时间:2021-07-18 08:24:31 | 栏目:Nginx | 点击:次
什么是负载均衡?
当一个域名指向多台web服务器时,添加一台nginx负载均衡服务器,通过nginx负载均衡即可将来自于客户端的请求均衡的发送给每台web服务器,避免单台服务器负载过高而其余服务器较为空闲的不均衡情况出现
配置nginx负载均衡:
在nginx机器上新建配置文件:
[root@centos02 ~]# vi /etc/nginx/conf.d/test.conf
添加如下内容:
upstream test { ip_hash; server 192.168.0.10:80 weight=100; server 192.168.0.20:80 weight=50; } server { listen 80; server_name www.test.com; location / { proxy_pass http://test; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
验证nginx配置并重载:
[root@centos02 ~]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@centos02 ~]# nginx -s reload
接下来修改客户端hosts文件将测试的域名www.test.com指向到测试的nginx负载均衡机器的IP即可访问www.test.com网站。
负载均衡配置示例补充
1.根据请求的文件配置:
upstream aa { server 192.168.0.10; server 192.168.0.20; } upstream bb { server 192.168.0.100; server 192.168.0.101; } server { listen 80; server_name www.test.com; location ~ aa.php { proxy_pass http://aa/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ bb.php { proxy_pass http://bb/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location / { proxy_pass http://bb/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
请求aa.php的,会到aa组,请求bb.php的会到bb组,其他请求全部到bb组,必须要有location / {} ,否则不能正确匹配url
2.根据请求的目录配置:
upstream aa { server 192.168.0.10; server 192.168.0.20; } upstream bb { server 192.168.0.100; server 192.168.0.101; } server { listen 80; server_name www.test.com; location /dir1/ { proxy_pass http://aa/dir1/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /dir2/ { proxy_pass http://bb/dir2/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location / { proxy_pass http://bb/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
#当请求uri中匹配/dir1/,代理到aa/dir1/,匹配/dir2/或者其他时,代理到bb/dir2/
nginx配置SSL证书实现通过https协议访问网站:
SSL证书申请网站:
1.https://www.wosign.com/
2.https://freessl.cn/(免费)
#通过浏览器生成后,需要在服务器创建证书文件
创建证书文件:
[root@linux ~]# mkdir /etc/nginx/ssl [root@linux ~]# cd !$ cd /etc/nginx/ssl [root@linux ssl]# touch ca [root@linux ssl]# touch test.crt [root@linux ssl]# touch test.key
#将证书申请网站提供的对应证书的内容添加到ca/ .crt/ .key文件中即可
编辑nginx配置文件:
[root@linux ~]# vi /etc/nginx/conf.d/bbs.conf
添加如下内容:
listen 443 ssl; server_name test.bbs.com; ssl on; ssl_certificate /etc/nginx/ssl/test.crt; #定义.crt文件路径 ssl_certificate_key /etc/nginx/ssl/test.key; #定义.key文件路径 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
验证配置并重载nginx:
[root@linux ~]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@linux ~]# nginx -s reload
#接下来访问网站地址栏即可显示HTTPS
curl验证方式:
curl -k -H "host:test.bbs.com" https://192.168.234.128/index.php
#host:域名,https:// webserver IP,输出结果为网站页面标签信息即表示成功