目录

1.nginx代理

2.nginx代理与配置

3.nginx负载均衡调度多web节点(静态页面)

4.nginx负载均衡调度多应用节点(blog)

5.nginx_proxy + web应用节点(多台) + Redis会话保持

0.nginx流程图

 

0.5 项目运作示意图

1.nginx代理

1.nginx代理模式

正向代理:Science上网,共享上网

反向代理:企业

2.反向代理支持模式

http 用户请求 响应 JAVA
smtp  
websocket 用户可以请求 服务端响应 服务端可以推送数据
uwsgi Python
fastcgi PHP
https  

 

 

 

 

 

 

 

 

3.代理配置语法

proxy_pass http://127.0.0.1:8080;

2.nginx代理与配置

1.web节点的配置:10.0.0.201

[root@node2 conf.d]# cat proxy.oldboyedu.com.conf 
server {
    listen 80;
    server_name proxy.oldboyedu.com;
    root /code/proxy;

    location / {
        index index.html;
    }
}
[root@node2 conf.d]# mkdir /code/proxy -p
[root@node2 conf.d]# echo "node2...." >> /code/proxy/index.html

[root@node2 conf.d]# nginx -t
[root@node2 conf.d]# systemctl reload nginx

2.代理节点的配置:10.0.0.100

# 1.关闭防火墙
[root@proxy ~]# systemctl disable firewalld
[root@proxy ~]# systemctl stop firewalld
[root@proxy ~]# setenforce 0


# 2.安装epel\nginx
[root@proxy ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@proxy ~]# yum install vim wget unzip nginx -y

# 3.清理nginx.conf 无用的配置

# 4.将nginx加入开机自启\ 启动nginx
[root@proxy ~]# systemctl start nginx
[root@proxy ~]# systemctl enable nginx


# 5.编写proxy配置文件:proxy_proxy.oldboyedu.com.conf
[root@proxy ~]# vim /etc/nginx/conf.d/proxy_proxy.oldboyedu.com.conf
server {
    listen 80;
    server_name proxy.oldboyedu.com;

    location / {
        proxy_pass http://10.0.0.201;                    # 后端是什么端口根本不重要
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
    }
}

# 6.检查语法,重载服务
[root@proxy ~]# nginx -t
[root@proxy ~]# systemctl restart nginx

在用户请求代理中,抓包分析,提炼了几个参数

proxy_set_header Host $http_host;                                # 将用户请求的域名携带到后端
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    # 将用户的真实IP地址,携带到后端,后端有对应的变量解析结果
proxy_http_version 1.1;                                            # 代理请求后端默认走http1.0, 可以调整为http1.1 长连接

3.nginx负载均衡调度多web节点(静态页面)

1.node1-nginx配置

[root@node1 conf.d]# cat /etc/nginx/conf.d/proxy.oldboyedu.com.conf
server {
    listen 80;
    server_name proxy.oldboyedu.com;
    root /code/proxy;

    location / {
        index index.html;
    }
}

[root@oldboy-pythonedu ~]# mkdir /code/proxy -p
[root@oldboy-pythonedu ~]# echo "node1...." > /code/proxy/index.html
[root@oldboy-pythonedu ~]# systemctl reload nginx

2.node2-nginx配置

[root@node2 conf.d]# cat /etc/nginx/conf.d/proxy.oldboyedu.com.conf
server {
    listen 80;
    server_name proxy.oldboyedu.com;
    root /code/proxy;

    location / {
        index index.html;
    }
}
[root@oldboy-pythonedu ~]# mkdir /code/proxy -p
[root@oldboy-pythonedu ~]# echo "node2...." > /code/proxy/index.html
[root@oldboy-pythonedu ~]# systemctl reload nginx

3.通过nginx负载均衡进行轮询调度–>proxy-nginx配置

# proxy: 10.0.0.100
# 域名: proxy.oldboyedu.com

    
[root@proxy ~]# cat  /etc/nginx/conf.d/proxy_proxy.oldboyedu.com.conf 
upstream node {
    server 10.0.0.200:80;
    server 10.0.0.201:80;
}

server {
    listen 80;
    server_name proxy.oldboyedu.com;

    location / {
        proxy_pass http://node;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
    }
}

[root@proxy ~]# nginx -t
[root@proxy ~]# systemctl reload nginx

Tip:加权轮询

upstream node {
            server 10.0.0.200:80 weight=5;
            server 10.0.0.201:80 weight=1;
        }

Tip:ip_hash:固定将请求调度到某一个节点(session会话保存)

upstream node {
            ip_hash;
            server 10.0.0.200:80;
            server 10.0.0.201:80;
        }

对于ip_hash:

  优点:可以解决会话问题

  缺点:如果来源的都是同一个IP地址,则会造成某一个节点非常的繁忙,而其他的节点没有流量,造成负载不均衡的现象.

