LD is tigger forever,CG are not brothers forever, throw the pot and shine forever.
Modesty is not false, solid is not naive, treacherous but not deceitful, stay with good people, and stay away from poor people.
talk is cheap, show others the code and KPI, Keep progress,make a better result.
Survive during the day and develop at night。
目录
概 述
nginx实现动静分离
一、简单配置nginx的动静分离
1.1 根据目录分开
1.2 通过请求分离
1.3 根据扩展名分离
1.4 根据客户端标识进行分离
1.5 使用客户端的pc和移动分离
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream stack_pools {
server 172.25.254.134:80 weight=5;
}
upstream dynamic_pools {
server 172.25.254.135:80 weight=5;
}
server {
listen 80;
server_name www.lbtest.com;
location / {
if (
h
t
t
p
u
s
e
r
a
g
e
n
t
∗
"
i
p
h
o
n
e
"
)
p
r
o
x
y
p
a
s
s
h
t
t
p
:
/
/
d
y
n
a
m
i
c
p
o
o
l
s
;
i
f
(
http_user_agent ~* "iphone") { proxy_pass http://dynamic_pools; } if (
httpuseragent ∗"iphone")proxypasshttp://dynamicpools;if(http_user_agent ~* “android”)
{
proxy_pass http://stack_pools;
}
}
proxy_set_header Host $host;
}
二 、优化
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time =600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16348
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_max_orphans = 16384
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 18364
proxy_next_upstream error timeout invalid_header http_500 http_502_http_503 http_504;
nginx尝试连接后端主机失败的次数你,这个数是配合proxy_next_upstream,fastcgi_next_upstream,和memcached_next_upstream这三个参数来使用的,当nginx接受后端服务器返回这三个数定义的状态码的时候,会将这个请求转发给正常的后端服务器,例如404,502,503.Max_fails默认值是1
[root@node2 ~]# sysctl -p
简单介绍keepalive和nginx
配置keepalived实现nginx负载均衡的高可用
keepalive更适合于见得IP漂移,如果资源服务有控制,heartbeat更适合,比如存储方向的高可用
三、 nginx反向代理的健康检查
nginx做反向代理的时候,当后端就的服务器出现宕机的时候,nginx不能把这台realserver剔除upstream的,所以还会把请求转发到后端的这台realserve上,虽然nginx可以在localtion中启用proxy_next_upstream来解决返回给客户的错误页面,但这个还会会把请求转发转给这台服务器,然后再转发别的服务器,这样就浪费了一次转发,借助淘宝团队开发的nginx模块nginx_upstream_check_module来检测后方的realserver的健康状态,如果后端服务器不可用,则所有的请求不转发到这台服务器
check interval=5000 rise=1 fall=3 timeout=4000;
3.1 直接添加到配置文件
[root@node2 ~]# vim /usr/local/nginx/conf/nginx.conf
[root@node2 ~]# nginx -t
3.2 下载模块
[root@node2 nginx-1.12.2]# yum -y install git
[root@node2 nginx-1.12.2]# git clone https://github.com/yaoweibin/nginx_upstream_check_module.git
[root@node2 nginx-1.12.2]# patch -p0 < ./nginx_upstream_check_module/check_1.11.5+.patch
3.4 编译安装
[root@node2 nginx-1.12.2]# ./configure --prefix=/usr/local/nginx
[root@node2 nginx-1.12.2]# ll
[root@node2 nginx-1.12.2]# make
[root@node2 nginx-1.12.2]# ll objs/
备份就得nginx,并拷贝新的nginx
[root@node2 nginx-1.12.2]# cd /usr/local/nginx/sbin/
[root@node2 sbin]# mv nginx nginx.bak
[root@node2 sbin]# cp /usr/local/src/nginx-1.12.2/objs/nginx /usr/local/nginx/sbin
[root@node2 sbin]# /usr/local/nginx/sbin/nginx -s stop
[root@node2 sbin]# id nginx
[root@node2 sbin]# useradd nginx
[root@node2 sbin]# id nginx
[root@node2 sbin]# /usr/local/nginx/sbin/nginx -s stop
三、 nginx反向代理的健康检查
nginx做反向代理的时候,当后端就的服务器出现宕机的时候,nginx不能把这台realserver剔除upstream的,所以还会把请求转发到后端的这台realserve上,虽然nginx可以在localtion中启用proxy_next_upstream来解决返回给客户的错误页面,但这个还会会把请求转发转给这台服务器,然后再转发别的服务器,这样就浪费了一次转发,借助淘宝团队开发的nginx模块nginx_upstream_check_module来检测后方的realserver的健康状态,如果后端服务器不可用,则所有的请求不转发到这台服务器
check interval=5000 rise=1 fall=3 timeout=4000;
3.1 直接添加到配置文件
[root@node2 ~]# vim /usr/local/nginx/conf/nginx.conf
[root@node2 sbin]# /usr/local/nginx/sbin/nginx
[root@node2 ~]# nginx -t
小结
参考资料和推荐阅读
1.链接: 参考资料.