域名:qps.ribuncdn.cn
nginx http 配置(80端口),请求proxy 到2台server
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
log_format qps_access ' $remote_addr $time_iso8601 $server_port $request $status $http_user_agent $request_time';upstream qps_backend { ip_hash;
server 127.0.0.1:9090;
server 10.8.45.23:9090;
}server { listen 80;
server_name qps.ribuncdn.cn;
client_max_body_size 1g;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
location / {
proxy_set_header Host $http_host;
proxy_pass http://qps_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /data/proclog/log/qps_gsvc/nginx/access.log;
error_log /data/proclog/log/qps_gsvc/nginx/error.log;
}
} |
上述基础上,加入nginx https 配置(443端口),同时需要将http重定向到https
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
log_format qps_access ' $remote_addr $time_iso8601 $server_port $request $status $http_user_agent $request_time';upstream qps_backend { ip_hash;
server 127.0.0.1:9090;
server 10.8.45.23:9090;
}server { listen 80;
server_name qps.ribuncdn.cn;
client_max_body_size 1g;
rewrite ^(.*) https://$server_name$1 permanent; #http重定向到https
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
location / {
proxy_set_header Host $http_host;
proxy_pass http://qps_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /data/proclog/log/qps_gsvc/nginx/access.log;
error_log /data/proclog/log/qps_gsvc/nginx/error.log;
}
}server { listen 443;
ssl on;
server_name qps.ribuncdn.cn;
client_max_body_size 1g;
ssl_certificate /etc/nginx/ssl/_.ribuncdn.cn.crt; #指定证书位置
ssl_certificate_key /etc/nginx/ssl/_.ribuncdn.cn.key;
location / {
proxy_set_header Host $http_host;
proxy_pass http://qps_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /data/proclog/log/qps_gsvc/nginx/access.log;
error_log /data/proclog/log/qps_gsvc/nginx/error.log;
}
} |
本文转自布拉君君 51CTO博客,原文链接:http://blog.51cto.com/5148737/1977553,如需转载请自行联系原作者