nginx 負載均衡搭建

worker_processes 16;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections 65535;
}
http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
	
	#server{
	#	listen 20;
	#	server_name server1
	#	return 301 https://20.0.2.2;
	#}
	
	upstream https_services {
		ip_hash;
		server 127.0.0.1:8010;
		server 127.0.0.1:9010;
		server 127.0.0.1:9020;
		server 127.0.0.1:9030;
		server 127.0.0.1:9040;
	}
	server{
		listen 80;
		server_name 127.0.0.1;
		#location ~ .*\.(jpg|jpeg|gif|png|ico|mp4|AVI|mov|rmvb|rm|FLV|3GP)$ {gdt.xxz.gov.cn
        #    root D:\file;
        #}
	    rewrite ^(.*)$ https://$host$1 permanent;
		#把http的域名請求轉成https
		#location / {
		#	proxy_pass http://services;
        #}
		
	}
	#配置https以及證書 by moshow
	server {
		listen       443 ssl;
		charset utf-8;
		server_name  127.0.0.1;
		ssl_certificate      sslkey/full_chain.pem;
		ssl_certificate_key  sslkey/gdtxxz.key;
		ssl_session_cache    shared:SSL:1m;
		ssl_session_timeout  5m;
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
		ssl_prefer_server_ciphers  on;
		location /traffic/sockjs {  
			proxy_pass https://127.0.0.1:8009/traffic/sockjs;      # 轉發
			proxy_set_header Host $host;
			proxy_set_header X-Real_IP $remote_addr;
			proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;   # 更新協定頭
			proxy_set_header Connection upgrade; 
		}
		location /fileServer/sockjs {  
			proxy_pass https://10.21.36.21:8031/fileServer/sockjs;      # 轉發
			proxy_set_header Host $host;
			proxy_set_header X-Real_IP $remote_addr;
			proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;   # 更新協定頭
			proxy_set_header Connection upgrade; 
		}
        location /traffic { 
            proxy_pass https://127.0.0.1:8009; 
        }
		location /tourism { 
            proxy_pass https://127.0.0.1:8012;  
        }
        location / {
			#proxy_pass https://127.0.0.1:8010;
			proxy_pass https://https_services; #請求轉向riskraiders定義的伺服器清單
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#後端的Web伺服器可以通過X-Forwarded-For擷取使用者真實IP
			proxy_set_header X-Forwarded-Proto https;
			proxy_next_upstream off;
			client_max_body_size 50m; 
			client_body_buffer_size 256k; 
			proxy_connect_timeout 1; 
			proxy_send_timeout 30; 
			proxy_read_timeout 60; 
			proxy_buffer_size 256k; 
			proxy_buffers 4 256k; 
			proxy_busy_buffers_size 256k; 
			proxy_temp_file_write_size 256k;
			proxy_max_temp_file_size 128m; 
        }
		location /videoShareApi {
			proxy_pass http://10.21.38.9:82/;
        }
    }


}