Linux Compiler installation Nginx

Source: Internet
Author: User
Tags epoll imap install openssl openssl sha1

First, the necessary software preparation
1, installation Pcre

In order to support the rewrite feature, we need to install Pcre
# yum Install Pcre-devel

2. Installing OpenSSL

Requires SSL support, skip this step if SSL support is not required

# yum Install Openssl-devel

3. Gzip Class Library installation

# yum Install zlib Zlib-devel

Second, install Nginx

1. Download
# wget http://nginx.org/download/nginx-1.8.0.tar.gz

2. Create user

# useradd-s/sbin/nologin-m Nginx

3. Install and Compile

# Tar XF nginx-1.8.0.tar.gz

# CD nginx-1.8.0

#./configure--prefix=/usr/local/nginx--conf-path=/etc/nginx/nginx.conf--user=nginx--group=nginx--with-http_ssl _module--with-http_flv_module--with-http_stub_status_module--with-http_gzip_static_module-- http-client-body-temp-path=/var/tmp/nginx/client/--http-proxy-temp-path=/var/tmp/nginx/proxy/-- http-fastcgi-temp-path=/var/tmp/nginx/fcgi/--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi--http-scgi-temp-path=/ var/tmp/nginx/scgi--with-pcre

# make

# make Install

Description
1, Nginx can use Tmalloc (fast, multi-threaded malloc library and excellent performance analysis tools) to speed up memory allocation, using this feature requires pre-installation of Gperftools, and then add--with-google_perftools_ in the build Nginx Module option.
2, if you want to use the Nginx Perl module, can be achieved by adding the--with-http_perl_module option for the Configure script, but this module is still in the experimental use phase, may be in operation unexpected, therefore, its implementation is no longer described here. If you want to use the CGI function based on Nginx, can also be based on fcgi to achieve, the implementation of the method, please refer to the online documentation.

4. Provide SYSV init script for Nginx:

Create a new file/etc/rc.d/init.d/nginx with the following content:

#!/bin/sh
#
# Nginx-this script starts and stops the Nginx daemon
#
# Chkconfig:-85 15
# Description:nginx is an HTTP (s) server, HTTP (s) reverse \
# Proxy and IMAP/POP3 proxy server
# Processname:nginx
# config:/etc/nginx/nginx.conf
# config:/etc/sysconfig/nginx
# Pidfile:/var/run/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source Networking configuration.
. /etc/sysconfig/network

# Check that networking are up.
["$NETWORKING" = "no"] && exit 0

nginx= "/usr/sbin/nginx"
prog=$ (basename $nginx)

sysconfig= "/etc/sysconfig/$prog"
Lockfile= "/var/lock/subsys/nginx"
Pidfile= "/usr/local/nginx/logs/${prog}.pid"

Nginx_conf_file= "/etc/nginx/nginx.conf"

[-F $sysconfig] &&. $sysconfig


Start () {
[-X $nginx] | | Exit 5
[-F $NGINX _conf_file] | | Exit 6
Echo-n $ "Starting $prog:"
Daemon $nginx-C $NGINX _conf_file
Retval=$?
Echo
[$retval-eq 0] && Touch $lockfile
Return $retval
}

Stop () {
Echo-n $ "Stopping $prog:"
Killproc-p $pidfile $prog
Retval=$?
Echo
[$retval-eq 0] && rm-f $lockfile
Return $retval
}

Restart () {
Configtest_q | | Return 6
Stop
Start
}

Reload () {
Configtest_q | | Return 6
Echo-n $ "Reloading $prog:"
Killproc-p $pidfile $prog-hup
Echo
}

Configtest () {
$nginx-T-C $NGINX _conf_file
}

Configtest_q () {
$nginx-T-q-c $NGINX _conf_file
}

Rh_status () {
Status $prog
}

Rh_status_q () {
Rh_status >/dev/null 2>&1
}

# Upgrade The binary with no downtime.
Upgrade () {
Local oldbin_pidfile= "${pidfile}.oldbin"

    Configtest_q | | Return 6
    echo-n $ "Upgrading $prog:"
    Killproc-p $pidfile $prog-usr2
    retval=$?
    Sleep 1
    if [[-F ${oldbin_pidfile} &&-F ${pidfile}]];  then
&N bsp;       killproc-p $oldbin _pidfile $prog-quit
         success $ "$prog online Upgrade"
        echo
         return 0
    else
        Failure $ "$prog online Upgrade"
        echo
         return 1
    fi
}

