lamp architecture
LAMP is an abbreviation for a group of free software commonly used together to run dynamic websites or servers
Linux, operating system;
Apache, web server;
MySQL, database management system (or database server);
PHP and sometimes Perl or Python, scripting languages.
Here we use Nginx instead of Apache
Installation and configuration of nginx
First, prepare the nginx source code compression package nginx-1.20.1.tar.gz
decompression
tar zxf nginx-1.20.1.tar.gz
Enter the unzipped nginx source directory
cd nginx-1.20.1
The installation of source code generally consists of three steps: configure, make, and make install
Configuration of one of the source compilation Trilogy
First, you can view the configuration options through. / configure --help
To start the configuration, we set the installation path as / usr/local/nginx
./configure --with-http_ssl_module --with-http_stub_status_module --prefix=/usr/local/nginx
Prompt missing gcc
yum install gcc -y
Missing pcre
yum install pcre-devel -y
Missing openssl
yum install openssl-devel -y
Configure again and display success
Source compilation trilogy II compilation
compile
make
Display successful
Then the Makefile is generated in the objs directory of the nginx decompression directory
Source compilation trilogy III installation
install
make install
Startup of nginx
cd /usr/local/nginx/sbin
You can see the nginx file
Make a soft link to / usr/local/sbin / to store third-party software that can only be used by super users
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
start nginx
nginx
Then check the port and you can see that port 80 is turned on
netstat -antlp
Browser view 172.25.21.1
How can nginx customize the content of header information
View header information
curl -I 172.25.21.1
Modify src/core/nginx.h in the extracted directory
vim src/core/nginx.h
Modify #define nginx_ After ver, it is renamed nginx
Close nginx first
nginx -s stop
Recompile
make
Replace the files in the installation directory with the newly generated files
\cp overwrites the original file without asking
\cp objs/nginx /usr/local/nginx/sbin/nginx
Start nginx again and check the header information
You can see that the header information has changed
How to downsize nginx and speed up compilation
Modify the relevant configuration and slim down nginx. The compiled nginx is smaller and faster
First, check the size of nginx before you lose weight
Close nginx
nginx -s stop
Modify auto/cc/gcc in the extracted directory
vim nginx-1.20.1/auto/cc/gcc
Close c language compilation debug
Comment out the item under debug
Empty the cache makdfile and execute it in the extracted directory
make clean
to configure
./configure --with-http_ssl_module --with-http_stub_status_module --prefix=/usr/local/nginx
compile
make
Never make install, or the installation will be overwritten
At this time, view the nginx size in the objs directory of the extracted directory
Display 928 K
Copy and replace the nginx to the nginx file in the installation directory, and the new nginx program will overwrite the old one
cp nginx /usr/local/nginx/sbin/nginx
Nginx startup and startup settings (use systemctl to control nginx)
First, make sure nginx is not started. If it is started, first use nginx -s stop to close nginx
vim /usr/lib/systemd/system/nginx.service
[Unit] Description=The NGINX HTTP and reverse proxy server After=syslog.target network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/usr/local/nginx/logs/nginx.pid ExecStartPre=/usr/local/nginx/sbin/nginx -t ExecStart=/usr/local/nginx/sbin/nginx ExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/bin/kill -s QUIT $MAINPID PrivateTmp=true [Install] WantedBy=multi-user.target
Refresh service list
systemctl daemon-reload
Start and set startup self startup nginx
systemctl enable --now nginx
At this point, nginx can be controlled through systemctl
Modify the owner of nginx process
Default owner
Add an nginx user
useradd -M -d /usr/loacl/nginx -s /sbin/nologin nginx
Modify nginx.conf in nginx installation directory
vim /usr/local/nginx/conf/nginx.conf #According to the conf/nginx.conf in your installation directory
Restart reload
nginx -s reload
You can see the owner change
nginx concurrency optimization
Enter the installed directory of nginx
cd /usr/local/nginx/conf
Modify profile
vim conf/nginx.conf
The number of modified work processes is 2
Detection syntax
nginx -t
nginx restart
nginx -s reload
View the worker process of nginx
ps ax |grep nginx
Nginx is not enabled by default. We can use multi-core CPU by adding worker_cpu_affinity configuration parameters to take full advantage of the performance of multi-core CPUs. CPU is the most critical resource for task processing and computing. The more CPU cores, the better the performance
2 nucleus cpu,Start 2 processes worker_cpu_affinity 01 10; 4 individual cpu,Start 4 processes,and so on worker_cpu_affinity 0001 0010 0100 1000;
Set worker_ The mode of processes is changed to auto. Here, the number of workers will be determined according to the number of cpu cores of the host. A core is a worker
vim conf/nginx.conf
