一、nginx的反向代理
新建一台虚拟机——static-server(静态服务器/前端服务器)
wget https://nginx.org/download/nginx-1.26.1.tar.gz #安装nginx包
ls
安装依赖软件
yum -y install gcc gcc-c++
yum -y install pcre-devel
yum -y install openssl-devel
yum -y install lrzsz
yum -y install tree
tar -zxvf nginx-1.26.1.tar.gz #解压nginx安装包
ls
cd nginx-1.26.1
ls
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-stream #源码编译
make
make install
useradd -s /bin/nologin -M nginx
不要使用systemctl启动或者脚本启动
/usr/local/nginx/sbin/nginx #启动nginx
配置属性监控
vim /usr/local/nginx/conf/nginx.conf #配置文件
location /status{
stub_status on;
access_log off;
}
/usr/local/nginx/sbin/nginx -s reload #重启nginx
将static-server做为前端服务器,用于接受和响应客户端,代理另外一台主机
echo "this is java static server" > /usr/local/nginx/html/index.html
/usr/local/nginx/sbin/nginx
curl localhost
this is java static server
ps -aux|grep nginx
root 1197 0.0 0.1 46128 1156 ? Ss 10:15 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx 1198 0.0 0.2 46580 2140 ? S 10:15 0:00 nginx: worker process
root 1202 0.0 0.0 112824 984 pts/0 S+ 10:16 0:00 grep --color=auto nginx
curl 192.168.1.12
this is java web server
使用static-server代理dunamic-server主机;当用户访问11的时候,11不响应,而是由12响应
location proxy_pass 协议 域名 端口
使用static-server反向代理dynamic-server的服务器
vim /usr/local/nginx/conf/nginx.conf #修改配置文件
location / {
# root html; #注释
# index index.html index.htm; #注释
proxy_pass http://192.168.1.12:80;
}
curl 192.168.1.12
this is java web server
curl 192.168.1.11
this is java web server
此时静态服务器static-server为代理服务器,nginx代理其他服务时,不需要对方同意;方便了模块化操作(如果代理一个服务,双方都要同意,之前的依赖太高,不便于模块化操作)
将static-server虚拟机克隆,并且命名为dynamic-server(动态服务器/后端服务器)
修改index.html文件,并且发布web服务
echo "this is java web server" > /usr/local/nginx/html/index.html
/usr/local/nginx/sbin/nginx #启动nginx
使用curl访问当前项目
curl localhost
this is java web server
由于没有部署tomcat服务,所以使用nginx代替
nginx访问IP黑名单
克隆一台主机——allow-deny
wget https://nginx.org/download/nginx-1.26.1.tar.gz
yum -y install gcc gcc-c++
yum -y install openssl-devel
tar -zxvf nginx-1.26.1.tar.gz
cd nginx-1.26.1
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-stream
make && make install
useradd -s /bin/nologin -M nginx
echo "you are luckly" > /usr/local/nginx/html/index.html
设置除12(dynamic-server)主机可以访问,其他主机都不可以访问(在配置文件中的server模块中设置)【allow 允许 deny 禁止】
vim /usr/local/nginx/conf/nginx.conf
charset utf-8;
allow 192.168.1.12;
deny 192.168.1.0/24;
deny all;
/usr/local/nginx/sbin/nginx -s reload
二、nginx负载均衡
主机名 IP地址
static-server 192.168.1.10
dynamic-server001 192.168.1.12
dynamic-server002 192.168.1.13
dynamic-server003 192.168.1.14
1、轮询
依次的将任务部署给不同的主机
dynamic-server001
[root@dynamic-server001 ~]# echo "i am dynamic server 001" > /usr/local/nginx/html/index.html
[root@dynamic-server001 ~]# /usr/local/nginx/sbin/nginx
dynamic-server002
[root@dynamic-server002 ~]# echo "i am dynamic server 002" > /usr/local/nginx/html/index.html
[root@dynamic-server002 ~]# /usr/local/nginx/sbin/nginx
dynamic-server003
[root@dynamic-server003 ~]# echo "i am dynamic server 003" > /usr/local/nginx/html/index.html
[root@dynamic-server003 ~]# /usr/local/nginx/sbin/nginx
static-server
[root@static-server ~]# echo "i am static server" > /usr/local/nginx/html/index.html
[root@static-server ~]# vim /usr/local/nginx/conf/nginx.conf
35 upstream server_group_name{
36 server 192.168.1.12:80;
37 server 192.168.1.13:80;
38 server 192.168.1.14:80;
39 }
49 location / {
50 # root html; #注释掉
51 # index index.html index.htm; #注释掉
52 proxy_pass http://server_group_name;
54 }
[root@static-server ~]# /usr/local/nginx/sbin/nginx -s reload
物理机浏览器输入192.168.1.11,001,002,003的页面会轮流出现
2、加权轮询
可以在server指令中指定权重,权重越高,分配的请求越多。
[root@static-server ~]# vim /usr/local/nginx/conf/nginx.conf
