歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux基礎 >> 關於Linux

Nginx反向代理後端多個Tomcat、Nginx+PHP服務器(Nginx的代理和負載功能)

需求分析:

現有3個二級域名,一個IP地址,要實現將這3個域名通過1個IP地址對外提供web服務,可使用IP+端口的方式對域名進行解析,且互不影響。如:

Domain1:www.huangming.org IPADDR:192.168.1.33:80

Domain2:web1.huangming.orgIPADDR:192.168.1.33:8080

Domain3:web2.huangming.orgIPADDR:192.168.1.33:8080

其中Domain1作為Nginx反向代理的2台後端Read Server(Nginx+PHP),並實現負載均衡的功能。Domain2、3為通過Nginx反向代理的2台後端Tomcat Server。

實驗拓撲:

wKiom1cKEvXyQa3AAAGBCSFd6M8987.jpg

環境介紹:

HostnameIPADDRServerhost1192.168.1.231Nginx PHP Tomcat MySQLhost2192.168.1.232Nginx PHP Tomcat MySQLhxm(huangming.org)192.168.1.33Nginx-Proxy

Step1:在host1、2上搭建配置Tomcat虛擬主機,下面是相關配置

[root@host1 ~]# vim /usr/local/tomcat/conf/server.xml

1、打開server.xml配置文件,修改defaultHost="web1.huangming.org",並設置Hostname

2、指定webapp的目錄存放路徑appBase="/data/webapp1"

3、設置日志存放路徑directory="/data/webapp1/logs"

[root@host1 ~]# vim /usr/local/tomcat/conf/server.xml;在文件最後增加一個Host

<Enginename="Catalina"defaultHost="web1.huangming.org">
</Host>
<Hostname="web1.huangming.org"appBase="/data/webapp1"unpackWARS="true"autoDeploy="true">
<Contextpath=""docBase="/data/webapp1"reloadabled="true"/>
<ValveclassName="org.apache.catalina.valves.AccessLogValve"directory="/data/webapp1/logs"
prefix="web1_access_log"suffix=".txt"
pattern="%h%l%u%t&quot;%r&quot;%s%b"/>
</Host>
</Engine>

4、創建webapp的目錄文件

[root@host1 ~]# mkdir /data/webapp1

[root@host1 ~]# mkdir /data/webapp1/{lib,classes,WEB-INF,META-INF,logs} -p

[root@host1~]#ls/data/webapp1/
classesindex.jspliblogsMETA-INFWEB-INF

5、創建一個index.jsp頁面

<%@pagelanguage="java"%>
<%@pageimport="java.util.*"%>
<html>
<head>
<title>web1.huangming.orgtestpage.</title>
</head>
<body>
<%out.println("Hello,Thisisweb1.");%>
</body>
</html>

6、在host2創建配置Tomcat虛擬主機,與host1相同

<Enginename="Catalina"defaultHost="web2.huangming.org">
</Host>
<Hostname="web2.huangming.org"appBase="/data/webapp2"unpackWARS="true"autoDeploy="true">
<Contextpath=""docBase="/data/webapp2"reloadabled="true"/>
<ValveclassName="org.apache.catalina.valves.AccessLogValve"directory="/data/webapp2/logs"
prefix="web2_access_log"suffix=".txt"
pattern="%h%l%u%t&quot;%r&quot;%s%b"/>
</Host>
</Engine>

Step2:Host1和Host2的Nginx虛擬主機搭建和配置

1、Host1配置一個WEB虛擬主機,添加一個server.conf配置文件

[root@host1 ~]# vim /etc/nginx/vhosts/www.conf

server{
listen80;
server_name192.168.1.231;
indexindex.htmlindex.htmindex.phpindex.jsp;
server_tokensoff;
root/data/www/html;
access_log/var/log/nginx/www_access.logmain;

location/{
root/data/www/html;
indexindex.htmlinex.htmindex.php;
}

location~\.php${
includefastcgi_params;
fastcgi_passunix:/var/lib/php/php-fcgi.sock;
fastcgi_indexindex.php;
fastcgi_paramSCRIPT_FILENAME/data/www/html$fastcgi_script_name;
}

