nginx动静分离-创新互联
搭建Nginx动静分离
Nginx动静分离介绍
- Nginx的静态处理能力很强,但是动态处理能力不足,因此,在企业中常用动静分离技术
针对PHP的动静分离
“专业、务实、高效、创新、把客户的事当成自己的事”是我们每一个人一直以来坚持追求的企业文化。 创新互联是您可以信赖的网站建设服务商、专业的互联网服务提供商! 专注于网站设计制作、网站建设、软件开发、设计服务业务。我们始终坚持以客户需求为导向,结合用户体验与视觉传达,提供有针对性的项目解决方案,提供专业性的建议,创新互联建站将不断地超越自我,追逐市场,引领市场!- 静态页面交给Nginx处理
- 动态页面交给PHP-FPM模块或Apache处理
- 在Nginx的配置中,是通过location配置段配合正则匹配实现静态与动态页面的不同处理方式
反向代理原理
- Nginx不仅能作为Web服务器,还具有反向代理、负载均衡和缓存的功能
- Nginx通过proxy模块实现将客户端的请求代理至上游服务器,此时nginx与. 上游服务器的连接是通过http协议进行的
- Nginx在实现反向代理功能时的最重要指令为proxy_ _pass, 它能够并能够根据URI、客户端参数或其它的处理逻辑将用户请求调度至上游服务器
配置动静分离
- 架设并调试后端
LAMP
环境 - 安装配置
Nginx
处理静态页面请求,在server {}
;段中加入
[root@nginx php5]#vim /usr/local/httpd/conf/nginx.conf
location ~ .*\.(gifiglipeglbmp|swf)$ {
root html;
index index.html index.htm;
};
- 配置Nginx处理动态页面请求,在server{};中加入
- 在Apache.工作目录新建test.php
- 重启Nginx并测试
[root@nginx php5]#vim /usr/local/httpd/conf/nginx.conf
server {
.....
location ~ \.php$ {
proxy_ pass http://192.168.9.237:8080; //LAMP的IP地址
......
配置实例
开启两台Linux虚拟机,一台配置Nginx,一台配置LANM架构,客户端访问nginx网页时Nginx服务处理静态访问信息,LAMP处理动态访问信息,
- 首先在一台Linux系统中搭建lamp架构,这里使用yum安装lamp架构
yum install httpd httpd-devel -y
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
...//省略部分内容...
已安装:
httpd.x86_64 0:2.4.6-90.el7.centos httpd-devel.x86_64 0:2.4.6-90.el7.centos
...//省略部分内容...
完毕!
[root@localhost ~]# firewall-cmd --permanent --zone=public --add-service=http
success //配置防火墙允许http服务在公共区域通过
[root@localhost ~]# firewall-cmd --permanent --zone=public --add-service=https
success //配置防火墙允许https服务在公共区域通过
[root@localhost ~]# firewall-cmd --reload //重新加载防火墙
success
[root@localhost ~]# systemctl start httpd.service //启动http服务
- 在客户机访问httpd服务,看服务是否成功开启
- 安装mariadb(mariadb是MySQL的分支软件,功能与MySQL相同)
[root@localhost ~]# yum install mariadb mariadb-server mariadb-libs mariadb-devel -y
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
...//省略部分内容...
已安装:
mariadb.x86_64 1:5.5.64-1.el7 mariadb-devel.x86_64 1:5.5.64-1.el7
mariadb-server.x86_64 1:5.5.64-1.el7
完毕!
[root@localhost ~]# systemctl start mariadb //启动mariadb服务
[root@localhost ~]# netstat -ntap | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2519/mysqld
[root@localhost ~]# mysql_secure_installation //设置数据库
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): //询问是否给root用户设置密码,直接回车
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y //是否设置密码,输入y确认
New password: //输入密码
Re-enter new password: //再次输入密码
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] n //询问是否删除匿名用户,输入n,不删除
... skipping.
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n //询问是否拒绝root用户远程登录,输入n,不拒绝
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] n //询问是否删除测试数据库,输入n,不删除
... skipping.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y //询问是否重新加载数据库,输入y,重新加载
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB! //完成设置
- 安装PHP
[root@localhost ~]# yum -y install php //安装php服务
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
...//省略部分内容...
已安装:
php.x86_64 0:5.4.16-46.1.el7_7
...//省略部分内容...
完毕!
[root@localhost ~]# yum install php-mysql -y //安装php与mysql连接包
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* extras: ftp.sjtu.edu.cn
...//省略部分内容...
已安装:
php-mysql.x86_64 0:5.4.16-46.1.el7_7
作为依赖被安装:
php-pdo.x86_64 0:5.4.16-46.1.el7_7
完毕!
