Nginx(三):反向代理,负载均衡

环境准备

  配置反向代理,负载均衡,动静分离需要的必备环境,JDK,2个tomcat开启8080和8081端口。

安装jdk

[root@localhost ~]# rpm -qa|grep java 
[root@localhost ~]# yum install -y java
# 省略

Complete!
[root@localhost ~]# java -version
openjdk version "1.8.0_242"
OpenJDK Runtime Environment (build 1.8.0_242-b08)
OpenJDK 64-Bit Server VM (build 25.242-b08, mixed mode)

安装Tomcat

注意:/opt/目录下的softwares和devtools是新创建的,apache-tomcat-7.0.103.tar.gz是网上下载的。

[root@localhost softwares]# ls
apache-tomcat-7.0.103.tar.gz
[root@localhost softwares]# tar -zxvf apache-tomcat-7.0.103.tar.gz -C /opt/devtools/
# 省略
[root@localhost softwares]# cd ../devtools/
[root@localhost devtools]# ls
apache-tomcat-7.0.103
[root@localhost devtools]# mv apache-tomcat-7.0.103/ apache-tomcat-7.0.103.8080/
[root@localhost devtools]# cp -r apache-tomcat-7.0.103.8080/ apache-tomcat-7.0.103.8081/
[root@localhost devtools]# ls
apache-tomcat-7.0.103.8080  apache-tomcat-7.0.103.8081

修改配置文件

[root@localhost devtools]# cd apache-tomcat-7.0.103.8081/conf/
[root@localhost conf]# ls
catalina.policy  catalina.properties  context.xml  logging.properties  server.xml  tomcat-users.xml  web.xml
[root@localhost conf]# vi server.xml 
# 将8080修改为8081
<Connector port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

启动验证

  1. 启动8081
[root@localhost conf]# cd ../bin/
[root@localhost bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/devtools/apache-tomcat-7.0.103.8081
Using CATALINA_HOME:   /opt/devtools/apache-tomcat-7.0.103.8081
Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8081/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /opt/devtools/apache-tomcat-7.0.103.8081/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8081/bin/tomcat-juli.jar
Tomcat started.

8081

  1. 启动8080
[root@localhost bin]# cd /opt/devtools/apache-tomcat-7.0.103.8080/bin/
[root@localhost bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/devtools/apache-tomcat-7.0.103.8080
Using CATALINA_HOME:   /opt/devtools/apache-tomcat-7.0.103.8080
Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8080/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /opt/devtools/apache-tomcat-7.0.103.8080/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8080/bin/tomcat-juli.jar
Tomcat started.

8080

反向代理

反向代理实例一

实现效果:使用 nginx 反向代理,访问 www.123.com 直接跳转到 127.0.0.1:8080

修改本地host配置

修改本地hosts配置

192.168.1.11		www.123.com

修改Nginx配置

[root@localhost bin]# cd /etc/nginx/
[root@localhost nginx]# ls
conf.d     fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          uwsgi_params          win-utf
default.d  fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  uwsgi_params.default
# 建议先把原配置文件备份
[root@localhost nginx]# cp nginx.conf nginx.conf.bak
[root@localhost nginx]# vi nginx.conf
listen       80;
server_name  www.123.com;

location / {
    proxy_pass http://127.0.0.1:8080
}
[root@localhost nginx]# systemctl start nginx
[root@localhost nginx]# cd /var/log/nginx/
[root@localhost nginx]# ls
access.log  error.log
[root@localhost nginx]# tail -500f error.log 
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "www.123.com"
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /nginx-logo.png HTTP/1.1", upstream: "http://127.0.0.1:8080/nginx-logo.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /poweredby.png HTTP/1.1", upstream: "http://127.0.0.1:8080/poweredby.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "www.123.com", referrer: "http://www.123.com/"
^C
# 抛出异常, 经下方命令排查是因为系统访问网络状态关闭
[root@localhost nginx]# getsebool -a | grep httpd_can_network_connect
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off

开启网络访问

# SELinux命令,临时配置,重启后失效
[root@localhost nginx]# setsebool httpd_can_network_connect=1
# 写入配置文件的命令,重启后保留
[root@localhost nginx]# setsebool -P httpd_can_network_connect 1

