ngx_healthcheck_module intro

ngx-healthcheck-module

Health-checker for Nginx upstream servers (support http upstream && stream upstream)

該模塊能夠爲Nginx提供主動式後端服務器健康檢查的功能（同時支持四層和七層後端服務器的健康檢測）。

Table of Contents

• Status
• Description
• Installation
• Usage

• Synopsis && Directive

  • healthcheck
  • check
• Bugs and Patches
• Author
• Copyright and License
• See Also

Status

This nginx module is still under development， you can help improve and it.

這個項目還在開發中完善中，歡迎貢獻代碼，或報告bug。一塊兒使它變得更好。

Description

當你使用nginx做爲負載均衡器時，nginx原生只提供了基本的重試方式來保證訪問到正常的後端服務器。

相比之下，這個nginx第三方模塊能夠對後端服務器提供主動式的健康狀態檢測。
它維護了一個後端服務器列表，保證新的請求直接發送到一個健康的後端服務器。

主要特性：

• 同時支持四層和七層後端服務器的健康檢測
• 四層支持的檢測類型：tcp / udp / http
• 七層支持的檢測類型：http / fastcgi
• 提供一個統一的http狀態查詢接口，輸出格式：html / json / csv

Installation

git clone https://github.com/nginx/nginx/nginx.git
git clone https://github.com/zhouchangxun/ngx_healthcheck_module.git

cd nginx/; 
git apply ../ngx_healthcheck_module/nginx-stable-1.12+.patch

./auto/configure --with-stream --add-module=../ngx_healthcheck_module/
make && make install

Back to TOC

Usage

nginx.conf example

user  root;
worker_processes  1;
error_log  logs/error.log  info;
#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    server {
        listen 80;
        # status interface
        location /status {
            healthcheck_status;
        }
        # http front
        location / { 
          proxy_pass http://http-cluster;
        }   
    }
    # as a backend server.
    server {
        listen 8080;
        location / {
          root html;
        }
    }
    
    upstream http-cluster {
        # simple round-robin
        server 127.0.0.1:8080;
        server 127.0.0.2:81;

        check interval=3000 rise=2 fall=5 timeout=5000 type=http;
        check_http_send "GET / HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
    }
}

stream {
    upstream tcp-cluster {
        # simple round-robin
        server 127.0.0.1:22;
        server 192.168.0.2:22;
        check interval=3000 rise=2 fall=5 timeout=5000 default_down=true type=tcp;
    }
    server {
        listen 522;
        proxy_pass tcp-cluster;
    }
    
    upstream udp-cluster {
        # simple round-robin
        server 127.0.0.1:53;
        server 8.8.8.8:53;
        check interval=3000 rise=2 fall=5 timeout=5000 default_down=true type=udp;
    }
    server {
        listen 53;
        proxy_pass udp-cluster;
    }
    
}

status interface

One typical output is

root@changxun-PC:~/nginx-dev/ngx_healthcheck_module# curl localhost/status
{"servers": {
  "total": 6,
  "generation": 3,
  "http": [
    {"index": 0, "upstream": "http-cluster", "name": "127.0.0.1:8080", "status": "up", "rise": 119, "fall": 0, "type": "http", "port": 0},
    {"index": 1, "upstream": "http-cluster", "name": "127.0.0.2:81", "status": "down", "rise": 0, "fall": 120, "type": "http", "port": 0}
  ],
  "stream": [
    {"index": 0, "upstream": "tcp-cluster", "name": "127.0.0.1:22", "status": "up", "rise": 22, "fall": 0, "type": "tcp", "port": 0},
    {"index": 1, "upstream": "tcp-cluster", "name": "192.168.0.2:22", "status": "down", "rise": 0, "fall": 7, "type": "tcp", "port": 0},
    {"index": 2, "upstream": "udp-cluster", "name": "127.0.0.1:53", "status": "down", "rise": 0, "fall": 120, "type": "udp", "port": 0},
    {"index": 3, "upstream": "udp-cluster", "name": "8.8.8.8:53", "status": "up", "rise": 3, "fall": 0, "type": "udp", "port": 0}
  ]
}}
root@changxun-PC:~/nginx-dev/ngx_healthcheck_module#

Back to TOC

Synopsis

check

Syntax:

check interval=milliseconds
[fall=count] [rise=count] [timeout=milliseconds]
[default_down=true|false] [type=tcp|udp|http] [port=check_port]

Default: interval=30000 fall=5 rise=2 timeout=1000 default_down=true type=tcp

Context: http/upstream || stream/upstream

該指令能夠打開後端服務器的健康檢查功能。

Detail:

• interval：向後端發送的健康檢查包的間隔。
• fall(fall_count): 若是連續失敗次數達到fall_count，服務器就被認爲是down。
• rise(rise_count): 若是連續成功次數達到rise_count，服務器就被認爲是up。
• timeout: 後端健康請求的超時時間。
• default_down: 設定初始時服務器的狀態，若是是true，就說明默認是down的，若是是false，就是up的。
  默認值是true，也就是一開始服務器認爲是不可用，要等健康檢查包達到必定成功次數之後纔會被認爲是健康的。

• type：健康檢查包的類型，如今支持如下多種類型

  • tcp：簡單的tcp鏈接，若是鏈接成功，就說明後端正常。
  • udp：簡單的發送udp報文，若是收到icmp error(主機或端口不可達)，就說明後端異常。(只有stream配置塊中支持udp類型檢查)
  • http：發送HTTP請求，經過後端的回覆包的狀態來判斷後端是否存活。
• port: 指定後端服務器的檢查端口。你能夠指定不一樣於真實服務的後端服務器的端口，

好比後端提供的是443端口的應用，你能夠去檢查80端口的狀態來判斷後端健康情況。默認是0，表示跟後端server提供真實服務的端口同樣。

A example as followed:

stream {
    upstream tcp-cluster {
        # simple round-robin
        server 127.0.0.1:22;
        server 192.168.0.2:22;
        check interval=3000 rise=2 fall=5 timeout=5000 default_down=true type=tcp;
    }
    server {
        listen 522;
        proxy_pass tcp-cluster;
    }
    ...
}

healthcheck

Syntax: healthcheck_status [html|csv|json]

Default: healthcheck_status html

Context: http/server/location

A example as followed:

http {
    server {
        listen 80;
        
        # status interface
        location /status {
            healthcheck_status;
        }
     ...
}

Back to TOC

Todo List

• 增長測試用例
• 整理、優化代碼
• 規範代碼中的log輸出

Back to TOC

Bugs and Patches

Please report bugs

• create GitHub Issue,

or submit patches by

• new Pull request

Back to TOC

Author

Chance Chou (周長勳) <changxunzhou@qq.com>.

Back to TOC

Copyright and License

The health check part is based on Yaoweibin's

healthcheck module nginx_upstream_check_module
(<http://github.com/yaoweibin/nginx_upstream_check_module>);

This module is licensed under the BSD license.

Copyright (C) 2017-, by Changxun Zhou <changxunzhou@qq.com>

Copyright (C) 2014 by Weibin Yao <yaoweibin@gmail.com>

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

• Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
• Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Back to TOC

See Also

• nginx: http://nginx.org

Back to TOC