Centos7+Nginx负载均衡(Load Balance)配置详情介绍 推荐

Centos7+Nginx负载均衡(Load Balance)配置详情介绍
Centos7+Nginx负载均衡(Load Balance)配置详情介绍
随着互联网信息的爆炸性增长，负载均衡（load balance）已经不再是一个很陌生的话题，顾名思义，负载均衡即是将负载分摊到不同的服务单元，既保证服务的可用性，又保证响应足够快，给用户很好的体验。快速增长的访问量和数据流量催生了各式各样的负载均衡产品，很多专业的负载均衡硬件提供了很好的功能，但却价格不菲，这使得负载均衡软件大受欢迎，nginx就是其中的一个，在linux下有Nginx、LVS、Haproxy等等服务可以提供负载均衡服务，而且Nginx提供了几种分配方式(策略)，当然现在主流的公有云(Windows Azure)提供的服务在均衡分配方式基本上都类似于Nginx的轮询(round robin)分配方式和加权轮询(Weight round robin)分配方式，对于其他公有云产品没有具体试验过，所以我们今天主要介绍一下Nginx下的几种分配方式，具体见下：
1、轮询（默认）
每个请求按时间顺序逐一分配到不同的后端服务器，如果后端服务器down掉，能自动剔除。
2、weight
指定轮询几率，weight和访问比率成正比，用于后端服务器性能不均的情况。 例如：

upstream server_pool{
server 192.168.5.21 weight=10;
server 192.168.5.22 weight=10;
}

3、ip_hash

每个请求按访问ip的hash结果分配，这样每个访客固定访问一个后端服务器，可以解决session的问题。 例如：

upstream server_pool{
ip_hash;
server 192.168.5.21:80;
server 192.168.5.22:80;
}

4、fair（第三方）

按后端服务器的响应时间来分配请求，响应时间短的优先分配。

upstream server_pool{
server 192.168.5.21:80;
server 192.168.5.22:80;
fair;
}

注意：整个分配方式是通过修改定义负载均衡的server配置中添加的。

我们今天主要介绍我个人认为使用最多的几种方式吧；前面四种。
我们后端使用两台Apache服务作为WEB服务，具体安装就不多介绍了。
192.168.5.21

Yum install httpd

查看httpd 版本

rpm -qa | grep httpd

接下来我们首先要为apache定义一个 默认的页面，方便区分；我们为了后面的数据统计所以页面内容显示的比较少

Vim /var/www/httml/index.html
</html>
<!DOCTYPE html>
<html>
<head>
<title>Welcome to Apache</title>
<style>
body {
35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
<style type="text/css">
h1{color:red}
h2{color:blue}
h3{color:green}
h4{color:yellow}
}
</style>
</head><body bgcolor='7D7DFF'>
<h2>HostName:A-S ----->IP:192.168.5.21</h2>
</body>
</html>

保存退出，启动服务

Systemctl start httpd

然后添加默认的防火墙端口8o

Firewall-cmd --zone=public --add-port='80/tcp' --permanent
或者vim /etc/firewalld/zone/public.xml
添加一下格式
<port portocal='tcp' port='80'>

我们测试访问



我们准备第二台WEB服务(192.168.5.22)我们按照第一台的方式进行配置，再次就跳过了。
第二台主机的配置：192.168.5.22 主机名 B-S
安装好httpd后，我们将a-s上的index拷贝到b-s服务器上

scp index.html root@192.168.5.22:/var/www/html/

然后修改index.html文件



我们为了后面的测试，我们将两台服务器的显示内容修改一下，为了通过服务进行批量测试。
将两台Apache WEB服务的index.html文件只显示服务器的名称及IP地址。



接下来我们就部署nginx，在Centos7上yum安装需要定义yum源

cd /etc/yum.repo
vim epel.repo
添加以下内容
[epel]
name=aliyun epel
baseurl=http://mirrors.aliyun.com/epel/7Server/x86_64/
gpgcheck=0

Yum install nginx
nginx  192.168.5.20

启动服务

systemctl start nginx

我们接下来需要编辑nginx的默认配置文件来修改负载的配置
我们首先查看默认的配置文件

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
worker_connections  1024;
}

http {
include       mime.types;
default_type  application/octet-stream;

#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
#                  '$status $body_bytes_sent "$http_referer" '
#                  '"$http_user_agent" "$http_x_forwarded_for"';

#access_log  logs/access.log  main;

sendfile        on;
#tcp_nopush     on;

#keepalive_timeout  0;
keepalive_timeout  65;

#gzip  on;

server {
listen       80;
server_name  localhost;

#charset koi8-r;

#access_log  logs/host.access.log  main;

location / {
root   html;
index  index.html index.htm;
}

#error_page  404              /404.html;

# redirect server error pages to the static page /50x.html
#
error_page   500 502 503 504  /50x.html;
location = /50x.html {
root   html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
#    proxy_pass   http://127.0.0.1; #}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#    root           html;
#    fastcgi_pass   127.0.0.1:9000;
#    fastcgi_index  index.php;
#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
#    include        fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#    deny  all;
#}
}

# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#    listen       8000;
#    listen       somename:8080;
#    server_name  somename  alias  another.alias;

