Linux cloud computing architecture-using nginx for reverse proxy, load balancing, and dynamic separation

Linux cloud computing architecture-using nginx for reverse proxy, load balancing, and dynamic separation

nginx download address:http://nginx.org/en/download.html

tomcat download address:https://tomcat.apache.org/download-90.cgi

Experimental version :nginx1.19.2 tomcat9.0.37

1. Download and start tomcat

[root@master ~]# cd /usr/local/
[root@master local]# rz

[root@master local]# ll apache-tomcat-9.0.37.tar.gz
-rw-r--r-- 1 root root 11211292 8月  27 20:35 apache-tomcat-9.0.37.tar.gz
[root@master local]# tar xzf apache-tomcat-9.0.37.tar.gz
# 对解压包重命名，是因为在生产环境中可能需要多个tomcat进行负载均衡。
[root@master local]# mv apache-tomcat-9.0.37 tomcat0
[root@master local]# cd tomcat0/
[root@master tomcat0]# ll
总用量 124
drwxr-x--- 2 root root  4096 8月  27 20:40 bin
-rw-r----- 1 root root 18982 7月   1 04:14 BUILDING.txt
drwx------ 2 root root   238 7月   1 04:14 conf
-rw-r----- 1 root root  5409 7月   1 04:14 CONTRIBUTING.md
drwxr-x--- 2 root root  4096 8月  27 20:40 lib
-rw-r----- 1 root root 57092 7月   1 04:14 LICENSE
drwxr-x--- 2 root root     6 7月   1 04:09 logs
-rw-r----- 1 root root  2333 7月   1 04:14 NOTICE
-rw-r----- 1 root root  3255 7月   1 04:14 README.md
-rw-r----- 1 root root  6898 7月   1 04:14 RELEASE-NOTES
-rw-r----- 1 root root 16262 7月   1 04:14 RUNNING.txt
drwxr-x--- 2 root root    30 8月  27 20:40 temp
drwxr-x--- 7 root root    81 7月   1 04:12 webapps
drwxr-x--- 2 root root     6 7月   1 04:09 work
# 启动tomcat，默认端口号是8080
[root@master tomcat0]# ./bin/startup.sh 
Using CATALINA_BASE:   /usr/local/tomcat0
Using CATALINA_HOME:   /usr/local/tomcat0
Using CATALINA_TMPDIR: /usr/local/tomcat0/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /usr/local/tomcat0/bin/bootstrap.jar:/usr/local/tomcat0/bin/tomcat-juli.jar
Tomcat started.
[root@master tomcat0]# ps aux | grep 8080
root      10840  0.0  0.0 112724   988 pts/0    S+   20:46   0:00 grep --color=auto 8080
[root@master tomcat0]# firewall-cmd --permanent --zone=public --add-port=8080/tcp
success
[root@master tomcat0]# firewall-cmd --reload
success

2. Nginx reverse proxy

Forward proxy : the connection bridge between the user and the server [the bridge made by the user]
Reverse proxy : the connection bridge between the user and the server [the bridge made by the server]
Example:

User A wants to access Weibo and cannot directly access Weibo, so user A finds user B and visits Weibo through user B. This is called a forward proxy.
User A wants to access Weibo, and cannot directly access Weibo. He can only directly access Baidu. Weibo puts its resources on Baidu. When the user accesses Weibo resources, Baidu responds. This is called a reverse proxy.

The Nginx reverse proxy, which means the user access nginx, and nginx put resources into the tomcat, when the user requests a resource for nginx, tomcat will respond to the user, and returns the corresponding resources.
Nginx is a web server with fast speed, but it cannot run independently as a servlet container. So the usual way of working is Nginx and Tomcat to work together. This is why Tomcat is provided separately to facilitate work with Nginx.

Direct access 192.168.8.184, that is, access to port 80 of the nginx service.

Access 192.168.8.184:8080is the port number 8080 for accessing tomcat service.

Reverse proxy : access the 192.168.8.184above resources, and nginx stores the requested resources on tomcat, so it will access the 192.168.8.184:8080above resources.

