service nginx start

再用户就可以使用IP 110.110.220.54直接访问网站了。

-----------------------------------------------------------------------------------

反向代理的应用

公司同事，用tomcat发布了2个项目，可以用IP访问他的项目

A项目地址  http://110.110.220.54:8080/dy/jsp/index.jsp

B项目地址  http://110.110.220.54:8080/dy/position/login.jsp

现在使用nginx，用公司域名www.dongying.com来发布他的项目，方法如下：

绿色部分为项目A，设定正常后用www.dongying.com来访问。

橙色部分为项目B，设定正常后用www.dongying.com:8080/dy/position/login.jsp来访问。

    server {

listen 80;

server_name www.dongying.com;

charset utf-8;

     location / {  

            proxy_pass http://www.dongying.com:8080/dgmy/jsp/;

            index index.html index.htm index.jsp login.jsp;

                 }

   location ~ \.(gif|jpg|jpeg|png|bmp|swf|css|js)$

                {

                   access_log off;

                   expires 1d;

                   root /opt/tomcat/webapps/dy/;

                    break;

            }

 location /dy/position/ {

            proxy_pass http://www.dongying.com:8080/dy/position/login.jsp;

            proxy_set_header           Host $host;

            proxy_set_header  X-Real-IP  $remote_addr;

            proxy_set_header           X-Forwarded-For $proxy_add_x_forwarded_for;

            client_max_body_size  100m;

            root   html;

            index  index.html index.htm index.jsp login.jsp;

       }

测试完成日期：2017.6.23 by evan.li

本文出自 “虚拟化应用” 博客，请务必保留此出处http://liwenhn.blog.51cto.com/854522/1941434