nginx负载均衡
一. 部署web服务器集群
1.环境
3台web服务器,组建出web服务器集群
web01 10.0.0.7 172.16.1.7
web02 10.0.0.8 172.16.1.8
web03 10.0.0.9 172.16.1.9
1台负载均衡服务器
lb01 10.0.0.5 172.16.1.5
2.三台web都部署nginx服务
mkdir /server/tools -p cd /server/tools wget http://nginx.org/download/nginx-1.12.2.tar.gz tar xf nginx-1.12.2.tar.gz yum install -y pcre-devel openssl-devel useradd -M -s /sbin/nologin www cd nginx-1.12.2 ./configure --prefix=/application/nginx-1.12.2 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module make && make install ln -s /application/nginx-1.12.2 /application/nginx /application/nginx/sbin/nginx netstat -lntup|grep nginx
3编写多个站点 (3台web)
mkdir -p /application/nginx/html/{www,bbs,blog}
4.创建站点目录 (3台web)
for name in www bbs blog;do echo "10.0.0.7 $name.augustyang.org" >/application/nginx/html/$name/index.html;done for name in www bbs blog;do echo "10.0.0.8 $name.augustyang.org" >/application/nginx/html/$name/index.html;done for name in www bbs blog;do echo "10.0.0.9 $name.augustyang.org" >/application/nginx/html/$name/index.html;done
5.配置虚拟主机(3台web)
mkdir -p /application/nginx/conf/extra1 touch /application/nginx/conf/extra1/{bbs,blog,www}.conf
[root@web01 extra1]# cat * server { listen 80; server_name bbs.augustyang.org; location / { root html/bbs; index index.html index.htm; } } server { listen 80; server_name blog.augustyang.org; location / { root html/blog; index index.html index.htm; } } server { listen 80; server_name www.augustyang.org; location / { root html/www; index index.html index.htm; } }
6.修改nginx.conf文件
[root@web01 nginx]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log logs/test_error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; include extra1/www.conf; #include extra1/bbs.conf; #include extra1/blog.conf; }
#nginx.conf 文件同步到其他2台机器上
scp -rp /application/nginx/conf/nginx.conf 172.16.1.8:/application/nginx/conf/ scp -rp /application/nginx/conf/nginx.conf 172.16.1.9:/application/nginx/conf/
#虚拟主机的首页同步到其他2台机器
scp -r /application/nginx/html/* 172.16.1.8:/application/nginx/html scp -r /application/nginx/html/* 172.16.1.9:/application/nginx/html
7. 访问测试
[root@lb01 ~]# curl -H host:bbs.augustyang.org 10.0.0.7/index.html 10.0.0.7 bbs.augustyang.org [root@lb01 ~]# curl -H host:www.augustyang.org 10.0.0.7/index.html 10.0.0.7 www.augustyang.org [root@lb01 ~]# curl -H host:blog.augustyang.org 10.0.0.7/index.html 10.0.0.7 blog.augustyang.org [root@lb01 ~]# curl -H host:bbs.augustyang.org 10.0.0.8/index.html 10.0.0.8 bbs.augustyang.org [root@lb01 ~]# curl -H host:www.augustyang.org 10.0.0.8/index.html 10.0.0.8 www.augustyang.org [root@lb01 ~]# curl -H host:blog.augustyang.org 10.0.0.8/index.html 10.0.0.8 blog.augustyang.org [root@lb01 ~]# curl -H host:bbs.augustyang.org 10.0.0.9/index.html 10.0.0.9 bbs.augustyang.org [root@lb01 ~]# curl -H host:www.augustyang.org 10.0.0.9/index.html 10.0.0.9 www.augustyang.org [root@lb01 ~]# curl -H host:blog.augustyang.org 10.0.0.9/index.html 10.0.0.9 blog.augustyang.org
二. 部署负载均衡服务器
1.部署nginx服务
mkdir /server/tools -p cd /server/tools wget http://nginx.org/download/nginx-1.12.2.tar.gz tar xf nginx-1.12.2.tar.gz yum install -y pcre-devel openssl-devel useradd -M -s /sbin/nologin www cd nginx-1.12.2 ./configure --prefix=/application/nginx-1.12.2 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module make && make install ln -s /application/nginx-1.12.2 /application/nginx /application/nginx/sbin/nginx netstat -lntup|grep nginx
2.编写nginx反向代理配置文件
grep -Ev "#|^$" nginx.conf.default >nginx.conf
upstream
官方链接:http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream
Syntax: upstream name { ... }
Default: —
Context: http
eg:
upstream oldboy {
server 10.0.0.7:80;
server 10.0.0.8:80;
server 10.0.0.9:80;
}
说明:upstream模块就类似定一个一个地址池或者说定一个web服务器组
proxy_pass
