负载均衡-Nginx中文文档 http://www.nginx.cn/doc/example/loadbanlance.html
负载均衡
一个简单的负载均衡的示例,把www.domain.com均衡到本机不同的端口,也可以改为均衡到不同的地址上。
http {
: upstream myproject {
: server 127.0.0.1:8000 weight=3;
: server 127.0.0.1:8001;
: server 127.0.0.1:8002;
: server 127.0.0.1:8003;
: }
: server {
: listen 80;
: server_name www.domain.com;
: location / {
: proxy_pass http://myproject;
: }
: }
}
Nginx配置二级目录反向代理本机不同端口 - 风起于青萍之末 - CSDN博客 https://blog.csdn.net/lusyoe/article/details/52928649
2016年10月25日 23:07:16
前序
最近在家里的服务器上装了一大堆的服务器软件,大多数都需要Web网站访问的,比如:Gitlab、Apache、Jenkins等等。然而又因为是不同的应用,需要占用不同的端口,每次访问起来都需要在IP地址后面再加上端口号,应用太多了就老是记不住端口了。。这才突然发现遗漏Nginx这个神器。
简介
Nginx 主要的作用就是反向代理和负载均衡了,一般在互联网公司内,作为负载均衡比较多。但是别忘了,它的一个主要用途还有反向代理。在这里,我们就通过反向代理来使得隐藏端口,二级目录的形式访问这些服务器应用吧。
安装Nginx
如果想要安装最新版本,建议从官网下载源码,然后编译安装。不过我这里偷懒直接使用仓库源安装的,这样一个比较快,二个安装目录和systemd脚本都弄得好好的,堪称开箱即用啊。
Ubuntu/Debian
$ sudo apt-get update
$ sudo apt-get install nginx
1
2
反向代理配置
直接编辑nginx配置文件即可,文件所在位置/etc/nginx/config.d/default.conf
$ sudo vim /etc/nginx/config.d/default.conf
upstream gitlab {
# 这里我们需要先手动修改Gitlab的默认访问端口,默认为80
server 192.168.1.2:8098;
}
upstream apache {
server 192.168.1.2:8090;
}
upstream rabbit {
server 192.168.1.2:15672;
}
server {
listen 80;
server_name localhost;
charset utf-8;
# http://192.168.1.2/file 即可访问apache文件服务器
location /file {
proxy_pass http://apache/;
}
location /rabbit {
proxy_pass http://rabbit/;
port_in_redirect on;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /jenkins {
proxy_pass http://192.168.1.2:8088/jenkins/;
# Fix the "It appears that your reverse proxy set up is broken" error.
# 修复点击系统管理,出现的反向代理设置有误提示
port_in_redirect on;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# 直接IP访问就是Gitlab
location / {
proxy_pass http://gitlab/;
}
}
总结
Nginx是一个非常强大的工具,这里只是使用到了其实很小的一部分功能。当然也有其他的途径可以做到,但是很少有Nginx这样简单方便的。
配置的过程中,需要注意的是Jenkins的配置,只配置一个proxy_pass的话,它会提示代理配置有误,所以需要多加一些配置。还有就是通过反向代理配置的Jenkins好像不能登录,会出现跳转到j_acegi_security_check报404错误,因为是自己家里用,所以我就直接去掉登录功能了,在Configure Global Security选项中,将启用安全钩去掉就好了。
如果有懂这个反向代理怎么登录的,还望不惜赐教。
Nginx服务器中配置非80端口的端口转发方法详解_nginx_脚本之家 https://www.jb51.net/article/82046.htm
Nginx服务器中配置非80端口的端口转发方法详解
更新时间:2016年04月07日 09:41:27
nginx可以很方便的配置成反向代理服务器:
|
1
2
3
4
5
6
7
8
9
10
11
|
server {listen 80;server_name localhost;location / {proxy_pass http://x.x.x.x:9500;proxy_set_header Host $host:80;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Via "nginx";}} |
但是如果nginx的监听端口不是默认的80端口,改为其他端口如81端口。
后端服务器中request.getServerPort()无法获得正确的端口,返回的仍然是80;
在response.sendRedirect()时,客户端可能无法获得正确的重定向url。
正确的配置方法下面我们详细来看:
增加Nginx虚拟主机
要做Nginx的转发,当然就要对Nginx做配置。可以通过添加虚拟主机配置来增强Nginx的功能。首先看看Nginx的配置文件,笔者的Nginx文件是在/etc/nginx/nginx.conf。从上图可以看到Nginx在最后引入了vhosts.d目录下的配置文件。那么就要在/etc/nginx/vhosts.d目录下创建以.conf为后缀的文件(如果该目录不存在需要自己创建)。
Nginx做非80端口转发
要做转发,可以使用Nginx的proxy_pass配置项。Nginx监听80端口,接收到请求之后就会转发到要转发的URL。具体的配置如下:
|
1
2
3
4
5
6
7
8
|
是的,就是这么简单就可以了。这是配置端口转发的核心。
但是,当遇到需要获取真实IP的业务时,还需要添加关于真实IP的配置:
