centos7 upstream+反向代理实现负载均衡

Posted fengxiuqiao

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos7 upstream+反向代理实现负载均衡相关的知识,希望对你有一定的参考价值。

 

 

拓扑图如下:

技术分享图片

upstream按照轮询(默认)方式进行负载,每个请求按时间顺序逐一分配到不同的后端服务器,如果后端服务器down掉,能自动剔除。虽然这种方式简便、成本低廉。但缺点是:可靠性低和负载分配不均衡。适用于图片服务器集群和纯静态页面服务器集群。

1、在192.168.40.23安装nginx、关掉firewalld selinx

2、配置/etc/nginx/nginx.conf

# For more information on configuration, see:

# * Official English Documentation: http://nginx.org/en/docs/

# * Official Russian Documentation: http://nginx.org/ru/docs/

 

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

 

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

 

events {

worker_connections 1024;

}

 

http {

log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘

‘$status $body_bytes_sent "$http_referer" ‘

‘"$http_user_agent" "$http_x_forwarded_for"‘;

 

access_log /var/log/nginx/access.log main;

 

sendfile on;

tcp_nopush on;

tcp_nodelay on;

keepalive_timeout 65;

types_hash_max_size 2048;

 

include /etc/nginx/mime.types;

default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.

# See http://nginx.org/en/docs/ngx_core_module.html#include

# for more information.

include /etc/nginx/conf.d/*.conf;

 

upstream svw {

server 192.168.40.21 weight=50;

server 192.168.40.22 weight=50;

} #upstream按照轮询(默认)方式进行负载

 

server {

listen 8080 default_server;

# listen [::]:80 default_server;

server_name _;

# root /usr/share/nginx/html;

 

# Load configuration files for the default server block.

# include /etc/nginx/default.d/*.conf;

 

# location / {

# }

location / {

client_max_body_size 1025m;#上传文件报文大小限制

proxy_pass http://svw;

}

 

error_page 404 /404.html;

location = /40x.html {

}

 

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

}

3、systemctl start nginx

4、防火墙NAT转换

技术分享图片

5、防火墙做NAT,可在内网访问本网站;(注意)

技术分享图片

6、绑定域名,添加A记录;即可

技术分享图片

 

技术分享图片

7、添加https证书

server {

listen 443 ssl;

server_name _;

ssl on;

ssl_certificate cert/214542036950782.pem;

ssl_certificate_key cert/214542036950782.key;

ssl_session_timeout 5m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

location / {

client_max_body_size 1025m;

proxy_pass http://svw;

}

}

}

以上是关于centos7 upstream+反向代理实现负载均衡的主要内容,如果未能解决你的问题,请参考以下文章

Nginx:--反向代理之(负载均衡-upstream模块)

Nginx:--反向代理之(负载均衡-upstream模块)

nginx反向代理(proxy)与负载均衡(upstream)以及健康状态监测。

Nginx安装 配置反向代理 负载均衡 upstream ssl证书提供https访问 ha nginx keepalived双主热备 LVS实现高可用负载 Keepalived+Lvs+Nginx

nginx反向代理和负载均衡的实现

Linux Centos7 实现nginx的七层负载均衡和动静分离