lamp架构----> mysql +nginx+php

lamp

1.源码安装nginx

yum install gcc pcre-devel openssl-devel
tar zxf nginx-1.18.0.tar.gz
cd nginx-1.18.0/

[root@server1 nginx-1.18.0]# ls
auto  CHANGES  CHANGES.ru  conf  configure  contrib  html  LICENSE  man  README  src

[root@server1 nginx-1.18.0]# vim auto/cc/gcc ##关闭debug

# debug
#CFLAGS="$CFLAGS -g"
  • [root@server1 nginx-1.18.0]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module

  • [root@server1 nginx-1.18.0]#make && make install
    make 编译 makefile的文件

[root@server1 nginx-1.18.0]# cd /usr/local/nginx/
[root@server1 nginx]# ls
conf html logs sbin
[root@server1 nginx]# du -sh *
72K conf
8.0K html
0 logs

[root@server1 ~]# vim .bash_profile
PATH=$PATH:$HOME/bin:/usr/local/nginx/sbin
[root@server1 ~]# source .bash_profile
将nginx的执行路径加入环境变量中,就可以直接使用nginx命令
参考ls

[root@server1 ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/root/bin:/usr/local/nginx/sbin

此时which nginx才可以查询
[root@server1 ~]# which nginx
/usr/local/nginx/sbin/nginx

[root@server1 ~]# nginx 开启

[root@server1 ~]# netstat -antlp
lamp架构----> mysql +nginx+php

nginx 开启
80 端口
nginx 再次开启的时候,需要重载
nginx -s reload
nginx -s stop 关闭

curl localhost

2. Mysql 安装

软件包依赖性:

  • yum install -y gcc gcc-c++ make ncurses-devel bison openssl-devel zlib-devel cmake

tar zxvf mysql-5.5.12.tar.gz
cd mysql-5.5.12

cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
#安装目录
-DMYSQL_DATADIR=/usr/local/mysql/data \
#数据库存放目录
-DMYSQL_UNIX_ADDR=/usr/local/mysql/data/mysql.sock \ #Unix socket 文件路径
-DWITH_MYISAM_STORAGE_ENGINE=1 \
#安装 myisam 存储引擎
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
#安装 innodb 存储引擎
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
#安装 archive 存储引擎
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
#安装 blackhole 存储引擎
-DWITH_PARTITION_STORAGE_ENGINE=1 \
#安装数据库分区
-DENABLED_LOCAL_INFILE=1 \
#允许从本地导入数据
-DWITH_READLINE=1 \
#快捷键功能
-DWITH_SSL=yes \
#支持 SSL
-DDEFAULT_CHARSET=utf8 \
#使用 utf8 字符
-DDEFAULT_COLLATION=utf8_general_ci \
#校验字符
-DEXTRA_CHARSETS=all \
#安装所有扩展字符集
-DMYSQL_TCP_PORT=3306 \
#MySQL 监听端口

make && make install

重新编译时,需要清除旧的对象文件和缓存信息

make clean
rm -f CmakeCache.txt

  • 根据你的主机内存复制 mysql 配置文件
    cp /usr/local/mysql/usr/local/mysql/ /etc/init.d/mysqld

在安装的时候有指定路径
[root@server1 support-files]# vim /etc/my.cnf
[root@server1 support-files]# cat /etc/my.cnf
[mysqld]
datadir=/usr/local/mysql/data
socket=/usr/local/mysql/data/mysql.sock
symbolic-links=0

写进path之后才可以用which查看
[root@server1 ~]# vim .bash_profile

[root@server1 ~]# source .bash_profile
[root@server1 ~]# which mysql
/usr/local/mysql/bin/mysql

useradd -u 1000 -M -d /usr/local/mysql/data -s /sbin/nologin mysql

mysqld --initialize --user=mysql
lamp架构----> mysql +nginx+php
生成data数据目录
lamp架构----> mysql +nginx+php

/etc/init.d/mysqld start

lamp架构----> mysql +nginx+php

  • mysql_secure_installation
    #按提示完成 mysql 安全设置,生产环境推荐使用

Enter password for user root: 输入上图中生成的密码
两次回车,三次y

mysql -p 查看

3.php 源码安装

yum install bzip2 -y 
tar jxf php-7.4.12.tar.bz2 
安装编译所需的包
yum install -y systemd-devel.x86_64 libxml2-devel.x86_64  sqlite-devel.x86_64 oniguruma-devel-6.8.2-1.el7.x86_64.rpm oniguruma-6.8.2-1.el7.x86_64.rpm libevent-devel-1.4.13-4.el6.x86_64.rpm libevent-doc-1.4.13-4.el6.noarch.rpm libevent-headers-1.4.13-4.el6.noarch.rpm libpng-devel.x86_64

