天天看點
傳回

Nginx反向代理和緩存雜記Nginx反向代理

Nginx反向代理

反向代理實驗

1、準備node1,node2兩台節點,node1反向至node2,node2配置wed服務

2、node2啟動web服務

3、配置node1的nginx反向代理

3.1 備份配置檔案 

[[email protected] nginx]# cd conf.d/
[[email protected] conf.d]# cp default.conf{,.bak}

3.2 node1配置反向代理至後端伺服器 

[[email protected] conf.d]# vim default.conf

location / {
    #root   /usr/share/nginx/html;
    proxy_pass http://10.201.106.22/;

3.3 重載nginx服務 

[[email protected] conf.d]# service nginx configtest
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]

3.4 測試通路http://10.201.106.21能夠成功跳轉至node2的網頁

3.5 檢視node2通路日志,記錄的是Client的IP 

[[email protected] ~]# tail -1 /var/log/httpd/access_log
10.201.106.1 - - [12/Dec/2016:00:10:31 +0800] "GET /favicon.ico HTTP/1.1" 404 288 "http://10.201.106.22/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"

4、隻代理某個請求

4.1 node2節點配置新的網站目錄 

[[email protected] ~]# cd /var/www/html/
[[email protected] html]# ls
index.html
[[email protected] html]# mkdir bbs
[[email protected] html]# vim bbs/index.html

<h1>bbs on node2</h1>

4.2 node1配置反向代理 

location / {
    root   /usr/share/nginx/html;
    index  index.html index.htm;
    # example
    #ModSecurityEnabled on;
    #ModSecurityConfig /etc/nginx/modsecurity.conf;
}

location /bbs/ {
    proxy_pass http://10.201.106.22/bbs/;
}

[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]

4.3 通路http://10.201.106.21/bbs/能夠跳轉到node2的界面

4.4 測試将node1的反向配置,前端改成錯誤的後再測試 

location /qqq/ {
    proxy_pass http://10.201.106.22/bbs/;
}

[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]

測試:http://10.201.106.21/qqq/
可以通路到node2的bbs頁面

實際是node1請求的
[[email protected] html]# tail -1 /var/log/httpd/access_log
10.201.106.21 - - [12/Dec/2016:02:10:01 +0800] "GET /bbs/ HTTP/1.0" 200 22 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"

4.5 隻有前端,沒有後端測試 

location /forum/ {
    proxy_pass http://10.201.106.22/;
}

[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]

測試後跳轉到首頁了,這也是一個URL

4.6 比對字尾名,跳轉 

location ~* \.(jpg|png|gif)$ {
    proxy_pass http://10.201.106.22;
}

文法檢查:
[[email protected] conf.d]# service nginx configtest
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[[email protected] conf.d]# 

重載服務
[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]
[[email protected] conf.d]# 

上傳圖檔到node2節點

通路:http://10.201.106.21/bg.jpg可以通路到node2的圖檔

4.7 放到目錄下的圖檔通路 

上傳圖檔到node2節點;
[[email protected] html]# mkdir images
[[email protected] html]# cd images/
[[email protected] images]# ls
2.jpg
[[email protected] images]# 

通路測試,可以看到圖檔
http://10.201.106.21/images/2.jpg

4.8 修改後端路徑,期望放到/images下 

location ~* \.(jpg|png|gif)$ {
    proxy_pass http://10.201.106.22/images/;
}

第一種例外
文法錯誤,模式比對,後面就不能再跟上URL,連/也不能加
[[email protected] conf.d]# service nginx configtest
nginx: [emerg] "proxy_pass" cannot have URI part in location given by regular expression, or inside named location, or inside "if" statement, or inside "limit_except" block in /etc/nginx/conf.d/default.conf:25
nginx: configuration file /etc/nginx/nginx.conf test failed
[[email protected] conf.d]#

4.9 第二種例外,location如果有重寫,重寫後的結果

發送到後端的值,向後端發送特定首部

1、反向伺服器将用戶端真實IP發送給node2網站伺服器

1.1 node1 配置 

[[email protected] conf.d]# vim default.conf

location /forum/ {
    proxy_pass http://10.201.106.22/;
    proxy_set_header HOST $host;
    proxy_set_header X-Real-IP $remote_addr;
}

location ~* \.(jpg|png|gif)$ { 
    proxy_pass http://10.201.106.22;
    proxy_set_header X-Real-IP $remote_addr;
}

1.2 服務重載 

[[email protected] conf.d]# service nginx configtest
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[[email protected] conf.d]# 
[[email protected] conf.d]# service nginx reload
Reloading nginx:                                           [  OK  ]
[[email protected] conf.d]#

1.3 定義node2後端伺服器的日志格式 

記錄日志首部的值
[[email protected] images]# vim /etc/httpd/conf/httpd.conf 

#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Real-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

重新開機服務
[[email protected] images]# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
[[email protected] images]#

