安装环境:centos5.5
一、Nginx平台安装
1、下载相关软件
FCGI-0.67.tar.gz
FCGI-ProcManager-0.18.tar.gz
IO-All-0.39.tar.gz
nagios-3.2.3.tar.gz
nagios-plugins-1.4.15.tar.gz
2、建立相关用户
groupadd nagcmd
usermod -g nagcmd nagios
usermod -g nagcmd www
3、安装Nagios
cd nagios-3.2.3
./configure --with-group=nagios --with-user=nagios --with-command-group=nagcmd --with-gd-lib=/usr/local/gd/lib --with-gd-inc=/usr/local/gd/include (0608更新)
make all
make install
make install-init
make install-config
make install-commandmode
4、安装Nagios插件
cd nagios-plugins-1.4.15
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
5、配置Nagios启动
chkconfig nagios on
service nagios start
6、安装Perl fcgi模块,让Nginx支持CGI
tar -zxf FCGI-0.67.tar.gz
cd FCGI-0.67
perl Makefile.PL
make && make install
tar -zxf FCGI-ProcManager-0.18.tar.gz
cd FCGI-ProcManager-0.18
perl Makefile.PL
make && make install
tar zxf IO-All-0.39.tar.gz
cd IO-All-0.39
perl Makefile.PL
make && make install
二、建立nginx-fcgi脚本
vi /usr/local/nginx/sbin/nginx-fcgi
把下面内容写进脚本,并授执行权限
#!/usr/bin/perl
#
# author Daniel Dominik Rudnicki
# thanks to: Piotr Romanczuk
# email daniel@sardzent.org
# version 0.4.3
# webpage http://www.nginx.eu/
#
# BASED @ http://wiki.codemongers.com/NginxSimpleCGI
#
#
# use strict;
use FCGI;
use Getopt::Long;
use IO::All;
use Socket;
sub init {
GetOptions( "h" => \$help,
"verbose!"=>\$verbose,
"pid=s" => \$filepid,
"l=s" => \$logfile,
"S:s" => \$unixsocket,
"P:i" => \$unixport) or usage();
usage() if $help;
print " Starting Nginx-fcgi\n" if $verbose;
print " Running with $> UID" if $verbose;
print " Perl $]" if $verbose;
# if ( $> == "0" ) {
# print "\n\tERROR\tRunning as a root!\n";
# print "\tSuggested not to do so !!!\n\n";
# exit 1;
# }
if ( ! $logfile ) {
print "\n\tERROR\t log file must declared\n"
. "\tuse $0 with option -l filename\n\n";
exit 1;
}
print " Using log file $logfile\n" if $verbose;
"\n\n" >> io($logfile);
addlog($logfile, "Starting Nginx-cfgi");
addlog($logfile, "Running with $> UID");
addlog($logfile, "Perl $]");
addlog($logfile, "Testing socket options");
if ( ($unixsocket && $unixport) || (!($unixsocket) && !($unixport)) ) {
print "\n\tERROR\tOnly one option can be used!\n";
print "\tSuggested (beacuse of speed) is usage UNIX socket -S \n\n";
exit 1;
}
if ($unixsocket) {
print " Daemon listening at UNIX socket $unixsocket\n" if $versbose;
addlog($logfile, "Deamon listening at UNIX socket $unixsocket");
} else {
print " Daemon listening at TCP/IP socket *:$unixport\n" if $verbose;
#
addlog($logfile, "Daemon listening at TCP/IP socket *:$unixport");
}
if ( -e $filepid ) {
print "\n\tERROR\t PID file $filepid already exists\n\n";
addlog($logfile, "Can not use PID file $filepid, already exists.");
exit 1;
}
if ( $unixsocket ) {
print " Creating UNIX socket\n" if $verbose;
$socket = FCGI::OpenSocket( $unixsocket, 10 );
if ( !$socket) {
print " Couldn't create socket\n";
addlog($logfile, "Couldn't create socket");
exit 1;
}
print " Using UNIX socket $unixsocket\n" if $verbose;
} else {
print " Creating TCP/IP socket\n" if $verbose;
$portnumber = ":".$unixport;
$socket = FCGI::OpenSocket( $unixport, 10 );
if ( !$socket ) {
print " Couldn't create socket\n";
