第1章 Nginx反向代理与负载均衡
1.1 集群简介
若要用一句话描述集群,即一堆服务器合作做同一件事 为什么要使用集群 1)高性能 2)价格有效性 3)可伸缩性(Scalability) 4)高可用性(Availability) |
1.2 集群的分类
集群的常见分类 计算机集群架构按功能和结构可以分成以下几类: ***负载均衡集群(Load balancing clusters),简称LBC或者LB。 LVS nginx haproxy ***高可用性集群(High-availability(HA)clusters),简称HAC。Keepalived heartbeat 高性能计算集群(High-performance(HP)clusters),简称HPC。 网络计算(Grid computing)集群。 |
1.3 负载均衡实现方法
1.3.1 硬件实现负载均衡
F5、Netscaler、Radware、A10 |
1.3.2 软件实现负载均衡
Nginx+Hearttbeat(7层 4层)、LVS+Keepalived(4层)、Haproxy(7层 4层) |
1.4 部署nginx反向代理负载均衡服务
1.4.1 一键话安装nginx服务脚本
mkdir /server/tools -p cd /server/tools wget http://nginx.org/download/nginx-1.12.2.tar.gz tar xf nginx-1.12.2.tar.gz cd nginx-1.12.2 yum install -y pcre-devel openssl-devel useradd -M -s /sbin/nologin www ./configure --prefix=/application/nginx-1.12.2 --user=www --group=www --with-http_ssl_module --with-http_stub_status_module make && make install ln -s /application/nginx-1.12.2 /application/nginx /application/nginx/sbin/nginx ps -ef|grep nginx |
1.4.2 部署nginx反向代理负载均衡服务
第一部分:部署nginx网站集群服务器(web01 web02 web02) server { listen 80; server_name bbs.etiantian.org; root html/bbs; index index.html index.htm; } server { listen 80; server_name www.etiantian.org; root html/www; index index.html index.htm; } 说明:将以上虚拟主机配置统一放置到web01 web02 web03服务器中 |
# 在站点目录下创建测试文件(每台web服务器都要创建测试文件) for name in www bbs;do echo "$(hostname -i) $(hostname) $name" >>/application/nginx/html/$name/×××.html.html;done for name in www bbs;do cat /application/nginx/html/$name/×××.html.html;done
|
第二部分:测试所有web服务节点是否能够正常访问 [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.7/×××.html.html;done 172.16.1.7 web01 www 172.16.1.7 web01 bbs [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.8/×××.html.html;done 172.16.1.8 web02 www 172.16.1.8 web02 bbs [root@lb01 ~]# for name in www bbs;do curl -H host:${name}.etiantian.org 172.16.1.9/×××.html.html;done 172.16.1.9 web03 www 172.16.1.9 web03 bbs
|
# 部署nginx反向代理服务器 [root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name www.etiantian.org; root html/bbs; index index.html index.htm; location / { proxy_pass http://oldboy; } } }
|
# 进行负载均衡测试 [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.7 web01 bbs [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.8 web02 bbs [root@lb01 ~]# curl -H host:bbs.etiantian.org 10.0.0.5/×××.html 172.16.1.9 web03 bbs |
1.5 Nginx反向代理负载均衡服务优化
1.5.1 实现反向代理服务器根据用户请求的虚拟主机信息显示页面内容
[root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name bbs.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; --- 修改请求头里面host参数信息 } } server { listen 80; server_name www.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host;
Host==$host } } } |
1.5.2 实现反向代理访问后端web服务显示真实用户IP地址信息
[root@lb01 ~]# cat /application/nginx/conf/nginx.conf worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream oldboy{ server 10.0.0.7:80; server 10.0.0.8:80; server 10.0.0.9:80; } server { listen 80; server_name bbs.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } server { listen 80; server_name www.etiantian.org; location / { proxy_pass http://oldboy; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } } |
1.5.3 负载均衡反向代理根据请求地址分配
需求信息 www.etiantian.org/static 10.0.0.7:80 html/www/static static静态服务器 www.etiantian.org/upload 10.0.0.8:80 html/www/upload upload服务器 www.etiantian.org/ 10.0.0.9:80 html/www 默认
|
第一个里程:部署web服务器测试环境 配置web01服务器环境: cd /application/nginx mkdir html/www/static echo "10.0.0.7 web01 static" >>html/www/static/nana.html cat html/www/static/nana.html
