Nginx (engine x)是一個(gè)高性能的HTTP和反向代理服務(wù)器，也是一個(gè)IMAP/POP3/SMTP服務(wù)器。Nginx可以在大多數(shù) UnixLinux OS 上編譯運(yùn)行，并有 Windows 移植版。

代理服務(wù)器:一般是指局域網(wǎng)內(nèi)部的機(jī)器通過(guò)代理服務(wù)器發(fā)送請(qǐng)求到互聯(lián)網(wǎng)上的服務(wù)器,代理服務(wù)器一般作用在客戶端。

反向代理（Reverse Proxy）方式是指以代理服務(wù)器來(lái)接受internet上的連接請(qǐng)求，然后將請(qǐng)求轉(zhuǎn)發(fā)給內(nèi)部網(wǎng)絡(luò)上的服務(wù)器，并將從服務(wù)器上得到的結(jié)果返回給internet上請(qǐng)求連接的客戶端，此時(shí)代理服務(wù)器對(duì)外就表現(xiàn)為一個(gè)服務(wù)器。

這里講得很直白。反向代理方式實(shí)際上就是一臺(tái)負(fù)責(zé)轉(zhuǎn)發(fā)的代理服務(wù)器，貌似充當(dāng)了真正服務(wù)器的功能，但實(shí)際上并不是，代理服務(wù)器只是充當(dāng)了轉(zhuǎn)發(fā)的作用，并且從真正的服務(wù)器那里取得返回的數(shù)據(jù)。

負(fù)載均衡的作用：

例如一臺(tái)服務(wù)器本身的性能能夠支持1w個(gè)業(yè)務(wù)并發(fā)處理

如果業(yè)務(wù)并發(fā)少于1w個(gè)，機(jī)器也能負(fù)重前行

但是如果有5w個(gè)怎么辦呢

簡(jiǎn)單的辦法是使用nginx做前面的類似于堡壘機(jī)

10w個(gè)并發(fā)都打到這個(gè)nginx

但是nginx本身不處理業(yè)務(wù)，所以他能接納10w個(gè)并發(fā)，但是他本身沒(méi)有處理能力

而是把這個(gè)10w個(gè)并發(fā)，按照一定的策略分配給后面的其他機(jī)器

這樣的好處是

1.通過(guò)1個(gè)nginx+n個(gè)后面的機(jī)器組成一個(gè)小集群，能處理超過(guò)單臺(tái)機(jī)器接納的上線

2.對(duì)外提供服務(wù)一般會(huì)固定一個(gè)ip，而往往你的業(yè)務(wù)一個(gè)ip（也就是單臺(tái)服務(wù)器）不能完全處理，那么找一個(gè)性能不錯(cuò)的專門(mén)負(fù)責(zé)轉(zhuǎn)發(fā)外面的業(yè)務(wù)請(qǐng)求（一般這種對(duì)服務(wù)器的壓力不會(huì)太大），然后發(fā)給真正需要處理業(yè)務(wù)的后面的例如tomcat去，這樣能夠?qū)ν馓峁┮恢碌奶峁┓?wù)的點(diǎn)

如果并發(fā)有50w個(gè)怎么辦？

這種即使僅僅是轉(zhuǎn)發(fā)，單個(gè)nginx都沒(méi)法處理，性能要求太高，而且即使性能能夠跟上，操作系統(tǒng)的端口數(shù)也是有限的

這個(gè)時(shí)候就需要高級(jí)的轉(zhuǎn)發(fā)服務(wù)器了

這方面有硬件的例如f5或者軟件的ha

然后將請(qǐng)求分發(fā)給nginx，nginx再分發(fā)給具體處理業(yè)務(wù)的例如tomcat

但是功能都是一樣的：提供統(tǒng)一的對(duì)外訪問(wèn)入口，轉(zhuǎn)發(fā)請(qǐng)求給真正的執(zhí)行者

安裝步驟：

1，先安裝gcc 等

yum -y install gcc gcc-c++ wget

2，安裝一些庫(kù)

yum -y install gcc wget automake autoconf libtool libxml2-devel libxslt-devel perl-devel perl-ExtUtils-Embed pcre-devel openssl-devel