官方链接:http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
Syntax: proxy_pass URL;
Default: —
Context: location, if in location, limit_except
eg:
location / {
proxy_pass http://oldboy;
}
说明:proxy_pass主要用于进行抛送用户访问请求给upstream模块中的相应节点服务器
3.编写nginx.conf
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name localhost; root html; index index.html index.htm; location / { proxy_pass http://oldboy; } } }
三.Nginx 反向代理负载均衡模块功能详述
1.ngx_http_upstream_module
ngx_http_upstream_module
http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream
1.1模块常用功能说明:
1)定义后端可调度节点信息
upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; }
2)实现权重值负载访问功能 weight
upstream oldboy { server 10.0.0.7:80 weight=3; server 10.0.0.8:80 weight=1; server 10.0.0.9:80 weight=1; }
3)定义后端访问的失败次数 max_fails
upstream oldboy { server 10.0.0.7:80 weight=3 max_fails=3; server 10.0.0.8:80 weight=1 max_fails=3; server 10.0.0.9:80 weight=1 max_fails=3; }
4)定义后端失败重试的间隔 fail_timeout
upstream oldboy { server 10.0.0.7:80 weight=3 max_fails=3 fail_timeout=20s; server 10.0.0.8:80 weight=1 max_fails=3 fail_timeout=20s server 10.0.0.9:80 weight=1 max_fails=3 fail_timeout=20s; }
等待20s 再访问
说明: 在尝试多次失败后, 在超时时间过去之后, 会再给想要节点一次机会
5)定义后端服务的热备节点 backup(负载节点服务器都挂了,使用备份)
upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80 backup; }
说明:当 7 8都坏了才会用到9
1.2.模块调度算法说明:
1)定义轮询调度算法 rr-默认调度算法
2)定义权重调度算法 wrr
3)定义静态调度算法 ip_hash
upstream oldboy { ip_hash; server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; }
说明: 配置ip_hash时, 一定不能和backup 和weight 同时出现
4)定义最小的连接数 least_conn
upstream oldboy { least_conn; server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; }
2.ngx_http_proxy_module
模块常用功能
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header
1) proxy_set_header 设置反向代理服务器到web服务器的http请求报文中的头部信息
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name www.augustyang.org; root html; index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; } } server { listen 80; server_name bbs.augustyang.org; root html; index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; } } }
说明: 通过以上配置, 可以实现访问负载均衡看到不同虚拟主机页面信息
#代理多个域名的负载均衡
proxy_set_header host $host;
[root@lb01 nginx]# cat /application/nginx/conf/nginx.conf worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name www.augustyang.org; #root html; #index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; #proxy_set_header X-Forwarded-For $remote_addr; } } server { listen 80; server_name bbs.augustyang.org; #root html; #index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; #proxy_set_header X-Forwarded-For $remote_addr; } } }
# 在nginx做负载均衡的时候, 后面代理的web服务器 显示真实的客户端的ip
proxy_set_header X-Forwarded-For $remote_addr;
web服务器需要打开日志功能
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main;
[root@lb01 nginx]# cat /application/nginx/conf/nginx.conf worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream oldboy { server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name www.augustyang.org; #root html; #index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } } server { listen 80; server_name bbs.augustyang.org; #root html; #index index.html index.htm; location / { proxy_pass http://oldboy; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } } }
web日志
10.0.0.5 - - [13/Dec/2018:15:47:39 +0800] "GET /favicon.ico HTTP/1.0" 404 571 "http://bbs.augustyang.org/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "10.0.0.253"
http proxy 模块相关参数说明
nginx功能的代理功能是是通过http proxy模块来实现的。默认在安装Nginx是已经安装了http proxy模块,可以直接使用。
http模块相关参数 | 说明 |
proxy_set_header | 设置http请求header项传给后端服务节点,例如:可实现让代理后端的服务节点获取访问客户端用户的真实IP地址 |
client_body_buffer_size | 用于指定客户端请求主体缓冲区大小,此处如果了解前面的http请求包的原理就好理解了 |
proxy_connect_timeout | 表示反向代理与后端节点服务器连接的超时时间,即发起握手等候相应超时时间 |
proxy_send_timeout | 表示代理后端服务器的数据回传时间,即在规定时间之内后端服务器必须传完所有的数据,否则Nginx将断开这个连接 |