worker_connections the maximum number of connections (including all connections) that each worker process can handle (initiate) concurrently cannot exceed the maximum number of file openings
Here, you need the maximum number of file openings supported by the kernel > the maximum number of file openings supported by the system > the maximum number of file openings supported by the worker
vim conf/nginx.conf
How to view the maximum number of file openings supported by the kernel
sysctl -a |grep file
How to view the maximum number of file openings supported by the system
ulimit -a
The maximum number of files opened by the system can be modified
vim /etc/security/limits.conf
*: Represents all users. You can also specify a specified user or user group soft: Indicates the limit of the maximum number of files that can be opened at the application level hard: Indicates the maximum number of files that can be opened at the operating system level * soft nofile 65536 * hard nofile 65536
Log in to the shell again and use ulimit -a to check whether the value of the open files line is valid
Verify that the maximum number of files that can be opened by the nginx process takes effect
Restart nginx
nginx -s stop nginx
Find the pid value of nginx's worker process
ps aux | grep nginx
View max open files
cat /proc/pid/limits
nginx smooth upgrade
First, prepare the source code compilation package of the new version 1.21.1
nginx-1.21.1.tar.gz
Enter the decompressed directory, modify the relevant configuration, reduce nginx and speed up compilation
vim auto/cc/gcc
Comment out debug
to configure
./configure --with-http_ssl_module --with-http_stub_status_module --prefix=/usr/local/nginx
compile
make
Do not install (do not make install)
Save backup old version nginx
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx-old
Overwrite the old nginx in the installation directory with the generated nginx
\cp -f objs/nginx /usr/local/nginx/sbin/nginx
Gets the pid of the current nginx main process
ps ax|grep nginx
Upgrade new program
kill -USR2 master of id Mine is 3150
View new programs
ps ax|grep nginx
Close the original worker process but keep the main process in order to have a chance to fall back
kill -WINCH old master of id Mine is 3150
At this time, the old worker no longer exists
ps ax|grep nginx
Test: curl -I 172.25.21.1
The display version has been to 1.21.1
How to version fallback?
Use nginx old, which has just saved the old version in advance
Enter / usr/local/nginx/sbin/
Trilogy:
reduction nginx Procedure:# cp -f nginx-old nginx Wake up the original process:# kill -HUP old version id Recycle new version master Process: kill -WINCH 3150 Close the new version main process: kill -QUIT 3150
nginx load balancing
At this time, three virtual machines are needed for the experiment
Configure two hosts without nginx
On the installed host:
ssh the installed nginx directory using the scp command
scp -r /usr/local/nginx/ server2:/usr/local/nginx/ scp -r /usr/local/nginx/ server3:/usr/local/nginx/
Tell system d how to start the Unit and use systemctl to control nginx
scp /usr/lib/systemd/system/nginx.service server2:/usr/lib/systemd/system/ scp /usr/lib/systemd/system/nginx.service server3:/usr/lib/systemd/system/
Then go to the other two hosts to execute them respectively
To create soft links, you can use nginx directly
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
Create nginx user
useradd -M -d /usr/loacl/nginx -s /sbin/nologin nginx
Refresh service list
systemctl daemon-reload
Start and set startup self startup nginx
systemctl enable --now nginx
The default publishing page for server2 host modification is server2, and the default publishing page for server3 host modification is server3
echo server2(3) > /usr/local/nginx/html/index.html
Return to server1
Using http upstream module of nginx to realize load balancing of client accessing backend
Modify the configuration file vim /usr/local/nginx/conf/nginx.conf
Add the upstream module in http, and the module is named 808bass
Add server instruction
Save exit
nginx -t #Check whether the syntax is correct nginx -s reload # Refresh service
Add address resolution to the host to be accessed
vim /etc/hosts
Test access:
for i in {1..10}; do curl www.808bass.org; done
You can see load balancing on access
Modify the configuration file again
vim /usr/local/nginx/conf/nginx.conf
Modify the weight. The weight of 172.25.21.2 is 2, and there is a two-thirds chance of being accessed. 172.25.21.3 defaults to 1, and there is a one-third chance of being accessed
Save exit
nginx -t #Check whether the syntax is correct nginx -s reload # Refresh service
Test access:
for i in {1..10}; do curl www.808bass.org; done
You can see that server2 is about twice as large as server3 when accessing
Modify the configuration file again
vim /usr/local/nginx/conf/nginx.conf
Add backup. As long as you add an additional backup parameter after the server ip that you want to become a backup server, this server will become a backup server. When it is not used at ordinary times, nginx will not forward any requests to it. Nginx will enable this node only when all other nodes cannot be connected. Once a node is available to restore service, the node is no longer used and enters the backup state.
