關于Linux運維中監控方面的一些基礎筆記

可能不是不喜歡了，而是累了，可能不是之前的喜歡都是假的，只是這個世界本來就很蒼白，道不同，不相語。路不同，不相逢

寫在前面

筆記是報班學習后整理的，適合溫習，不適合新手。蹭著國慶長假整理了一份，希望對小伙伴有幫助.

生活加油,天天開心！博文主要圍繞以幾個方面：

監控的基本知識

zabbix 的安裝部署教程，

多節點監控實戰

可能不是不喜歡了，而是累了，可能不是之前的喜歡都是假的，只是這個世界本來就很蒼白

一、監控概述

1.1 監控的目的

1.1.1 監控的資源類別

1.2 監控軟件

查看進程信息

######查看進程信息 ┌──[root@liruilongs.github.io]-[~] └─$ ps -aux | less ┌──[root@liruilongs.github.io]-[~] └─$ USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 43264 3708 ? Ss 17:49 0:04 /usr/lib/systemd/systemd --switched-root --system --deserialize 21 root 2 0.0 0.0 0 0 ? S 17:49 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S 17:49 0:00 [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S< 17:49 0:00 [kworker/0:0H] root 7 0.0 0.0 0 0 ? S 17:49 0:00 [migration/0] root 8 0.0 0.0 0 0 ? S 17:49 0:00 [rcu_bh] root 9 0.0 0.0 0 0 ? S 17:49 0:01 [rcu_sched] root 10 0.0 0.0 0 0 ? S 17:49 0:00 [watchdog/0] root 11 0.0 0.0 0 0 ? S 17:49 0:00 [watchdog/1] root 12 0.0 0.0 0 0 ? S 17:49 0:00 [migration/1] root 13 0.0 0.0 0 0 ? S 17:49 0:00 [ksoftirqd/1] root 15 0.0 0.0 0 0 ? S< 17:49 0:00 [kworker/1:0H] root 17 0.0 0.0 0 0 ? S 17:49 0:00 [kdevtmpfs] root 18 0.0 0.0 0 0 ? S< 17:49 0:00 [netns] root 19 0.0 0.0 0 0 ? S 17:49 0:00 [khungtaskd] root 20 0.0 0.0 0 0 ? S< 17:49 0:00 [writeback] root 21 0.0 0.0 0 0 ? S< 17:49 0:00 [kintegrityd] root 22 0.0 0.0 0 0 ? S< 17:49 0:00 [bioset] root 23 0.0 0.0 0 0 ? S< 17:49 0:00 [kblockd] root 24 0.0 0.0 0 0 ? S< 17:49 0:00 [md] root 26 0.0 0.0 0 0 ? R 17:49 0:02 [kworker/1:1] root 31 0.0 0.0 0 0 ? S 17:50 0:00 [kswapd0] root 32 0.0 0.0 0 0 ? SN 17:50 0:00 [ksmd] root 33 0.0 0.0 0 0 ? SN 17:50 0:00 [khugepaged] root 34 0.0 0.0 0 0 ? S< 17:50 0:00 [crypto] root 42 0.0 0.0 0 0 ? S< 17:50 0:00 [kthrotld] root 44 0.0 0.0 0 0 ? S< 17:50 0:00 [kmpath_rdacd] :

查看cpu負載

#######查看cpu負載 ┌──[root@liruilongs.github.io]-[~] └─$ uptime 19:09:58 up 1:20, 3 users, load average: 0.00, 0.01, 0.05

查看內存使用信息

#######查看內存使用信息 ┌──[root@liruilongs.github.io]-[~] └─$ free -h total used free shared buff/cache available Mem: 3.8G 202M 3.3G 16M 322M 3.4G Swap: 9G 0B 9G

查看交換分區設備信息

#######查看交換分區設備信息 ┌──[root@liruilongs.github.io]-[~] └─$ swapon -s Filename Type Size Used Priority /dev/sda2 partition 10485756 0 -1

查看設備文件系統掛載信息

#######查看設備文件系統掛載信息 ┌──[root@liruilongs.github.io]-[~] └─$ df -h Filesystem Size Used Avail Use% Mounted on /dev/sda1 150G 2.7G 148G 2% / devtmpfs 2.0G 0 2.0G 0% /dev tmpfs 2.0G 0 2.0G 0% /dev/shm tmpfs 2.0G 17M 2.0G 1% /run tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup tmpfs 394M 0 394M 0% /run/user/0 ┌──[root@liruilongs.github.io]-[~] └─$

