Windows Nginx Installation Tutorials and simple practices _nginx

Overview

Installation and use

Installation

Compiling Nginx from source code
Windows Installation
Use

Nginx Configuration Combat

HTTP Reverse proxy configuration
Load Balancing Configuration
The site has multiple webapp configurations
HTTPS Reverse proxy configuration

Reference

Overview

What is Nginx?

Nginx (engine x) is a lightweight Web server, a reverse proxy server, and an e-mail (IMAP/POP3) proxy server.

What is a reverse proxy?

A reverse proxy (Reverse proxy) means to accept a connection request on the Internet with a proxy server, then forward the request to a server on the internal network and return the results obtained from the server to the client requesting the connection on the Internet, At this point, the proxy server behaves as a reverse proxy server.
Refer to the following illustration for an example:

Installation and use

Installation

Nginx website Download Address

The release version is divided into Linux and Windows versions.

can also download the source code, compiled after the run.

Compiling Nginx from source code

After extracting the source code, run the following command in the terminal:

./configure
make
sudo make install

By default, Nginx will be installed in/usr/local/nginx. By setting the compilation options, you can change this setting.

Windows Installation

In order to install NGINX/WIN32, you need to download it first. Then unzip it and then run it. The following take the C packing directory as an example to illustrate:

CD C:
CD C:\nginx-0.8.54  start Nginx

Nginx/win32 is run in a console program, not Windows service mode. The server approach is currently a development attempt.

Use

The use of Nginx is relatively simple, is a few commands.

The commands that are commonly used are as follows:

Nginx-s stop quickly closes Nginx, may not save relevant information, and quickly terminates the Web service.
Nginx-s quit gracefully shuts down Nginx, saves relevant information, and has scheduled end Web services.
Nginx-s Reload changed the configuration for Nginx and reloaded the configuration.
Nginx-s reopen reopen the log file.
NGINX-C filename Specifies a configuration file for Nginx to replace the default.
NGINX-T does not run and only tests the configuration file. Nginx will check the correctness of the configuration file's syntax and attempt to open the file referenced in the configuration file.
NGINX-V Displays the Nginx version.
NGINX-V Displays the Nginx version, compiler version, and configuration parameters.

If you do not want to hit the command every time, you can add a new boot batch file Startup.bat in the Nginx installation directory, and double-click to run it. The contents are as follows:

@echo
off REM If Nginx is started and the PID file is logged before booting, kill the specified process
nginx.exe-s stop

REM Test configuration file Syntax correctness
nginx.exe-t-C conf /nginx.conf

REM Display version information
nginx.exe-v

REM starts with the specified configuration Nginx
nginx.exe-c conf/nginx.conf

Nginx Configuration Combat

I always believe that the configuration of various development tools or the combination of actual combat to tell, will make people more understandable.

HTTP Reverse proxy configuration

Let's start with a small goal: do not consider complex configurations, just complete an HTTP reverse proxy.

The nginx.conf configuration file is as follows:

Note: conf/nginx.conf is the default configuration file for Nginx. You can also use NGINX-C to specify your configuration file.

#运行用户 #user Somebody;

#启动进程, usually set to and the number of CPUs equal to worker_processes 1;
#全局错误日志 Error_log D:/tools/nginx-1.10.1/logs/error.log;
Error_log D:/tools/nginx-1.10.1/logs/notice.log Notice;

Error_log D:/tools/nginx-1.10.1/logs/info.log Info;

#PID文件, record the process ID PID d:/tools/nginx-1.10.1/logs/nginx.pid of the Nginx currently started;  #工作模式及连接数上限 Events {worker_connections 1024; #单个后台worker the maximum number of concurrent links for process processes} #设定http服务器, leverage its reverse proxy functionality to provide load balancing support for HTTP {#设定mime类型 (message support type), type by mime.types file definition include D
  :/tools/nginx-1.10.1/conf/mime.types;
  
  Default_type Application/octet-stream; #设定日志 log_format main ' [$remote _addr]-[$remote _user] [$time _local] "$request" "$status $body _bytes_sent"
           
