1 系统信息
[root@lb-01-7 vhost]# cat /etc/redhat-release
CentOS release 6.8 (Final)
[root@lb-01-7 vhost]# uname -r
2.6.32-642.el6.x86_64
2 环境
HOSTNAME | IP | 说明 |
lb-01-7 | 10.0.0.7 | Nginx主负载均衡器 |
web-01-9 | 10.0.0.9 | web服务器 |
web-01-9 | 10.0.0.10 | web服务器 |
软件:nginx-1.12.0
3 安装脚本
#! /bin/bash
# function :install nginx
SOFT_INSTALL_PATH=/usr/local
NGINX_VERSION=nginx-1.12.0
SOFT=/home/zyb/tools
function nginx_install()
{
# add user and group
groupadd www
useradd www -s /sbin/nologin -M -g www
# install Dependent package
yum install -y pcre pcre-devel openssl openssl-devel>>nginx.log
[ -d $SOFT ] && cd $SOFT || exit 1
tar -xf ${NGINX_VERSION}.tar.gz
cd ${NGINX_VERSION}
./configure --prefix=${SOFT_INSTALL_PATH}/${NGINX_VERSION} --user=www --group=www \
--with-http_sub_module --with-http_ssl_module --with-http_stub_status_module >>nginx.log
[ $? == "0" ] && make >>nginx.log ||exit 1
make install >>nginx.log
ln -s ${SOFT_INSTALL_PATH}/${NGINX_VERSION} ${SOFT_INSTALL_PATH}/nginx
${SOFT_INSTALL_PATH}/${NGINX_VERSION}/sbin/nginx
netstat -nlutp|grep 80
}
function nginx_config()
{
cat >${SOFT_INSTALL_PATH}/${NGINX_VERSION}/conf/nginx.conf<<EOF
user www www;
worker_processes 8;
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
error_log /home/wwwlogs/nginx_error.log error;
pid /home/wwwlogs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 10240;
multi_accept on;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
send_timeout 25;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
#limit_conn_zone $binary_remote_addr zone=perip:10m;
##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'$status $body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
server_tokens off;
include vhost/*.conf;
}
EOF
mkdir -p /home/wwwlogs
chown www.www /home/wwwlogs
mkdir -p ${SOFT_INSTALL_PATH}/${NGINX_VERSION}/conf/vhost
${SOFT_INSTALL_PATH}/${NGINX_VERSION}/sbin/nginx -s reload
}
function add_server()
{
cat >${SOFT_INSTALL_PATH}/${NGINX_VERSION}/conf/vhost/www.zyb.com.conf<<EOF
server {
listen 80;
server_name www.zyb.com;
location / {
root html;
index index.html index.htm;
}
access_log /home/wwwlogs/www.zyb.com.log main;
}
EOF
}
nginx_install
nginx_config
add_server
4 nginx配置
4.1 修改10.0.0.7 的nginx配置文件
在nginx.conf 的http节点添加以下信息:
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
' "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server_tokens off;
upstream www_server_pools {
server 10.0.0.9:80 weight=1;
server 10.0.0.10:80 weight=1;
}
配置server节点
[root@lb-01-7 vhost]# cat www.zyb.com.conf
server {
listen 80;
server_name www.zyb.com;
location / {
proxy_pass http://www_server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
access_log /home/wwwlogs/www.zyb.com.log main;
}
说明:
proxy_pass http://www_server_pools; 将访问请求发送给www_server_pools 里的节点
proxy_set_header Host $host; 在代理向后服务器发送http请求加入host字段信息,用于当后端服务器配置有多个虚拟主机是,可以识别代理的哪一个虚拟主机。这是节点服务器多虚拟主机的关键配置。
proxy_set_header X-Forwarded-For $remote_addr; 这是反向代理时,节点服务器获取用户真实的IP的必要功能配置
方向代理配置相关的更多参数说明
proxy_pass http://www_server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_connect_timeout 60;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64;