回顾及今日内容:
1.nginx功能扩展
1.1 用户访问网站流程
1.2 nginx内置变量
1.3 location规则
1.4 if
1.5 set自定义变量
1.6 rewrite 规则
1.7 root vs alias
- 负载均衡
2.1 负载均衡与反向代理区别
2.2nginx 7层负载
2.3 nginx 7层负载
回顾及今日内容:
nginx
web服务
负载均衡(反向代理)
nginx缓存
web服务
部署:yum 编译(增加第3方模块rtmp )
配置:nginx.conf conf.d/xxxx.conf 含义
Alphabetical index of directives
Alphabetical index of variables
http://tengine.taobao.org/nginx_docs/cn/docs/dirindex.htm
l
模块:
log
core核心
日志
ssl https
rewirte
upstream
proxy
配置虚拟主机(server )
基于域名的虚拟主机 最常用
基于端口 后台 内部系统 + vpn
基于ip
nginx配置 认证 autoindex 状态
nginx location ~ ~*
nginx rewrite
nginx if
nginx root 与 alias 区别
负载均衡(反向代理)
负载均衡与反向代理区别
回顾osi7层模型
7层负载均衡 wireshark
4层负载均衡
nginx缓存
expires
proxy_cache
lnmp
php+mysql
- 负载均衡高可用
1.nginx功能扩展
1.1 用户访问网站流程
域名--->ip DNS
ip与服务器 建立连接 3次握手
http请求豹纹
服务器网站进行处理
http响应豹纹
ip与服务器 断开连接
[root@web01 /etc/nginx]# wget --debug www.baidu.com
DEBUG output created by Wget 1.14 on linux-gnu.
URI encoding = ‘UTF-8’
Converted file name 'index.html' (UTF-8) -> 'index.html' (UTF-8)
Converted file name 'index.html' (UTF-8) -> 'index.html' (UTF-8)
--2019-11-03 22:38:28-- http://www.baidu.com/
#DNS解析过程
Resolving www.baidu.com (www.baidu.com)... 61.135.169.121, 61.135.169.125
Caching www.baidu.com => 61.135.169.121 61.135.169.125
#Connecting 与网站建立连接
Connecting to www.baidu.com (www.baidu.com)|61.135.169.121|:80... connected.
Created socket 3.
Releasing 0x00000000025849a0 (new refcount 1).
#http 请求豹纹 request
---request begin---
#请求方法 $method GET/POST/HEAD(只显示响应头)
GET / HTTP/1.1 #http请求报文 起始行 $request
#$request_uri 请求中的uri
User-Agent: Wget/1.14 (linux-gnu) #用户浏览器 $http_user_agent
Accept: */*
Host: www.baidu.com #访问的域名或ip $host
Connection: Keep-Alive
#空行 POST的时候 空行下面是POST的内容
---request end---
#http 请求已经发送 ,等待响应
HTTP request sent, awaiting response...
#http响应豹纹开始 response
---response begin---
HTTP/1.1 200 OK # $status
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: Keep-Alive
Content-Length: 2381
Content-Type: text/html
Date: Sun, 03 Nov 2019 14:38:28 GMT
Etag: "588604c4-94d"
Last-Modified: Mon, 23 Jan 2017 13:27:32 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
Set-Cookie: BDORZ=27315; max-age=86400; domain=.baidu.com; path=/
---response end---
200 OK
cdm: 1 2 3 4 5 6 7 8
Stored cookie baidu.com -1 (ANY) / [expiry 2019-11-04 22:38:28] BDORZ 27315
Registered socket 3 for persistent reuse.
#httpkeepalive 长链接 keepalive_timeout 65;
Length: 2381 (2.3K) [text/html]
Saving to: ‘index.html’
100%[====================================================================>] 2,381 --.-K/s in 0.003s
2019-11-03 22:38:28 (864 KB/s) - ‘index.html’ saved [2381/2381]
1.2 nginx内置变量
http权威指南
变量名称 | 含义 |
---|---|
$method | 请求方法GET/POST/HEAD |
$request_uri | 请求中的URI部分 |
$request | 请求中的起始行 |
$http_user_agent | 客户端 |
$host | 用户请求的域名 |
$status | 状态码 |
$http_referer | 用户从哪里跳转过来的 |
1.3 location规则
- location 匹配 用户请求中的 uri的.