  • 配置nginx

useradd -M -d /usr/local/nginx/ -s /sbin/nologin nginx

cd /usr/local/nginx/conf/
vim nginx.conf

nginx
nginx -s reload

ps -aux
nginx 3842 0.0 0.0 46420 2024 ? S 08:46 0:00 nginx: worker p

[root@server1 conf]# cd
[root@server1 ~]# ls
mysql-5.7.31               nginx-1.18.0         php-7.4.12
mysql-boost-5.7.31.tar.gz  nginx-1.18.0.tar.gz  php-7.4.12.tar.bz2
[root@server1 ~]# cd php-7.4.12/
[root@server1 php-7.4.12]# ls
appveyor             configure.ac     pear                 tests
azure                CONTRIBUTING.md  php.ini-development  travis
azure-pipelines.yml  docs             php.ini-production   TSRM
build                ext              README.md            UPGRADING
buildconf            EXTENSIONS       README.REDIST.BINS   UPGRADING.INTERNALS
buildconf.bat        LICENSE          run-tests.php        win32
CODING_STANDARDS.md  main             sapi                 Zend
configure            NEWS             scripts
  • 编译
[root@server1 php-7.4.12]# ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --enable-mysqlnd --with-pdo-mysql --with-mysqli --with-openssl-dir --enable-gd --with-zlib-dir --with-curl --with-pear --enable-inline-optimization --enable-soap --enable-sockets --enable-mbstring --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --with-fpm-systemd

lamp架构----> mysql +nginx+php

[root@server1 php-7.4.12]# make && make install

nginx接受动态请求: 调用php

parAM:nginx php保持同步

[root@server1 fpm]# pwd
/root/php-7.4.12/sapi/fpm

[root@server1 fpm]# cp init.d.php-fpm /etc/init.d/php-fpm
[root@server1 fpm]# chmod +x /etc/init.d/php-fpm
[root@server1 fpm]# /etc/init.d/php-fpm
Usage: /etc/init.d/php-fpm {start|stop|force-quit|restart|reload|status|configtest}

[root@server1 fpm]# cd /usr/local/php/
[root@server1 php]# ls
bin etc include lib php sbin var
[root@server1 php]# cd etc/
[root@server1 etc]# ls
pear.conf php-fpm.conf.default php-fpm.d
[root@server1 etc]# cp php-fpm.conf.default php-fpm.conf
[root@server1 etc]# vim php-fpm.conf
去掉pid注释
pid = run/php-fpm.pid

[root@server1 etc]# cd php-fpm.d/
[root@server1 php-fpm.d]# ls
www.conf.default
[root@server1 php-fpm.d]# cp www.conf.default www.conf
[root@server1 php-fpm.d]# vim www.conf

[root@server1 php-7.4.12]# cp php.ini-production /usr/local/php/etc/php.ini
[root@server1 php-7.4.12]# /etc/init.d/php-fpm start
Starting php-fpm done
lamp架构----> mysql +nginx+php
[root@server1 conf]# pwd
/usr/local/nginx/conf
[root@server1 conf]# vim nginx.conf
location / {
root html;
index index.php index.html index.htm;
}

    location ~ \.php$ {
        root           html;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        #fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        include        fastcgi.conf;
    }

[root@server1 conf]# cd /usr/lib/systemd/system

[root@server1 system]# vim nginx.service

[root@server1 system]# cat nginx.service 
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

nginx -s stop
[root@server1 system]# systemctl daemon-reload
[root@server1 system]# systemctl start nginx
systemctl enable nginx

[root@server1 php-7.4.12]# cd sapi/fpm/
[root@server1 fpm]# ls
[root@server1 fpm]# cp php-fpm.service /usr/lib/systemd/system/
[root@server1 fpm]# cd /usr/lib/systemd/system/
[root@server1 system]# vim php-fpm.service
#ProtectSystem=full##注释掉
[root@server1 system]# systemctl daemon-reload
[root@server1 system]# systemctl start php-fpm
[root@server1 system]# systemctl enable php-fpm

[root@server1 system]# cd /usr/local/nginx/html/
[root@server1 html]# ls
50x.html index.html
[root@server1 html]# vim index.php
[root@server1 html]# cat index.
cat: index.: No such file or directory
[root@server1 html]# cat index.php

