前言
nginx從1.9.0開始,新增加了一個stream模塊,用來實現四層協議的轉發、代理或者負載均衡等。這完全就是搶HAproxy份額的節奏,鑑於nginx在7層負載均衡和web service上的成功,和nginx良好的框架,stream模塊前景一片光明。
stream 模塊編譯
stream模塊默認沒有編譯到nginx, 編譯nginx時候 ./configure –with-stream 即可
官網:http://nginx.org/en/docs/stream/ngx_stream_core_module.html
用法
stream模塊用法和http模塊差不多,關鍵的是語法幾乎一致。熟悉http模塊配置語法的上手更快
以下是一個配置了tcp負載均衡和udp(dns)負載均衡的例子, 有 server,upstream塊,而且還有server,
hash, listen, proxy_pass等指令,如果不看最外層的stream關鍵字,還以爲是http模塊呢。
修改配置文件:
vim /etc/nginx/nginx.conf
具體內容如下:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
}
#負載exchange2016前端的模塊配置
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
}
#負載exchange2016前端的模塊配置
stream {
upstream mail {
least_conn;//連接數進行負載
server 172.20.224.136:443 max_fails=2 fail_timeout=10s;//被動檢查服務器響應
server 172.20.224.57:443 max_fails=2 fail_timeout=10s;
}
upstream mail {
least_conn;//連接數進行負載
server 172.20.224.136:443 max_fails=2 fail_timeout=10s;//被動檢查服務器響應
server 172.20.224.57:443 max_fails=2 fail_timeout=10s;
}
server {
listen 443;
proxy_pass mail;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 443;
proxy_pass mail;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream smtp {
least_conn;
server 172.20.224.136:25 max_fails=2 fail_timeout=10s;
server 172.20.224.57:25 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:25 max_fails=2 fail_timeout=10s;
server 172.20.224.57:25 max_fails=2 fail_timeout=10s;
}
server {
listen 25;
proxy_pass smtp;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 25;
proxy_pass smtp;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream pop {
least_conn;
server 172.20.224.136:110 max_fails=2 fail_timeout=10s;
server 172.20.224.57:110 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:110 max_fails=2 fail_timeout=10s;
server 172.20.224.57:110 max_fails=2 fail_timeout=10s;
}
server {
listen 110;
proxy_pass pop;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 110;
proxy_pass pop;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream imap {
least_conn;
server 172.20.224.136:143 max_fails=2 fail_timeout=10s;
server 172.20.224.57:143 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:143 max_fails=2 fail_timeout=10s;
server 172.20.224.57:143 max_fails=2 fail_timeout=10s;
}
server {
listen 143;
proxy_pass imap;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 143;
proxy_pass imap;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream pops {
least_conn;
server 172.20.224.136:995 max_fails=2 fail_timeout=10s;
server 172.20.224.57:995 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:995 max_fails=2 fail_timeout=10s;
server 172.20.224.57:995 max_fails=2 fail_timeout=10s;
}
server {
listen 995;
proxy_pass pops;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream imaps {
least_conn;
server 172.20.224.136:993 max_fails=2 fail_timeout=10s;
server 172.20.224.57:993 max_fails=2 fail_timeout=10s;
}
listen 995;
proxy_pass pops;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream imaps {
least_conn;
server 172.20.224.136:993 max_fails=2 fail_timeout=10s;
server 172.20.224.57:993 max_fails=2 fail_timeout=10s;
}
server {
listen 993;
proxy_pass imaps;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 993;
proxy_pass imaps;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream smtps {
least_conn;
server 172.20.224.136:587 max_fails=2 fail_timeout=10s;
server 172.20.224.57:587 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:587 max_fails=2 fail_timeout=10s;
server 172.20.224.57:587 max_fails=2 fail_timeout=10s;
}
server {
listen 587;
proxy_pass smtps;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 587;
proxy_pass smtps;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
upstream smtps1 {
least_conn;
server 172.20.224.136:465 max_fails=2 fail_timeout=10s;
server 172.20.224.57:465 max_fails=2 fail_timeout=10s;
}
least_conn;
server 172.20.224.136:465 max_fails=2 fail_timeout=10s;
server 172.20.224.57:465 max_fails=2 fail_timeout=10s;
}
server {
listen 465;
proxy_pass smtps1;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
listen 465;
proxy_pass smtps1;
proxy_timeout 3s;
proxy_connect_timeout 1s;
}
}
配置使用wq推出保存,在使用命令
cd /etc/nginx/nginx.d
nginx -s reload
重新加載服務之後就可以使用了