一、安裝pcre:
複製代碼
cd /usr/local/src wget http://downloads.sourceforge.net/project/pcre/pcre/8.34/pcre-8.34.tar.gz tar zxvf pcre-8.34.tar.gz cd pcre-8.34 ./configure --prefix=/usr/local/pcre make make install
複製代碼
二、下載proxy_cache插件
cd /usr/local/src wget http://labs.frickle.com/files/ngx_cache_purge-2.1.tar.gz tar zxvf ngx_cache_purge-2.1.tar.gz
三、安裝tengine
複製代碼
yum install openssl openssl-devel -y cd /usr/local/src wget http://tengine.taobao.org/download/tengine-2.0.0.tar.gz tar zxvf tengine-2.0.0.tar.gz cd tengine-2.0.0 ./configure --add-module=/usr/local/src/ngx_cache_purge-2.1 --prefix=/usr/local/nginx --with-http_stub_status_module --with-pcre=/usr/local/src/pcre-8.34 make make install
複製代碼
/usr/local/nginx/sbin/nginx #啓動nginx chown nobody.nobody -R /usr/local/nginx/html chmod 700 -R /usr/local/nginx/html
如果編譯的問題的話,看看是不是下面的原因:
./configure: error: the HTTP SSL module requires OpenSSL library
原因:安裝http_ssl_module模塊需要openssl library
解決:yum install openssl-devel
./configure: error: the HTTP rewrite module requires the PCRE library.
原因:安裝http_rewrite_module模塊需要先安裝PCRE開發包
解決:yum install pcre-devel
注意:
--with-pcre=/usr/local/src/pcre-8.21指向的是源碼包解壓的路徑,而不是安裝的路徑,否則會報錯。
--add-module=/usr/local/src/ngx_cache_purge-2.1 是指加載緩存的插件模塊
四、設置Tengine開機啓動
vi /etc/rc.d/init.d/nginx #編輯啓動文件添加下面內容
複製代碼
#!/bin/bash # Tengine Startup script# processname: nginx # chkconfig: - 85 15 # description: nginx is a World Wide Web server. It is used to serve # pidfile: /var/run/nginx.pid # config: /usr/local/nginx/conf/nginx.conf nginxd=/usr/local/nginx/sbin/nginx nginx_config=/usr/local/nginx/conf/nginx.conf nginx_pid=/usr/local/nginx/logs/nginx.pid RETVAL=0 prog="nginx" # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 [ -x $nginxd ] || exit 0 # Start nginx daemons functions. start() { if [ -e $nginx_pid ];then echo "tengine already running...." exit 1 fi echo -n $"Starting $prog: " daemon $nginxd -c ${nginx_config} RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx return $RETVAL } # Stop nginx daemons functions. stop() { echo -n $"Stopping $prog: " killproc $nginxd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid } reload() { echo -n $"Reloading $prog: " #kill -HUP `cat ${nginx_pid}` killproc $nginxd -HUP RETVAL=$? echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) stop start ;; status) status $prog RETVAL=$? ;; *) echo $"Usage: $prog {start|stop|restart|reload|status|help}" exit 1 esac exit $RETVAL
複製代碼
保存退出
chmod 775 /etc/rc.d/init.d/nginx #賦予文件執行權限 chkconfig --level 012345 nginx on #設置開機啓動 /etc/rc.d/init.d/nginx restart
四、配置Tengine
將nginx初始配置文件備份,我們要重新創建配置文件.
mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
創建nginx用戶www
groupadd www useradd -g www www
編輯主配置文件:
vi /usr/local/nginx/conf/nginx.conf
內容如下:
複製代碼
user www www; worker_processes 4; # 工作進程數,爲CPU的核心數或者兩倍 error_log logs/error.log crit; # debug|info|notice|warn|error|crit pid logs/nginx.pid; #Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 65535; events { use epoll; #Linux最常用支持大併發的事件觸發機制 worker_connections 65535; } http { include mime.types; #設定mime類型,類型由mime.type文件定義 default_type application/octet-stream; charset utf-8; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; #設定請求緩衝 server_names_hash_bucket_size 256; #增加,原爲128 client_header_buffer_size 256k; #增加,原爲32k large_client_header_buffers 4 256k; #增加,原爲32k #size limits client_max_body_size 50m; #允許客戶端請求的最大的單個文件字節數 client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; server_tokens on; #不顯示nginx版本信息 limit_conn_zone $binary_remote_addr zone=perip:10m; #添加limit_zone,限制同一IP併發數 #fastcgi_intercept_errors on; #開啓錯誤頁面跳轉 include gzip.conf; #壓縮配置文件 include proxy.conf; #proxy_cache參數配置文件 include vhost/*.conf; #nginx虛擬主機包含文件目錄 include mysvrhost.conf; #後端WEB服務器列表文件 }
複製代碼
編輯代理配置文件:
cd /usr/local/nginx/conf/ mkdir vhost vi /usr/local/nginx/conf/proxy.conf
內容如下:
複製代碼
