nginx集群高可用部署配置说明

nginx集群高可用部署配置说明

#user  nobody;
#nginx 进程数，建议按照cpu 数目来指定，一般为它的倍数 (如,2个四核的cpu计为8)。
worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
pid        logs/nginx.pid;
#nginx 进程打开的最多文件描述符数目,最好与ulimit -n 的值保持一致
worker_rlimit_nofile 65535;

events {
	#使用epoll 的I/O 模型
	use epoll;
	#每个进程允许的最多连接数， 理论上每台nginx 服务器的最大连接数为worker_processes*worker_connections
    worker_connections  65535;
	accept_mutex on;
    multi_accept on;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
	server_names_hash_bucket_size 128;
    server_names_hash_max_size 512;
	#客户端请求头部的缓冲区大小，这个可以根据你的系统分页大小来设置，一般一个请求头的大小不会超过1k，不过由于一般系统分页都要大于1k，所以这里设置为分页大小。分页大小可以用命令getconf PAGESIZE 取得。
    client_header_buffer_size 8k;
    large_client_header_buffers 8 256k;
    client_max_body_size 2048m;
    client_header_timeout 60s;
    client_body_timeout 60s;
    client_body_buffer_size 512k;

    ##缓存cache参数配置##  
    proxy_connect_timeout 900;  
    proxy_read_timeout 900;  
    proxy_send_timeout 900;  
    proxy_buffer_size 256k;  
    proxy_buffers 4 128k;  
    proxy_busy_buffers_size 256k;  
    proxy_temp_file_write_size 256k; 
    
    #缓存到nginx的本地目录  
    proxy_temp_path  tmp/www;  
    proxy_cache_path tmp/cache_cas levels=1:2 keys_zone=cache_cas:200m inactive=1d max_size=10g;
	
    ##end##  

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
	#日志格式化
	log_format main
                 '$remote_addr - $remote_user [$time_local] "$request" '
                 '$status $body_bytes_sent $http_x_forwarded_for '
                 'upstream_addr:$upstream_addr '
                 'req_body:$request_body'
                 'request_time:$request_time';
				 
    #access_log  logs/access.log  main;

    sendfile        on;
    tcp_nopush     on;
	#keepalive 超时时间(s)。
    keepalive_timeout  60;
	keepalive_requests 50000;
	
	send_timeout 15;
	
	fastcgi_cache_path tmp/fastcgi_cache levels=1:2 keys_zone=TEST:10m inactive=5m;
    fastcgi_connect_timeout 900;
    fastcgi_send_timeout 900;
    fastcgi_read_timeout 900;
    fastcgi_buffer_size 256k;
    fastcgi_buffers 16 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    #fastcgi_cache TEST;
    fastcgi_cache_valid 200 302 1h;
    fastcgi_cache_valid 301 1d;
    fastcgi_cache_valid any 1m;
    fastcgi_cache_min_uses 1;
    fastcgi_cache_use_stale error timeout invalid_header http_500;  
    open_file_cache max=204800 inactive=20s;
    open_file_cache_min_uses 1;
    open_file_cache_valid 30s; 
	
	tcp_nodelay on;
	
    gzip  on;	#表示允许压缩的页面最小字节数，页面字节数从header头的Content-Length中获取。默认值是0，表示不管页面多大都进行压缩，建议设置成大于1K。如果小于1K可能会越压越大
    gzip_min_length 1k;
    #压缩缓存区大小
    gzip_buffers 4 32k;
    #压缩版本
    gzip_http_version 1.0;
    #压缩比率
    gzip_comp_level 9;
    #指定压缩的类型
    gzip_types text/plain application/x-javascript text/css application/xml;
    #vary header支持
    gzip_vary on;
    #隐藏Nginx版本号
    server_tokens off;
	
	map $http_upgrade $connection_upgrade {
	default upgrade;
	'' close;
    }
	
	#负载均衡算法
	#sticky：基于cookie的一种nginx的负载均衡
	#ip_hash:基于Hash 计算(应用场景：保持session 一至性)
	#url_hash：第三方（应用场景：静态资源缓存,节约存储，加快速度）
	#least_conn：最少链接
	#east_time：最小的响应时间,计算节点平均响应时间，然后取响应最快的那个，分配更高权重。
	upstream cas {
		sticky;
		server 192.168.200.87:6443 weight=2 max_fails=3 fail_timeout=30s;
		server 192.168.200.113:443 weight=2 max_fails=3 fail_timeout=30s;
		server 192.168.200.113:8443 weight=2 max_fails=3 fail_timeout=30s;
    }
	upstream portal {
		ip_hash;
		server 192.168.4.100:80 weight=2 max_fails=3 fail_timeout=30s;
		server 192.168.200.43:80 weight=2 max_fails=3 fail_timeout=30s;
    }   
	
	# HTTPS server
	server {
		listen 443 ssl;
		server_name sfrz.ltz.mtn;
		ssl on;
		ssl_certificate /opt/gdsapp/cluster/nginx-1-13-11/cacerts/sfrz.ltz.mtn.pem;
		ssl_certificate_key /opt/gdsapp/cluster/nginx-1-13-11/cacerts/sfrz.ltz.mtn.key;
		access_log  logs/cas.access.log  main;
		error_log  logs/cas.error.log  info;
		location ~ ^/(images|javascript|js|css|flash|media|static|jpg|jpeg|png|ico|map|json)/ {
			proxy_pass https://cas;
			proxy_redirect off;
			proxy_cache_valid 200 302 404 202 30d;
			proxy_cache_valid any 5m;
			proxy_cache cache_cas;
			expires 360d;
		}
        location / {
			proxy_connect_timeout 900;  
			proxy_read_timeout 900;  
			proxy_send_timeout 900;  
			proxy_buffer_size 256k;  
			proxy_buffers 4 128k;  
			proxy_busy_buffers_size 256k;  
			proxy_temp_file_write_size 256k; 
			proxy_set_header   Host   $host:$server_port;
			proxy_set_header   X-Real-IP  $remote_addr;
			proxy_set_header   X-Forwarded-For	$proxy_add_x_forwarded_for;
			proxy_ssl_session_reuse  off;
			
			# these two lines here
			proxy_http_version 1.1;
			proxy_set_header Connection "";
			
			proxy_pass https://cas;
        }
    }
	
	server {
        listen  80;
        server_name  mhgl.ltz.mtn;
		access_log  logs/portal.access.log  main;
		error_log  logs/portal.error.log  info;
        location ~ ^/(images|javascript|js|css|flash|media|static|jpg|jpeg|png|ico|map|json|rs|scripts)/ {
			proxy_pass http://portal;
			proxy_redirect off;
			proxy_cache_valid 200 302 404 202 30d;
			proxy_cache_valid any 5m;
			proxy_cache cache_cas;
			expires 360d;
		}
        location / {
			proxy_pass http://portal;
			proxy_set_header   Host   $host:$server_port;
			proxy_set_header   X-Real-IP  $remote_addr;
			proxy_set_header   X-Forwarded-For	$proxy_add_x_forwarded_for;
			proxy_ssl_session_reuse  off;
        }
    }
	
	#server {
    #    listen  80;
    #    server_name  localhost;
    #    #charset koi8-r;
    #    #access_log  logs/host.access.log  main;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #    #error_page  404              /404.html;
    #    # redirect server error pages to the static page /50x.html
    #    #
    #    error_page   500 502 503 504  /50x.html;
    #    location = /50x.html {
    #        root   html;
    #    }
    #}

}