nginx负载均衡后端RS中获取真实ip
前端proxy配置
####################
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream backend {
server 10.0.0.3:80 max_fails=3 fail_timeout=30s;
server 10.0.0.4:80 max_fails=3 fail_timeout=30s;
}
server {
listen 80;
server_name www.lvnian.com lvnian.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
##上面四个是记录真实IP,以及可以区分后端不同业务的配置
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
#####################################
server {
listen 80;
server_name bbs.lvnian.com lvnian.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
##上面四个是记录真实IP,以及可以区分后端不同业务的配置
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
##################################################
后端RS配置
##################################################
##################################################
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.lvnian.com;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
#########
set_real_ip_from 10.0.0.0/24;
real_ip_header X-Forwarded-For;
######这两个参数是记录真实IP的
}
###########
server {
listen 80;
server_name bbs.lvnian.com;
location / {
root bbs;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
#########
set_real_ip_from 10.0.0.0/24;
real_ip_header X-Forwarded-For;
######这两个参数是记录真实IP的
}
}
##################################################
##################################################
注意:
RS的日志格式中也需要指定记录客户端IP才可以。
##################################################
如果后端RS添加记录真实的IP之后,语法检查无法通过,可能是--with-http_realip_module 模块没有安装。
在已经安装的nginx服务上门,添加nginx模块方法如下
##添加新模块
1.查看nginx编译安装时的命令,安装了哪些模块
/application/nginx/sbin/nginx -V
2.加入需要安装的模块,重新编译
pkill nginx
cd /home/lvnian/tools/nginx-1.6.2
./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.2 --with-http_stub_status_module --with-http_realip_module --with-http_ssl_module
make
make就可以了,但是不要make install,否则会覆盖
make
3. 替换nginx二进制文件:
cp /app/nginx/sbin/nginx /app/nginx/sbin/nginx.bak
cp ./objs/nginx /app/nginx/sbin/
4.启动nginx
/application/nginx/sbin/nginx -V
/application/nginx/sbin/nginx -t
/application/nginx/sbin/nginx
#######################################################
pkill nginx
cd /home/lvnian/tools/nginx-1.6.2
./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.2 --with-http_stub_status_module --with-http_realip_module --with-http_ssl_module
make
cp /application/nginx/sbin/nginx /application/nginx/sbin/nginx.bak
cp objs/nginx /application/nginx/sbin/nginx
/application/nginx/sbin/nginx -V
/application/nginx/sbin/nginx -t