3，進(jìn)入默認(rèn)的軟件目錄

cd /usr/local/src/

4，下載nginx軟件（進(jìn)入下載頁(yè)面查看最新版本http://nginx.org/download）

wget http://nginx.org/download/nginx-1.13.3.tar.gz

5，解壓

tar zxvf nginx-1.13.3.tar.gz

6，進(jìn)入 nginx1.13.3的源碼 ?如果想改版本號(hào) 可以進(jìn)入源碼目錄src/core/nginx.h更改

cd nginx-1.13.3/

7，創(chuàng)建一個(gè)nginx目錄用來(lái)存放運(yùn)行的臨時(shí)文件夾

mkdir -p /var/cache/nginx

8，開(kāi)始configure

./configure \

--prefix=/usr/local/nginx \

--sbin-path=/usr/sbin/nginx \

--conf-path=/etc/nginx/nginx.conf \

--error-log-path=/var/log/nginx/error.log \

--http-log-path=/var/log/nginx/access.log \

--pid-path=/var/run/nginx.pid \

--lock-path=/var/run/nginx.lock \

--http-client-body-temp-path=/var/cache/nginx/client_temp \

--http-proxy-temp-path=/var/cache/nginx/proxy_temp \

--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \

--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \

--http-scgi-temp-path=/var/cache/nginx/scgi_temp \

--user=nobody \

--group=nobody \

--with-pcre \

--with-http_v2_module \

--with-http_ssl_module \

--with-http_realip_module \

--with-http_addition_module \

--with-http_sub_module \

--with-http_dav_module \

--with-http_flv_module \

--with-http_mp4_module \

--with-http_gunzip_module \

--with-http_gzip_static_module \

--with-http_random_index_module \

--with-http_secure_link_module \

--with-http_stub_status_module \

--with-http_auth_request_module \

--with-mail \

--with-mail_ssl_module \

--with-file-aio \

--with-ipv6 \

--with-http_v2_module \

--with-threads \

--with-stream \

--with-stream_ssl_module

9，編譯

make

10，安裝

make install

11，啟動(dòng)nginx

/usr/sbin/nginx

12，配置服務(wù)

vi /usr/lib/systemd/system/nginx.service

輸入以下內(nèi)容后保存

[Unit]

Description=nginx - high performance web server

Documentation=http://nginx.org/en/docs/

After=network.target remote-fs.target nss-lookup.target

[Service]

Type=forking

PIDFile=/var/run/nginx.pid

ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf

ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf

ExecReload=/bin/kill -s HUP $MAINPID

ExecStop=/bin/kill -s QUIT $MAINPID

PrivateTmp=true

[Install]

WantedBy=multi-user.target

文件保存后，剛剛配置的服務(wù)需要讓systemctl能識(shí)別，就必須刷新配置

systemctl daemon-reload

13，設(shè)置開(kāi)機(jī)啟動(dòng)

systemctl enable nginx.service

重啟電腦，看到nginx已自啟。

reboot

ps -ef|grep nginx

14，后面可以用systemctl來(lái)操作nginx.service

systemctl start nginx.service

systemctl stop nginx.service

如果使用命令出現(xiàn)如下報(bào)錯(cuò)

Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

修改文件/usr/lib/systemd/system/nginx.service測(cè)試是否能啟用服務(wù)。

vi /usr/lib/systemd/system/nginx.service

輸入以下內(nèi)容后保存

[Unit]

Description=nginx - high performance web server

Documentation=http://nginx.org/en/docs/

After=network.target remote-fs.target nss-lookup.target

[Service]

Type=forking

PIDFile=/var/run/nginx.pid

ExecStartPre=/usr/sbin/nginx

ExecStart=/usr/sbin/nginx

ExecStop=/bin/kill nginx

PrivateTmp=true

[Install]

WantedBy=multi-user.target

15，查看nginx版本

nginx -v

訪問(wèn)nginx，現(xiàn)在你可以通過(guò)公網(wǎng)ip (本地可以通過(guò) localhost /或 127.0.0.1 ) 查看nginx 服務(wù)返回的信息。

curl -i localhost

16，17，18是修改nginx配置文件的例子，配置文件位于/usr/local/src/nginx-1.13.3/conf/

使用命令

vi /usr/local/src/nginx-1.13.3/conf/nginx.conf

16，常見(jiàn)例子->訪問(wèn)靜態(tài)文件

#定義Nginx運(yùn)行的用戶和用戶組

user ?nginx nginx;

#nginx進(jìn)程數(shù)，建議設(shè)置為等于CPU總核心數(shù)。用lscpu命令查看cou核數(shù)

worker_processes ?1;

#nginx默認(rèn)是沒(méi)有開(kāi)啟利用多核cpu的配置的。需要通過(guò)增加worker_cpu_affinity配置參數(shù)來(lái)充分利用多核cpu。

#worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;

#一個(gè)nginx進(jìn)程打開(kāi)的最多文件描述符數(shù)目，理論值應(yīng)該是最多打開(kāi)文件數(shù)（系統(tǒng)的值ulimit -n）與nginx進(jìn)程數(shù)相除，但是nginx分配請(qǐng)求并不均勻，所以建議與ulimit -n的值保持一致。

worker_rlimit_nofile 65536;