<?php phpinfo() ?>

systemctl reload php-fpm

[root@server1 html]# setenforce 0
[root@server1 html]# systemctl disable --now firewalld.service
lamp架构----> mysql +nginx+php

nginx: 高并发

nginx只能处理静态----动态交给 fas ----> 递交给后端php-fpm 9000处理的时候从 memca 取 交给nginx ----再返回给client

解决:()
在nginx放缓存,处理一次后放在nginx的缓存中,再次请求,直接从nginx缓存中取

数据库连接

  • /etc/init.d/mysqld start
[root@server1 ~]# vim .bash_profile 
PATH=$PATH:$HOME/bin:/usr/local/nginx/sbin:/usr/local/mysql/bin:/usr/local/php/bin
[root@server1 ~]# source .bash_profile 
  • vim /usr/local/php/etc/php.ini
pdo_mysql.default_socket=/usr/local/mysql/data/mysql.sock
mysqli.default_socket = /usr/local/mysql/data/mysql.sock
  • systemctl reload php-fpm
[root@server1 ~]# mv phpMyAdmin-5.0.2-all-languages /usr/local/nginx/html/phpadmin
[root@server1 ~]# cd -
/usr/local/mysql
[root@server1 mysql]# ls
bin  data  docs  include  lib  LICENSE  man  mysql-test  README  README-test  share  support-files
[root@server1 mysql]# ls -ld data/
drwxr-x---. 5 mysql mysql 4096 Apr  3 11:07 data/
[root@server1 mysql]# chmod 755 /usr/local/mysql/data/

lamp架构----> mysql +nginx+php
lamp架构----> mysql +nginx+php

构建nginx高速缓存

memcache

 tar zxf memcache-4.0.5.2.tgz 

[root@server1 ~]# cd memcache-4.0.5.2/
[root@server1 memcache-4.0.5.2]# ls
cloudbuild.yaml  config.m4   CREDITS  Dockerfile   LICENSE       php7    tests
config9.m4       config.w32  docker   example.php  memcache.php  README
[root@server1 memcache-4.0.5.2]# phpize
Configuring for:
PHP Api Version:         20190902
Zend Module Api No:      20190902
Zend Extension Api No:   320190902
Cannot find autoconf. Please check your autoconf installation and the
$PHP_AUTOCONF environment variable. Then, rerun this script.

[root@server1 memcache-4.0.5.2]# yum install autoconf -y


[root@server1 memcache-4.0.5.2]# phpize
Configuring for:
PHP Api Version:         20190902
Zend Module Api No:      20190902
Zend Extension Api No:   320190902

[root@server1 memcache-4.0.5.2]# ./configure   --enable-memcache 
[root@server1 memcache-4.0.5.2]# make && make install 


[root@server1 memcache-4.0.5.2]# make install
Installing shared extensions:     /usr/local/php/lib/php/extensions/no-debug-non-zts-20190902/
[root@server1 memcache-4.0.5.2]# cd /usr/local/php/lib/php/extensions/no-debug-non-zts-20190902/
[root@server1 no-debug-non-zts-20190902]# ls
memcache.so  opcache.a  opcache.so

在php模块中添加memcache

[root@server1 no-debug-non-zts-20190902]# php -m | grep memcache

[root@server1 etc]# pwd
/usr/local/php/etc
[root@server1 etc]# vim php.ini 
extension=memcache
[root@server1 etc]# systemctl  reload php-fpm
[root@server1 etc]# php -m | grep memcache
memcache

php ----> memcache.so----> memcached

[root@server1 etc]# systemctl start memcached

lamp架构----> mysql +nginx+php

[root@server1 etc]# cat /etc/sysconfig/memcached
PORT=“11211”
USER=“memcached”
MAXCONN=“1024”
CACHESIZE=“64”
OPTIONS=""

[root@server1 ~]# cd memcache-4.0.5.2/
[root@server1 memcache-4.0.5.2]# cp example.php  /usr/local/nginx/html/

[root@server1 memcache-4.0.5.2]# cp memcache.php  /usr/local/nginx/html/
[root@server1 memcache-4.0.5.2]# vim /usr/local/nginx/html/memcache.php 

lamp架构----> mysql +nginx+php

lamp架构----> mysql +nginx+php

lamp架构----> mysql +nginx+php

会从缓存中取数据
lamp架构----> mysql +nginx+phplamp架构----> mysql +nginx+php

传统模式的访问太慢
基于openrestry(构建高效透明的缓存机制) 访问,能将缓存放在nginx中,速度更快

 tar zxf openresty-1.19.3.1.tar.gz 
[root@server1 ~]# cd openresty-1.19.3.1/
[root@server1 openresty-1.19.3.1]# ls
bundle  configure  COPYRIGHT  patches  README.markdown  README-windows.txt  util
[root@server1 openresty-1.19.3.1]# ./configure 
platform: linux (linux)
[root@server1 openresty-1.19.3.1]# gmake install
  • systemctl stop nginx

