nginx1.8.1反向代理、负载均衡功能的实现
nginx1.8.1 proxy 服务器192.168.8.40
web1 centos6.5 httpd2.2.15
web2 centos7.2 httpd2.4.6
1、代理功能的简单实现
nginx代理服务器:192.168.8.40
web服务器:192.168.8.101
8.40添加代理:
location /forum/ {
proxy_pass http://192.168.8.101/bbs/;
}
在被代理的web端
创建目录mkdir /web/htdocs/bbs
vim /web/htdocs/bbs/index.html
加入<h1>192.168.8.101 bbs</h1>
访问 http://192.168.8.40/forum/即可出现8.101的内容
改成正则表达式的方式:
location ~* ^/forum {
proxy_pass http://192.168.8.101;
}
此时http://192.168.8.40/forum/的方式不能访问,需要通过修改192.168.8.101的bbs目录改为forum即可访问
# mv bbs forum
2、代理上显示客户端真实IP(方便统计真实的IP访问情况)
8.101上更改显示日志的方式:
# vim /etc/httpd/conf/httpd.conf
LogFormat "%{X-Real-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
nginx服务器端8.40配置:
location ~* ^/forum {
proxy_pass http://192.168.8.101;
proxy_set_header X-Real-IP $remote_addr;
}
3.实现简单的负载均衡:
nginx proxy server:192.168.8.40
apache web1:192.168.8.39
apache web2:192.168.8.101
nginx proxy server:192.168.8.40配置:
# 定义web服务器集群:
upstream webservers {
server 192.168.8.39 weight=1;
server 192.168.8.101 weight=1;
}
server {
#location / {
# root /web/htdocs;
# index index.php index.html index.htm;
#}
#定义访问集群
location / {
proxy_pass http://webservers/;
proxy_set_header X-Real-IP $remote_addr;
}
}
通过访问http://192.168.8.40可以看到负载的效果
4、对负载均衡的服务器宕机情况进行适配
#添加错误的定义
server {
listen 8080;
server_name localhost;
root /web/errorpages;
index index.html;
}
# 创建错误页面定义
# mkdir /web/errorpages/ -pv
# vim index.html
加入
sorry,website is being repaired please wait
# 添加超时定义及错误页面定义,如果连续访问错误两次则踢掉,检测时间间隔2秒
upstream webservers {
server 192.168.8.39 weight=1 max_fails=2 fail_timeout=2;
server 192.168.8.101 weight=1 max_fails=2 fail_timeout=2;
server 127.0.0.1:8080 weight=1 backup;
}
测试,关闭web1则,只能访问到web2,关闭web2后出现错误提示
5、为反向代理启用缓存功能
proxy_cache_path /nginx/cache/first levels=1:2 keys_zone=first:20m max_size=1g;
server {
listen 80;
server_name localhost;
index index.html index.php;
add_header X-Via $server_addr;
add_header X-Cache "$upstream_cache_status from $server_addr";
location / {
proxy_pass http://webservers/;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache first;
proxy_cache_valid 200 10m;
}
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] mkdir() "/nginx/cache/first" failed (2: No such file or directory)
nginx: configuration file /etc/nginx/nginx.conf test failed
[root@centossz008 ~]# mkdir -pv /nginx/cache/first
mkdir: created directory `/nginx'
mkdir: created directory `/nginx/cache'
mkdir: created directory `/nginx/cache/first'
add_header X-Via $server_addr;
add_header X-Cache "$upstream_cache_status from $server_addr";
提示信息如下:
6、重定向规则
location / {
#root html;
root /web/htdocs;
index index.html index.htm;
rewrite ^/bbs/(.*)$ http://192.168.8.101/forum/$1;
}
访问:http://192.168.8.40/bbs/
7、上传文件的负载均衡
可能碰到这样的业务场景,几台web app设置了主从,一个服务器负责上传,其他只能通过同步来获取
nginx配置:
location / {
proxy_pass http://192.168.8.40/;
if ($request_method = "PUT"){
proxy_pass http://192.168.8.101;
}
}
客户端配置:
# vim /etc/httpd/conf/httpd.conf
在<Directory "/web/htdocs">下面添加Dav on
<Directory "/web/htdocs">
Dav on
# curl -T /etc/fstab http://192.168.8.40
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>201 Created</title>
</head><body>
<h1>Created</h1>
<p>Resource /fstab has been created.</p>
</body></html>
在8.101上可以看到上传的文件
htdocs]# ls
forum fstab index.html
8、通过nginx统计某推广链接重写url
需求:
通过nginx统计某推广链接(如:http://www.baidu.com)的访问次数,即访问tuiguang.chinasoft.com自动跳转到www.baidu.com页面
如该服务器为1.1.1.1,带宽要足够大(要根据实际访问量来定)
步骤
①添加1.1.1.1的dns域名解析 tuiguang.chinasoft.com --> 1.1.1.1
②添加相关的配置
vim /etc/nginx/conf.d/tuiguang.conf
