最近由於項目原因需要使用nginx,所以看了一下,先從安裝和配置開始。
(1) 安裝依賴
依賴庫直接使用yum安裝a) 安裝基本依賴工具
[root@localhost ~]# yum -y install gcc gcc-c++ automake autoconf libtool make
b) 安裝prec
[root@localhost ~]# yum install pcre.x86_64 pcre-devel.x86_64
c) 安裝zlib
[root@localhost ~]# yum install zlib.x86_64 zlib-devel.x86_64
d) 安裝openssl
[root@localhost ~]# yum install openssl.x86_64 openssl-devel.x86_64
(2) 編譯安裝nginx
a) 下載安裝包
[root@localhost ~]# wget http://nginx.org/download/nginx-1.4.7.tar.gz
b) 解壓
[root@localhost ~]# tar -xvf nginx-1.4.7.tar.gz
[root@localhost ~]# cd nginx-1.4.7
c) 安裝i. 指定安裝目錄
[root@localhost ~]# ./configure --prefix=/usr/local/nginx/cache/
ii. make & make install
[root@localhost ~]# make
[root@localhost ~]# make install
(3) 配置和啓動
a) 配置文件使用默認的配置文件在安裝目錄下:conf/nginx.conf,默認使用80端口,需要先使用netstat開一下80端口是否已經被佔用
[root@localhost ~]# netstat –nltp | grep 80
b) root啓動nginx,
[root@localhost ~]# /usr/local/nginx/cache/sbin/nginx -c /usr/local/nginx/cache/conf/nginx.conf
(4) 修改防火牆規則
Centos的防火牆默認是打開的,需要添加相應的規則打開80端口。a) 在另外一臺機器上測試端口,發現80端口不通
[root@localhost ~]# telnet 10.237.92.30 80
Trying 10.237.92.30...
telnet: Unable to connect to remote host: No route to host
b) Centos的防火牆默認是打開的,查看本機防火牆配置
[root@localhost ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
c) 打開80端口
[root@localhost ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
查看端口會發現端口通了
guojun1@guojun1-OptiPlex-9020:~$ telnet 10.237.92.30 80 Trying 10.237.92.30...
Connected to 10.237.92.30.
Escape character is '^]'.
^]
d) 修改iptables配置文件使用iptables命令增加的規則在重啓之後就失效了,要想規則在重啓之後任然有效, 需要修改iptables配置文件/etc/sysconfig/iptables,增加下面的行,
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT