Nginx企业级使用1(运维笔记)
Nginx企业级使用1(运维笔记)
重装和升级
信号参数
Kill 选项参数 pid
##关闭nginx
##快速关闭
kill -INT pid
##优雅关闭
kill -QUIT pid##实操##
[root@server01 ~]# ps -ef|grep nginx
root 1668 1 0 11:09 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 1820 1668 0 11:49 ? 00:00:00 nginx: worker process
root 1896 1839 0 12:14 pts/0 00:00:00 grep --color nginx
[root@server01 ~]# kill -TERM 1668 #快速关闭 作用于master
[root@server01 ~]# ps -ef|grep nginx
root 1898 1839 0 12:15 pts/0 00:00:00 grep --color nginx
[root@server01 ~]# service nginx start
正在启动 nginx: [确定]
[root@server01 ~]# ps -ef|grep nginx
root 1951 1 0 12:15 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 1953 1951 0 12:15 ? 00:00:00 nginx: worker process
root 1955 1839 0 12:15 pts/0 00:00:00 grep --color nginx
[root@server01 ~]# kill -INT 1953 #快速退出
[root@server01 ~]# ps -ef|grep nginx
root 1951 1 0 12:15 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 1956 1951 0 12:16 ? 00:00:00 nginx: worker process
root 1958 1839 0 12:16 pts/0 00:00:00 grep --color nginx
[root@server01 ~]# kill -QUIT 1951 #优雅关闭
[root@server01 ~]# ps -ef|grep nginx
root 1960 1839 0 12:17 pts/0 00:00:00 grep --color nginx
重新安装
平滑升级
-
升级软件版本,需要启动新版本,无法启动(端口占用)
-
旧版本不先停,新的又可以运行
-
新旧版本同时提供服务,旧的请求完成后,停掉旧进程
-
-USR2平滑启动一个进程(平滑升级)-WINCH优雅关闭子进程 -QUIT优雅关闭主进程
上传新版本
[root@server01 ~]# ps -ef|grep nginx #旧版本启动
root 2027 1 0 12:31 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 2029 2027 0 12:31 ? 00:00:00 nginx: worker process
root 2034 1839 0 12:31 pts/0 00:00:00 grep --color nginx
[root@server01 ~]# cd soft
[root@server01 soft]# ls
mysql-5.6.33 nginx-1.14.2 php-7.2.12
mysql-5.6.33.tar.gz nginx-1.14.2.tar.gz php-7.2.12.tar.gz
mysql_install.sh nginx_install.sh php_install.sh
[root@server01 soft]# ls #上传新版本nginx1.16.0
mysql-5.6.33 nginx-1.14.2 nginx_install.sh php_install.sh
mysql-5.6.33.tar.gz nginx-1.14.2.tar.gz php-7.2.12
mysql_install.sh nginx-1.16.0.tar.gz php-7.2.12.tar.gz#解压 配置 编译 安装
tar xvf nginx-1.16.0.tar.gz
cd nginx-1.16.0
./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module
make install
#(执行完之后也可以直接执行make upgrade 不需要一步一步执行下方命令)#上述操作完成 ,旧版本备份为nginx.old
[root@server01 nginx-1.16.0]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp fastcgi_temp logs sbin uwsgi_temp
conf html proxy_temp scgi_temp
[root@server01 nginx]# cd sbin/
[root@server01 sbin]# ls
nginx nginx.old [root@server01 sbin]# ./nginx -v
nginx version: nginx/1.16.0
[root@server01 sbin]# ./nginx.old -v
nginx version: nginx/1.14.2#新旧版本同时进行
[root@server01 sbin]# ps -ef |grep nginx
root 2027 1 0 12:31 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 2029 2027 0 12:31 ? 00:00:00 nginx: worker process
root 4666 1839 0 12:40 pts/0 00:00:00 grep --color nginx
[root@server01 sbin]# kill -USR2 2027
[root@server01 sbin]# ps -ef |grep nginx
root 2027 1 0 12:31 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 2029 2027 0 12:31 ? 00:00:00 nginx: worker process
root 4667 2027 0 12:41 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 4668 4667 0 12:41 ? 00:00:00 nginx: worker process
root 4670 1839 0 12:41 pts/0 00:00:00 grep --color nginx[root@server01 sbin]# kill -WINCH 2029 #杀死旧子进程
[root@server01 sbin]# ps -ef |grep nginx
root 2027 1 0 12:31 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
root 4667 2027 0 12:41 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 4668 4667 0 12:41 ? 00:00:00 nginx: worker process
www 4671 2027 0 12:42 ? 00:00:00 nginx: worker process
root 4673 1839 0 12:42 pts/0 00:00:00 grep --color nginx