2、Host2配置一個WEB虛擬主機,添加一個server.conf配置文件

[root@host2 ~]# vim /etc/nginx/vhosts/www.conf

server{
listen80;
server_name192.168.1.232;
indexindex.htmlindex.htmindex.phpindex.jsp;
server_tokensoff;
root/data/www/html;
access_log/var/log/nginx/www_access.logmain;

location/{
root/data/www/html;
indexindex.htmlinex.htmindex.php;
}

location~\.php${
includefastcgi_params;
fastcgi_passunix:/var/lib/php/php-fcgi.sock;
fastcgi_indexindex.php;
fastcgi_paramSCRIPT_FILENAME/data/www/html$fastcgi_script_name;
}

3、php-fpm的配置

# vim /usr/local/php/etc/php-fpm.conf

[global]
pid=/usr/local/php/var/run/php-fpm.pid
error_log=/usr/local/php/var/log/php-fpm.log
[www]
listen=/var/lib/php/php-fcgi.sock
user=php-fpm
group=php-fpm
listen.owner=nginx
listen.group=nginx
pm=dynamic
pm.max_children=100
pm.start_servers=20
pm.min_spare_servers=5
pm.max_spare_servers=35
pm.max_requests=500
rlimit_files=1024

slowlog=/var/log/php/www_slow.log
request_slowlog_timeout=1
php_admin_value[open_basedir]=/data/www/:/tmp/

Step3:Nginx反向代理服務器配置

在nginx配置文件的http模塊中添加server配置

http {

include vhosts/*.conf;

......

upstream bbs { ;負載均衡配置

ip_hash; server 192.168.1.231:80 weight=1 max_fails=3 fail_timeout=30s; server 192.168.1.232:80 weight=1 max_fails=3 fail_timeout=30s; }

server { ;此server代理Domain1:www.haungming.org

listen 80;

server_name www.huangming.org huangming.org 192.168.1.33;

index index.html index.htm index.php index.jsp;

server_tokens off;

access_log /var/log/nginx/www.access.log main;

location / {

proxy_pass http://bbs;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;

proxy_buffering on;

proxy_redirect off;

proxy_connect_timeout 300s;

proxy_send_timeout 300s;

proxy_read_timeout 300s;

proxy_buffer_size 64k;

proxy_buffers 4 64k;

proxy_busy_buffers_size 64k;

proxy_temp_file_write_size 64k;

proxy_max_temp_file_size 1024m;

}

}

server { ;此server代理Domian2:web1.huangming.org

listen 80;

server_name web1.huangming.org;

index index.html index.htm index.jsp;

server_tokens off;

access_log /var/log/nginx/web1.access.log main;

location / {

proxy_pass http://192.168.1.231:8080;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;

}

}

server { ;此server代理Domain3:web2.huangming.org

listen 80;

server_name web2.huangming.org;

index index.html index.htm index.jsp;

server_tokens off;

access_log /var/log/nginx/web2.access.log main;

location / {

proxy_pass http://192.168.1.232:8080;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;

}

}

}

Step4:後端Nginx read server的日志記錄

如果在web前端使用了代理,Nginx會使用默認的日志記錄格式,記錄不到客戶的真實IP地址,故將兩台host1、2的Nginx日志格式記錄如下:

http {

......

log_format main '$HTTP_X_REAL_IP - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" "$request_time"'

'"$http_user_agent" $HTTP_X_Forwarded_For';

測試效果

[root@node1~]#curlhttp://192.168.1.33-I

wKiom1cKRa3AZIUXAAB4pWVpcQY979.jpg

Step5:Nginx代理服務的日志記錄

http {...... log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$gzip_ratio" "$http_referer"' '"$http_user_agent" "$http_x_forwarded_for" [$upstream_addr] ' '"$upstream_response_time" - "$request_time"';}

測試效果:

其中"$upstream_addr"為響應客戶請求的後端read server的IP address

wKiom1cKRnrgRtRFAACDs1LcdPI040.jpg

Step6:Nginx的靜態緩存、防盜鏈的相關配置,在host1、2上

server{
......
location~*^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)${
expires7d;
root/data/www/html;
access_logoff;
valid_referersnoneblocked*.huangming.orghuangming.org;
if($invalid_referer)
{
return403;
}
}

location~.*\.(js|css)?${
expires24h;
access_logoff;
}

location~(static|cache){
access_logoff;
}
}

Step7:測試Nginx反向代理和負載均衡

首先需要將域名做好解析,可以在本機hosts文件設置,或者在萬網解析

1、測試Domian1

wKiom1cKSknAuUZ1AADMfAIHksM284.jpg

查看日志記錄是否負載成功

wKiom1cKSpSTPAMjAACoQIJMczQ416.jpg

2、測試訪問Domain2、3(Tomcat服務器)

wKiom1cKS5TjbdIAAABSWYVRhOI405.jpg

查看Nginx代理Tomcat的訪問日志

[root@hxm~]#tail-2/var/log/nginx/web1.access.log
101.233.172.217--[07/Apr/2016:11:51:02+0800]"GET/HTTP/1.1"200145"-""-""Mozilla/5.0(WindowsNT6.3;WOW64;Trident/7.0;rv:11.0)likeGecko""-"[192.168.1.231:8080]"0.007"-"0.007"
101.233.172.217--[07/Apr/2016:11:51:44+0800]"GET/HTTP/1.1"200145"-""-""curl/7.19.7(x86_64-redhat-linux-gnu)libcurl/7.19.7NSS/3.14.0.0zlib/1.2.3libidn/1.18libssh2/1.4.2""-"[192.168.1.231:8080]"0.005"-"0.005"

[root@hxm~]#tail-2/var/log/nginx/web2.access.log
101.233.172.217--[07/Apr/2016:11:50:30+0800]"GET/favicon.icoHTTP/1.1"4041016"-""-""Mozilla/5.0(WindowsNT6.3;WOW64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/45.0.2454.101Safari/537.36""-"[192.168.1.232:8080]"0.018"-"0.018"
101.233.172.217--[07/Apr/2016:11:51:56+0800]"GET/HTTP/1.1"200145"-""-""curl/7.19.7(x86_64-redhat-linux-gnu)libcurl/7.19.7NSS/3.14.0.0zlib/1.2.3libidn/1.18libssh2/1.4.2""-"[192.168.1.232:8080]"0.011"-"0.011"

Step8:關於Tomcat的默認管理主頁

將name=localhost,修改為本機地址192.168.1.231,這樣可以在本地通過訪問這個IP進入Tomcat的默認主頁和配置管理頁面(這樣與web1.huangming.org不產生沖突)

[root@host1 ~]# vim /usr/local/tomcat/conf/server.xml

wKiom1cKTbXh6jYUAAATnVnbxx4354.jpg

wKiom1cKTqjBikXYAACuhOB4woI235.jpg

Step9:Domain1:www.huangming.org站點目錄的同步

這裡在Host1和Host2之間使用NFS文件服務器,Host2掛載Host1的站點目錄文件

[root@host2 conf]# df -ThFilesystem Type Size Used Avail Use% Mounted on/dev/sda3 ext4 13G 5.8G 6.1G 49% /tmpfs tmpfs 491M 0 491M 0% /dev/shm/dev/sda1 ext4 190M 27M 154M 15% /boot192.168.1.231:/data/www/html nfs 13G 3.4G 8.6G 29% /data/www/html

結語:Nginx服務器的緩存配置

在web的前端,通常會加一層緩存服務器,作為緩存後端Read Server的網頁內容,以加快訪問速度,因此可以使用前端的Nginx代理服務器配置文件中添加緩存配置同時作為緩存服務使用

本文出自 “7414593” 博客,請務必保留此出處http://7424593.blog.51cto.com/7414593/1762432

Copyright © Linux教程網 All Rights Reserved