• Nginx基本配置与应用


    一、准备

    1.1 环境准备

    CentOS7软件环境

    1.2 tomcat多实例

    把/etc/profile.d/tomcat.sh中的变量注释了

    #export TOMCAT_HOME=/usr/local/tomcat
    #export CATALINA_HOME=/usr/local/tomcat
    #export CATALINA_BASE=/usr/local/tomcat
    #export CATALINA_TMPDIR=/usr/local/tomcat/temp
    #export TOMCAT_USER=tomcat
    
    unset TOMCAT_HOME
    unset CATALINA_HOME
    unset CATALINA_BASE
    unset CATALINA_TMPDIR
    

    复制tomcat目录

    cd /opt/tomcat
    cp -a apache-tomcat-8.5.16 tomcat8180
    cp -a apache-tomcat-8.5.16 tomcat8280
    cp -a apache-tomcat-8.5.16 tomcat8380
    

    修改配置

    # 创建部署目录
    mkdir -p /data/webapps
    chown -R tomcat:tomcat /data/webapps
    
    # 修改配置,通过脚本修改如下内容
    # 行号  替换前                 替换后
    # 22    8005              =>  8105
    # 69    8080              =>  8180
    # 116   8009              =>  8109
    # 148   appBase="webapps" =>  appBase="/data/webapps"
    
    # 执行脚本a.sh
    sh a.sh
    
    # 查看修改后的不同
    diff /opt/tomcat/apache-tomcat-8.5.16/conf/server.xml /opt/tomcat/tomcat8180/conf/server.xml
    

    a.sh

    #!/bin/sh
    
    for i in {1..3}
    do
      file=/opt/tomcat/tomcat8"$i"80/conf/server.xml
      sed -i '22s/8005/8'"$i"'05/' $file
      sed -i '69s/8080/8'"$i"'80/' $file
      sed -i '116s/8009/8'"$i"'09/' $file
      #sed -i '148s#appBase=".*"#appBase="/data/webapps"#' $file
    done
    

    启动多实例

    # 以普通用户运行tomcat
    # for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/daemon.sh start;done
    for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/startup.sh;done
    netstat -tunlp | grep 80
    
    # 关闭
    for i in {1..3};do /opt/tomcat/tomcat8"$i"80/bin/shutdown.sh;done
    

    1.3 配置hosts

    # 查看服务器ip
    ifconfig
    
    # 修改hosts
    C:WindowsSystem32driversetc
    192.168.5.210 test.com
    192.168.5.210 beijing.test.com
    192.168.5.210 shanghai.test.com
    

    二、负载均衡

    2.2 流程

    2.2 nginx配置

    http://nginx.org/en/docs/http/ngx_http_upstream_module.html

    /etc/nginx.conf

    /usr/local/nginx/conf/nginx.conf

    worker_processes  1;
    events {
        worker_connections  1024;
    }
    
    # http最外层模块
    http {
    	# 全局变量参数
        include       mime.types;
        default_type  application/octet-stream;
        sendfile        on;
        keepalive_timeout  65;
    
    	upstream web_pool {
    		server 127.0.0.1:8180 weight=1;
    		server 127.0.0.1:8280 weight=1;
    		server 127.0.0.1:8380 weight=2;
    	}
    
    	# server相当于虚拟站点
        server {
            listen       80;
            server_name  localhost;
            location / {
                proxy_pass  http://web_pool;
                index  index.html index.htm;
            }
        }
    }
    

    解析

    http:根元素
    upstream:反向代理的域
    server:虚拟站点
    
    location # 请求的一个节点
    

    location参数

    root                         # 站点根路径
    index                        # 首页
    proxy_pass                   # 代理服务
    proxy_redirect off;          # 是否允许重写向
    proxy_set_header Host $host; # 传header参数至后台端服务
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_connect_timeout 90;    # 连接代理服务超时时间
    proxy_send_timeout 90;       # 请求改善最大时间
    proxy_read_timeout 90;       # 读取最大时间
    

    upstream参数

    service         # 反向服务地址加端口
    weight          # 权重 
    max_fails       # 失败多少次后认为主机已经挂掉,踢出
    fail_timeout    # 踢出后重新探测时间
    backup          # 备用服务
    max_conns       # 允许最大连接数
    slow_start      # 当节点恢复,不立即加入 
    
    max_fails注重用户体验好就要配置低
    
    server 127.0.0.1:8180 fail_timeout=5s slow_start=10s;
    

