Nginx负载均衡

直接上配置文件 nginx.conf

#user  nobody;
#worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    limit_req_zone $binary_remote_addr zone=one:15m rate=3r/s;
    include ip.conf;#封ip的文件



    #tomcat_server是负载均衡器的名字
    upstream tomcat_server {
	server localhost:8080 weight=1;
	server localhost:8081 weight=1;
}
                     	              



    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    
    limit_req_zone $binary_remote_addr zone=allips:10m rate=1r/s;

    
    limit_req_zone $uri zone=api_read:20m rate=50r/s;



    server {
        listen       80;
        server_name  localhost;
        limit_req zone=one burst=10 nodelay;
        include block.conf; #防护规则
        #¶ԁ
        limit_req zone=api_read burst=100;

        charset utf-8;

        #优化
        keepalive_timeout 60;
        tcp_nodelay on;
        client_header_buffer_size 4k;
        open_file_cache max=102400 inactive=20s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 1;
        client_header_timeout 15;
        client_body_timeout 15;
        reset_timedout_connection on;
        send_timeout 15;
        server_tokens off;
        client_max_body_size 10m;





        #access_log  logs/host.access.log  main;



                #̹前端文件nginx处理
                location ~\.(gif|jpg|jpeg|png|ico|bmp|swf|html|css|js|mp3|mp4)$ {



                    #̹防盗链
                    valid_referers 47.106.67.99;

                    if ($invalid_referer) {
                       return 403;
                    }


                    expires 7d;#»º´丌


                    #开启压缩
                        gzip  on;

                        #压缩
                        gzip_types text/plain application/javascript   application/x-javascript text/css application/xml text/javascript application/x-httpd-php;

                      
                        gzip_disable "MSIE [1-6]\.";

                        #压缩
                        gzip_min_length 1k;

                       
                        gzip_buffers 4 16k;

                       
                        gzip_comp_level 2;
                    proxy_cache_valid 404 1m; #¶Դ0º˳02µŏ퓦ʨ׃10·זӵĻº´棬¶Դ4µŏ퓦ʨ׃Ϊ1·זѺ
                    proxy_cache_valid 200 302 10m;
                    root    html;
                }

                #̹后端请求转发到负载均衡器
                location ~ .(jsp|jspx|do|class)?$ {



                proxy_set_header Host $host;

                proxy_set_header X-Real-IP $remote_addr;

                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                proxy_pass http://tomcat_server;

                }









        #error_page  404              /404.html;



        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }





        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

https完整配置

events {
    worker_connections  1024;
    }


 
http {
    include       mime.types;
    default_type  application/octet-stream;
 
    limit_req_zone $binary_remote_addr zone=one:15m rate=3r/s;
    include ip.conf;#封ip的文件
    set_real_ip_from 0.0.0.0/0;
    set_real_ip_from 103.186.214.160;
    set_real_ip_from 127.0.0.1; #服务器本地
    real_ip_header    X-Forwarded-For;
    real_ip_recursive on; 
     

   log_format api.hh2022.cn '$remote_addr - $remote_user [$time_local] $request'
                '$status $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for"';

    #tomcat_server是负载均衡器的名字
    upstream tomcat_server {
	server localhost:8080 weight=1;
	server localhost:8081 weight=1;
}
                     	              
 
 
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
 
    #access_log  logs/access.log  main;
 
    sendfile        on;
    #tcp_nopush     on;
 
    #keepalive_timeout  0;
    keepalive_timeout  65;
 
    #gzip  on;
    
    limit_req_zone $binary_remote_addr zone=allips:10m rate=1r/s;
 
    
    limit_req_zone $uri zone=api_read:20m rate=50r/s;
 
 
 
    server {
        listen       80;
	listen       443 ssl;
        server_name  api.hh2022.cn;
        limit_req zone=one burst=10 nodelay;
	ssl_certificate     /usr/local/nginx/cert/ssl.pem;  # pem文件的路径
	ssl_certificate_key  /usr/local/nginx/cert/ssl.key; # key文件的路径
	# ssl验证相关配置
	ssl_session_timeout  5m;    #缓存有效期
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    #加密算法
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    #安全链接可选的加密协议
	ssl_prefer_server_ciphers on;   #使用服务器端的首选算法
        include block.conf; #防护规则
        #¶ԁ
        limit_req zone=api_read burst=100;
 
        charset utf-8;
 
        #优化
        keepalive_timeout 60;
        tcp_nodelay on;
        client_header_buffer_size 4k;
        open_file_cache max=102400 inactive=20s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 1;
        client_header_timeout 15;
        client_body_timeout 15;
        reset_timedout_connection on;
        send_timeout 15;
        server_tokens off;
        client_max_body_size 10m;
 
 
 
 
 
        #access_log  logs/host.access.log  main;
 
 
 
                #̹前端文件nginx处理
                location ~\.(gif|jpg|jpeg|png|ico|bmp|swf|html|css|js|mp3|mp4)$ {
 
 
 
                    #̹防盗链
                    valid_referers api.hh2022.cn;
 
                    if ($invalid_referer) {
                       return 403;
                    }
 
 
                    expires 7d;#»º´丌
 
 
                    #开启压缩
                        gzip  on;
 
                        #压缩
                        gzip_types text/plain application/javascript   application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
 
                      
                        gzip_disable "MSIE [1-6]\.";
 
                        #压缩
                        gzip_min_length 1k;
 
                       
                        gzip_buffers 4 16k;
 
                       
                        gzip_comp_level 2;
                    proxy_cache_valid 404 1m; #¶Դ0º˳02µŏ퓦ʨ׃10·זӵĻº´棬¶Դ4µŏ퓦ʨ׃Ϊ1·זѺ
                    proxy_cache_valid 200 302 10m;
                    root    html;
                }
 
                #̹后端请求转发到负载均衡器
                location ~ .(jsp|jspx|do|class)?$ {
 
 
 	
                proxy_set_header Host $host;
   		
                proxy_set_header X-Real-IP $remote_addr;
 
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		
    		proxy_set_header remote-user-ip $remote_addr;
	
    		
                proxy_pass http://tomcat_server;
 
                }
 
 
 
 
 
 
 
 
 
        #error_page  404              /404.html;
 
 
 
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
 
 
 
 
 
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
 
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
 
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
 
 
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
 
    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
 
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
 
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
 
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
}

你可能感兴趣的:(Nginx,nginx,负载均衡,服务器)