nginx 正反代理(超级玛丽小游戏)
代理的作用:将请求分配至所有服务器及负载均衡*
代理的方式
正向代理
反向代理
1.正向代理
客户端使用代理之后,还需要找服务器
客户端发送请求至代理,代理返回某个IP,客户端再根据IP链接服务器
应用:VPN
2.反向代理
只需要寻找代理,不需要找服务器
应用:负载均衡
Nginx代理服务支持的协议
ngx_http_uwsgi_module : Python
ngx_http_fastcgi_module : PHP
ngx_http_scgi_module : Java
ngx_http_v2_module : Golang
ngx_http_proxy_module : HTTP
Nginx代理实践
在不允许访问172.16.1.7的前提,要求访问到172.16.1.7中的超级玛丽
lb01(172.16.1.5)代理web01(172.16.1.7)
即本机(192.168.15.1)通过访问反向代理(172.16.1.5)获取服务器web01(172.16.1.7)信息
准备工作
| Lb01 | 172.16.1.31 |
|---|---|
| Web01 | 172.16.1.8 |
部署web01
[root@web01 conf.d]# cat game5.conf
server {
listen 80;
server_name 192.168.15.7;
location / {
root /opt/Super_Marie;
index index.html;
}
location ~ /images {
root /opt/image;
}
}
[root@web01 image]# pwd
/opt/image
[root@web01 image]# ll
总用量 0
drwxr-xr-x 2 root root 329 1月 6 15:10 images
# images 中是超级玛丽的图片
部署lb01
- 部署nginx
# 通过二进制安装方法下载Nginx源代码包
[root@lb01 ~]# wget https://nginx.org/download/nginx-1.20.2.tar.gz
# 解压
[root@lb01 ~]# tar -xf nginx-1.20.2.tar.gz
# 进入源代码目录
[root@lb01 ~]# cd nginx-1.20.2
# 可查看模块
[root@lb01 nginx-1.20.2]# ./configure --help
# 安装依赖包
[root@lb01 nginx-1.20.2]# yum install openssl openssl-devel zlib zlib-devel -y
# 设置编译参数
[root@lb01 nginx-1.20.2]# ./configure --with-http_gzip_static_module --with-stream --with-http_ssl_module
'注意: -with-stream 启用TCP/UDP代理 一定要启用'
# 编译
[root@lb01 nginx-1.20.2]# make
# 安装
[root@lb01 nginx-1.20.2]# make install
# 编译目录 nginx存放于sbin
[root@lb01 nginx-1.20.2]# cd /usr/local/nginx
[root@lb01 nginx-1.20.2]# ll
总用量 0
drwxr-xr-x 2 root root 333 1月 6 11:56 conf
drwxr-xr-x 2 root root 40 1月 6 11:56 html
drwxr-xr-x 2 root root 6 1月 6 11:56 logs
drwxr-xr-x 2 root root 19 1月 6 11:56 sbin
[root@lb01 nginx-1.20.2]# pwd
/usr/local/nginx
[root@lb01 nginx-1.20.2]# ll sbin/
总用量 6880
-rwxr-xr-x 1 root root 7044032 1月 6 11:56 nginx
[root@web01 nginx]# pwd
/usr/local/nginx
# 将web01/etc/nginx/nginx.conf配置复制到lb01中,保持两者一致
[root@web01 ~]# scp /etc/nginx/nginx.conf 192.168.15.250:/etc/nginx/nginx.conf
# 编译
[root@lb01 nginx-1.20.2]# make
# 安装
[root@lb01 nginx-1.20.2]# make install
# 优化
[root@lb01 nginx]# mkdir /etc/nginx
[root@lb01 nginx]# mv /usr/local/nginx/conf/* /etc/nginx/
[root@lb01 nginx]# mkdir /etc/nginx/conf.d
[root@lb01 nginx]# vi /etc/nginx/nginx.conf # 把之前里面的全部删除,添加下面内容.
user www;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@lb01 nginx]# groupadd www -g 666
[root@lb01 nginx]# useradd www -u 666 -g 666 -M -r -s /sbin/nologin
[root@lb01 nginx]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/sh -c "/bin/kill -s HUP $(/bin/cat /var/run/nginx.pid)"
ExecStop=/bin/sh -c "/bin/kill -s TERM $(/bin/cat /var/run/nginx.pid)"
[Install]
WantedBy=multi-user.target
[root@lb01 sbin]# ln -s /etc/nginx/nginx.conf /usr/local/nginx/conf/nginx.conf
[root@lb01 sbin]# mv /usr/local/nginx/sbin/nginx /usr/sbin/
[root@lb01 sbin]# mkdir /var/log/nginx
[root@lb01 sbin]# systemctl start nginx
- 部署反向代理
[root@lb01 conf.d]# vim /etc/nginx/conf.d/supermary.conf
server {
listen 80;
server_name youxi.com;
location / {
proxy_pass http://172.16.1.8:80;
}
}
[root@lb01 conf.d]# nginx -t
[root@lb01 conf.d]# systemctl restart nginx
# 在把172.16.1.8:80 youxi.com 添加到window上的hosts文件里 在浏览器里访问youxi.com
浙公网安备 33010602011771号