server {
server_name tuiguang.chinasoft.com;
rewrite_log on; # 打开重写的日志
error_log /data/logs/app_h5.log notice;
access_log /data/logs/app_error_h5.log;
location /h5/flow{
alias /data/h5;
index index.html;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
rewrite ^(.*) http://www.baidu.com break;
}
}
9.修改http头Content-Type为application/octet-stream
upstream lvs_server{server 10.27.13.215:8555; #hd_lvs_voice01server 10.26.114.166:8555; #hd_lvs_voice02server 10.27.62.9:8555; #hd_lvs_voice03server 10.30.196.175:8555; #hd_lvs_voice04server 10.30.196.157:8555; #hd_lvs_voice05}server {listen 8555; location / {proxy_pass http://lvs_server;
}location /index {proxy_set_header Host $http_host;proxy_set_header X-Real-Ip $remote_addr;proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Content-Type application/octet-stream;proxy_pass http://lvs_server;
}#end index}日志中添加响应时间,请求时间的日志格式
log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for" "$http_host" "$upstream_response_time" "$request_time"';
nginx获取不到客户端真实IP地址
upstream dxflowservers {ip_hash;server u04flow01.yaya.corp:8091 weight=1 max_fails=2 fail_timeout=3;server u04rec02.yaya.corp:8091 weight=1 max_fails=2 fail_timeout=3;
}
server { server_name 106.75.19.93;server_name dxacc.chinasoft.cn;location /{root /data/chinasoft/dx_traffic/liuliang_http/liuliangsdk/;index index.html;try_files $uri $uri/ /index.html;}location /dingxiangsdk/{proxy_set_header Host $host;proxy_set_header X-Real-Ip $remote_addr;# 经过ulb(lvs)以后无法获取客户端的真实IP地址,去掉下面这行即可#proxy_set_header X-Forwarded-For $remote_addr;proxy_pass http://dxflowservers/;
} location /ngx_status {stub_status on;access_log off;allow 127.0.0.1;#deny all;}
}简单测试反向代理upstream的健康检查功能
nginx --> apache(两台)
nginx : 192.168.3.200 (nginx 1.12.2)
apache01: 192.168.3.12
apache02:192.168.3.13
nginx的配置
upstream lvs_server{server 192.168.3.12:8555 weight=2 max_fails=5 fail_timeout=6;server 192.168.3.13:8555 weight=2 max_fails=5 fail_timeout=6;
}server {listen 8555;server_name 192.168.3.200;access_log /var/log/nginx/voice_lvs.access.log main;error_log /var/log/nginx/voice_lvs.error.log;location / {proxy_pass http://lvs_server/;
}location /index {proxy_set_header Host $http_host;proxy_set_header X-Real-Ip $remote_addr;proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Content-Type application/octet-stream;proxy_pass http://lvs_server;
}location /ngx_status {stub_status on;access_log off;allow 127.0.0.1;}}[root@centossz008 ~]# cat /var/www/html/index.html
<h1>192.168.3.12</h1>
server01
[root@node5 ~]# cat /var/www/html/index.html
<h1>192.168.3.13</h1>
server02
经过测试,当不配置以下参数,如果关掉其中一台apache,请求会全部到另外一台中,所以upstream默认就会检查后端服务器,如果配置就按照你的配置
不配置就按照默认配置
weight=2 max_fails=5 fail_timeout=6;
[root@localhost /etc/nginx/conf.d]# for i in {1..20}; do curl http://192.168.3.200:8555/index.html;done
重定向示例
# cat /usr/local/nginx/conf/vhost.d/chinasoft.com.conf
map $http_origin $corsHost {
default "none" ;
"~https://chinasoft.com" https://chinasoft.com ;
"~https://chinasoft-com.cdn.ampproject.org" https://chinasoft-com.cdn.ampproject.org ;
"~https://chinasoft.com.amp.cloudflare.com" https://chinasoft.com.amp.cloudflare.com ;
"~https://cdn.ampproject.org" https://cdn.ampproject.org ;
"~https://images.chinasoft.com" https://images.chinasoft.com ;
"~https://my.chinasoft.com" https://my.chinasoft.com ;
"~https://store.chinasoft.com" https://store.chinasoft.com ;
"~https://my.chinasoft.jp" https://my.chinasoft.jp ;
