day 50 期中架构-NGINX PROXY深入
两个模块:
upstream 服务器池,里面放服务器
upstream backend{
server 10.0.0.7:80 weight=1;
server 10.0.0.8:80 weight=1;
}
这种分配方式叫做负载均衡算法:
第一类为静态调度算法:
和节点无关的调度算法
rr轮询(默认调度算法,静态调度算法)
wrr(权重轮询,静态调度算法)
ip_hash_(静态调度算法)
负载不均衡
解决会话保持 session 会话 当用户登录在服务器端会生成一个会话文件
会话保持技术:
1.nginx ip_hash
2.缓存服务器redis session服务器端
3.cookies 客户端的(分布式)
第二类为动态调度算法:
fari(动态调度算法)
least_conn最小连接调度算法
url_nash算法 同一个URL地址,调度给同一台节点。(缺点:不能宕机 否则节点就会出问题)
用于web缓存服务器的负载均衡(web缓存 是内存服务 相当于CDN)
一致性HASH算法
proxy:
1.将匹配URL为name的请求抛给http://127.0.0.1/remote/。
案例背景:通过Nginx实现动静分离,即通过Nginx反向代理配置规则实现让动态资源和静态资源及其他业务分别由不同的服务器解析,以解决网站性能、安全、用户体验等重要问题。
upstream static_pools {
server 10.0.0.7:80 weight=1;
}
upstream upload_pools {
server 10.0.0.8:80 weight=1;
}
upstream default_pools {
server 10.0.0.9:80 weight=1;
}
#www.etiantian.org/static/xxxxx 路径调度到static_pools
location /static/ {
proxy_pass http://static_pools;
}
location /upload/ {
proxy_pass http://upload_pools;
}
location / {
proxy_pass http://default_pools;
}
域名不变,基于路径实现动静分离:
http://www.etiantian.org/static/
http://www.etiantian.org/upload/
http://www.etiantian.org/
http://www.etiantian.org/new/
http://www.etiantian.org/static/
基于扩展名实现刚才的案例
location ~ .*.(gif|jpg|jpeg|png|bmp|swf|css|js)$ {
proxy_pass http://static_pools;
}
location / {
proxy_pass http://default_pools;
}
location /upload/ {
proxy_pass http://upload_pools;
}
[root@lb01 conf]# cat nginx.conf.base_uri
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream static_pools {
server 10.0.0.7:80 weight=1;
}
upstream upload_pools {
server 10.0.0.8:80 weight=1;
}
upstream default_pools {
server 10.0.0.9:80 weight=1;
}
server {
listen 80;
server_name www.etiantian.org;
location /static/ {
proxy_pass http://static_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /upload/ {
proxy_pass http://upload_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
location / {
proxy_pass http://default_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
直接通过不同的域名实现动静分离:
www.etiantian.org 动态
img.etiantian.org 静态
基于不同类型的设备实现转发:
HTTP报文的请求头里,会提供http_user_agent信息。
http_user_agent 用户的设备:
location / {
if ($http_user_agent ~* "android")
{
proxy_pass http://android_pools; #<==这是android服务器池,需要提前定义upstream。
}
if ($http_user_agent ~* "iphone")
{
proxy_pass http://iphone_pools; #<==这是iphone服务器池,需要提前定义upstream。
}
proxy_pass http://pc_pools;
}
location / {
if ($http_user_agent ~* "MSIE")
{
proxy_pass http://static_pools;
}
if ($http_user_agent ~* "Chrome")
#if ($http_user_agent ~* "Firefox")
{
proxy_pass http://upload_pools;
}
proxy_pass http://default_pools;
include proxy.conf;
}
location / {
if ($http_user_agent ~* "android")
{
proxy_pass http://static_pools;
}
if ($http_user_agent ~* "iphone")
{
proxy_pass http://upload_pools;
}
proxy_pass http://default_pools;
}
[root@lb01 conf]# curl -A "android" http://www.etiantian.org/upload/
upload server
