yum install gcc gcc-c++ pcre pcre-devel openssl openssl-devel -y
mkdir -p /data/software
cd /data/software/
useradd nginx -s /sbin/nologin -M
wget http://nginx.org/download/nginx-1.20.1.tar.gz
tar zxf nginx-1.20.1.tar.gz
cd nginx-1.20.1
./configure --user=nginx --group=nginx --prefix=/usr/local/nginx-1.20.1 --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-stream
make && make install
ln -s /usr/local/nginx-1.20.1 /usr/local/nginx
例子
cat nginx.conf
user nginx;
worker_processes auto;
events {
worker_connections 1024;
}
# 四层负载均衡,为两台Master apiserver组件提供负载均衡
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /usr/local/nginx/logs/k8s-access.log main;
upstream k8s-apiserver {
server 172.16.16.180:6443; # Master1 APISERVER IP:PORT
}
server {
listen 6443; # 由于nginx与master节点复用,这个监听端口不能是6443,否则会冲突
proxy_pass k8s-apiserver;
}
}
http {
server_tokens off;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_comp_level 3;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/javascript;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
include ../conf.d/*.conf;
include ../conf.d/*/*.conf;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}