  $http _referer "" "$http _user_agent" "$http _x_forwarded_for";
  Access_log D:/tools/nginx-1.10.1/logs/access.log Main;
  
  Rewrite_log on; The #sendfile instruction specifies whether Nginx calls the Sendfile function (zero copy) to output the file, #必须设为 on for general applications, or, if used for downloading applications disk IO Heavy load application, set to off to balance disk and network I/O processing speed,
  Reduce the uptime of the system. Sendfile on;
  #tcp_nopush on;
  #连接超时时间 Keepalive_timeout 120;
  
  Tcp_nodelay on;
 
  #gzip压缩开关 #gzip on;
  #设定实际的服务器列表 upstream zp_server1{server 127.0.0.1:8089;
    
    #HTTP服务器 server {#监听80端口, port 80 is a well-known port number for HTTP protocol listen 80;
    
    #定义使用www. xx.com visits server_name www.helloworld.com; #首页 index index.html #指向webapp的目录 root D:\01_Workspace\Project\github\zp\SpringNotes\spring-security\spri
    
    Ng-shiro\src\main\webapp;
    
    #编码格式 CharSet Utf-8;
    #代理配置参数 Proxy_connect_timeout 180;
    Proxy_send_timeout 180;
    Proxy_read_timeout 180;
    Proxy_set_header Host $host;

    Proxy_set_header x-forwarder-for $remote _addr;
    #反向代理的路径 (and upstream bindings), location the path location/{Proxy_pass Http://zp_server1 after setting the map; #静态文件, Nginx handles location ~ ^/(images|javascript|js|css|flash|media|static)/{root D:\01_Workspace\Proje
      Ct\github\zp\springnotes\spring-security\spring-shiro\src\main\webapp\views; #Expired 30 days, static files are not updated, the expiration can be set larger, if frequently updated, you can set smaller.
    Expires 30d;
      } #设定查看Nginx状态的地址 location/nginxstatus {stub_status on;
      Access_log on;
      Auth_basic "Nginxstatus";
    Auth_basic_user_file conf/htpasswd;
    #禁止访问. htxxx file Location ~/\.ht {deny all;
    #错误处理页面 (optionally configured) #error_page 404/404.html;
    #error_page 502 503 504/50x.html;
    #location =/50x.html {# root HTML;

 #}
  }
}

Well, let's have a try:

1. Start WebApp, note that the port to start binding is consistent with the port set in Nginx in upstream.

2. Change host: Add a DNS record to the host file in the C:\WINDOWS\SYSTEM32\DRIVERS\ETC directory

127.0.0.1 www.helloworld.com

3. The Startup.bat command before the start of the text

4. Access to www.helloworld.com in the browser is not unexpected and can be accessed.

Load Balancing Configuration

In the previous example, the agent only points to a server.

However, in the actual operation of the site, most of the server is running the same app, then need to use load balance to divert.

Nginx can also achieve a simple load balancing function.

Imagine a scenario where applications are deployed on servers in 192.168.1.11:80, 192.168.1.12:80, and 192.168.1.13:80 three Linux environments. Site domain name www.helloworld.com, public network IP is 192.168.1.11. Deploy Nginx on the server where the public IP resides, and load-balance all requests.

The nginx.conf configuration is as follows:

HTTP {#设定mime类型, type defined include/etc/nginx/mime.types by Mime.type file;
  Default_type Application/octet-stream;

  #设定日志格式 Access_log/var/log/nginx/access.log;
    #设定负载均衡的服务器列表 upstream Load_balance_server {#weigth参数表示权值, the higher the weighted value the greater the probability of being assigned to the server 192.168.1.11:80 weight=5;
    Server 192.168.1.12:80 weight=1;
  Server 192.168.1.13:80 weight=6;
    
    #HTTP服务器 server {#侦听80端口 Listen 80;

