Nginx反向代理、缓存服务器

Nginx反向代理、缓存服务器

一、 配置nginx反向代理、缓存服务器
1、配置基本环境
1）
配置基本环境centos01、02网站服务器、03nginx和缓存服务器



[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
GATEWAY=192.168.100.30
[[email protected] ~]# systemctl restart network
[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
GATEWAY=192.168.100.30
[[email protected] ~]# systemctl restart network

[[email protected] ~]# cp /etc/sysconfig/network-scripts/ifcfg-ens32 /etc/sysconfig/network-scripts/ifcfg-ens34
[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens34
NAME=ens33
DEVICE=ens34
IPADDR=192.168.200.254
NETMASK=255.255.255.0
[[email protected] ~]# systemctl restart network
[[email protected] ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[[email protected] ~]# sysctl -p
net.ipv4.ip_forward = 1
2）
两台网站服务器安装httpd
[[email protected] ~]# rm -rf /etc/yum.repos.d/CentOS-*
[[email protected] ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
[[email protected] ~]# yum -y install httpd
[[email protected] ~]# echo “www.benet.com” > /var/www/html/index.html
[[email protected] ~]# systemctl start httpd

[[email protected] ~]# rm -rf /etc/yum.repos.d/CentOS-*
[[email protected] ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
[[email protected] ~]# yum -y install httpd
[[email protected] ~]# echo “www.accp.com” > /var/www/html/index.html
[[email protected] ~]# systemctl start httpd
2、安装nginx
1）
安装依赖软件
[[email protected] ~]# rm -rf /etc/yum.repos.d/CentOS-*
[[email protected] ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
[[email protected] ~]# yum -y install pcre-devel zlib-devel
2）
创建管理nginx用户
[[email protected] ~]# useradd -M -s /sbin/nologin nginx
3）
解压缓存依赖工具
[[email protected] ~]# rz
z waiting to receive.*B0100000023be50

[[email protected] ~]# tar zxvf ngx_cache_purge-2.0.tar.gz -C /usr/src/
4）
配置nginx

[[email protected] ~]# umount /mnt/
[[email protected] ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
[[email protected] ~]# tar zxvf /mnt/nginx-1.6.0.tar.gz -C /usr/src/
[[email protected] nginx-1.6.0]# ./configure --prefix=/usr/local/nginx --user=nginx --with-http_stub_status_module --add-module=/usr/src/ngx_cache_purge-2.0
5）
编译安装nginx
[[email protected] nginx-1.6.0]# make && make install
6）
优化nginx命令
[[email protected] ~]# ln -s /usr/local/nginx/sbin/ /usr/local/sbin/
3、配置nginx缓存
1）
修改主配置文件
[[email protected] ~]# vim /usr/local/nginx/conf/nginx.conf
3 user nginx;
4 worker_processes 2;
13 events {
14 use epoll;
15 worker_connections 2048;
16 }
17 worker_rlimit_nofile 2048;
23 charset utf-8;
34 keepalive_timeout 10;
37 client_body_buffer_size 512k;
38 proxy_connect_timeout 10;
39 proxy_read_timeout 60;
40 proxy_send_timeout 5;
41 proxy_buffer_size 512k;
42 proxy_buffers 4 512k;
43 proxy_temp_file_write_size 512k;
44 proxy_temp_path /var/cache/nginx/cache_temp;
45 proxy_cache_path /var/cache/nginx/proxy_cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=10g;
46 upstream backend_server {
47 server 192.168.100.10:80 weight=1 max_fails=2 fail_timeout=30s;
48 server 192.168.100.20:80 weight=1 max_fails=2 fail_timeout=30s;
49 }
51 server {
52 listen 192.168.200.254:80;
53 server_name www.benet.com;
59 location / {
60 root html;
61 index index.html index.htm;
62 proxy_next_upstream http_502 http_504 error timeout;
63 proxy_cache cache_one;
64 proxy_cache_valid 200 304 12h;
65 proxy_cache_key $host$hosturi$is_args$isa​rgsargs;
66 proxy_set_header host $host;
67 proxy_set_header X-Forearded-for $remote_addr;
68 proxy_pass http://backend_server;
69 expires 1d;
70 }
71 location ~ /cheng(/.*) {
72 allow 127.0.0.1;
73 allow 192.168.200.0/24;
74 deny all;
75 proxy_cache_purge cache_one $host$1$1is_argsKaTeX parse error: Expected 'EOF', got '}' at position 18: …gs; 76 }̲ 77 loc… {
78 proxy_pass http://backend_server;
79 proxy_set_header X-Forearded-for $remote_addr;
80 }
2）
创建数据缓存目录
[[email protected] ~]# mkdir -p /var/cache/nginx/cache_temp
[[email protected] ~]# mkdir -p /var/cache/nginx/proxy_cache
3）
启动nginx
[[email protected] ~]# nginx
4、配置dns
1）
使用系统自带光盘

2）
安装dns
[[email protected] ~]# yum -y install bind bind-chroot bind-utils
3）
配置dns
[[email protected] ~]# echo “” > /etc/named.conf
[[email protected] ~]# vim /etc/named.conf
options {
listen-on port 53 { any; };
directory “/var/named/”;
};
zone “benet.com” IN {
type master;
file “benet.com.zone”;
};

[[email protected] ~]# vim /var/named/benet.com.zone
$TTL 86400
@ SOA benet.com. root.benet.com (
2020040610
1H
15M
1W
1D
)
@ NS centos03.benet.com.
centos03 A 192.168.200.254
www A 192.168.200.254
[[email protected] ~]# chmod +x /var/named/benet.com.zone
[[email protected] ~]# chown named:named /var/named/benet.com.zone
[[email protected] ~]# named-checkconf /etc/named.conf
[[email protected] ~]# named-checkzone benet.com /var/named/benet.com.zone
zone benet.com/IN: loaded serial 2020040610
OK
4）
启动dns
[[email protected] ~]# systemctl start named
[[email protected] ~]# systemctl enable named
5、客户端访问
1）
客户端配置IP地址

2）
客户端使用域名访问

3）
清空缓存停掉accp服务器访问
[[email protected] ~]# cd /var/cache/nginx/proxy_cache/
[[email protected] proxy_cache]# ls
0 b
[[email protected] proxy_cache]# rm -rf ./*
[[email protected] ~]# systemctl stop httpd

4）
访问清空缓存目录数据

六、配置nginx授权访问
1、配置客户端访问清空缓存目录数据进行身份验证
1）
安装httpd-tools工具
[[email protected] ~]# yum -y install httpd-tools
2）
生成身份验证文件
[[email protected] ~]# htpasswd -c /usr/local/nginx/.admin admin
New password:
Re-type new password:
Adding password for user admin
3）
修改配置文件
[[email protected] ~]# vim /usr/local/nginx/conf/nginx.conf
70 location ~ /cheng(/.*) {
71 allow 127.0.0.1;
72 allow 192.168.200.0/24;
73 auth_basic “secret”;
74 auth_basic_user_file /usr/local/nginx/.admin;
75 stub_status on;
76 access_log off;
77 deny all;
78 proxy_cache_purge cache_one $host$1$1is_args$args;
79 }
4）
重新启动nging
[[email protected] ~]# killall nginx
[[email protected] ~]# nginx
5）
客户端访问