Openresty+lua+GeoIP编译配置部署
标签(空格分隔): 运维系列
一: openresty 简介
1.1 openresty 介绍
OpenResty® 是一个基于 Nginx 与 Lua 的高性能 Web 平台,其内部集成了大量精良的 Lua 库、第三方模块以及大多数的依赖项。用于方便地搭建能够处理超高并发、扩展性极高的动态 Web 应用、Web 服务和动态网关。
OpenResty® 通过汇聚各种设计精良的 Nginx 模块(主要由 OpenResty 团队自主开发),从而将 Nginx 有效地变成一个强大的通用 Web 应用平台。这样,Web 开发人员和系统工程师可以使用 Lua 脚本语言调动 Nginx 支持的各种 C 以及 Lua 模块,快速构造出足以胜任 10K 乃至 1000K 以上单机并发连接的高性能 Web 应用系统。
OpenResty® 的目标是让你的Web服务直接跑在 Nginx 服务内部,充分利用 Nginx 的非阻塞 I/O 模型,不仅仅对 HTTP 客户端请求,甚至于对远程后端诸如 MySQL、PostgreSQL、Memcached 以及 Redis 等都进行一致的高性能响应。
openresty 中文官网:
http://openresty.org/cn/
二:openresty 的部署安装
2.1 openresty 的编译安装
配置依赖包:
yum install pcre-devel openssl-devel gcc curl zlib-devel readline readline-devel\
readline-devel libxslt-devel gd-devel \
libevent libevent-devel
tar -zxvf openresty-1.19.3.1.tar.gz
cd openresty-1.19.3.1
# 编译安装LuaJIT
cd bundle/LuaJIT-2.1-20201027
make clean && make && make install
# 安装openresty 可根据自己需要启用模块
./configure \
--prefix=/usr/local/openresty \
--http-proxy-temp-path=//usr/local/openresty/proxy_temp \
--http-fastcgi-temp-path=/usr/local/openresty/nginx/fastcgi_temp \
--with-http_ssl_module \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_iconv_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_random_index_module \
--with-http_image_filter_module
make && make install
启动openresty:
cd /usr/local/openresty/nginx/
sbin/nginx
2.2 集成GeoIP2 模块
geoip2核心识别库
下载:libmaxminddb
https:///maxmind/libmaxminddb/releases/tag/1.6.0
下载libmaxminddb-1.6.0.tar.gz
tar -xzf libmaxminddb-1.6.0.tar.gz
cd libmaxminddb-1.6.0
./configure
make
make check
sudo make install
sudo ldconfig
geoip2-nginx模块
下载地址:
https:///TravelEngineers/ngx_http_geoip2_module
git clone https:///TravelEngineers/ngx_http_geoip2_module
从新编译openresty 增加 geoip2 模块
cd /root/openresty-1.19.3.1
./configure --prefix=/usr/local/openresty --with-http_stub_status_module --with-http_realip_module --with-http_gzip_static_module --add-module=/root/ngx_http_geoip2_module/
make && make install
geoip2 IP地址库下载:
下载地址:https://dev.maxmind.com/geoip/geoip2/geolite2/
注意GeoLite2 City 和GeoLite2 Country 2个文件都要下载。
下载选择:MaxMind DB binary, gzipped
GeoLite2-City.mmdb GeoLite2-Country.mmdb 文件
mkdir -p /data/softwares/
GeoLite2-City.mmdb GeoLite2-Country.mmdb 文件 放到/data/softwares/GeoIP 下面
# nginx加载使用geoip2数据库
geoip2 /data/softwares/GeoIP/GeoLite2-City.mmdb {
$geoip2_data_country_code source=$real_ip country iso_code;
$geoip2_data_country_name source=$real_ip country names en;
$geoip2_data_city_name source=$real_ip city names en;
$geoip2_data_province_name source=$real_ip subdivisions 0 names en;
$geoip2_data_province_isocode subdivisions 0 iso_code;
}
fastcgi_param COUNTRY_CODE $geoip2_data_country_code;
fastcgi_param COUNTRY_NAME $geoip2_data_country_name;
fastcgi_param CITY_NAME $geoip2_data_city_name;
fastcgi_param PROVINCE_NMAE $geoip2_data_province_name;
}
nginx 配置文件
/usr/local/openresty/nginx/conf
vim nginx.conf
----
user root root;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
daemon on;
error_log /usr/local/openresty/nginx/logs/error.log warn;
pid /usr/local/openresty/nginx/pid/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
# 开启环境变量
env SPRING_PROFILES_ACTIVE=master;
http {
# 加载lua库和动态库
lua_package_path "/usr/local/openresty/lualib/?.lua;;";
lua_package_cpath "/usr/local/openresty/lualib/?.so;;";
include mime.types;
default_type application/octet-stream;
charset utf-8;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$http_x_forwarded_for" $host $request_time $upstream_response_time $scheme';
log_format main1 '$remote_addr|$remote_user|[$time_local]|$request|'
'$status|$upstream_status|$body_bytes_sent|$http_referer|'
'$http_user_agent|$request_time|$host|$upstream_addr|$request_body|$upstream_response_time';
log_format main3 '$http_x_forwarded_for|$remote_user|[$time_local]|$request|'