    2.3 负载算法

    ll+weight:根据权重轮询

    ip_hash:hash(client_ip)%2=index,解决session一致性

    url_hash:hash(url)%2=index,资源缓存服务

    least_conn:最少连接

    least_time:请求时间越少,权重越高

    三、应用实战

    在修改nginx.conf配置文件后

    # 验证配置是否正确
    nginx -t
    
    # 平滑启动
    nginx -s reload
    

    3.1 动静分离

    nginx.conf

    worker_processes  1;
    events {
        worker_connections  1024;
    }
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
        sendfile        on;
        keepalive_timeout  65;
    
    	upstream web_pool {
    		server 127.0.0.1:8180 weight=1;
    		server 127.0.0.1:8280 weight=1;
    	}
    	
    	upstream static_resource {
    		server 127.0.0.1:8380;
    	}
    
        server {
            listen       80;
            server_name  localhost;
            # 动态服务
            location / {
                proxy_pass  http://web_pool;
                index  index.html index.htm;
            }
            # 静态服务
            location ~* .(gif|css|png|jpg|js|swf)(.*) {
    			proxy_pass http://static_resource;
            }
        }
    }
    

    tomcat内容

    基中index.html

    cat /opt/tomcat/tomcat8180/webapps/ROOT/index.html
    <html>
    <head>
    <title>index</title>
    </head>
    <body>
    <h1>Hello 8180</h1>
    <img src="one-piece.png"/>
    </body>
    </html>
    
    cat /opt/tomcat/tomcat8280/webapps/ROOT/index.html
    <html>
    <head>
    <title>index</title>
    </head>
    <body>
    <h1>Hello 8280</h1>
    <img src="one-piece.png"/>
    </body>
    </html>
    

    浏览器访问test.com, Hello 8180与Hello 8280循环出现

    3.2 防盗链

    原理就是根据Referer防盗链

    nginx.conf

    worker_processes  1;
    events {
        worker_connections  1024;
    }
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
        sendfile        on;
        keepalive_timeout  65;
    
    	upstream web_pool {
    		server 127.0.0.1:8180 weight=1;
    		server 127.0.0.1:8280 weight=1;
    	}
    	
    	upstream static_resource {
    		server 127.0.0.1:8380;
    	}
    
        server {
            listen       80;
            server_name  localhost;
            # 动态服务
            location / {
                proxy_pass  http://web_pool;
                index  index.html index.htm;
            }
            # 静态服务
            location ~* .(gif|css|png|jpg|js|swf)(.*) {
    			# 防盗链设置
    			valid_referers none blocked *.test.com;
    			if ($invalid_referer) {
    				rewrite ^/ http://7xkmkl.com1.z0.glb.clouddn.com/404.jpg;
    			}
    			proxy_pass http://static_resource;
            }
        }
    }
    

    用IP访问:重新打开浏览器或Chrome用隐身模式打开

    3.3 城市静态站点实现

    server {
    	listen 80;
    	server_name *.test.com;
    	root /data/www/$host;
    	access_log logs/$host.access.log;
    	location / {
    		index index.html;
    	}
    }
    

    静态站点目录如下

    index.html

    cat /data/www/beijing.test.com/index.html 
    beijing
    
    cat /data/www/shanghai.test.com/index.html 
    shanghai
    

    流量器访问beijing.test.com shanghai.test.com

  • 相关阅读:
    安装pandas所需c及c++依赖
    linux中文临时生效
    标维参考命令
    linux运维
    prop属性
    centos python虚拟环境安装
    centos7&python3.6uwsgi安装
    react 入坑笔记(六)
    js 实现数据结构 -- 集合(MySet)
    js 实现数据结构 -- 链表(LinkedList)
  • 原文地址:https://www.cnblogs.com/okokabcd/p/8491260.html
Copyright © 2020-2023  润新知