Nginx不仅可以做HTTP负载均衡,还可以配置TCP/UDP负载均衡。以下是配置TCP负载均衡的详细步骤:
确保Nginx支持TCP负载均衡:
nginx_tcp_proxy_module第三方模块修改nginx.conf主配置文件:
# 在main上下文中添加stream模块
stream {
upstream tcp_backend {
# 配置后端服务器
server backend1.example.com:3306 weight=5;
server backend2.example.com:3306;
server backend3.example.com:3306 max_fails=3 fail_timeout=30s;
}
server {
listen 3306; # 监听端口
proxy_pass tcp_backend; # 转发到上游服务器组
proxy_timeout 1s; # 超时设置
proxy_connect_timeout 1s; # 连接超时
}
}
upstream tcp_backend {
# 默认轮询(round-robin)
# 最少连接数
least_conn;
server backend1.example.com:3306;
server backend2.example.com:3306;
}
upstream tcp_backend {
server backend1.example.com:3306 max_fails=2 fail_timeout=10s;
server backend2.example.com:3306 max_fails=2 fail_timeout=10s;
}
server {
listen 443 ssl;
proxy_pass tcp_backend;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
stream {
upstream mysql_servers {
server db1.example.com:3306;
server db2.example.com:3306;
}
server {
listen 3306;
proxy_pass mysql_servers;
proxy_connect_timeout 1s;
}
}
stream {
upstream redis_servers {
server redis1.example.com:6379;
server redis2.example.com:6379;
}
server {
listen 6379;
proxy_pass redis_servers;
}
}
stream {
upstream ssh_servers {
server ssh1.example.com:22;
server ssh2.example.com:22;
}
server {
listen 2222;
proxy_pass ssh_servers;
}
}
性能调优:
worker_processes和worker_connections以适应高并发reuseport选项提高性能日志记录:
stream {
log_format tcp_log '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time';
access_log /var/log/nginx/tcp-access.log tcp_log;
}
allow/deny限制访问IP配置完成后,使用nginx -t测试配置是否正确,然后nginx -s reload重新加载配置。