38-Nginx四层负载-动静分离详解
文章目录
四层负载均衡概述
什么是四层负载均衡:
四层负载均衡是基于传输层协议包来封装的(如TCP/IP),那我们前面使用到的七层指的是应用层它的组装在四层基础之上,无论四层还是七层都是指的OSI网络模型
四层负载均衡应用场景:
1.四层+七层来做负载均衡,四层可以保证七层的负载均衡的高可用性,如:nginx就无法保证自己的服务高可用,需要依赖LVS或者keeplive。
2.如:tcp协议的负载均衡,有些请求时tcp的协议的(mysql、ssh),或者说这些请求只需要使用四层进行端口的转发就可以了,所以使用四层负载均衡。
四层负载均衡总结
1.四层负载均衡仅能转发TCP/IP协议、UDP协议、通常用来转发端口。如:tcp22 udp53
2.四层负载均衡可以用来解决七层负载均衡端口限制问题;(七层负载均衡最大使用65535个端口号)
3.四层负载均衡可以解决七层负载均衡高可用问题;(多台后端七层负载均衡同时使用)
4.四层的转发效率比七层的高的多,但仅支持tcp/ip协议,不支持http和https协议。
5.通常大并发场景会选择使用在七层负载均衡前面增加四层负载均衡。
四层负载均衡配置
1.通过访问负载均衡的5555端口,实际是后端的web01的22端口在提供服务:
准备一台服务器10.0.0.4
1.安装nginx
[root@web01 ~]# scp /etc/yum.repos.d/nginx.repo root@10.0.0.4:/etc/yum.repos.d/nginx.repo
[root@lb ~]#yum -y install nginx
[root@lb ~]#cd /etc/nginx/conf.d/
[root@lb conf.d]#rm -rf default.conf
[root@lb conf.d]#vim ../nginx.conf
[root@lb conf.d]#grep conf.c ../nginx.conf
include /etc/nginx/conf.c/*.conf
[root@lb conf.d]#mkdir -p /etc/nginx/conf.c
[root@lb conf.c]#cd /etc/nginx/conf.c/
[root@lb conf.c]#vim lb.conf
stream {
upstream web01 {
server 172.16.1.7:22;
}
server {
listen 5555;
proxy_pass web01;
}
}
[root@lb conf.c]#nginx -t
[root@lb conf.c]#systemctl restart nginx
2.通过访问负载均衡的6666端口,实际是后端的mysql的3306端口在提供服务
[root@lb conf.c]#vim lb.conf
stream {
upstream web01 {
server 172.16.1.7:22;
}
upstream db01 {
server 172.16.1.51:3306;
}
server {
listen 5555;
proxy_pass web01;
}
server {
listen 6666;
proxy_pass db01;
}
}
[root@lb conf.c]#nginx -t
[root@lb conf.c]#systemctl restart nginx
web01上远程连接测试:
[root@web01 ~]# mysql -h 10.0.0.4 -P 6666 -ulzy -plzy123.com
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2272
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
四层转发七层配置
1.准备lb02服务器 10.0.0.6
[root@lb02 yum.repos.d]#scp 172.16.1.7:/etc/yum.repos.d/nginx.repo /etc/yum.repos.d/
[root@lb02 yum.repos.d]#yum install -y nginx
[root@lb02 yum.repos.d]#scp -r 172.16.1.5:/etc/nginx/conf.d/* /etc/nginx/conf.d/
[root@lb02 yum.repos.d]#scp 172.16.1.5:/etc/nginx/proxy_params /etc/nginx/
root@lb02 conf.d]#cat default.conf
upstream webs {
server 172.16.1.7:80;
server 172.16.1.8:80;
}
server{
listen 80;
server_name www.static.com;
location / {
proxy_pass http://webs;
include proxy_params;
}
}
[root@lb02 conf.d]#nginx -t
[root@lb02 conf.d]#systemctl restart nginx
配置lb四层
[root@lb conf.c]#cat web.conf
stream {
upstream webs {
server 172.16.1.5:80;
server 172.16.1.6:80;
}
server {
listen 80;
proxy_pass webs;
}
}
访问测试
hosts解析 10.0.0.4 www.wp.com
tomcat图片分离
https://tomcat.apache.org/ # tomcat web服务器的官网
1.web02部署Tomcat
下载Tomcat包
[root@web02 ~]# wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.88/bin/apache-tomcat-9.0.88.tar.gz --no-check-certificate
