网站URL:
svn-------dev.qingfeng.com/svn(10.0.0.8:801/svn)
svn web---dev.qingfeng.com/submin(10.0.0.8:801/submin)
网站------www.qingfeng.com(10.0.0.7:80&10.0.0.8:80)
oa--------oa.qingfeng.com(10.0.0.7:802&10.0.0.8:802)
反向代理总结:
多域名指向是通过虚拟主机的不同server实现;
同一域名的不同虚拟目录通过每个server下面的不同location实现;
反向代理到后端的服务器需要在vhost/LB.conf下面配置upstream,
然后在server或location中通过proxy_pass引用.
1.安装nginx
mkdir -p /server/tools cd /server/tools yum install -y pcre pcre-devel openssl openssl-devel gcc gcc+ wget http://nginx.org/download/nginx-1.8.0.tar.gz useradd www -M -s /sbin/nologin tar xf nginx-1.8.0.tar.gz cd nginx-1.8.0/ sed -i "179s/#//" auto/cc/gcc mkdir /application ./configure --prefix=/application/nginx-1.8.0 --user=www --group=www --with-http_stub_status_module --with-http_ssl_module make && make install ln -s /application/nginx-1.8.0/ /application/nginx
2.10.0.0.8最简配置
cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include vhosts/*.conf;
}
cat www.conf
server {
listen 80;
server_name www.qingfeng.com;
access_log logs/www_access.log main;
error_log logs/www_error.log;
location / {
root html/www;
index index.html index.php;
}
}
cat svn.conf
server {
listen 801;
server_name dev.qingfeng.com;
access_log logs/svn_submin_access.log main;
error_log logs/svn_submin_error.log;
location / {
root html;
index index.html;
}
}
cat oa.conf
server {
listen 802;
server_name oa.qingfeng.com;
access_log logs/www_access.log main;
error_log logs/www_error.log;
location / {
root html/oa;
index index.html index.php index.htm;
}
}
# 10.0.0.7的主配文件、辅助文件(oa.conf)跟10.0.0.8一样
3.创建目录及首页文件
mkdir /application/nginx/conf/vhosts
# 10.0.0.7
mkdir /application/nginx/html/{oa,www}
cd /application/nginx/html/
echo "oa-10.0.0.7:802" > oa/index.html
echo "www-10.0.0.7:80" > www/index.html
# 10.0.0.8
mkdir /application/nginx/html/{oa,www,svn,submin}
cd /application/nginx/html/
echo "oa-10.0.0.8:802" > oa/index.html
echo "www-10.0.0.8:80" > www/index.html
echo "this is the page of svn-10.0.0.8" > svn/index.html
echo "this is the page of submin-10.0.0.8" > submin/index.html
# 经典错误示范:
location /svn/ {
root html/svn;
index index.html;
}
如果写成这样的格式,将无法访问到页面,因为location不仅是url,还要把它拼接到网站根路径后,
去掉根路径后面跟的字符即可正常访问.
location /svn/ {
root html;
index index.html;
}
4.负载均衡(10.0.0.5)最简配置
cat LB.conf
upstream LB-WWW {
# ip_hash;
server 10.0.0.7:80;
server 10.0.0.8:80;
}
upstream LB-OA {
# ip_hash;
server 10.0.0.7:802;
server 10.0.0.8:802;
}
server {
listen 80;
server_name dev.qingfeng.com;
access_log logs/dev-access.log main;
error_log logs/dev-error.log;
location /svn/ {
proxy_pass http://10.0.0.8:801/svn/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /submin/ {
proxy_pass http://10.0.0.8:801/submin/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 80;
server_name www.qingfeng.com;
access_log logs/www-access.log main;
error_log logs/www-error.log;
location / {
proxy_pass http://LB-WWW;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 80;
server_name oa.qingfeng.com;
access_log logs/oa-access.log main;
error_log logs/oa-error.log;
location / {
proxy_pass http://LB-OA;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
5.解决问题
a.如果location中不加proxy_set_header Host $host;会导致客户端发来的请求头的
host中没有域名,只会返回第一个匹配到的页面;
b.反向代理到web01(nginx),返回403,是因为没有创建首页文件,创建后,可以正常访问,
反向代理到web02(apache),返回400,是因为没有在lb01配置文件中添加$host,发送了空请求.
c.解决web集群会话保持的方法:前端用ip_hash或后端搭一个memcache共享session.