实现apache与nginx之间的动静分离

实现apache与nginx之间的动静分离解析

Nginx的静态处理能力很强，但是动态处理能力不足，因此，在企业中常用动静分离技术。

针对PHP的动静分离，静态页面交给Nginx处理，动态页面交给PHP-FPM模块或Apache处理。

在Nginx的配置中，是通过location配置段配合正则匹配实现静态与动态页面的不同处理方式

其简单示意图如下：

本次实验将使用两台虚拟机，分别模拟LNMP端与NGINX端

首先是LAMP的架设

LAMP端

安装http服务

[root@localhost ~]# hostnamectl set-hostname LAMP       //更改主机名
[root@localhost ~]# su
[root@lamp ~]# yum install httpd httpd-devel -y
[root@lamp ~]# systemctl start httpd.service
[root@lamp ~]# firewall-cmd --zone=public --add-service=http --permanent    //防火墙设定允许通过
success
[root@lamp ~]# firewall-cmd --zone=public --add-service=https --permanent 
success
[root@lamp ~]# firewall-cmd --reload 
success

安装mariadb数据库

概述：

MariaDB数据库管理系统是MySQL的一个分支，主要由开源社区在维护，采用GPL授权许可 MariaDB的目的是完全兼容MySQL，包括API和命令行，使之能轻松成为MySQL的代替品。

[root@lamp ~]# yum install mariadb mariadb-server mariadb-libs mariadb-devel -y
[root@lamp ~]# systemctl start mariadb.service 
[root@lamp ~]# mysql_secure_installation                     //对数据库进行设置

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):        //回车进行下一步
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y                             //建立新的root管理密码，选择y
New password:                                          //输入两遍同样密码即可
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] n                         //删除匿名用户？（选择n）
 ... skipping.

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n                 //是否允许远程根登录，选择n
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] n        //选择n即可
 ... skipping.

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y                 //是否进行刷新？（选择y）
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

安装PHP工具

[root@lamp ~]# yum -y install php              //安装PHP工具
[root@lamp ~]# yum install php-mysql -y        //建立php与数据库的关系
[root@lamp ~]# yum -y install \
php-gd \
php-ldap \
php-odbc \
php-pear \
php-xml \
php-xmlrpc \
php-mbstring \
php-snmp \
php-soap \
curl curl-devel \
php-bcmath

创建http站点

[root@lamp ~]# cd /var/www/html/          //前往http站点目录
[root@lamp html]# ll       //此时为空
总用量 0
[root@lamp html]# vim index.php           //新建首页
添加
<?php
  phpinfo();
?>
[root@lamp html]# systemctl restart httpd.service

此时，使用测试机进行访问是可以查看到php的动态网页的，证明LAMP架构成功，下面就是nginx方面的设置。

Nginx端

开启另一台虚拟机作为nginx端

手工编译安装nginx

[root@localhost ~]# hostnamectl set-hostname nginx      //更改主机名
[root@localhost ~]# su
[root@nginx mnt]# tar zxvf nginx-1.12.0.tar.gz -C /opt
[root@nginx mnt]# cd /opt/nginx-1.12.0/
[root@nginx nginx-1.12.0]# useradd -M -s /sbin/nologin nginx     //创建程序性用户
[root@nginx nginx-1.12.0]# yum -y install \
gcc gcc-c++ \
pcre pcre-devel \
zlib-devel \
expat-devel
[root@nginx nginx-1.12.0]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@nginx nginx-1.12.0]# make && make install     //编译安装

编写启动脚本

[root@nginx nginx-1.12.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/    //创建软链接方便识别
[root@nginx nginx-1.12.0]# vim /etc/init.d/nginx
添加
#!/bin/bash
wenjian="/usr/local/nginx/sbin/nginx"
pid="/usr/local/nginx/logs/nginx.pid"
case $1 in
start)
    $wenjian ;;
stop)
    kill -s QUIT $(cat $pid) ;;
restart)
    $0 stop
    $0 start
;;
reload)
    kill -s HUP $(cat $pid) ;;
*)
    echo "Please,try again"
    exit 1 ;;
esac
exit 0
[root@nginx nginx-1.12.0]# chmod +x /etc/init.d/nginx
[root@nginx init.d]# service nginx start 
[root@nginx init.d]# netstat -atnp | grep 80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      8638/nginx: master
[root@nginx init.d]# systemctl stop firewalld.service 
[root@nginx init.d]# setenforce 0

验证nginx服务

此时，我们通过测试机进行访问，即可得到如下界面：

但是，若访问php格式的动态网页则会出现404访问错误的问题

想要解决这个问题，就引入了下面的实验，在nginx配置文件中进行动静分离的设置

nginx端

[root@nginx init.d]# cd /usr/local/nginx/conf
[root@nginx conf]# vim nginx.conf     //修改配置文件
59到61行，取消注释，并按照下面进行修改
  location ~ \.php$ {
        proxy_pass   http://192.168.142.128;    #apache服务器所在地址
  }
wq保存退出
[root@nginx nginx]# service nginx stop       //重启服务
[root@nginx nginx]# service nginx start

至此，动静分离就全部完成了。

实验验证

动态网页

静态网页