|
1
2
3
4
5
6
7
8
9
10
11
|
server { server_name www.test.com
listen 80;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
} |
proxy_set_header这句配置是改变http的请求头。而Host是请求的主机名,X-Real-IP是请求的真实IP,X-Forwarded-For表示请求是由谁发起的。
小结
这次的配置可能对大部分人来说都很简单,但是笔者刚接触Nginx配置这一块,因此记录下来,分享给有需要的人。如有建议和批评,欢迎指出。通过这次的学习发现,Nginx的配置是很值得学习的。
搭建nginx反向代理用做内网域名转发 – 运维生存时间 http://www.ttlsa.com/nginx/use-nginx-proxy/
情景
由于公司内网有多台服务器的http服务要映射到公司外网静态IP,如果用路由的端口映射来做,就只能一台内网服务器的80端口映射到外网80端口,其他服务器的80端口只能映射到外网的非80端口。非80端口的映射在访问的时候要域名加上端口,比较麻烦。并且公司入口路由最多只能做20个端口映射。肯定以后不够用。
然后k兄就提议可以在内网搭建个nginx反向代理服务器,将nginx反向代理服务器的80映射到外网IP的80,这样指向到公司外网IP的域名的HTTP请求就会发送到nginx反向代理服务器,利用nginx反向代理将不同域名的请求转发给内网不同机器的端口,就起到了“根据域名自动转发到相应服务器的特定端口”的效果,而路由器的端口映射做到的只是“根据不同端口自动转发到相应服务器的特定端口”,真是喜大普奔啊。
涉及的知识:nginx编译安装,nginx反向代理基本配置,路由端口映射知识,还有网络域名等常识。
本次实验目标是做到:在浏览器中输入xxx123.tk能访问到内网机器192.168.10.38的3000端口,输入xxx456.tk能访问到内网机器192.168.10.40的80端口。
情景
由于公司内网有多台服务器的http服务要映射到公司外网静态IP,如果用路由的端口映射来做,就只能一台内网服务器的80端口映射到外网80端口,其他服务器的80端口只能映射到外网的非80端口。非80端口的映射在访问的时候要域名加上端口,比较麻烦。并且公司入口路由最多只能做20个端口映射。肯定以后不够用。
然后k兄就提议可以在内网搭建个nginx反向代理服务器,将nginx反向代理服务器的80映射到外网IP的80,这样指向到公司外网IP的域名的HTTP请求就会发送到nginx反向代理服务器,利用nginx反向代理将不同域名的请求转发给内网不同机器的端口,就起到了“根据域名自动转发到相应服务器的特定端口”的效果,而路由器的端口映射做到的只是“根据不同端口自动转发到相应服务器的特定端口”,真是喜大普奔啊。
涉及的知识:nginx编译安装,nginx反向代理基本配置,路由端口映射知识,还有网络域名等常识。
本次实验目标是做到:在浏览器中输入xxx123.tk能访问到内网机器192.168.10.38的3000端口,输入xxx456.tk能访问到内网机器192.168.10.40的80端口。
配置步骤
服务器ubuntu 12.04
###更新仓库
|
1
2
|
apt-get update -y
apt-get install wget -y
|
#下载nginx和相关软件包
pcre是为了编译rewrite模块,zlib是为了支持gzip功能。额,这里nginx版本有点旧,因为我还要做升级nginx的实验用。大家可以装新版本。
|
1
2
3
4
5
6
|
cd /usr/local/src
wget <a href="ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.33.tar.gz">ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.33.tar.gz</a>
wget <a href="http://zlib.net/zlib-1.2.8.tar.gz">http://zlib.net/zlib-1.2.8.tar.gz</a>
wget <a href="http://nginx.org/download/nginx-1.4.2.tar.gz">http://nginx.org/download/nginx-1.4.2.tar.gz</a>
tar xf pcre-8.33.tar.gz
tar xf zlib-1.2.8.tar.gz
|
#安装编译环境
|
1
|
apt-get install build-essential libtool -y
|
#创建nginx用户
所谓的unprivileged user
|
1
|
useradd -s /bin/false -r -M -d /nonexistent www
|
#开始编译安装
|
1
2
3
4
|
/configure --with-pcre=/usr/local/src/pcre-8.33 --with-zlib=/usr/local/src/zlib-1.2.8 --user=www --group=www \
--with-http_stub_status_module --with-http_ssl_module --with-http_realip_module
make
make install
|
#给文件夹授权
|
1
|
chown -R www:www /usr/local/nginx
|
#修改配置文件
vim nginx.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
user www www;
worker_processes 1;
error_log logs/error.log;
pid logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
include /usr/local/nginx/conf/reverse-proxy.conf;
sendfile on;
keepalive_timeout 65;
gzip on;
client_max_body_size 50m; #缓冲区代理缓冲用户端请求的最大字节数,可以理解为保存到本地再传给用户
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s; #nginx跟后端服务器连接超时时间(代理连接超时)
proxy_read_timeout 300s; #连接成功后,后端服务器响应时间(代理接收超时)
