nginx
前臺服務器并發大
安裝nginx
useradd –s /sbin/nologin nginx
tar xf nginx-xxx.tar.gz
yum install –y gcc pcre-devel openssl-devel
./configure --prefix=/etc/nginx --user=nginx --group=nginx --with-http_ssl_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
1 nginx path prefix: "/etc/nginx" 2 3 nginx binary file: "/etc/nginx/sbin/nginx" 4 5 nginx modules path: "/etc/nginx/modules" 6 7 nginx configuration prefix: "/etc/nginx/conf" 8 9 nginx configuration file: "/etc/nginx/conf/nginx.conf" 10 11 nginx pid file: "/etc/nginx/logs/nginx.pid" 12 13 nginx error log file: "/var/log/nginx/error.log" 14 15 nginx http access log file: "/var/log/nginx/access.log" 16 17 nginx http client request body temporary files: "client_body_temp" 18 19 nginx http proxy temporary files: "proxy_temp" 20 21 nginx http fastcgi temporary files: "fastcgi_temp" 22 23 nginx http uwsgi temporary files: "uwsgi_temp" 24 25 nginx http scgi temporary files: "scgi_temp" 26 27 make && make install
?
注意:默認該軟件不提供啟動腳本
? ?
nginx配置文件及目錄
/etc/nginx????????安裝目錄
/etc/nginx/conf/nginx.conf????????主配置文件
/etc/nginx/html????????網頁目錄
/etc/nginx/logs????????日志文件
sbin/nginx????????啟動腳本
? ?
啟動nginx服務
-v????查看nginx
-V????查看編譯參數
-t????測試默認配置文件
-c????指定配置文件
?
[root@localhost sbin]# ./nginx -v
nginx version: nginx/1.10.1
[root@localhost sbin]# ./nginx -V
nginx version: nginx/1.10.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC)
built with OpenSSL 1.0.0-fips 29 Mar 2010
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --user=nginx --group=nginx --with-http_ssl_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
[root@localhost sbin]# ./nginx -t
nginx: the configuration file /etc/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/conf/nginx.conf test is successful
?
停止nginx
格式:pkill/kill????信號????進程名/pid號
常用信號
TERM,INT????快速關閉
QUIT????從容關閉,關閉主進程順便關閉工作子進程
HUP????重載配置用新的配置????????相當于服務reload,服務不關閉,重新讀取配置文件
kill -HUP `cat /var/run/nginx.pid`
USR1????重新打開日志文件
USR2????平滑升級可執行程序????????服務不關閉,升級程序
WINCH????從容關閉工作進程,不會立即關閉子進程
? ?
可使用kill –l 查看
kill????PID????????默認是????15) SIGTERM
kill????-9????為????9) SIGKILL????
ctrl+c????為????2) SIGINT
? ?
/usr/local/nginx/sbin/nginx????????開啟服務
/usr/local/nginx/sbin/nginx –s stop????關閉服務
? ?
升級nginx
[root@localhost sbin]# /etc/nginx/sbin/nginx -V
nginx version: nginx/1.10.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC)
built with OpenSSL 1.0.0-fips 29 Mar 2010
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --user=nginx --group=nginx --with-http_ssl_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
?
tar xf nginx-xxx1.tar.gz
./configure --prefix=/etc/nginx --user=nginx --group=nginx --with-http_ssl_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
make
cd /etc/nginx/sbin
mv nginx nginxold????備份以前版本的nginx程序
cd nginx/objs????打開新版本的nginx目錄下的objs
[root@localhost nginx-1.11.4]# cp objs/nginx /etc/nginx/sbin/nginx????復制新版本的nginx程序
cd ..
make upgrade
[root@localhost ~]# /etc/nginx/sbin/nginx -v
nginx version: nginx/1.11.4
?
主配置選項:
1 user nginx 進程所有者 2 3 worker_processes 1; 啟動進程數量,(推薦:最好等于CPU核心的數量) 4 5 error_log /var/log/nginx/error.log; 日志文件 6 7 pid /var/run/nignx.pid; PID文件 8 9 events { 10 11 use epoll; 12 13 worker_connections 1024; 單個進程最大并發量 14 15 } 16 17 keepalive_timeout 65 保持連接,超時時間 18 19 tcp_nodelay on; 禁用nagle 禁用延遲.無等待(要求并發量高,設置) 20 21 gzip on; 開啟gzip壓縮 提高速度 22 23 gzip_min_length 1000; 最小壓縮文件大小 24 25 gzip_disable "MISE[1-6]\.(?!.*SV1)"; 針對IE禁用gzip 26 27 28 29 server{ 定義虛擬主機 30 31 listen 80; 32 33 server_name web1.myweb.com; 34 35 location / { 發布目錄 相當于http://192.168.100.100/根下 36 37 root html; 38 39 index index.html index.htm index.php; 40 41 allow 192.168.100.101; 只允許192.168.100.101訪問 42 43 deny all; 44 45 auth_basic "auth-domain"; //開啟賬戶驗證 46 47 auth_basic_user_file /usr/local/nginx/conf/user.list; //指定賬戶及密碼的保存文件路徑 48 49 } 50 51 }
?
? ?
創建密碼文件:
yum install -y
yum whatprovides /usr/bin/htpasswd ????????查看這條命令來自哪個包
htpasswd –c /etc/nginx/conf/user.list 用戶名????第一次創建加-c選項 下次創建用戶無需加c
htpasswd /etc/nginx/conf/user.list用戶名
可以對密碼進行加密
htpasswd –cm /usr/local/nginx/conf/ user.list 用戶名
? ?