[root@server01 sbin]# kill -QUIT 2027 #一键杀死旧进程
[root@server01 sbin]# ps -ef |grep nginx
root 4667 1 0 12:41 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www 4668 4667 0 12:41 ? 00:00:00 nginx: worker process
root 4675 1839 0 12:43 pts/0 00:00:00 grep --color nginx
配置文件
[root@server01 ~]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp conf fastcgi_temp html logs proxy_temp sbin scgi_temp uwsgi_temp
[root@server01 nginx]# cd conf
[root@server01 conf]# cat nginx.conf #查看配置文件#user nobody; #nginx启动用户
worker_processes 1; #子进程数量 一般为cpu核数或者倍数
#错误日志定义
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;#pid logs/nginx.pid;events {#每个子进程的连接数 nginx当前并发量 worker_processes * worker_connectionsworker_connections 1024;
}#http协议段
http {#引入 文件扩展名和与文件类型映射表include mime.types;#默认文件类型 default_type application/octet-stream;#访问日志access.log的格式#log_format main '$remote_addr - $remote_user [$time_local] "$request" '# '$status $body_bytes_sent "$http_referer" '# '"$http_user_agent" "$http_x_forwarded_for"';#access_log logs/access.log main;#linux内核 提供文件读写的机制sendfile on;#tcp_nopush on;#keepalive_timeout 0;#长连接超时时间 单位为skeepalive_timeout 65;#gzip on;server {#监听端口listen 80;#域名 可以有多个 用空格分隔server_name localhost;#charset koi8-r;#access_log logs/host.access.log main;root html;location / {#默认访问的网站路径# root html;#默认访问页面 从前往后的顺序查找 index index.html index.htm;}#error_page 404 /404.html;# redirect server error pages to the static page /50x.html#error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}# proxy the PHP scripts to Apache listening on 127.0.0.1:80##location ~ \\.php$ {# proxy_pass http://127.0.0.1;#}# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000#location ~ \\.php$ {# root html;fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}# deny access to .htaccess files, if Apache's document root# concurs with nginx's one##location ~ /\\.ht {# deny all;#}}# another virtual host using mix of IP-, name-, and port-based configuration##server {# listen 8000;# listen somename:8080;# server_name somename alias another.alias;# location / {# root html;# index index.html index.htm;# }#}# HTTPS server##server {# listen 443 ssl;# server_name localhost;# ssl_certificate cert.pem;# ssl_certificate_key cert.key;# ssl_session_cache shared:SSL:1m;# ssl_session_timeout 5m;# ssl_ciphers HIGH:!aNULL:!MD5;# ssl_prefer_server_ciphers on;# location / {# root html;# index index.html index.htm;# }#}}
递进关系 http > server > location
自定义一个错误页面
[root@server01 ~]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp conf fastcgi_temp html logs proxy_temp sbin scgi_temp uwsgi_temp
[root@server01 nginx]# cd html
[root@server01 html]# ls
50x.html index.html index.php
[root@server01 html]# vim 404.html
[root@server01 html]# cat 404.html
oh! 404 #编辑配置文件
[root@server01 html]# cd ..
[root@server01 nginx]# cd conf/
[root@server01 conf]# vim nginx.conf#在server里添加或者去掉注释 error_page 404 /404.html;
访问不存在的页面就会出现此页面
企业常见配置
基于域名的虚拟主机配置
[root@server01 conf]# ls
fastcgi.conf koi-utf nginx.conf uwsgi_params
fastcgi.conf.default koi-win nginx.conf.default uwsgi_params.default
fastcgi_params mime.types scgi_params win-utf
fastcgi_params.default mime.types.default scgi_params.default
[root@server01 conf]# vim nginx.conf #文件添加server{listen 80;#监听端口server_name shop.lnmp.com;#域名root html/tp5shop; #寻找路径index index.html;}#重启服务
[root@server01 conf]# service nginx reload
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
重新载入 nginx: [确定]
[root@server01 conf]# cd ..