Save exit
nginx -t #Check whether the syntax is correct nginx -s reload # Refresh service
Change the default publishing page content
echo error > /usr/local/nginx/html/index.html
At this time, the nginx simulation of manually closing server2 and server3 fails
Execute nginx -s stop on both servers
Test access:
for i in {1..10}; do curl www.808bass.org; done
You can see that both server2 and server3 have been hung up, and the backup host starts to be enabled
Modify the configuration file again
vim /usr/local/nginx/conf/nginx.conf
ip_ According to personal understanding, the load balancing mode of hash is: for example, multiple users access the back-end nginx cluster through nginx. At this time, because there are different users, the IP is also different. The hash values calculated by ip+hash algorithm are transmitted to nginx, and nginx records the IP and hash values. Then the same IP will be allocated to the nginx server next time.
ip_hash cannot be used with backup
Save exit
nginx -t #Check whether the syntax is correct nginx -s reload # Refresh service
Test access:
for i in {1..10}; do curl www.808bass.org; done
You can see that only server2, the nginx server, is accessed
cookie based load balancing using nginx sticky
Modify profile
vim /usr/local/nginx/conf/nginx.conf
Turn off nginx service
nginx -s stop
You have to install a plug-in
Nginx-goods-nginx-sticky-module-ng-08a395c66e42.zip plugin package
Download the unzip compression tool and unzip the file
yum install unzip -y unzip nginx-goodies-nginx-sticky-module-ng-08a395c66e42.zip
Enter the source compilation directory of nginx
Configure the onboard module -- add module = / root / nginx-goods-nginx-sticky-module-ng-08a395c66e42
./configure --with-http_ssl_module --with-http_stub_status_module --prefix=/usr/local/nginx --add-module=/root/nginx-goodies-nginx-sticky-module-ng-08a395c66e42
make compilation
Display successful
Do not install!!!
You can see that nginx from 928 to 936 indicates that the plug-in installation is complete
The new nginx overwrites the old nginx
cp -f objs/nginx /usr/local/nginx/sbin/nginx
Close nginx
nginx -s stop
restart
nginx
Browser Test (ensure nginx of server2 and server3 starts)
Access 172.25.21.1
Always server2
Enter browser settings
delete cookie
Revisit
You can see that you have been accessing server3
nginx current limiting
nginx can use limit_conn_zone and limit_req_zone two components to limit the frequency and number of client access to directories and files
Modify profile
vim /usr/local/nginx/conf/nginx.conf limit_conn_zone $binary_remote_addr zone=addr:10m; Limit access frequency limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s The access frequency is limited. Here, it is limited to 1 time per second limit_conn addr 1 Limit concurrency limit_rate 50k Limit bandwidth limit_req zone=one burst=5 nodelay Limit to 1 s It can only be used once in a row, and only five people can be queued. Those behind do not wait
Pressure test with ab command
ab -c10 -n10 http://172.25.21.1/download/vim.jpg #c is the number of concurrent operations and n is the number of times