Hot Deployment of Nginx

Posted by holowugz on Thu, 09 May 2019 23:28:03 +0200

As a reverse proxy and load balancing server, nginx must be highly available, so it supports hot deployment.
The hot deployment of nginx is closely related to its concurrency model.To put it plainly, it's because of the master process.When ngnix is notified to re-read the configuration file, the master process makes grammatical errors.If there is a syntax error, an error is returned and no load is made; if there is no syntax error in the configuration file, ngnix will not adjust the new configuration to all workers.Instead, do not change the connected worker, wait until the worker finishes all requests, kill the worker that was originally started under the old configuration, and create a new worker with the new configuration.
As a server, it is impossible for us to stop the service from performing configuration upgrades and software version upgrades.Therefore, the hot deployment of Nginx greatly facilitates the upgrade and maintenance of the server software.

1. Get the installation directory of the original nginx

whereis nginx

2. View the original nginx version and get the compilation parameters of the original nginx

cd /usr/local/nginx

./sbin/nginx -V         #Capital V

nginx version: nginx/1.12.2
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_realip_module --with-openssl=/opt/openssl-1.0.2r --with-stream --with-stream_ssl_module

3. Download the latest version of nginx from the website (download address:

cd /opt 


4. Compile the new version of nginx-1.15.0 (Note: /opt/openssl-1.0.2r Download and unzip ahead of time)

tar xf nginx-1.15.0.tar.gz

cd nginx-1.15.0

.configure --prefix=/usr/local/nginx --user=nginx --group=nginx \
--with-http_ssl_module --with-http_flv_module \
--with-http_stub_status_module --with-http_gzip_static_module \
--with-http_realip_module --with-openssl=/opt/openssl-1.0.2r \
--with-stream --with-stream_ssl_module

make         # Only compile without installing here, do not execute make install command, compiled nginx file is in / objs / directory

5. Executor to backup old version of nginx

mv /usr/local/nginx/sbin/nginx  /usr/local/nginx/sbin/nginx.old

6. Replace the old Nginx executor

cp -a /opt/nginx-1.15.0/objs/nginx /usr/local/nginx/sbin/

7. Send a USR2 signal to the old version of the main process number to stop the old version of nginx from receiving requests, replace it with the new version of nginx, and stop after the old process has processed all requests, closed all connections

kill -USR2 cat /var/run/nginx/

8. Look at the nginx pid directory, there are several more files, which store the PID number of the old version of nginx

ls -l  /usr/local/nginx/logs/


9. Easily close old processes

kill -QUIT cat /var/run/nginx/

10. View the upgraded version

./usr/local/nginx/sbin/nginx -v              #Lowercase v

nginx version: nginx/1.15.0

At this point, the hot deployment of nginx is complete.

Topics: Operation & Maintenance Nginx OpenSSL Red Hat