反向代理
nginx反向代理的指令不需要新增额外的模块,默认自带proxy_pass指令,只需要修改配置文件就可以实现反向代理。
proxy_pass 既可以是ip地址,也可以是域名,同时还可以指定端口
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://192.168.11.161:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;//暂时不配置,后面回演示
}
}
Nginx反向代理实战
\1. 启动tomcat服务器
\2. nginx配置的统一维护,将Nginx.conf文件的内容修改成如下配置
#user nobody;
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
include extra/*.conf;
}
\3. 在extra文件夹中添加proxy_demo.conf
server { listen 80; server_name localhost; location /{ proxy_pass http://192.168.25.128:8080; } }
\4. ./nginx -s reload 重新加载
访问:http://192.168.20.130 会自动跳转到http://192.168.25.128:8080 tomcat的访问地址上,即tomcat的主页。。。然后我们可以在页面编辑加入标签
<h2><%=request.getRemoteAddr()%></h2>刷新页面拿到了代理的服务器地址
如果想拿到客户端的地址则需要配置
server {
listen 80;
server_name localhost;
location /{
proxy_pass http://192.168.25.128:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;获取所有ip,包含多级代理情况下都可以获取到
}
}
页面添加
<h2><%=request.getHeader("X-Real-IP")%></h2>
重新加载,刷新页面,可以看到客户端的ip
负载均衡
硬件负载(F5、Array)软件负载(nginx、lvs、HAProxy)
网络负载均衡的大致原理是利用一定的分配策略将网络负载平衡地分摊到网络集群的各个操作单元上,使得单个重
负载任务能够分担到多个单元上并行处理,使得大量并发访问或数据流量分担到多个单元上分别处理,从而减少用户的等待响应时间
upstream
是Nginx的HTTP Upstream模块,这个模块通过一个简单的调度算法来实现客户端IP到后端服务器的负载均衡
1. Upstream
语法: server address [paramters]
2. 负载均衡策略或者算法
轮询算法(默认), 如果后端服务器宕机以后,会自动踢出
ip_hash 根据请求的ip地址进行hash
权重轮询
upstream tomcat { server 192.168.11.161:8080 max_fails=2 fail_timeout=60s; server 192.168.11.159:8080; } server { listen 80; server_name localhost; location / { proxy_pass http://tomcat; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_next_upstream error timeout http_500 http_503; proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE'; add_header 'Aceess-Control-Allow-Header' 'Content-Type,*'; } location ~ .*\.(js|css|png|svg|ico|jpg)$ { valid_referers none blocked 192.168.11.160 www.gupaoedu.com; if ($invalid_referer) { return 404; } root static-resource; expires 1d; } }