1
2
|
[root@web1 ~]
# yum install -y httpd
[root@web2 ~]
# yum install -y httpd
|
1
2
|
[root@web1 ~]
# echo "<h1>web1.test.com</h1>" > /var/www/html/index.html
[root@web2 ~]
# echo "<h1>web2.test.com</h1>" > /var/www/html/index.html
|
1
2
3
4
|
[root@web1 ~]
# service httpd start
正在启动 httpd: [确定]
[root@web2 ~]
# service httpd start
正在启动 httpd: [确定]
|
(1).正向代理的概念
正向代理,也就是传说中的代理,他的工作原理就像一个跳板,简单的说,我是一个用户,我访问不了某网站,但是我能访问一个代理服务器,这个代理服务器呢,他能访问那个我不能访问的网站,于是我先连上代理服务器,告诉他我需要那个无法访问网站的内容,代理服务器去取回来,然后返回给我。从网站的角度,只在代理服务器来取内容的时候有一次记录,有时候并不知道是用户的请求,也隐藏了用户的资料,这取决于代理告不告诉网站。
(2).反向代理的概念
(3).两者区别
1
2
3
4
|
location / {
proxy_pass http:
//localhost
:8000;
proxy_set_header X-Real-IP $remote_addr;
}
|
1
2
3
4
5
6
|
[root@nginx ~]
# cd /etc/nginx/
[root@nginx nginx]
# cp nginx.conf nginx.conf.bak #备份一个原配置文件
[root@nginx nginx]
# vim nginx.conf
location / {
proxy_pass http:
//192
.168.18.201;
}
|
1
2
3
4
|
[root@nginx ~]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@web1 ~]
# tail /var/log/httpd/access_log
192.168.18.208 - - [04
/Sep/2013
:00:14:20 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:14:20 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:14:20 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.138 - - [04
/Sep/2013
:00:14:45 +0800]
"GET / HTTP/1.1"
200 23
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.138 - - [04
/Sep/2013
:00:14:48 +0800]
"GET /favicon.ico HTTP/1.1"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:14:55 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:15:05 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:15:13 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:15:16 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
192.168.18.208 - - [04
/Sep/2013
:00:15:16 +0800]
"GET /favicon.ico HTTP/1.0"
404 289
"-"
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
|
1
2
3
4
|
location / {
proxy_pass http:
//192
.168.18.201;
proxy_set_header X-Real-IP $remote_addr;
#加上这一行
}
|
1
2
3
4
|
[root@nginx ~]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@web1 ~]
# tail /var/log/httpd/access_log
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.208 - - [03
/Sep/2013
:16:26:18 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@web1 ~]
# service httpd restart
停止 httpd: [确定]
正在启动 httpd: [确定]
[root@web1 ~]
# tail /var/log/httpd/access_log
192.168.18.138 - - [03
/Sep/2013
:17:09:14 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:14 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [03
/Sep/2013
:17:09:15 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
|
1
2
3
4
5
6
7
8
9
10
11
12
|
upstream
test
.net{
ip_hash;
server 192.168.10.13:80;
server 192.168.10.14:80 down;
server 192.168.10.15:8009 max_fails=3 fail_timeout=20s;
server 192.168.10.16:8080;
}
server {
location / {
proxy_pass http:
//test
.net;
}
}
|
-
轮询(默认)。每个请求按时间顺序逐一分配到不同的后端服务器,如果后端某台服务器宕机,故障系统被自动剔除,使用户访问不受影响。Weight 指定轮询权值,Weight值越大,分配到的访问机率越高,主要用于后端每个服务器性能不均的情况下。
-
ip_hash。每个请求按访问IP的hash结果分配,这样来自同一个IP的访客固定访问一个后端服务器,有效解决了动态网页存在的session共享问题。
-
fair。这是比上面两个更加智能的负载均衡算法。此种算法可以依据页面大小和加载时间长短智能地进行负载均衡,也就是根据后端服务器的响应时间来分配请求,响应时间短的优先分配。Nginx本身是不支持fair的,如果需要使用这种调度算法,必须下载Nginx的upstream_fair模块。
-
url_hash。此方法按访问url的hash结果来分配请求,使每个url定向到同一个后端服务器,可以进一步提高后端缓存服务器的效率。Nginx本身是不支持url_hash的,如果需要使用这种调度算法,必须安装Nginx 的hash软件包。
-
down,表示当前的server暂时不参与负载均衡。
-
backup,预留的备份机器。当其他所有的非backup机器出现故障或者忙的时候,才会请求backup机器,因此这台机器的压力最轻。
-
max_fails,允许请求失败的次数,默认为1。当超过最大次数时,返回proxy_next_upstream 模块定义的错误。
-