#注:proxy_temp_path和proxy_cache_path指定的路徑必須在同一分區 proxy_temp_path /tmp/proxy_temp;
#設置Web緩存區名稱爲cache_one,內存緩存空間大小爲500MB,1天沒有被訪問的內容自動清除,硬盤緩存空間大小爲30GB。 proxy_cache_path /tmp/proxy_cache levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=30g; client_body_buffer_size 512k; #原爲512k proxy_connect_timeout 50; #代理連接超時 proxy_read_timeout 600; #代理髮送超時 proxy_send_timeout 600; #代理接收超時 proxy_buffer_size 128k; #代理緩衝大小,原爲32k proxy_buffers 16 256k; #代理緩衝,原爲4 64k proxy_busy_buffers_size 512k; #高負荷下緩衝大小,原爲128k proxy_temp_file_write_size 1024m; #proxy緩存臨時文件的大小原爲128k #proxy_ignore_client_abort on; #不允許代理端主動關閉連接 proxy_next_upstream error timeout invalid_header http_500 http_503 http_404 http_502 http_504;
複製代碼
編輯主機配置文件:
vi /usr/local/nginx/conf/mysvrhost.conf
內容如下:
upstream cn100 { ip_hash; #會話保持 server 127.0.0.1:8080 max_fails=1 fail_timeout=60s; server 127.0.0.1:9080 max_fails=1 fail_timeout=60s; }
編輯壓縮配置文件:
vi /usr/local/nginx/conf/gzip.conf
內容如下:
複製代碼
#網頁GZIP壓縮設置 #2012.4.2 #可通過http://tool.chinaz.com/Gzips/檢測壓縮情況 # #啓動預壓縮功能,對所有類型的文件都有效 #gzip_static on; #開啓nginx_static後,對於任何文件都會先查找是否有對應的gz文件 #找不到預壓縮文件,進行動態壓縮 gzip on; gzip_min_length 1k; #設置最小的壓縮值,單位爲bytes.超過設置的min_length的值會進行壓縮,小於的不壓縮. gzip_comp_level 3; #壓縮等級設置,1-9,1是最小壓縮,速度也是最快的;9剛好相反,最大的壓縮,速度是最慢的,消耗的CPU資源也多 gzip_buffers 16 64k; #設置系統的緩存大小,以存儲GZIP壓縮結果的數據流,它可以避免nginx頻煩向系統申請壓縮空間大小 gzip_types text/plain application/x-javascript text/css text/javascript; #關於gzip_types,如果你想讓圖片也開啓gzip壓縮,那麼用以下這段吧: #gzip_types text/plain application/x-javascript text/css text/javascript application/x-httpd-php image/jpeg image/gif image/png; #gzip公共配置 gzip_http_version 1.1; #識別http的協議版本(1.0/1.1) gzip_proxied any; #設置使用代理時是否進行壓縮,默認是off的 gzip_vary on; #和http頭有關係,加個vary頭,代理判斷是否需要壓縮 gzip_disable "MSIE [1-6]."; #禁用IE6的gzip壓縮
複製代碼
編輯配置文件:
vi /usr/local/nginx/conf/vhost/cn100.conf
內容如下:
複製代碼
server { listen 80; server_name localhost; #默認啓動文件 index index.html index.htm; #配置發佈目錄爲/usr/local/tomcat1/webapps/ROOT root /usr/local/tomcat1/webapps/ROOT; location / { #如果後端的服務器返回502、504、執行超時等錯誤,自動將請求轉發到upstream負載均衡池中的另一臺服務器,實現故障轉移。 proxy_next_upstream http_502 http_504 error timeout invalid_header; proxy_cache cache_one; #對不同的HTTP狀態碼設置不同的緩存時間 proxy_cache_valid 200 304 12h; #以域名、URI、參數組合成Web緩存的Key值,Nginx根據Key值哈希,存儲緩存內容到二級緩存目錄內 proxy_cache_key $host$uri$is_args$args; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://cn100; proxy_pass_header Set-Cookie; #對用戶傳輸Set-Cookie的http頭,不然無法支持一些包含cookie的應用,比如我的typecho #過期時間3天 expires 3d; } #用於清除緩存,假設一個URL爲http://192.168.8.42/test.txt,通過訪問http://192.168.8.42/purge/test.txt就可以清除該URL的緩存。 location ~ /purge(/.*) { #設置只允許指定的IP或IP段纔可以清除URL緩存。 allow 127.0.0.1; allow 192.168.0.0/16; deny all; proxy_cache_purge cache_one $host$1$is_args$args; } # 查看nginx的併發連接數配置 location /NginxStatus { stub_status on; access_log off; auth_basic "NginxStatus"; } #定義Nginx輸出日誌的路徑 #access_log /data/logs/nginx_wugk/access.log main; #error_log /data/logs/nginx_wugk/error.log crit; #access_log off; #根據自己的需要選擇是否啓用access日誌,註釋掉代表啓用 error_page 404 /404.html; error_page 500 502 503 504 /404.html; location = /404.html { root html; } limit_conn perip 50; #同一ip併發數爲50,超過會返回503 }
複製代碼
爲Tengine配置一下系統的TCP設置,優化一下:
vi /etc/sysctl.conf
內容如下:
複製代碼
net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 16384 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 30 net.ipv4.ip_local_port_range = 1024 65000
#允許系統打開的端口範圍
複製代碼
使配置立即生效
/sbin/sysctl -p
製作一個重啓全部的腳本
vi /root/restartall
複製代碼
#!/bin/sh # #重啓memcached進程 service memcached restart #清空日誌 rm -f /usr/local/tomcat1/logs/* rm -f /usr/local/tomcat2/logs/* #清空緩存 rm -rf /tmp/proxy_cache #重啓動tomcat /usr/local/tomcat1/bin/shutdown.sh /usr/local/tomcat2/bin/shutdown.sh /usr/local/tomcat1/bin/startup.sh /usr/local/tomcat2/bin/startup.sh #重啓nginx service nginx restart
複製代碼
給運行權限
chmod 777 /root/restartall
以後重啓服務只需要:
/root/restartall
注意事項:
將http://cn100做本地域名解析 指定12700.0.1
vi /etc/hosts