Installation Nginx-1.23.0 in CentOS 8.2 for use in Kubernetes Clusters

一、Installation Nginx-1.23.0 in CentOS 8.2 for use in Kubernetes Clusters

1 将下载的 Nginx 相关安装包上传到 /opt/software/nginx-keep目录：

• nginx-1.23.0.tar.gz
• openssl-1.1.1q.tar.gz
• pcre-8.45.tar.gz
• zlib-1.2.13.tar.gz
• echo-nginx-module-master.zip
• ngx_healthcheck_module-master.zip（nginx_upstream_check_module 升级版）
• ngx-fancyindex-master.zip
• ngx_http_proxy_connect_module-master.zip
• ngx_http_status_code_counter-master.zip

2 wget 下载，最好 PC 端下载，使用Xftp上传

mkdir -p /opt/software/nginx-keep && cd /opt/software/nginx-keep
wget http://nginx.org/download/nginx-1.23.0.tar.gz
wget https://www.openssl.org/source/openssl-1.1.1q.tar.gz
wget https://udomain.dl.sourceforge.net/project/pcre/pcre/8.45/pcre-8.45.tar.gz
wget http://www.zlib.net/zlib-1.2.12.tar.gz
wget https://github.com/openresty/echo-nginx-module/archive/refs/heads/master.zip
wget https://github.com/zhouchangxun/ngx_healthcheck_module/archive/refs/heads/master.zip
wget https://github.com/aperezdc/ngx-fancyindex/archive/refs/heads/master.zip
wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/refs/heads/master.zip
wget https://github.com/kennon/ngx_http_status_code_counter/archive/refs/heads/master.zip

3 依赖安装

yum -y install zip unzip gcc gcc-c++ automake autoconf libtool make glibc gd-devel pcre-devel libmcrypt-devel mhash-devel libxslt-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel libevent libevent-devel GeoIP GeoIP-devel GeoIP-data httpd-tools patch

# CentOS 8
yum -y install zip unzip gcc gcc-c++ automake autoconf libtool make glibc gd-devel pcre-devel libxslt-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn openssl openssl-devel libevent libevent-devel httpd-tools patch

4 安装包解压

mkdir /opt/nginx-kepp
tar -zxf /opt/software/nginx-keep/nginx-1.23.0.tar.gz -C /opt/nginx-kepp/
tar -zxf /opt/software/nginx-keep/openssl-1.1.1q.tar.gz -C /opt/nginx-kepp/
tar -zxf /opt/software/nginx-keep/pcre-8.45.tar.gz -C /opt/nginx-kepp/
tar -zxf /opt/software/nginx-keep/zlib-1.2.13.tar.gz -C /opt/nginx-kepp/

unzip /opt/software/nginx-keep/echo-nginx-module-master.zip -d /opt/nginx-kepp/
unzip /opt/software/nginx-keep/ngx_healthcheck_module-master.zip -d /opt/nginx-kepp/
unzip /opt/software/nginx-keep/ngx-fancyindex-master.zip -d /opt/nginx-kepp/
unzip /opt/software/nginx-keep/ngx_http_proxy_connect_module-master.zip -d /opt/nginx-kepp/
unzip /opt/software/nginx-keep/ngx_http_status_code_counter-master.zip -d /opt/nginx-kepp/

5 优化和打补丁

cd /opt/nginx-kepp/nginx-1.23.0

# 打补丁
patch -p1 < ../ngx_healthcheck_module-master/nginx_healthcheck_for_nginx_1.19+.patch
patch -p1 < ../ngx_http_proxy_connect_module-master/patch/proxy_connect_rewrite_102101.patch

# 安全优化，隐藏版本号
sed -i 's#"1.23.0"#"2.2"#g' src/core/nginx.h
sed -i 's#"nginx/"#"apache/"#g' src/core/nginx.h
sed -i 's#"NGINX"#"APACHE"#g' src/core/nginx.h
sed -i 's#"Server: nginx"#"Server: apache"#g' src/http/ngx_http_header_filter_module.c
sed -i '/"<hr><center>" NGINX_VER "<\/center>" CRLF/d' src/http/ngx_http_special_response.c
sed -i '/"<hr><center>" NGINX_VER_BUILD "<\/center>" CRLF/d' src/http/ngx_http_special_response.c
sed -i '/"<hr><center>nginx<\/center>" CRLF/d' src/http/ngx_http_special_response.c

