当前位置: > Linux服务器 > nginx >

nginx 负载均衡配置 - windows

时间:2015-10-06 22:48来源:linux.it.net.cn 作者:IT

虽然说windows上的nginx在官方文档中提到“仅作为测试”之用,但对于小规模并发场景还是比apache有不小的优势。所以,本文也将其作为windows服务器上负载均衡的主要工具进行说明。

配置实例

#user  nobody;

#指定nginx进程数,通常与CPU数相一致。特别是在windows平台中,这一数值一般只能设置为1。
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
# windows平台基本只能设置为1024
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    # 如果应用未使用文件传递,则可关闭此项。
    sendfile        off;
    #tcp_nopush     on;

    keepalive_timeout  15;

    #gzip  on;

    # HTTPS server
    upstream cas_servers { 
        #使用C类网络中的IP HASH方式进行负载分流
        ip_hash; 
        server 127.0.0.1:8400 weight=1;
        server 127.0.0.1:8401 weight=1;
    #   server 127.0.0.1:8402 weight=1; 
    }
    server {
        listen 80;
        server_name 192.168.50.30;
        location / {
            proxy_pass http://127.0.0.1:9000$request_uri;
            proxy_set_header Host $host;

            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
        }
    }
    server {
        listen       443;
        server_name  www.example.com;

        ssl                  on;
        ssl_certificate      ssl.crt;
        # 与apache类似,nginx也不使用有密码的ssl key
        ssl_certificate_key  ssl-nokey.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        #ssl_ciphers  HIGH:!aNULL:!MD5
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers   on;
        #双向认证 
        #ssl_client_certificate ca.crt;
        #双向认证
        ssl_verify_client off; 

        location / {
            proxy_pass http://cas_servers$request_uri;
            # 将client端传递过来的HTTP Host转发给给后端 Web AppServer
            proxy_set_header Host $host;
            # 传递client端的真实IP,但如果后端 Web AppServer 没有对此进行专门处理,也没啥作用
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
            # 如果使用了 SSL,则将HTTP SSL_CERT 参数转发给后端 Web AppServer 
            proxy_set_header SSL_CERT $ssl_client_cert;           
        }
    }

}
(责任编辑:IT)
------分隔线----------------------------
栏目列表
推荐内容