Nginx 动静分离介绍
1.Nginx 的静态处理能力很强, 但是动态处理不足, 因此, 在企业中常用动静分离技术
2. 针对 PHP 的动静分离
静态页面交给 Nginx 处理
动态页面交给 PHP+FPM 模块或 Apache 处理
3. 在 Nginx 的配置中, 是通过 location 配置段配合正则匹配实现静态与动态页面的不同处理方式
反向代理原理
1.Nginx 不仅能作为 web 服务器, 还具有反向代理, 负载均衡和缓存的功能
2.Nginx 通过 proxy 模块实现将客户端的请求代理至, 上游服务器, 此时 nginx 与. 上游服务器的连接是通过 http 协议进行的
3.Nginx 在实现反向代理功能时的最重要指令为 proxy_pass, 它能够并能够根据 URI, 客户端参数或其它的处理逻辑将用户请求调度至, 上游服务器
配置 Nginx 实现动静分离
1. 本案例根据企业需要, 将配置 Nginx 实现动静分离, 对 PHP 页面的请求转发给 LAMP 处理, 而静态页面交给 Nginx 处理, 以实现动静分离
2. 架构如图所示:
配置步骤:
1. 配置 Nginx 处理动态页面请求, 在 server{}; 中加入
2. 在 Apache. 工作目录新建 test.PHP
3. 重启 Nginx 并测试
- [root@nginx php5]#VIM /usr/local/httpd/conf/nginx.conf
- server {
- .....
- location ~ \.PHP$ {
- proxy_pass http://192.168.9.237:8080;
- ...... //LAMP 的 IP 地址
Demo:
环境准备: 两台 CentOS 7, 其中 7-3 做为 lamp,7-4 做为 nginx
第一步: 安装 httpd
- [root@localhost ~]# yum install httpd httpd-devel -y
- [root@localhost ~]# firewall-cmd --permanent --zone=public --add-service=http
- success
- [root@localhost ~]# firewall-cmd --permanent --zone=public --add-service=https
- success
- [root@localhost ~]# firewall-cmd --reload
- success
- [root@localhost ~]# systemctl start httpd
此时可以使用宿主机访问 Apache 的主页如下图所示:
第二步: 安装 mariadb 数据库 (快捷轻量化的数据库)
- [root@lamp ~]# yum install mariadb mariadb-server mariadb-libs mariadb-devel -y
- [root@lamp ~]# systemctl start mariadb
- [root@lamp ~]# systemctl start mariadb
- [root@lamp ~]# netstat -ntap | grep 3306
- tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 16836/mysqld
- [root@lamp ~]# mysql_secure_installation // 对数据库进行设置
- NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
- SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
- In order to log into MariaDB to secure it, we'll need the current
- password for the root user. If you've just installed MariaDB, and
- you haven't set the root password yet, the password will be blank,
- so you should just press enter here.
- Enter current password for root (enter for none): // 给 root 管理员设定密码, 直接回车
- OK, successfully used password, moving on...
- Setting the root password ensures that nobody can log into the MariaDB
- root user without the proper authorisation.
- Set root password? [Y/n] y // 是否设置, 选择 yes
- New password: // 输入新密码
- Re-enter new password: // 重复输入新密码
- Password updated successfully!
- Reloading privilege tables..
- ... Success!
- By default, a MariaDB installation has an anonymous user, allowing anyone
- to log into MariaDB without having to have a user account created for
- them. This is intended only for testing, and to make the installation
- go a bit smoother. You should remove them before moving into a
- production environment.
- Remove anonymous users? [Y/n] n // 是否删除匿名用户, 选择 no
- ... skipping.
- Normally, root should only be allowed to connect from 'localhost'. This
- ensures that someone cannot guess at the root password from the network.
- Disallow root login remotely? [Y/n] n // 是否拒绝 root 用户远程登陆, 选择 no
- ... skipping.
- By default, MariaDB comes with a database named 'test' that anyone can
- access. This is also intended only for testing, and should be removed
- before moving into a production environment.
- Remove test database and access to it? [Y/n] n // 是否删除测试数据库, 选择 no
- ... skipping.
- Reloading the privilege tables will ensure that all changes made so far
- will take effect immediately.
- Reload privilege tables now? [Y/n] y // 是否加载权限列表, 选择 yes
- ... Success!
- Cleaning up...
- All done! If you've completed all of the above steps, your MariaDB
- installation should now be secure.
- Thanks for using MariaDB!