[root@lb01 conf]# curl -A "iphone" http://www.etiantian.org/static/
static server
[root@lb01 conf]# curl -A "android" http://www.etiantian.org
www7
[root@lb01 conf]# curl -A "iphone" http://www.etiantian.org/
www8
[root@lb01 conf]# curl http://www.etiantian.org/
www9
安卓:
http://192.168.12.201:8000/upload/
upload
iphone
http://192.168.12.201:8000/static/
static
其他:
http://192.168.12.201:8000/
http://192.168.12.201:8000/new/
[root@lb01 conf]# curl -A "android" http://www.etiantian.org/upload/
upload
[root@lb01 conf]# curl -A "iphone" http://www.etiantian.org/static/
static
[root@lb01 conf]# curl -A "android" http://www.etiantian.org
www7
[root@lb01 conf]# curl -A "iphone" http://www.etiantian.org/
www8
[root@lb01 conf]# curl http://www.etiantian.org/
www9
实践:
1、基于路径转发 实现动静分离
2、基于扩展名转发 实现动静分离
3、基于user_agent转发 实现PC 手机 不同手机分离
直接通过不同的域名实现动静分离:
www.etiantian.org 动态
img.etiantian.org 静态
负载均衡器已经配好了动态和静态的负载均衡:
server {
listen 80;
server_name blog.etiantian.org;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
}
}
server {
listen 80;
server_name img.etiantian.org img1.etiantian.org;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
}
}
Web01上创建静态服务:
[root@web01 /etc/nginx/conf.d]# cat img.conf
server {
listen 80;
server_name img.etiantian.org;
location / {
root /usr/share/nginx/html/img;
index index.html;
}
}
Web02上创建静态服务:
[root@web02 /application/nginx/conf/extra]# cat 05_img.conf
server {
listen 80;
server_name img.etiantian.org;
location / {
root html/img;
index index.html;
}
}
keepalive 高可用软件:
keepalive介绍:
1.专为LVS负载均衡软件设计的,用来管理并监控LVS集群系统中各个服务节点。后来加入了可以实现高可用的VRRP功能
2.还可以作为其他服务(例如:Nginx、Haproxy、MySQL等)
3.主要是通过VRRP协议实现高可用功能
keepalive服务的三个功能:
1.管理LVS负载均衡软件
2.实现对LVS集群节点健康检查功能
3.作为系统网络服务的高可用功能(lb01 lb02 同操作)
keepalive高可用服务搭建:
安装:
[root@lb01 ~]# yum install keepalived -y
[root@lb01 ~]# cd /etc/keepalived/
备份:
[root@lb01 /etc/keepalived]# cp keepalived.conf{,.oir}
修改配置:lb01(主)
[root@lb01 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
修改配置:lb02(备)
[root@lb02 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id LVS_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
重启:
[root@lb01 /etc/keepalived]# systemctl restart keepalived
[root@lb01 /etc/keepalived]# systemctl status keepalived
查看:
[root@lb01 /etc/keepalived]# ps -ef|grep keep|grep -v grep
[root@lb02 /etc/keepalived]# ps -ef|grep keep|grep -v grep
lb01是主,lb02是备 主能识别出ip 备就不可以 除非杀死主
[root@lb01 /etc/keepalived]# ip add |grep 10.0.0.3
inet 10.0.0.3/24 scope global secondary eth0:1
[root@lb02 /etc/keepalived]# ip add |grep 10.0.0.3
#这里没有反应就对了,因为lb02为BACKUP,当节点活着的时候,它就不会接管VIP 10.0.0.3
#同一个IP地址同一时刻应该只能出现在一台服务器上,如果同时出现了,说明高可用裂脑了,(裂脑是两台服务器争抢同一资源导致的,例如:两边都配置了同一个VIP地址)
#如何防止裂脑:
1.增加备用心跳线
2.购买智能电源(shoot the othre node in the head)爆头
(辅助设备收不到主设备的心跳,但是有可能主设备还活着,那么辅助设备直接通过这个智能电源,关闭主设备,然后辅助设备再启动,防止裂脑)
出错就看错误日志:
root@lb01 /etc/keepalived]# cat /var/log/messages