##需要切换,关闭之前的nginx访问模式

[root@server1 nginx]# netstat  -antlp

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      8493/php-fpm: maste 
tcp        0      0 0.0.0.0:11211           0.0.0.0:*               LISTEN      8028/memcached      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3457/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3708/master         
tcp        0      0 172.25.10.1:22          172.25.10.250:52092     ESTABLISHED 3720/sshd: root@pts 
tcp        0      0 172.25.10.1:22          172.25.10.250:53552     ESTABLISHED 18785/sshd: root@pt 
tcp6       0      0 :::3306                 :::*                    LISTEN      4703/mysqld         
tcp6       0      0 :::11211                :::*                    LISTEN      8028/memcached      
tcp6       0      0 :::22                   :::*                    LISTEN      3457/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      3708/master    

参考之前配置的nginx.conf文件

  • vim /usr/local/openresty/nginxnginx.conf
user  nginx nginx;
worker_processes  auto;
        location / {
            root   html;
            index  index.php index.html index.htm;
        }

[root@server1 conf]# cd /usr/local/openresty/
[root@server1 openresty]# ls
bin COPYRIGHT luajit lualib nginx pod resty.index site

  • /usr/local/openresty/nginx/sbin/nginx -t 检测语法错误
  • /usr/local/openresty/nginx/sbin/nginx 开启

[root@server1 openresty]# netstat -antlp

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      8493/php-fpm: maste 
tcp        0      0 0.0.0.0:11211           0.0.0.0:*               LISTEN      8028/memcached      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      17468/nginx: master 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3457/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3708/master         
tcp        0      0 172.25.10.1:22          172.25.10.250:52092     ESTABLISHED 3720/sshd: root@pts 
tcp        0      0 172.25.10.1:22          172.25.10.250:53552     ESTABLISHED 18785/sshd: root@pt 
tcp6       0      0 :::3306                 :::*                    LISTEN      4703/mysqld         
tcp6       0      0 :::11211                :::*                    LISTEN      8028/memcached      
tcp6       0      0 :::22                   :::*                    LISTEN      3457/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      3708/master         
[root@server1 openresty]# 

[root@server1 ~]# cd /usr/local/nginx/html/
[root@server1 html]# ls
50x.html example.php index.html index.php memcache.php phpadmin
[root@server1 html]# cd /usr/local/openresty/nginx/html/
[root@server1 html]# ls
50x.html index.html

  • cp ~/memcache-4.0.5.2/example.php /usr/local/openresty/nginx/html/
[root@server1 html]# ls
50x.html  example.php  index.html
[root@server1 html]# pwd
/usr/local/openresty/nginx/html
  • vim /usr/local/openresty/nginx/conf//nginx.conf
    需要修改如下信息
user  nginx nginx;
worker_processes  auto;
http {
      upstream memcache {
      server 127.0.0.1:11211;
      keepalive 512;
     }

    include       mime.types;
    default_type  application/octet-stream;
      

     location / {
            root   html;
            index  index.php index.html index.htm;
        }
        location /memc {
        internal;
        memc_connect_timeout 100ms;
        memc_send_timeout 100ms;
        memc_read_timeout 100ms;
        set $memc_key $query_string;
        set $memc_exptime 300;
        memc_pass memcache;
        }

        location ~ \.php$ {
            set $key $uri$args;
            srcache_fetch GET /memc $key;
            srcache_store PUT /memc $key;
            root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            #fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            include        fastcgi.conf;
        }




  • /usr/local/openresty/nginx/sbin/nginx -t

  • /usr/local/openresty/nginx/sbin/nginx -s reload

压测

[root@foundation10 images]# ab -c10 -n10000 http://172.25.10.1/example.php

传统模式
lamp架构----> mysql +nginx+php

新模式
lamp架构----> mysql +nginx+php

参数

auto 会根据cpu核心数分配
cpu_affinity : 01 10; 0001 0010 0100 1000
8个,为什么4个空闲,4个占用?

nginx-----后端-----> 返回
nginx工作原理,为什么比http快,在什么方面

[root@server1 conf]# /usr/local/openresty/nginx/sbin/nginx -s stop
[root@server1 conf]# systemctl start nginx
[root@server1 conf]# vim nginx.conf

lamp架构----> mysql +nginx+php

lamp架构----> mysql +nginx+php

[root@server1 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server1 conf]# nginx -s reload