1.4 更改日志格式後,相比前兩條,最後兩條的通路日志記錄已經變成真正的用戶端主機IP了 

10.201.106.21 - - [12/Dec/2016:06:57:21 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
10.201.106.21 - - [12/Dec/2016:06:57:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
10.201.106.1 - - [12/Dec/2016:07:05:37 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
10.201.106.1 - - [12/Dec/2016:07:05:38 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
[[email protected] images]#

Nginx緩存

1、定義node1節點緩存配置,1條指令 

[[email protected] ~]# cd /etc/nginx/
[[email protected] nginx]# vim nginx.conf

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    proxy_cache_path /cache/nginx/ levels=1:1 keys_zone=mycache:32m;

    sendfile        on;

建立緩存目錄,修改權限
[[email protected] nginx]# mkdir -pv /cache/nginx
mkdir: created directory `/cache'
mkdir: created directory `/cache/nginx'
[[email protected] nginx]# chown -R nginx:nginx /cache/nginx/
[[email protected] nginx]#

2、調用緩存 

[[email protected] nginx]# vim conf.d/default.conf

location /forum/ {
    proxy_cache mycache;    調用緩存區域
    proxy_cache_valid 200 1d;   200的緩存一天
    proxy_cache_valid 301 302 10m;  301緩存10分鐘
    proxy_cache_valid any 1m;   其他緩存1分鐘
    proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;    如果有這些情況,使用舊緩存
    proxy_pass http://10.201.106.22/;
    proxy_set_header HOST $host;
    proxy_set_header X-Real-IP $remote_addr;
}

3、重載服務 

[[email protected] nginx]# service nginx configtest
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[[email protected] nginx]# 
[[email protected] nginx]# 
[[email protected] nginx]# service nginx reload
Reloading nginx:                                           [  OK  ]
[[email protected] nginx]#

4、測試 

通路網頁後,相應緩存目錄有産生檔案
[[email protected] nginx]# cd /cache/nginx/
[[email protected] nginx]# ls
[[email protected] nginx]# ls
c
[[email protected] nginx]# ls
7  c
[[email protected] nginx]# ls -lht
total 8.0K
drwx------ 3 nginx nginx 4.0K Nov 24 11:21 7
drwx------ 3 nginx nginx 4.0K Nov 24 11:21 c
[[email protected] nginx]# cd 7
[[email protected] 7]# ls
c
[[email protected] 7]# cd c
[[email protected] c]# ls
99cd97b13b9069e769098b964e66bbc7
[[email protected] c]# ls -lht
total 12K
-rw------- 1 nginx nginx 8.4K Nov 24 11:21 99cd97b13b9069e769098b964e66bbc7
[[email protected] c]# 

緩存後,

Nginx負載均衡

1、關閉緩存 

[[email protected] ~]# vim /etc/nginx/nginx.conf

#proxy_cache_path /cache/nginx/ levels=1:1 keys_zone=mycache:32m;

2、定義第三個節點的網頁 

[[email protected] ~]# vim /var/www/html/index.htm 

<h1>nginx on node3</h1>

3、編輯前端配置 

全局配置
[[email protected] ~]# vim /etc/nginx/nginx.conf

    upstream upservers {
        server 10.201.106.22;
        server 10.201.106.130;

    }

web配置

[[email protected] ~]# vim /etc/nginx/conf.d/default.conf

location /forum/ {

proxy_pass http://upservers/;

}

4、 通路http://10.201.106.21/forum/已經可以在兩個節點中切換

5、修改負載後端的某台主機權重 

[[email protected] ~]# vim /etc/nginx/nginx.conf

    upstream upservers {
        server 10.201.106.22; weight=2;
        server 10.201.106.130;

    }

6、通路網頁,22通路2次,130才通路一次

7、

[[email protected] ~]# vim /etc/nginx/nginx.conf

upstream upservers {
    ip_hash;
    server 10.201.106.22 weight=2;
    server 10.201.106.130;

}

8、 

upstream upservers {
    server 10.201.106.22 max_fails=2 fail_timeout=1;
    server 10.201.106.130 max_fails=2 fail_timeout=1;

}

将其中一個節點關系服務
[[email protected] ~]# service httpd stop
Stopping httpd:                                            [  OK  ]

測試後:隻會在好的節點通路了

重新打開服務後,又能在兩個節點間切換了;

9、标記為備用節點 

upstream upservers {
    server 10.201.106.22 max_fails=2 fail_timeout=1;
    server 10.201.106.130 max_fails=2 fail_timeout=1 backup;

}

10、

轉載于:https://blog.51cto.com/zhongle21/2087740

運維 後端 開發工具
上一篇: 專訪|HPE軟體部中國區總經理李時:HPE引領IT戰略新形态
下一篇: 【一加Ace2V性能&amp;流暢度】性能方面,一加Ace2V一步到位,搭載旗艦級晶片天玑90005G移動平台,安兔兔跑

繼續閱讀