OpenResty advantage
First, we chose to use OpenResty, which is the core of Nginx plus many third-party modules, the biggest bright spot is the default Lua integrated development environment, make Nginx as a Web Server to use.
Nginx by means of event-driven model and non-blocking IO, can achieve high-performance Web applications.
And OpenResty provides a number of components such as Mysql, Redis, Memcached, and so on, so that developers on Nginx Web applications more convenient and simple. Currently in Jingdong, such as real-time price spike, dynamic service, single product page, list page so using Nginx + Lua architecture, other companies such as Taobao, where the network and so on.
four. Introduction of Nginx and lua
1. Nginx:
Advantages (1) Nginx of
-
Lightweight same starting apache web service than take up less memory and resources
-
Concurrent Anti nginx apache processing request is asynchronous and non-blocking high concurrent obstructive nginx maintained under high performance low resource consumption
-
Highly modular design is relatively simple to write a module
-
Community activists produced a variety of high-performance modules quickly ah
(2) Nginx Why high performance, take up less memory
As we all know, high performance nginx, and nginx its high-performance architecture are inseparable. Here, we describe a simple rough nginx architecture.
-
First, nginx uses a lot of process model, what good is it? First, for each worker process, a separate process, no lock, so eliminating the need for overhead locks brought the same time look at the programming and the problems will be a lot easier. Secondly, the use of a separate process, can make do not affect each other, after a process exits, another process was still working, the service will not be interrupted, master the process quickly start a new worker process. Of course, the abnormal exit worker process is certainly a bug in the program, quit unexpectedly, all requests will lead to failure of the current worker, but does not affect all requests, so reducing risk.
-
Nginx is asynchronous non-blocking way to deal with the request, asynchronous non-blocking what is it? In fact the situation is that when a thread io like call waiting occurs, instead of blocking here, but to deal with other things, such as io ready, then go execute, I do not specifically described here and everyone a.
2. Contact:
(1) Lua is a small scripting language. The author is Brazilian. The language is designed for embedded applications, providing flexible expansion and customization capabilities for applications
(2) Lua features:
-
Lua scripts can easily be called C / C ++ code can turn call the function C / C ++, which makes Lua in your application can be widely used. Not only as an extension script can be used as a normal configuration file, instead of XML, Ini file format, and easier to understand and maintain.
-
Written by Lua from standard C code is simple and beautiful, almost all can be compiled on all operating systems and platforms, run. A complete Lua interpreter but 200k, all in the current script engine, Lua is the fastest speed. All this determines the Lua script is embedded as the best choice.
Fives. OpenResty installation
Above my door to OpenResty a brief introduction to explain the principles of operation, as well as Nginx, Lua advantage of the introduction, in order to better enable you understand. Let everyone know the benefits of using this, then I briefly introduce OpenResty installation and set up an example of a simple current limit, which is to let everyone know, in addition to the benefits of the above said, it is in the end what can be done.
OpenResty installation:
(1) about the need to install plug-ins required
|
1
|
yum
install
readline-devel pcre-devel openssl-devel
|
(2) Download and extract ngx_openresty-1.7.7.2.tar.gz
|
1
|
wget http:
//openresty
.org
/download/ngx_openresty-1
.7.7.2.
tar
.gz
|
(3) Installation LuaJIT
|
1
2
3
|
cd
bundle
/LuaJIT-2
.1-20150120/
make
clean &&
make
&&
make
install
ln
-sf luajit-2.1.0-alpha
/usr/local/bin/luajit
|
(4) Download ngx_cache_purge module, which is used to clean cache nginx
|
1
|
wget https:
//github
.com
/FRiCKLE/ngx_cache_purge/archive/2
.3.
tar
.gz
|
(5) nginx_upstream_check_module download module, which is used to check the health ustream
|
1
|
wget https:
//github
.com
/yaoweibin/nginx_upstream_check_module/archive/v0
.3.0.
tar
.gz
|
(6) mounted ngx_openresty
|
1
2
3
4
5
6
7
8
9
|
cd
/usr/servers/ngx_openresty-1
.7.7.2
.
/configure
--prefix=
/usr/servers
--with-http_realip_module
--with-pcre
--with-luajit
--add-module=.
/bundle/ngx_cache_purge-2
.3/
--add-module=.
/bundle/nginx_upstream_check_module-0
.3.0/ -j2
make
&&
make
install
|
(7) to under / usr / servers directory, you will find the following extra directory, the installation is successful
(8) Start nginx: / usr / servers / nginx / sbin / nginx (in fact, we can better system configuration environment variable, configuration data directly after a good command of the nginx)
six. Anti brush (white list) of the structures simple example
1. First, we can create our own simple lua files in / usr / servers / nginx / conf / directory, called example.lua better.
Enter the following command, we can create a example.conf file, or we can cp nginx.conf example.conf or mkdir example.conf
2. Next we need to edit nginx.conf this startup configuration files
ok, we enter into the editing interface, then we need to be introduced to our example.conf file in, add the following command nginx.conf's body at http: include example.conf
Nginx.conf specific contents are as follows:
Where you can see a red box is the introduction of introducing its own project documents and lua modules.
3. Next, we can write our logic is implemented in example.conf file
4. We can see that, in a plurality of location server example.conf the inside, and the embedded location content_by_lua_file /usr/example/lua/redis_black_limit.lua, this can be seen embedded in the content lua script stage, It was the response content, where we go in and see the corresponding code is how to deal with:
This is an anti-brush demo, which we can see, I am more ip, redis value from the inside, then by matching ip request to do anti-brush functions, in addition, there is a statement we noticed that require, which is equivalent to our class loader, class.forname, so do come in loads of lua module.
5. 除此之外,还简单的做了一个设置黑名单和取消黑名单的功能,用来充当我们以后的管理中心,具体逻辑写在set_black.lua和cancel.lua中,然后在lua.conf中配置好url,具体如下图所示:
在lua.conf中server体里加入一下代码:
接下来我们需要写set_black.lua和cancel.lua文件,文件内容如下:
|
1
2
3
4
5
6
7
8
9
10
11
12
|
v
set_black.lua:
local
redis =require
"resty.redis"
local
cache =redis.new()
cache:set_timeout(6000)
local
ok,err=cache.connect(cache,
'192.168.150.61'
,6379)
if
not ok
then
ngx.say(
"failed to connect:"
,err)
return
end
local
ip = ngx.var.remote_addr
cache:
set
(
"user:"
..ip..
":block"
,1)
ngx.say(
"user:"
..ip..
":block"
..
"设置黑名单成功"
)
|
|
1
2
3
4
5
6
7
8
9
10
11
12
|
v
cancel_black.lua:
local
redis =require
"resty.redis"
local
cache =redis.new()
cache:set_timeout(6000)
local
ok,err=cache.connect(cache,
'192.168.150.61'
,6379)
if
not ok
then
ngx.say(
"failed to connect:"
,err)
return
end
local
ip = ngx.var.remote_addr
cache:expire(
"user:"
..ip..
":block"
,0)
ngx.say(
"user:"
..ip..
":block"
..
"移除黑名单"
)
|
7. 效果
做好了以上配置,我们可以开始先设置好黑名单,然后访问请求,返回的结果是被黑名单了,然后再取消黑名单,再访问请求,显示访问成功。
其他例子:https://www.cnblogs.com/digdeep/p/4859575.html
