虽然说windows上的nginx在官方文档中提到“仅作为测试”之用,但对于小规模并发场景还是比apache有不小的优势。所以,本文也将其作为windows服务器上负载均衡的主要工具进行说明。
配置实例
#user nobody;#指定nginx进程数,通常与CPU数相一致。特别是在windows平台中,这一数值一般只能设置为1。worker_processes 1;#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info;#pid logs/nginx.pid;events {# windows平台基本只能设置为1024 worker_connections 1024;}http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; # 如果应用未使用文件传递,则可关闭此项。 sendfile off; #tcp_nopush on; keepalive_timeout 15; #gzip on; # HTTPS server upstream cas_servers { #使用C类网络中的IP HASH方式进行负载分流 ip_hash; server 127.0.0.1:8400 weight=1; server 127.0.0.1:8401 weight=1; # server 127.0.0.1:8402 weight=1; } server { listen 80; server_name 192.168.50.30; location / { proxy_pass http://127.0.0.1:9000$request_uri; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 443; server_name www.example.com; ssl on; ssl_certificate ssl.crt; # 与apache类似,nginx也不使用有密码的ssl key ssl_certificate_key ssl-nokey.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; #ssl_ciphers HIGH:!aNULL:!MD5 ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; #双向认证 #ssl_client_certificate ca.crt; #双向认证 ssl_verify_client off; location / { proxy_pass http://cas_servers$request_uri; # 将client端传递过来的HTTP Host转发给给后端 Web AppServer proxy_set_header Host $host; # 传递client端的真实IP,但如果后端 Web AppServer 没有对此进行专门处理,也没啥作用 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 如果使用了 SSL,则将HTTP SSL_CERT 参数转发给后端 Web AppServer proxy_set_header SSL_CERT $ssl_client_cert; } }}