指定上游服务器的upstream与server指令
指令介绍
Syntax: upstream name { ... }
Default: —
Context: http
Syntax: server address [parameters];
Default: —
Context: upstream
功能介绍:指定一组上游服务器地址,其中,可以是域名、IP地址或者Unix socket地址。可以在域名或者IP地址后面加端口,如果不加,默认80
参数介绍:backup 指定当前server为备份服务,当非备份server不可用时,请求才会转发到server里;down 标识某台服务以及下线,不在服务
加权轮Round-Robin算法:
功能:在加权轮讯的方式访问server指令指定上游服务。集成在nginx的upstream框架
指令:weight 服务访问的权重,默认是1;
max_conns:server 的最大并发连接数,仅做用于单worker进程。默认0 ,表示没有限制;
max_falis:在fail_timeout时间内,最大的失败次数。当达到最大失败是,会在fail_timeout秒内这台server不允许再次被选择;
fail_timeout :单位为秒,默认10 秒,具有两个功能指定一段时间内,最大的失败次数max_fails;达到max_fails后,该server不能访问的时间
对上游服务使用长连接
功能:通过复用连接,降低nginx与上游服务器简历关闭连接的消耗,提升吞吐量的同时降低延迟
模块:ngx_http_upstream_keepalive_module 模块;默认编译进nginx的通过--without-http_upstream_keepalive_module 可移除此模块
对上游连接的http头部设定
proxy_http_version 1.1; #因为http1.0不支持长连接;防止下游服务器传过来的是http1.0的协议,这边需要对它的协议重置
proxy_set_header Connection "";#
upstream_keepalive指令介绍
Syntax: keepalive connections; 最多保持多少空闲连接
Default: —
Context: upstream
Syntax: keepalive_requests number;
Default: keepalive_requests 100; 一条连接上最多能有多少请求
Context: upstream
Syntax: keepalive_timeout timeout;
Default: keepalive_timeout 60s; 如果上一条请求请求完最多等多长时间,没有连接的话断开请求
Context: upstream
指定上游服务域名解析的resolver指令
Syntax: resolver address ... [valid=time] [ipv6=on|off]; 当我们使用域名访问的时候可以指定一个dns服务;设置访问dns访问超时时间
Default: —
Context: http, server, location
Syntax: resolver_timeout time;
Default: resolver_timeout 30s;
Context: http, server, location
配置
[root@python vhast]# cat shangyou.conf
server {
listen 8011;
default_type text/plain;
return 200 '8011 server response.\n';
} server {
listen 8012;
default_type text/plain;
return 200 '8012 server response.\n';
}
[root@python vhast]# cat upstream.conf
upstream rrups{
server 127.0.0.1:8011 weight=2 max_conns=2 max_fails=2 fail_timeout=5;
server 127.0.0.1:8012;
keepalive 32;
}
server {
server_name rrups.com;
error_log rrups_error.log info;
location /{
proxy_pass http://rrups;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
测试
[root@python vhast]# curl rrups.com
8011 server response.
[root@python vhast]# curl rrups.com
8011 server response.
[root@python vhast]# curl rrups.com
8012 server response.
[root@python vhast]# curl rrups.com
8011 server response.
测试场链接;并没有断开
[root@python vhast]# tcpdump -i lo port 8011
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
15:28:37.168360 IP localhost.40308 > localhost.8011: Flags [S], seq 2102663491, win 43690, options [mss 65495,sackOK,TS val 259
080435 ecr 0,nop,wscale 7], length 015:28:37.168418 IP localhost.8011 > localhost.40308: Flags [S.], seq 127783339, ack 2102663492, win 43690, options [mss 65495,s
ackOK,TS val 259080435 ecr 259080435,nop,wscale 7], length 015:28:37.168454 IP localhost.40308 > localhost.8011: Flags [.], ack 1, win 342, options [nop,nop,TS val 259080435 ecr 259080435
], length 015:28:37.168540 IP localhost.40308 > localhost.8011: Flags [P.], seq 1:70, ack 1, win 342, options [nop,nop,TS val 259080435 ec
r 259080435], length 6915:28:37.168562 IP localhost.8011 > localhost.40308: Flags [.], ack 70, win 342, options [nop,nop,TS val 259080435 ecr 25908043
5], length 015:28:37.168678 IP localhost.8011 > localhost.40308: Flags [P.], seq 1:171, ack 70, win 342, options [nop,nop,TS val 259080435
ecr 259080435], length 17015:28:37.168700 IP localhost.40308 > localhost.8011: Flags [.], ack 171, win 350, options [nop,nop,TS val 259080435 ecr 2590804
35], length 015:29:05.936003 IP localhost.40308 > localhost.8011: Flags [P.], seq 70:139, ack 171, win 350, options [nop,nop,TS val 25910920