二三主机上,安装httpd,进行测试


 1  yum install httpd -y
    2  systemctl  disable  --now firewalld.service 
    3  setenforce 0
    4  echo server2 > /var/www/html/index.html  # server3页面是server3
    5  cat /var/www/html/index.html 
    6  systemctl  start httpd


测试

[root@foundation10 images]# curl 172.25.10.1
server2
[root@foundation10 images]# curl 172.25.10.1
server3
[root@foundation10 images]# curl 172.25.10.1
server2
[root@foundation10 images]# curl 172.25.10.1
server3

nginx 平滑更新

下载nginx新版本软件,正常执行
要与前面的编译对应
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module
和make 但不要执行make install

[root@server1 nginx-1.19.1]# nginx -v
nginx version: nginx/1.18.0

备份原程序:拷贝新程序:

[root@server1 nginx-1.19.1]# cd /usr/local/nginx/sbin/
[root@server1 sbin]# ls
nginx
[root@server1 sbin]# mv nginx  nginx.old
[root@server1 sbin]# ls
nginx.old
[root@server1 ~]# cp  nginx-1.19.1/objs/nginx     /usr/local/nginx/sbin/

[root@server1 sbin]# ls
nginx  nginx.old
  • 获取当前nginx主进程pid:
    ps ax|grep nginx
  • 升级新程序:
    kill -USR2 17646
  • 关闭原worker进程但保留主进程:为了回退
    kill -WINCH 17646

lamp架构----> mysql +nginx+php

lamp架构----> mysql +nginx+php

版本回退:

  • 还原nginx程序:
[root@server1 sbin]# mv nginx nginx.new
[root@server1 sbin]# ls
nginx.new  nginx.old
[root@server1 sbin]# mv nginx.old  nginx
  • 唤醒原进程:# kill -HUP 17646
  • 回收新版本的worker进程: kill -WINCH 22457
  • 关闭新版本主进程: kill -QUIT 22457

lamp架构----> mysql +nginx+php

nginx 配置

localhost www.westos.org www.linux.org
访问不同配置

[root@server1 conf]# pwd
/usr/local/nginx/conf
[root@server1 conf]# cat nginx.conf
user nginx nginx;
#user  nobody;
worker_processes  2;
worker_cpu_affinity   01 10;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    use epoll;
    worker_connections  1024;
}


http {
    upstream westos {
    server 172.25.10.2:80;
    server 172.25.10.3:80;
    }
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }
       # location / {
       #     proxy_pass http://westos;
       # }
        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
            root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            #fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            include        fastcgi.conf;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    server {
        listen       443 ssl;
        server_name  localhost;

        ssl_certificate      cert.pem;
        ssl_certificate_key  cert.pem;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            root   html;
            index  index.html index.htm;
        }
    }




server {
        listen 80;
        server_name     www.westos.org;

        location / {
        proxy_pass http://westos;
        }
}

server {
        listen 80;
        server_name     www.linux.org;

        location / {
                root  /web1;
                index   index.html;
        }
}
}
[root@server1 conf]# cd /etc/pki/tls/certs/
[root@server1 certs]# pwd
/etc/pki/tls/certs
[root@server1 certs]# ls
ca-bundle.crt  ca-bundle.trust.crt  make-dummy-cert  Makefile  renew-dummy-cert
[root@server1 certs]# make cert.pem 
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2  ; \
cat $PEM1 >  cert.pem ; \
echo ""    >> cert.pem ; \
cat $PEM2 >> cert.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
.....................+++
..........................................+++
writing new private key to '/tmp/openssl.2H0vJ9'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:server1
Email Address []:root@westos.org

[root@server1 certs]# ls
ca-bundle.crt cert.pem Makefile
ca-bundle.trust.crt make-dummy-cert renew-dummy-cert
[root@server1 certs]# mv cert.pem /usr/local/nginx/conf/

[root@server1 conf]# mkdir /web1
[root@server1 conf]# echo server1 > /web1/index.html
nginx -t
nginx -s reload
[root@foundation10 ~] cat /etc/hosts
172.25.10.1 server1 www.westos.org www.linux.org

[root@foundation10 ~]# curl www.westos.org
server3
[root@foundation10 ~]# curl www.westos.org
server2
[root@foundation10 ~]# curl www.westos.org
server2

[root@foundation10 ~]# curl www.linux.org
\server2
lamp架构----> mysql +nginx+php

上一篇:Centos6.8下编译安装LAMP的操作记录梳理


下一篇:源码编译安装LAMP和部署wordpress博客系统