语法格式: | |
---|---|
默认值: | — |
上下文(功能可以放在哪里): | server , location |
location规则 | 解释 |
location / {} | 默认规则 其他的location都不匹配的时候 找/ 默认规则 |
location /doc/ {} | www.oldboyedu.com/doc/oldboy.txt www.oldboyedu.com/hsw/doc/wu01.mp4 |
location ~ xxx {} | 可以使用正则,区分大小写 |
location ~* xxx {} | 可以使用正则,不区分大小写 |
location ^~ xxx {} | 不匹配正则,优先匹配 |
location = xxx {} | 精确匹配 |
- nginx中的正则 perl正则表达式 pcre-deve (perl 兼容的正则表达式)
perl正则 man perlretut
[root@web01 ~]# cat /etc/nginx/conf.d/01-status.conf
#81
server {
listen 81;
server_name status.oldboy.com;
root /html/www;
index index.html;
location / {
return 200 "/ default\n";
}
location /doc/ {
return 200 "/doc/\n" ;
}
location ~* "\.(png|jpeg|jpg|img|bmp)$" {
return 200 "~* re 不区分大小写 图片 \n" ;
}
}
[root@web01 ~]# curl 10.0.0.7:81/oldboy/oldboy.html
/ default
[root@web01 ~]# curl 10.0.0.7:81/doc/oldboy.html
/doc/
[root@web01 ~]# curl 10.0.0.7:81/lidao/oldwang.png
~* re 不区分大小写 图片
[root@web01 ~]#
[root@web01 ~]#
[root@web01 ~]# curl 10.0.0.7:81/doc/oldboy.png
~* re 不区分大小写 图片
1.4 if
if | location | |
---|---|---|
位置 | server , location | server , location |
功能 | 配合nginx内置变量/普通变量 进行匹配 | 匹配请求uri |
条件会更多 if中可以取反 if ( $http_user_agent ~* "android | iso" ) {移动端网站} | ||
if ( $http_referer !~* "www.baidu.com|www.google.com") {return 403;} | 条件只有 location / location /xxx location ~* |
www.jd.com www.oldboyedu.com
根据用户客户端不同访问不同网站
- 如果是pc端 chrome/msie 显示正在访问pc端
- 如果是android/ios 显示 正在访问 移动端
1.5 set自定义变量
Syntax: | set $variable value |
---|---|
Default: | — |
Context: | server , location , if |
[root@web01 ~]# #想在日志里面 显示用户请求信息
http://oldboyedu.com/uri
[root@web01 ~]# #
$scheme://$host$request_uri
[root@web01 ~]# egrep -v '^$|#' /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for" $url';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /html/www;
set $url $scheme://$host$request_uri;
if ($http_user_agent ~* "chrome|msie" ) {
return 200 "正在访问pc端\n";
}
if ($http_user_agent ~* "android|ios" ) {
return 200 "正在访问移动端\n";
}
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
1.6 rewrite 规则
- 伪静态
静态页面
.html .png 只需要nginx处理 效率高
易于被搜索引擎收入 爬虫(spider/bot)
动态页面
url 含有 & ? 特殊符号 订单 留言 发布文章 动态页面需要
nginx+php/tomcat
不容易被搜索引擎收入
运营人员 与 运维 开发沟通 我想要某个页面 看起来是 静态的页面
www.oldboyedu.com/blogs/k8s01.html
伪静态: 动态页面---->静态页面
实现伪静态:rewrite /return
Syntax: | rewrite regex replacement [flag] |
---|---|
Default: | — |
Context: | server , location , if |
rewrite regex replacement [flag];
rewirte 正则(匹配uri) 替换为什么 标记;
#用户访问oldboyedu.com 自动跳转为 www.oldboyedu.com
rewrite (^.*) http://www.oldboyedu.com/$1
permenant; #301 302
sed -r 's#(xxx)#\1#g'
#如果用户的客户端是 android或ios 则把用户跳转到
m.oldboyedu.com
#eg:android或ios
#www.oldboyedu.com/oldboy.php ---->
m.oldboyedu.com/oldboy.php
if ($http_user_agent ~* "android|ios") {
rewrite (^.*) http://m.oldboyedu.com/$1 permenant;
}
- rewrite 工作案例
原始URL: http://127.0.0.1:8914/batch_no/11122asbc.jpeg
连接实现跳转到
目标:http://127.0.0.1:8914/email_open_check?
batch_no=11122asbc,这个咋实现?