    #定义使用www. xx.com visits server_name www.helloworld.com;         #对所有请求进行负载均衡请求 location/{root/root; #定义服务器的默认网站根目录位置 index index.html index.htm;
      #定义首页索引文件的名称 proxy_pass http://load_balance_server #请求转向load_balance_server defined server list #以下是一些反向代理的配置 (optional configuration)
      #proxy_redirect off;
      Proxy_set_header Host $host;
      Proxy_set_header X-real-ip $remote _addr;
      #后端的Web服务器可以通过X-forwarded-for Obtain the user real IP proxy_set_header x-forwarded-for $remote _addr;     Proxy_connect_timeout 90; #nginx跟后端服务器连接超时时间 (Agent connection timeout) prOxy_send_timeout 90;       #后端服务器数据回传时间 (Agent send timeout) proxy_read_timeout 90;       #连接成功后, back-end server response time (proxy receive timeout) Proxy_buffer_size 4k;        #设置代理服务器 (Nginx) to save the buffer size of user header information Proxy_buffers 4 32k;    #proxy_buffers缓冲区, the average page below 32k, so set proxy_busy_buffers_size 64k;  #高负荷下缓冲大小 (proxy_buffers*2) proxy_temp_file_write_size 64k;     #设定缓存文件夹大小, greater than this value, will client_max_body_size 10m from the upstream server;   #允许客户端请求的最大单文件字节数 client_body_buffer_size 128k;

 #缓冲区代理缓冲用户端请求的最大字节数}}}

The site has multiple webapp configurations

When a Web site functions more and more rich, often need to be a few functions of relatively independent module stripped out, independent maintenance. In this case, there will usually be multiple webapp.

For example: If the www.helloworld.com site has several webapp,finance (finance), product (Products), admin (User Center). The way in which these applications are accessed is differentiated by context (contexts):

www.helloworld.com/finance/

www.helloworld.com/product/

www.helloworld.com/admin/

We know that the default port number for HTTP is 80, and if you start the 3 WebApp applications on a single server, use 80 ports, it's definitely not going to work. Therefore, these three applications need to be bound separately by different port numbers.

Then, the problem comes, the user actually visits the www.helloworld.com site, access to different webapp, always will not have the corresponding port number to visit it. So, again you need to use the reverse proxy to do the processing.

Configuration is not difficult, to see how to do it:

HTTP {
  #此处省略一些基本配置
  
  upstream product_server{
    server www.helloworld.com:8081;
  }
  
  Upstream admin_server{
    server www.helloworld.com:8082;
  }
  
  Upstream finance_server{
    server www.helloworld.com:8083;
  }

  server {
    #此处省略一些基本配置
    #默认指向product的server
    location/{
      proxy_pass http://product_server;
    }

    location/product/{
      proxy_pass http://product_server;
    }

    location/admin/{
      proxy_pass http://admin_server;
    }
    
    location/finance/{
      proxy_pass http://finance_server
    }}
  }

HTTPS Reverse proxy configuration

Some sites with high security requirements may use HTTPS, a secure HTTP protocol that uses the SSL communication standard.

Here is not popular Science HTTP protocol and SSL standard. However, you need to know a few things about using Nginx to configure https:

The fixed port number for HTTPS is 443, different from the HTTP 80 port
SSL standards require the introduction of a security certificate, so in nginx.conf you need to specify the certificate and its corresponding key

The other is basically the same as the HTTP reverse proxy, except that the server part configuration is somewhat different.

 #HTTP服务器
 server {
   #监听443端口. 443 is a well-known port number, mainly used for HTTPS protocol
   listen    443 SSL;

   #定义使用www. Xx.com visits
   server_name www.helloworld.com;

   #ssl证书文件位置 (Common certificate file format: CRT/PEM)
   ssl_certificate   Cert.pem;
   #ssl证书key位置
   Ssl_certificate_key Cert.key;

   #ssl配置参数 (Selective configuration)
   Ssl_session_cache  shared:ssl:1m;
   Ssl_session_timeout 5m;
   #数字签名, use MD5
   ssl_ciphers high:!anull:! here MD5;
   Ssl_prefer_server_ciphers on;

   Location/{
     root  /root;
     Index index.html index.htm;
   }
 }

Thank you for reading, I hope to help you, thank you for your support for this site!