#全局錯(cuò)誤日志定義類型，[ debug | info | notice | warn | error | crit ]

#error_log ?logs/error.log;

#error_log ?logs/error.log ?notice;

#error_log ?logs/error.log ?info;

#進(jìn)程文件

#pid ??/var/run/nginx.pid;

events {

#單個(gè)進(jìn)程最大連接數(shù)（最大連接數(shù)=連接數(shù)*進(jìn)程數(shù)）

????worker_connections ?65536;

}

#設(shè)定http服務(wù)器

http {

#文件擴(kuò)展名與文件類型映射表

????include ??????mime.types;

#默認(rèn)文件類型

default_type ?application/octet-stream;

????log_format ?main ?'$remote_addr [$time_local] $upstream_addr $upstream_status $upstream_response_time "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

????log_format cachelog '$time_local - $upstream_cache_status - Cache-Control:$upstream_http_cache_control - $request($status) - ';

????access_log ?logs/access.log ?main;

????sendfile ???????on;

????tcp_nopush ????on;

????proxy_ignore_client_abort on;

#長(zhǎng)連接超時(shí)時(shí)間，單位是秒

????keepalive_timeout ?65;

#默認(rèn)編碼

????charset utf-8;

#gzip模塊設(shè)置

????gzip on; #開(kāi)啟gzip壓縮輸出

????gzip_min_length 10k; #最小壓縮文件大小

????gzip_buffers 4 16k; #壓縮緩沖區(qū)

????gzip_comp_level 2; #壓縮等級(jí)

#壓縮類型，默認(rèn)就已經(jīng)包含text/html，所以下面就不用再寫(xiě)了，寫(xiě)上去也不會(huì)有問(wèn)題，但是會(huì)有一個(gè)warn。

????gzip_types text/plain text/javascript application/javascript application/x-javascript text/css ?application/xml application/octet-stream;

????gzip_vary on;

#虛擬主機(jī)的配置

????server {

#被監(jiān)聽(tīng)的端口號(hào)和網(wǎng)址

????????listen ??????80;

#域名可以有多個(gè)，用空格隔開(kāi)

????????server_name ?www.test.com;

????????#charset koi8-r;

#定義本虛擬主機(jī)的訪問(wèn)日志

????????access_log ?logs/test_access.log ?main;

#對(duì) "/" 啟用反向代理

????????location / {

#這個(gè)地方指定被訪問(wèn)的文件夾位置

????????????root ??/data/test;

????????????index ?index.html index.htm;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

#圖片緩存時(shí)間設(shè)置

????????location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|css|js)$ {

????????root /data/test;

????????expires 30d;

????????}

????}

????#location ~ /purge(/.*){

????# ???allow 192.168.0.0/16;

????# ???deny all;

????# ???proxy_cache_purge resource $host$1$is_args$args;

????#}

}

17，常見(jiàn)例子->一個(gè)負(fù)載均衡例子

user ?nginx nginx;

worker_processes ?8;

worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;

worker_rlimit_nofile 65536;

events {

????worker_connections ?65536;

}

http {

????include ??????mime.types;

????default_type ?application/octet-stream;

# log_format日志格式

????log_format ?main ?'$remote_addr [$time_local] $upstream_addr $upstream_status $upstream_response_time "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

log_format cachelog '$time_local - $upstream_cache_status - Cache-Control:$upstream_http_cache_control - $request($status) - ';

????access_log ?logs/access.log ?main;

????sendfile ???????on;

????tcp_nopush ????on;

????proxy_ignore_client_abort on;

????keepalive_timeout ?65;

????#keepalive_timeout ?1000;

????charset utf-8;

????gzip on;

????gzip_min_length 10k;

????gzip_buffers 4 16k;

????gzip_comp_level 2;

????gzip_types text/plain text/javascript application/javascript application/x-javascript text/css ?application/xml application/octet-stream;

????gzip_vary on;

????upstream balance{

????????server 192.168.21.77:8080;

????}

????server {

????????listen ??????80;

????????server_name www.website.com;

????????#charset koi8-r;

????????access_log ?logs/website.log ?main;

????#request proxy server

????????location / {

????????proxy_set_header Host $host;

????????proxy_set_header X-Real-IP $remote_addr;

????????proxy_set_header REMOTE-HOST $remote_addr;

#后端的Web服務(wù)器可以通過(guò)X-Forwarded-For獲取用戶真實(shí)IP

????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#這里設(shè)置代理的位置

????????????proxy_pass http://balance;

????????????proxy_redirect default;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????#