proxy_send_timeout 300s;
proxy_buffer_size 64k; #设置代理服务器(nginx)保存用户头信息的缓冲区大小
proxy_buffers 4 32k; #proxy_buffers缓冲区,网页平均在32k以下的话,这样设置
proxy_busy_buffers_size 64k; #高负荷下缓冲大小(proxy_buffers*2)
proxy_temp_file_write_size 64k; #设定缓存文件夹大小,大于这个值,将从upstream服务器传递请求,而不缓冲到磁盘
proxy_ignore_client_abort on; #不允许代理端主动关闭连接
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
|
编辑反向代理服务器配置文件:
vim /usr/local/nginx/conf/reverse-proxy.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
server
{
listen 80;
server_name xxx123.tk;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://192.168.10.38:3000;
}
access_log logs/xxx123.tk_access.log;
}
server
{
listen 80;
server_name xxx456.tk;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://192.168.10.40:80;
}
access_log logs/xxx456.tk_access.log;
}
|
然后重新加载nginx配置文件,使之修改生效,再把xxx123.tk域名指向公司静态IP,这样就成功的做到了在浏览器中输入xxx123.tk的时候访问的内网服务器192.168.10.38的3000端口,输入xxx456.tk访问192.168.10.40的80端口的作用。
如果想对后端机器做负载均衡,像下面这配置就可以把对nagios.xxx123.tk的请求分发给内网的131和132这两台机器做负载均衡了。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
upstream monitor_server {
server 192.168.0.131:80;
server 192.168.0.132:80;
}
server
{
listen 80;
server_name nagios.xxx123.tk;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://monitor_server;
}
access_log logs/nagios.xxx123.tk_access.log;
}
|
额,关于负载均衡和缓存就不多说了,这里只是要起到一个简单的“域名转发”功能。
另外,由于http请求最后都是由反向代理服务器传递给后段的机器,所以后端的机器原来的访问日志记录的访问IP都是反向代理服务器的IP。
要想能记录真实IP,需要修改后端机器的日志格式,这里假设后端也是一台nginx:
在后端配置文件里面加入这一段即可:
|
1
2
3
4
5
|
log_format access '$HTTP_X_REAL_IP - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $HTTP_X_Forwarded_For';
access_log logs/access.log access;
|
再看看原来日志的格式长什么样:
|
1
2
3
4
5
|
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
|
看出区别了吧
遇到的问题
- 之前没配置下面这段,访问时候偶尔会出现504 gateway timeout,由于偶尔出现,所以不太好排查
|
1
2
3
4
5
6
7
8
|
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
|
报错日志:
|
1
|
...upstream timed out (110: Connection timed out) while reading response header from upstream, client: ...(后面的省略)
|
从日志看来是连接超时了,网上一通乱查之后估计可能是后端服务器响应超时了,本着大胆假设,小心求证的原则,既然假设了错误原因就要做实验重现错误:那就调整代理超时参数,反过来把代理超时阀值设小(比如1ms)看会不会次次出现504。后来发现把proxy_read_timeout 这个参数设置成1ms的时候,每次访问都出现504。于是把这个参数调大,加入上面那段配置,解决问题了。
场景:
修改前
前端js埋点
var _PCSCount = 'http://data.test.com';
var _PCSCountPage = _PCSCount + '/visit/index?';
var _PCSPageurl = escape(location.href);
var _PCSReferer = escape(document.referrer);
var _PCSLanguage = (navigator.systemLanguage ? navigator.systemLanguage : navigator.language);
var _PCSColor = screen.colorDepth;
var _PCSScreenSize = screen.width + '*' + screen.height;
var _PCSCharset = "";
数据上报url http://data.test.com/visit/index?old=go
http://data.test.com/visit/index和php-网页服务的mvc耦合;/visit/index为mvc下的打日志控制器-方法fwrite()
计划架构为
日志服务剥离网页服务,采用flume-httpSource接收上报的数据
前期
在不修改数据上报url http://data.test.com/visit/index?old=go--js情况下,即不修改前端代码,前端无感情况下,将旧上报url重定向至flume;
后期
重构前端代码,将上报数据为一次由各个行为记录而成的行为集合,而非单一的一个动作;