?
啟動腳本(簡單實現功能,以后會改善)
1 #!/bin/bash 2 3 # chkconfig: - 85 15 4 5 case "$1" in 6 7 start) 8 9 /etc/nginx/sbin/nginx 10 11 echo "$0:nginx ok..." 12 13 ;; 14 15 stop) 16 17 /etc/nginx/sbin/nginx -s stop 18 19 #kill -INT `cat /var/run/nginx.pid` 20 21 echo "$0:nginx stop..." 22 23 ;; 24 25 reload) 26 /etc/nginx/sbin/nginx -s reload 27 #kill -HUP `cat /var/run/nginx.pid` 28 29 echo "$0:nginx reload..." 30 31 ;; 32 33 *) 34 35 echo "$0:start|stop|restart|reload" 36 37 esac
?
?
虛擬主機
1 server{ 2 3 listen 80; 4 5 server_name www.web1.com; 6 7 location / { 8 9 root web1; 10 11 index index.html index.htm; 12 13 } 14 15 } 16 17 server{ 18 19 listen 80; 20 21 server_name www.web2.com; 22 23 location / { 24 25 root web2; 26 27 index index.html; 28 29 }
?
?
基于SSL的網站
加密算法:對稱加密,非對稱加密
基于SSL的網站基于非對稱加密算法
需要生產:私鑰、證書
生產私鑰和證書
# openssl genrsa -out cert.key 2048????????????
生成密鑰,gen后面是RSA算法,cret.key是文件名字
# openssl req -new -x509 -key cert.key -out cert.pem????用私鑰生成證書
[root@localhost nginx]# ls cert.*
cert.key cert.pem
?
# cp cert.* /etc/nginx/conf 默認放在nginx/conf目錄下
?配置文件
?
1 keepalive_timeout 65;2 gzip on;3 gzip_min_length 1000;4 gzip_disable "MISE[1-6]\.(?!.*SV1)";5 server{6 listen 80;7 server_name www.web1.com;8 location / {9 root web1; 10 index index.html index.htm; 11 # auth_basic "auth-domain"; 12 # auth_basic_user_file /etc/nginx/conf/user.list; 13 } 14 } 15 16 #user nobody; 17 user nginx; 18 worker_processes 1; 19 error_log /var/log/nginx/error.log; 20 #error_log logs/error.log notice; 21 #error_log logs/error.log info; 22 pid /var/run/nginx.pid; 23 events { 24 use epoll; 25 worker_connections 1024; 26 } 27 http { 28 include mime.types; 29 default_type application/octet-stream; 30 #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 31 # '$status $body_bytes_sent "$http_referer" ' 32 # '"$http_user_agent" "$http_x_forwarded_for"'; 33 #access_log logs/access.log main; 34 sendfile on; 35 tcp_nopush on; 36 #keepalive_timeout 0; 37 server{ 38 listen 80; 39 server_name www.web2.com; 40 location / { 41 root web2; 42 index index.html; 43 } 44 } 45 46 server { 47 listen 443; 48 server_name www.web3.com; 49 ssl on; 50 ssl_certificate cert.pem; 51 ssl_certificate_key cert.key; 52 location / { 53 root web3; 54 index index.html; 55 }} 56 server { 57 listen 443; 58 server_name www.web4.com; 59 ssl on; 60 ssl_certificate /etc/nginx/ssl/test.pem; 61 ssl_certificate_key /etc/nginx/ssl/test.key; 62 location / { 63 root web4; 64 index index.html; 65 } 66 } 67 }
?
nginx反向代理
優勢:調度快,調試機制豐富
缺點:ACL訪問控制簡單(沒有SQUID功能多),緩存機制
主服務配置文件
upstream test {server 192.168.100.101;server 192.168.100.102; } server {listen 80;server_name www.test.com;location / {proxy_pass http://test; } }
?
其他兩臺192.168.100.101和102,開啟WEB服務即可
?客戶端驗證
這是輪詢訪問
?
nginx目前支持4種分配方式
輪詢(默認)逐一手循環調度
weight指定輪詢機率,權重值和訪問比率正比
ip_hash每個請求根據訪問IP分配一個固定t后端服務器
fair按后端服務器響應時間短的優先分配
狀態類型
down:表示當前server暫時不參與負載
max_fails:允許請求失敗的次數(默認為1)
fail_timeout:max_fails次失敗后,暫停提供服務時間
backup:備份服務器
?
當server 192.168.100.101 weight=2;改為
驗證
?
1 upstream test { 2 ip_hash; 給同一用戶分配固定服務器 3 server 192.168.100.101 weight=2;權重為2 4 server 192.168.100.102 max_fails=2 fail_timeout=30;如何該地址有三次連接失敗,則宕機30秒 5 server 192.168.100.103 down; 宕機服務器 6 server 192.168.100.104 backup;備份服務器 (當前面的服務器都宕機才會啟用) 7 } 8 server { 9 listen 80; 10 server_name www.test.com; 11 location / { 12 proxy_pass http://test; 13 } 14 }
?
分享與總結)
![tornado post第3方_[33]python-Web-框架-Tornado](http://pic.xiahunao.cn/tornado post第3方_[33]python-Web-框架-Tornado)
)
 - 彩色圖像處理1 - RGB彩色模型,RGB to Gray,CMK和CMYK彩色模型,HSI彩色模型)
 - 彩色圖像處理2 - 灰度分層(灰度分割)和彩色編碼,灰度值到彩色變換,Gray to RGB)