}server {listen 80;server_name chinasoft.com www.chinasoft.com ori-www.chinasoft.com;access_log /data/www/logs/nginx_log/access/chinasoft.com_access.log main ;error_log /data/www/logs/nginx_log/error/chinasoft.com_error.log ;root /data/www/vhosts/chinasoft.com/httpdocs ;index index.html index.shtml index.php ;include rewrite.d/chinasoft.com.conf ;error_page 404 403 /404.html; rewrite ^/(.*)$ https://www.chinasoft.com/$1 permanent; #跳转到Https
location ~ \.php$ {fastcgi_pass unix:/tmp/php-cgi.sock;fastcgi_index index.php;#fastcgi_param SCRIPT_FILENAME ;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;expires -1;}location / {include proxy_params;if (!-d $request_filename){set $flag 1$flag;}if (!-f $request_filename){set $flag 2$flag;}if ($flag = "21"){rewrite ^(.*)$ /index.php last;expires -1; }}}server {listen 443;ssl on;ssl_certificate cert2016/chinasoft_com.crt;ssl_certificate_key cert2016/chinasoft_com.key;ssl_dhparam cert2016/dh_2048.pem;ssl_session_timeout 5m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-E
CDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-S
HA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:ED
H-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
ssl_prefer_server_ciphers on;
# add_header Strict-Transport-Security max-age=15768000;#ssl_stapling on;#ssl_stapling_verify on;server_name chinasoft.com www.chinasoft.com ori-www.chinasoft.com ;access_log /data/www/logs/nginx_log/access/chinasoft.com_access.log main ;error_log /data/www/logs/nginx_log/error/chinasoft.com_error.log ;root /data/www/vhosts/chinasoft.com/httpdocs ;index index.html index.shtml index.php ;include rewrite.d/chinasoft.com.conf ;error_page 404 403 /404.html;#add_header 'Access-Control-Allow-Origin' '*';add_header Access-Control-Allow-Origin $corsHost;add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';location ~ \.php$ {try_files $uri =404;fastcgi_pass unix:/tmp/php-cgi.sock;fastcgi_index index.php;#fastcgi_param SCRIPT_FILENAME ;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;expires -1;}location / {include proxy_params;if (!-d $request_filename){set $flag 1$flag;}if (!-f $request_filename){set $flag 2$flag;}if ($flag = "21"){rewrite ^(.*)$ /index.php last ;expires -1;}}}*****************if ($request_uri ~ ^/snapchat/snapchat-password-cracker.html) { rewrite ^ https://www.centos.net/snapchat/snapchat-password-cracker.html permanent; }
if ($request_uri ~ ^/spy/index.html) { rewrite ^ https://www.chinasoft.com/topic/index.html permanent; }
if ($request_uri ~ ^/telegram/index.html) { rewrite ^ https://www.chinasoft.com/topic/index.html permanent; }
if ($request_uri ~ ^/track/hidden-phone-tracker-for-android-iphone.html) { rewrite ^ https://www.centos.net/track/hidden-phone-tracker-for-android-iphone.html permanent; }
if ($request_uri ~ ^/viber/index.html) { rewrite ^ https://www.chinasoft.com/topic/index.html permanent; }
[root@EOP_Aimersoft_web01:~]# head -30 /usr/local/nginx/conf/rewrite.d/chinasoft.com.conf
if ($host ~* ^chinasoft.com$){ rewrite ^(.*)$ http://www.chinasoft.com$1 permanent;}
if ($request_uri ~ ^/(.*)/(index|indice).(html)) { rewrite ^/(.*)/(index|indice).(html) /$1 permanent;}
if ($request_uri ~ ^/(index|indice).html) { rewrite ^ / permanent;}
#20170824
if ($request_uri ~ ^/install-chinasoft-spy-app-on-android-phones.html) { rewrite ^ /how-to-spy-android-phones.html permanent; }转载于:https://www.cnblogs.com/reblue520/p/6239822.html
nginx1.8.1反向代理、负载均衡功能的实现相关推荐
- 编译安装nginx并实现反向代理负载均衡和缓存功能
一.编译安装nginx 1.下载 [root@ns1 ~]# wget http://nginx.org/download/nginx-1.10.0.tar.gz 2.解压 [root@ns1 ~]# ...