Module ngx_http_rewrite_module http://nginx.org/en/docs/http/ngx_http_rewrite_module.html
常用nginx rewrite重定向-跳转实例: - 技术颜良 - 博客园 https://www.cnblogs.com/cheyunhua/p/8128039.html
1,将www.myweb.com/connect 跳转到connect.myweb.com
rewrite ^/connect$ http://connect.myweb.com permanent;
rewrite ^/connect/(.*)$ http://connect.myweb.com/$1 permanent;
2,将connect.myweb.com 301跳转到www.myweb.com/connect/
if ($host = "connect.myweb.com"){
rewrite ^/(.*)$ http://www.myweb.com/connect/$1 permanent;
}
3,myweb.com 跳转到www.myweb.com
if ($host != 'www.myweb.com' ) {
rewrite ^/(.*)$ http://www.myweb.com/$1 permanent;
}
4,www.myweb.com/category/123.html 跳转为 category/?cd=123
rewrite "/category/(.*).html$" /category/?cd=$1 last;
5,www.myweb.com/admin/ 下跳转为www.myweb.com/admin/index.php?s=
if (!-e $request_filename){
rewrite ^/admin/(.*)$ /admin/index.php?s=/$1 last;
}
6,在后面添加/index.php?s=
if (!-e $request_filename){
rewrite ^/(.*)$ /index.php?s=/$1 last;
}
7,www.myweb.com/xinwen/123.html 等xinwen下面数字+html的链接跳转为404
rewrite ^/xinwen/([0-9]+)\.html$ /404.html last;
8,http://www.myweb.com/news/radaier.html 301跳转 http://www.myweb.com/strategy/
rewrite ^/news/radaier.html http://www.myweb.com/strategy/ permanent;
9,重定向 链接为404页面
rewrite http://www.myweb.com/123/456.php /404.html last;
10, 禁止htaccess
location ~//.ht {
deny all;
}
11, 可以禁止/data/下多级目录下.log.txt等请求;
location ~ ^/data {
deny all;
}
12, 禁止单个文件
location ~ /www/log/123.log {
deny all;
}
13, http://www.myweb.com/news/activies/2014-08-26/123.html 跳转为 http://www.myweb.com/news/activies/123.html
rewrite ^/news/activies/2014\-([0-9]+)\-([0-9]+)/(.*)$ http://www.myweb.com/news/activies/$3 permanent;
14,nginx多条件重定向rewrite
如果需要打开带有play的链接就跳转到play,不过/admin/play这个不能跳转
if ($request_filename ~ (.*)/play){ set $payvar '1';}
if ($request_filename ~ (.*)/admin){ set $payvar '0';}
if ($payvar ~ '1'){
rewrite ^/ http://play.myweb.com/ break;
}
15,http://www.myweb.com/?gid=6 跳转为http://www.myweb.com/123.html
if ($request_uri ~ "/\?gid\=6"){return http://www.myweb.com/123.html;}
正则表达式匹配,其中:
* ~ 为区分大小写匹配
* ~* 为不区分大小写匹配
* !~和!~*分别为区分大小写不匹配及不区分大小写不匹配
文件及目录匹配,其中:
* -f和!-f用来判断是否存在文件
* -d和!-d用来判断是否存在目录
* -e和!-e用来判断是否存在文件或目录
* -x和!-x用来判断文件是否可执行
flag标记有:
* last 相当于Apache里的[L]标记,表示完成rewrite
* break 终止匹配, 不再匹配后面的规则
* redirect 返回302临时重定向 地址栏会显示跳转后的地址
* permanent 返回301永久重定向 地址栏会显示跳转后的地址
实践证明
user nginx;
worker_processes 8; # = cpu num; error_log /data/nginx/log/error/error.log warn; # warn, error crit, alert, and emerg levels are logged. NGINX Docs | Configuring Logging https://docs.nginx.com/nginx/admin-guide/monitoring/logging/ #pid logs/nginx.pid; events {
worker_connections 10240;
multi_accept on;
use epoll;
} http {
# log NGINX Docs | Configuring Logging https://docs.nginx.com/nginx/admin-guide/monitoring/logging/
# $http_host 远程客户端,如浏览器的发起请求时的地址,如域名、ip
log_format compression '$http_host - $remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
gzip on;
