Shulou(Shulou.com)06/02 Report--

1. Introduction

1.1 Nginx is not only an excellent web software, but its seven-tier proxy and load balancing are also excellent. Nginx acts as a front-end proxy. When a user requests a service, it can be judged according to url and then assigned to different backend webserver.

1.2 principle of Nginx load balancing: first, configure the pool named proxy-web in the http module that uses the upstream module to define the background webserver. In the pool, we can add multiple background webserver, in which the status check and scheduling algorithm are all configured in the pool. Then the virtual host is defined in the serverr module, but the virtual host does not specify its own web directory site. It will match the url with location, then forward it to the web pool defined above, and finally forward it to the background web server according to the scheduling policy.

two。 Introduction of load balancing configuration items

2.1 introduction of upstream scheduling algorithm

(1) rr polling (default)

It is assigned to each RS according to the request order. Like the rr algorithm in lvs, if the RS goes down, it will be automatically deleted. By default, only port 80 will be detected. If the RS reports 402,403,503,504 errors, it will be returned directly to the client.

(2) weight (weight)

Add the weight to the rr (default is rr+weight). The weight polling is proportional to the access. The larger the value, the more the allocation. You can set the weight according to the configuration of the server, which can solve the problem of uneven performance of the server.

(3) ip_hash

Solve the problem of session sharing of dynamic web pages

Each access request is allocated according to the hash value of the IP address. As long as the hash value of ip is the same, it will be assigned to the same server (- p parameter of lvs load balancer, persistence_timeout 50 in keepalived configuration). This scheduling algorithm can solve the problem of session sharing of dynamic web pages, but sometimes leads to uneven distribution of requests.

Tip: since nat mode is used in China, hash is not suitable for use.

Ip_hash cannot be used with other algorithms, that is, it cannot make weight or backup

(4) fair (third party)

Configure according to the response time of the back-end server. The priority allocation of short response time is more intelligent than the above. This algorithm can intelligently balance the load according to the page size and loading time. Nginx itself does not support fair, so you need to download the upstrea_fair module of nginx.

(5) url_hash (third party)

Mainly used on the cache server

Allocate the request according to the url accessed, and direct the same url to the same server. When the backend server is the cache server, the effect is more significant. Add the hash statement to the upstream, weight and other parameters cannot be written in the server statement. Hash_method is the hash algorithm used.

Cons: if a machine goes down, it will be hard. Consistent_hash can solve this problem.

It can improve the efficiency of the back-end cache server. Nginx itself does not support url_hash, so you need to download hash software.

(6) least_conn

The minimum number of connections, which is assigned to the device with fewer connections.

(7) consistent_hash

Consistency algorithm

2.2 introduction to upstream Health check configuration

Upstream proxy_nginx {server 192.168.0.254 weight=1 max_fails=2 fail_timeout=10s; server 192.168.0.253 weight=2 max_fails=2 fail_timeout=10s; server 192.168.0.252 backup; server 192.168.0.251 down;}

Server 192.168.0.254: backend RS, which can be a domain name or IP. The default is port 80, or you can add: 80 to specify

Wight = 1 weight ratio defaults to 1

The maximum number of failed max_fails=2 health checks. If the number exceeds this number, the RS is not available. The default value of 1p0 indicates that failed attempts are prohibited. The production environment is generally set up 2 times and 3 times.

Timeout of fail_timeout=10s failure. Default is 10s.

Backup hot backup configuration, which starts automatically when all the previous RS is unavailable

Down indicates that the service will never be available

Note: the lower the max_fails setting, the better the user experience, but there is also a disadvantage that the proxy may misjudge the status of the RS, and the less RS, the greater the probability of miscalculation, which will have a great impact on the business. It is recommended to set this value to a higher value when the number of RS is small.

2.3 introduction to the usage of location instructions

Location is mainly used to match url, such as http://www.beyond.com/nice, where www.beyond.com is the domain name and / nice is url for location.