[root@server01 nginx]# cd html/
[root@server01 html]# ls
404.html 50x.html index.html index.php
[root@server01 html]# mkdir tp5shop #创建配置目录
[root@server01 html]# cd tp5shop/
[root@server01 tp5shop]# vim index.html#新建index.html
[root@server01 tp5shop]# cat index.html
shop.lnmp.com#使用windows访问 解析域名
PS C:\\WINDOWS\\system32\\drivers\\etc> tree /f
卷 系统 的文件夹 PATH 列表
卷序列号为 09C1-B27D
C:.hostshosts.icslmhosts.samnetworksprotocolservices没有子文件夹#编辑hosts文件添加
#你自己的ip地址 域名
192.168.126.139 shop.lnmp.com#查看连通性PS C:\\Users\\Rkun18> ping shop.lnmp.com正在 Ping shop.lnmp.com [192.168.126.139] 具有 32 字节的数据:
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间=1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64192.168.126.139 的 Ping 统计信息:数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):最短 = 0ms,最长 = 1ms,平均 = 0ms
#新建php文件
[root@server01 tp5shop]# pwd
/usr/local/nginx/html/tp5shop
[root@server01 tp5shop]# vim index.php
[root@server01 tp5shop]# cat index.php
<?php
echo 'shop site by php';#不能解析php文件在nginx.conf里新建的server里编辑内容server{listen 80;server_name shop.lnmp.com;root html/tp5shop;index index.html;location ~ \\.php$ {fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}}#访问
http://shop.lnmp.com/index.php
#成功访问
基于端口的配置
[root@server01 ~]# vim /usr/local/nginx/conf/nginx.conf
#修改端口
server{listen 5210;server_name shop.lnmp.com;root html/tp5shop;index index.html;location ~ \\.php$ {fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}}#重载
[root@server01 ~]# service nginx reload
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
重新载入 nginx: #查看端口
[root@server01 ~]# netstat -nltp|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1676/nginx
tcp 0 0 0.0.0.0:5210 0.0.0.0:* LISTEN 1676/nginx
#无法访问
http://shop.lnmp.com/index.php
#加端口5210
http://shop.lnmp.com:5210/index.php
成功访问!
基于IP访问
#临时绑定IP
ifconfig eth0:1 192.168.126.140
#查看IP是否绑定成功
ip a##实操##
[root@server01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:19:47:98 brd ff:ff:ff:ff:ff:ffinet 192.168.126.139/24 brd 192.168.126.255 scope global eth0inet6 fe80::20c:29ff:fe19:4798/64 scope linkvalid_lft forever preferred_lft forever
[root@server01 ~]# ifconfig eth0:1 192.168.126.140
[root@server01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:19:47:98 brd ff:ff:ff:ff:ff:ffinet 192.168.126.139/24 brd 192.168.126.255 scope global eth0inet 192.168.126.140/24 brd 192.168.126.255 scope global secondary eth0:1inet6 fe80::20c:29ff:fe19:4798/64 scope linkvalid_lft forever preferred_lft forever #在nginx配置文件里新建一个server
[root@server01 ~]# vim /usr/local/nginx/conf/nginx.confserver {listen 80;server_name 192.168.126.140;root html/ip;}#建立测试目录cd /usr/local/nginx/htmlmkdir ipecho "ip site" >> index.html#通过浏览器访问
http://192.168.126.140/
上线商城项目
#上传项目源代码 (随意位置)这里我使用MobaXterm 上传文件很方便cd /usr/local/nginx/html[root@server01 ~]# cd /usr/local/nginx/html
[root@server01 html]# ls
404.html index.html ip tp5shop.zip
50x.html index.php tp5shop tpshop.sql
[root@server01 html]# mv tp5shop tp5shop_bak #把之前的目录删除或者做一个备份
[root@server01 html]# ls
404.html index.html ip tp5shop.zip
50x.html index.php tp5shop_bak tpshop.sql#把项目压缩包解压unzip tp5shop.zip#解压后
[root@server01 html]# ls
404.html index.html ip tp5shop_bak tpshop.sql
50x.html index.php tp5shop tp5shop.zip
[root@server01 html]# cd tp5shop
[root@server01 tp5shop]# ls
application composer.json extend public runtime thinkphp
build.php composer.lock LICENSE.txt README.md think vendor #设置基本信息vim /usr/local/nginx/conf/nginx.conf#在配置文件中配置server虚拟主机段server {listen 80;server_name shop.lnmp.com;#tp5shop商城项目基于thinkphp5框架开发,需要绑定默认网站目录为publicroot html/tp5shop/public;index index.html;location ~ \\.php$ {# root html;fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}
}#每次配置完记得重启配置service nginx reload
访问:http://shop.lnmp.com/
403 Forbidden
nginx/1.16.0
错误原因
-
默认访问index.html 刚才配置public目录下没有该文件
-
没有index.html就会列出目录结构 ,但没有权限列出
#设置基本信息vim /usr/local/nginx/conf/nginx.conf#在配置文件中配置server虚拟主机段server {listen 80;server_name shop.lnmp.com;#tp5shop商城项目基于thinkphp5框架开发,需要绑定默认网站目录为publicroot html/tp5shop/public;
#默认index.php添加index index.php index.html;location ~ \\.php$ {# root html;fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}
}#重载配置
连接数据库导入数据
[root@server01 ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \\g.
