ubuntu服務(wù)器http1.1升級到http2 nginx平滑升級

安裝openssl

cd /root

wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz

tar -zxf openssl-1.1.0c.tar.gz

cd openssl-1.1.0c

./config

make

make install


#把舊版本的openssl重命名
mv /usr/bin/openssl /usr/bin/openssl.bak
mv /usr/include/openssl /usr/include/openssl.bak

#設(shè)置軟連接指向剛編譯好的新版本的openssl-1.1.0c
ln -s /usr/local/bin/openssl /usr/bin/openssl
ln -s /usr/local/include/openssl /usr/include/openssl

#如果是1.0.2h版本 生成的文件的位置在/usr/local/ssl

#添加libssl.so.1.1的軟鏈接
ln -s /usr/local/lib/libssl.so.1.1 /usr/lib/libssl.so.1.1
ln -s /usr/local/lib/libcrypto.so.1.1 /usr/lib/libcrypto.so.1.1

#查看openssl版本
openssl version

平滑升級nginx到最新的穩(wěn)定版

查看現(xiàn)在的nginx版本和編譯參數(shù)

root@ip-192-168-2-161:~/nginx-1.10.2# nginx -V
nginx version: nginx/1.4.6 (Ubuntu)
built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module

升級步驟

cd /root
wget http://nginx.org/download/nginx-1.17.2.tar.gz
#解壓源碼
tar zxvf nginx-1.17.2.tar.gz
#進(jìn)入源碼目錄
cd nginx-1.17.2

#加上所需參數(shù)開始編譯

# 根據(jù)上面的配置 with-http_spdy_module,修改為 --with-file-aio --with-http_v2_module(直接用上面的配置會報(bào)錯(cuò))
./configure --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-file-aio --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module

在執(zhí)行./configure 會出現(xiàn)依賴庫的問題
# pcre
sudo apt-get install libpcre3 libpcre3-dev  

# GD
sudo apt-get install libgd2-xpm-dev   or apt-get install libgd2-xpm libgd2-xpm-dev

apt-get install libgeoip-dev

#執(zhí)行make編譯,但是不要執(zhí)行make install

make

#重命名nginx舊版本二進(jìn)制文件,即sbin目錄下的nginx(期間nginx并不會停止服務(wù))
mv /usr/sbin/nginx /usr/sbin/nginx.old

#然后拷貝一份新編譯的二進(jìn)制文件
cp objs/nginx /usr/sbin/

#在源碼目錄執(zhí)行make upgrade開始升級
make upgrade
會出現(xiàn)下面的錯(cuò)誤
make: /etc/nginx/sbin/nginx: Command not found
make: *** [upgrade] Error 127
# 用文本編輯器打開修改nginx-1.2.5目錄下名為Makefile的文件,將upgrade節(jié)點(diǎn)中的/etc/nginx/sbin/nginx改為/usr/sbin/nginx -t,保存后關(guān)閉并重新執(zhí)行make upgrade命令

升級完成后會顯示


Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + using system zlib library

  nginx path prefix: "/usr/share/nginx"
  nginx binary file: "/usr/share/nginx/sbin/nginx"
  nginx modules path: "/usr/share/nginx/modules"
  nginx configuration prefix: "/etc/nginx"
  nginx configuration file: "/etc/nginx/nginx.conf"
  nginx pid file: "/run/nginx.pid"
  nginx error log file: "/var/log/nginx/error.log"
  nginx http access log file: "/var/log/nginx/access.log"
  nginx http client request body temporary files: "/var/lib/nginx/body"
  nginx http proxy temporary files: "/var/lib/nginx/proxy"
  nginx http fastcgi temporary files: "/var/lib/nginx/fastcgi"
  nginx http uwsgi temporary files: "/var/lib/nginx/uwsgi"
  nginx http scgi temporary files: "/var/lib/nginx/scgi"

./configure: warning: the "--with-ipv6" option is deprecated

配置http2.0

配置Nginx開啟http 2.0特別簡單,只要在Nginx配置文件中找到你要開啟http2.0的域名server模塊,然后將 listen 443 ssl;改成 listen 443 ssl http2; 即可。

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容