For url matching, you can use a string or regular expression, but if it is a regular expression, you must specify a prefix and location instruction to match different url, and apply a different configuration after the match is successful

Syntax: location [= | ~ | ~ * | ^ ~ | @] / url {… ..}

[=] exact match. If you find something that matches the equal sign, stop the search immediately and process the request immediately (highest priority)

[~] matches regular expressions and is case-sensitive

[^ ~] only matches strings, does not match regular expressions, and is mainly used to match directories

[~ *] matches regular expressions and is case-insensitive

[@] specify a named location, which is generally only applied to internal redirect requests, location @ name {}

Example:

Worker_processes 1 leads events {worker_connections 1024;} http {include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server {listen 80; server_name www.beyond.com;#No.1 location / {return 502;} # No.3 location ~ *\ .jpg$ {return 403;} # No.4 location ^ / a / {return 402 } # No.5 location / a/1.jpg {return 401;} # No.6 location = / a/.jpg {return 400;}

Summary:

Matching order:

1) match ordinary url first, but continue to match regular after matching

The internal matching rule is the maximum matching prefix, that is, location / data/123 {} takes precedence over location / data {}, which has nothing to do with the location order of location. After the match, the maximum match prefix will be used to continue to match the following regular match

2) regular matching

Regular matching has nothing to do with the positional order, but it has something to do with the logical order, and the maximum matching will prevail (the more accurate, the better)

3) the execution logic of location basically has nothing to do with the order; but for regular matching, matching the first url will not continue to match the subsequent url.

In this case, if there is no regular match on the ordinary localtion, the normal match is used; if there is both the maximum prefix match of the ordinary location and the regular match, the regular match overrides the maximum prefix match.

4) after matching "normal location", sometimes you need to continue to match "regular location", and sometimes you do not need to continue to match "regular location".

In both cases, there is no need to continue to match regular location: (1) when "^ ~" is specified in front of the ordinary location, specifically telling Nginx that once the ordinary location matches, there is no need to continue regular matching; (2) when the ordinary location happens to match strictly, not the maximum prefix match, then no longer continue to match regular.

2.4 introduction of proxy Modul

Nginx forwarding module is ngx_http_proxy_module, which is installed by default and can be used directly.

Proxy_pass this directive is used to forward the url matched by location to the serve pool.

Syntax: proxy_pass URL

Note: when using this instruction, you should pay attention to whether URI is included in URL. If URI,nginx is not included in the URL, the uri of the original address will not be changed. If uri is included, the new uri will be used instead of the original uri.

Such as:

Location / test {# 1 proxy_pass http://1.1.1.1;#2 proxy_pass http://1.1.1.1/tmp;}

If you use 1, the original url will not be changed, and the proxy will be followed by http://1.1.1.1/test

If you use 2, the original url will become http://1.1.1.1/tmp

Therefore, we need to pay attention to the problem of adding "/" at the end of url when configuring.

Parameters:

Proxy_ignore_client_abort on | off is used to set whether nginx interrupts the request to the proxied server when the client interrupts the network request. The default is off.

Proxy_headers_hash_max_size size sets the size of the hash table of the http header. The default is 512.

Proxy_headers_hash_bucket_size size sets the size of the hash table capacity of the application for storing http headers. Default is 64 characters.

Client_body_buffer_size client request cache size, which can be understood as saving locally before passing to the user

The timeout of proxy_connect_timeout time and RS links. Default is 60s.

The time for proxy_send_timeout time RS to send back data must be completed within this time period, otherwise it will be disconnected.

The time proxy_read_timeout time waits for RS to respond, indicating that the connection has been successful and is queuing

Proxy_buffering on | whether to enable off. Proxy buffer defaults to on.

Proxy_buffer_size cache size, which is equal to the instruction proxy_buffers by default. The default size is 4K or 8K.

The number and size of proxy_buffers number size buffers. The response information obtained from RS will be placed in the buffer. Default is 8.4k. | 8K |

The proxy_buffers size that can be used when the proxy_busy_buffers_size system is very busy. The official recommended size is twice that of proxy_buffers. The default is 8K or 16K.

Proxy_temp_path path [level 1 [level 2]] specifies a file path on disk to temporarily store the large volume response data of the proxy server. If the buffer is full but the response data is still not fully received by nginx, the response data will be temporarily stored in the file.

Proxy_max_temp_file_size is used to configure the total volume size of all temporary files

Proxy_temp_file_write_size is used to configure the amount of data that is written to the cache temporary file at the same time

Proxy_set_header host $host needs to be specified one by one when RS has multiple virtual hosts

Proxy_set_header X-Forwarded-For $remote_addr turns on the load balancer to forward the real customer's IP address to RS.

Note:

"proxy_set_header" when our RS has multiple virtual hosts (the same ip, the same port), such as www, bbs, blog, how does the proxy server know where to send the request? at this time, the nginx agent will look up the proxy_set_header parameter and send the request to the virtual host of the corresponding domain name.

