Nginx反向代理與負載均衡
第1章 Nginx反向代理與負載均衡
1.1 集群簡介
若要用一句話描述集群,即一堆服務器合作做同一件事 為什麽要使用集群 1)高性能 2)價格有效性 3)可伸縮性(Scalability) 4)高可用性(Availability) |
1.2 集群的分類
集群的常見分類 計算機集群架構按功能和結構可以分成以下幾類: ***負載均衡集群(Load balancing clusters),簡稱LBC或者LB。 LVS nginx haproxy ***高可用性集群(High-availability(HA)clusters),簡稱HAC。Keepalived heartbeat 高性能計算集群(High-performance( 網絡計算(Grid computing)集群。 |
1.3 負載均衡實現方法
1.3.1 硬件實現負載均衡
F5、Netscaler、Radware、A10 |
1.3.2 軟件實現負載均衡
Nginx+Hearttbeat(7層 4層)、LVS+Keepalived(4層)、Haproxy(7層 4層) |
1.4 部署nginx反向代理負載均衡服務
1.4.1 一鍵話安裝nginx服務腳本
mkdir /server/tools -p cd /server/tools wget http://nginx.org/download/nginx-1.12.2.tar.gz tar xf nginx-1.12.2.tar.gz cd nginx-1.12.2 yum install -y pcre-devel openssl-devel useradd -M -s /sbin/nologin www ./configure --prefix=/application/nginx-1.12.2 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module make && make install ln -s /application/nginx-1.12.2 /application/nginx /application/nginx/sbin/nginx ps -ef|grep nginx |
1.4.2 部署nginx反向代理負載均衡服務
第一部分:部署nginx網站集群服務器(web01 web02 web02) server { listen 80; server_name bbs.etiantian.org; root html/bbs; index index.html index.htm; } server { listen 80; server_name www.etiantian.org; root html/www; index index.html index.htm; } 說明:將以上虛擬主機配置統一放置到web01 web02 web03服務器中 |
# 在站點目錄下創建測試文件(每臺web服務器都要創建測試文件) for name in www bbs;do echo "$(hostname -i) $(hostname) $name" >>/application/nginx/html/$name/×××.html.html;done for name in www bbs;do cat /application/nginx/html/$name/×××.html.html;done
|
第二部分:測試所有web服務節點是否能夠正常訪問 [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.7/×××.html.html;done 172.16.1.7 web01 www 172.16.1.7 web01 bbs [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.8/×××.html.html;done 172.16.1.8 web02 www 172.16.1.8 web02 bbs [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.9/×××.html.html;done 172.16.1.9 web03 www 172.16.1.9 web03 bbs
|
# 部署nginx反向代理服務器 [root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name www.etiantian.org; root html/bbs; index index.html index.htm; location / { proxy_pass http://oldboy; } } }
|
# 進行負載均衡測試 [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.7 web01 bbs [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.8 web02 bbs [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.9 web03 bbs |
1.5 Nginx反向代理負載均衡服務優化
1.5.1 實現反向代理服務器根據用戶請求的虛擬主機信息顯示頁面內容
[root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name bbs.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; --- 修改請求頭裏面host參數信息 } } server { listen 80; server_name www.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host;
Host==$host } } } |
1.5.2 實現反向代理訪問後端web服務顯示真實用戶IP地址信息
[root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name bbs.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } server { listen 80; server_name www.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } } |
1.5.3 負載均衡反向代理根據請求地址分配
需求信息 www.etiantian.org/static 10.0.0.7:80 html/www/static static靜態服務器 www.etiantian.org/upload 10.0.0.8:80 html/www/upload upload服務器 www.etiantian.org/ 10.0.0.9:80 html/www 默認
|
第一個裏程:部署web服務器測試環境 配置web01服務器環境: cd /application/nginx mkdir html/www/static echo "10.0.0.7 web01 static" >>html/www/static/nana.html cat html/www/static/nana.html
