1. nginx load balancing strategy
As an efficient web server and reverse proxy server, Nginx is widely used in website load balancing. Load balancing refers to allocating received network requests to multiple backend servers, which can improve the processing power of the website, avoid overloading of a single server, and also improve the availability and reliability of the website.
1.1 Basic load balancing strategy
- Round Robin: This is the most basic load balancing method and is also the default policy of Nginx. It assigns requests to each server in order of requests. If a server goes down, it will be automatically excluded from the allocated queue
- Weighted Round Robin: Based on polling, a weight can be set for each server. Depending on the weight, the probability of the server being assigned requests is also different. The higher the weight, the more requests assigned
- IP hash (IP hash): Hash calculation is performed through the client's IP address, and then the request is assigned to a specific server based on the hash value. This method ensures that client users from the same IP address will be assigned to the same server, suitable for application scenarios where session retention is required
- Least Connections: Assign the request to the server with the lowest number of connections at present. This strategy is suitable for handling uneven time requests, which can prevent some long-term connection-consuming requests that cause excessive server load to occur due to long-term servers
1. Investing: Each request will be assigned to different backend servers one by one in chronological order
| parameter | Remark |
|---|---|
| fail_timeout | Used in conjunction with max_fails. |
| max_fails | Set the maximum number of failures within the time set by the fail_timeout parameter. If all requests for the server fail within this time, the server is considered to be downtime. |
| fail_time | The length of time the server will be considered downtime, default is 10s |
| backup | Mark this server as a backup server. When the main server stops, the request will be sent to it |
| down | Mark the server for permanent downtime, used to explicitly troubleshoot or maintenance servers to avoid invalid requests |
Notice:
- During polling, if the server is down, the server will be automatically removed.
- The default configuration is the polling policy.
- This policy is suitable for use with fairly-configured, stateless, and short-term and fast server services.
upstream backend {
server fail_timeout=60s max_fails=2;
server fail_timeout=60s max_fails=2;
}
max_fails=2; Indicates if fail_timeout During the time period,Nginx The number of failed requests to a certain upstream server has been reached 2 Second-rate,The server is considered unavailable。
fail_timeout=60s; It has two functions:first,It defines the above max_fails The length of time window mentioned in,In this example 60 Second;其Second-rate,Once an upstream server is deemed unavailable,Nginx Will be in the next 60 Second内不再向这台服务器转发任何请求。
This configuration helps improve service reliability,By automatically disabling servers that appear to have failed,And try to connect them again after a while,This avoids sending client requests to unhealthy servers。
In this configuration,if exist 60 Second内连续失败 2 Second-rate请求,Nginx It will temporarily stop forwarding requests to it 60 Second,and forward the request only to 。Similarly,for The same rules will be applied。This setup ensures that even if there is a problem with one server,The user can still be directed to another available server。2. Weight:pass
weightParameters assign weights to the server (weight=1is the default value), the higher the weight, the more requests are allocated
- The higher the weight, the more requests you need to process.
- This policy can be used in conjunction with least_conn and ip_hash.
- This strategy is more suitable for situations where the hardware configuration of the server is quite different; for example: hybrid deployment of virtual machines and physical communities
Notice:
upstream backend {
server 192.168.1.1:80 weight=10; # High-performance server, handle more requests server 192.168.1.2:80 weight=5; # Low performance server, handles fewer requests}Hash: Hash calculations are performed based on the client IP address to ensure that requests for the same IP are always forwarded to the same server
Notice:
- Before nginx version 1.3.1, weights cannot be used in ip_hash (weight)
- ip_hash cannot be used at the same time as backup
- This policy is suitable for stateful services, such as session
- When there is a server that needs to be removed, it must be manually down-down
- Scenarios that require session maintenance (such as e-commerce shopping carts, user login status), but the server failure may cause session loss
upstream backend {
ip_hash; # Enable IP hashing policyserver 192.168.1.1:80;
server 192.168.1.2:80;
}
------------------------------------------------------
upstream fileserver {
ip_hash;
server 192.19.31.91:32100 fail_timeout=60s max_fails=2;
server 192.19.31.92:32100 fail_timeout=60s max_fails=2;
keepalive 100;
}4. Minimum number of connections: Forward the request to the server with the lowest number of connections currently to adapt to traffic fluctuations
Notice:
- This load balancing policy is suitable for cases where request processing time varies, causing server overload.
upstream backend {
least_conn; # Enable the minimum connection policy server 192.168.1.1:80;
server 192.168.1.2:80;
}Weighted minimum number of connections: on the basis of the minimum connection, through
weightThe parameters set the processing capacity weight for the server, making the balance more accurate
- formula:
(current connections) / (weight), the smaller the value, the priority is to allocate the request.