addlog($logfile, "Couldn't create socket");
exit 1;
}
print " Using port $unixport\n" if $verbose;
}
addlog($logfile, "Socket created");
if ( ! $filepid ) {
print "\n\tERROR\t PID file must declared\n"
. "\tuse $0 with option -pid filename\n\n";
exit 1;
}
print " Using PID file $filepid\n" if $verbose;
addlog($logfile, "Using PID file $filepid");
my $pidnumber = $$;
$pidnumber > io($filepid);
print " PID number $$\n" if $verbose;
addlog($logfile, "PID number $pidnumber");
}
sub addzero {
my ($date) = shift;
if ($date < 10) {
return "0$date";
}
return $date;
}
sub logformat {
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$iddst) = localtime(time);
my $datestring;
$year += 1900;
$mon++;
$mon = addzero($mon);
$mday = addzero($mday);
$min = addzero($min);
$datestring = "$year-$mon-$mday $hour:$min";
return($datestring);
}
sub addlog {
my ($log_file, $log_message) = @_;
my $curr_time = logformat();
my $write_message = "[$curr_time] $log_message";
$write_message >> io($log_file);
"\n" >> io($log_file);
}
sub printerror {
my $message = @_;
print "\n Nginx FastCGI\tERROR\n"
. "\t $message\n\n";
exit 1;
}
sub usage {
print "\n Nginx FastCGI \n"
. "\n\tusage: $0 [-h] -S string -P int\n"
. "\n\t-h\t\t: this (help) message"
. "\n\t-S path\t\t: path for UNIX socket"
. "\n\t-P port\t\t: port number"
. "\n\t-p file\t\t: path for pid file"
. "\n\t-l file\t\t: path for logfile"
. "\n\n\texample: $0 -S /var/run/nginx-perl_cgi.sock -l /var/log/nginx/nginx-cfgi.log -pid /var/run/nginx-fcgi.pid\n\n";
exit 1;
}
init;
#
END() { } BEGIN() { }
*CORE::GLOBAL::exit = sub { die "fakeexit\nrc=".shift()."\n"; }; eval q{exit};
if ($@) {
exit unless $@ =~ /^fakeexit/;
} ;
# fork part
my $pid = fork();
if( $pid == 0 ) {
&main;
exit 0;
}
print " Forking worker process with PID $pid\n" if $verbose;
addlog($logfile, "Forking worker process with PID $pid");
print " Update PID file $filepid\n" if $verbose;
addlog($logfile, "Update PID file $filepid");
$pid > io($filepid);
print " Worker process running.\n" if $verbose;
addlog ($logfile, "Parent process $$ is exiting");
exit 0;
sub main {
$request = FCGI::Request( \*STDIN, \*STDOUT, \*STDERR, \%req_params, $socket );
if ($request) { request_loop()};
FCGI::CloseSocket( $socket );
}
sub request_loop {
while( $request->Accept() >= 0 ) {
# processing any STDIN input from WebServer (for CGI-POST actions)
$stdin_passthrough = '';
$req_len = 0 + $req_params{'CONTENT_LENGTH'};
if (($req_params{'REQUEST_METHOD'} eq 'POST') && ($req_len != 0) ){
while ($req_len) {
$stdin_passthrough .= getc(STDIN);
$req_len--;
}
}
# running the cgi app
if ( (-x $req_params{SCRIPT_FILENAME}) &&
(-s $req_params{SCRIPT_FILENAME}) &&
(-r $req_params{SCRIPT_FILENAME})
){
foreach $key ( keys %req_params){
$ENV{$key} = $req_params{$key};
}
if ( $verbose ) {
addlog($logfile, "running $req_params{SCRIPT_FILENAME}");
}
# http://perldoc.perl.org/perlipc.html#Safe-Pipe-Opens
#
open $cgi_app, '-|', $req_params{SCRIPT_FILENAME}, $stdin_passthrough or print("Content-type: text/plain\r\n\r\n"); print "Error: CGI app returned no output - Executing $req_params{SCRIPT_FILENAME} failed !\n"; # addlog($logfile, "Error: CGI app returned no output - Executing $req_params{SCRIPT_FILENAME} failed !");