查看網卡信息, 需安裝 net-tools軟件包

########查看網卡信息, 需安裝 net-tools軟件包 #RX packets 指進站的總流量(從開機開始計算) #TX packets 指出站的總流量(從開機開始計算) ┌──[root@liruilongs.github.io]-[~] └─$ ifconfig ens32 ens32: flags=4163 mtu 1500 inet 192.168.26.55 netmask 255.255.255.0 broadcast 192.168.26.255 inet6 fe80::20c:29ff:fec9:6fae prefixlen 64 scopeid 0x20 ether 00:0c:29:c9:6f:ae txqueuelen 1000 (Ethernet) RX packets 754 bytes 72467 (70.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 562 bytes 64846 (63.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 ┌──[root@liruilongs.github.io]-[~] └─$

查看端口信息和對應的協議,與grep結合使用

######查看端口信息和對應的協議,與grep結合使用 ##netsat 功能相同 ┌──[root@liruilongs.github.io]-[~] └─$ ss -ntulpa Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 127.0.0.1:323 *:* users:(("chronyd",pid=586,fd=1)) udp UNCONN 0 0 ::1:323 :::* users:(("chronyd",pid=586,fd=2)) tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=935,fd=3)) tcp LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1050,fd=13)) tcp ESTAB 0 0 192.168.26.55:22 192.168.26.1:2326 users:(("sshd",pid=1203,fd=3)) tcp ESTAB 0 0 192.168.26.55:22 192.168.26.1:11634 users:(("sshd",pid=12072,fd=3)) tcp LISTEN 0 128 :::22 :::* users:(("sshd",pid=935,fd=4)) tcp LISTEN 0 100 ::1:25 :::* users:(("master",pid=1050,fd=14)) ┌──[root@liruilongs.github.io]-[~] └─$

測試網絡延遲 (是否可以通信)

#########測試網絡延遲 (是否可以通信) ##time=0.519 ms 為網絡延遲時間，時間越小，網絡延遲越短 ┌──[root@liruilongs.github.io]-[~] └─$ ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.406 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.090 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.130 ms 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.124 ms ^C --- 127.0.0.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 0.090/0.187/0.406/0.127 ms ┌──[root@liruilongs.github.io]-[~] └─$

traceroute可以跟蹤路由，查看到目標主機經過哪些路由

########traceroute可以跟蹤路由，查看到目標主機經過哪些路由 [root@proxy ~]# yum -y install traceroute [root@proxy ~]# traceroute 192.168.2.254 traceroute to 192.168.2.254 (192.168.2.254), 30 hops max, 60 byte packets 1 192.168.2.254 (192.168.2.254) 0.929 ms * *

iostat 查詢磁盤的讀寫性能，需要安裝軟件包sysstat

########iostat 查詢磁盤的讀寫性能，需要安裝軟件包sysstat ┌──[root@liruilongs.github.io]-[~] └─$ iostat linux 3.10.0-693.el7.x86_64 (liruilongs.github.io) 09/30/2021 _x86_64_ (2 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 0.16 0.01 0.18 0.11 0.00 99.54 ##kB_read/s 磁盤每秒讀的數據大小(KB) ##kB_wrtn/s 磁盤每秒寫入的數據大小(KB) ##kB_read 磁盤讀的總數據大小(KB) ##kB_wrtn 磁盤寫入的總數據大小(KB) Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn sda 1.59 59.74 11.22 360970 67798 ┌──[root@liruilongs.github.io]-[~] └─$

sar查看CPU的信息，第一個數字：指每隔幾秒讀取數據； 第二個數字: 指取幾次CPU的數據

┌──[root@liruilongs.github.io]-[~] └─$ sar 1 2 Linux 3.10.0-693.el7.x86_64 (liruilongs.github.io) 09/30/2021 _x86_64_ (2 CPU) ###%idle 指CPU的空閑率 08:59:07 PM CPU %user %nice %system %iowait %steal %idle 08:59:08 PM all 0.00 0.00 0.00 0.00 0.00 100.00 08:59:09 PM all 0.00 0.00 0.00 0.00 0.00 100.00 Average: all 0.00 0.00 0.00 0.00 0.00 100.00 ┌──[root@liruilongs.github.io]-[~] └─$

