Nginx 四层负载均衡
Nginx里有一个stream模块,用来实现四层协议的转发、 代理、负载均衡等。stream模块的用法跟http的用法类似,允许我们配 置一组TCP或者UDP等协议的监听,然后通过proxy_pass来转发我们的 请求,通过upstream添加多个后端服务,实现负载均衡。
四层协议负载均衡的实现,一般都会用到LVS、HAProxy、F5等,要么 很贵要么配置很麻烦,而Nginx的配置相对来说更简单,更能快速完成 工作。
四层和七层区别
- 七层是基于HTTP协议
- 四层是基于TCP/IP协议
四层的使用场景
- 网站的负载均衡代理
- SSH代理端口
- MySQL服务
- ......
添加stream
configure 命令
./configure --with-stream --without-http_rewrite_module
make 命令
sudo make
make install 命令
sudo make install
stream指令
该指令和http的upstream指令是类似的
语法 |
stream { ... } |
默认值 |
— |
位置 |
main |
四层负载均衡实战
nginx.conf配置
stream {
upstream redis {
server 127.0.0.1:6379;
server 127.0.0.1:6378;
}
upstream tomcat {
server 127.0.0.1:8080;
}
upstream mysql{
server 127.0.0.1:3306;
}
server {
listen 81;
proxy_pass redis;
}
server {
listen 82;
proxy_pass tomcat;
}
server {
listen 83;
proxy_pass mysql;
}
}
redis 访问测试
yangyanping@ZBMac-WP2HJYDWY src % ./redis-cli -h 127.0.0.1 -p 81
127.0.0.1:81> set name yyp
OK
127.0.0.1:81> get name
"yyp"
127.0.0.1:81>
tomact访问测试
mysql 访问测试
yangyanping@ZBMac-WP2HJYDWY bin % ./mysql -uroot -pyangyanping -h127.0.0.1 -p83
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
yangyanping@ZBMac-WP2HJYDWY bin % ./mysql -uroot -pyangyanping -h127.0.0.1 -P83
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 8.0.29 MySQL Community Server - GPL
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Nginx的web缓存服务
Nginx是基于Proxy Store来实现 的,其原理是把URL及相关组合当做Key,在使用MD5算法对Key进行哈 希,得到硬盘上对应的哈希目录路径,从而将缓存内容保存在该目录 中。它可以支持任意URL连接,同时也支持404/301/302这样的非200状 态码。Nginx即可以支持对指定URL或者状态码设置过期时间,也可以使 用purge命令来手动清除指定URL的缓存。
proxy_cache_path 指令
该指定用于设置缓存文件的存放路径
语法 |
proxy_cache_path path [levels=number] keys_zone=zone_name:zone_size [inactive=time] [max_size=size]; |
默认 值 |
— |
位置 |
http |
path:缓存路径地址,如:
proxy_cache_path /usr/local/proxy_cache levels=2:1 keys_zone=yyp:100m inactive=1d max_size=10g;
proxy_cache 指令
该指令用来开启或关闭代理缓存,如果是开启则自定使用哪个缓存区来 进行缓存。
语法 |
proxy_cache zone_name|off; |
默认值 |
proxy_cache off; |
位置 |
http、server、location |
zone_name:指定使用缓存区的名称。配置参考:
proxy_cache yyp;
proxy_cache_key
该指令用来设置web缓存的key值,Nginx会根据key值MD5哈希存缓存。
语法 |
proxy_cache_key key; |
默认值 |
proxy_cache_key $scheme$proxy_host$request_uri; |
位置 |
http、server、location |
proxy_cache_valid
该指令用来对不同返回状态码的URL设置不同的缓存时间。
语法 |
proxy_cache_valid [code ...] time; |
默认值 |
— |
位置 |
http、server、location |
配置参考,为200的响应URL设置5天缓存
proxy_cache_valid 200 5d;
proxy_cache_min_uses
该指令用来设置资源被访问多少次后被缓存
语法 |
proxy_cache_min_uses number; |
默认值 |
proxy_cache_min_uses 1; |
位置 |
http、server、location |
缓存实战-nginx 配置
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
proxy_cache_path /usr/local/proxy_cache levels=2:1 keys_zone=yyp:100m inactive=1d max_size=10g;
upstream backend {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name localhost;
location /tomcat {
proxy_cache yyp;
proxy_cache_key yangyanping;
proxy_cache_min_uses 5;
proxy_cache_valid 200 5d;
add_header nginx-cache "$upstream_cache_status";
proxy_pass http://backend/;
}
}
缓存实战-测试
- URL + ...... = Key
- Key + MD5 = 字符串密文
- 缓存目录 /usr/local/proxy_cache
- /usr/local/proxy_cache/88/9
- 判断缓存目录有没有所访问的数据对应的目录。
在浏览器中访问地址:http://127.0.0.1/tomcat/examples/index.html
缓存实战-查看缓存内容
使用命令查看缓存内容 sudo cat proxy_cache/88/9/424fcd3a9c622afbc0aecb18b9eec988
yangyanping@ZBMac-WP2HJYDWY local % sudo cat proxy_cache/88/9/424fcd3a9c622afbc0aecb18b9eec988
Password:
SΒb?&?^?6?b?#?b<W/"1126-1585915595000"
KEY: yangyanping
HTTP/1.1 200
Accept-Ranges: bytes
ETag: W/"1126-1585915595000"
Last-Modified: Fri, 03 Apr 2020 12:06:35 GMT
Content-Type: text/html
Content-Length: 1126
Date: Tue, 24 May 2022 01:37:23 GMT
Connection: close
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!DOCTYPE HTML><html lang="en"><head>
<meta charset="UTF-8">
<title>Apache Tomcat Examples</title>
</head>
<body>
<p>
<h3>Apache Tomcat Examples</H3>
<p></p>
<ul>
<li><a href="servlets">Servlets examples</a></li>
<li><a href="jsp">JSP Examples</a></li>
<li><a href="websocket/index.xhtml">WebSocket Examples</a></li>
</ul>
</body></html>
yangyanping@ZBMac-WP2HJYDWY local %
Nginx缓存的清除
删除对应的缓存目录
rm -rf /usr/local/proxy_cache