access_log /data/nginx/log/access/nginx-access.log compression; include mime.types;
default_type application/octet-stream; server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10;
client_header_timeout 10;
client_body_timeout 10;
reset_timedout_connection on;
send_timeout 10;
limit_conn_zone $binary_remote_addr zone=addr:5m;
limit_conn addr 100;
charset UTF-8; open_file_cache max=100000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
client_max_body_size 151M; server {
listen 80;
# 此处location写法不准确,目的是对 http://go.old.com/visit/index?pageurl=http%3A//www.123.net/&referer= 转发至另一台节点的一个http服务(后续可能调整为udp)
location /visit/index {
proxy_pass http://1.2.2.3:18080/;
}
# 此处覆盖了上级的日志位置
access_log /data/nginx/log/access/nginx-access-proxy_pass.log compression;
}
server {
listen 80;
server_name localhost; #charset koi8-r;
#access_log logs/host.access.log main; root /var/www//public; location / {
index index.php index.html index.htm;
if (!-e $request_filename) {
rewrite ^/(.*) /index.php?$1 last;
}
} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params; }
}
} [root@a nginx]# cat /data/nginx/log/access/nginx-access-proxy_pass.log -n | tail
89020 go.old.com - 47.97.84.34 - - [20/Nov/2018:11:43:39 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 136 "http://wuhan.qd8.com.cn/zhengquan/xinxi2_2115203.html" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0" "1.30"
89021 go.old.com - 111.206.198.194 - - [20/Nov/2018:11:43:40 +0800] "GET /index/union/index?key=%D1%EF%D6%DD%D7%DD%BA%E1%C9%FA%CE%EF%BF%C6%BC%BC%D3%D0%CF%DE%B9%AB%CB%BE&id=1001&site=detail.net114.com&hf=http%3A%2F%2Fdetail.net114.com%2Fchanpin%2F1039650.html&referer=&callback=c_154268541982207583748645303463 HTTP/1.1" 404 162 "http://detail.net114.com/chanpin/1039650.html" "Mozilla/5.0" "-"
89022 go.old.com - 100.116.224.110 - - [20/Nov/2018:11:43:40 +0800] "HEAD / HTTP/1.0" 200 0 "-" "-" "-"
89023 go.old.com - 120.241.1.29 - - [20/Nov/2018:11:43:40 +0800] "GET /index/union/index?key=2017%E5%8F%A3%E8%85%94%E5%B8%82%E5%9C%BA%E6%9C%80%E8%B5%9A%E9%92%B1%E7%9A%84%E4%BA%A7%E5%93%81%E4%BC%98%E7%9B%8A%E7%89%99%E5%A6%82%E4%BD%95%E4%BB%A3%E7%90%86%EF%BC%9F%E5%A4%9A%E5%B0%91%E9%92%B1_%E4%B9%90%E6%94%B6&id=1001&site=site.leshou.com&hf=http%3A%2F%2Fsite.leshou.com%2Fs%2F47069788.html&referer=&callback=c_154268541986405909995574715647 HTTP/1.1" 404 136 "http://site.leshou.com/s/47069788.html" "Mozilla/5.0 (Linux; U; Android 4.3; zh-CN; SCH-N719 Build/JSS15J) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 UCBrowser/9.9.5.489 U3/0.8.0 Mobile Safari/533.1" "1.30"
89024 go.old.com - 69.171.64.73 - - [20/Nov/2018:11:43:40 +0800] "GET //css/adunion/5.css HTTP/1.1" 404 193 "http://info.b2b168.com/s168-55042625.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36" "3.10"
89025 go.old.com - 100.116.224.60 - - [20/Nov/2018:11:43:40 +0800] "HEAD / HTTP/1.0" 200 0 "-" "-" "-"