upstream server_group_name{
server 192.168.1.12:80 weight=4;
server 192.168.1.13:80 weight=2;
server 192.168.1.14:80 weight=1;
}
[root@static-server ~]# /usr/local/nginx/sbin/nginx -s reload
数字越大,所负担的任务越重
3、ip_hash
每个请求按访问ip的hash结果分配,使得同一客户端的请求总是定向到同一服务器,除非该服务器不可用。
[root@static-server ~]# vim /usr/local/nginx/conf/nginx.conf
upstream server_group_name{
ip_hash;
server 192.168.1.12:80 weight=4;
server 192.168.1.13:80 weight=2;
server 192.168.1.14:80 weight=1;
}
[root@static-server ~]# /usr/local/nginx/sbin/nginx -s reload
例:第一次访问到001,之后一直就是,不变
4、least_conn(最少连接)
把请求转发给连接数较少的后端服务器。轮询算法是把请求平均地转发给各个后端,使它们的负载大致相同;但是,有些请求占用的时间很长,会导致其所在的后端负载较高。这种情况下,leastconn这种方式就可以达到更好的负载均衡效果。
[root@static-server ~]# vim /usr/local/nginx/conf/nginx.conf
upstream server_group_name{
ip_hash;
#least_conn; #将请求转发给连接数较少的后端服务器
server 192.168.1.12:80 weight=4;
server 192.168.1.13:80 weight=2;
server 192.168.1.14:80 weight=1;
}
[root@static-server ~]# /usr/local/nginx/sbin/nginx -s reload
5、url_hash
按访问url的hash结果来分配请求,使每个url定向到同一个后端服务器,要配合缓存命中来使用。同一个资源多次请求,可能会到达不同的服务器上,导致不必要的多次下载,缓存命中率不高,以及一些资源时间的浪费。而使用ur_hash,可以使得同一个url (也就是同一个资源请求)会到达同一台服务器,一旦缓存住了资源,再次收到请求,就可以从缓存中读取。
[root@static-server ~]# vim /usr/local/nginx/conf/nginx.conf
upstream server_group_name{
ip_hash;
#hash $request_uri;
#least_conn;
server 192.168.1.12:80 weight=4;
server 192.168.1.13:80 weight=2;
server 192.168.1.14:80 weight=1;
}
[root@static-server ~]# /usr/local/nginx/sbin/nginx -s reload
三、平滑升级
例:将nginx-1.26.1升级为nginx-1.27.0
服务开启的时候升级nginx
wget https://nginx.org/download/nginx-1.27.0.tar.gz
tar -zxvf nginx-1.27.0.tar.gz
cd nginx-1.27.0
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-stream
make && make install
ls /usr/local/nginx/sbin/
nginx nginx.old
/usr/local/nginx/sbin/nginx -v
nginx version: nginx/1.27.0
/usr/local/nginx/sbin/nginx.old -v
nginx version: nginx/1.26.1
ps -aux|grep nginx
root 1194 0.0 0.2 46172 2040 ? Ss 15:03 0:00 nginx: master process /usr/local/nginx/sbin/nginx #主进程
nginx 1215 0.0 0.2 46620 2292 ? S 15:45 0:00 nginx: worker process #子进程
root 4216 0.0 0.0 112824 988 pts/0 R+ 16:33 0:00 grep --color=auto nginx
kill -USR2 1194 #启用新版本的nginx服务
kill -WINCH 1215
kill -QUIT 1194
curl -I localhost #查看当前nginx版本
HTTP/1.1 200 OK
Server: nginx/1.27.0
Date: Tue, 30 Jul 2024 08:55:00 GMT
Content-Type: text/html
Content-Length: 24
Connection: keep-alive
Last-Modified: Tue, 30 Jul 2024 07:02:19 GMT
ETag: "66a88ffb-18"
Accept-Ranges: bytes
该过程nginx服务一直能访问到
配置tomcat 10 运行环境 tomcat 可以在jdk8的环境运行;tomcat 10必须在jdk17以上的版本运行
dynamic-server001
wget https://download.oracle.com/java/22/latest/jdk-22_linux-x64_bin.tar.gz
tar -zxvf jdk-22_linux-x64_bin.tar.gz
ls
anaconda-ks.cfg jdk-22_linux-x64_bin.tar.gz nginx-1.26.1.tar.gz jdk-22.0.2 nginx-1.26.1
cd jdk-22.0.2/
ls
bin conf include jmods legal lib LICENSE man README release
cd bin/
ls
jar javap jdeps jlink jrunscript jwebserver jarsigner jcmd jfr jmap jshell keytool java jconsole jhsdb jmod jstack rmiregistry javac jdb jimage jpackage jstat serialver javadoc jdeprscan jinfo jps jstatd
./java
cd
mv jdk-22.0.2/ /usr/local/jdk22
ls /usr/local/jdk22/
bin conf include jmods legal lib LICENSE man README release
cd /usr/local/jdk22/
sed -n '$p' /etc/profile
unset -f pathmunge
sed -i '$aexport JAVA_HOME=/usr/local/jdk22/' /etc/profile
sed -n '$p' /etc/profile
export JAVA_HOME=/usr/local/jdk22/
source /etc/profile
$JAVA_HOME
sed -i '$aPATH=$JAVA_HOME/bin:$PATH' /etc/profile
sed -n '$p' /etc/profile
PATH=$JAVA_HOME/bin:$PATH
source /etc/profile
java
java -version
cd
wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.26/bin/apache-tomcat-10.1.26.tar.gz
585
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
