nginx反向代理負載均衡

1.反向代理概述

反向代理（Reverse Proxy）方式是指以代理服務器來接受internet上的連接請求，然後將請求轉發給內部網絡上的服務器，並將從服務器上得到的結果返回給internet上請求連接的客戶端，此時代理服務器對外就表現爲一個反向代理服務器。

環境準備:

主機名	IP地址	角色	系統
web-node1.com	eth0:192.168.90.201	web-node1節點	CentOS7.2
web-node2.com	eth0:192.168.90.202	web-node2節點	CentOS7.2
lb-node1.com	eth0:192.168.90.203	Nginx反向代理	CentOS7.2

2.Node節點部署

在兩臺web-node節點中均使用Yum安裝一個Apache用於做真實機，監聽8080端口

web-node1.com部署

[root@web-node1 ~]# rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
[root@web-node1 ~]# yum install -y gcc glibc gcc-c++ make screen tree lrzsz
##部署web-node1 httpd服務
[root@web-node1 ~]# yum install -y httpd
[root@web-node1 ~]# sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
[root@web-node1 ~]# systemctl start httpd
[root@web-node1 ~]# echo "web-node1.com" > /var/www/html/index.html
[root@web-node1 ~]# curl  http://192.168.90.201:8080/
web-node1.com

web-node2.com部署

[root@web-node1 ~]# rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
[root@web-node1 ~]# yum install -y gcc glibc gcc-c++ make screen tree lrzsz
##部署web-node2 httpd服務
[root@web-node1 ~]# yum install -y httpd
[root@web-node1 ~]# sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
[root@web-node1 ~]# systemctl start httpd
[root@web-node1 ~]# echo "web-node2.com" > /var/www/html/index.html
[root@web-node1 ~]# curl  http://192.168.90.202:8080/
web-node2.com

3.反向代理部署

Nginx 源碼編譯安裝，使其支持4層，並監聽80端口

1. [root@lb-node1 ~]# useradd -s /sbin/nologin -M www

2. [root@lb-node1 ~]# cd /usr/local/src/

3. [root@lb-node1 src]# wget http://nginx.org/download/nginx-1.10.2.tar.gz

4. [root@lb-node1 src]# tar xf nginx-1.10.2.tar.gz

5. [root@lb-node1 src]# cd nginx-1.10.2

6. [root@lb-node1 nginx-1.10.2]# ./configure --prefix=/usr/local/nginx-1.10.2 \

7. --user=www --group=www --with-http_ssl_module \

8. --with-http_stub_status_module --with-file-aio --with-stream

9. [root@lb-node1 nginx-1.10.2]# make && make install

10. [root@web-node1 ~]# ln -s /usr/local/nginx-1.10.2/ /usr/local/nginx

11. ## 測試配置並啓動Nginx

12. [root@lb-node1 ~]# /usr/local/nginx/sbin/nginx -t

13. nginx: the configuration file /usr/local/nginx-1.10.2/conf/nginx.conf syntax is ok

14. nginx: configuration file /usr/local/nginx-1.10.2/conf/nginx.conf test is successful

15. [root@lb-node1 ~]# /usr/local/nginx/sbin/nginx

3.1配置Nginx7層反向代理

1.配置Nginx反向代理

1. ##http段配置

2.    upstream web-cluster {

3.        # ip_hash;

4.        server 192.168.90.201:8080 weight=1 max_fails=3 fail_timeout=3;

5.        server 192.168.90.202:8080 weight=1 max_fails=3 fail_timeout=3;

6.    }

8.    server {

9.        listen 80;

10.        server_name 192.168.90.203;

11.    location / {

12.        proxy_pass http://web-cluster;

13.        include proxy.conf;

14.        }

16.    }

測試代理

1. [root@lb-node1 ~]# curl http://192.168.90.203/

2. web-node1.com

3. [root@lb-node1 ~]# curl http://192.168.90.203/

4. web-node2.com

5. [root@lb-node1 ~]# curl http://192.168.90.203/

6. web-node1.com

7. [root@lb-node1 ~]# curl http://192.168.90.203/

8. web-node2.com

2.通過分組方式，以及User-agent實現不同代理

1. #http段配置

2.         upstream static-cluster {

3.                server 192.168.90.201:8080 weight=1 max_fails=3 fail_timeout=3;

4.        }

5.         upstream dynamic-cluster {

6.                server 192.168.90.202:8080 weight=1 max_fails=3 fail_timeout=3;

7.        }

8.         upstream default-cluster {

9.                server 192.168.90.202:8080 weight=1 max_fails=3 fail_timeout=3;

10.        }

  #需要配置本地host解析測試
        server {
                listen 80;
                server_name nginx.jiege.com;
        location / {
        if ($http_user_agent ~* "Firefox"){
                    proxy_pass http://static-cluster;
                    }
        if ($http_user_agent ~* "Chrome") {
            proxy_pass http://dynamic-cluster;
            }
        proxy_pass http://default-cluster;
            }
     }

測試分組

##默認瀏覽器交給default處理[root@lb-node1 ~]# curl http://nginx.jiege.com
 web-node2.com
 火狐瀏覽器交給static-cluster處理
 谷歌瀏覽器交給dynamic-cluster處理
 

 
 配置ssh以及msql反向代理

stream {
        upstream ssh_proxy {
        hash $remote_addr consistent;
        server 192.168.90.201:22;
    }
        upstream mysql_proxy {
        hash $remote_addr consistent;
        server 192.168.90.202:3306;
        }
    server {
    listen 2222;
    proxy_connect_timeout 1s;
        proxy_timeout 300s;
        proxy_pass ssh_proxy;
    }
    server {
    listen 3333;
    proxy_connect_timeout 1s;
        proxy_timeout 300s;
        proxy_pass mysql_proxy;
        }
  }

2222端口代理至於node1的SSH、3333端口代理至於node2的MYSQL

1. ## 測試連接ssh

2. [root@lb-node1 ~]# ssh -p2222 root@192.168.90.203

3. root@192.168.90.203's password:

4. Last login: Wed Oct 19 11:53:04 2016 from 192.168.80.143

5. [root@web-node1 ~]#

7. ## 測試連接mysql

8. [root@lb-node1 ~]# mysql -h192.168.90.203 -uroot -p1 -P3333

9. Welcome to the MariaDB monitor.  Commands end with ; or \g.

10. Your MariaDB connection id is 273

11. Server version: 5.5.47-MariaDB MariaDB Server

13. Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

15. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

17. MariaDB [(none)]>