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

#設(shè)定查看Nginx狀態(tài)的地址

????location /nginx_status{

????????????????stub_status on;

access_log off;#指定全局的 log 是否打開(kāi)

????????????????allow all;

???????????????# deny all;

????????}

????}

}

18，常見(jiàn)例子->多個(gè)負(fù)載均衡，多個(gè)服務(wù)，多個(gè)端口

user ?nginx nginx;

worker_processes ?8;

worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;

worker_rlimit_nofile 65536;

#error_log ?logs/error.log;

#error_log ?logs/error.log ?notice;

#error_log ?logs/error.log ?info;

#pid ???????logs/nginx.pid;

events {

????worker_connections ?65536;

}

http {

????include ??????mime.types;

????default_type ?application/octet-stream;

????log_format ?main ?'$remote_addr [$time_local] $upstream_addr $upstream_status $upstream_response_time "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

????log_format cachelog '$time_local - $upstream_cache_status - Cache-Control:$upstream_http_cache_control - $request($status) - ';

#全局日志記錄記錄的位置及日志格式

????access_log ?logs/access.log ?main;

????sendfile ???????on;

????tcp_nopush ????on;

????proxy_ignore_client_abort on;

????keepalive_timeout ?65;

????#keepalive_timeout ?1000;

????charset utf-8;

????gzip on;

????gzip_min_length 10k;

????gzip_buffers 4 16k;

????gzip_comp_level 2;

????gzip_types text/plain text/javascript application/javascript application/x-javascript text/css ?application/xml application/octet-stream;

????gzip_vary on;

#負(fù)載均衡示例 1

????upstream balance1{

????????server 192.168.21.76:8093 max_fails=3 fail_timeout=30s;

????}

#負(fù)載均衡示例 2

????upstream balance2{

????????server 192.168.21.76:8070;

????????server 192.168.21.76:8071 down;

????}

#負(fù)載均衡示例 3

????upstream balance3{

????????server 192.168.21.76:8080 max_fails=3 fail_timeout=30s;

????}

#web服務(wù) 1

????server {

????????listen ??????80;

????????server_name www.website1.com;

????????#charset koi8-r;

#當(dāng)前 web 服務(wù)的日志 位置、格式

????????access_log ?logs/404_access.log ?main;

????#request proxy server

????????location / {

????????proxy_set_header Host $host;

????????proxy_set_header X-Real-IP $remote_addr;

????????proxy_set_header REMOTE-HOST $remote_addr;

????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????proxy_pass http://balance1;

????????????proxy_redirect default;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

????location /nginx_status{

????????????????stub_status on;

access_log off;#指定全局的 access_log 是否打開(kāi)

????????????????allow all;

???????????????# deny all;

????????}

????}

????server {

????????listen ??????80;

????????server_name website2.com;

????????#charset koi8-r;

????????access_log ?logs/website2.log ?main;

????#request proxy server

????????location / {

????????proxy_set_header Host $host;

????????proxy_set_header X-Real-IP $remote_addr;

????????proxy_set_header REMOTE-HOST $remote_addr;

????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????proxy_pass http://balance3;

????????????proxy_redirect default;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

????location /nginx_status{

????????????????stub_status on;

????????????????access_log off;

????????????????allow all;

???????????????# deny all;

????????}

????}

????server {

????????listen ??????80;

????????server_name www.website3.com;

????????#charset koi8-r;

????????access_log ?logs/website3.log ?main;

????#request proxy server

????????location / {

????????proxy_set_header Host $host;

????????proxy_set_header X-Real-IP $remote_addr;

????????proxy_set_header REMOTE-HOST $remote_addr;

????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????proxy_pass http://balance1;

????????????proxy_redirect default;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

????location /nginx_status{

????????????????stub_status on;

????????????????access_log off;

????????????????allow all;

???????????????# deny all;

????????}

}

????server {

????????listen ??????8060;

????????server_name 192.168.1.111;

????????#charset koi8-r;

????????access_log ?logs/website4.log ?main;

????#request proxy server

????????location / {

????????proxy_set_header Host $host;

????????proxy_set_header X-Real-IP $remote_addr;

????????proxy_set_header REMOTE-HOST $remote_addr;

????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????proxy_pass http://balance2;

????????????proxy_redirect default;

????????}

????????#error_page ?404 ?????????????/404.html;

????????# redirect server error pages to the static page /50x.html

????????error_page ??500 502 503 504 ?/50x.html;

????????location = /50x.html {

????????????root ??html;

????????}

????location /nginx_status{

????????????????stub_status on;

????????????????access_log off;

????????????????allow all;

???????????????# deny all;

????????}

????}

}