[Tutorial] Nginx + HAProxy cluster + php5-fpm (Linux) @ Bug.hr Forum

13 godina

neaktivan

offline

sub 30.11.2013 13:42

Odgovori Citiraj

[Tutorial] Nginx + HAProxy cluster

Za početak trebati će te 3 Linux servera. Ja koristim Ubuntu Server 12.10 x64 na DigitalOcean-u (512 mb) i radi savršeno.

Frontend server će biti Nginx jer tako možemo koristiti i HTTPS protokol. Load balancer će biti HAProxy, a backend serveri će također biti Nginx.

Part 1 - Frontend server - Konfiguracija i instalacija Nginx-a i HAProxy-a

Spojite se preko SSH-a na frontend server (dakle server koji će preusmjeravati requestove na backend server s najmanjim opterećenjem) i pokrenite ove komande:

sudo apt-get update

sudo apt-get install nginx

sudo apt-get install haproxy

Kada ste instalirali Nginx i HAProxy, otvorite Nginx config fajlu i pasteajte sljedeće:

sudo nano /etc/nginx/sites-enabled/domena.com

upstream HAProxy {

server 127.0.0.1:8080;

}

server {

listen 80; ## listen for ipv4; this line is default and implied

#listen [::]:80 default_server ipv6only=on; ## listen for ipv6

server_name domena.com www.domena.com;

client_max_body_size 0; # Disable check on max body size (multipart post huge is an example that violates this constraint)

location / {

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header Host $http_host;

proxy_pass http://HAProxy;

proxy_redirect off;

# High timeouts to allow bulk upload of images

proxy_connect_timeout 600;

proxy_read_timeout 600;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

location ~ /\.ht {

deny all;

}

Nginx ce slušati na portu 80 i preusmjeravati na HAProxy (port 8080). Zamjenite domain.com sa domenom koju hocete.

Pazite da saveajte config fajlu i restartajte Nginx:

sudo service nginx restart

Sada napravite simbolični link s /etc/nginx/sites-available/domena.com na /etc/nginx/sites-enabled/domena.com:

sudo ln -s /etc/nginx/sites-available/domena.com /etc/nginx/sites-enabled/domena.com

sudo rm /etc/nginx/sites-enabled/default

Otvorite HAProxy config fajlu ( /etc/haproxy/haproxy.cfg )

sudo nano /etc/haproxy/haproxy.cfg

i paste-ajte sljedeće:

# this config needs haproxy-1.1.28 or haproxy-1.2.1

global

log 127.0.0.1 local0

log 127.0.0.1 local1 notice

#log loghost local0 info

maxconn 4096

#chroot /usr/share/haproxy

user haproxy

group haproxy

daemon

#debug

#quiet

defaults

log global

mode http

option httplog

option dontlognull

retries 3

option redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

frontend main

bind *:8080

default_backend www

backend www

balance leastconn

cookie SERVERID insert nocache indirect

option forwardfor

option httpclose

server web1 ip1:81 check port 81 cookie web1 weight 50

server web2 ip2:81 check port 81 cookie web2 weight 50

Zamijenite portove i IP adrese (ip1, ip2) i save-ajte fajlu. Možete dodati još backend servera ukoliko želite.

Ponovno restartajte Nginx i pokrenite HAProxy sa odgovarajućom konfiguracijskom fajlom:

sudo service nginx restart

sudo haproxy -f /etc/haproxy/haproxy.cfg

Part 2 - Backend serveri - instalacija Nginx-a i php5-fpm-a - konfiguracija Nginx-a

Prvo se spojimo na backend server i pokrenemo osnovne komande:

sudo apt-get update

sudo apt-get install nginx

sudo apt-get install php5-fpm

Nakon instalacije Nginxa otvorimo config fajlu za domenu example.com i paste-amo sljedeće ( /etc/nginx/sites-available/example.com )

server {

listen 81;

listen 443;

return 404;

}

server {

listen 81; ## listen for ipv4; this line is default and implied

#listen [::]:80 default_server ipv6only=on; ## listen for ipv6

root /usr/share/nginx/www/domain.com;

index index.php index.html index.htm;

# Make site accessible from http://localhost/

server_name domena.tk www.domena.tk;

location / {

# First attempt to serve request as file, then

# as directory, then fall back to displaying a 404.

#try_files $uri $uri/ /index.html;

try_files $uri $uri/ =404;

# Uncomment to enable naxsi on this location

# include /etc/nginx/naxsi.rules

}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

location ~ \.php$ {

try_files $uri =404;

fastcgi_split_path_info ^(.+\.php)(/.+)$;

# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

# With php5-cgi alone:

# fastcgi_pass 127.0.0.1:9000;

# With php5-fpm:

fastcgi_pass unix:/var/run/php5-fpm.sock;

fastcgi_index index.php;

include fastcgi_params;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

location ~ /\.ht {

deny all;

}

Prvi virtualni server koristimo za requestove koji dolaze sa direktnog pristupa na Nginx (IP adresu) te na ovaj način sprječavamo takav način pristupa.

Donji virtualni server odgovara na zahtjeve koji dolaze s example.com i s www.example.com domene.

Obrišite default config fajlu:

sudo rm /etc/nginx/sites-enabled/default

Sada restartajte Nginx:

sudo service nginx restart

--------------------------------------------------------------------------------------------------------------------------------------------

Ukoliko imate ikakvih pitanja odgovorite na post ili mi pošaljite PM.

Poruka je uređivana zadnji put ned 1.12.2013 9:25 (maleksebastianm).

trajni link

0 0 hvala 1