[root@web02 ~]# tar xf apache-tomcat-9.0.88.tar.gz -C /usr/local/
[root@web02 ~]# ln -s /usr/local/apache-tomcat-9.0.88/ /usr/local/tomcat
安装Tomcat的运行环境
[root@web02 ~]# yum install -y java
运行Java服务
[root@web02 ~]# /usr/local/tomcat/bin/startup.sh
检查端口 Tomcat监听8080端口
2.nginx实现代理Tomcat 进行图片拆分
1)web02配置反向代理到自身的8080端口
[root@web02 conf.d]# vim proxytomcat.conf
upstream tom {
server 172.16.1.8:8080;
}
server {
listen 80;
server_name tomcat.oldboy.com;
location / {
proxy_pass http://tom;
}
}
[root@web02 conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web02 conf.d]# systemctl restart nginx
hosts解析测试访问代理是否成功
10.0.0.8 tomcat.oldboy.com
3)通过配置nginx反向代理的location 将tomcat的图片拆分
[root@web02 conf.d]# vim proxytomcat.conf
upstream tom {
server 172.16.1.8:8080;
}
server {
listen 80;
server_name tomcat.oldboy.com;
location / {
proxy_pass http://tom;
}
#访问.png .jpg.svg.... 则直接通过/code/images返回给用户
location ~* \.(png|jpg|svg|mp4|mp3)$ {
root /code/images;
}
}
[root@web02 conf.d]# nginx -t
[root@web02 conf.d]# systemctl restart nginx
创建图片目录
[root@web02 conf.d]# mkdir -p /code/images
[root@web02 conf.d]# cd /code/images/
将tomcat的所有图片复制一份到/code/images
[root@web02 images]# cd /usr/local/tomcat/webapps/ROOT/
[root@web02 ROOT]# cp *.svg *.png /code/images/
修改目录的属主属组为nginx的启动用户www
[root@web02 ROOT]# chown -R www.www /code/images/
测试访问tomcat.oldboy.com
停止tomcat服务
[root@web02 ROOT]# /usr/local/tomcat/bin/shutdown.sh
通过负载均衡实现动静分离
1.配置web01的静态页面
[root@web01 conf.d]# cat static.conf
server{
listen 80;
server_name www.static.com;
location / {
root /code/test;
index index.html;
}
location ~* .*\.(jpg|png|gif)$ {
root /code/images;
}
}
[root@web01 conf.d]# nginx -t
[root@web01 conf.d]# systemctl restart nginx
[root@web01 conf.d]# mkdir -p /code/images
上传a.png到/code/images
测试:www.static.com
访问:www.static.com/a.jpg
2.配置web02的动态资源
[root@web02 ~]#cd /usr/local/tomcat/webapps/ROOT/
[root@web02 ROOT]# cat test.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<HTML>
<HEAD>
<TITLE>oldboy JSP Page</TITLE>
</HEAD>
<BODY>
<%
Random rand = new Random();
out.println("<h1>oldboy随机数:<h1>");
out.println(rand.nextInt(99)+100);
%>
</BODY>
</HTML>
重启tomcat
访问:http://10.0.0.8:8080/test.jsp
3.负载均衡集成动态和静态页面
[root@lb01 conf.d]#cat proxy_ds.conf
upstream static {
server 172.16.1.7:80;
}
upstream java {
server 172.16.1.8:8080;
}
server {
listen 80;
server_name www.static.com;
location ~* \.(jpg|png|gif)$ {
proxy_pass http://static;
proxy_set_header Host $http_host;
}
location ~ \.jsp {
proxy_pass http://java;
proxy_set_header Host $http_host;
}
}
hosts解析访问:www.static.com/a.jpg www.static.com/test.jsp