# Nginx to reopen logs
Reopen_logs () {
Configtest_q | | Return 6
Echo-n $ "Reopening $prog logs:"
Killproc-p $pidfile $prog-USR1
Retval=$?
Echo
Return $retval
}

Case "$" in
Start
Rh_status_q && Exit 0
$
;;
Stop
Rh_status_q | | Exit 0
$
;;
Restart|configtest|reopen_logs)
$
;;
Force-reload|upgrade)
Rh_status_q | | Exit 7
Upgrade
;;
Reload
Rh_status_q | | Exit 7
$
;;
STATUS|STATUS_Q)
Rh_$1
;;
Condrestart|try-restart)
Rh_status_q | | Exit 7
Restart
;;
*)
echo $ "Usage: $ {start|stop|reload|configtest|status|force-reload|upgrade|restart|reopen_logs}"
Exit 2
Esac

5. Then give execute permission for this script:
# chmod +x/etc/rc.d/init.d/nginx

6, add to the service management list, and let it boot automatically:
# chkconfig--add Nginx
# chkconfig Nginx on

7, then you can start the service and test:
# service Nginx Start

Second, the configuration Nginx

Nginx code is composed of a core and a series of modules, the core is mainly used to provide the basic functions of Web server, as well as web and mail reverse proxy functions, but also to enable network protocols, create the necessary runtime environment and ensure smooth interaction between different modules. However, most of the functions associated with the protocol and the functionality specific to an application are implemented by Nginx's modules. These functional modules can be broadly divided into event modules, phased processors, output filters, variable processors, protocols, upstream, and load balancing in several categories, which together make up Nginx's HTTP functionality. The event module is primarily used to provide OS independent (different operating system event mechanisms differ) event notification mechanisms such as kqueue or Epoll. The Protocol module is responsible for implementing Nginx through HTTP, Tls/ssl, SMTP, POP3, and IMAP to establish a session with the corresponding client.

Nginx's core modules are main and events, and include standard HTTP modules, optional HTTP modules, and mail modules, which can also support many third-party modules. Main is used to configure parameters related to error logs, processes, and permissions, and events is used to configure IO models such as Epoll, Kqueue, select, or poll, which are required modules.

Nginx's master configuration file consists of several segments, which are often referred to as nginx contexts, and each segment is defined in the following format. It is important to note that each instruction must use a semicolon (;) end, otherwise a syntax error.

<section> {
<directive> <parameters>;
}

2.1 Configuring the Main module

The following is a description of several key parameters in the main module.

2.1.1 Error_log

Used to configure error logs, which can be used in the main, HTTP, server, and location contexts, in syntax format:

Error_log File | stderr [Debug | info | notice | warn | error | crit | alert | Emerg]

If you use the--with-debug option when compiling Nginx, you can also use the following format to turn on debugging functionality.

Error_log LOGFILE [Debug_core | debug_alloc | debug_mutex | debug_event | debug_http | debug_imap];

To disable the error log, you cannot use "error_log off;" And you want to use an option similar to the following:

Error_log/dev/null Crit;

2.1.2 Timer_resolution

The number of times to reduce the gettimeofday () system call. By default, this system call is executed every time you return from Kevent (), Epoll,/dev/poll, select (), or poll (). The syntax format is:

Timer_resolution interval

For example:

Timer_resolution 100ms;

2.1.3 Worker_cpu_affinity

The worker is bound to the CPU by sched_setaffinity () and can be used only in the main context. The syntax format is:

Worker_cpu_affinity cpumask ...

