1 安裝

1.1 安裝前準備

1.1.1 安裝JDK

1.1.2 安裝yum

1.2 安裝nginx依賴

1.2.1 使用root用户ssh登錄服務器,以172.16.90.43為例

ssh root@172.16.90.43

1.2.2 執行腳本安裝依賴

yum install -y pcre pcre-devel
yum install -y zlib zlib-devel
yum install -y openssl openssl-devel
yum install -y gcc gcc-c++ zip unzip autoconf automake make

1.3 上傳、解壓、編譯nginx

1.3.1 創建目錄

mkdir -p /opt/itmrl/nginx/nginx-1.12.2
mkdir -p /opt/itmrl/nginx/installPackage

1.3.2 切換到目錄/opt/itmrl/nginx/installPackage

cd /opt/itmrl/nginx/installPackage

1.3.2 將{上線包}\installPackages\nginx\nginx-1.12.2.tar.gz上傳到當前目錄

1.3.3 解壓nginx-1.12.2.tar.gz

tar -zxvf nginx-1.12.2.tar.gz

1.3.4 進入解壓目錄內,設置安裝路徑

#非SSL配置
cd /opt/itmrl/nginx/installPackage/nginx-1.12.2
./configure --prefix=/opt/itmrl/nginx/nginx-1.12.2
#SSL配置
cd /opt/itmrl/nginx/installPackage/nginx-1.12.2
./configure --prefix=/opt/itmrl/nginx/nginx-1.12.2 --with-http_ssl_module

1.3.5 編譯安裝

make && make install

1.3 nginx啓動、關閉

# 啓動nginx
/opt/itmrl/nginx/nginx-1.12.2/sbin/nginx

# 關閉nginx
/opt/itmrl/nginx/nginx-1.12.2/sbin/nginx -s stop

# 重新加載配置文件
/opt/itmrl/nginx/nginx-1.12.2/sbin/nginx -s reload

1.4 防火牆設置

1.4.1 防火牆開放端口

firewall-cmd --zone=public --add-port=80/tcp --permanent

1.4.2 防火牆重新載入

firewall-cmd --reload

2 配置

2.1 修改nginx.conf配置

2.1.1 切換到/opt/itmrl/nginx/nginx-1.12.2/conf

cd /opt/itmrl/nginx/nginx-1.12.2/conf

2.1.2 將{上線包}\installPackages\nginx\nginx.conf上傳到當前目錄覆蓋掉原來的nginx.conf

上線包中nginx.conf詳細內容如下:

#user  nobody;
worker_processes  8; 

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  8192; 
}


http {
    include       mime.types; 
    default_type  application/octet-stream; 

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;
    
    client_max_body_size 64M;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    gzip  on;
	gzip_min_length 1k;
	gzip_buffers 4 16k;
	gzip_http_version 1.1;
	gzip_comp_level 5;
	gzip_types text/xml text/plain text/css text/javascript application/x-javascript application/javascript application/css  application/xml application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml;
	gzip_vary on;
	gzip_disable "MSIE [1-6]\.";
    
    upstream api_server {
    	server 172.16.90.188:7070 max_fails=2 fail_timeout=60s;
    	server 172.16.90.97:7070 max_fails=2 fail_timeout=60s;
    }

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        
        location /api/ {
            proxy_set_header Host  $host;
	        proxy_set_header X-Real-IP $remote_addr;
	        proxy_set_header X-Forwarded $proxy_add_x_forwarded_for;
	        proxy_pass http://api_server/;
	        # 默認連接超時時間 若給某一台服務器轉發請求時,達到默認超時時間未響應,則再向另一台服務器轉發請求
	        proxy_connect_timeout 3;
        }
        
        location /xxx-web/ {
	        root   html;
	        autoindex on;
	    }

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

2.1.3 根據實際情況修改集羣負載服務IP和端口即可

upstream api_server {
	server 172.16.90.188:7070 max_fails=2 fail_timeout=60s;
	server 172.16.90.97:7070 max_fails=2 fail_timeout=60s;
}

2.1.4 重新加載配置文

/opt/itmrl/nginx/nginx-1.12.2/sbin/nginx -s reload

3 其他

#隱藏版本號
server_tokens on;

#優化服務器域名的散列表大小 
server_names_hash_bucket_size 64;
server_names_hash_max_size 2048;

#開啓高效文件傳輸模式
sendfile on;
#減少網絡報文段數量
#tcp_nopush on;
#提高I/O性能
tcp_nodelay on;

#連接超時 時間定義 默認秒 默認65秒
keepalive_timeout 60;

#讀取客户端請求頭數據的超時時間 默認秒 默認60秒
client_header_timeout 15;

#讀取客户端請求主體的超時時間 默認秒 默認60秒
client_body_timeout 15;

#響應客户端的超時時間 默認秒 默認60秒
send_timeout 25;

#上傳文件的大小限制  默認1m
client_max_body_size 8m;