考虑安全性,外网的端口只开通一个如:8002,两台业务系统的端口分别为7001、8001,由此采用Nginx做代理分发,以下简单记录一下:
1、安装Nginx
2、修改nginx.conf配置文件,改成如下:
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 20480;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
client_max_body_size 50M;
server_tokens off;
include /etc/nginx/conf.d/*.conf;
upstream jjrep {
ip_hash;
server localhost:8001 max_fails=2 fail_timeout=60s;
}
upstream jjapp {
ip_hash;
server localhost:7001 max_fails=2 fail_timeout=60s;
}
upstream jjcms {
ip_hash;
server localhost:8080 max_fails=2 fail_timeout=60s;
}
}
3、为了方便维护,在conf.d文件夹下新创建了一个配置文件,此文件只要负责Nginx端口号和分发的上下文,文件如下:
server {
listen 8002;
server_name 120.35.30.194;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location /fundconsole
{
proxy_next_upstream http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
proxy_pass http://jjapp/fundconsole;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
}
location /repconsole
{
proxy_next_upstream http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
proxy_pass http://jjrep/repconsole;
#proxy_cookie_path /console/ /repconsole;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
}
location /hqreport
{
proxy_next_upstream http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
proxy_pass http://jjrep/hqreport;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
}
location /fundfj
{
proxy_next_upstream http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
proxy_pass http://jjapp/fundfj;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
}
location /fundcms
{
proxy_next_upstream http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
proxy_pass http://jjapp/jeecms;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
}
}
4、配置完毕,重启即可。