if ($cgi_app) {
print <$cgi_app>;
close $cgi_app;
}
} else {
print("Content-type: text/plain\r\n\r\n");
print "Error: No such CGI app - $req_params{SCRIPT_FILENAME} may not exist or is not executable by this process.\n";
addlog($logfile, "Error: No such CGI app - $req_params{SCRIPT_FILENAME} may not exist or is not executable by this process.");
}
}
}
chmod +x /usr/local/nginx/sbin/nginx-fcgi
系统环境如下:
前端Nginx:192.168.93.137
后端web1:192.168.0.11
后端web2:192.168.0.12
1、前端nginx配置:
http {
……
client_max_body_size 300m;
client_body_buffer_size 128k;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
upstream www. {
#server 192.168.93.137:80;
server 192.168.0.11:80;
server 192.168.0.12:80;
}
upstream www.xxx007.com {
#server 192.168.93.137:80;
server 192.168.0.11:80;
server 192.168.0.12:80;
}
server
{
listen 80;
server_name www.;
location / {
proxy_pass http://www.;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
log_format xxx '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /home/logs/www.xxx.log xxx;
}
server
{
listen 80;
server_name www.xxx007.com;
location / {
proxy_pass http://www.xxx007.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
log_format xxx007 '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /home/logs/www.xxx.log xxx007;
}
}
通过upstream 名字 {}定义后端web的负载机器,然后在虚拟主机中通过 proxy_pass http://名字; 来使用upstream,再自定义一下日志格式,以获取用户的IP。
2、后端web配置:
server
{
listen 80;
server_name www.;
index index.html index.php;
root /home/www/www.;
access_log /home/logs/access_www..log;
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
error_page 500 502 503 504 404 403 http://www.;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
location ~ .*\.(js|css)?$ {
expires 6h;
}
location ~ .*\.(log|txt)$
{
deny all;
}
location ~ .*\.(php)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
}
server
{
listen 80;
server_name www.xxx007.com;
index index.html index.php;
root /home/www/www.xxx007.com;
access_log /home/logs/access_www.xxx007.com.log;
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
error_page 500 502 503 504 404 403 http://www.xxx007.com;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
location ~ .*\.(js|css)?$ {
expires 6h;
}
location ~ .*\.(log|txt)$
{
deny all;
}
location ~ .*\.(php)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
}
Nginx全局变量。
$args 此变量与请求行中的参数相等
$content_length 等于请求行的“Content_Length”的值。
$content_type 等同与请求头部的”Content_Type”的值
$document_root 等同于当前请求的root指令指定的值
$document_uri 与$uri一样
$host 与请求头部中“Host”行指定的值或是request到达的server的名字(没有Host行)一样
$limit_rate 允许限制的连接速率
$request_method 等同于request的method,通常是“GET”或“POST”
$remote_addr 客户端ip
$remote_port 客户端port
$remote_user 等同于用户名,由ngx_http_auth_basic_module认证
$request_filename 当前请求的文件的路径名,由root或alias和URI request组合而成
$request_body_file
$request_uri 含有参数的完整的初始URI
$query_string 与$args一样
$server_protocol 等同于request的协议,使用“HTTP/1.0”或“HTTP/1.1”
$server_addr request到达的server的ip,一般获得此变量的值的目的是进行系统调用。为了避免系统调用,有必要在listen指令中指明ip,并使用bind参数。
$server_name 请求到达的服务器名
$server_port 请求到达的服务器的端口号
$uri 等同于当前request中的URI,可不同于初始值,例如内部重定向时或使用index