[toc]

Nginx 常用架构

LB Cluster

提升系统容量的方式:
    scale up:
    scale out:

session保持方法:
    session绑定:sh
    session复制:
    session服务器: memchached redis (key-value,kv store)
    对url 做hash 计算后，做为key
    对url 对应的内容做为value

I/O：

同步/异步:被调用者，在收到调用请求后，是否立即返回。还是得到最终结果后才返回； 
阻塞/非阻塞:调用者发起调用之后，在收到响应结果之前，是否会被挂起，被挂起，被称为阻塞，非挂起为非阻塞;
I/O网络编程模型中，常用网络模型有5种;
1、同步阻塞 
2、同步非阻塞
3、复用型I/O
4、(Event Driver) 事件驱动
5、异步I/O

libevent: 项目
    epoll()
可以对nginx进程对CPU的核心数来进行绑定;
LRU:最近最少缓存条目算法;
平滑升级，平滑故障处理，或者灰度发布;
对于web服务器来说，日志至关重要，需要对日志进行分析;
CacheManager: 缓存的失效，过期检验及清理操作;

Nginx 配置

main, event, http 基于c语言风格；

httpd{ 
    drective
    server{
        listen
        server_name
        location{
            if {
              }
          }
      }
 server {
    }
}

nginx 的安装包

# 这里采用的采用的是阿里云的epel源
# cd /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
enabled=1
failovermethod=priority
baseurl=http://mirrors.cloud.aliyuncs.com/epel/7/$basearch
gpgcheck=0
gpgkey=http://mirrors.cloud.aliyuncs.com/epel/RPM-GPG-KEY-EPEL-7
# yum -y install nginx
# rpm -q --scripts nginx # 查看nginx  的安装前脚本，卸载后脚本;

ngx_http_proxy_module 模块

server {
    listen
    server_name
    location /{
        proxy_pass http://172.16.55.180:80/
        proxy_set_header Host $host  # 设定请求报文的，Host首部，一般apache基于主机名解析的重要首部信息;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
# 请求到代理服务器的过程，Ningx把报文拆除，了解请求的内容是什么;
# 于是Nginx需要重新构建请求报文 ，来送到的后端服务器;
# cip（客户端 ip） --> pip(代理ip) --> lip(本地ip) --> uip(后端服务器ip);
http://www.ssjinyao.com
http://mysql.ssjinyao.com

# 在node1中配置一台httpd服务
# echo "<h1>node1</h1>" > /var/www/html/index.html
# systemctl start httpd 
# 在node2中 配置一台httpd 服务
echo "<h1>node2</h1>" > /var/www/html/index.html
# systemctl start httpd 

格式:
    localtion /uri {
        proxy_pass http://back_server:port/newuri;
    }
    # 这样的配置 uri 将补到newuri的后面
    location /uri {
        rewrite http://back_server:port/newuri
        # proxy_pass http://back_server:port/newuri 
    }
    # 这样的配置 uri 将重写到newuri   
    /uri --> /newuri
# cd /etc/nginx/conf.d/
# cp defalt.conf{,.bak}
# vim default.conf

server_name  www.ssjinyao.com;
location / 
    {
    proxy_ass http://172.16.55.128/;
    index index.htm index.html ;
}

# systemctl restart nginx
# tial -f /var/log/nginx/access.log

# 在node2 apache 端进行编辑
# mkdir /var/www/html/bbs
# echo "<h1> bbs on node2 </h1>" /var/www/html/bbs/index.html

# 对应的在nginx 端

location /bbs/ {
    proxy_pass http://172.16.55.128/bbs/;
}
# nginx -t  or # sevice nginx configtest  
# systemctl rsload nginx 

# 或者可以使用forum
location /forum/ {
    proxy_cache mycache;
    proxy_cache_valid 200 1h;
    proxy_cache_valid 301 302 10m;
    proxy_cache_valid any 1m;
    proxy_cache_use_statle error timeout invalid_header http_500 http_502 http_503 http504;  # 什么情况下使用过期缓存
    proxy_pass http://172.16.55.128/bbs/;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
}
# nginx -t 
# systemctl reload nginx

location ~* \.(jpg|png|gif)$ {
    proxy_pass http://172.16.55.128;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
}
# nginx -t 
# systemctl reload nginx 


# 注意 在location 进行正则匹配的模式匹配时
# proxy_pass 加http://172.16.55.128; 这个位置这后什么都不能带的，/ 也不能带的，否则会报语法错误; 
# apache 记录客户端请求的日志,向后端发送特定首部;
需要在Logformat中加入 将第一个值 %h 换成%{X-Real-IP}i
# systemctl restart httpd 