使用sar查看所有網卡的實時流量信息

┌──[root@liruilongs.github.io]-[~] └─$ sar -n DEV 1 2 #############使用sar查看所有網卡的實時流量信息 #第一個數字1：指每隔1秒查看一次網絡數據流量； 第二個數字2: 指查看兩次 Linux 3.10.0-693.el7.x86_64 (liruilongs.github.io) 09/30/2021 _x86_64_ (2 CPU) #rxkB/s 指每秒接收數據的流量（KB）； #txkB/s 指每秒發送數據的流量 (KB)； 09:00:26 PM IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s 09:00:27 PM ens32 0.00 0.00 0.00 0.00 0.00 0.00 0.00 09:00:27 PM lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 09:00:27 PM docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 09:00:27 PM IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s 09:00:28 PM ens32 1.00 1.00 0.06 0.47 0.00 0.00 0.00 09:00:28 PM lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 09:00:28 PM docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s Average: ens32 0.50 0.50 0.03 0.23 0.00 0.00 0.00 Average: lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 ┌──[root@liruilongs.github.io]-[~] └─$

1.3 自動化監控系統

1.3.1 Zabbix簡介

Zabbix 是一個高度集成的監控解決方案,可以實現企業級的開源分布式監控,

Zabbix 通過 C/S模式采集監控數據

C/S (client/server): 客戶端/服務器

客戶端程序負載采集要監控的數據，然后發送給監控服務器；

監控服務器對客戶發送過來的數據進行存儲和處理；

Zabbix通過B/S模式實現Web管理

B/S (browser/server): 瀏覽器/服務器

管理員可以通過瀏覽器，訪問監控服務器web頁面，并可以查看和管理監控系統

1.3.2 監控拓撲

二、LNMP環境準備

這里的話，因為zabbix web系統使用的是php，所以需要配置LNMP環境。

Nginx是一款小巧而高效的Web服務器軟件，可幫您在Linux系統下快速方便地搭建出LNMP Web服務環境。在ECS實例上搭建LNMP環境，其中LNMP分別代表Linux、Nginx、MySQL和PHP。

2.1 部署LNMP

這里小伙伴可以參考這個：

手動部署LNMP環境（CentOS 7）

2.1.1 安裝前準備

監控服務器（需要使用Web頁面操作，因此需要先部署LNMP）

設置主機名（zabbixserver）

設置IP地址（192.168.26.15）

關閉防火墻、SELinux

監控客戶端 (2.100和2.200)

主機web1（192.168.26.14）

主機web2（192.168.26.13）

關閉防火墻、SELinux

虛擬機環境準備(克隆centos7 模板機)： ——> 關閉防火墻和SELinux，嗯，因為需要多個機器，所以我們用ansible，方便一點,這里，

192.168.26.15為控制機，192.168.26.14，192.168.26.13 為節點機

配置到物理機的SSH免密

┌──(liruilong?Liruilong)-[/mnt/e/docker] └─$ ssh-copy-id root@192.168.26.13 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/liruilong/.ssh/id_rsa.pub" The authenticity of host '192.168.26.13 (192.168.26.13)' can't be established. ECDSA key fingerprint is SHA256:1F/T20FjhEaLDtutI1rXCwOFGZ5nPs3hFzHyjsnAs3Q. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.13's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.13'" and check to make sure that only the key(s) you wanted were added. ┌──(liruilong?Liruilong)-[/mnt/e/docker] └─$ ssh-copy-id root@192.168.26.14 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/liruilong/.ssh/id_rsa.pub" The authenticity of host '192.168.26.14 (192.168.26.14)' can't be established. ECDSA key fingerprint is SHA256:cfpb8zAi+otnaU0YIoRb76iaOYiFDI4JHyU9N0LmNkY. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.14's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.14'" and check to make sure that only the key(s) you wanted were added. ┌──(liruilong?Liruilong)-[/mnt/e/docker] └─$ ssh-copy-id root@192.168.26.15 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/liruilong/.ssh/id_rsa.pub" The authenticity of host '192.168.26.15 (192.168.26.15)' can't be established. ECDSA key fingerprint is SHA256:Ix6WxiXXJVdMFdSqiXLaPYdg+khbzkjuYO4raDDnih0. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.15's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.15'" and check to make sure that only the key(s) you wanted were added. ┌──(liruilong?Liruilong)-[/mnt/e/docker] └─$

ansible環境準備

┌──[root@zabbixserver]-[/] └─$ mkdir ansible;cd ansible;vim ansible.cfg ┌──[root@zabbixserver]-[/ansible] └─$ cat ansible.cfg [defaults] # 主機清單文件，就是要控制的主機列表 inventory=inventory # 連接受管機器的遠程的用戶名 remote_user=root # 角色目錄 roles_path=roles # 設置用戶的su 提權 [privilege_escalation] become=True become_method=sudo become_user=root become_ask_pass=False ┌──[root@zabbixserver]-[/ansible] └─$ vim inventory ┌──[root@zabbixserver]-[/ansible] └─$ cat inventory [web] 192.168.26.13 192.168.26.14 [zabbix] 192.168.26.13 192.168.26.14 127.0.0.1 ┌──[root@zabbixserver]-[/ansible] └─$

