V2AS问路
Nginx(三):反向代理,负载均衡
阅读原文时间:2023年07月08日阅读:5

环境准备

  配置反向代理,负载均衡,动静分离需要的必备环境,JDK,2个tomcat开启8080和8081端口。

[root@localhost ~]# rpm -qa|grep java
[root@localhost ~]# yum install -y java
# 省略

Complete!
[root@localhost ~]# java -version
openjdk version "1.8.0_242"
OpenJDK Runtime Environment (build 1.8.0_242-b08)
OpenJDK 64-Bit Server VM (build 25.242-b08, mixed mode)

注意:/opt/目录下的softwares和devtools是新创建的,apache-tomcat-7.0.103.tar.gz是网上下载的。

[root@localhost softwares]# ls
apache-tomcat-7.0.103.tar.gz
[root@localhost softwares]# tar -zxvf apache-tomcat-7.0.103.tar.gz -C /opt/devtools/
# 省略
[root@localhost softwares]# cd ../devtools/
[root@localhost devtools]# ls
apache-tomcat-7.0.103
[root@localhost devtools]# mv apache-tomcat-7.0.103/ apache-tomcat-7.0.103.8080/
[root@localhost devtools]# cp -r apache-tomcat-7.0.103.8080/ apache-tomcat-7.0.103.8081/
[root@localhost devtools]# ls
apache-tomcat-7.0.103.8080  apache-tomcat-7.0.103.8081

修改配置文件

[root@localhost devtools]# cd apache-tomcat-7.0.103.8081/conf/
[root@localhost conf]# ls
catalina.policy  catalina.properties  context.xml  logging.properties  server.xml  tomcat-users.xml  web.xml
[root@localhost conf]# vi server.xml


# 将8080修改为8081
<Connector port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

启动验证

  1. 启动8081

    [root@localhost conf]# cd ../bin/
    [root@localhost bin]# ./startup.sh
    Using CATALINA_BASE: /opt/devtools/apache-tomcat-7.0.103.8081
    Using CATALINA_HOME: /opt/devtools/apache-tomcat-7.0.103.8081
    Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8081/temp
    Using JRE_HOME: /usr
    Using CLASSPATH: /opt/devtools/apache-tomcat-7.0.103.8081/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8081/bin/tomcat-juli.jar
    Tomcat started.

  1. 启动8080

    [root@localhost bin]# cd /opt/devtools/apache-tomcat-7.0.103.8080/bin/
    [root@localhost bin]# ./startup.sh
    Using CATALINA_BASE: /opt/devtools/apache-tomcat-7.0.103.8080
    Using CATALINA_HOME: /opt/devtools/apache-tomcat-7.0.103.8080
    Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8080/temp
    Using JRE_HOME: /usr
    Using CLASSPATH: /opt/devtools/apache-tomcat-7.0.103.8080/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8080/bin/tomcat-juli.jar
    Tomcat started.

反向代理

实现效果:使用 nginx 反向代理,访问 www.123.com 直接跳转到 127.0.0.1:8080

修改本地host配置

192.168.1.11        www.123.com

修改Nginx配置

[root@localhost bin]# cd /etc/nginx/
[root@localhost nginx]# ls
conf.d     fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          uwsgi_params          win-utf
default.d  fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  uwsgi_params.default
# 建议先把原配置文件备份
[root@localhost nginx]# cp nginx.conf nginx.conf.bak
[root@localhost nginx]# vi nginx.conf


listen       80;
server_name  www.123.com;

location / {
    proxy_pass http://127.0.0.1:8080
}


[root@localhost nginx]# systemctl start nginx
[root@localhost nginx]# cd /var/log/nginx/
[root@localhost nginx]# ls
access.log  error.log
[root@localhost nginx]# tail -500f error.log
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "www.123.com"
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /nginx-logo.png HTTP/1.1", upstream: "http://127.0.0.1:8080/nginx-logo.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /poweredby.png HTTP/1.1", upstream: "http://127.0.0.1:8080/poweredby.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "www.123.com", referrer: "http://www.123.com/"
^C
# 抛出异常, 经下方命令排查是因为系统访问网络状态关闭
[root@localhost nginx]# getsebool -a | grep httpd_can_network_connect
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off

开启网络访问

# SELinux命令,临时配置,重启后失效
[root@localhost nginx]# setsebool httpd_can_network_connect=1
# 写入配置文件的命令,重启后保留
[root@localhost nginx]# setsebool -P httpd_can_network_connect 1