# 定义proxy缓存 
# 在nginx httpd 段中配置cache path;
# vim /etc/nginx/nginx.conf
proxy_cache_path /cache/nginx/ level=1:1:1 keys_zone=mycache:32m;
# mkdir -pv /cache/nginx
# chown -R nginx.nginx /cache/nginx


proxy_connect_timeout:  nginx  proxy 请求连接到后端连接请求的超时时长;
proxy_hide_header: 设定响应到客户端时需要隐藏的首部信息;‘
proxy_buffers 8k; 指定缓冲大小

upstream(负载均衡) 模块

upstream 模块只能使用在http段中

例子

# 注 启用负载均衡时要把缓存关了
upstream backend {
    server www.ssjinyao.com weight=5 
    server 127.0.0.1:8080  max_fails=3  fail_timeout=30s;
    server unix:/tmp/backend3;
    server backup1.ssjinyao.com backup;
} 

upstream upservers {
    ip hash;
    server 172.16.55.127 max_fail=2  fail_timeout=2 # 自带健康状态检测功能;
    # server 172.16.55.128 weight=2;
    server 172.16.55.129 bakup;
}

server_name  www.ssjinyao.com;

location / {
    proxy_pass http://upservers/;
}

# nginx -t 
# systemctl reload nginx

SNAT模式的大量的Client

基于sticky实现session绑定:
    cookie 而我们一般常用的是基于cookie的绑定;
    route
    learn() 需要Nginx 在 1.8 版本以上;

example:

upstream backend {
    server backend1.example.com;
    server backend2.example.com;

    sticky cookie srv_id expires=1h domain=.example.com path=/;
}

least_conn:调度方法，最少连接;

upstream memcached_backend {
    server 127.0.0.1:11211;
    server 172.16.55.121:11211;

    keepavlie 32;
}

server {
    ...
    location /memcached/ {
        set $memcached_key $uri;
        memcached_pass memcached_backend;
    }  
}

location / {
    proxy_pass http://backend;
    health_check;
}
    helth_check; 即健康状态检查;
    建议: 关闭访问日志;

http {
    server {
    ...
        location / {
            proxy_pass http://backend;
            health_check match=welcome; # 做字符串匹配;
        }
    }

        metch welcome {
            status 200;
            header Content-Type = text/html;
            body ~ "Welcome to nginx";
        }
}

Nginx 自定义首部给客户端

# 代理服务器响应给客户端时，如何自定义响应首部;
     listen 443;
    server_name www.ssjinyao.com;
    add_header SSJinYao-Server 'Next-SSJinYao';
    add_header SSJinYao-IP $server_addr;
    add_header X-Cache $upstream_cache_status;
    add_header Name 'ssjinyao';

# curl -I https://www.ssjinyao.com  # 定义完响应首部后，进行验证;
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Apr 2018 07:24:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 39777
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 19 Apr 2018 09:14:18 GMT
ETag: "9b61-56a2fff0c14a1"
SSJinYao-Server: Next-SSJinYao
SSJinYao-IP: 172.31.253.156
X-Cache: HIT
Name: ssjinyao
Accept-Ranges: bytes

fast-cgi 使用

LNMP
# yum -y install php-fpm
# rpm -ql php-fpm 
# vim /etc/php-fpm.d/www.conf
# systemctl start php-fpm 
# vim /etc/nginx.conf.d/default.conf

location / {
    root /usr/share/nginx/html;
    index index.php index.html index.htm;
}

location ~\.php$ {
    fastcgi_cache fcgicache;
    fastcgi_cache_valid 200 10m;
    fastcgi_cache_valid 302 3m;
    fastcgi_cache_valid any 1m;
    root /usr/share/nginx/html;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index indexphp;
    fastcgi_param SCRIPT_FILENAME /scripts$fastcgi-script_naame;
    indclude fastcgi_paramgs;
}
# systemctl restart nginx
# 若调用fastcgi 失败 
# 编辑/etc/nginx/fastcgi_params，将其内容更改为如下内容：
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
# nginx -s reload
# yum -y install php-mysql mariadb maraidb-server
# cd /usr/share/nginx/html
# vim index.php
<?php 
    $conn = mysql_connect('127.0.0.1','root','');
    if ($conn)
        echo succ
    else
        echo fail;
    mysql_close();
?>
# 当LNMP 环境跑起来时，可以通匹配反像代理来实现动静分离;
(1) root为同一路径;
(2) root为不同路径;
    location \.php${
        root /web/app/wp;
    }
    location / {
        root /web/htdocs;
    }

(3) fpm server 为另一主机 ;

    location \.php${
        fastcgi_pass fastcgi://172.16.55.129:9000;
    }
    location / {
        root /web/htdocs;
    }
# 注: 如果动态内容能过缓存来进行加速的话，加速效果是非常明显示的;