分析规律
11122asbc.jpeg文件不同的文件实现连接
http://127.0.0.1:8914/email_open_check?batch_no=文件名
字
通过正则 取出url中文件的名字 在后面使用 $1 引用
rewrite ^/batch_no/([0-9A-Za-Z]+)\.jpeg
http://127.0.0.1:8914/email_open_check?batch_no=$1
permenant;
sed -r 's#xxx(.*)ooo#\1#g'
- if + rewrite工作案例
#用户浏览器类型是android 并且 用户ip范围是10.0.xx.xxx 执行
rewrite规则
if () {
if () {
}
}
##标记法
set $flag 0; 设置变量 $flag 值 0;
if ( $remote_addr ~ "^10\.0\."){
set $flag "${flag}1";
#set $flag "01"; $flag 01
#如果 ip符合规则 则 $flag的内容是01
}
if ($http_user_agent ~* "android"){ #如果用户的
客户端是android
set $flag "${flag}2";
#set $flag "012";
# set $flag 012 $flag的内容012
}
if ($flag = "012"){
return 200;
}
1.7 root vs alias
root | alias | |
---|---|---|
功能 | 指定站点目录 | 给指定的uri做别名 |
位置 | http server location if in location | location |
eg |
#
location /oldboy {
root /html/www/lidao;
}
#
location /alex {
alias /edu/bbs;
}
#root 站点目录
curl oldboyedu.com/oldboy/index.html ----
>/html/www/lidao/oldboy/index.html
#alias uri指定别名
curl oldboyedu.com/alex/alex.jpg ---->
/edu/bbs/alex.jpg
[root@web01 ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See
/usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for" $document_root';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the
/etc/nginx/conf.d directory.
# See
http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
#include /etc/nginx/conf.d/*.conf;
server {
listen 80 ;
root /html/www;
location /alex/ {
alias /edu/av/;
}
location / {
index index.html;
}
}
}
[root@web01 ~]# curl 10.0.0.7/alex/index.html
edu av
10.0.0.7 - - [03/Nov/2019:15:51:33 +0800] "GET
/alex/index.html HTTP/1.1" 200 7 "-" "curl/7.29.0" "-"
/edu/av/
[root@web01 ~]# curl 10.0.0.7/index.html
web01
10.0.0.7 - - [03/Nov/2019:15:51:49 +0800] "GET
/index.html HTTP/1.1" 200 6 "-" "curl/7.29.0" "-"
/html/www
2. 负载均衡
lb01 yum install nginx -y
web01 nginx web
web02 nginx web
windows wireshark
2.1 负载均衡与反向代理区别
负载均衡 | 反向代理 | |
---|---|---|
共同 | 用户请求 负载均衡 请求发给后端web服务器处理 处理完成最后返回给用户 | 用户请求 负载均衡 请求发给后端web服务器处理 处理完成最后返回给用户 |
区别 | 处理用户请求的时候 转发 处理完成发回给用户 | 用户请求到达反向代理 反向代理代替用户进行请求 代理 |
- OSI 7层模型
应用层 | 第7层 各种协议 http https |
---|---|
表示层 | 用户请求 负载均衡 请求发给后端web服务器处理 处理完成最后返回给用户 |
会话层 | 处理用户请求的时候 转发 处理完成发回给用户 |
传输层 | 4层 tcp/udp 端口号 |
网络层 | 3层 ip |
数据链路层 | 2层 mac地址 |
物理层 | 物理层01101010101 |
- 7层负载均衡 处理的http https 用户的url中带有 .jpg .jpeg .bmp
.xxx 进制转发到静态服务器 - 4层负载均衡 处理的端口
- lvs 4层
- nginx(nginx 1.9 后支持4层) /haproxy 4 7
2.2nginx 7层负载
#准备 nginx
lb01 10.0.0.5
web01 10.0.0.7
web02 10.0.0.8
- web01 web02
#
curl 10.0.0.[7-8]/oldboy.html
web01 www
web02 www
curl 10.0.0.[7-8]/oldboy.html
web01 blog
web02 blog
#
[root@web01 ~]# mkdir -p /html/{www,blog}
[root@web01 ~]# for n in www blog ; do echo
`hostname;hostname -I` $n >/html/$n/oldboy.html
;done
[root@web01 ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for" $document_root';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
listen 80 ;
server_name www.oldboy.com;
root /html/www;
location / {
index index.html;
}
}
server {
listen 80 ;
server_name blog.oldboy.com;
root /html/blog;
location / {
index index.html;
}
}
}
#
[root@lb01 ~]# curl 10.0.0.[7-8]/oldboy.html
[1/2]: 10.0.0.7/oldboy.html -->
--_curl_--10.0.0.7/oldboy.html
web01 10.0.0.7 172.16.1.7 www
[2/2]: 10.0.0.8/oldboy.html -->
--_curl_--10.0.0.8/oldboy.html
web02 10.0.0.8 172.16.1.8 www
[root@lb01 ~]# curl -H Host:blog.oldboy.com 10.0.0.
