docker 安装nginx
docker pull nginx:1.22.0
docker run --name nginx -p 8008:80 -d nginx:1.22.0
mkdir -p /opt/resource/nginx/conf
mkdir -p /opt/resource/nginx/log
mkdir -p /opt/resource/nginx/html
docker cp nginx:/etc/nginx/nginx.conf /opt/resource/nginx/conf/nginx.conf
docker cp nginx:/etc/nginx/conf.d /opt/resource/nginx/conf/conf.d
docker cp nginx:/usr/share/nginx/html /opt/resource/nginx/
docker rm -f nginx
docker run \
-p 8008:80 \
--name nginx \
-v /opt/resource/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \
-v /opt/resource/nginx/conf/conf.d:/etc/nginx/conf.d \
-v /opt/resource/nginx/log:/var/log/nginx \
-v /opt/resource/nginx/html:/usr/share/nginx/html \
-d nginx:1.22.0
安装包 安装Nginx
https://altwongblog-1301531589.cos.ap-shanghai.myqcloud.com//2022/202203/nginx-1.22.0_1656605040463.tar.gz
yum -y install make zlib-devel gcc-c++ libtool openssl openssl-devel
mkdir /opt/resource/
tar -zxvf nginx-1.22.0.tar.gz
编译
cd nginx-1.22.0
./configure --prefix=/opt/resource/nginx-1.22.0
make && make install
可能没有 logs这个文件夹
mkdir logs
检查
/opt/resource/nginx-1.22.0/sbin/nginx -t
启动
/opt/resource/nginx-1.22.0/sbin/nginx -c /opt/resource/nginx-1.22.0/conf/nginx.conf
重启
/opt/resource/nginx-1.22.0/sbin/nginx -s reload
完成这是配置文件
vi /opt/resource/nginx-1.22.0/conf/nginx.conf
yum 安装Nginx
执行以下命令,添加Nginx到yum源。
sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
添加完之后,执行以下命令,查看是否已经添加成功。
yum search nginx
添加成功之后,执行以下命令,安装Nginx。
sudo yum install -y nginx
执行以下命令安装stream模块。
yum install nginx-mod-stream --skip-broken
启动Nginx并设置为开机自动运行。
sudo systemctl start nginx.service
sudo systemctl enable nginx.service
在本地浏览器中输入服务器地址(ECS公网IP地址),查看安装是否成功。 如果出现下面页面,则表示安装成功。
https://support.huaweicloud.com/bestpractice-dcs/dcs-bp-0514001.html
服务转发 以访问minio为例
- /etc/nginx/conf.d中 stream.conf
upstream backend {
server 192.168.16.168:9001;
}
server {
listen 9104;
server_name 0.0.0.0;
location / {
proxy_pass http://backend;
}
}
- nginx.conf 配置
user root;
worker_processes auto;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
stream {
upstream minio {
server 192.168.16.168:9001;
}
server {
listen 9102;
proxy_pass minio;
proxy_connect_timeout 1h;
proxy_timeout 1h;
}
server {
listen 9106;
proxy_pass 192.168.16.168:9001;
proxy_socket_keepalive on
proxy_timeout 60m
proxy_connect_timeout 60s
}
}
http {
server {
listen 80 default_server;
include /etc/nginx/default.d/*.conf;
location / {
}
}
}
# 查看端口是情况
# netstat -ano | grep 9106
nginx正则
= 表示精确匹配
^~ 表示uri以某个常规字符串开头,大多情况下用来匹配url路径,nginx不对url做编码,因此请求为/static/20%/aa,可以被规则^~ /static/ /aa匹配到(注意是空格)。
~ 正则匹配(区分大小写)
~* 正则匹配(不区分大小写)
!~ 区分大小写不匹配
!~* 不区分大小写不匹配
/ 任何请求都会匹配
nginx 其他配置
server {
listen 8081;
server_name 0.0.0.0;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
# 静态资源
location /demo {
alias /root/frontend/demo;
try_files $uri $uri/ /demo/index.html;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
index index.html;
}
# 项目后端服务
location /demob {
proxy_pass http://192.168.16.166/;
}
location = /50x.html {
root html;
}
}
nginx 负载均衡
10.Nginx负载均衡配置 - 简书 (jianshu.com)
## 在conf.d 中配置
upstream project-api {
ip_hash;
server 192.168.16.156:18080 weight=1 max_fails=3 fail_timeout=10s;
#server 192.168.16.209:18080 weight=1 max_fails=3 fail_timeout=10s;
keepalive 300;
}
upstream demo-api {
ip_hash;
server 192.168.16.156:18082 weight=1 max_fails=3 fail_timeout=10s;
#server 192.168.16.209:18082 weight=1 max_fails=3 fail_timeout=10s;
keepalive 300;
}
server {
listen 80;
server_name 0.0.0.0;
charset utf-8;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
# 后端负载入口
location ~ /demo-api/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://demo-api;
}
# 后端负载入口
location ~ /project-api/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://project-api;
}
}
nginx 连接mysql 和 redis
- 增加steam配置,与http同级,不是放在http里面!! 验证ok
stream {
upstream mysqlc {
server 192.168.16.168:3306 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 3305;#数据库服务器监听端口
proxy_connect_timeout 600s;
proxy_pass mysqlc;
}
upstream redisc {
server 192.168.16.168:6379;
}
server {
listen 6378;#redis服务器监听端口
proxy_connect_timeout 600s;
proxy_timeout 600s;
proxy_pass redisc;
}
}
https配置
server {
listen 80;
server_name kooed.hppts.net;
rewrite ^(.*)$ https://${server_name}$1 permanent;# 重定向到https
}
server {
listen 443 ssl;
server_name kooed.hppts.net;
ssl_certificate /root/ssl/hppts-crt.pem;
ssl_certificate_key /root/ssl/hppts-key.key;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location/ {
}
}