3 ecr 259080435], length 6915:29:05.936305 IP localhost.8011 > localhost.40308: Flags [P.], seq 171:341, ack 139, win 342, options [nop,nop,TS val 2591092
03 ecr 259109203], length 17015:29:05.936358 IP localhost.40308 > localhost.8011: Flags [.], ack 341, win 359, options [nop,nop,TS val 259109203 ecr 2591092
03], length 0
超时后;断开
15:30:05.944449 IP localhost.40308 > localhost.8011: Flags [F.], seq 139, ack 341, win 359, options [nop,nop,TS val 259169211 e
cr 259109203], length 015:30:05.944588 IP localhost.8011 > localhost.40308: Flags [F.], seq 341, ack 140, win 342, options [nop,nop,TS val 259169212 e
cr 259169211], length 0
基于客户端地址的IPhash算法与
配置
[root@python vhast]# cat upstream.conf
upstream rrups{
ip_hash;
server 127.0.0.1:8011 weight=2 max_conns=2 max_fails=2 fail_timeout=5;
server 127.0.0.1:8012;
#keepalive 32;
}
server {
set_real_ip_from 192.168.183.4; #可信地址real,使用--with-http_realip_module 开启她;默认nginx未编译
real_ip_recursive on; #启用此模块;
real_ip_header X-Forwarded-For; #表示X-Forwarded-For变量的值替换real_ip原来的值
server_name rrups.com;
error_log rrups_error.log info;
location /{
proxy_pass http://rrups;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
测试
[root@python vhast]# curl -H 'X-Forwarded-For:12.1.45.53' rrups.com
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For: 12.100.45.53' rrups.com
8011 server response.
[root@python vhast]# curl -H 'X-Forwarded-For:12.1.45.53' rrups.com
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For:12.1.45.56' rrups.com
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For:11.8.45.56' rrups.com
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For:100.8.45.56' rrups.com
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For:100.9.67.51' rrups.com
8011 server response.
基于参数做hash
[root@python vhast]# cat upstream.conf
upstream rrups{
#ip_hash;
hash user_$arg_username; 用户名
server 127.0.0.1:8011;
server 127.0.0.1:8012;
#keepalive 32;
}
server {
set_real_ip_from 192.168.183.4;
real_ip_recursive on;
real_ip_header X-Forwarded-For;
server_name rrups.com;
error_log rrups_error.log info;
location /{
proxy_pass http://rrups;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
测试
[root@python vhast]# curl -H 'X-Forwarded-For: 100.8.45.56' rrups.com?username=chenxi
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For: 100.8.45.56' rrups.com?username=chenxi-990
8011 server response.
[root@python vhast]# curl -H 'X-Forwarded-For: 100.8.45.56' rrups.com?username=chenxi
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For: 100.8.45.56' rrups.com?username=chenxiuughgh
8012 server response.
[root@python vhast]# curl -H 'X-Forwarded-For: 100.8.45.56' rrups.com?username=chenxiuughgh-09876
8011 server response.
一致性hash
Syntax: hash key [consistent];
Default: —
Context: upstream
最少连接算法
功能模块:ngx_http_upstream_ least_conn _module;默认编译进nginx里
指令介绍
Syntax: least_conn;
Default: —
Context: upstream
使用共享内存让负载均衡算法跨work进程生效
功能模块:ngx_http_upstream_ zone _module;默认启用
指令介绍
Syntax: zone name [size]; 名字:共享内存多大
Default: —
Context: upstream
upstream 提供一些变量介绍(先不包含缓存的变量)
upstream_addr :上游服务器的IP为可读的127.0.0.1:8012
upstream_connect_time: 与上游服务建立连接消耗的时间,单位为秒。可精确到毫秒
upstream_header_time:接收上游服务器发送http头部响应的时间,单位为秒。可精确到毫秒
upstream_response_time:接收完上游服务器所有响应消耗的时间,单位为秒。精确到毫秒
upstream_http_名称:从上游服务器返回的响应头部的值
upstream_bytes_received:从上游服务器接收到响应长度,默认为字节
upstream_response_length:从上游服务器返回的包体的长度。默认字节
upstream_status:从上游服务器返回的http状态码;如果未连接502
upstream_cookie_名称:从上游服务器发回的Set-Cookie中取出cookie值
upstream_trailer_名称:从上游服务响应尾部取到的值