访问成功

succes

反向代理实例二

  实现效果:使用 nginx 反向代理,根据访问的路径跳转到不同端口的服务中 nginx 监听端口为 9001,

访问 http://www.123.com/edu/ 直接跳转到 127.0.0.1:8080

访问 http://www.123.com/vod/ 直接跳转到 127.0.0.1:8081

修改tomcat服务文件

[root@localhost ~]# cd /opt/devtools/apache-tomcat-7.0.103.8080/webapps/
[root@localhost webapps]# ls
docs  examples  host-manager  manager  ROOT
[root@localhost webapps]# cd ROOT/
[root@localhost ROOT]# ls
asf-logo-wide.svg  bg-button.png  bg-middle.png  bg-nav.png  bg-upper.png  favicon.ico  index.jsp  RELEASE-NOTES.txt  tomcat.css  tomcat.gif  tomcat.png  tomcat-power.gif  tomcat.svg  WEB-INF
[root@localhost ROOT]# vi index.jsp 
<div id="asf-box">
                <h1>${pageContext.servletContext.serverInfo}:8080</h1>
            </div>

相同方式修改8081

<div id="asf-box">
    <h1>${pageContext.servletContext.serverInfo}:8081</h1>
</div>
  • 重启tomcat

8080

8081

修改nginx配置文件

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }
        
        location /edu/ {
            proxy_pass http://127.0.0.1:8080;
        }
        
        location /vod/ {
            proxy_pass http://127.0.0.1:8081;
        }
  • 重启nginx

404

[root@localhost nginx]# tail -500f error.log
2020/04/05 04:08:34 [error] 62039#0: *78 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", host: "www.123.com", referrer: "http://www.123.com/edu/"

原因,如果代理服务器地址中是带有URI的,此URI会替换掉 location 所匹配的URI部分。
而如果代理服务器地址中是不带有URI的,则会用完整的请求URL来转发到代理服务器。

即http://www.123.com/edu/请求转发到http://127.0.0.1:8080/edu/,服务器中不存在这路径,遂查找nginx指向的,依然没有找到,抛出异常。

注意:location 正则匹配,proxy_pass 不允许使用URI。

优化修改nginx配置

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }

        location /edu/ {
            proxy_pass http://127.0.0.1:8080/;
        }

        location /vod/ {
            proxy_pass http://127.0.0.1:8081/;
        }
  • 重启nginx

success

success

负载均衡

  负载均衡即是将负载分摊到不同的服务单元,既保证服务的可用性,又保证响应 足够快,给用户很好的体验。快速增长的访问量和数据流量催生了各式各样的负载均衡产品, 很多专业的负载均衡硬件提供了很好的功能,但却价格不菲,这使得负载均衡软件大受欢迎, nginx 就是其中的一个,在 linux 下有 Nginx、LVS、Haproxy 等等服务可以提供负载均衡服 务,而且 Nginx 提供了几种分配方式(策略): 轮询、权重、ip_hash、fair。

轮询

每个请求按时间顺序逐一分配到不同的后端服务器,如果后端服务器 down 掉,能自动剔除。

实现效果

访问www.123.com,负载到8080和8081两台tomcat中去。

修改Nginx配置

http {
	# http块中配置
	upstream myserver {
      server 127.0.0.1:8080;
      server 127.0.0.1:8081;
    }

    server {
    	# server块中配置
        location / {
            proxy_pass http://myserver;
        }
    }
}

效果

lb

权重(weight)

weight 代表权,重默认为 1,权重越高被分配的客户端越多,指定轮询几率,weight 和访问率成正比,用于后端服务器性能不均的情况。

配置

upstream myserver {
    server 127.0.0.1:8080 weight=1;
    server 127.0.0.1:8081 weight=10;
}

效果

weight

ip_hash

每个请求按访问 ip 的 hash 结果分配,这样每个访客固定访问一个后端服务器,可以解决 session 的问题。

配置

upstream myserver {
    ip_hash;
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
}

fair

按后端服务器的响应时间来分配请求,响应时间短的优先分配。

配置

upstream myserver {
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
    fair; 
}
posted @ 2020-04-05 11:43  Chinda  阅读(344)  评论(0编辑  收藏  举报