WHCSRL 技术网

反向代理与负载均衡_m0

1 nginx实现反向代理与负载均衡

  • nginx通常被用作后端服务器的反向代理,这样就可以很方便的实现动静分离以及负载均衡,从而大大提高服务器的处理能力。

  • nginx实现动静分离,其实就是在反向代理的时候,如果是静态资源,就直接从nginx发布的路径去读取,而不需要从后台服务器获取了。

  • 但是要注意,这种情况下需要保证后端跟前端的程序保持一致,可以使用Rsync做服务端自动同步或者使用NFS、MFS分布式共享存储。

  • Http Proxy模块,功能很多,最常用的是proxy_passproxy_cache

  • 如果要使用proxy_cache,需要集成第三方的ngx_cache_purge模块,用来清除指定的URL缓存。这个集成需要在安装nginx的时候去做,如:
    ./configure --add-module=../ngx_cache_purge-1.0

  • nginx通过upstream模块来实现简单的负载均衡,upstream需要定义在http段内

  • upstream段内,定义一个服务器列表,默认的方式是轮询,如果要确定同一个访问者发出的请求总是由同一个后端服务器来处理,可以设置ip_hash,如:

upstream idfsoft.com {							#此字段要写在server字段的前面
  ip_hash;
  server 127.0.0.1:9080 weight=5;				
  server 127.0.0.1:8080 weight=5;
  server 127.0.0.1:1111;
}
upstream webservers{
        server 192.168.200.151 weight=3;    #weight表示访问三次151的web页面后访问一次145的web页面
        server 192.168.200.145;

    }

//这个方法本质还是轮询,而且由于客户端的ip可能是不断变化的,比如动态ip,代理,翻墙等,因此ip_hash并不能完全保证同一个客户端总是由同一个服务器来处理。

//定义好upstream后,需要在server段内添加如下内容
server {
  location / {
    proxy_pass http://webservers;				#这里要和upstream段配置的域名一致
  }
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20

2. Nginx实现负载均衡和动静分离

环境说明:

主机IP服务
LB192.168.200.144nginx
RS1192.168.200.145lnmp
RS2192.168.200.151apache

在RS1上测试是否能够访问到apache页面

3在RS1上安装LNMP

3.1 安装nginx

//关闭防火墙
[root@RS1 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/1disabled/g' /etc/selinux/config
[root@RS1 ~]# setenforce 0

安装nginx
//创建系统用户nginx
[root@RS1 ~]# useradd -r -M -s /sbin/nologin nginx

//安装依赖环境
[root@RS1 ~]# yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ make
[root@RS1 ~]# yum -y groups mark install 'Development Tools'

//创建日志存放目录
[root@RS1 ~]#  mkdir -p /var/log/nginx
[root@RS1 ~]# chown -R nginx.nginx /var/log/nginx

//编译安装nginx
[root@RS1 ~]# cd /usr/src/
[root@RS1 src]# ls
debug    mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz  php-8.0.10.tar.xz
kernels  nginx-1.20.1.tar.gz
[root@RS1 src]# tar xf nginx-1.20.1.tar.gz 
[root@RS1 src]# cd nginx-1.20.1
[root@RS1 nginx-1.20.1]#./configure 
--prefix=/usr/local/nginx 
--user=nginx 
--group=nginx 
--with-debug 
--with-http_ssl_module 
--with-http_realip_module 
--with-http_image_filter_module 
--with-http_gunzip_module 
--with-http_gzip_static_module 
--with-http_stub_status_module 
--http-log-path=/var/log/nginx/access.log 
--error-log-path=/var/log/nginx/error.log
[root@RS1 nginx-1.20.1]# make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install

//配置环境变量
[root@RS1 ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
[root@RS1 ~]# source /etc/profile.d/nginx.sh

//启动nginx
[root@RS1 ~]# /usr/local/nginx/sbin/nginx     //默认启动文件
[root@RS1 ~]# ss -antl
State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port  Process   
LISTEN   0        128              0.0.0.0:80            0.0.0.0:*               
LISTEN   0        128              0.0.0.0:22            0.0.0.0:*               
LISTEN   0        128                 [::]:22               [::]:*  

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53

3.2 安装mysql

//安装依赖包
[root@RS1 ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel ncurses-compat-libs

//创建用户和组
[root@RS1 ~]# useradd -r -M -s /sbin/nologin mysql

//解压mysql软件包
[root@RS1 ~]# cd /usr/src/
[root@RS1 src]# tar xf mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@RS1~]# cd /usr/local/
[root@RS1 local]# ls
bin  games    lib    libexec                              nginx  share
etc  include  lib64  mysql-5.7.35-linux-glibc2.12-x86_64  sbin   src
[root@RS1 local]# ln -sv mysql-5.7.35-linux-glibc2.12-x86_64/ mysql
'mysql' -> 'mysql-5.7.35-linux-glibc2.12-x86_64/'
[root@RS1 local]# chown -R mysql.mysql /usr/local/mysql*

