We want to create an nginx server with the proxy ip address 192.168.0.101. The local machine acts as the test master and the local ip address is 192.168.0.234.
Nginx Proxy Server Configuration
First, configure the yum Source
[Root @ server70 ~] # Yum groupinstall-y "Development Tools" "Development Libraries"
[Root @ server70 ~] # Yum install gcc openssl-devel pcre-devel zlib-devel-y
Lftp 192.168.0.254
Download nagios-3.2.1.tar.gz
Tar xf nginx-1.1.3.tar.gz
# Groupadd nginx
# Useradd-g nginx-s/bin/false-M nginx
# Cd nginx-1.1.3
./Configure \
-- Prefix =/usr \
-- Sbin-path =/usr/sbin/nginx \
-- Conf-path =/etc/nginx. conf \
-- Error-log-path =/var/log/nginx/error. log \
-- Http-log-path =/var/log/nginx/access. log \
-- Pid-path =/var/run/nginx. pid \
-- Lock-path =/var/lock/nginx. lock \
-- User = nginx \
-- Group = nginx \
With-http_ssl_module \
With-http_flv_module \
With-http_stub_status_module \
With-http_gzip_static_module \
-- Http-client-body-temp-path =/var/tmp/nginx/client /\
-- Http-proxy-temp-path =/var/tmp/nginx/proxy /\
-- Http-fastcgi-temp-path =/var/tmp/nginx/fcgi /\
-- With-pcre
Make & make install
Vim/etc/init. d/nginx
#! /Bin/sh
#
# Nginx-this script starts and stops the nginx daemon
#
# Chkconfig:-85 15
# Description: Nginx is an HTTP (S) server, HTTP (S) reverse \
# Proxy and IMAP/POP3 proxy server
# Processname: nginx
# Config:/etc/nginx. conf
# Config:/etc/sysconfig/nginx
# Pidfile:/var/run/nginx. pid
# Source function library.
./Etc/rc. d/init. d/functions
# Source networking configuration.
./Etc/sysconfig/network
# Check that networking is up.
["$ NETWORKING" = "no"] & exit 0
Nginx = "/usr/sbin/nginx"
Prog = $ (basename $ nginx)
NGINX_CONF_FILE = "/etc/nginx. conf"
[-F/etc/sysconfig/nginx] &./etc/sysconfig/nginx
Lockfile =/var/lock/subsys/nginx
Make_dirs (){
# Make required directories
User = 'nginx-V 2> & 1 | grep "configure arguments:" | sed's/[^ *] * -- user = \ ([^] * \). */\ 1/G '-'
Options = '$ nginx-V 2> & 1 | grep' configure arguments :''
For opt in $ options; do
If ['echo $ opt | grep'. *-temp-path'']; then
Value = 'echo $ opt | cut-d "="-f 2'
If [! -D "$ value"]; then
# Echo "creating" $ value
Mkdir-p $ value & chown-R $ user $ value
Fi
Fi
Done
}
Start (){
[-X $ nginx] | exit 5
[-F $ NGINX_CONF_FILE] | exit 6
Make_dirs
Echo-n $ "Starting $ prog :"
Daemon $ nginx-c $ NGINX_CONF_FILE
Retval =$?
Echo
[$ Retval-eq 0] & touch $ lockfile
Return $ retval
}
Stop (){
Echo-n $ "Stopping $ prog :"
Killproc $ prog-QUIT
Retval =$?
Echo
[$ Retval-eq 0] & rm-f $ lockfile
Return $ retval
}
Restart (){
Configtest | return $?
Stop
Sleep 1
Start
}
Reload (){
Configtest | return $?
Echo-n $ "Reloading $ prog :"
Killproc $ nginx-HUP
RETVAL =$?
Echo
}
Force_reload (){
Restart
}
Configtest (){
$ Nginx-t-c $ NGINX_CONF_FILE
}
Rh_status (){
Status $ prog
}
Rh_status_q (){
Rh_status>/dev/null 2> & 1
}
Case "$1" in
Start)
Rh_status_q & exit 0
$1
;;
Stop)
Rh_status_q | exit 0
$1
;;
Restart | configtest)
$1
;;
Reload)
Rh_status_q | exit 7
$1
;;
Force-reload)
Force_reload
;;
Status)
Rh_status
;;
Condrestart | try-restart)
Rh_status_q | exit 0
;;
*)
Echo $ "Usage: $0 {start | stop | status | restart | condrestart | try-restart | reload | force-reload | configtest }"
Exit 2
Esac
Exit and grant the/etc/init. d/nginx execution permission.
Chmod + x/etc/init. d/nginx
Make it fail to start automatically
Chkconfig -- add nginx
Now we can start nginx.
# Service nginx start
Check whether port 80 is enabled.
# Netstat-tnlp
[Root @ server70 ~] # Netstat-tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
Tcp 0 0 127.0.0.1: 2208 0.0.0.0: * LISTEN 2310/hpiod
Tcp 0 0 0.0.0.0: 111 0.0.0.0: * LISTEN 2000/portmap
Tcp 0 0 0.0.0.0: 80 0.0.0.0: * LISTEN 8448/nginx. conf
As you can see, port 80 is enabled.
Then, let's take a look at the nginx test page and enter the proxy server's ip address.
When the word "welcome" appears, it indicates that nginx is successfully installed.
Cd/etc/nginx/
Cp nginx. conf nginx. conf. bak
Modify and add the following content under/etc/nginx. conf:
Events {
Worker_connections 51200;
}
Server {
Listen 80;
Server_name localhost;
# Charset koi8-r;
# Access_log logs/host. access. log main;
Location /{
Root/web;
Index index.html index.htm;
}
Location/bbs {
Root/web;
Index test.html;
}
Save and launch
Create/web/AND/web/bbs/
Mkdir/web
Mkdir/web/bbs
Echo "hello, are you OK">/web/index.htm
Echo "hello">/web/bbs/test.html
Visit the two page files respectively and enter http: // 192.168.0.101 in the browser.
Http: // 192.168.0.101/bbs
Of course, we can also implement access control for proxy service web pages, such as/web/bbs/test. the thml webpage file can be accessed by the test machine. Below we will reject the access from the test machine.
How can we implement it? We need to edit/etc/nginx. conf.
Location/bbs {
Root/web;
Index index.html;
Deny 192.168.0.234; ############ only access to 192.168.0.234 is denied.
Allow all ;################ allow all
Save and exit, and reload the file
Access/web/bbs/test.html on the test machine again
Now we can test whether a VM can be accessed on a host that does not reject access.
Author "noever"