2
我有以下的Nginx的confnginx的配置最佳实践
upstream artifactory_lb {
server main_server.com:8081 ;
server backup_server.com:8081 backup;
}
log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
ssl_certificate /path/to/cert
ssl_certificate_key /path/to/key
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_cache shared:SSL:10m;
server {
listen 80;
listen 443 ssl;
client_max_body_size 2048M;
location/{
proxy_set_header Host $host;
proxy_pass http://artifactory_lb;
proxy_read_timeout 90;
}
access_log /var/log/nginx/access.log upstreamlog;
location /basic_status {
stub_status on;
allow all;
}
}
# Server configuration
server {
listen 2222 ssl;
server_name main_server.com;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images/$1/$2;
client_max_body_size 0;
chunked_transfer_encoding on;
location/{
allow all;
proxy_read_timeout 900;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://main_server.com:8081/artifactory/;
}
}
注意到,“proxy_pass”指令点,这增加了单点故障服务器的单个实例。有没有办法解决这个问题?
Nginx配置可以有两组上游服务器吗?所以在这种情况下,它会像
upstream artifactory_lb1 {
server main_server.com:8081 ;
server backup_server.com:8081 backup;
}
upstream artifactory_lb2 {
server main_server.com:8081/artifactory/;
server backup_server.com:8081/artifactory/ backup;
}
这是否被认为是一种良好做法?
只要你想你可以有许多'upstream'块。但是你的第二个错误,'上游'服务器不能包含路径部分,只有主机:端口。 –
顺便说一句,我不明白为什么你的'main_server.com'被标记为'backup'。 –
嗨Alexey,这是一个复制粘贴错误,感谢您指出。如果我想将一个请求重定向到一个特定的端口(在本例中为2222)到一个特定的路由(在这种情况下(/ artifactory /))这里配置了什么?是否有方法在proxy_pass指令中追加一个字符串? –