1.13.4版本后自带ngx_http_mirror_module模块
复制线上真实流量,在不影响真实业务前提下,利用复制流量来做故障分析、性能定位、迁移评估等功能。具体功能包含:
- 支持或禁止post请求复制
- 记录复制(镜像)日志
mirror: 中文为镜像的意思,这里指流量复制的目的地。
upstream stutymirror {
server 172.17.18.118:8101;
}
server {
listen 443 ssl;
server_name www.aaa.com;
access_log /var/log/nginx/ent.access.log main;
error_log /var/log/nginx/ent.error.log;
#ssl on;
ssl_certificate /data/cert/aaa.com.pem;
ssl_certificate_key /data/cert/aaa.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
client_max_body_size 10M;
location ~* ^/wx/.*$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
mirror /mirror1; #源站配置
mirror_request_body on;
if ($request_uri ~ /wx/(.+))
{
set $params $1;
}
proxy_pass http://172.17.18.88:7799/wx/$1;
}
# 镜像站点配置
location = /mirror1 {
internal;
proxy_pass http://stutymirror$request_uri;
proxy_pass_request_body on;
#proxy_set_header X-Original-URI $request_uri;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
root /data/enterprise/;
index index.html;
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50json.html;
location = /50json.html {
root /usr/share/nginx/html;
}
}
不允许post请求
upstream stutymirror {
server 172.17.18.118:8101;
}
server {
listen 443 ssl;
server_name www.aaa.com;
access_log /var/log/nginx/ent.access.log main;
error_log /var/log/nginx/ent.error.log;
#ssl on;
ssl_certificate /data/cert/aaa.com.pem;
ssl_certificate_key /data/cert/aaa.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
client_max_body_size 10M;
location ~* ^/wx/.*$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
mirror /mirror1; #源站配置
mirror_request_body off;
if ($request_uri ~ /wx/(.+))
{
set $params $1;
}
proxy_pass http://172.17.18.88:7799/wx/$1;
}
# 镜像站点配置
location = /mirror1 {
# 判断请求方法,不是GET返回403
if ($request_method != GET) {
return 403;
}
internal;
proxy_pass http://stutymirror$request_uri;
proxy_pass_request_body off;
proxy_set_header Content-Length ""; # mirror_request_body/proxy_pass_request_body都设置为off,则Conten-length需要设置为"",否则有坑
proxy_set_header X-Original-URI $request_uri; # 使用真实的url重置url
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
root /data/enterprise/;
index index.html;
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50json.html;
location = /50json.html {
root /usr/share/nginx/html;
}
}
其实是转载的,当初只是记录在自己的有道笔记上,现在整理,忘了从哪转来的了,内容是我在我环境下更改测试的,抱歉原创。。。