//添加环境变量
[root@RS1 ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@RS1 ~]# source /etc/profile.d/mysql.sh
[root@RS1 ~]# echo $PATH 
/usr/local/mysql/bin:/usr/local/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

//头文件软连接
[root@RS1 ~]# ln -s /usr/local/mysql/include /usr/include/mysql

//帮助文档
[root@RS1 ~]# vim /etc/man_db.conf
MANDATORY_MANPATH                       /usr/local/mysql/man

//库文件
[root@RS1 ~]# vim /etc/ld.so.conf.d/mysql.conf
/usr/local/mysql/lib
[root@lnmp ~]# ldconfig 

//建立数据存放目录
[root@RS1 ~]# mkdir -p /opt/data
[root@RS1 ~]# chown -R mysql.mysql /opt/data/
[root@RS1 ~]# ll /opt/
总用量 0
drwxr-xr-x. 2 mysql mysql 6 10月 26 01:02 data

//初始化数据库
[root@RS1 ~]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/data

//生成配置文件
[root@RS1 ~]# cat /etc/my.cnf    #如果这个文件存在,请先备份再修改
[mysqld]
basedir = /usr/local/mysql
datadir = /data
socket = /tmp/mysql.sock
port = 3306
pid-file = /data/mysql.pid
user = mysql
skip-name-resolve

//配置启动服务
[root@RS1 ~]# sed -ri 's#^(basedir=).*#1/usr/local/mysql#g' /usr/local/mysql/support-files/mysql.server 
[root@RS1 ~]# sed -ri 's#^(datadir=).*#1/opt/data#g' /usr/local/mysql/support-files/mysql.server
[root@RS1 ~]# cat /usr/lib/systemd/system/mysqld.service
[Unit]
Description=Mysql server daemon
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

// 启动mysql
[root@RS1 ~]# systemctl daemon-reload 
[root@RS1 ~]# systemctl enable --now mysqld
Created symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.
[root@RS1 ~]# ss -antl
State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port  Process   
LISTEN   0        128              0.0.0.0:80            0.0.0.0:*               
LISTEN   0        128              0.0.0.0:22            0.0.0.0:*               
LISTEN   0        128                 [::]:22               [::]:*               
LISTEN   0        80                     *:3306                *:*              

//设置数据库密码
mysql> set password = password('123456');
Query OK, 0 rows affected, 1 warning (0.00 sec)

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88

3.3 安装PHP

//先下载epel源
[root@RS1 ~]# yum -y install epel-release

//下载依赖包
[root@RS1 ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel  pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel php-mysqlnd libzip-devel.x86_64 libsqlite3x-devel

[root@RS1 ~]# yum -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm

//解压编译PHP
[root@RS1 ~]# cd /usr/src/
[root@RS1 src]# tar xf php-8.0.10.tar.xz 
[root@RS1 src]# cd php-8.0.10
[root@RS1 php-8.0.10]#./configure --prefix=/usr/local/php8  
--with-config-file-path=/etc 
--enable-fpm 
--disable-debug 
--disable-rpath 
--enable-shared 
--enable-soap 
--with-openssl 
--enable-bcmath 
--with-iconv 
--with-bz2 
--enable-calendar 
--with-curl 
--enable-exif  
--enable-ftp 
--enable-gd 
--with-jpeg 
--with-zlib-dir 
--with-freetype 
--with-gettext 
--enable-mbstring 
--enable-pdo 
--with-mysqli=mysqlnd 
--with-pdo-mysql=mysqlnd 
--with-readline 
--enable-shmop 
--enable-simplexml 
--enable-sockets 
--with-zip 
--enable-mysqlnd-compression-support 
--with-pear 
--enable-pcntl 
--enable-posix

[root@RS1 php-8.0.10]# make && make install

//设置环境变量
[root@RS1 php-8.0.10]# echo 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php.sh
[root@RS1 php-8.0.10]# source /etc/profile.d/php.sh

//配置php-fpm
[root@RS1 php-8.0.10]# cp php.ini-production /etc/php.ini
cp:是否覆盖'/etc/php.ini'? y
[root@RS1 php-8.0.10]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@RS1 php-8.0.10]# chmod +x /etc/init.d/php-fpm
[root@RS1 php-8.0.10]# cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf
[root@RS1 php-8.0.10]# cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf

//启动php-fpm
[root@RS1 ~]# service php-fpm start
Starting php-fpm  done
[root@RS1 ~]# ss -antl
State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port  Process   
LISTEN   0        128              0.0.0.0:80            0.0.0.0:*               
LISTEN   0        128              0.0.0.0:22            0.0.0.0:*               
LISTEN   0        128            127.0.0.1:9000          0.0.0.0:*               
LISTEN   0        128                 [::]:22               [::]:*               
LISTEN   0        80                     *:3306                *:*  
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70