配置控制機到節點機的SSH免密

┌──[root@zabbixserver]-[/ansible] └─$ ssh-copy-id root@192.168.26.13 /usr/bin/ssh-copy-id: ERROR: failed to open ID file '/root/.pub': No such file or directory (to install the contents of '/root/.pub' anyway, look at the -f option) ┌──[root@zabbixserver]-[/ansible] └─$ ssh-copy-id root@192.168.26.14 /usr/bin/ssh-copy-id: ERROR: failed to open ID file '/root/.pub': No such file or directory (to install the contents of '/root/.pub' anyway, look at the -f option) ┌──[root@zabbixserver]-[/ansible] └─$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:/wLemqRJd5tsIWj/hxole6EpNTZ9M2lDooVGnYTx3I4 root@zabbixserver The key's randomart image is: +---[RSA 2048]----+ | o=.. | | ..+o. | | o = o | | . + = . | | .S E O | | oooX.+ + | | .ooB++o | | . *o*=+. | | o +==o. | +----[SHA256]-----+ ┌──[root@zabbixserver]-[/ansible] └─$ ssh-copy-id root@192.168.26.14 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.26.14 (192.168.26.14)' can't be established. ECDSA key fingerprint is SHA256:cfpb8zAi+otnaU0YIoRb76iaOYiFDI4JHyU9N0LmNkY. ECDSA key fingerprint is MD5:35:32:02:28:b3:2f:9b:11:3c:d9:16:29:ab:2f:75:73. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.14's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.14'" and check to make sure that only the key(s) you wanted were added. ┌──[root@zabbixserver]-[/ansible] └─$ ssh-copy-id root@192.168.26.13 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.26.13 (192.168.26.13)' can't be established. ECDSA key fingerprint is SHA256:1F/T20FjhEaLDtutI1rXCwOFGZ5nPs3hFzHyjsnAs3Q. ECDSA key fingerprint is MD5:b3:c9:31:0e:08:31:5b:7b:25:dd:a3:a7:f1:db:ac:7a. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.13's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.13'" and check to make sure that only the key(s) you wanted were added. ┌──[root@zabbixserver]-[/ansible] └─$ ssh-copy-id root@192.168.26.15 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.26.15's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.26.15'" and check to make sure that only the key(s) you wanted were added. ┌──[root@zabbixserver]-[/ansible]

測試ansible

┌──[root@zabbixserver]-[/ansible] └─$ ansible all -m ping 192.168.26.13 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 192.168.26.14 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 127.0.0.1 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } ┌──[root@zabbixserver]-[/ansible] └─$

檢查防火墻和selinux

┌──[root@zabbixserver]-[/ansible] └─$ ansible all -m shell -a 'sed -n 7p /etc/selinux/config' [WARNING]: Consider using the replace, lineinfile or template module rather than running 'sed'. If you need to use command because replace, lineinfile or template is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. 127.0.0.1 | CHANGED | rc=0 >> SELINUX=disabled 192.168.26.14 | CHANGED | rc=0 >> SELINUX=disabled 192.168.26.13 | CHANGED | rc=0 >> SELINUX=disabled ┌──[root@zabbixserver]-[/ansible] └─$ ansible all -m shell -a ' systemctl status firewalld | grep Active' 127.0.0.1 | CHANGED | rc=0 >> Active: active (running) since Fri 2021-10-01 17:48:56 CST; 51min ago 192.168.26.14 | CHANGED | rc=0 >> Active: active (running) since Fri 2021-10-01 17:49:47 CST; 50min ago 192.168.26.13 | CHANGED | rc=0 >> Active: active (running) since Fri 2021-10-01 17:49:14 CST; 51min ago

發現防火墻還沒有關閉，所以在關閉一下防火墻：

┌──[root@zabbixserver]-[/ansible] └─$ ansible all -m shell -a 'systemctl disable firewalld --now' 192.168.26.14 | CHANGED | rc=0 >> Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. 192.168.26.13 | CHANGED | rc=0 >> Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. 127.0.0.1 | CHANGED | rc=0 >> Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. ┌──[root@zabbixserver]-[/ansible] └─$

2.1.2 部署LNMP

┌──[root@zabbixserver]-[/ansible] └─$ yum -y install nginx php php-fpm php-mysql mariadb-server mariadb mariadb-devel