访问成功

  实现效果:使用 nginx 反向代理,根据访问的路径跳转到不同端口的服务中 nginx 监听端口为 9001,

访问 http://www.123.com/edu/ 直接跳转到 127.0.0.1:8080

访问 http://www.123.com/vod/ 直接跳转到 127.0.0.1:8081

修改tomcat服务文件

[root@localhost ~]# cd /opt/devtools/apache-tomcat-7.0.103.8080/webapps/
[root@localhost webapps]# ls
docs  examples  host-manager  manager  ROOT
[root@localhost webapps]# cd ROOT/
[root@localhost ROOT]# ls
asf-logo-wide.svg  bg-button.png  bg-middle.png  bg-nav.png  bg-upper.png  favicon.ico  index.jsp  RELEASE-NOTES.txt  tomcat.css  tomcat.gif  tomcat.png  tomcat-power.gif  tomcat.svg  WEB-INF
[root@localhost ROOT]# vi index.jsp


<div id="asf-box">
                <h1>${pageContext.servletContext.serverInfo}:8080</h1>
            </div>

相同方式修改8081

<div id="asf-box">
    <h1>${pageContext.servletContext.serverInfo}:8081</h1>
</div>
  • 重启tomcat

修改nginx配置文件

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }

        location /edu/ {
            proxy_pass http://127.0.0.1:8080;
        }

        location /vod/ {
            proxy_pass http://127.0.0.1:8081;
        }
  • 重启nginx

[root@localhost nginx]# tail -500f error.log
2020/04/05 04:08:34 [error] 62039#0: *78 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", host: "www.123.com", referrer: "http://www.123.com/edu/"

原因,如果代理服务器地址中是带有URI的,此URI会替换掉 location 所匹配的URI部分。

而如果代理服务器地址中是不带有URI的,则会用完整的请求URL来转发到代理服务器。

http://www.123.com/edu/请求转发到http://127.0.0.1:8080/edu/,服务器中不存在这路径,遂查找nginx指向的,依然没有找到,抛出异常。

注意:location 正则匹配,proxy_pass 不允许使用URI。

优化修改nginx配置

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }

        location /edu/ {
            proxy_pass http://127.0.0.1:8080/;
        }

        location /vod/ {
            proxy_pass http://127.0.0.1:8081/;
        }
  • 重启nginx

负载均衡

  负载均衡即是将负载分摊到不同的服务单元,既保证服务的可用性,又保证响应 足够快,给用户很好的体验。快速增长的访问量和数据流量催生了各式各样的负载均衡产品, 很多专业的负载均衡硬件提供了很好的功能,但却价格不菲,这使得负载均衡软件大受欢迎, nginx 就是其中的一个,在 linux 下有 Nginx、LVS、Haproxy 等等服务可以提供负载均衡服 务,而且 Nginx 提供了几种分配方式(策略): 轮询、权重、ip_hash、fair。

每个请求按时间顺序逐一分配到不同的后端服务器,如果后端服务器 down 掉,能自动剔除。

实现效果

访问www.123.com,负载到8080和8081两台tomcat中去。

修改Nginx配置

http {
    # http块中配置
    upstream myserver {
      server 127.0.0.1:8080;
      server 127.0.0.1:8081;
    }

    server {
        # server块中配置
        location / {
            proxy_pass http://myserver;
        }
    }
}

效果

weight 代表权,重默认为 1,权重越高被分配的客户端越多,指定轮询几率,weight 和访问率成正比,用于后端服务器性能不均的情况。

配置

upstream myserver {
    server 127.0.0.1:8080 weight=1;
    server 127.0.0.1:8081 weight=10;
}

效果

每个请求按访问 ip 的 hash 结果分配,这样每个访客固定访问一个后端服务器,可以解决 session 的问题。

配置

upstream myserver {
    ip_hash;
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
}

按后端服务器的响应时间来分配请求,响应时间短的优先分配。

配置

upstream myserver {
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
    fair;
}

手机扫一扫

移动阅读更方便

阿里云服务器
腾讯云服务器
七牛云服务器

你可能感兴趣的文章

Linux下日志管理工具Logrotate
k8s实战案例之基于StatefulSet控制器运行MySQL一主多从
Kubernetes hostPort 使用

4

k8s实战案例之部署Nginx+Tomcat+NFS实现动静分离

5

搬运 nginx代理https

6

Ansible自动化运维应用实战

7

5.15、tomcat下部署JPress

8

Linux nginx 负载的几种方式

9

【转】Nginx location写法

10

【学相伴】Nginx最新教程通俗易懂-狂神说