[nginx] Ubuntu22.04 + nginx-1.24.0 + nginx_upstream_check_module(Healt…
작성일 23-06-10 15:53
페이지 정보
작성자sbLAB 조회 2,211회 댓글 0건본문
Nginx load balancing
Ubuntu22.04 + nginx-1.24.0 + nginx_upstream_check_module(Health-Check open source)
Settings
- Ubuntu22.04
- nginx-1.24.0 http://nginx.org/en/download.html
- nginx_upstream_check_module check_1.20.1+.patch (Health-Check open source) https://github.com/yaoweibin/nginx_upstream_check_module
- ssl(libssl-dev)
※ nginx-1.24.0 버전 + ginx_upstream_check_module 은 check_1.20.1+.patch => 버전이 정확히 일치하지 않으나 아래와 같이 컴파일 설치 진행완료.
※ nginx-1.20.1 버전 + ginx_upstream_check_module 은 check_1.20.1+.patch => 컴파일 할때,
--with-http_ssl_module SSL모듈에서 오류 발생.(설치된 libssl-dev ssl라이브러리 최신 버전(3.0)에서 Deprecated된 함수를 nginx-1.20.1 에서 사용하려 한다는 오류)
Compile Install nginx-1.24.0 버전 + ginx_upstream_check_module 은 check_1.20.1+.patch
#apt update
#cd /home/myhome
#mkdir nginx
#cd nginx
#apt install git
#git clone https://github.com/yaoweibin/nginx_upstream_check_module.git
#wget 'http://nginx.org/download/nginx-1.24.0.tar.gz'
#ls -al
-----
drwxr-xr-x 3 root root 4096 6월 10 12:34 ./
drwxr-x--- 23 myhome myhome 4096 6월 10 12:30 ../
-rw-r--r-- 1 root root 1061461 5월 26 2021 nginx-1.24.0.tar.gz
drwxr-xr-x 7 root root 4096 6월 10 12:33 nginx_upstream_check_module/
-----
#tar -xvf nginx-1.24.0.tar.gz
-----
drwxr-xr-x 4 root root 4096 6월 10 12:36 .
drwxr-x--- 23 myhome myhome 4096 6월 10 12:30 ..
drwxr-xr-x 8 wp mysql 4096 5월 25 2021 nginx-1.24.0
-rw-r--r-- 1 root root 1061461 5월 26 2021 nginx-1.24.0.tar.gz
drwxr-xr-x 7 root root 4096 6월 10 12:33 nginx_upstream_check_module
-----
#cd nginx-1.24.0
※ 기존 check_1.20.1+.patch 패치한 nginx-1.24.0 을 그대로 사용하지 말것! 새로 tar -xvf nginx-1.24.0.tar.gz 압축해제 해서 패치 할것!
#patch -p1 < ../nginx_upstream_check_module/check_1.20.1+.patch
--------
patching file src/http/modules/ngx_http_upstream_hash_module.c
patching file src/http/modules/ngx_http_upstream_ip_hash_module.c
patching file src/http/modules/ngx_http_upstream_least_conn_module.c
patching file src/http/ngx_http_upstream_round_robin.c
patching file src/http/ngx_http_upstream_round_robin.h
---------
#gcc --version
--------------
Command 'gcc' not found
--------------
#apt install gcc
#apt install build-essential
#apt install libpcre3-dev
#apt install zlib1g-dev
#apt install libssl-dev // --with-http_ssl_module 에 사용될 ssl 라이브러리
-------------
※위 gcc 설치 과정에서 아래오류! libc6=2.35-0ubuntu3 버전이 필요하다는 뜻!
The following packages have unmet dependencies:
libc6-dev : Depends: libc6 (= 2.35-0ubuntu3) but 2.35-0ubuntu3.1 is to be installed
E: Unable to correct problems, you have held broken packages.
-------------
#apt install libc6=2.35-0ubuntu3
#gcc --version
-----------
gcc (Ubuntu 11.3.0-1ubuntu1~22.04.1) 11.3.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-----------
// nginx_upstream_check_module Health-Check 모듈과, ssl 모듈, stub_status 모듈을 적용시킴
#./configure --add-module=../nginx_upstream_check_module --with-http_ssl_module --with-http_stub_status_module
#make
#make install
#cd /usr/local/nginx/sbin
#./nginx
#./nginx -t
#./nginx -s stop
※ 실 운영은 맨 아래 [nginx 서비스 등록 /자동 시작] 과 같이 서비스로 실행 함(성능/관리)
---------------------------------------
nginx 시작
nginx -s stop 정지
nginx -s reload 재시작
nginx -t 설정파일 체크
/usr/local/nginx/conf 메인설정파일 위치
-----------------------------------------
[nginx 컴파일 옵션(configure) 확인]
cd /usr/local/nginx/sbin
./nginx -V
-------------
nginx version: nginx/1.24.0
built by gcc 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04.1)
built with OpenSSL 3.0.2 15 Mar 2022
TLS SNI support enabled
configure arguments: --add-module=../nginx_upstream_check_module --with-http_ssl_module
-------------
[프로세스 확인, kill 예제]
ps -ef | grep nginx
kill -15 32548
webroot => /usr/local/nginx/html/
Full Example Configuration
https://www.nginx.com/resources/wiki/start/topics/examples/full/
[/usr/local/nginx/conf/nginx.conf] ---------------Test------------
user nginx;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
#/usr/local/nginx/conf/mime.types
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /api{
proxy_pass http://blserver;
}
location /status {
check_status;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
upstream blserver {
#기본 값은 순차 접속(Round Robin)
# least-connected 방식
# least_conn;
# IP hash 방식
# ip_hash;
server 192.168.0.11:80;
server 192.168.0.35:80;
check interval=3000 rise=2 fall=5 timeout=4000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
[nginx 서비스 등록 /자동 시작]
/etc/systemd/system/nginx.service 파일 생성
---------------------------------------
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
--------------------------------------
[자동시작]
systemctl enable nginx.service
댓글목록
등록된 댓글이 없습니다.