一、redissession共享
在nginx实现session共享的过程中,redis常用于在不同服务器之间共享session。如果我们使用nginx+php-fpm模式,可以使用phpredis扩展和redis共享session数据。
location / { proxy_pass http://phpfpm; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 开启session共享 access_by_lua_block { local session_id = ngx.var.cookie_PHPSESSID or ngx.md5(ngx.var.remote_addr .. ngx.var.http_user_agent .. ngx.var.time) ngx.var.session_id = session_id local redis = require "resty.redis" local red = redis:new() local ok, err = red:connect("127.0.0.1", 6379) if not ok then ngx.log(ngx.ERR, "redis connect failed: ", err) return end local res, err = red:get("session:".. session_id) if res == ngx.null then ngx.log(ngx.ERR, "session not exist") return end ngx.log(ngx.ERR, "session data: ", res) ngx.req.set_header("Cookie", "PHPSESSID=".. session_id) } }
二、nginxserver配置
在nginxserver配置中,可以设置session的超时时间,并且可以配置多个upstream服务器,确保数据可靠性和高可用性。
http { upstream server_pool { server 127.0.0.1:8080; server 127.0.0.1:8081; } # nginxsession server { listen 80; server_name test.com; root /var/www; index index.php index.html index.htm; location / { proxy_pass http://server_pool; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 设置session超时时间 proxy_connect_timeout 1800; proxy_send_timeout 1800; proxy_read_timeout 1800; send_timeout 1800; client_max_body_size 50m; } } }
三、nginx配置user值
通过设置nginx的user值,确保nginx可以读取session目录文件,否则将无法读取session数据。
user nginx; # nginx所属用户 worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; events { worker_connections 1024; } http { # session目录 session_path /var/lib/php/session/; server { listen 80; server_name test.com; root /var/www; index index.php index.html index.htm; location / { try_files $uri $uri/ /index.php$request_uri; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm/www.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/inc/process.php"; } } }
四、nginx配置server
在nginx的配置文件中,必须检查session文件目录的权限,确保nginx可以正常读写session数据。
user nginx; # nginx所属用户 worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; events { worker_connections 1024; } http { # session目录 session_path /var/lib/php/session/; server { listen 80; server_name test.com; root /var/www; index index.php index.html index.htm; # 检查session目录权限 location = /check-permissions { internal; add_header Content-Type text/plain; # 只有有权限的用户才能访问session目录 return 200 "Writable"; # return 403 "Not writable"; } location / { try_files $uri $uri/ /index.php$request_uri; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm/www.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/inc/process.php"; } } }
五、nginxrestart失败
如果nginx restart失败,可能是由于nginx没有正确读取session目录的权限或者redis服务未启动。解决方法是检查nginx的user值和session文件权限是否正确,并确保redis服务已启动。
chown nginx /var/lib/php/session/ service nginx restart service redis restart