89026 go.old.com - 112.87.161.8 - - [20/Nov/2018:11:43:40 +0800] "GET //css/adunion/reset.css HTTP/1.1" 404 193 "http://detail.net114.com/gongsi/230294142.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" "3.10"
89027 go.old.com - 163.142.248.194 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=1002 HTTP/1.1" 404 193 "http://info.b2b168.com/s168-22840678.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "3.10"
89028 go.old.com - 222.220.53.55 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 193 "http://beijing.qd8.com.cn/qtshangwu/xinxi2_4227467.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5603.400 QQBrowser/10.1.1775.400" "3.10"
89029 go.old.com - 222.220.53.55 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 193 "http://beijing.qd8.com.cn/qtshangwu/xinxi2_4255912.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5603.400 QQBrowser/10.1.1775.400" "3.10"
[root@a nginx]#
user nginx;worker_processes 8; # = cpu num;
error_log /data/nginx/log/error/error.log warn; # warn, error crit, alert, and emerg levels are logged. NGINX Docs | Configuring Logging https://docs.nginx.com/nginx/admin-guide/monitoring/logging/
#pid logs/nginx.pid;
events { worker_connections 10240; multi_accept on; use epoll;}
http { # log NGINX Docs | Configuring Logging https://docs.nginx.com/nginx/admin-guide/monitoring/logging/# $http_host 远程客户端,如浏览器的发起请求时的地址,如域名、ip log_format compression '$http_host - $remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" "$gzip_ratio"'; gzip on; access_log /data/nginx/log/access/nginx-access.log compression;
include mime.types; default_type application/octet-stream;
server_tokens off; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 10; client_header_timeout 10; client_body_timeout 10; reset_timedout_connection on; send_timeout 10; limit_conn_zone $binary_remote_addr zone=addr:5m; limit_conn addr 100; charset UTF-8;
open_file_cache max=100000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; open_file_cache_errors on; client_max_body_size 151M;
server { listen 80;# 此处location写法不准确,目的是对 http://go.old.com/visit/index?pageurl=http%3A//www.123.net/&referer= 转发至另一台节点的一个http服务(后续可能调整为udp) location /visit/index { proxy_pass http://1.2.2.3:18080/; }# 此处覆盖了上级的日志位置 access_log /data/nginx/log/access/nginx-access-proxy_pass.log compression; }server {listen 80;server_name localhost;
#charset koi8-r;#access_log logs/host.access.log main;
root /var/www//public;
location / {index index.php index.html index.htm;if (!-e $request_filename) {rewrite ^/(.*) /index.php?$1 last;}}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html#error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}location ~ \.php$ {fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;
}}}
