Nginx day06 七層負載均衡+四層負載均衡
1.七層負載均衡:
? 根據(jù)url 調度不同的集群 url.oldxu.com
? 10.0.0.5
? 10.0.0.7 /pass
? 10.0.0.8 /user
1.web01和web02配置 (只不過代碼不一樣)
[root@web01 conf.d]# cat url.oldxu.com.conf
server {
listen 80;
server_name url.oldxu.com;
root /code;
location / {
index index.html;
}
}
2.lb配置 172.16.1.5
[root@lb01 conf.d]# cat proxy_url.oldxu.com.conf
upstream user {
server 172.16.1.8;
}
upstream pass {
server 172.16.1.7;
}
server {
listen 80;
server_name url.oldxu.com;
location / {
proxy_pass http://user/;
include proxy_params;
}
location /user {
proxy_pass http://user/;
}
location /pass {
proxy_pass http://pass/;
include proxy_params;
}
}
3.重啟服務
[root@lb01 conf.d]# systemctl restart nginx
PS: 在使用proxy_pass反向代理時,最后結尾添加/和不添加/有什么區(qū)別?
1.不添加 /
用戶如果請求: http://url.oldxu.com/user
會被代理至后端: http://url.oldxu.com/user
1.添加 /
用戶如果請求: http://url.oldxu.com/user
會被代理至后端: http://url.oldxu.com/
2.根據(jù)設備調度不同的集群 ( 瀏覽器 ) ( 手機 )
? 10.0.0.5
? 10.0.0.7 pc
? 10.0.0.8 phone
1.所有的web都需要配置 ( 代碼不一樣)
[root@web01 conf.d]# cat /etc/nginx/conf.d/agent.oldxu.com.conf
server {
listen 80;
server_name agent.oldxu.com;
root /code;
location / {
index index.html;
}
}
2.代理的配置
[root@lb01 conf.d]# cat proxy_agent.oldxu.com.conf
upstream pc {
server 172.16.1.7:80;
}
upstream phone {
server 172.16.1.8:80;
}
server {
listen 80;
server_name agent.oldxu.com;
location / {
#默認都走pc
proxy_pass http://pc;
include proxy_params;
default_type text/html;
charset utf-8;
#如果是安卓或者iPhone恒傻,則走phone
if ( $http_user_agent ~* "android|iphone|iPad" ) {
proxy_pass http://phone;
}
#如果是IE瀏覽器,要么拒絕,要么返回一個好的瀏覽器下載頁面
if ( $http_user_agent ~* "Trident" ) {
return 200 '<a target="_blank">點擊下載正版瀏覽器google.exe</a>';
}
}
}
多級負載下如何透傳真實客戶端IP? ( 提供視頻 )
x-forwar
realip (知道經過了那些代理 代理的IP又是多少)
3.四層負載均衡
1.什么是四層 OSI 傳輸層 TCP/IP UDP/TCP
? 四層是基于轉發(fā)方式:
image.png
2.四層負載均衡使用場景
? 1.四層負載均衡 + 七層負載均衡
? 2.dns + 多機房 + 四層負載均衡+七層負載均衡
? 3.SOA 松耦合架構
? 登錄 passport.jd.com
? 注冊 reg.jd.com
? 商品詳情 pro.jd.com
四層負載均衡+七層負載均衡+web集群+NFS+Redis
![]()
image.png
image.png
10.0.0.4
nginx是1.9版本以后才引入的四層負載均衡
stream模塊實現(xiàn),但stream不能出現(xiàn)在http層
--with-stream
-with-stream_ssl_module
-with-stream_realip_module
stream {
upstream backend {
hash $remote_addr consistent;
server backend1.example.com:12345 weight=5;
server 127.0.0.1:12345 max_fails=3 fail_timeout=30s;
server unix:/tmp/backend3;
}
server {
listen 12345;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass backend;
}
}
nginx四層+nginx七層+web集群--->場景
1.定義四層配置文件路徑:
[root@lb-4 nginx]# vim /etc/nginx/nginx.conf
