搭建一个大型网站架构的实验环境(Nginx代理服务器篇)

七、Porxy服务器配置
Proxy服务器(192.168.10.20)主要是负责终端客户的接入,为两台Squid缓存服务器提供均衡负载。现在我们就开始吧!

服务器网络配置
# ee /etc/rc.conf
ifconfig_lnc0=”inet 192.168.10.20 netmask 255.255.255.0″
defaultrouter=”192.168.10.10″
hostname=”proxy.rd.bj”

# ee /etc/hosts
192.168.10.20    proxy.rd.bj

# ee /etc/resolv.conf
nameserver 192.168.10.40

网络环境配置好后,我们开始安装Nginx,在那里,告诉我
# whereis nginx
nginx: /usr/ports/www/nginx
# make config
ng_1
# make showconfig   #我的配置选项
===> The following configuration options are available for nginx-0.5.34:
DEBUG=off “Enable nginx debugging”
HTTP_MODULE=on “Enable HTTP module”
HTTP_ADDITION_MODULE=on “Enable http_addition module”
HTTP_DAV_MODULE=on “Enable http_webdav module”
HTTP_FLV_MODULE=on “Enable http_flv module”
HTTP_PERL_MODULE=on “Enable http_perl module”
HTTP_REALIP_MODULE=on “Enable http_realip module”
HTTP_REWRITE_MODULE=on “Enable http_rewrite module”
HTTP_SSL_MODULE=on “Enable http_ssl module”
HTTP_STATUS_MODULE=on “Enable http_stub_status module”
HTTP_SUB_MODULE=on “Enable http_sub module”
MAIL_MODULE=off “Enable IMAP4/POP3/SMTP proxy module”
MAIL_IMAP_MODULE=off “Enable IMAP4 proxy module”
MAIL_POP3_MODULE=off “Enable POP3 proxy module”
MAIL_SMTP_MODULE=off “Enable SMTP proxy module”
MAIL_SSL_MODULE=off “Enable mail_ssl module”
WWW=on “Enable html sample files”
===> Use ‘make config’ to modify these settings
# make install clean
又开始等待了 … NNN …
又看看了看播客,终于完了,现在开始配置吧!

# cd /usr/local/etc/nginx
# ee nginx.conf #更改配置文件
我更改后的配置文件如下:
user www www;
worker_processes 1;

error_log /var/log/nginx_error.log;

pid        /var/run/nginx.pid;

events {
use kqueue;
worker_connections 65535;
}

http {
include       mime.types;
default_type application/octet-stream;

log_format main ‘$remote_addr – $remote_user [$time_local] $request ‘
‘”$status” $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘;

access_log /var/log/nginx_access.log main;

client_header_timeout 3m;
client_body_timeout    3m;
send_timeout           3m;

sendfile       on;
tcp_nopush     on;
tcp_nodelay    on;

keepalive_timeout 65;

client_header_buffer_size    1k;
large_client_header_buffers 4 4k;
output_buffers   1 32k;
postpone_output 1460;

gzip on;
gzip_min_length 1100;
gzip_buffers     4 8k;
gzip_types       text/plain;

upstream mysvr {
server 192.168.10.30:3128 weight=5;
server 192.168.10.31:3128 weight=5;
}

server {
listen       80;
server_name www.rd.bj;

charset gbk;

access_log /var/log/nginx_host.access.log main;

location / {
proxy_pass      http://mysvr/;

proxy_redirect             off;
proxy_set_header           Host $host;
proxy_set_header           X-Real-IP $remote_addr;
proxy_set_header           X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size       10m;
client_body_buffer_size    128k;
proxy_connect_timeout      90;
proxy_send_timeout         90;
proxy_read_timeout         90;
proxy_buffer_size          4k;
proxy_buffers              4 32k;
proxy_busy_buffers_size    64k;
proxy_temp_file_write_size 64k;
}

location /nginx {
stub_status             on;
access_log              on;
auth_basic              “NginxStatus”;
auth_basic_user_file    /usr/local/etc/nginx/htpasswd;
}
}
}
保存配置文件退出后,现在对刚才设置的文件进行验证。
# rehash
# nginx -t
2007/12/27 15:42:52 [info] 25243#0: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
2007/12/27 15:42:52 [info] 25243#0: the configuration file /usr/local/etc/nginx/nginx.conf was tested successfully

Very good,没问题了,我们在配置文件中还设置了查看Nginx的状态信息,所以,现在我们还必需生成一个htppasswd文件,这时候我们得用到 Apache的htpasswd 工具了, 我们这台代理服务器上没有Apache,现在只能依靠web服务器的了,去那生成一个复制过来。
生成htppasswd文件的方法:
# htpasswd -c /tmp/htpassswd nginx
输入两次密码就完成了,然后把生成好的htpasswd文件拷贝到proxy的机器的/usr/local/etc/nginx目录下就行了。
如何在两台机器之间拷贝文件呢?scp出场了 …
# scp /tmp/htpassswd root@192.168.10.20:/usr/local/etc/nginx

好了, 现在万事具备了,现在启动她吧!!!
# nginx
# ps -aux | grep nginx
root    804 0.0 3.4 4908 4288 ?? Ss    4:49PM   0:00.00 nginx: master process nginx (nginx)
www     805 0.0 13.8 18004 17404 ?? S     4:49PM   0:00.02 nginx: worker process (nginx)
root    807 0.0 0.3   536   416 p0 RL+   4:49PM   0:00.00 grep nginx

现在用浏览器查看一下Nginx的状态,http://192.168.10.20/nginx 输入用户名和密码进入,如图:
ng_2
好了,Nginx也配置完成了。