#    location / {
#        root   html;
#        index  index.html index.htm;
#    }
#}

# HTTPS server
#
#server {
#    listen       443 ssl;
#    server_name  localhost;

#    ssl_certificate      cert.pem;
#    ssl_certificate_key  cert.key;

#    ssl_session_cache    shared:SSL:1m;
#    ssl_session_timeout  5m;

#    ssl_ciphers  HIGH:!aNULL:!MD5;
#    ssl_prefer_server_ciphers  on;

#    location / {
#        root   html;
#        index  index.html index.htm;
#    }
#}

}

然后我们需要修改默认配置

upstream   nginx.ixmsoft.com {
server  192.168.5.21:80;
server  192.168.5.22:80;
}

我们首先配置轮询的方式

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/ #   * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log  /var/log/nginx/access.log  main;
sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;
include             /etc/nginx/mime.types;
default_type        application/octet-stream;
#增加后端服务器的负载方式，我们默认使用轮询
upstream   nginx.ixmsoft.com {
server  192.168.5.21:80;
server  192.168.5.22:80;
}

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include # for more information.
include /etc/nginx/conf.d/*.conf;
server {
#listen       80 default_server;
#listen       [::]:80 default_server;
#server_name  _;
listen 80;
server_name http://nginx.ixmsoft.com; root         /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
#增加的服务器配置
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://nginx.ixmsoft.com; }
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

保存会重启服务

Systemc restart nginx

然后测试访问，访问结果基本上都是一个后端服务器分配一次






我们使用以下命令执行十次

for i in $(seq 10); do curl http://192.168.5.20 ; done
[root@bogon nginx]# for i in $(seq 10); do curl http://192.168.5.20 ; done
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22

接下来我们配置加权轮询分配方式
我们只修改一下部分

upstream   nginx.ixmsoft.com {
server  192.168.5.21:80 weight=10 max_fails=2 fail_timeout=30s;
server  192.168.5.22:80 weight=5 max_fails=2 fail_timeout=30s;
}
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用

修改后的代码如下：

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/ #   * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log  /var/log/nginx/access.log  main;
sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;
include             /etc/nginx/mime.types;
default_type        application/octet-stream;
#增加后端服务器的负载方式，我们默认使用轮询
upstream   nginx.ixmsoft.com {
server  192.168.5.21:80 weight=10 max_fails=2 fail_timeout=30s;
server  192.168.5.22:80 weight=5 max_fails=2 fail_timeout=30s;
}
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include # for more information.
include /etc/nginx/conf.d/*.conf;
server {
#listen       80 default_server;
#listen       [::]:80 default_server;
#server_name  _;
listen 80;
server_name http://nginx.ixmsoft.com; root         /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://nginx.ixmsoft.com; }
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

我们重启进行测试

[root@bogon nginx]# for i in $(seq 10); do curl http://192.168.5.20 ; done
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:B-S  ----->IP:192.168.5.22
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21

接下来我们测试第三种，ip_hash；每个请求按访问ip的hash结果分配，这样每个访客固定访问一个后端服务器，可以解决的问题。
我们只修改server部分

upstream   nginx.ixmsoft.com {
ip_hash;
server  192.168.5.21:80;
server  192.168.5.22:80;
}

修改后的整体代码：

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/ #   * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log  /var/log/nginx/access.log  main;
sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;
include             /etc/nginx/mime.types;
default_type        application/octet-stream;
#增加后端服务器的负载方式，我们默认使用轮询
upstream   nginx.ixmsoft.com {
ip_hash;
server  192.168.5.21:80;
server  192.168.5.22:80;
}
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include # for more information.
include /etc/nginx/conf.d/*.conf;
server {
#listen       80 default_server;
#listen       [::]:80 default_server;
#server_name  _;
listen 80;
server_name http://nginx.ixmsoft.com; root         /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://nginx.ixmsoft.com; }
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

保存退出后，我们测试

[root@bogon nginx]# for i in $(seq 10); do curl http://192.168.5.20 ; done
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21
HostName:A-S  ----->IP:192.168.5.21

最后我们介绍一下fairl
按后端服务器的响应时间来分配请求，响应时间短的优先分配

upstream   nginx.ixmsoft.com {
server  192.168.5.21:80;
server  192.168.5.22:80;
fair;
}

修改后的整体代码

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/ #   * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log  /var/log/nginx/access.log  main;
sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;
include             /etc/nginx/mime.types;
default_type        application/octet-stream;
#增加后端服务器的负载方式，我们默认使用轮询
upstream   nginx.ixmsoft.com {
server  192.168.5.21:80;
server  192.168.5.22:80;
fair;
}
# 供proxy_pass和fastcgi_pass指令中使用的代理服务器
# 后台如果有动态应用的时候,ip_hash指令可以通过hash算法
# 将客户端请求定位到同一台后端服务器上,解决session共享,
# 但建议用动态应用做session共享
# server用于指定一个后端服务器的名称和参数
# weight代表权,重默认为1,权重越高被分配的客户端越多
# max_fails 指定时间内对后端请求失败的次数
# fail_timeout 达到max_fails指定的失败次数后暂停的时间
# down参数用来标记为离线,不参与负载均衡.在ip_hash下使用
# backup仅仅在非backup服务器宕机或繁忙的时候使用
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include # for more information.
include /etc/nginx/conf.d/*.conf;
server {
#listen       80 default_server;
#listen       [::]:80 default_server;
#server_name  _;
listen 80;
server_name http://nginx.ixmsoft.com; root         /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://nginx.ixmsoft.com; }
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}