[root@a nginx]# cat /data/nginx/log/access/nginx-access-proxy_pass.log -n | tail 89020 go.old.com - 47.97.84.34 - - [20/Nov/2018:11:43:39 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 136 "http://wuhan.qd8.com.cn/zhengquan/xinxi2_2115203.html" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0" "1.30" 89021 go.old.com - 111.206.198.194 - - [20/Nov/2018:11:43:40 +0800] "GET /index/union/index?key=%D1%EF%D6%DD%D7%DD%BA%E1%C9%FA%CE%EF%BF%C6%BC%BC%D3%D0%CF%DE%B9%AB%CB%BE&id=1001&site=detail.net114.com&hf=http%3A%2F%2Fdetail.net114.com%2Fchanpin%2F1039650.html&referer=&callback=c_154268541982207583748645303463 HTTP/1.1" 404 162 "http://detail.net114.com/chanpin/1039650.html" "Mozilla/5.0" "-" 89022 go.old.com - 100.116.224.110 - - [20/Nov/2018:11:43:40 +0800] "HEAD / HTTP/1.0" 200 0 "-" "-" "-" 89023 go.old.com - 120.241.1.29 - - [20/Nov/2018:11:43:40 +0800] "GET /index/union/index?key=2017%E5%8F%A3%E8%85%94%E5%B8%82%E5%9C%BA%E6%9C%80%E8%B5%9A%E9%92%B1%E7%9A%84%E4%BA%A7%E5%93%81%E4%BC%98%E7%9B%8A%E7%89%99%E5%A6%82%E4%BD%95%E4%BB%A3%E7%90%86%EF%BC%9F%E5%A4%9A%E5%B0%91%E9%92%B1_%E4%B9%90%E6%94%B6&id=1001&site=site.leshou.com&hf=http%3A%2F%2Fsite.leshou.com%2Fs%2F47069788.html&referer=&callback=c_154268541986405909995574715647 HTTP/1.1" 404 136 "http://site.leshou.com/s/47069788.html" "Mozilla/5.0 (Linux; U; Android 4.3; zh-CN; SCH-N719 Build/JSS15J) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 UCBrowser/9.9.5.489 U3/0.8.0 Mobile Safari/533.1" "1.30" 89024 go.old.com - 69.171.64.73 - - [20/Nov/2018:11:43:40 +0800] "GET //css/adunion/5.css HTTP/1.1" 404 193 "http://info.b2b168.com/s168-55042625.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36" "3.10" 89025 go.old.com - 100.116.224.60 - - [20/Nov/2018:11:43:40 +0800] "HEAD / HTTP/1.0" 200 0 "-" "-" "-" 89026 go.old.com - 112.87.161.8 - - [20/Nov/2018:11:43:40 +0800] "GET //css/adunion/reset.css HTTP/1.1" 404 193 "http://detail.net114.com/gongsi/230294142.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" "3.10" 89027 go.old.com - 163.142.248.194 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=1002 HTTP/1.1" 404 193 "http://info.b2b168.com/s168-22840678.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "3.10" 89028 go.old.com - 222.220.53.55 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 193 "http://beijing.qd8.com.cn/qtshangwu/xinxi2_4227467.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5603.400 QQBrowser/10.1.1775.400" "3.10" 89029 go.old.com - 222.220.53.55 - - [20/Nov/2018:11:43:40 +0800] "GET /adunion.js?ad_slots_id=4704 HTTP/1.1" 404 193 "http://beijing.qd8.com.cn/qtshangwu/xinxi2_4255912.html" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5603.400 QQBrowser/10.1.1775.400" "3.10"[root@a nginx]#
需求
客户服务器80端口已经被java-jar包占用
进程信息
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 10124 0.0 22.9 2761432 432836 ? Sl Jul31 13:34 java -jar -server -Xms256m -Xmx512m -Dspring.profiles.active=test member-0.0.1-SNAPSHOT.jar
需求新子域名
new.test.com要配置到这台服务器,且浏览器端用80端口访问
处理方案:
server {
listen 80;
server_name new.test.com;
root /usr/share/nginx/html;
location / {
index index.html;
}
}