proxy_read_timeout | 设置Nginx从代理的 后端服务器获取信息的时间,表示连接建立成功后,Nginx等待后端服务器的相应时间,其实是Nginx已经进入后端的排队之中等候处理的时间 |
proxy_buffer_size | 设置缓存区大小,默认该缓存区等于指令proxy_buffer设置的大小 |
proxy_buffer | 设置缓存区的数量和大小,Nginx从代理的后端服务器获取的响应信息,会放置到缓存区 |
proxy_busy_buffer_size | 用于设置系统很忙是可以使用的proxy_buffer大小,官方推荐大小为proxy_buffers*2 |
proxy_temp_file_write_size | 指定proxy缓冲临时文件的大小 |
相关重要参数
相关重要参数 | 参数说明 |
proxy_psss http://test | 通过proxy_pass功能把用户的请求转向到反向代理定义的upstream服务器池 |
proxy_set_header Host $host | 在代理后端服务器发送的http请求头中加入host字段信息,用于后端服务器配置有多个虚拟主机主机是可以识别是那个虚拟主机。这是节点服务器多虚拟主机时的关键配置 |
proxy_set_header X-Forwarded-For $remote_addr; |
在反向代理服务器发送http请求头加入X-Forwarded-For字段信息,用于后端服务程序、日志等接受记录真实的IP,而不是代理服务器的IP这是反向代理时,节点服务器获取用户真实IP的必要功能配置 后面服务器,记录日志格式,main |
四. 相据URL目录地址转发的应用场景1.6 基于目录(uri)进行转发--网站动静分离
1.业务的域名没有拆分或者不希望拆分,但希望实现动静分离、多业务分离。
2.不同的客户端设备(例如:手机和 PC端)使用同一个域名访问同一个业务网站,就需要根 据规则将不同设备的用户请求交给后端不同的服务器处理,以便得到最佳用户体验。
服务器规划
目录 | ip | 服务器目录 | 类型 |
/upload | 10.0.0.7 | html/www/upload | 更新目录 |
/staic | 10.0.0.8 | html/www/staic | 静态目录 |
/ | 10.0.0.9 | html/www | 默认首页 |
1.业务的域名没有拆分或者不希望拆分,但希望实现动静分离、多业务分离。
问题1: 解决思路,根据动态 静态的类型 来划分不同的集群组。 现在我这边划分为3个伪集群组。 upload(处理动态资源) staic(处理静态资源) /默认首页。 实现动静分离
这边我贴一个(upload)的web配置文件
[root@web01 upload]# cat /application/nginx/conf/extra1/www.conf server { listen 80; server_name augustyang.org; rewrite ^/(.*) http://www.augustyang.org/$1 permanent; } server { listen 80; server_name www.augustyang.org; root html/www; index index.html index.htm; }
lb这里需要配置3个集群组 upstream负载
upstream upload { server 10.0.0.7:80; } upstream staic { server 10.0.0.8:80; } upstream default { server 10.0.0.9:80; }
lb 3个集群组对应的 proxy_pass
location /upload { proxy_pass http://upload; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location /staic { proxy_pass http://staic; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location / { proxy_pass http://default; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; }
lb的整个配置文件
[root@lb01 conf]# cat nginx.conf worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream upload { server 10.0.0.7:80; } upstream staic { server 10.0.0.8:80; } upstream default { server 10.0.0.9:80; } server { listen 80; server_name www.augustyang.org; location /upload { proxy_pass http://upload; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } location /staic { proxy_pass http://staic; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } location / { proxy_pass http://default; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } } }
测试
2.不同的客户端设备(例如:手机和 PC端)使用同一个域名访问同一个业务网站,就需要根 据规则将不同设备的用户请求交给后端不同的服务器处理,以便得到最佳用户体验。
web上配置
[root@web01 nginx]# cat /application/nginx/html/www/index.html 10.0.0.7 www.augustyang.org http://www.augustyang.org/upload/index.html
nginx.conf
server { listen 80; server_name augustyang.org; rewrite ^/(.*) http://www.augustyang.org/$1 permanent; } server { listen 80; server_name www.augustyang.org; root html/www; index index.html index.htm; }
lb上配置
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream iphone { server 10.0.0.7:80; } upstream android { server 10.0.0.8:80; } upstream pc { server 10.0.0.9:80; } server { listen 80; server_name www.augustyang.org; location / { if ($http_user_agent ~* "iphone") { proxy_pass http://iphone; } if ($http_user_agent ~* "android") { proxy_pass http://android; } proxy_pass http://pc; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; } } }
测试
[root@lb01 conf]# curl -A iphone -H host:www.augustyang.org 10.0.0.5
10.0.0.7 www.augustyang.org
http://www.augustyang.org/upload/index.html
[root@lb01 conf]# curl -A pc -H host:www.augustyang.org 10.0.0.5
10.0.0.9 www.augustyang.org
[root@lb01 conf]# curl -A android -H host:www.augustyang.org 10.0.0.5
10.0.0.8 www.augustyang.org
http://www.augustyang.org/staic/index.html