Centos7-64bit-编译安装配置Nginx stream四层负载均衡 动态加载

1
2
yum install screen -y && screen -S nginx
sudo yum -y groupinstall "Development Tools" && yum -y epel-release wget gc autoconf automake pcre-devel zlib-devel openssl-devel

———————-yum安装nginx(默认未编译stream模块,如果需要用按下面方法编译)——————————
安装nginx

1
sudo yum install nginx -y

设置nginx开机启动

1
sudo systemctl enable nginx

———————–通过编译安装nginx(开启stream模块 动态加载方式)—————————–
编译安装nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
sudo yum check-update || sudo yum update -y
yum groupinstall -y 'Development Tools'
yum install -y epel-release
yum install -y wget perl perl-devel perl-ExtUtils-Embed libxslt libxslt-devel libxml2 libxml2-devel gd gd-devel GeoIP GeoIP-devel
wget https://nginx.org/download/nginx-1.13.2.tar.gz && tar zxvf nginx-1.13.2.tar.gz
wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz && tar xzvf pcre-8.40.tar.gz
wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz && tar xzvf openssl-1.1.0f.tar.gz
rm -rf *.tar.gz
cd ~/nginx-1.13.2
cp ~/nginx-1.13.2/man/nginx.8 /usr/share/man/man8
gzip /usr/share/man/man8/nginx.8
man nginx
1
./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --build=CentOS --builddir=nginx-1.13.2 --with-select_module --with-poll_module --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-mail=dynamic --with-mail_ssl_module --with-stream=dynamic --with-stream_ssl_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-stream_ssl_preread_module --with-compat --with-pcre=../pcre-8.40 --with-pcre-jit --with-zlib=../zlib-1.2.11 --with-openssl=../openssl-1.1.0f --with-openssl-opt=no-nextprotoneg --with-debug
1
2
3
make
make install
ln -s /usr/lib64/nginx/modules /etc/nginx/modules
1
nginx -V

useradd –system –home /var/cache/nginx –shell /sbin/nologin –comment “nginx user” –user-group nginx

1
2
nginx -t
mkdir -p /var/cache/nginx && sudo nginx -t
1
vi /usr/lib/systemd/system/nginx.service

写入以下内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[Unit]
Description=nginx - high performance web server
Documentation=https://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID

[Install]
WantedBy=multi-user.target

启动nginx 设置开机启动nginx

1
systemctl start nginx.service && sudo systemctl enable nginx.service

检查nginx是否开机启动

1
systemctl is-enabled nginx.service

检查nginx是否正常运行

1
2
3
sudo systemctl status nginx.service
ps aux | grep nginx
curl -I 127.0.0.1

重启服务器

1
shutdown -r now
1
2
3
4
rm /etc/nginx/koi-utf /etc/nginx/koi-win /etc/nginx/win-utf
mkdir ~/.vim/
cp -r ~/nginx-1.13.2/contrib/vim/* ~/.vim/
rm /etc/nginx/*.default

——————————-nginx编译安装完毕——————————————

———————–防火墙管理(未设置nginx 80端口可能无法访问)—————————–
启动防火墙

1
systemctl start firewalld.service

添加防火墙规则(添加80 443端口)–刚编译的 若未添加 可能无法访问

1
2
3
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

如需要可关闭防火墙

1
systemctl stop firewalld.service

关闭防火墙开机启动

1
systemctl disable firewalld.service

设置防火墙开机启动

1
systemctl enable firewalld.service

Centos7 防火墙 相关控制命令

1
2
3
4
5
6
7
8
9
systemctl is-enabled nginx.service #查询nginx是否开机启动
systemctl enable nginx.service #开机运行nginx
systemctl disable nginx.service #取消开机运行nginx
systemctl start nginx.service #启动nginx
systemctl stop nginx.service #停止nginx
systemctl restart nginx.service #重启nginx
systemctl reload nginx.service #重新加载nginx配置文件
systemctl status nginx.service #查询nginx运行状态
systemctl --failed #显示启动失败的服务

#查看端口监听情况

1
ss -tlnp|grep :80

nginx服务器默认root路径

1
/usr/share/nginx/html

nginx服务器默认配置文件

1
/etc/nginx/nginx.conf

追加配置文件路径(会自动加载.conf结尾的文件)

1
/etc/nginx/conf.d

—————————负载均衡配置——————————
清空nginx配置

1
2
cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbackup
cat /dev/null > /etc/nginx/nginx.conf
1
vi /etc/nginx/nginx.conf

根据实际情况添加负载均衡配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
worker_processes 1;
load_module  "modules/ngx_stream_module.so";
events {
        worker_connections  1024;
       }

stream {
    upstream backend {
        hash $remote_addr consistent;
        server 176.58.111.12:80 weight=5 max_fails=3 fail_timeout=30s;
        server 178.79.163.35:80 weight=5  max_fails=3 fail_timeout=30s;
    }
    server {
        listen 80;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass backend;
    }
}
原文链接:https://xiaohost.com/2754.html,转载请注明出处。
0

评论0

请先