https://www.cnblogs.com/kevingrace/p/14001080.html
一、Nginx的ngx_http_mirror_module模塊實現流量複製介紹
Nginx專門提供了ngx_http_mirror_module模塊,用來實現流量拷貝。將生產環境的流量拷貝到預上線環境或測試環境,這樣做有很多好處:
- 可以驗證功能是否正常,以及服務的性能;
- 用真實有效的流量請求去驗證,又不用造數據,不影響線上正常訪問;
- 相比於灰度發佈,鏡像流量不會影響真實流量;
- 可以用來排查線上問題;
- 重構,假如服務做了重構,這也是一種測試方式;
ngx_http_mirror_module模塊就像是一個鏡像站點一樣,將所有的請求都收集起來,這個鏡像站點就代表了所有真實有效的原始請求。有了這個鏡像站點,後續就可以復現所有的請求,實現把線上的流程複製到別的地方。
ngx_http_mirror_module模塊特性:
- nginx 1.13.4及後續版本內置ngx_http_mirror_module模塊,提供流量鏡像(複製)的功能。
- 支持流量放大,做法爲:配置多份相同鏡像。
- 相比tcp-copy的優勢:無需錄製流量,實時可用;配置相當簡單。
- 源站請求,直接原路返回;正常配置下,mirror請求不影響源站請求及響應,源站nginx-server將流量複製到mirror站後,兩者不再有任何交集。
二、Nginx編譯安裝,要加上ngx_http_mirror_module模塊
下面是Nginx解壓後,編譯安裝的示例
1
2
3
4
5
6
7
8
9
10
11
12
13
|
# ./configure --sbin-path= /usr/local/nginx/nginx --conf-path= /usr/local/nginx/nginx .conf --pid-path= /usr/local/nginx/nginx .pid --with-http_ssl_module --without-http_limit_req_module --without-http_mirror_module --with-pcre=.. /pcre-8 .43 --with-zlib=.. /zlib-1 .2.11 --add-module= /path/to/ngx_devel_kit --add-module= /path/to/lua-nginx-module # make & make install |
三、Nginx流量拷貝的配置示例
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
upstream kevin-order { server 127.0.0.1:8088; } upstream kevin-customer { server 127.0.0.1:8089; } upstream kevin-mirror1 { server 172.16.60.230:8088; } upstream kevin-mirror2 { server 172.16.60.230:8089; } server { listen 80; server_name kevin.com; access_log /usr/local/nginx/logs/kevin .com-access.log main; error_log /usr/local/nginx/logs/kevin .com-error.log; # 源站點1 location /order { proxy_pass http: //kevin-order ; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 複製請求體 mirror_request_body on; # 流量複製 mirror /mirror1 ; } # 源站點2 location /customer { proxy_pass http: //kevin-customer ; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; mirror_request_body on; mirror /mirror2 ; } # 鏡像站點1 location /mirror1 { proxy_pass http: //kevin-mirror1 $request_uri; proxy_pass_request_body on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # 鏡像站點2 location /mirror2 { proxy_pass http: //kevin-mirror2 $request_uri; proxy_pass_request_body on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } |
配置說明:上面配置中,將訪問http://kevin.com/order、http://kevin.com/customer的流量分別複製到172.16.60.230服務器的8088和8089端口。
四、Nginx使用ngx_http_mirror_module模塊進行流量拷貝的配置技巧
1)Nginx複製GET及POST請求流量
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
server { listen 80; server_name kevin.com; # 源站配置 location / { access_log /usr/local/nginx/logs/access .log accesslog; mirror /mirror ; mirror_request_body on; proxy_pass http: //kevin .upstream.name; } # 鏡像站點配置 location /mirror { internal; # 內部配置 proxy_pass http: //mirror .kevin.upstream.name$request_uri; proxy_pass_request_body on; proxy_set_header X-Original-URI $request_uri; #使用真實的url重置url } } |
2)Nginx不允許複製POST請求流量
默認是支持POST流量複製的,需要通過下面配置來禁止。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
server { listen 80; server_name kevin.com; # 源站配置 location / { access_log /usr/local/nginx/logs/access .log accesslog; mirror /mirror ; mirror_request_body off; proxy_pass http: //kevin .upstream.name; } # 鏡像站點配置 location /mirror { # 判斷請求方法,不是GET返回403 if ($request_method != GET) { return 403; } internal; #內部配置 proxy_pass http: //mirror .kevin.upstream.name$request_uri; proxy_pass_request_body off; # mirror_request_body和proxy_pass_request_body都設置爲off,則Conten-length需要設置爲"",否則有坑! proxy_set_header Content-Length "" ; proxy_set_header X-Original-URI $request_uri; # 使用真實的url重置url } } |
