/ 中存储网

LVS与Nginx反向代理的配置

2013-10-29 16:36:01 来源:IT技术网
nginx反向代理测试-终结 - jamesbond0479 - 心有泠汐一点通 LVS做前端,由后端的nginx做反向代理,

1.当后面是/搜索的时候由nginx反向到60和27两台apache

2.当后面带/定位的时候由nginx直接转给tomcat解析,中间一间将apahce去掉

由于/搜索的apache中有很多的规则,所以没有全部切换到nginx上

1.安装nginx

不再讲了,只是把参数提供

A.为了不被别人得知我们的nginx版本,可以修改以下代码,把版本号抹掉

vi /map/src/nginx/nginx-1.2.2/src/core/nginx.h

#define NGINX_VER          "MapServer" NGINX_VERSION  ##将原先的版本号替换为MapServer,可以自行替换

B.增加nginx的一个模块,检测后端apache是否存活,并能自动剔除

名称:yaoweibin-nginx_upstream_check_module-v0.1.6-17-gdfee401.zip

C.进入nginx-1.2.2

patch -p1 < /path/to/nginx_http_upstream_check_module/check.patch

If you use nginx-1.2.1+ or nginx-1.3.0+, the nginx upstream round robin

module changed greatly. You should use the patch named

'check_1.2.1+.patch'.

我的是1.2.2.所以变成

patch -p1 < /path/to/nginx_http_upstream_check_module/check_1.2.1+.patch

nginx编译参数

 --prefix=/map/app/nginx-1.2.2  --with-http_stub_status_module --add-module=/map/src/nginx/nginx_upstream_check_module

make && make install

2.配置文件修改

主配置文件

nginx.conf

内容:

user  nobody nobody;

worker_processes  4;

error_log  logs/error.log;

pid        logs/nginx.pid;

worker_rlimit_nofile 51200;

events {

use epoll;

worker_connections  51200;

}

http {

include       mime.types;

default_type  application/octet-stream;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

'"$status" $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

log_format  vhost  '$remote_addr - $remote_user [$time_local] "$request" '

'"$status" $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for" $host';

log_format test '$remote_addr - $remote_user [$time_local] "$request" '

'"$status" $body_bytes_sent "$http_referer" '

'"$http_user_agent" $http_x_forwarded_for "$request_time"';

server_names_hash_bucket_size 128;

client_header_buffer_size 32k;

large_client_header_buffers 4 32k;

sendfile        on;

tcp_nopush     on;

keepalive_timeout  60;

tcp_nodelay on;

client_max_body_size 20m;

###

proxy_ignore_client_abort  on;  ###不允许客户端主动关闭连接,如果该项为设置在nginx的日志中可能出现499 错误

##之前未开启之前,偶尔能发现errorlog里会出现499,

##499对应的是 “client has closed connection”

#    proxy_connect_timeout 5;

#    proxy_read_timeout 60;

#    proxy_send_timeout 10;

gzip on;

gzip_min_length  1k;

gzip_buffers     4 16k;

gzip_http_version 1.0;

gzip_comp_level 9;

gzip_types       text/plain application/x-javascript text/css text/x-component application/xml text/javascript appli

cation/javascript;

gzip_vary on;

include vhosts.conf;  ##放置虚拟主机的配置文件

include upstream.conf; ###放置upstream的配置文件

}

vhosts.conf

server {

listen      10.0.1.10:80;

server_name test.123.com;

access_log /map/logs/nginx/test/access.log test;

location /do_not_delete/

{

root /map/data/www/test/; ##为了保证lvs检测nginx下的一个文件,而不是跑到了后端去,如apache或tomcat

}

location /posi/

{

proxy_next_upstream http_502 http_504 error timeout invalid_header;

proxy_pass http://posi_tomcat;

proxy_set_header        Host            $host;

proxy_set_header        X-Real-IP       $remote_addr;

proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_redirect          off;

}

location /

{

proxy_next_upstream http_502 http_504 error timeout invalid_header;

proxy_pass http://others_apache;

proxy_set_header        Host            $host;

proxy_set_header        X-Real-IP       $remote_addr;

proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_redirect          off;

location  /nstatus {

check_status;

access_log on;

allow 192.168.56.9;

deny all;

}

}

upstream.conf

upstream posi_tomcat {

##balancer posi tomcat ####

###10.0.1.57 ####

server 10.0.1.57:8021 weight=1 max_fails=2 fail_timeout=30s;

server 10.0.1.57:8022 weight=1 max_fails=2 fail_timeout=30s;

check interval=1000 rise=2 fall=3 timeout=1000 type=http;

check_http_send "GET /do_not_delete/testnginx.html HTTP/1.1rnHOST:rnrn";

