一.web架构
目前企业中开发网站的常见的脚本语言有两种,一种是php,一种是java。如果使用的是php,那么web集群架构必然离不开nginx+php-fpm,这里的nginx并不是负载均衡的角色,而是web服务器的角色,php-fpm来处理php脚本,nginx处理静态的html、图片、js、css等资源。另外一种流行的web脚本语言为java,java应用最常见的容器是tomcat,它也是一款流行web服务软件。虽然tomcat本身也可以提供静态文件的解析,但是并发能力不强,所以处理静态请求交给Nginx处理,动态的交给tomcat处理。
keeplived+nginx+tomcat处理的大致流程如下:
对于lnmp的架构了解请参考:[//www.greatytc.com/p/75589a125252]
二.keeplived+nginx+tomcat实现动静分离
为了解决Tomcat并发能力低的问题,可以通过将静态请求交给nginx处理,动态处理交给tomcat处理,这样就可以通过动静分离来提升并发能力。一般可以通过两种方式来实现:
- 1.通过lsyncd工具实现将站点下保存的静态数据实时同步到nginx的静态数据保存目录下
- 2.通过共享存储目录的方式将静态数据保存到共享目录并将共享目录挂载到nginx的静态数据保存目录下(这里采用第二种的方式实现动静分离)
1.配置nfs
[root@nfs ~]# vim /etc/exports
/data/jpress 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
2.web安装nfs并进行挂载
[root@web01 /server/scripts]# mount -t nfs 172.16.1.41:/data/jpress /code/jpress/attachment
[root@web02 /server/scripts]# mount -t nfs 172.16.1.41:/data/jpress /code/jpress/attachment
[root@web03 /server/scripts]# mount -t nfs 172.16.1.41:/data/jpress /code/jpress/attachment
3.配置keeplived+nginx+tomcat的负载均衡及动静分离
keeplived配置及说明请参考链接文档://www.greatytc.com/p/e1991ce4d45b
3.1配置nginx负载均衡+动静分离
注意:第二台负载均衡也是这样配置
[root@lb01 ~]# vim /etc/nginx/conf.d/ssl.conf
upstream jpress_pools {
server 172.16.1.7:8080;
server 172.16.1.8:8080;
server 172.16.1.9:8080;
}
server {
listen 80;
server_name jpress.test.com;
rewrite ^(.*) https://$server_name$1 redirect;
}
server {
listen 443 ssl;
server_name jpress.test.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
location / {
proxy_pass http://jpress_pools;
include proxy_params;
}
#动静分离
location ~.*\.(gif|jpg|jpeg|bmp|png|ico|txt|mp3|mp4|swf) {
root /data;
}
}
3.2创建Nginx的静态数据保存目录
[root@lb01 ~]# mkdir /data/attachment -p
[root@lb02 ~]# mkdir /data/attachment -p
3.3挂载共享存储目录
[root@lb01 ~]# mount -t nfs 172.16.1.31:/data/jpress /data/attachment
[root@lb02 ~]# mount -t nfs 172.16.1.31:/data/jpress /data/attachment
三.测试
随机上传一张图片
测试访问
服务端查看数据是否存在
[root@lb01 /data/attachment]# ls
20191207
[root@lb02 /data/attachment]# ls
20191207
四.读写分离配置
[root@lb01 ~]# vim /etc/nginx/conf.d/ssl.conf
upstream write {
server 172.16.1.7:8080;
}
upstream read {
server 172.16.1.7:8080;
server 172.16.1.8:8080;
server 172.16.1.9:8080;
)
server {
listen 80;
server_name jpress.test.com;
rewrite ^(.*) https://$server_name$1 redirect;
}
server {
listen 443 ssl;
server_name jpress.test.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
#读写分离
location / {
if ($request_method = POST ) {
proxy_pass http://write;
}
proxy_pass http://read;
include proxy_params;
}
#动静分离
location ~.*\.(gif|jpg|jpeg|bmp|png|ico|txt|mp3|mp4|swf) {
root /data;
}
}
负载均衡inclund的引用配置如下:
[root@lb01 /etc/nginx]# vim proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
proxy_http_version 1.1;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504;