For example:
Worker_processes 4;
Worker_cpu_affinity 0001 0010 0100 1000;

2.1.4 Worker_priority

Prioritize the worker process (specify nice values), this parameter can be used only in the main context, the default is 0, and the syntax format is:

Worker_priority number

2.1.5 Worker_processes

The worker process is a single-threaded process. If Nginx is used in a CPU-intensive scenario, such as SSL or gzip, and the number of CPUs on the host is at least 2, then this parameter value should be set to be the same as the number of CPU cores, if Nginx is used in a large number of static file access scenarios, and the total size of all files is greater than the available memory, The value of this parameter should be set sufficiently large to take advantage of disk bandwidth.

This parameter, together with the work_connections variable in the events context, determines the value of maxclient:
maxclients = work_processes * work_connections

2.1.6 Worker_rlimit_nofile

Sets the maximum number of file descriptors that the worker process can open. Syntax format:

Worker_rlimit_nofile number

2.2 Configuring the Events module

2.2.1 Worker_connections

Sets the maximum number of connections processed by each worker, along with the worker_processes from the main context, which determines the value of maxclients.

Max clients = worker_processes * worker_connections

In the reverse proxy scenario, the calculation method differs from the above formula because the browser will open 2 connections by default, and Nginx will open 2 file descriptors for each connection, so its maxclients is calculated as:

Max clients = worker_processes * WORKER_CONNECTIONS/4

2.2.2 Use

In a scenario with more than one event model IO, you can use this directive to set the IO mechanism used by nginx, by default the./configure script is the most appropriate version of the current OS in the selected mechanisms. Syntax format:

Use [kqueue | rtsig | epoll |/dev/poll | select | poll | eventport]

2.3 A sample configuration

User Nginx;
# The load is cpu-bound and we have cores
Worker_processes 16;
Error_log/var/log/nginx/error.log;
Pid/var/run/nginx.pid;

Events {
Use Epoll;
Worker_connections 2048;
}

Appendix:


–prefix= pointing to the installation directory
–sbin-path Point (Execute) program file (Nginx)
–conf-path= pointing to the configuration file (nginx.conf)
–error-log-path= pointing to the error log directory
–pid-path= pointing to the PID file (nginx.pid)
–lock-path= points to the lock file (nginx.lock) (Install file lock, prevent the installation file from being exploited by others, or operate it by mistake.) )
–user= specifies a non-privileged user when the program is run
–group= to specify a non-privileged user group when the program is run
–builddir= pointing to the compilation directory
–with-rtsig_module Enable Rtsig module support (real-time signal)
–with-select_module Enable Select module Support (a polling mode that is not recommended for use in high-load environments) Disable: –without-select_module
–with-poll_module Enable poll module support (features same as SELECT, same as Select feature, as a polling mode, not recommended for high-load environments)
–with-file-aio Enable file Aio support (an APL file transfer format)
–with-ipv6 Enable IPv6 support
–with-http_ssl_module Enable Ngx_http_ssl_module support (to enable HTTPS requests, you need to have OpenSSL installed)
–with-http_realip_module Enable Ngx_http_realip_module Support (this module allows changing the client's IP address value from the request header, which is off by default)
–with-http_addition_module Enable Ngx_http_addition_module support (as an output filter that supports incomplete buffering, partial response requests)
–with-http_xslt_module Enable Ngx_http_xslt_module support (Filter transform XML request)
–with-http_image_filter_module Enable Ngx_http_image_filter_module Support (a filter that transmits jpeg/gif/png pictures) (the default is not enabled.) GD Library to use)
–with-http_geoip_module Enable Ngx_http_geoip_module Support (This module creates a Ngx_http_geoip_module variable based on the client IP address that matches the Maxmind GeoIP binary file)
–with-http_sub_module Enable Ngx_http_sub_module support (allow some other text to replace some of the text in the Nginx response)
–with-http_dav_module Enable Ngx_http_dav_module Support (add Put,delete,mkcol: Create collection, copy and Move methods) is off by default and needs to be compiled to open
–with-http_flv_module Enable Ngx_http_flv_module Support (provides time-based offset files seeking memory usage)
–with-http_gzip_static_module Enable Ngx_http_gzip_static_module support (online real-time compressed output data stream)
–with-http_random_index_module Enable Ngx_http_random_index_module support (randomly pick a directory index from the directory)
–with-http_secure_link_module Enable Ngx_http_secure_link_module support (required secure link URLs for compute and check requirements)
–with-http_degradation_module Enable Ngx_http_degradation_module Support (allows 204 or 444 yards to be returned in case of low memory)
–with-http_stub_status_module Enable Ngx_http_stub_status_module support (get Nginx's working status since last boot)
–without-http_charset_module disabling Ngx_http_charset_module support (recoding Web pages, but only one Direction – server-to-client, and only one byte of encoding can be re-encoded)
–without-http_gzip_module Disabling Ngx_http_gzip_module support (the same module as the-with-http_gzip_static_module function)
–without-http_ssi_module Disable Ngx_http_ssi_module Support (This module provides a filter on the input processing server include file (SSI), currently the list of supported SSI commands is incomplete)
–without-http_userid_module Disable Ngx_http_userid_module Support (this module is used to process cookies used to determine the client's subsequent requests)
–without-http_access_module Disables Ngx_http_access_module support (this module provides a simple host-based access control.) Allow/deny based on IP address)
–without-http_auth_basic_module Disable Ngx_http_auth_basic_module (the module is able to use the user name and password based on the HTTP Basic authentication method to protect your site or some of its content)
–without-http_autoindex_module Disable Disable Ngx_http_autoindex_module support (this module is used to automatically generate a list of directories only ngx_http_index_ The module module makes a request when the index file is not found. )
–without-http_geo_module Disable Ngx_http_geo_module support (create some variables whose value depends on the IP address of the client)
–without-http_map_module Disabling Ngx_http_map_module support (setting configuration variables with any key/value pair)
–without-http_split_clients_module disables Ngx_http_split_clients_module support, which is used to divide users based on certain conditions. Conditions such as: IP address, header, cookies, etc.)
–without-http_referer_module Disable Disable Ngx_http_referer_module support (this module is used to filter requests and reject requests for incorrect referer values in the header)
–without-http_rewrite_module disables Ngx_http_rewrite_module support, which allows the use of regular expressions to change URIs and to turn to and select configurations based on variables. If this option is set at the server level, they will take effect before location. If there are further rewrite rules at location, the rules of the location section will still be executed. If this URI rewrite is caused by a rule in the Location section, then the location section will be executed again as the new URI. This loop executes 10 times, and then Nginx returns a 500 error. )
–without-http_proxy_module disabling Ngx_http_proxy_module support (for proxy servers)
–without-http_fastcgi_module disables Ngx_http_fastcgi_module support, which allows Nginx to interact with the fastcgi process and control fastcgi process work by passing parameters. ) fastcgi a resident public gateway interface.
–without-http_uwsgi_module Disabling Ngx_http_uwsgi_module support (this module is used for medical UWSGI protocol, UWSGI server related)