3)拷貝流量放大
配置多分mirror鏡像點
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
server { listen 80; server_name kevin.com; # 源站配置 location / { access_log /usr/local/nginx/logs/access .log accesslog; mirror /mirror ; # 多加一份mirror,流量放大一倍 mirror /mirror ; mirror_request_body on; proxy_pass http: //kevin .upstream.name; } # 鏡像站點配置 location /mirror { internal; # 內部配置 proxy_pass http: //mirror .kevin.upstream.name$request_uri; proxy_pass_request_body on; proxy_set_header X-Original-URI $request_uri; #使用真實的url重置url } } |
4)配置mirror鏡像日誌
mirror中不支持配置access_log,解決方法:mirror-location跳轉到server,在server中配置accesslog。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
server { listen 80; server_name kevin.com; # 源站配置 location / { access_log /usr/local/nginx/logs/access .log accesslog; mirror /mirror ; mirror_request_body on; proxy_pass http: //kevin .upstream.name; } # 鏡像站點配置 location /mirror { internal; # 內部配置 # 跳轉到下面的內部server proxy_pass http: //127 .0.0.1:10992$request_uri; proxy_pass_request_body off; proxy_set_header Content-Length "" ; proxy_set_header X-Original-URI $request_uri; #使用真實的url重置url } server { # server沒法設置爲內部 listen 127.0.0.1:10992; location / { # 判斷放在server,使得post請求日誌可以記錄 if ($request_method != GET) { return 403; } access_log /usr/local/nginx/logs/access .log accesslog; proxy_pass http: //mirror .kevin.upstream.name; } } |
五、Nginx流量拷貝的注意事項
1)mirror鏡像配置日誌
鏡像配置不正確,導致流量複製操作沒正常執行。如果mirror鏡像配置缺少日誌,會嚴重影響調試。所以強烈建議配置鏡像日誌,配置方法如如上"配置mirror鏡像日誌"。部分錯誤配置的錯誤信息在在error日誌中。
2)mirror_request_body/proxy_pass_request_body與Content-Length需配置一致
如果mirror_request_body或者proxy_pass_request_body設置爲off,則Content-Length必須設置爲"",因爲nginx(mirror_request_body)或tomcat(mirror_request_body)處理post請求時,會根據Content-Length獲取請求體,如果Content-Length不爲空,而由於mirror_request_body或者proxy_pass_request_body設置爲off,處理方以爲post有內容,當request_body中沒有,處理方會一直等待至超時,則前者爲off,nginx會報upstream請求超時;後者爲off,tomcat會報如下錯誤:
1
2
3
4
5
6
7
8
9
10
11
|
"2020-11-18T17:26:36.803+08:00" "331632b86ec64b829672066a96fc6324" "department" "group" "project_name" "hostname" "127.0.0.1" "" "/post" "p=11" "-" "PostmanRuntime/7.1.1" "ERROR" "xxx.GlobalControllerAdvice" "operateExp" "-" "26" "xxxx.GlobalControllerAdvice" "unknown" "org.springframework.http.converter.HttpMessageNotReadableException" "I/O error while reading input message; nested exception is java.net.SocketTimeoutException" "GlobalControllerAdvice中捕獲全局異常" "org.springframework.http.converter.HttpMessageNotReadableException: I /O error while reading input message; nested exception is java.net.SocketTimeoutException at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodArgumentResolver.readWithMessageConverters(AbstractMessageConverterMethodArgumentResolver.java:229) at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.readWithMessageConverters(RequestResponseBodyMethodProcessor.java:150) at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.resolveArgument(RequestResponseBodyMethodProcessor.java:128) at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:121) at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:158) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:128) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) |