在RS1上测试是否能够访问到php动态页面
请添加图片描述

4 在RS2上安装Apache

//先安装开发工具包
[root@RS2 ~]# yum groups mark install 'Development Tools' -y

//创建apache用户
[root@RS2 ~]# useradd -r -M -s /sbin/nologin  apache 
[root@RS2 ~]# id apache
uid=994(apache) gid=991(apache) 组=991(apache)

//安装依赖包
[root@RS2 ~]# yum -y install openssl-devel pcre-devel expat-devel libtool gcc gcc-c++ make

//下载apache所需要的包
[root@RS2 src]# wget https://dlcdn.apache.org/httpd/httpd-2.4.49.tar.gz
[root@RS2 src]# wget https://dlcdn.apache.org/apr/apr-1.7.0
[root@RS2 src]# wget https://dlcdn.apache.org/apr/apr-util-1.6.1.tar.gz
[root@RS2 src]# ls
apr-1.7.0.tar.gz  apr-util-1.6.1.tar.gz  debug  httpd-2.4.49.tar.gz  kernels
wget https://dlcdn.apache.org/apr/apr-util-1.6.1.tar.gz

//解压所有包
[root@RS2 src]# tar xf httpd-2.4.49.tar.gz 
[root@RS2 src]# tar xf apr-1.7.0.tar.gz 
[root@RS2 src]# tar xf apr-util-1.6.1.tar.gz
[root@RS2 src]# ls
apr-1.7.0         apr-util-1.6.1         debug         httpd-2.4.49.tar.gz
apr-1.7.0.tar.gz  apr-util-1.6.1.tar.gz  httpd-2.4.49  kernels
[root@RS2 src]# 

//修改apr-1.7.0/configure里面的配置文件,进行编译安装
[root@RS2 ~]# cd /usr/src/apr-1.7.0
[root@RS2 apr-1.7.0]# vim configure
##  删除此行或添加注释  $RM "$cfgfile"

//编译安装apr
[root@RS2 apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@RS2 apr-1.7.0]# make && make install

//编译安装apr-util
[root@RS2 apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@RS2 apr-util-1.6.1]# make && make install

//编译安装htpd
[root@RS2 httpd-2.4.49]# ./configure --prefix=/usr/local/apache 
--enable-so 
--enable-ssl 
--enable-cgi 
--enable-rewrite 
--with-zlib 
--with-pcre 
--with-apr=/usr/local/apr 
--with-apr-util=/usr/local/apr-util/ 
--enable-modules=most 
--enable-mpms-shared=all 
--with-mpm=prefork

[root@RS2 httpd-2.4.49]# make && make install

//安装后所需要做的配置
//设置环境变量
[root@RS2 ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh
[root@RS2 ~]# source /etc/profile.d/httpd.sh 

[root@RS2 ~]# which httpd
/usr/local/apache/bin/httpd

//做一个软链接,让其能直接访问/usr/include/apache
[root@RS2 ~]# ln -s /usr/local/apache/include /usr/include/apache

[root@RS2 ~]# ls /usr/local/apache/
bin    cgi-bin  error   icons    logs  manual
build  conf     htdocs  include  man   modules

[root@RS2 ~]# vim /etc/man_db.conf  
//修改此行内容为下,让其能找到帮助文档  
MANDATORY_MANPATH             /usr/local/apache/man


[root@RS2 ~]# vim /usr/local/apache/conf/httpd.conf 
//取消掉此行注释     ServerName www.example.com:80

//设置开机自启
[root@RS2 ~]# cat /usr/lib/systemd/system/sshd.service > /usr/lib/systemd/system/httpd.service
[root@RS2 ~]# vim /usr/lib/systemd/system/httpd.service 
//修改成此配置文件
[Unit]
Description=Httpd server daemon
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

[root@RS2 ~]# systemctl daemon-reload
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# systemctl status httpd

[root@RS2 ~]# echo "hello world!!!" >/var/www/html/index.html
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102

在RS2上测试是否能够访问到apache页面
请添加图片描述

5. nginx实现负载均衡

[root@LB ~]# vim /usr/local/nginx/conf/nginx.conf
upstream webservers {
       server 192.168.200.145;
       server 192.168.200.151;
   }

   server {
       listen       80;
       server_name  localhost;

       #charset koi8-r;

       #access_log  logs/host.access.log  main;

       location / {
           proxy_pass http://webservers;    #webservers要与上面的upstream后面所跟的一样
       }
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17

请添加图片描述
在浏览器上访问192.168.200.144
请添加图片描述

6 nginx实现动静分离

root@LB ~]# vim /usr/local/nginx/conf/nginx.conf
   upstream static {    
       server 192.168.200.151;
   }
   upstream dynamic {
       server 192.168.25.145;
   }

   server {
       listen       80;
       server_name  localhost;

......
       location / {
           proxy_pass http://static;    #访问根目录下的静态资源会自动跳转到192.168.200.151上进行访问
       }
......
       location ~ .php$ {
           proxy_pass   http://dynamic;    #访问根目录下的.php动态资源会自动跳转到192.168.200.145上进行访问
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19

访问测试
请添加图片描述

在这里插入图片描述

推荐阅读