# 配置代码
[root@master ~]# vim /usr/local/nginx/conf/nginx.conf
 45         location / {
    
    
 46             root   html;
 47             proxy_pass http://192.168.8.184:8080/;   # proxy_pass反向代理
 48             index  index.html index.htm;
 49         }
[root@master ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@master ~]# nginx -s reload
# 再次访问192.168.8.184，可以看到如下内容，而不再是haha

3. nginx load balancing

There are 5 ways for nginx's upstream load : ①polling
(default) ②distributed
by weight
③ip_hash , the same client accesses the same back-end server.
④fair , the request is allocated according to the response time of the back-end server, and the short response time is allocated first.
⑤url_hash , the same URL request is allocated to the same back-end server. Often used in scenarios where the back-end server is a cache server.

In order to achieve the effect of load balancing, two tomcats are used here to provide services.

# 查看下8081端口号是否被占用，发现没有，那么tomcat可以使用8081端口号。

[root@master webapps]# netstat -antup | grep 8080
tcp6       0      0 :::8080                 :::*                    LISTEN      10736/java          
[root@master webapps]# netstat -antup | grep 8081

# 查看下8086端口号是否被占用，发现没有，那么tomcat可以使用8086端口号作为关闭服务的端口。
[root@master webapps]# netstat -antup | grep 8086

# 部署tomcat1
[root@master ~]# cd /usr/local/
[root@master local]# ll apache-tomcat-9.0.37.tar.gz 
-rw-r--r-- 1 root root 11211292 8月  27 20:35 apache-tomcat-9.0.37.tar.gz
[root@master local]# tar xzf apache-tomcat-9.0.37.tar.gz
[root@master local]# mv apache-tomcat-9.0.37 tomcat1 
[root@master local]# vim ./tomcat1/conf/server.xml
 22 <Server port="8006" shutdown="SHUTDOWN">         # 停止tomcat服务端口号，默认8005

 69     <Connector port="8081" protocol="HTTP/1.1"   # 访问http端口号，默认8080
 70                connectionTimeout="20000"
 71                redirectPort="8443" />
 
 
[root@master ~]# /usr/local/tomcat1/bin/startup.sh 
Using CATALINA_BASE:   /usr/local/tomcat1
Using CATALINA_HOME:   /usr/local/tomcat1
Using CATALINA_TMPDIR: /usr/local/tomcat1/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /usr/local/tomcat1/bin/bootstrap.jar:/usr/local/tomcat1/bin/tomcat-juli.jar
Tomcat started.
[root@master local]# firewall-cmd --permanent --zone=public --add-port=8081/tcp
success
[root@master local]# firewall-cmd --reload 
success

# 可以看到8080和8081都已经开启了。
[root@master local]# netstat -antup | grep 8080
tcp6       0      0 :::8080                 :::*                    LISTEN      10736/java          
[root@master ~]# netstat -antup | grep 8081
tcp6       0      0 :::8081                 :::*                    LISTEN      12533/java     

Visit http://192.168.8.184:8081/, the results are as follows:

# 部署nginx负载均衡
[root@master ~]# vim /usr/local/nginx/conf/nginx.conf
 35     upstream tomcat_local{
    
         # upstream负载均衡器
 36         server 192.168.8.184:8080 weight=1;
 37         server 192.168.8.184:8081 weight=2;
 38     }
 39 
 40     server {
    
    
 41         listen       80;
 42         server_name  localhost;
 43 
 44         #charset koi8-r;
 45 
 46         #access_log  logs/host.access.log  main;
 47 
 48         location / {
    
    
 49             root   html;
 50             proxy_pass http://tomcat_local;
 51             index  index.html index.htm index.jsp;
 52             proxy_set_header Host $host:$server_port;
 53             proxy_set_header X-Real-IP $remote_addr;
 54             proxy_set_header REMOTE-HOST $remote_addr;
 55             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 56         }

[root@master ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@master ~]# nginx -s reload

# 我这里换了个局域网，IP地址换了，不影响测试。

It can be seen from the access log generated by visiting a page that the log of tomcat1 is redundant with tomcat0, which means that nginx has handed over more requests to tomcat1 for processing, and tomcat0 is relatively small, and the ratio is the ratio of weight.