注意：这一步一定要做，不然make会报错。

6 编译安装

# 编译
./configure --prefix=/usr/local/nginx-keep \
--user=root \
--group=root \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-http_secure_link_module \
--with-http_flv_module \
--with-http_ssl_module \
--with-http_mp4_module \
--with-stream \
--with-http_realip_module \
--with-http_geoip_module \
--with-http_v2_module \
--with-http_sub_module \
--with-http_image_filter_module \
--with-pcre=/opt/nginx-kepp/pcre-8.45 \
--with-openssl=/opt/nginx-kepp/openssl-1.1.1q \
--with-zlib=/opt/nginx-kepp/zlib-1.2.13 \
--add-module=/opt/nginx-kepp/echo-nginx-module-master \
--add-module=/opt/nginx-kepp/ngx_healthcheck_module-master \
--add-module=/opt/nginx-kepp/ngx_http_proxy_connect_module-master \
--add-module=/opt/nginx-kepp/ngx_http_status_code_counter-master \
--add-module=/opt/nginx-kepp/ngx-fancyindex-master

# 安装
make && make install

CentOS 7.9 安装 k8s： https://www.cnblogs.com/huaxiayuyi/p/16808382.html

CentOS 8.2 安装 k8s： https://www.cnblogs.com/huaxiayuyi/p/16794583.html

 

二、报错

1 nginx 在make时出错

error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host? url.url.len = r->connect_host.len;

/opt/nginx-kepp/openssl-1.1.1m/.openssl/include -I /opt/nginx-kepp/zlib-1.2.13 -I objs -I src/http -I src/http/modules -I src/http/v2 -I src/stream \
	-o objs/addon/ngx_healthcheck_module-master/ngx_healthcheck_status.o \
	/opt/nginx-kepp/ngx_healthcheck_module-master/ngx_healthcheck_status.c
cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g   -I src/core -I src/event -I src/event/modules -I src/os/unix -I /opt/nginx-kepp/ngx_healthcheck_module-master -I /opt/nginx-kepp/pcre-8.45 -I /opt/nginx-kepp/openssl-1.1.1m/.openssl/include -I /opt/nginx-kepp/zlib-1.2.13 -I objs -I src/http -I src/http/modules -I src/http/v2 -I src/stream \
	-o objs/addon/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.o \
	/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c: In function ?𻱮gx_http_proxy_connect_handler?𼀺
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1502:28: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host?
             url.url.len = r->connect_host.len;
                            ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1503:29: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host?
             url.url.data = r->connect_host.data;
                             ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1507:24: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host?
         url.url.len = r->connect_host.len;
                        ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1508:25: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host?
         url.url.data = r->connect_host.data;
                         ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1511:25: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
     url.default_port = r->connect_port_n;
                         ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1556:53: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
     u->resolved->port = (in_port_t) (url.no_port ? r->connect_port_n : url.port);
                                                     ^
In file included from src/core/ngx_core.h:60:0,
                 from /opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:7:
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1592:25: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_host?
                       &r->connect_host);
                         ^
src/core/ngx_log.h:86:67: note: in definition of macro ?𻱮gx_log_error?
     if ((log)->log_level >= level) ngx_log_error_core(level, log, __VA_ARGS__)
                                                                   ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c: In function ?𻱮gx_http_proxy_connect_allow_handler?𼀺
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1668:39: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
             if ((ports[i][1] == 0 && r->connect_port_n == ports[i][0])
                                       ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1669:37: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
                 || (ports[i][0] <= r->connect_port_n && r->connect_port_n <= ports[i][1]))
                                     ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1669:58: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
                 || (ports[i][0] <= r->connect_port_n && r->connect_port_n <= ports[i][1]))
                                                          ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1677:14: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
         if (r->connect_port_n == 443 || r->connect_port_n == 563) {
              ^
/opt/nginx-kepp/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.c:1677:42: error: ?𻱮gx_http_request_t?𼀠has no member named ?𻱣onnect_port_n?
         if (r->connect_port_n == 443 || r->connect_port_n == 563) {
                                          ^
make[1]: *** [objs/addon/ngx_http_proxy_connect_module-master/ngx_http_proxy_connect_module.o] Error 1
make[1]: Leaving directory `/opt/nginx-kepp/nginx-1.23.0'
make: *** [build] Error 2

 

建造之前你需要修补nginx核心、优化和打补丁

https://github.com/chobits/ngx_http_proxy_connect_module/issues/150