4.负载均衡上整合动态和静态的html文件
[root@lb01 conf.d]#cat proxy_ds.conf
upstream static {
server 172.16.1.7:80;
}
upstream java {
server 172.16.1.8:8080;
}
server {
listen 80;
server_name www.static.com;
location / {
root /code;
index index.html;
}
location ~* \.(jpg|png|gif)$ {
proxy_pass http://static;
proxy_set_header Host $http_host;
}
location ~ \.jsp {
proxy_pass http://java;
proxy_set_header Host $http_host;
}
}
[root@lb01 conf.d]#mkdir -p /code
[root@lb01 conf.d]#cat /code/index.html
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>测试ajax和跨域访问</title>
<script src="http://libs.baidu.com/jquery/2.1.4/jquery.min.js"></script>
</head>
<script type="text/javascript">
$(document).ready(function(){
$.ajax({
type: "GET",
url: "http://www.static.com/test.jsp",
success: function(data){
$("#get_data").html(data)
},
error: function() {
alert("哎呦喂,失败了,回去检查你服务去~");
}
});
});
</script>
<body>
<h1>测试动静分离</h1>
<img src="http://www.static.com/a.jpg">
<div id="get_data"></div>
</body>
</html>
[root@lb01 conf.d]#systemctl restart nginx
访问:www.static.com
测试:关闭静态看是否影响动态
关闭动态看是否影响静态
通过客户端UA信息调度到不同的代码
根据iPhone 安卓 pc跳转不同的页面环境规划
系统版本 | 主机角色 | 外网IP | 内网IP | 提供端口 |
---|---|---|---|---|
centOS7.9 | 负载均衡 | 10.0.0.5 | 172.16.1.7 | 80 |
centOS7.9 | 提供Android页面 | 172.16.1.7 | 9090 | |
centOS7.9 | 提供iPhone页面 | 172.16.1.7 | 9091 | |
centOS7.9 | 提供pc页面 | 172.16.1.7 | 9092 |
1.配置后端web节点的nginx配置
[root@web01 conf.d]# cat sj.conf
server {
listen 9090;
location / {
root /code/android;
index index.html;
}
}
server {
listen 9091;
location / {
root /code/iphone;
index index.html;
}
}
server {
listen 9092;
location / {
root /code/pc;
index index.html;
}
}
[root@web01 conf.d]# nginx -t
[root@web01 conf.d]# systemctl restart nginx
2.为后端web节点配置对应的网站目录及代码
[root@web01 conf.d]# mkdir /code/{android,iphone,pc}
[root@web01 conf.d]# echo "我是安卓" > /code/android/index.html
[root@web01 conf.d]# echo "我是iphone" > /code/iphone/index.html
[root@web01 conf.d]# echo "我是pc" > /code/pc/index.html
3.配置负载均衡服务
[root@lb01 conf.d]#cat proxy_sj.conf
upstream android {
server 172.16.1.7:9090;
}
upstream iphone {
server 172.16.1.7:9091;
}
upstream pc {
server 172.16.1.7:9092;
}
server {
listen 80;
server_name sj.lzy.com;
charset 'utf-8';
location / {
#如果客户端来源是Android则跳转到Android的资源;
if ($http_user_agent ~* "Android") {
proxy_pass http://android;
}
#如果客户端来源是Iphone则跳转到Iphone的资源;
if ($http_user_agent ~* "Iphone") {
proxy_pass http://iphone;
}
#如果客户端是IE浏览器则返回403错误;
if ($http_user_agent ~* "MSIE") {
return 403;
}
#默认跳转pc资源;
proxy_pass http://pc;
}
}
[root@lb01 conf.d]#nginx -t
[root@lb01 conf.d]#systemctl restart nginx
访问:sj.lzy.com