'$status|$upstream_status|$body_bytes_sent|$http_referer|'
'$http_user_agent|$request_time|$host|$upstream_addr|$request_body|$upstream_response_time';
log_format lua '$remote_addr|$remote_user|[$time_local]|$request|'
'$status|$body_bytes_sent|$http_referer|'
'$http_user_agent|$request_time|$host|$upstream_addr|$upstream_response_time';
log_format main2 escape=json
'{"@timestamp":"$time_iso8601",'
'"host":"$hostname",'
'"server_ip":"$server_addr",'
'"client_ip":"$http_x_forwarded_for",'
'"xff":"$http_x_forwarded_for",'
'"domain":"$host",'
'"url":"$uri",'
'"referer":"$http_referer",'
'"args":"$args",'
'"upstreamtime":"$upstream_response_time",'
'"responsetime":"$request_time",'
'"request_method":"$request_method",'
'"status":"$status",'
'"size":"$body_bytes_sent",'
'"request_body":"$request_body",'
'"request_length":"$request_length",'
'"protocol":"$server_protocol",'
'"upstreamhost":"$upstream_addr",'
'"file_dir":"$request_filename",'
'"http_user_agent":"$http_user_agent"'
'}';
#基础优化
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
keepalive_requests 8192;
# gzip
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 3;
gzip_types text/plain application/javascript text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
client_body_timeout 300;
client_header_timeout 300;
send_timeout 600;
reset_timedout_connection on;
client_max_body_size 50m;
#client_body_buffer_size 4096k;
client_body_buffer_size 8192k;
#client_header_buffer_size 4k;
#large_client_header_buffers 4 64k;
client_header_buffer_size 16k;
large_client_header_buffers 8 256k;
server_names_hash_bucket_size 512;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 128k;
proxy_buffers 8 128k;
proxy_busy_buffers_size 256k;
output_buffers 1 32k;
postpone_output 1460;
open_file_cache max=65535 inactive=60s;
open_file_cache_valid 80s;
open_file_cache_min_uses 1;
open_file_cache_errors on;
# fastcgi set
fastcgi_ignore_client_abort on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
#fastcgi_buffer_size 4k;
#fastcgi_buffers 8 4k;
#fastcgi_busy_buffers_size 8k;
#fastcgi_temp_file_write_size 8k;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
# fastcgi TEST
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_uses 1;
fastcgi_cache_use_stale error timeout invalid_header http_500;
# include /data/conf/nginx/conf.d/*.conf;
# include /data/conf/nginx/conf.d/private-01/*.conf;
# include /data/conf/nginx/conf.d/private-12/*.conf;
# include /data/conf/nginx/conf.d/private-13/*.conf;
# 开启缓存LUA代码
lua_code_cache on;
# 允许用户自定义请求头
underscores_in_headers on;
# include config
include /data/apps/nglua/conf/*.conf;
# nginx 使用 geoip设置
map $http_x_forwarded_for $real_ip {
#~^(\d+\.\d+\.\d+\.\d+) $http_x_forwarded_for;
#(?P)命名补货
~^(?P<firstAddr>[0-9\.]+),?.*$ $firstAddr;
default $remote_addr;
}
# nginx加载使用geoip2数据库
geoip2 /data/softwares/GeoIP/GeoLite2-City.mmdb {
$geoip2_data_country_code source=$real_ip country iso_code;
$geoip2_data_country_name source=$real_ip country names en;
$geoip2_data_city_name source=$real_ip city names en;
$geoip2_data_province_name source=$real_ip subdivisions 0 names en;
$geoip2_data_province_isocode subdivisions 0 iso_code;
}
fastcgi_param COUNTRY_CODE $geoip2_data_country_code;
fastcgi_param COUNTRY_NAME $geoip2_data_country_name;
fastcgi_param CITY_NAME $geoip2_data_city_name;
fastcgi_param PROVINCE_NMAE $geoip2_data_province_name;
}
----
关于启动报错:
sbin/nginx: error while loading shared libraries: .0: cannot open shared object file: No such file or directory
ldd $(which /usr/local/openresty/nginx/sbin/nginx)
这个libmaxmind 包编译完成放在了/usr/local/lib/ 下面 需要重新建立软连接到新的
/lib64 下面
cd /usr/local/lib
ln -s /usr/local/lib/.0.0.7 /lib64/.0
cd /usr/local/openresty/nginx
sbin/nginx -t
sbin/nginx - stop
sbin/nginx
ps -ef |grep nginx
