云迈博客

您现在的位置是:首页 > 其他 > 正文

其他

Nginx 子目录代理到本机指定端口并实现负载均衡

wsinbol2022-08-06其他36
需求描述实现一个这样的场景:一共有1个域名,2台服务器,每台服务器部署3个前端工程,3个后端工程;且两个服务器互相做负载均衡。如何用Nginx实现这一需求呢?实现方案因为只有1个域名,却需要实

需求描述

实现一个这样的场景:一共有1个域名,2台服务器,每台服务器部署3个前端工程,3个后端工程;且两个服务器互相做负载均衡。如何用 Nginx 实现这一需求呢?

实现方案

因为只有1个域名,却需要实现3个工程的前端访问。所以通过子目录形式代理到本机的特定前端目录中。具体安排如下:

http://域名/ -> 指向用户端工程
http://域名/admin -> 指向管理员工程
http://域名/supplier -> 指向经销商工程

根据上述的安排,可以写出如下的配置:

server {
    listen 80;
    server_name my_ip;
    location / {
        root html;
    }
    location /admin {
        root html/admin/dist;
    }
    location /supplier{
        root html/supplier/dist;
    }
}

访问是OK了,如何做负载均衡呢?需要额外引入一个端口来解决。安排如下:

upstream fontend{
    server 127.0.0.1:9001;
    server 127.0.0.2:9001;
}

server {
    listen 80;
    server_name my_ip;
    location / {
        proxy_pass http://frontend;
    }
    location /admin {
        proxy_pass http://frontend;
    }
    location /supplier{
        proxy_pass http://frontend;
    }
}

server {
    listen 9001;
    server_name my_ip;
    location / {
        root html;
    }
    location /admin {
        root html/admin/dist;
    }
    location /supplier{
        root html/supplier/dist;
    }
}

最终配置

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    # 前端静态站点负载均衡
    upstream frontend{
        # 这里需要配置
        server 127.0.0.1:9001 max_fails=2 fail_timeout=60s;
    }


    # 前端sso站点负载均衡
    upstream frontend-sso{
        # 这里需要配置
        server 127.0.0.1:3000 max_fails=2 fail_timeout=60s;   
    }

    # 前端sso站点负载均衡
    upstream frontend-user{
        # 这里需要配置
        server 127.0.0.1:3300 max_fails=2 fail_timeout=60s;
    }

    # 管理端负载均衡
    upstream backend-admin{
        # 这里需要配置
        server 127.0.0.1:8090 max_fails=2 fail_timeout=60s;
    }

    # 经销商端负载均衡
    upstream backend-supplier{
        # 这里需要配置
        server 127.0.0.1:8091 max_fails=2 fail_timeout=60s;
    }


    # 用户端负载均衡
    upstream backend-user{
        # 这里需要配置
        server 127.0.0.1:8092 max_fails=2 fail_timeout=60s;
    }


    # sso端负载均衡
    upstream backend-sso{
        # 这里需要配置
        server 127.0.0.1:8093 max_fails=2 fail_timeout=60s;
    }

    server {
        listen 80;
        # 这里酌情配置
        server_name ip or domain;
        port_in_redirect off;
        server_name_in_redirect off;

        # 管理端前端路由
        location /admin {
            proxy_set_header Host $host:$proxy_port;
            proxy_set_header X-Forwarded-For $remote_addr;

            #proxy_pass  http://127.0.0.1:9001;

            proxy_pass http://frontend;

            proxy_connect_timeout 2s;
        }


        # 经销商端前端路由
        location /supplier {
            proxy_pass http://frontend;
            proxy_set_header Host $host;
            proxy_connect_timeout 2s;
        }

        # sso端前端路由
        location /sso {
            proxy_pass http://frontend-sso;
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
        }


        # sso端前端路由
        location / {
            proxy_pass http://frontend-user;
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
        }

        # 管理端后端路由
        location ^~/api-admin/ {
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;

            #proxy_pass http://backend-admin/;
            rewrite ^/api-admin/(.*)$ /$1 break;
            proxy_pass http://backend-admin;
        }


        # 用户端后端路由
        location ^~/api-user/ {
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;

            #proxy_pass http://backend-user/;
            rewrite ^/api-user/(.*)$ /$1 break;
            proxy_pass http://backend-user;
        }


        # sso 端后端路由
        location ^~/api-sso/ {
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;

            #proxy_pass http://backend-sso/;
            rewrite ^/api-sso/(.*)$ /$1 break;
            proxy_pass http://backend-sso;
        }


        # 经销商端后端路由
        location ^~/api-supplier/ {
            proxy_set_header Host $host;
            proxy_set_header  X-Real-IP        $remote_addr;
            proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;

            #proxy_pass http://backend-supplier/;
            rewrite ^/api-supplier/(.*)$ /$1 break;
            proxy_pass http://backend-supplier;

        }
    }

    server {

        listen       9001;
        server_name  localhost;
        port_in_redirect off;
        server_name_in_redirect off;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }


        location /supplier {
            alias html/supplier/dist;
            index index.html index.htm;
        }


        # 管理端前端路由
        location /admin {
            alias html/admin/dist;
            index index.html index.htm;
        }


        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}


    }

    #include /usr/local/nginx/conf/conf.d/*.conf;

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

出现的问题

  1. 当请求的URL后面没有“/”时,而且Nginx目录中没有对应的文件,就会自动进行301并添加“/”;比如:访问 https://xxx.com.cn/admin (未带/ ) 时会跳转至 http://safes-normal:8092/admin/ ,301后的地址出错。并暴露出反向代理的端口号。

答:
第一步:解决重定向的域名问题

# 在location处添加
proxy_set_header Host h o s t : host:host:proxy_port;
proxy_set_header X-Forwarded-For $remote_addr;

第二步:解决重定向后的端口问题

# 在server处添加
如果port_in_redirect为off 时,那么始终按照默认的端口;如果该指令打开,那么将会返回当前正在监听的端口。
由于port_in_redirect默认为on,所以导致我们重定向的时候,带了server中的端口8092,如果希望nginx在301重定向时不带端口,设置port_in_redirect为off 即可

参考资料:
1.https://blog.csdn.net/weixin_37221852/article/details/125317701
2.http://www.easysb.cn/2020/03/575.html

发表评论

评论列表

  • 这篇文章还没有收到评论,赶紧来抢沙发吧~