Centos7-64bit-编译安装配置Nginx stream四层负载均衡 动态加载

作者: 站长 上传时间: 浏览: N/A 下载: N/A 格式: N/A 评分: N/A

yum install screen -y && screen -S nginx
sudo yum -y groupinstall "Development Tools" && yum -y epel-release wget gc autoconf automake pcre-devel zlib-devel openssl-devel

———————-yum安装nginx(默认未编译stream模块,如果需要用按下面方法编译)——————————
安装nginx
sudo yum install nginx -y
设置nginx开机启动
sudo systemctl enable nginx
———————–通过编译安装nginx(开启stream模块 动态加载方式)—————————–
编译安装nginx
sudo yum check-update || sudo yum update -y
yum groupinstall -y 'Development Tools'
yum install -y epel-release
yum install -y wget perl perl-devel perl-ExtUtils-Embed libxslt libxslt-devel libxml2 libxml2-devel gd gd-devel GeoIP GeoIP-devel
wget https://nginx.org/download/nginx-1.13.2.tar.gz && tar zxvf nginx-1.13.2.tar.gz
wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz && tar xzvf pcre-8.40.tar.gz
wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz && tar xzvf openssl-1.1.0f.tar.gz
rm -rf *.tar.gz
cd ~/nginx-1.13.2
cp ~/nginx-1.13.2/man/nginx.8 /usr/share/man/man8
gzip /usr/share/man/man8/nginx.8
man nginx

./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --build=CentOS --builddir=nginx-1.13.2 --with-select_module --with-poll_module --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-mail=dynamic --with-mail_ssl_module --with-stream=dynamic --with-stream_ssl_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-stream_ssl_preread_module --with-compat --with-pcre=../pcre-8.40 --with-pcre-jit --with-zlib=../zlib-1.2.11 --with-openssl=../openssl-1.1.0f --with-openssl-opt=no-nextprotoneg --with-debug

make
make install
ln -s /usr/lib64/nginx/modules /etc/nginx/modules

nginx -V

useradd –system –home /var/cache/nginx –shell /sbin/nologin –comment “nginx user” –user-group nginx

nginx -t
mkdir -p /var/cache/nginx && sudo nginx -t

vi /usr/lib/systemd/system/nginx.service

写入以下内容
[Unit]
Description=nginx - high performance web server
Documentation=https://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID

[Install]
WantedBy=multi-user.target

启动nginx 设置开机启动nginx
systemctl start nginx.service && sudo systemctl enable nginx.service

检查nginx是否开机启动
systemctl is-enabled nginx.service

检查nginx是否正常运行
sudo systemctl status nginx.service
ps aux | grep nginx
curl -I 127.0.0.1

重启服务器
shutdown -r now

rm /etc/nginx/koi-utf /etc/nginx/koi-win /etc/nginx/win-utf
mkdir ~/.vim/
cp -r ~/nginx-1.13.2/contrib/vim/* ~/.vim/
rm /etc/nginx/*.default
——————————-nginx编译安装完毕——————————————

———————–防火墙管理(未设置nginx 80端口可能无法访问)—————————–
启动防火墙
systemctl start firewalld.service

添加防火墙规则(添加80 443端口)–刚编译的 若未添加 可能无法访问
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

如需要可关闭防火墙
systemctl stop firewalld.service

关闭防火墙开机启动
systemctl disable firewalld.service

设置防火墙开机启动
systemctl enable firewalld.service

Centos7 防火墙 相关控制命令
systemctl is-enabled nginx.service #查询nginx是否开机启动
systemctl enable nginx.service #开机运行nginx
systemctl disable nginx.service #取消开机运行nginx
systemctl start nginx.service #启动nginx
systemctl stop nginx.service #停止nginx
systemctl restart nginx.service #重启nginx
systemctl reload nginx.service #重新加载nginx配置文件
systemctl status nginx.service #查询nginx运行状态
systemctl --failed #显示启动失败的服务

#查看端口监听情况
ss -tlnp|grep :80

nginx服务器默认root路径
/usr/share/nginx/html

nginx服务器默认配置文件
/etc/nginx/nginx.conf

追加配置文件路径(会自动加载.conf结尾的文件)
/etc/nginx/conf.d

—————————负载均衡配置——————————
清空nginx配置
cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbackup
cat /dev/null > /etc/nginx/nginx.conf

vi /etc/nginx/nginx.conf

根据实际情况添加负载均衡配置

worker_processes 1;
load_module "modules/ngx_stream_module.so";
events {
worker_connections 1024;
}

stream {
upstream backend {
hash $remote_addr consistent;
server 176.58.111.12:80 weight=5 max_fails=3 fail_timeout=30s;
server 178.79.163.35:80 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 80;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass backend;
}
}

标签:

Leave a Comment