Nginx 负责均衡、宕机容错、防盗链，ddos攻击、tomcat集群

nginx 配置文件配置


#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
	#设置缓存的大小
	server_names_hash_bucket_size 64;
	#配置访问规则，防止ddos攻击
	limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
	
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
	

    #做负载均衡
	upstream mytomcatServer {
		server 127.0.0.1:8080;
		server 127.0.0.1:8081;
	}

	#自定义的服务
	server {
		listen       80;
		server_name  www.lxq.com;
		location / {
		    # 应用上面访问规则
		    limit_req zone=one;
			proxy_pass http://mytomcatServer;
			# 设置请求超时时间,宕机容错
			proxy_connect_timeout 2;
			# 设置发送超时时间
			proxy_send_timeout 2;
			# 设置读取超时时间
			proxy_read_timeout 2;
		}
		# 设置nginx防盗链 
		location ~ .*\.(jpg|jpeg|JPG|png|gif|icon)$ {
			valid_referers blocked http://www.lxq.com www.lxq.com;
			if ($invalid_referer) {
				return 403;
			}
		}
	}
	
	
    server {
        listen       80;
        server_name  8080.www.lxq.com;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            proxy_pass   http://127.0.0.1:8080;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

因为我是在window 上做实现，那么我们首先修改host 文件

1. windows 中hosts文件位置(win10)：

C:\Windows\System32\drivers\etc\hosts

添加域名和ip地址的映射

127.0.0.1 8080.www.lxq.com
127.0.0.1 www.lxq.com

本地启动两个tomcat，一个端口号8080，一个8081

接下来修改nginx中配置文件

然后访问8080.www.lxq.com,就会访问到tomcat中8080端口这台服务器

nginx 配置负载均衡

1.添加服务器信息，

扫描二维码关注公众号，回复： 10435856 查看本文章

可以添加权重

#weight权重值(越大访问率大),在fail_timeout时间内检查后端服务器max_fails次，失败则被剔除;

server 192.168.1.123 weight=1 fail_timeout=30s max_fails=2;

#做负载均衡
	upstream mytomcatServer {
		server 127.0.0.1:8080;
		server 127.0.0.1:8081;
	}

2.新增一个server，指定代理的服务器地址，

#自定义的服务
	server {
		listen       80;
		server_name  www.lxq.com;
		location / {
			proxy_pass http://mytomcatServer;
		}
	
	}

nginx 宕机容错

	#自定义的服务
	server {
		listen       80;
		server_name  www.lxq.com;
		location / {
			proxy_pass http://mytomcatServer;
			# 设置请求超时时间,宕机容错
			proxy_connect_timeout 2;
			# 设置发送超时时间
			proxy_send_timeout 2;
			# 设置读取超时时间
			proxy_read_timeout 2;
		}
		
	}

nginx防盗链

	#自定义的服务
	server {
		listen       80;
		server_name  www.lxq.com;
		location / {
			proxy_pass http://mytomcatServer;
			# 设置请求超时时间,宕机容错
			proxy_connect_timeout 2;
			# 设置发送超时时间
			proxy_send_timeout 2;
			# 设置读取超时时间
			proxy_read_timeout 2;
		}
		# 设置nginx防盗链 
		location ~ .*\.(jpg|jpeg|JPG|png|gif|icon)$ {
			valid_referers blocked http://www.lxq.com www.lxq.com;
			if ($invalid_referer) {
				return 403;
			}
		}
	}

nginx 防止ddos攻击

在http下面添加配置

#配置访问规则，防止ddos攻击
	limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;

在server中应用

#自定义的服务
	server {
		listen       80;
		server_name  www.lxq.com;
		location / {
		    # 应用上面访问规则
		    limit_req zone=one;
			proxy_pass http://mytomcatServer;
			# 设置请求超时时间,宕机容错
			proxy_connect_timeout 2;
			# 设置发送超时时间
			proxy_send_timeout 2;
			# 设置读取超时时间
			proxy_read_timeout 2;
		}
		# 设置nginx防盗链 
		location ~ .*\.(jpg|jpeg|JPG|png|gif|icon)$ {
			valid_referers blocked http://www.lxq.com www.lxq.com;
			if ($invalid_referer) {
				return 403;
			}
		}
	}

Change゜

发布了90 篇原创文章 · 获赞 29 · 访问量 7250

私信关注

Nginx 负责均衡、宕机容错、防盗链，ddos攻击、tomcat集群

猜你喜欢