[7-8]/oldboy.html
[1/2]: 10.0.0.7/oldboy.html -->
--_curl_--10.0.0.7/oldboy.html
web01 10.0.0.7 172.16.1.7 blog
[2/2]: 10.0.0.8/oldboy.html -->
--_curl_--10.0.0.8/oldboy.html
web02 10.0.0.8 172.16.1.8 blog
[root@lb01 ~]#
[root@lb01 ~]# curl -v 10.0.0.7/oldboy.html
* About to connect() to 10.0.0.7 port 80 (#0)
* Trying 10.0.0.7...
* Connected to 10.0.0.7 (10.0.0.7) port 80 (#0)
> GET /oldboy.html HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 10.0.0.7
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.12.2
< Date: Sun, 03 Nov 2019 09:14:10 GMT
< Content-Type: text/html
< Content-Length: 30
< Last-Modified: Sun, 03 Nov 2019 09:13:22 GMT
< Connection: keep-alive
< ETag: "5dbe9a32-1e"
< Accept-Ranges: bytes
<
web01 10.0.0.7 172.16.1.7 www
* Connection #0 to host 10.0.0.7 left intact
[root@lb01 ~]#
[root@lb01 ~]# curl -v -H Host:blog.oldboy.com
10.0.0.7/oldboy.html
* About to connect() to 10.0.0.7 port 80 (#0)
* Trying 10.0.0.7...
* Connected to 10.0.0.7 (10.0.0.7) port 80 (#0)
> GET /oldboy.html HTTP/1.1
> User-Agent: curl/7.29.0
> Accept: */*
> Host:blog.oldboy.com
>
< HTTP/1.1 200 OK
< Server: nginx/1.12.2
< Date: Sun, 03 Nov 2019 09:14:46 GMT
< Content-Type: text/html
< Content-Length: 31
< Last-Modified: Sun, 03 Nov 2019 09:13:22 GMT
< Connection: keep-alive
< ETag: "5dbe9a32-1f"
< Accept-Ranges: bytes
<
web01 10.0.0.7 172.16.1.7 blog
* Connection #0 to host 10.0.0.7 left intact
2.3 nginx 7层负载
- upstream 创建池塘
- proxy 代理 proxy_pass
http {
upstream web_pools {
server 10.0.0.7:80;
server 10.0.0.8:80;
}
server {
listen 80;
server_name www.oldboy.com;
location / {
proxy_pass http://web_pools;
}
}
}
[root@lb01 ~]# curl 10.0.0.5/oldboy.html
web01 10.0.0.7 172.16.1.7 www
[root@lb01 ~]# curl 10.0.0.5/oldboy.html
web02 10.0.0.8 172.16.1.8 www
[root@lb01 ~]# curl 10.0.0.5/oldboy.html
web01 10.0.0.7 172.16.1.7 www
[root@lb01 ~]# curl 10.0.0.5/oldboy.html
web02 10.0.0.8 172.16.1.8 www
[root@lb01 ~]# curl 10.0.0.5/oldboy.html
web01 10.0.0.7 172.16.1.7 www
- nginx 负载均衡多个虚拟主机故障
[root@lb01 ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user
[$time_local] "$request" '
'$status $body_bytes_sent
"$http_referer" '
'"$http_user_agent"
"$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
upstream web_pools {
server 10.0.0.7:80;
server 10.0.0.8:80;
}
server {
listen 80;
server_name www.oldboy.com;
location / {
proxy_pass http://web_pools;
proxy_set_header Host $host;
#修改 反向代理 向后端 服务器 请求的请求头
}
}
server {
listen 80;
server_name blog.oldboy.com;
location / {
proxy_pass http://web_pools;
proxy_set_header Host $host;
}
}
}
4层负载均衡
nginx缓存
expires
proxy_cache
lnmp
php+mysql
- 负载均衡高可用 keepalived
面试: - 综合架构 nginx
- 数据库 : 故障 及 排查故障
- docker