2.1、Nginx 接口负载配置

为了方便后期的使用运维，对默认文件进行统一的修改

#user  nobody;
worker_processes auto;
worker_rlimit_nofile 51200;

error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

pid        logs/nginx.pid;

events {
    use epoll;
    worker_connections 51200;
    multi_accept on;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    server_tokens off;

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    server_names_hash_bucket_size 128;
    server_names_hash_max_size 512;
    keepalive_timeout  65;
    client_header_timeout 15s;
    client_body_timeout 15s;
    send_timeout 60s;

      limit_conn_zone $binary_remote_addr zone=perip:10m;
      limit_conn_zone $server_name zone=perserver:10m;
      limit_conn perip 2;
      limit_conn perserver 20;
      limit_rate 300k;

    client_body_buffer_size 512k;
      client_header_buffer_size 4k;
      client_max_body_size 100m;
      large_client_header_buffers 2 8k;
      proxy_connect_timeout 5s;
      proxy_send_timeout 120s;
      proxy_read_timeout 120s;
      proxy_buffer_size 16k;
      proxy_buffers 4 64k;
      proxy_busy_buffers_size 128k;
      proxy_temp_file_write_size 128k;
      proxy_next_upstream http_502 http_504 http_404 error timeout invalid_header;

    gzip on;
      gzip_min_length 1k;
      gzip_buffers 4 16k;
      gzip_http_version 1.1;
      gzip_comp_level 4;
      gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
      gzip_vary on;
    #gzip_proxied   expired no-cache no-store private auth;
      gzip_disable "MSIE [1-6].";

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    access_log off;

    include /u01/app/vhost/*.conf;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

创建服务负责配置目录

mkdir /u01/app/vhost

这里以h5前端服务为例，创建 nginx.conf 文件

h5.hzgsedu.cn.conf

server {
    listen          80;
    server_name     h5.hzgsedu.cn;


    location ~ /api/ {
      # 没有配置OPTIONS的话，浏览器如果是自动识别协议(http or https)，那么浏览器的自动OPTIONS请求会返回不能跨域
      if ($request_method = OPTIONS ) {
          add_header Access-Control-Allow-Origin "$http_origin";
          add_header Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, DELETE";
          add_header Access-Control-Max-Age "3600";
          add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-Authorization";
          add_header Access-Control-Allow-Credentials "true";
          add_header Content-Length 0;
          add_header Content-Type text/plain;
          return 200;
      }
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Port $server_port;
      proxy_connect_timeout 600;
      proxy_send_timeout 600;
      proxy_read_timeout 600;
      send_timeout 600;
      add_header Access-Control-Allow-Origin "$http_origin";
      add_header Access-Control-Allow-Credentials "true";
      add_header Access-Control-Allow-Methods "GET, PUT, POST, DELETE, OPTIONS";
      add_header Access-Control-Allow-Headers "Content-Type,*";
      rewrite ^/api/(.*)$ /$1 break;
      proxy_pass http://10.16.8.39:30823;
   }

    location / {
        proxy_pass    http://10.16.8.39:31462;
        index  index.html index.htm;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    }

}