Your MySQL connection id is 3
Server version: 5.6.33 Source distributionCopyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
#当前数据库
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec) #创建数据库
mysql > create database tp5shop;
#使用数据库
mysql > use tp5shop;
#通过sql文件导入恢复数据
mysql > source /usr/local/nginx/html/tpshop.sql#修改项目的连接数据库配置文件
vim /usr/local/nginx/html/tp5shop/application/database.php return [// 数据库类型'type' => 'mysql',// 服务器地址'hostname' => '127.0.0.1',// 数据库名'database' => 'tp5shop',// 用户名'username' => 'root',// 密码'password' => '你自己设置的密码',// 端口'hostport' => '3306',
访问shop.lnmp.com
遇到问题:项目需要在runtime文件夹中写入缓存信息(需要写权限)
-
nginx 读取静态文件 用户www
-
php-fpm 读取、写入、解析php文件 用户www
-
把runtime目录的所属关系赋予www
cd /usr/local/nginx/html/tp5shopchown -R www:www runtime/##[root@server01 ~]# cd /usr/local/nginx/html/tp5shop
[root@server01 tp5shop]# ls
application composer.json extend public runtime thinkphp
build.php composer.lock LICENSE.txt README.md think vendor
[root@server01 tp5shop]# ll
总用量 68
drwxr-xr-x 5 root root 4096 4月 20 18:43 application
-rw-r--r-- 1 root root 1124 4月 2 2018 build.php
-rw-r--r-- 1 root root 1051 4月 2 2018 composer.json
-rw-r--r-- 1 root root 18657 4月 2 2018 composer.lock
drwxr-xr-x 2 root root 4096 5月 7 2018 extend
-rw-r--r-- 1 root root 1854 4月 2 2018 LICENSE.txt
drwxr-xr-x 7 root root 4096 5月 7 2018 public
-rw-r--r-- 1 root root 5904 4月 2 2018 README.md
drwxr-xr-x 5 root root 4096 5月 7 2018 runtime
-rw-r--r-- 1 root root 770 4月 2 2018 think
drwxr-xr-x 5 root root 4096 5月 7 2018 thinkphp
drwxr-xr-x 7 root root 4096 5月 7 2018 vendor
[root@server01 tp5shop]# chown -R www:www runtime/
[root@server01 tp5shop]# ll
总用量 68
drwxr-xr-x 5 root root 4096 4月 20 18:43 application
-rw-r--r-- 1 root root 1124 4月 2 2018 build.php
-rw-r--r-- 1 root root 1051 4月 2 2018 composer.json
-rw-r--r-- 1 root root 18657 4月 2 2018 composer.lock
drwxr-xr-x 2 root root 4096 5月 7 2018 extend
-rw-r--r-- 1 root root 1854 4月 2 2018 LICENSE.txt
drwxr-xr-x 7 root root 4096 5月 7 2018 public
-rw-r--r-- 1 root root 5904 4月 2 2018 README.md
drwxr-xr-x 5 www www 4096 5月 7 2018 runtime
-rw-r--r-- 1 root root 770 4月 2 2018 think
访问shop.lnmp.com
基本部署完成