配置web02服务器环境: cd /application/nginx mkdir html/www/upload echo "10.0.0.8 web02 upload" >>html/www/upload/nana.html cat html/www/upload/nana.html
配置web03服务器环境: cd /application/nginx echo "10.0.0.9 web03 default" >>html/www/nana.html cat html/www/nana.html
第二个里程碑:利用nginx反向代理服务器进行测试访问 curl -H host:www.etiantian.org 10.0.0.7/static/nana.html curl -H host:www.etiantian.org 10.0.0.8/upload/nana.html curl -H host:www.etiantian.org 10.0.0.9/nana.html
第三个里程碑:编写nginx反向代理配置文件 第一个部分:upstream配置 upstream static { server 10.0.0.7:80; }
upstream upload { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
第二个部分:proxy_pass配置 location ~* /static { proxy_pass http://static; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location ~* /upload { proxy_pass http://upload; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location / { proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
worker_processes 1; error_log /tmp/error.log error; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off; keepalive_timeout 65; upstream static { server 10.0.0.7:80; }
upstream upload { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
server { listen 80; server_name www.etiantian.org; location /static/ { proxy_pass http://static; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; }
location /upload/ { proxy_pass http://upload; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } location / { proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } }
第四个里程碑:进行客户端访问测试 http://www.etiantian.org/static/nana.html http://www.etiantian.org/upload/nana.html http://www.etiantian.org/nana.html |
1.5.4 根据客户端的设备(user_agent)转发实践
第一个里程:部署web服务器测试环境 配置web01服务器环境: cd /application/nginx echo "10.0.0.7 web01 mobile" >>html/www/nana.html ---手机端访问 cat html/www/nana.html
配置web02服务器环境: cd /application/nginx echo "10.0.0.8 web02 chrom" >>html/www/nana.html --- 谷歌浏览器访问 cat html/www/upload/nana.html
配置web02服务器环境: cd /application/nginx echo "10.0.0.9 web03 default" >>html/www/nana.html --- 其他浏览器客户端访问 cat html/www/nana.html
第二个里程碑:利用nginx反向代理服务器进行测试访问 curl -H host:www.etiantian.org 10.0.0.7/nana.html curl -H host:www.etiantian.org 10.0.0.8/nana.html curl -H host:www.etiantian.org 10.0.0.9/nana.html
第三个里程碑:编写nginx反向代理配置文件 worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
upstream mobile { server 10.0.0.7:80; }
upstream PC { server 10.0.0.8:80; }
upstream default { server 10.0.0.9:80; }
server { listen 80; server_name www.etiantian.org; location / { if ($http_user_agent ~* "iphone") { proxy_pass http://mobile; } if ($http_user_agent ~* "Chrome") { proxy_pass http://PC; } proxy_pass http://default; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } access_log logs/access_www.log main; }
第四个里程碑:进行客户端访问测试 http://www.etiantian.org/nana.html --- 更换不同的浏览器进行测试 |
proxy_set_header Host $host; 设置反向代理到web服务器请求头信息 对请求头中什么信息修改 bbs.etiantian.org
proxy_set_header X-Forwarded-For $remote_addr; 设置反向代理到web服务器请求头信息 将指定参数信息添加到请求头中 真实客户端源地址信息 |
1.5.5 负载均衡反向代理排查思路:
01. 确认后端节点是否有问题 curl -H host:www.etiantian.org 172.16.1.7/index.html curl -H host:www.etiantian.org 172.16.1.8/index.html 1) nginx配置文件是否编写逻辑正确 2)nginx站点目录下面页面文件配置问题 02. 模拟用户访问反向代理服务器 curl -H host:www.etiantian.org 10.0.0.5/index.html 1)nginx负载均衡配置不正确 2)nginx负载均衡服务没有重启 3)后端节点出现问题 4)配置ip_hash 03. 在网页浏览器上模拟客户端访问负载均衡服务器 1)浏览器缓存问题--隐身模式访问 2)hosts文件没有做好解析 10.0.0.5 |