include /etc/nginx/conf.c/*.conf;
2.進行初始化操作
[root@lb-4 ~]# rm -f /etc/nginx/conf.d/default.conf
[root@lb-4 nginx]# mkdir /etc/nginx/conf.c
3.配置四層負載均衡
[root@lb-4 ~]# cat /etc/nginx/conf.c/all.conf
stream {
upstream blog {
server 172.16.1.5:80;
server 172.16.1.6:80;
}
server {
listen 80;
proxy_pass blog;
proxy_timeout 3s;
proxy_connect_timeout 3s;
}
}
基于端口的轉發(fā)
需求: 用戶連接10.0.0.4的6666端口,其實連接的是172.16.1.7的22/TCP端口
需求: 用戶連接10.0.0.4的5555端口,其實連接的是172.16.1.51的3306/TCP端口
(先拔掉7和51的公網(wǎng)IP)
nginx 7層 web01 MySQL
nginx 4層 + web02 NFS
nginx 7層 web03 Redis
10.0.0.6
10.0.0.4
nginx是1.9版本以后才引入的四層負載均衡
stream模塊實現(xiàn),但stream不能出現(xiàn)在http層
--with-stream
-with-stream_ssl_module
-with-stream_realip_module
示例
stream {
upstream backend {
hash $remote_addr consistent;
server backend1.example.com:12345 weight=5;
server 127.0.0.1:12345 max_fails=3 fail_timeout=30s;
server unix:/tmp/backend3;
}
server {
listen 12345;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass backend;
}
}
nginx四層+nginx七層+web集群--->場景
1.定義四層配置文件路徑
[root@lb-4 nginx]# vim /etc/nginx/nginx.conf
include /etc/nginx/conf.c/*.conf; (加到http層外邊)
2.進行初始化操作
[root@lb-4 ~]# rm -f /etc/nginx/conf.d/default.conf
[root@lb-4 nginx]# mkdir /etc/nginx/conf.c
3.配置四層負載均衡
[root@lb-4 ~]# cat /etc/nginx/conf.c/all.conf
stream {
upstream blog {
server 172.16.1.5:80;
server 172.16.1.6:80;
}
server {
listen 80;
proxy_pass blog;
proxy_timeout 3s;
proxy_connect_timeout 3s;
}
}
4.基于端口的轉發(fā)
需求: 用戶連接10.0.0.4的6666端口,其實連接的是172.16.1.7的22/TCP端口
需求: 用戶連接10.0.0.4的5555端口,其實連接的是172.16.1.51的3306/TCP端口
[root@web03 ~]# cat /etc/nginx/conf.c/all.conf
stream {
upstream blog {
server 172.16.1.5:80;
server 172.16.1.6:80;
}
upstream ssh {
server 172.16.1.7:22;
}
upstream mysql {
server 172.16.1.51:3306;
}
server {
listen 6666;
proxy_pass ssh;
}
server {
listen 5555;
proxy_pass mysql;
}
server {
listen 80;
proxy_pass blog;
proxy_timeout 3s;
proxy_connect_timeout 3s;
}
}
5.四層負載均衡怎么記錄日志 必須在stream層,不能出現(xiàn)在http層?
[root@web03 ~]# cat /etc/nginx/conf.c/all.conf
stream {
log_format proxy '$remote_addr - [$time_local] $status $protocol'
' "$upstream_addr" "$upstream_bytes_sent" "$upstream_connect_time"' ;
access_log /var/log/nginx/tcp.log proxy;
upstream blog {
server 172.16.1.5:80;
server 172.16.1.6:80;
}
upstream ssh {
server 172.16.1.7:22;
}
upstream mysql {
server 172.16.1.51:3306;
}
server {
listen 6666;
proxy_pass ssh;
}
server {
listen 5555;
proxy_pass mysql;
}
server {
listen 80;
proxy_pass blog;
proxy_timeout 3s;
proxy_connect_timeout 3s;
}
}
