Tengine 反向代理狀態檢測

Tengine 反向代理狀態檢測

 

安裝Tengine：

編譯安裝

./configure --prefix=/usr/loca/nginx
make && make install

 

 

配置upstream server：

#user  nobody;
user nginx nginx;
worker_processes  1;

 

 

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}

# load modules compiled as Dynamic Shared Object (DSO)
#
#dso {
#    load ngx_http_fastcgi_module.so;
#    load ngx_http_rewrite_module.so;
#}

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;
    #access_log  "pipe:rollback logs/access_log interval=1d baknum=7 maxsize=2G"  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

   # server {
    #    listen       80;
     #  server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        #access_log  "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G"  main;

      #  location / {
      #      root   html;
       #     index  index.html index.htm;
       # }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        #error_page   500 502 503 504  /50x.html;
        #location = /50x.html {
        #    root   html;
        #}

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
   #}


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
upstream tomcat {
ip_hash;
server 192.168.137.201:8080;
server 192.168.137.202:8080;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_http_send "HEAD / HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;

}
upstream tomcat-1 {
        ip_hash;
        server 192.168.137.201:8081;
        server 192.168.137.202:8081;
        check interval=3000 rise=2 fall=5 timeout=1000 type=http;  #狀態檢測
        check_http_send "HEAD / HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;

        }


server {
listen 80;
server_name 127.0.0.1;
index    index.jsp index.html;
location / {
            proxy_pass http://tomcat;  #以這種格式來使用後端的web服務器
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size 10m;
            client_body_buffer_size 128k;
            proxy_connect_timeout 90;
            proxy_send_timeout 90;
            proxy_read_timeout 90;
            proxy_buffer_size 4k;
            proxy_buffers 4 32k;
            proxy_busy_buffers_size 64k;
            proxy_temp_file_write_size 64k;

}
#location /status {
#check_status;
#access_log off;
#}
#location /nginx_status {
#stub_status on;
#access_log off;
#}
}
server {
        listen 8000;
        server_name 127.0.0.1;
        index    index.jsp index.html;
                location / {
            proxy_pass http://tomcat-1;  #以這種格式來使用後端的web服務器
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size 10m;
            client_body_buffer_size 128k;
            proxy_connect_timeout 90;
            proxy_send_timeout 90;
            proxy_read_timeout 90;
            proxy_buffer_size 4k;
            proxy_buffers 4 32k;
            proxy_busy_buffers_size 64k;
            proxy_temp_file_write_size 64k;

        }
}
include /usr/local/nginx/conf/vhosts/*.conf;

}

 

 

 

狀態檢測模塊能夠爲Tengine提供主動式後端服務器健康檢查的功能。

該模塊在Tengine-1.4.0版本之前沒有默認開啓，它能夠在配置編譯選項的時候開啓：./configure --with-http_upstream_check_module

編輯/etc/nginx/nginx.conf

http {
    upstream cluster1 {
        # simple round-robin
        server 192.168.30.116:80;
        #server 192.168.0.2:80;
        check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_http_send "HEAD / HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
    }
    upstream cluster2 {
        # simple round-robin
        server 192.168.30.113:80;
        server 192.168.30.114:80;
        check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_keepalive_requests 100;
        check_http_send "HEAD / HTTP/1.1\r\nConnection: keep-alive\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
    }
    server {
        listen 80;
        location /1 {
            proxy_pass http://cluster1;
        }
        location /2 {
            proxy_pass http://cluster2;
        }
        location /status {
            check_status;
            access_log  off;
            allow SOME.IP.ADD.RESS;
            deny all;
        }
    }
}

 

 

指令後面的參數意義是：

interval：向後端發送的健康檢查包的間隔。

fall(fall_count): 若是連續失敗次數達到fall_count，服務器就被認爲是down。

rise(rise_count): 若是連續成功次數達到rise_count，服務器就被認爲是up。

timeout: 後端健康請求的超時時間。

default_down: 設定初始時服務器的狀態，若是是true，就說明默認是down的，若是是false，就是up的。默認值是true，也就是一開始服務器認爲是不可用，要等健康檢查包達到必定成功次數之後纔會被認爲是健康的。

type：健康檢查包的類型，如今支持如下多種類型

tcp：簡單的tcp鏈接，若是鏈接成功，就說明後端正常。

ssl_hello：發送一個初始的SSL hello包並接受服務器的SSL hello包。

http：發送HTTP請求，經過後端的回覆包的狀態來判斷後端是否存活。

mysql: 向mysql服務器鏈接，經過接收服務器的greeting包來判斷後端是否存活。

ajp：向後端發送AJP協議的Cping包，經過接收Cpong包來判斷後端是否存活。

port: 指定後端服務器的檢查端口。你能夠指定不一樣於真實服務的後端服務器的端口，好比後端提供的是443端口的應用，你能夠去檢查80端口的狀態來判斷後端健康情況。默認是0，表示跟後端server提供真實服務的端口同樣。該選項出現於Tengine-1.4.0。

check_http_send http_packet:

該指令能夠配置http健康檢查包發送的請求內容。爲了減小傳輸數據量，推薦採用"HEAD"方法。

當採用長鏈接進行健康檢查時，需在該指令中添加keep-alive請求頭，如："HEAD / HTTP/1.1\r\nConnection: keep-alive\r\n\r\n"。 同時，在採用"GET"方法的狀況下，請求uri的size不宜過大，確保能夠在1個interval內傳輸完成，不然會被健康檢查模塊視爲後端服務器或網絡異常。

check_http_expect_alive: 該指令指定HTTP回覆的成功狀態，默認認爲2XX和3XX的狀態是健康的。

check_status:

顯示服務器的健康狀態頁面。該指令須要在http塊中配置。

在Tengine-1.4.0之後，你能夠配置顯示頁面的格式。支持的格式有: html、csv、 json。默認類型是html。