–without-http_scgi_module disables Ngx_http_scgi_module support, which is used to enable SCGI protocol support, and the SCGI protocol is an alternative to the CGI protocol. It is an application-to-HTTP service interface standard. It's a bit like fastcgi but his design is easier to implement. )
–without-http_memcached_module Disabling Ngx_http_memcached_module support (this module is used to provide simple caching to improve system efficiency)
-without-http_limit_zone_module Disabling Ngx_http_limit_zone_module support (the module can control the number of concurrent connections to a session for a condition)
–without-http_limit_req_module Disable Ngx_http_limit_req_module Support (this module allows you to limit the number of requests to an address with a given session or a specific event)
–without-http_empty_gif_module Disable Ngx_http_empty_gif_module Support (the module resides in memory with a 1*1 transparent GIF image that can be called very quickly)
–without-http_browser_module disables Ngx_http_browser_module support, which is used to create a value that relies on the request header. If the browser is modern, $modern_browser equals the value assigned by the modern_browser_value instruction, or $ancient_browser equals Ancient_browser_ if the browser is old. Value assigned by the instruction, or $msie equals 1 if the browser is any version in MSIE)
–without-http_upstream_ip_hash_module Disabling Ngx_http_upstream_ip_hash_module support (this module is used for simple load balancing)
–with-http_perl_module Enable Ngx_http_perl_module Support (This module allows Nginx to directly use Perl or call Perl via SSI)
–with-perl_modules_path= Setting the Perl module path
–with-perl= Setting the Perl library file path
–http-log-path= Setting Access log path
–http-client-body-temp-path= setting HTTP Client Request temp file path
–http-proxy-temp-path= setting HTTP proxy temporary file path
–http-fastcgi-temp-path= Setting the HTTP fastcgi temp file path
–http-uwsgi-temp-path= Setting the HTTP Uwsgi temp file path
–http-scgi-temp-path= Setting the HTTP scgi temp file path
-without-http Disabling the HTTP Server feature
–without-http-cache Disabling the HTTP cache feature
–with-mail Enable POP3/IMAP4/SMTP Proxy module support
–with-mail_ssl_module Enable Ngx_mail_ssl_module Support
–without-mail_pop3_module disables the POP3 protocol (POP3, the 3rd version of the Post Office Protocol, which is a protocol that specifies how personal computers connect to mail servers on the Internet to send and receive mail. is the first offline protocol standard for Internet e-mail, the POP3 protocol allows users to store messages from the server on a local host while deleting or saving messages on the mail server based on the client's actions. The POP3 protocol is a member of the TCP/IP protocol family and is primarily used to support e-mail that is managed remotely on the server using a client.
–without-mail_imap_module disables the IMAP protocol, a message acquisition protocol. Its main function is that the mail client can obtain the message from the mail server through this protocol, download the Mail and so on. The IMAP protocol runs on top of the TCP/IP protocol, using a port of 143. The main difference between it and the POP3 protocol is that the user can not download all the messages, and can directly manipulate the messages on the server through the client. )
–without-mail_smtp_module disables the SMTP protocol (SMTP is the Simple Mail Transfer Protocol, which is a set of rules for sending mail from the source address to the destination, and it controls how the letters are brokered. The SMTP protocol belongs to the TCP/IP protocol family, which helps each computer find its next destination when sending or relaying letters. )
–with-google_perftools_module Enable Ngx_google_perftools_module support (Tune trial, profiler performance bottleneck)
–with-cpp_test_module Enable Ngx_cpp_test_module Support
–add-module= Enabling external module support
–with-cc= pointing to the C compiler path
–with-cpp= pointing to the C preprocessing path
–with-cc-opt= set C compiler parameters (Pcre library, you need to specify –with-cc-opt= "-i/usr/local/include", if you use the Select () function you need to increase the number of file descriptors, you can –with-cc- Opt= "-D fd_setsize=2048" designation. )
–with-ld-opt= set the connection file parameters. (Pcre library, you need to specify –with-ld-opt= "-l/usr/local/lib".) )
–with-cpu-opt= Specifies the compiled CPU, the available values are: Pentium, Pentiumpro, Pentium3, Pentium4, Athlon, Opteron, AMD64, Sparc32, SPARC64, PPC64
–without-pcre Disabling the Pcre library
–with-pcre Enabling the Pcre library
–with-pcre= point to Pcre library file directory
–with-pcre-opt= setting additional parameters for the Pcre library at compile time
–with-md5= points to the MD5 library file directory (message digest algorithm version fifth, which provides integrity protection for messages)
–with-md5-opt= setting additional parameters for the MD5 library at compile time
–with-md5-asm using MD5 assembler source
–with-sha1= points to the SHA1 Library directory (digital Signature algorithm, primarily for digital signatures)
–with-sha1-opt= setting additional parameters for the SHA1 library at compile time
–with-sha1-asm using SHA1 assembler source
–with-zlib= point to zlib Library directory
–with-zlib-opt= setting additional parameters for zlib at compile time
The –with-zlib-asm= is optimized for the specified CPU using the zlib assembler source, the CPU type is Pentium, and the Pentiumpro
–with-libatomic provides a schema for the implementation of an update operation for atomic memory
–with-libatomic= pointing to the Libatomic_ops installation directory
–with-openssl= pointing to the OpenSSL installation directory
–with-openssl-opt setting additional parameters for OpenSSL at compile time
–with-debug Enabling debug logging

This article is from the "Stones" blog, make sure to keep this source http://wangzan18.blog.51cto.com/8021085/1653447

Linux compiler installation Nginx

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.