fail_timeout,在经历了max_fails次失败后,暂停服务的时间。max_fails可以和fail_timeout一起使用。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@nginx ~]
# vim /etc/nginx/nginx.conf
upstream webservers {
server 192.168.18.201 weight=1;
server 192.168.18.202 weight=1;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http:
//webservers
;
proxy_set_header X-Real-IP $remote_addr;
}
}
|
1
2
3
4
|
[root@nginx ~]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@web1 ~]
# tail /var/log/httpd/access_log
192.168.18.138 - - [04
/Sep/2013
:09:41:58 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:41:58 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:41:59 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:41:59 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:42:00 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:42:00 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:42:00 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:44:21 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:44:22 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:44:22 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
|
1
2
3
4
5
|
[root@web2 ~]
# vim /etc/httpd/conf/httpd.conf
LogFormat
"%{X-Real-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
[root@web2 ~]
# service httpd restart
停止 httpd: [确定]
正在启动 httpd: [确定]
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@web2 ~]
# tail /var/log/httpd/access_log
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:28 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:29 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
192.168.18.138 - - [04
/Sep/2013
:09:50:29 +0800]
"GET / HTTP/1.0"
200 23
"-"
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
|
-
max_fails,允许请求失败的次数,默认为1。当超过最大次数时,返回proxy_next_upstream 模块定义的错误。
-
fail_timeout,在经历了max_fails次失败后,暂停服务的时间。max_fails可以和fail_timeout一起使用,进行健康状态检查。
1
2
3
4
5
|
[root@nginx ~]
# vim /etc/nginx/nginx.conf
upstream webservers {
server 192.168.18.201 weight=1 max_fails=2 fail_timeout=2;
server 192.168.18.202 weight=1 max_fails=2 fail_timeout=2;
}
|
1
2
3
4
|
[root@nginx ~]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
3
|
先停止Web1,进行测试。
[root@web1 ~]
# service httpd stop
停止 httpd: [确定]
|
1
2
|
[root@web1 ~]
# service httpd start
正在启动 httpd: [确定]
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@nginx ~]
# vim /etc/nginx/nginx.conf
server {
listen 8080;
server_name localhost;
root
/data/www/errorpage
;
index index.html;
}
upstream webservers {
server 192.168.18.201 weight=1 max_fails=2 fail_timeout=2;
server 192.168.18.202 weight=1 max_fails=2 fail_timeout=2;
server 127.0.0.1:8080 backup;
}
[root@nginx ~]
# mkdir -pv /data/www/errorpage
[root@nginx errorpage]
# cat index.html
<h1>Sorry......<
/h1
>
|
1
2
3
4
|
[root@nginx errorpage]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
3
4
|
[root@web1 ~]
# service httpd stop
停止 httpd: [确定]
[root@web2 ~]
# service httpd stop
停止 httpd: [确定]
|
-
ip_hash,每个请求按访问IP的hash结果分配,这样来自同一个IP的访客固定访问一个后端服务器,有效解决了动态网页存在的session共享问题。(一般电子商务网站用的比较多)
1
2
3
4
5
6
7
|
[root@nginx ~]
# vim /etc/nginx/nginx.conf
upstream webservers {
ip_hash;
server 192.168.18.201 weight=1 max_fails=2 fail_timeout=2;
server 192.168.18.202 weight=1 max_fails=2 fail_timeout=2;
#server 127.0.0.1:8080 backup;
}
|
1
2
3
4
|
[root@nginx ~]
# service nginx reload
nginx: the configuration
file
/etc/nginx/nginx
.conf syntax is ok
nginx: configuration
file
/etc/nginx/nginx
.conf
test
is successful
重新载入 nginx: [确定]
|
1
2
|
[root@web2 ~]
# netstat -an | grep :80 | wc -l
304
|