Nginx反向代理多虚拟主机及记录真实客户IP

1.多虚拟机反向代理
■
___________________________________________________________
主机信息：
Nginx代理：192.168.1.201
Nginx_web_1：192.168.1.202
Nginx_web_2：192.168.1.203
测试机：192.168.1.204
-----------------------------------三台主机安装
#安装参数

cd /usr/local/src/
tar zxvf nginx-1.6.2.tar.gz
cd nginx-1.6.2
yum install -y pcre-devel openssl-devel gzip
yum install openssl-devel  -y
./configure   --prefix=/usr/local/nginx   --with-pcre  --with-http_ssl_module --with-http_stub_status_module
make && make install

#启动脚本略
#主配置略

----------------------------------两台web虚拟主机配置
#虚拟主机配置

mkdir /usr/local/nginx/conf/vhosts
vim  /usr/local/nginx/conf/vhosts/server.conf
server {
listen 80 ;
server_name bbs.szk.com;
location / {
root /data/bbs;
index index.html index.htm;
}
access_log logs/access_bbs.log ;
}
server {
listen 80 ;
server_name www.szk.com;
location / {
root /data/www;
index index.html index.htm;
}
access_log logs/access_www.log ;
}

---------------------------------两台web创建站点目录及测试文件

for n in bbs www;do mkdir -p /data/$n;echo "$n.szk.com_202" >/data/$n/index.html;done
cat /data/bbs/index.html
echo "192.168.1.202 www.szk.com" >> /etc/hosts
echo "192.168.1.202 bbs.szk.com" >> /etc/hosts
/etc/init.d/nginx configtest
/etc/init.d/nginx start

for n in bbs www;do mkdir -p /data/$n;echo "$n.szk.com_203" >/data/$n/index.html;done
cat /data/www/index.html
echo "192.168.1.203 www.szk.com" >> /etc/hosts
echo "192.168.1.203 bbs.szk.com" >> /etc/hosts
/etc/init.d/nginx configtest
/etc/init.d/nginx start

------------------------------ nginx代理配置

vim /usr/local/nginx/conf/nginx.conf
upstream www_server_pools {
server 192.168.1.202:80 weight=1;
server 192.168.1.203:80 weight=1;
}

upstream bbs_server_pools {
server 192.168.1.202:80 weight=1;
server 192.168.1.203:80 weight=1;
}
server {
listen 80;
server_name www.szk.com;
location / {
proxy_pass http://www_server_pools; }
}
server {
listen 80;
server_name bbs.szk.com;
location / {
proxy_pass http://bbs_server_pools; }
}
echo "192.168.1.201 www.szk.com" >> /etc/hosts
echo "192.168.1.201 bbs.szk.com" >> /etc/hosts

-----------------------------------测试

[root@lab-4-C6 ~]#
echo "192.168.1.201 www.szk.com" >> /etc/hosts
echo "192.168.1.201 bbs.szk.com" >> /etc/hosts
[root@lab-4-C6 ~]# curl bbs.szk.com
bbs.szk.com_202
[root@lab-4-C6 ~]# curl bbs.szk.com
bbs.szk.com_203
[root@lab-4-C6 ~]# curl www.szk.com
bbs.szk.com_203
[root@lab-4-C6 ~]# curl www.szk.com
bbs.szk.com_202

#反向代理、负载均衡功能已经实现，但有多台虚拟主机时，出现访问出错
原因：
当用户访问域名时确实是携带了www.szk.com的主机头请求Nginx反向代理服务器，但是反向代理向下面WEB节点发起请求时，默认并没有在请求头里告诉节点服务器要找那台虚拟主机，所以，WEB节点服务器接收到请求后发现没有主机头信息，因此，就把节点服务器的第一个虚拟主机发给了反向代理了。
解决：
当反向代理向后重新发起请求时，要携带主机头信息，以明确告诉节点服务器要找哪个虚机主机。在Nginx代理www服务虚拟主机配置里增加如下配置即可：
proxy_set_header Host $host;

[root@lab-4-C6 ~]# curl bbs.szk.com
bbs.szk.com_202
[root@lab-4-C6 ~]# curl bbs.szk.com
bbs.szk.com_203
[root@lab-4-C6 ~]# curl www.szk.com
bbs.szk.com_203
[root@lab-4-C6 ~]# curl www.szk.com
bbs.szk.com_202

[b]2.记录真实客户端IP[/b]

■
多虚机负载及代理成功了，但是WEB日志访问IP是代理服务器的而不是真实客户端的
___________________________________________________________

[root@lab-2-C6 ~]# cat /usr/local/nginx/logs/access_bbs.log
192.168.1.202 - - [19/Feb/2016:08:50:17 +0800] "GET / HTTP/1.1" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
192.168.1.201 - - [19/Feb/2016:09:16:22 +0800] "GET / HTTP/1.0" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
192.168.1.201 - - [19/Feb/2016:09:16:26 +0800] "GET / HTTP/1.0" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
192.168.1.201 - - [19/Feb/2016:09:16:27 +0800] "GET / HTTP/1.0" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"

-------------------------------------Nginx代理配置

[root@lab-1-C6 ~]#
vim /usr/local/nginx/conf/nginx.conf
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server {
listen 80;
server_name bbs.szk.com;
location / {
proxy_pass http://bbs_server_pools; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;

----------------------------------WEB配置

[root@lab-2-C6 ~]#
vim /usr/local/nginx/conf/nginx.conf
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'

;

-----------------------------------测试

[root@lab-2-C6 ~]# cat  /usr/local/nginx/logs/access_bbs.log
192.168.1.201 - - [19/Feb/2016:13:42:37 +0800] "GET / HTTP/1.0" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.1.204"
192.168.1.201 - - [19/Feb/2016:13:42:43 +0800] "GET / HTTP/1.0" 200 16 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "192.168.1.204"

本文出自 “抚琴煮酒” 博客，请务必保留此出处http://szk5043.blog.51cto.com/8456440/1765513