- Nginx 反向代理 负载均衡 虚拟主机
Nginx 反向代理 负载均衡 虚拟主机配置 通过本章你将学会利用Nginx配置多台虚拟主机,清楚代理服务器的作用,区分正向代理和反向代理的区别,搭建使用Nginx反向搭理和负载均衡,了解Nginx常 ...
- Nginx反向代理 负载均衡sky
Nginx服务部署 Nginx简介 Nginx (engine x) 是一个轻量级的.高性能的HTTP和反向代理服务器,也是一个IMAP/POP3/SMTP服务器.Nginx是由伊戈尔·赛索耶夫为俄罗 ...
- Nginx反向代理负载均衡虚拟主机动静分离UrlRewrite防盗链
文章目录 1. Nginx简介 1.1 Nginx背景 1.2 Nginx的优点 1.3 Nginx的功能特性及常用功能 2.Nginx安装 2.1 下载上传解压 1.2 安装 3.nginx核心概念 ...
- Nginx特性验证-反向代理/负载均衡/页面缓存/URL重定向
原文发表于cu:2016-08-25 参考文档: Nginx 反向代理.负载均衡.页面缓存.URL重写等:http://freeloda.blog.51cto.com/2033581/1288553 ...
- nginx 反向代理负载均衡 tomcat集群应用
nginx 反向代理负载均衡 tomcat集群应用 环境介绍: 系统:centos5.8_64 192.168.0.201:nginx服务器 192.168.0.202:tomcat服务器 192.1 ...
- Nginx总结(安装,使用,正向代理,反向代理,负载均衡)
目录 Nginx介绍与安装 一.Nginx简介 1.什么是ngnix 2.nginx应用场景 二.Nginx安装与启动 Nginx静态网站部署 一.静态⽹站的部署 二.配置虚拟主机 1.端⼝绑定 2. ...
- nginx反向代理模块配置详解_Nginx(三):反向代理负载均衡集群配置详解
概述: 本篇主要总结Nginx实现反向代理和负载均衡功能相关模块的配置说明.主要使用到的模块如下:ngx_http_proxy_moduleNginx实现反向代理功能 ngx_http_upstrea ...
- nginx反向代理/负载均衡MySQL
从Nginx1.9开始,官方提供了一个ngx_stream_core_module模块,该模块支持了TCP代理以及负载均衡功能. 要想启用该模块,在nginx编译时,指定编译参数 --with-str ...
- Nginx 反向代理 负载均衡 动静分离 高可用 原理
1.Nginx简介 1.1 概述 Nginx ("engine x") 是一个高性能的 HTTP 和 反向代理服务器,特点是占有内存少,并发能力强,能经受高负载的考验,有报告表明能 ...
最新文章
- Promise的实例用法
- vue 源码学习(二) 实例初始化和挂载过程
- div横排 html_html中两个DIV怎么横排靠齐?
- GoLand 2019.1 发布 RC 候选版
- 实例讲解ThinkPHP的UploadFile文件上传类的详细用法
- mac os touch命令_Mac系统忘记开机密码怎么办?
- WordPress 默认主题自定义页面模板
- java token生成和验证_程序员应该如何设计更优雅的Token认证方式?
- DIP(依赖倒置原则),IoC(控制反转),DI(依赖注入)复习总结
- Zend Framework 开发记录 - 代码片段–jquery–select控件
- 在 Java 应用程序中定时执行任务
- python翻译爬虫_python 翻译爬虫
- html设置导背景宽度,calc()实现满屏背景定宽内容
- csdn怎么添加好友
- 什么叫结构化程序设计,他的主要内容是什么?
- QPS、TPS是什么
- vr虚拟仿真教学系统应用场景开发
- 多线程——生产者消费者模型
- 知识图谱与推荐系统综述
- eNSP第二篇:Eth-trunk,链路聚合,常用命令,二层链路聚合和三层链路聚合