第三步: 安装 PHP
- [root@lamp ~]# yum install PHP -y
- [root@lamp ~]# yum install PHP-MySQL -y
- [root@lamp ~]# yum install -y PHP-gd PHP-ldap PHP-odbc PHP-Pear PHP-xml PHP-xmlrpc PHP-mbstring PHP-snmp PHP-SOAP curl curl-devel PHP-bcmath
- [root@lamp ~]# cd /var/www/html/
- [root@lamp HTML]# ls
- [root@lamp HTML]# VIM index.PHP
- <?PHP
- phpinfo();
- ?>
输入: wq 保存退出
[root@lamp HTML]# systemctl restart httpd.service
这时在宿主机的浏览器中输入地址: http://192.168.18.128/index.php, 就可以访问到 lamp 的 PHP 主页
测试准备:
- [root@lamp HTML]# VIM index.PHP
- <?PHP
- echo "apache web !"
- ?>
输入: wq 保存退出
此时 http://192.168.18.128/index.php 这个地址上显示的内容如下:
Nginx 上的操作:
- [root@nginx ~]# mkdir /aaa
- [root@nginx ~]# mount.cifs //192.168.10.193/rpm /aaa
- Password for root@//192.168.10.193/rpm:
- [root@nginx ~]# cd /aaa
- [root@nginx aaa]# ls
- apr-1.6.2.tar.gz error.PNG nginx-1.12.2.tar.gz
- apr-util-1.6.0.tar.gz httpd-2.4.29.tar.bz2 PHP-7.1.10.tar.bz2
- awstats-7.6.tar.gz lf.jpg PHP-7.1.20.tar.gz
- cronolog-1.6.2-14.el7.x86_64.rpm MySQL-5.6.26.tar.gz
- Discuz_X3.4_SC_UTF8.zip MySQL-boost-5.7.20.tar.gz
- [root@nginx aaa]# tar zxvf nginx-1.12.2.tar.gz -C /opt/
- [root@nginx aaa]# cd /opt
- [root@nginx opt]# ls
- nginx-1.12.2 rh
- [root@nginx opt]# cd nginx-1.12.2/
- [root@nginx nginx-1.12.2]# useradd -M -s /sbin/nologin nginx
- [root@nginx nginx-1.12.2]# yum install gcc gcc-c++ pcre-devel zlib-devel -y
- [root@nginx nginx-1.12.2]# ./configure \
- --prefix=/usr/local/nginx \
- --user=nginx \
- --group=nginx \
- --with-http_stub_status_module
- [root@nginx nginx-1.12.2]# make && make install
- [root@nginx nginx-1.12.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
- [root@nginx nginx-1.12.2]# VIM /etc/init.d/nginx
- #!/bin/bash
- # chkconfig: - 99 20
- # description: Nginx Service Control Script
- PROG="/usr/local/nginx/sbin/nginx"
- PIDF="/usr/local/nginx/logs/nginx.pid"
- case "$1" in
- start)
- $PROG
- ;;
- stop)
- kill -s QUIT $(cat $PIDF)
- ;;
- restart)
- $0 stop
- $0 start
- ;;
- reload)
- kill -s HUP $(cat $PIDF)
- ;;
- *)
- echo "Usage: $0 {start|stop|restart|reload}"
- exit 1
- esac
- exit 0
输入: wq 保存退出
- [root@nginx nginx-1.12.2]# chmod +x /etc/init.d/nginx
- [root@nginx nginx-1.12.2]# chkconfig --add nginx
- [root@nginx nginx-1.12.2]# yum install elinks -y
- [root@nginx nginx-1.12.2]# service nginx start
- [root@nginx nginx-1.12.2]# netstat -ntap | grep 80
- tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 42028/nginx: master
- [root@nginx nginx-1.12.2]# systemctl stop firewalld.service
- [root@nginx nginx-1.12.2]# setenforce 0
- root@nginx nginx-1.12.2]# elinks http://192.168.18.136/
此时得到如下界面, 可按 q, 选择 yes, 回车退出
此时在宿主机输入: http://192.168.18.136/index.html 这个网址, 会得到以下界面
此时如果输入: http://192.168.18.136/index.php 则无法处理, 得到如下界面:
第四步: 做转发处理:
- [root@nginx nginx-1.12.2]# VIM /usr/local/nginx/conf/nginx.conf
- location ~ \.PHP$ {
- proxy_pass http://192.168.18.128;
- }
- # 以上内容意思为: 动态请求转交给谁去处理
- # 我们找到以上内容将前面的注释去掉, 并将其中的 IP 地址改为另外一台 7-3 的地址
输入: wq 保存退出
- [root@nginx nginx-1.12.2]# service nginx stop
- [root@nginx nginx-1.12.2]# service nginx start
此时输入: http://192.168.18.136/index.php 这个网址可以得到如下界面:
因为此处交给 Apache 去处理 PHP 的请求
结论: 后缀为 HTML 就是静态元素, 后缀为 PHP 就是动态元素, 地址是不用改变的, 因为我们在其中做了转发处理! 动静分离实验成功!
来源: http://blog.51cto.com/14464303/2450076