#check_http_send "GET /do_not_delete/testnginx.html HTTP/1.0rnrn";

 这行就是利用nginx新增加的模块,来检测后端apache是否存活,并自动剔除

测试的时候发现,由于tomcat配置文件中声明了HTTP/1.1,所以我开始检测一直用HTTP/1.0,但是发现日志中会有超时,后来用nagios测试发现没有超时,后来才发现是1.0的事情

check_http_expect_alive http_2xx http_3xx;

  }

upstream others_apache{

##balancer others apache ###

server 10.0.1.27:81 weight=1 max_fails=2 fail_timeout=30s;

server 10.0.1.60:81 weight=1 max_fails=2 fail_timeout=30s;

check interval=1000 rise=2 fall=3 timeout=1000 type=http;

check_http_send "GET /do_not_delete/testnginx.html HTTP/1.1rnHOST:rnrn";

check_http_expect_alive http_2xx http_3xx;

  }

如何用telnet测试后端

telnet 10.0.1.27 81

Trying 10.0.1.27...

Connected to localhost (10.0.1.27).

Escape character is '^]'.

GET /do_not_delete/testnginx.html HTTP/1.1 在这个地方回车

host: ##在这个地方回车

HTTP/1.1 200 OK

Date: Fri, 27 Jul 2012 05:38:40 GMT

Server: Apache/2.2.11 (Unix)

Last-Modified: Mon, 16 Jul 2012 07:01:58 GMT

ETag: "1c28006-0-4c4ed017b6580"

Accept-Ranges: bytes

Content-Length: 0

Vary: Accept-Encoding

Content-Type: text/html

检测OK,

3.增加nginx启动脚本,还有自动按照天切割日志,其实上篇文件已经写了,不过这篇补齐吧

#!/bin/sh

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

DESC="nginx daemon"

NAME=nginx

DAEMON=/map/app/nginx/sbin/$NAME

CONFIGFILE=/map/app/nginx/conf/nginx.conf

PIDFILE=/map/app/nginx/logs/$NAME.pid

SERVICENAME=/etc/init.d/nginxd-map

cronolog=/map/app/tools/cronolog-1.7.0/sbin/cronolog

ErrorLog=/mapapp/nginx/logs/error.log

AccessLog=/maplogs/nginx/wireless/access.log

d_mkfifo(){

[ ! -p $ErrorLog ] || [ ! -p $AccessLog ]  &&  /bin/rm $ErrorLog $AccessLog  && mkfifo $ErrorLog $AccessLog

}

#检测是否是pipe文件

cronolog_start()

{

nohup cat /map/app/nginx/logs/error.log | $cronolog  /map/logs/nginx/wireless/error/%Y/%m/%d.log & ##错误日志按照天

nohup cat /map/logs/nginx/wireless/access.log | $cronolog  /map/logs/nginx/wireless/%Y/%m/%d/%H.log & ##访问日志按照小时

}

##由cronolog来按照天或者小时等切割日志

cronolog_kill()

{

ps -ef|grep wire|grep -v grep |awk '{print $2}'|xargs kill -9

}

# Gracefully exit if the package has been removed.

test -x $DAEMON || exit 0

d_start() {

d_mkfifo

cronolog_start

  $DAEMON -c $CONFIGFILE || echo -n " already running"

}

d_stop() {

#  kill -QUIT `cat $PIDFILE` || echo -n " not running"

cronolog_kill

killall nginx || echo -n " not running"

}

d_reload() {

  kill -HUP `cat $PIDFILE` || echo -n " can't reload"

}

case "$1" in

  start)

echo -n "Starting $DESC: $NAME"

d_start

echo "."

;;

  stop)

echo -n "Stopping $DESC: $NAME"

d_stop

echo "."

;;

  reload)

echo -n "Reloading $DESC configuration..."

d_reload

echo "reloaded."

;;

  status)

pgrep -x $NAME > /dev/null && echo $NAME (pid `pgrep $NAME`) is running...  || echo "$NAME is stoped."

;;

  test|-t)

$DAEMON -t

;;

  restart)

echo -n "Restarting $DESC: $NAME"

d_stop

sleep 2

d_start

echo "...done!"

;;

  *)

echo "Usage: $SERVICENAME {start|stop|restart|reload|status|check}"

exit 3

;;

esac

exit 0