3.nginx load balancer configuration case

1. There are three domain names: www.beyond.com bbs.beyond.com film.beyond.com, and four webserver are responsible for providing services

two。 There is a mailserver and cloud server on a server.

Planning:

Web1 192.168.254.251 BBS 、 film

Web2 192.168.254.252 BBS 、 film

Web3 192.168.254.253 BBS 、 film

Web4 192.168.254.254 www, load balancer

Web5 192.168.254.250 mail cloud

Note: web4 is a load balancer and is also responsible for parsing www sites. Web1, web2, and web3 are responsible for parsing bbs and film sites. Mail and cloud are on the same device and are also web sites

The installation of Nginx is short. If you need it, you can see this tutorial https://www.jb51.net/article/128758.htm.

Now list the configuration files of web4's nginx for reference.

Nginx.conf:user nginx;worker_processes 4 error error log logs/error.log;pid logs/nginx.pid;events {use epoll; worker_connections 1024; http {include mime.types; default_type application/octet-stream; server_tokens off; sendfile on; tcp_nopush on; keepalive_timeout 65; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; client_header_buffer_size 32k; large_client_header_buffers 4 128k Client_max_body_size 10m; gzip on; gzip_min_length 1k; gzip_buffers 48k; gzip_http_version 1.1; gzip_comp_level 6; gzip_vary on; gzip_types text/javascript text/plain application/x-javascript text/css application/xml; log_format main'$http_host $http_x_forwarded_for ${request_time} s [$time_local] "$request" $status $body_bytes_sent $http_referer $http_user_agent $remote_addr' Include vhosts/*.conf; # one configuration file for each virtual host include upstream.conf; # stores web's background server fastcgi_intercept_errors on;} Vhosts/ {bbs,film,www,cloud,mail} .conf: server {listen 80; server_name bbs.beyond.com; index index.php; location / {proxy_pass http://web; proxy_set_header host $host Proxy_set_header X-Forwarded-For $remote_addr; client_body_buffer_size 4K; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4K; proxy_buffers 4 32K; proxy_busy_buffers_size 64K; proxy_temp_file_write_size 64K;} server {listen 80; server_name cloud.beyond.com; index index.php Location / {proxy_pass http://192.168.254.250:8000; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; client_body_buffer_size 4K; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4K; proxy_buffers 4 32K; proxy_busy_buffers_size 64K; proxy_temp_file_write_size 64K }} server {listen 80; server_name film.beyond.com; index index.php; location / {proxy_pass http://web; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; client_body_buffer_size 4K; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4K; proxy_buffers 4 32K Proxy_busy_buffers_size 64K; proxy_temp_file_write_size 64K;}} server {listen 80; server_name mail.beyond.com; index index.php; location / {proxy_pass http://192.168.254.250:80; proxy_set_header host $host; proxy_set_header X-Forwarded-For $remote_addr; client_body_buffer_size 4K; proxy_connect_timeout 90 Proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4K; proxy_buffers 4 32K; proxy_busy_buffers_size 64K; proxy_temp_file_write_size 64K;} server {listen 80; server_name monitor.beyond.com; index index.php; location / {proxy_pass http://192.168.254.220; proxy_set_header host $host Proxy_set_header X-Forwarded-For $remote_addr; client_body_buffer_size 4K; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4K; proxy_buffers 4 32K; proxy_busy_buffers_size 64K; proxy_temp_file_write_size 64K;} server {listen 80; server_name www.beyond.com Root / usr/local/nginx/html/www; index index.html; access_log logs/current/www.beyond.com-access.log main; error_log logs/current/www.beyond.com-error.log; error_page 500 501 502 503 504 / error/5-error.html; error_page 400 403 405 408 410 411 412 413 414 415 / error/4-error.html; location ~. *\. (gif | jpg | jpeg | png | bmp | swf) ${expires 30d } location ~. *\. (js | css | javascript | fluash) ${expires 24h;} location / error {root / usr/local/nginx/logs/error;}}

Note that each server is a .conf file

Upstream.conf file:

Upstream web {server 192.168.254.253 weight=1 max_fails=2 fail_timeout=10s; server 192.168.254.252 weight=1 max_fails=2 fail_timeout=10s; server 192.168.254.251 weight=1 max_fails=2 fail_timeout=10s;}

The above is the whole content of this article, I hope it will be helpful to your study, and I also hope that you will support it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.