安裝需要的軟件包，也可以分別安裝

##安裝Ng [root@zabbixserver ~]yum -y install nginx

###安裝php解釋器及相關軟件包 [root@zabbixserver ~]# yum -y install php #php解釋器 [root@zabbixserver ~]# yum -y install php-fpm #可以支持 Fastcgi 通用語言 [root@zabbixserver ~]# yum -y install php-mysql #php和數據通信的擴展包

###安裝數據庫及相關軟件包 [root@web1 ~]# yum -y install mariadb-server #數據庫服務端軟件 [root@web1 ~]# yum -y install mariadb #數據庫客戶端軟件 [root@web1 ~]# yum -y install mariadb-devel #相關的依賴包

修改nginx配置

┌──[root@zabbixserver]-[~] └─$ vim /etc/nginx/nginx.conf ┌──[root@zabbixserver]-[~] └─$ cat /etc/nginx/nginx.conf # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; server { listen 80; listen [::]:80; server_name _; root /usr/share/nginx/html; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } fastcgi_buffers 8 16k; #緩存php生成的數據，緩存大小為8個16k fastcgi_buffer_size 32k; #緩存php產生的頭部信息，緩存大小為32k fastcgi_connect_timeout 300; #連接php的超時時間為300秒 fastcgi_send_timeout 300; #發送請求的超時時間為300秒 fastcgi_read_timeout 300; #讀取請求的超時時間為300秒 location ~ \.php$ { root html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } # location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1: 9000; # fastcgi_index index.php; #fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} } # Settings for a TLS enabled server. # # server { # listen 443 ssl http2; # listen [::]:443 ssl http2; # server_name _; # root /usr/share/nginx/html; # # ssl_certificate "/etc/pki/nginx/server.crt"; # ssl_certificate_key "/etc/pki/nginx/private/server.key"; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 10m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # error_page 404 /404.html; # location = /40x.html { # } # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } # } }

通過systemd的方式管理nginx服務,通過源碼安裝的NG需要

##此文件，每次Linux開機時，都會運行里面的所有命令 [root@zabbixserver ~]# vim /etc/rc.d/rc.local /usr/local/nginx/sbin/nginx [root@zabbixserver ~]# chmod +x /etc/rc.d/rc.local

####nginx管理服務模板文件路徑，也可在百度搜索nginx systemd https://www.nginx.com/resources/wiki/start/topics/examples/systemd/

#####在/usr/lib/systemcd/systemd下創建nginx服務配置文件 ##拷貝模板 [root@web1 ~]# vim /usr/lib/systemd/system/nginx.service [Unit] Description=The NGINX HTTP server #描述信息 ##After 指nginx開機時，啟動服務的順序 After=syslog.target network-online.targetnss-lookup.target [Service] #Type 指啟動服務后只有一個進程使用simple，有多個進程使用forking Type=forking PIDFile=/usr/local/nginx/logs/nginx.pid ####修改路徑為/usr/local/nginx/sbin 實際nginx安裝路徑 ##ExecStartPre 指啟動服務之前檢測nginx配置語法是否正確 ExecStartPre=/usr/local/nginx/sbin/nginx -t ExecStart=/usr/local/nginx/sbin/nginx #啟動nginx服務 ExecReload=/usr/local/nginx/sbin/ -s reload #重啟nginx服務 ExecStop=/bin/kill -s QUIT $MAINPID #停止nginx服務 PrivateTmp=true [Install] #WantedBy 指將nginx服務放到 multi-user.target 服務組 #路徑在/etc/systemd/system/multi-user.target #重啟multi-user.target，會啟動這個目錄下的所有服務 WantedBy=multi-user.target

2.1.4 啟動服務

┌──[root@zabbixserver]-[~] └─$ systemctl enable mariadb.service --now Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service. ┌──[root@zabbixserver]-[~] └─$ systemctl enable php-fpm --now Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service. ┌──[root@zabbixserver]-[~] └─$ systemctl enable nginx --now Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service. ┌──[root@zabbixserver]-[~] └─$

頁面測試

######編寫php動態測試頁面 [root@zabbixserver ~]# vim /usr/local/nginx/html/test.php

Linux 運維

版權聲明：本文內容由網絡用戶投稿，版權歸原作者所有，本站不擁有其著作權，亦不承擔相應法律責任。如果您發現本站中有涉嫌抄襲或描述失實的內容，請聯系我們jiasou666@gmail.com 處理，核實后本網站將在24小時內刪除侵權內容。