Notice:
- Suitable for scenarios where server performance varies and requires dynamically equalization of connections (such as hybrid cloud deployment)
upstream backend {
least_conn;
server 192.168.1.1:80 weight=10; # High-end server, higher weight, allowing processing more connections server 192.168.1.2:80 weight=5; # Low-weighting server, low weight, protect its load}1.2 Third-party strategy
- fair: Allocate requests based on the response time of the backend server, and servers with short response time are assigned first.
- url_hash: Assign requests based on the hash result of accessing URLs, ensuring that the same URL request is always assigned to the same server, which helps improve cache hit rate
(Fair Strategy): Forward requests to the fastest-responsive server to optimize user experience
Notice:Principle (unofficial standard strategy, upstream_fair module is required)
- Requires third-party plug-ins
- Forward requests to the fastest-responsive server to optimize user experience.
- Dynamically perceived server processing capabilities, suitable for scenarios where request time is large and different.
Hash: Hash the requested URL, and requests for the same URL are always forwarded to the same server (commonly used in cache scenarios)
The request is allocated according to the hash result of accessing the url, so that each url is directed to the same backend server, and it should be used in conjunction with cache hits. Multiple requests for the same resource may arrive on different servers, resulting in unnecessary multiple downloads, low cache hit rate, and wasted some resource time. Using url_hash can make the same url (that is, the same resource request) reach the same server. Once the resource is cached, and the request is received, it can be read from the cache
Notice:
- Dependency module: ngx_http_upstream_hash_module needs to be loaded (Nginx official module, required to be enabled during compilation)
upstream backend {
hash $request_uri consistent; # Enable consistent hashing for URL hashing, `consistent` (reduces hashing redistribution when server changes) server 192.168.1.1:80;
server 192.168.1.2:80;
}1.3 Strategy comparison
By rationally selecting load balancing strategies, Nginx can efficiently allocate traffic and improve the availability and performance of back-end services
| Strategy | Core logic | Advantage scenes | shortcoming |
|---|---|---|---|
| polling | Sequential allocation | Consistent server performance | No load status considered |
| Weighted polling | Assign by weight | Different server performance | Static configuration without dynamic adjustment |
| Minimum connection | The minimum number of connections is preferred | Long connection or request time consuming | Server performance differences were not considered |
| Weighted minimum connection | Combining the number of connections and weights | Differentiated performance and dynamic balance | Complex configuration |
| IP hashing | Client IP binding | Session keeping | The session may be lost in the event of a server failure |
| URL hash | URL binding server | Resource cache acceleration | Additional modules are required, only applicable to specific scenarios |
2. nginx configuration
2.1 Basic Commands
nginx -t Check if there are syntax errors in the configuration file nginx -s reload Hot loading,Reload the configuration file nginx -s stop Quickly close nginx -s quit Wait for the worker process to close after completing
If you can configure files on Linux system
[Unit] Description=Nginx Web Server After= [Service] Type=forking ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/ #Modify nginx directoryExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/usr/local/nginx/sbin/nginx -s stop KillMode=process Restart=always RestartSec=5s StartLimitInterval=0 [Install] WantedBy=
Start the installation(Start up automatically)nginx sudo systemctl daemon-reload //Reload the systemd servicesudo systemctl enable sudo systemctl start systemctl status systemctl restart
2.2 Detailed explanation of nginx default configuration
user nginx; # Nginx worker process running user (default: nginx, can be changed to other users)worker_processes auto; # Number of worker processes, usually set to the number of CPU cores (default: 1, recommended to set to auto or actual cores)error_log /var/log/nginx/; #Error Logpid /run/;
# Load dynamic modules. See /usr/share/doc/nginx/.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024; # Define the maximum number of connections per worker process. Set to 1024 here, which means that each process can process up to 1024 concurrent connections}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#Define log format main, used to record access logs#$remote_addr: Client IP address# $time_local: Request time.#$request`: The original line requested by the client (such as `GET/HTTP/1.1)#$status: Response status code (such as 200, 404)#$body_bytes_sent: The number of bytes sent to the client (excluding response headers)#$http_referer: Request source page#$http_user_agent: Client browser identity#$http_x_forwarded_for: Client IP in the proxy chain (for reverse proxy scenarios) access_log /var/log/nginx/ main;
sendfile on; #Enable efficient file transfer mode (send files directly from disk to the network) tcp_nopush on; #Optimize TCP data transfer (use combined to reduce latency) tcp_nodelay on; #Optimize TCP data transfer (use combined to reduce latency) keepalive_timeout 65; #Set client connection holding time (unit: seconds) to reduce TCP handshake overhead types_hash_max_size 2048; #Define the size of the MIME type hash table to avoid hash conflicts include /etc/nginx/;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/ directory.
