Heim >Backend-Entwicklung >PHP-Tutorial >So konfigurieren Sie einen Nignx-Service-Reverse-Proxy für den Zugriff über 3 IPs

So konfigurieren Sie einen Nignx-Service-Reverse-Proxy für den Zugriff über 3 IPs

WBOY
WBOYOriginal
2016-08-08 09:21:231058Durchsuche

场景:在10.17.55,44:7002和10.17.55.46:7003的weblogic 部署一个web工程,准备做负载均衡。在一台IP:12.17.56.44能访问到55.44和55.46上web工程的机器做nginx代理服务器,代理端口为7000,既12.17.56.44:7000能访问到10.17.55,44:7002或10.17.55.46:7003的web工程,而互联网有个IP22.18.55.33:7000 可以访问到,12.17.56.44:7000,12.17.56.44这台服务器的nginx.conf 内容配置如下:

#user  nobody;
worker_processes  auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  2048;
    accept_mutex off;
    multi_accept on; 
    use epoll; 
}

# load modules compiled as Dynamic Shared Object (DSO)
#
#dso {
#    load ngx_http_fastcgi_module.so;
#    load ngx_http_rewrite_module.so;
#}
#thread_pool one threads=128 max_queue=0;
http {
    include       mime.types;
    default_type  application/octet-stream;
    #thread_pool one threads=128 max_queue=0;
	include /etc/nginx/mutnginx/*.conf; 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    access_log off;
    sendfile        on;
    #tcp_nopush     on;
    sendfile_max_chunk 512k;
    #keepalive_timeout  0;
    keepalive_timeout  65;

   upstream cluster1 {
        # simple round-robin
        ip_hash;
		server  10.17.55,44:7002;
        server  10.17.55.46:7003;

      
    }
  
  #gzip  on;

    server {
        listen       7000;
		server_name    localhost;
    	#   0.99.132.52:700
		#check interval=30
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
  
      	#aio threads=one; 
        proxy_set_header Host $host:7000;
        proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        
      	proxy_buffering off;
        proxy_pass http://cluster1/;
		   # root   html;
           #index  index.html index.htm;
        }

	 location /status {
            #check_status;

            access_log   off;
            allow all;
           # deny all;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443;
    #    server_name  localhost;

    #    ssl                  on;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_timeout  5m;

    #    ssl_protocols  SSLv2 SSLv3 TLSv1;
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers   on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

In der Konfigurationsdatei:

include /etc/nginx/mutnginx/*.conf; 
erstellt zwei Dateien ähnlich nginx.conf im Mutnginx-Verzeichnis.

nginx2.conf-Konfiguration soll anderen Anwendungen im selben Netzwerksegment, nämlich 12.17.56.*, den Zugriff auf das Webprojekt mit derselben Proxy-IP ermöglichen. Die Konfiguration ist wie folgt:

#user  nobody;
worker_processes  auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  2048;
    accept_mutex off;
    multi_accept on; 
    use epoll; 
}

# load modules compiled as Dynamic Shared Object (DSO)
#
#dso {
#    load ngx_http_fastcgi_module.so;
#    load ngx_http_rewrite_module.so;
#}
#thread_pool one threads=128 max_queue=0;
http {
    include       mime.types;
    default_type  application/octet-stream;
    #thread_pool one threads=128 max_queue=0;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    access_log off;
    sendfile        on;
    #tcp_nopush     on;
    sendfile_max_chunk 512k;
    #keepalive_timeout  0;
    keepalive_timeout  65;

   upstream cluster3 {
        # simple round-robin
        ip_hash;
		server  10.17.55,44:7002;
        server  10.17.55.46:7003;

      
    }
  
  #gzip  on;

    server {
        listen       7000;
		server_name    localhost;
    	#   0.99.132.52:700
		#check interval=30
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
  
      	#aio threads=one; 
        proxy_set_header Host $host:7000;
        proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        
      	proxy_buffering off;
        proxy_pass http://cluster3/;
		   # root   html;
           #index  index.html index.htm;
        }

	 location /status {
            #check_status;

            access_log   off;
            allow all;
           # deny all;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443;
    #    server_name  localhost;

    #    ssl                  on;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_timeout  5m;

    #    ssl_protocols  SSLv2 SSLv3 TLSv1;
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers   on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

Es gibt auch nginx3.conf, einen Proxy für den einheitlichen Zugriff durch andere Intranet-IPs. Seine Konfiguration ist wie folgt:

#user  nobody;
worker_processes  auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  2048;
    accept_mutex off;
    multi_accept on; 
    use epoll; 
}

# load modules compiled as Dynamic Shared Object (DSO)
#
#dso {
#    load ngx_http_fastcgi_module.so;
#    load ngx_http_rewrite_module.so;
#}
#thread_pool one threads=128 max_queue=0;
http {
    include       mime.types;
    default_type  application/octet-stream;
    #thread_pool one threads=128 max_queue=0;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    access_log off;
    sendfile        on;
    #tcp_nopush     on;
    sendfile_max_chunk 512k;
    #keepalive_timeout  0;
    keepalive_timeout  65;

   upstream cluster2 {
        # simple round-robin
        ip_hash;
		server  10.17.55,44:7002;
        server  10.17.55.46:7003;

      
    }
  
  #gzip  on;

    server {
        listen       7000;
		server_name    localhost;
    	#   0.99.132.52:700
		#check interval=30
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
  
      	#aio threads=one; 
        proxy_set_header Host $host:5123;
        proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        
      	proxy_buffering off;
        proxy_pass http://cluster2/;
		   # root   html;
           #index  index.html index.htm;
        }

	 location /status {
            #check_status;

            access_log   off;
            allow all;
           # deny all;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443;
    #    server_name  localhost;

    #    ssl                  on;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_timeout  5m;

    #    ssl_protocols  SSLv2 SSLv3 TLSv1;
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers   on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}
Darunter
proxy_set_header Host $host:5123;#是映射端口,如果12.17.56.44:7000映射IP为102.34.56.44 那么5123就是映射器7000端口
Auf diese Weise wird
12.17.56.44
durch eine Internet-IP 22.18.55.33:7000 und das Intranet 12.17.56.44.:5213 und 12.17.56.44:7000 abgebildet Drei IPs können auf das Webprojekt zugreifen.

Urheberrechtserklärung: Dieser Artikel ist ein Originalartikel des Bloggers und darf nicht ohne die Erlaubnis des Bloggers reproduziert werden.

Das Obige stellt die Konfigurationsmethode eines Nignx-Service-Reverse-Proxys für den 3-IP-Zugriff vor, einschließlich des Inhalts. Ich hoffe, dass er für Freunde hilfreich ist, die sich für PHP-Tutorials interessieren.

Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Vorheriger Artikel:Einführung in NginxNächster Artikel:Einführung in Nginx