[root@localhost ~]# yum install -y php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel php-bcmath //安装php环境包
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
...//省略部分内容...
已安装:
libcurl-devel.x86_64 0:7.29.0-54.el7 php-bcmath.x86_64 0:5.4.16-46.1.el7_7
php-gd.x86_64 0:5.4.16-46.1.el7_7 php-ldap.x86_64 0:5.4.16-46.1.el7_7
php-mbstring.x86_64 0:5.4.16-46.1.el7_7 php-odbc.x86_64 0:5.4.16-46.1.el7_7
php-pear.noarch 1:1.9.4-21.el7 php-snmp.x86_64 0:5.4.16-46.1.el7_7
php-soap.x86_64 0:5.4.16-46.1.el7_7 php-xml.x86_64 0:5.4.16-46.1.el7_7
php-xmlrpc.x86_64 0:5.4.16-46.1.el7_7
...//省略部分内容...
完毕!
[root@localhost ~]# cd /var/www/html //进入网页站点
[root@localhost html]# vim index.php //编辑php网页内容
:wq
[root@localhost html]# systemctl restart httpd.service //重启http服务
- 在客户机中测试LAMP机构是否安装成功
安装Nginx
- 在另一台Linux系统中安装Nginx服务
[root@localhost ~]# hostnamectl set-hostname nginx //为了区分先更改Linux主机名称
[root@localhost ~]# su
[root@nginx ~]# //更改成功
[root@nginx nginx-1.12.2]# yum install gcc gcc-c++ make pcre-devel zlib-devel -y //安装环境包
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
...//省略部分内容...
已安装:
gcc.x86_64 0:4.8.5-39.el7 gcc-c++.x86_64 0:4.8.5-39.el7 pcre-devel.x86_64 0:8.32-17.el7
zlib-devel.x86_64 0:1.2.7-18.el7
...//省略部分内容...
完毕!
[root@nginx ~]# useradd -M -s /sbin/nologin nginx //创建程序用户
[root@nginx ~]# mount.cifs //192.168.100.10/lnmp /mnt/ //挂载宿主机源码包目录到mnt目录下
Password for root@//192.168.100.10/lnmp:
[root@nginx ~]# cd /mnt/ //进入mnt目录
[root@nginx mnt]# tar zvxf nginx-1.12.2.tar.gz -C /opt/ //解压源码包
...//省略部分内容...
nginx-1.12.2/auto/cc/msvc
nginx-1.12.2/auto/cc/name
nginx-1.12.2/auto/cc/owc
nginx-1.12.2/auto/cc/sunc
[root@nginx mnt]# cd /opt/nginx-1.12.2/ //进入解压的nginx文件目录
[root@nginx nginx-1.12.2]# ./configure \ //配置nginx
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
...//省略部分内容...
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp
[root@nginx nginx-1.12.2]# make && make install //制作安装nginx
...//省略部分内容...
test -d '/usr/local/nginx/html' \
|| cp -R html '/usr/local/nginx'
test -d '/usr/local/nginx/logs' \
|| mkdir -p '/usr/local/nginx/logs'
make[1]: 离开目录“/opt/nginx-1.12.2”
[root@nginx nginx-1.12.2]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/ //创建软连接文件到系统命令目录
[root@nginx nginx-1.12.2]# cd /lib/systemd/system //进入system管理目录
[root@nginx system]# vim nginx.service //编辑nginx启动脚本文件
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/bin/kill -s HUP $MAINPID
ExecStop=/usr/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
:wq
[root@nginx system]# chmod 754 nginx.service //添加执行权限
[root@nginx system]# systemctl start nginx.service //启动服务
[root@nginx system]# systemctl stop firewalld.service //关闭防火墙
[root@nginx system]# setenforce 0 //关闭增强性安全功能
- 在客户机测试Nginx服务
配置动静分离
- 在nginx服务配置文件中开启功能,将动态访问转交给LAMP主机处理,以实现动静分离
[root@nginx system]# vim /usr/local/nginx/conf/nginx.conf
...//省略部分内容...
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
location ~ \.php$ { //开启此模块,并将IP地址更改为LAMP的主机,也就是将动态请求交给LAMP的主机处理
proxy_pass http://192.168.144.137;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
...//省略部分内容...
:wq
[root@nginx system]# systemctl stop nginx.service //关闭服务
[root@nginx system]# systemctl start nginx.service //重新启动服务
- 在客户测试动静分离是否成功
另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
本文标题:nginx动静分离-创新互联
转载注明:http://cdiso.cn/article/ighee.html