4. Nginx dynamic and static separation

Static resource : When the user accesses this resource many times, the source code of the resource will basically not change. [Pictures, css, js]
Dynamic resources : When users access this resource multiple times, the source code of the resource may change. [Jsp]
Separation of dynamic and static : static resources are directly processed by nginx, and dynamic resources that nginx cannot handle are reversed to tomcat for processing, so as to achieve the effect of dynamic and static separation.

① To modify the main configuration file of the nginx service, restart the nginx service. The static resources are handled by nginx, and tomcat only handles dynamic resources.

# 动静分离配置	
		location / {
    
    
          #   root   html;
            proxy_pass http://192.168.137.7:8080;   # 把请求的所有资源都反代到tomcat上
          #   index  index.html index.htm index.jsp;
          #  proxy_set_header Host $host:$server_port;
          #  proxy_set_header X-Real-IP $remote_addr;
          #  proxy_set_header REMOTE-HOST $remote_addr;
          #  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location ~ .*\.(css|js|png) {
    
                   # 如果是该类型的资源，直接在nginx上处理
           root /usr/local/tomcat0/webapps/ROOT/;    # 静态资源nginx直接处理，其余的反代到tomcat上处理。要声明nginx直接处理的静态资源存放目录，并授予755权限。
        }
        
        
# 动静分离思想：
①由于请求是先经过nginx的，静态资源在经过nginx的时候就会被直接处理，不会反向代理到tomcat上，而动态资源nginx不处理，会被反向代理到tomcat上进行处理。【如上述配置，这种方法适合做负载均衡】
②由于请求是先经过nginx的，可以判断该资源是否是动态资源，是的话反向代理到tomcat上处理。【如下配置，这种方法不适合做负载均衡】
        location / {
    
    
            root /usr/local/tomcat0/webapps/ROOT/;   # 请求资源目录
            index index.html index.htm index.jsp;    # 允许请求的资源类型
        }
        location ~ .*\.(jsp|css)$ {
    
                      # 筛选出jsp和css类型
            proxy_pass http://192.168.137.7:8080;    # 把这些类型反代到tomcat上处理
           # proxy_set_header Host $host:$server_port;
           # proxy_set_header X-Real-IP $remote_addr;
           # proxy_set_header REMOTE-HOST $remote_addr;
           # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

②Enter the URL http://192.168.137.7/and check the access status of tomcat, you can see that tomcat provides dynamic resources.

Nginx service is superior to tomcat in the throughput of processing static files, so nginx directly processes static resources, while dynamic resources that nginx cannot handle are directly processed by tomcat, so as to achieve the effect of dynamic and static separation.

5. Nginx dynamic and static separation, load balancing, and reverse proxy combination

• If Nginx dynamic and static separation is used, all static resources in the request will be processed by nginx, and tomcat will no longer process static resources.
• If Nginx load balancing is used, all requested resources are assigned to the corresponding tomcat processing by weight.
• If Nginx dynamic and static separation and load balancing are used at the same time, the static resources are processed by nginx, and the dynamic resources are allocated to tomcat according to the weight.

    upstream tomcat_local {
    
    
     server 192.168.8.186:8080 weight=1;
     server 192.168.8.186:8081 weight=2;
   }

    server {
    
    
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        location / {
    
                           # 资源都反向代理到tomcat上分发处理
            root html;
            proxy_pass http://tomcat_local;
            proxy_set_header Host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
        location ~ .*\.(css|js|png) {
    
           # 静态资源单独获取
            root /usr/local/tomcat0/webapps/ROOT/;
        }
# 在生产环境中，要做到真正的动静分离，要把动态资源和静态资源分开存放。静态资源一般存放在nginx的网站数据目录下。