4.nginx负载均衡调度多应用节点(blog)

实现步骤

1.准备好wordpress两台应用节点

2.准备好edusoho两台应用节点

3.配置nginx负载均衡,调度

在10.0.0.100进行blog配置

upstream blog {
    server 10.0.0.200:80;
    server 10.0.0.201:80;
}


server {
    listen 80;
    server_name blog.oldboyedu.com;
    
    location / {
        proxy_pass http://blog;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    
    }
}

通过查看访问日志,即可看到轮询的效果

Tip:查看访问日志的命令

[root@python31-centos var]# tail -f /var/log/nginx/access.log

5.nginx_proxy + web应用节点(多台) + Redis会话保持

1.搭建好应用节点(所有节点保持一致) 10.0.0.200

[root@oldboy-pythonedu ~]# wget https://files.phpmyadmin.net/phpMyAdmin/5.0.3/phpMyAdmin-5.0.3-all-languages.zip

2.准备phpmyadmin的Nginx配置文件 10.0.0.200

server {
    listen 80;
    server_name phpmyadmin.oldboyedu.com;
    root /code/phpmyadmin;

    location / {
        index index.php;
    }

    location ~ \.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

[root@oldboy-pythonedu ~]# systemctl reload nginx
[root@oldboy-pythonedu ~]# unzip phpMyAdmin-5.0.3-all-languages.zip
[root@oldboy-pythonedu ~]# mv phpMyAdmin-5.0.3-all-languages /code/phpmyadmin

3.配置phpmyadmin连接数据库地址 10.0.0.200

[root@oldboy-pythonedu ~]# cp /code/phpmyadmin/config.sample.inc.php /code/phpmyadmin/config.inc.php
[root@oldboy-pythonedu ~]# vim /code/phpmyadmin/config.inc.php
/* Server parameters */
$cfg['Servers'][$i]['host'] = '10.0.0.202';

4.授权session存储本地目录为进程的用户身份 10.0.0.200

[root@oldboy-pythonedu ~]# chown -R nginx.nginx /var/lib/php/session

5.部署node2节点的phpmyadmin, 需要将代码和nginx配置拷贝一份 10.0.0.201

[root@node2 code]# scp -rp root@10.0.0.200:/code/phpmyadmin /code/
[root@node2 code]# chown -R nginx.nginx /code/phpmyadmin/
[root@node2 code]# scp root@10.0.0.200:/etc/nginx/conf.d/phpadmin.oldboyedu.com.conf /etc/nginx/conf.d/
[root@node2 code]# chown -R nginx.nginx /var/lib/php/session/

[root@node2 code]# nginx -t
[root@node2 code]# systemctl reload nginx

6.为应用节点,接入负载均衡 10.0.0.201

[root@proxy ~]# cat /etc/nginx/conf.d/proxy_phpadmin.oldboyedu.com.conf
upstream php {
server 10.0.0.200:80;
server 10.0.0.201:80;
}

server {
listen 80;
server_name phpmyadmin.oldboyedu.com;

location / {
    proxy_pass http://php;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    
}
}    

7.检查轮询是否会造成无法登陆情况, 配置IP_hash测试是否能正常登陆

# 轮询一定会造成无法登陆成功.

# 可以采用ip_hash的方式解决.
upstream php {
    ip_hash;
    server 10.0.0.200:80;
    server 10.0.0.201:80;
}

8.采用Redis共享的方式来解决会话无法登陆的问题,

注意!!!需要先将负载均衡恢复至轮询模式,然后在继续.

8.1 安装Redis

[root@node-mysql ~]# yum install redis -y
[root@node-mysql ~]# vim /etc/redis.conf            # 添加本机的内网IP地址 ( 不要写错了 )
bind 127.0.0.1 10.0.0.202

[root@node-mysql ~]# systemctl enable redis
[root@node-mysql ~]# systemctl start redis
[root@node-mysql ~]# netstat -lntp | grep redis
tcp        0      0 10.0.0.202:6379         0.0.0.0:*               LISTEN      10699/redis-server  
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      10699/redis-server 

8.2 通过其他的节点测试是否能正常访问Redis

[root@node2 ~]# yum install redis -y
[root@node2 ~]# redis-cli -h 10.0.0.202

8.3 配置应用节点接入Redis

# 1.将应用程序解析器连接至 Redis 
[root@oldboy-pythonedu ~]# vim /etc/php.ini
[Session]
;session.save_handler = files        #注释掉
session.save_handler = redis
session.save_path = "tcp://10.0.0.202:6379?weight=1&timeout=2.5"

# 2.注释如下两行内容
[root@oldboy-pythonedu ~]# vim /etc/php-fpm.d/www.conf
;php_value[session.save_handler] = files
;php_value[session.save_path]    = /var/lib/php/session

# 3.重启php-fpm
[root@oldboy-pythonedu ~]# systemctl restart php-fpm

9.测试是否能正常登陆,然后检查浏览器中的session是否与redis中存储的session一致.

[root@node-mysql ~]# redis-cli
 127.0.0.1:6379> keys *
    1) "python_key"
    2) "PHPREDIS_SESSION:f0ad1e364f79a85bd93b46883403f6ec"

版权声明:本文为libolun原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://www.cnblogs.com/libolun/p/13804299.html