Foreword
Among the modules provided by the Nginx official module, there is no health check module for the load balancing backend node, but you can use the third-party module nginx_upstream_check_module to detect the health status of the backend server. The way I installed Nginx is through yum. The nginx_upstream_check_module module is not installed through yum, so we need to install this module for Nginx first.
If you have installed Nginx with yum, it is recommended to uninstall it first with yum remove nginx. I have not yet found a way to configure this module for Nginx without uninstalling it.
Installation configuration
- Install dependency packages
yum -y install gcc glibc gcc-c++ openssl-devel pcre-devel patch
- Download nginx source code package and nginx_upstream_check module third-party module
Nginx official address
cd /usr/local wget https://nginx.org/download/nginx-1.21.4.tar.gz wget https://github.com/yaoweibin/nginx_upstream_check_module/archive/refs/heads/master.zip
The address of this third-party module on github is: You can check it out, and the configuration example is also given, which is very detailed. address
- Unzip Nginx source code package and third-party modules
tar -zxvf nginx-1.21.4.tar.gz unzip nginx_upstream_check_module-master.zip
- Add Nginx module
cd nginx-1.21.4/ patch -p1 < ../nginx_upstream_check_module-master/check_1.20.1 + .patch
p1 means it is in the Nginx directory, p0 means it is not in the Nginx directory.
- To compile Nginx, you need to add the upstream_check third-party module
View via nginx -V
Copy the above content
When recompiling, add –add-module=/usr/local/nginx_patch/nginx_upstream_check_module-master. The module address is the address where you download nginx_upstream_check_module to your local location. (But sometimes nginx -v will fail, but it will not have much impact. You can also directly copy the following command)
./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx /nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run /nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var /cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp- path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with -http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with -http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --add-module=/usr/local/nginx_patch/nginx_upstream_check_module-master --with-stream --with-stream_realip_module -- with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size =4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
- Compile and install
make & amp; & amp; make install
- Start NGINX (to prevent the startup from being successful due to errors)
suho /usr/sbin/nginx
At this time, an error may be reported that a certain folder is not found, but it does not affect it. You can just go to the corresponding directory and create one.
nginx -t checks whether nginx configuration is correct
nginx -s reload reloads the configuration file
- Blogger’s nginx.conf configuration (actually it is recommended that each site’s configuration file be opened independently, but I was lazy and didn’t)
Note that this configuration file has high versatility, but you also need to modify some configurations depending on your own needs. The blogger built two NGINX between two servers. Both parties perform heartbeat detection. The IP addresses are intranet and elastic. , the internal network corresponding to 10.75.25.207 is 10.75.28.14
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {<!-- -->
worker_connections 1024;
}
http {<!-- -->
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
map $time_iso8601 $logdate {<!-- -->
'~^(?<ymd>\d{4}-\d{2}-\d{2})' $ymd;
default 'date-not-found';
}
send_timeout 30;
client_body_buffer_size 40m;
proxy_buffer_size 128k;
proxy_buffers 4 128k;
proxy_busy_buffers_size 128k;
# access_log /var/log/nginx/access.log main;
access_log /var/log/nginx/access-$logdate.log main;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
server {<!-- -->
listen 80;
#listen 443 ssl http2;
server_name 10.75.28.14 10.75.25.207;
index index.html;
root /data/wwwroot/paizhu/dist/;
gzip on;
gzip_buffers 32 4K;
gzip_comp_level 6;
gzip_min_length 200;
# access_log /var/log/nginx/host.access_.log main;
gzip_types application/javascript text/css text/xml;
gzip_disable "MSIE [1-6]\.";
#Configure disabling gzip conditions and support regular expressions. This means that gzip is not enabled in ie6 and below (because lower versions of ie do not support it)
gzip_vary on;
#SSL-END
location /status {<!-- -->
check_status;
access_log off;
}
location /file {<!-- -->
alias /data/wwwroot/upload;
try_files $uri @mongrel;
}
location @mongrel {<!-- -->
if ($http_lan_check = "1") {<!-- -->
return 404;
}
proxy_pass http://10.75.28.37:80;
proxy_set_header lan-check "1";
}
location /oss {<!-- -->
rewrite ^/oss(.*)$ /$1 break;
proxy_pass http://szpzjdgzglxt.oss111b-cn-sx-zjsxzwy01-d01-a.inner.zjsxzwy.cn/;
#proxy_set_header Host $host; OSS’s reverse proxy needs to remove the source address, as is the case with Government Cloud
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
add_header X-Cache $upstream_cache_status;
}
location /manage {<!-- -->
proxy_pass http://manage;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection $connection_upgrade;
proxy_http_version 1.1;
# proxy_hide_header Upgrade;
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
set $static_fileyb8cQBoU 0;
if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
{<!-- -->
set $static_fileyb8cQBoU 1;
expires 1m;
}
if ( $static_fileyb8cQBoU = 0 )
{<!-- -->
add_header Cache-Control no-cache;
}
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {<!-- -->
roothtml;
}
}
upstream manage {<!-- -->
least_conn;
server 10.75.28.14:500 weight=1 max_fails=2 fail_timeout=10s; # Service instance 1
server 10.75.28.14:501 weight=1 max_fails=2 fail_timeout=10s; # Service instance 2
server 10.75.28.37:500 weight=1 max_fails=2 fail_timeout=10s; # Service instance 3
server 10.75.28.37:501 weight=1 max_fails=2 fail_timeout=10s; # Service instance 4
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "GET /manage/heartbeat HTTP/1.0\r\\
\r\\
";
check_http_expect_alive http_2xx http_3xx;
}
}
Renderings
- normal status
- Offline status
The blogger’s personal open source blog address: www.chengke.net, which is full of quality and covers high-quality open source projects. Welcome to visit.