# See /en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx//*.conf; #Load all .conf files in the /etc/nginx// directory. Typically used to organize multiple virtual hosts or modular configurations#Function: Define an HTTP server that listens to port 80 server {
listen 80 default_server; # Listen to IPv4's port 80 and serve as the default server (used when other `server_name` is not matched) listen [::]:80 default_server; # Listen to IPv4's port 80 and serve as the default server (used when other `server_name` is not matched) server_name _; # _ means wildcard, matching all unspecified domain names root /usr/share/nginx/html; #Set the website root directory, static files (such as ``) need to be placed in this directory # Load configuration files for the default server block.
include /etc/nginx//*.conf; # Load the additional configuration file for the default server (usually used to override or extend the default configuration)#Function: Define the processing rules for the root path `/`. Currently empty, indicating the default behavior is used (returning files under the `root` directory).#Extension suggestions: You can add proxy, redirect or static file processing logic here location / {
}
# Define 404 The error page is `/`. `location = /` means exact match `/` path (must ensure that the file exists) error_page 404 /;
location = / {
}
# Define the 5xx error page as `/` (such as server internal errors, gateway errors, etc.). error_page 500 502 503 504 /;
location = / {
}
}
# Enable HTTPS service (the commented out needs to be uncommented and configured)#Key Configuration#listen 443 ssl http2; Listen to port 443 and enable SSL/TLS and HTTP/2.#ssl_certificate and ssl_certificate_key specify the SSL certificate and private key paths.#ssl_ciphers: Defines the encryption suite (PROFILE=SYSTEM means using the system default configuration).#ssl_prefer_server_ciphers on; Priority to using server-side encryption suite#LS Server Configuration (Comment Section)# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/";
# ssl_certificate_key "/etc/pki/nginx/private/";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx//*.conf;
#
# location / {
# }
#
# error_page 404 /;
# location = / {
# }
#
# error_page 500 502 503 504 /;
# location = / {
# }
# }
}Some detailed parameters
https:///server/refer to
#Safety related add_header X-Frame-Options SAMEORIGIN; # Only allow this site to use frames to nest add_header X-Content-Type-Options nosniff; # Sniffing file types is prohibited add_header X-XSS-Protection "1; mode=block"; # # XSS Protection add_header Content-Security-Policy "script-src * 'unsafe-inline' 'unsafe-eval'";
add_header Referrer-Policy 'origin';
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
server_tokens off;
access_log off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_connect_timeout 6000; #nginx and backend server connection timeout timeout (proxy connection timeout) proxy_send_timeout 6000; # Backend server data return time (Proxy send timeout) proxy_read_timeout 6000; #After the connection is successful, the backend server response time (proxy reception timeout) proxy_buffer_size 1024k; #Set the buffer size of the proxy server (nginx) to save user header information proxy_buffers 16 1024k; #proxy_buffers buffer, if the web page is below 32k on average, set this way proxy_busy_buffers_size 2048k; #Buffer size under high load (proxy_buffers*2) proxy_temp_file_write_size 2048k; #Set the cache folder size, which is greater than this value, and will be passed from the upstream server client_max_body_size 2048m; #The maximum number of single file bytes allowed by the client to request client_body_buffer_size 128k; #The maximum number of bytes requested by the buffer proxy buffers the user side server_names_hash_bucket_size 128; #The hash table size of the server name proxy_intercept_errors on;
client_header_buffer_size 512k; #Solve the request header size get request too long large_client_header_buffers 4 512k; #Solve the request header size get request too long gzip on; #Enable gzip compression output gzip_min_length 1k; #No compression threshold, only those greater than 1K are compressed, and generally no need to change it gzip_buffers 4 16k; #It means to apply 4 memory units of 16k as the compressed result stream cache. The default value is to apply for the same memory space as the original data size to store gzip compressed results. gzip_http_version 1.0; #Compressed version (default 1.1, if the front end is squid2.5, please use 1.0) gzip_comp_level 2; #Compression Level gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/json;
gzip_disable "MSIE [1-6]\.";
# Set expiration time according to file type location ~.*\.css$ {
expires 1d;
break;
}
location ~.*\.js$ {
expires 1d;
break;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
access_log off;
expires 15d; #Save for 15 days break;
}
# curl -x127.0.0.1:80 /static/image/common/ -I # test the max-age of the image# Prohibit file caching#The development environment often changes code, because the browser cache needs to be forced to refresh to see the effect. This is what we can prohibit browser cache to improve efficiencylocation ~* \.(js|css|png|jpg|gif)$ {
add_header Cache-Control no-store;
}This is the end of this article about nginx load balancing and detailed configuration. For more related nginx load balancing content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!