配置web02服務器環境: cd /application/nginx mkdir html/www/upload echo "10.0.0.8 web02 upload" >>html/www/upload/nana.html cat html/www/upload/nana.html
配置web03服務器環境: cd /application/nginx echo "10.0.0.9 web03 default" >>html/www/nana.html cat html/www/nana.html
第二個裏程碑:利用nginx反向代理服務器進行測試訪問 curl -H host:www.etiantian.org 10.0.0.7/static/nana.html curl -H host:www.etiantian.org 10.0.0.8/upload/nana.html curl -H host:www.etiantian.org 10.0.0.9/nana.html
第三個裏程碑:編寫nginx反向代理配置文件 第一個部分:upstream配置 upstream static { server 10.0.0.7:80; }
upstream upload { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
第二個部分:proxy_pass配置 location ~* /static { proxy_pass http://static; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location ~* /upload { proxy_pass http://upload; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location / { proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream static { server 10.0.0.7:80; }
upstream upload { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
server { listen 80; server_name www.etiantian.org; location /static/ { proxy_pass http://static; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location /upload/ { proxy_pass http://upload; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } location / { proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } }
第四個裏程碑:進行客戶端訪問測試 http://www.etiantian.org/static/nana.html http://www.etiantian.org/upload/nana.html http://www.etiantian.org/nana.html |
1.5.4 根據客戶端的設備(user_agent)轉發實踐
第一個裏程:部署web服務器測試環境 配置web01服務器環境: cd /application/nginx echo "10.0.0.7 web01 mobile" >>html/www/nana.html ---手機端訪問 cat html/www/nana.html
配置web02服務器環境: cd /application/nginx echo "10.0.0.8 web02 chrom" >>html/www/nana.html --- 谷歌瀏覽器訪問 cat html/www/upload/nana.html
配置web02服務器環境: cd /application/nginx echo "10.0.0.9 web03 default" >>html/www/nana.html --- 其他瀏覽器客戶端訪問 cat html/www/nana.html
第二個裏程碑:利用nginx反向代理服務器進行測試訪問 curl -H host:www.etiantian.org 10.0.0.7/nana.html curl -H host:www.etiantian.org 10.0.0.8/nana.html curl -H host:www.etiantian.org 10.0.0.9/nana.html
第三個裏程碑:編寫nginx反向代理配置文件 worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
upstream mobile { server 10.0.0.7:80; }
upstream PC { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
server { listen 80; server_name www.etiantian.org; location / { if ($http_user_agent ~* "iphone") { proxy_pass http://mobile; } if ($http_user_agent ~* "Chrome") { proxy_pass http://PC; } proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } access_log logs/access_www.log main; }
第四個裏程碑:進行客戶端訪問測試 http://www.etiantian.org/nana.html --- 更換不同的瀏覽器進行測試 |
proxy_set_header Host $host; 設置反向代理到web服務器請求頭信息 對請求頭中什麽信息修改 bbs.etiantian.org
proxy_set_header X-Forwarded-For $remote_addr; 設置反向代理到web服務器請求頭信息 將指定參數信息添加到請求頭中 真實客戶端源地址信息 |
1.5.5 負載均衡反向代理排查思路:
01. 確認後端節點是否有問題 curl -H host:www.etiantian.org 172.16.1.7/index.html curl -H host:www.etiantian.org 172.16.1.8/index.html 1) nginx配置文件是否編寫邏輯正確 2)nginx站點目錄下面頁面文件配置問題 02. 模擬用戶訪問反向代理服務器 curl -H host:www.etiantian.org 10.0.0.5/index.html 1)nginx負載均衡配置不正確 2)nginx負載均衡服務沒有重啟 3)後端節點出現問題 4)配置ip_hash 03. 在網頁瀏覽器上模擬客戶端訪問負載均衡服務器 1)瀏覽器緩存問題--隱身模式訪問 2)hosts文件沒有做好解析 10.0.0.5 |
Nginx反向代理與負載均衡