Nginx reverse proxy and load balancing introduction

By Nginx

The production of Nginx

Have you heard of Nginx? Then you must have heard of its “peer” Apache! Nginx is a kind of WEB server like Apache. Based on the REST architecture style, using Uniform Resources Identifier URI or Uniform Resources Locator URL as the basis for communication, various network services are provided through the HTTP protocol.

However, these servers were limited by the environment at the beginning of the design, such as the user scale, network bandwidth, product features and other limitations at the time, and their respective positioning and development were different. This also makes each WEB server have its own distinct characteristics.

Apache has a long development period, and it is undoubtedly the world’s largest server. It has many advantages: stable, open source, cross-platform and so on. It has been around for too long, and the Internet industry is far behind the present in the era when it emerged. So it is designed to be a heavyweight. It does not support highly concurrent servers. Running tens of thousands of concurrent accesses on Apache will cause the server to consume a lot of memory. Switching between processes or threads by the operating system also consumes a lot of CPU resources, resulting in a decrease in the average response speed of HTTP requests.

These all determine that Apache cannot become a high-performance WEB server, and the lightweight and high-concurrency server Nginx came into being.

Igor Sysoev, an engineer from Russia, used the C language to develop Nginx while working for Rambler Media. As a WEB server, Nginx has been providing excellent and stable services for Rambler Media.

Next, Igor Sysoev open sourced the Nginx code and granted it a free software license.

Because:

  • Nginx uses an event-driven architecture, which enables it to support millions of TCP connections
  • Highly modular and Free software licenses make third-party modules emerge endlessly (this is an open source era~)
  • Nginx is a cross-platform server that can run on Linux, Windows, FreeBSD, Solaris, AIX, Mac OS and other operating systems上
  • These excellent designs bring great stability

So, Nginx is on fire!

Where Nginx comes in ; Nginx can be used as an HTTP server for website publishing, and Nginx can be used as a reverse proxy for load balancing.

About agency

Speaking of agency, we must first clarify a concept. The so-called agency is a representative and a channel;

At this time, there are two Roles, one is the agent role and the other is the target role. The process by which the agent accesses the target role and completes some tasks through this agent is called the agent operation process; just like a specialty store in life ~ a guest buys a pair of shoes at an adidas specialty store. This store is the agent, the role of the agent is the adidas manufacturer, and the target role is the user.

Forward proxy

Before we talk about reverse proxy, let’s take a look at forward proxy. Forward proxy is also the proxy model most frequently encountered by everyone. We will start with two On the one hand, regarding the processing mode of the forward agent, we will explain what a forward agent is from the software side and the life side respectively.

In today’s network environment, if we need to visit some foreign websites due to technical needs, you will find that a foreign website is not accessible through a browser. At this time Everyone may use an operation FQ for access. The main method of FQ is to find a proxy server that can access foreign websites. We send the request to the proxy server, the proxy server visits the foreign website, and then passes the accessed data to us !

The above-mentioned proxy mode is called forward proxy. The biggest feature of forward proxy is that the client is very clear about the server address to be accessed; the server only knows which proxy server the request comes from, but not which specific The client; the forward proxy mode shields or hides the real client information. Let’s take a look at a schematic diagram (I frame the client and forward proxy together, and they belong to the same environment, and I will introduce them later):

share picture

The client must set a forward proxy server, of course, the premise is to know the IP address of the forward proxy server, and There is a port for the agent. As shown in the figure.

Share a picture

In summary:

Forward proxy, “it is the proxy client, and makes requests on behalf of the client.” For servers between origin servers, in order to obtain content from the origin server, the client sends a request to the proxy and specifies the target (origin server), and then the proxy forwards the request to the origin server and returns the obtained content to the client. The client must make some special settings to use the forward proxy.

The purpose of forward proxy:
(1) Access to previously inaccessible resources, such as Google
(2) It can be cached to speed up access to resources
(3) Authorize client access and authenticate online
(4) The agent can record user access records (online behavior management) and hide user information from the outside

Anti Xiang Proxy

Understand what a forward proxy is, let’s continue to look at the handling of reverse proxy, for example, a certain treasure website of my great celestial court, the number of visitors who connect to the website at the same time every day has exploded. Servers are far from satisfying the people’s growing desire to buy. At this time, a familiar term emerged: distributed deployment; that is, the deployment of multiple servers to solve the problem of limited number of visitors; most of the functions in a treasure website It is also implemented directly using Nginx for reverse proxy, and after encapsulating Nginx and other components, a tall name is given: Tengine. Interested children can visit Tengine’s official website to view specific information: http://tengine. taobao.org/. So in what way does the reverse proxy realize the distributed cluster operation? Let’s first look at a schematic diagram (I put the server and the reverse proxy together, they belong to the same environment, I will introduce it later):

Share picture

Pass the above You can see the diagram clearly. Multiple clients send requests to the server. After receiving them, the Nginx server distributes them to the back-end business processing server for processing according to certain rules. At this time, the source of the request, which is the client, is clear, but it is not clear which server handles the request. Nginx plays the role of a reverse proxy.

The client is unaware of the existence of a proxy, and the reverse proxy is transparent to the outside, and visitors do not know that they are accessing a proxy. Because the client can access without any configuration.

Reverse proxy, “it acts as a proxy for the server and receives requests on behalf of the server”. It is mainly used in the case of distributed deployment of server clusters. The reverse proxy hides the information of the server.

The role of reverse proxy:
(1) To ensure the security of the internal network, the reverse proxy is usually used as the public network access address, and the web server is the internal network
(2) Load balancing, optimize the load of the website through the reverse proxy server

Project scenario

Usually, when we actually operate the project, forward proxy and reverse The proxy is likely to exist in an application scenario. The forward proxy proxy client’s request to access the target server, the target server is a reverse proxy server, and multiple real business processing servers are reverse proxyed. It’s as if communication is only between the forward proxy and the reverse proxy. The forward proxy sends requests on behalf of the client, and the reverse proxy forwards the requests on behalf of the server. The specific topology diagram is as follows:

Share pictures

< /p>

The difference between the two

I cut a picture to illustrate the difference between the forward proxy and the reverse proxy , As shown in the figure.

share picture

Illustration:

In the forward proxy, the Proxy and the Client belong to the same LAN (in the box in the figure), which hides the client information;

In the reverse proxy, the Proxy and Client belong to the same LAN. Server belongs to the same LAN (in the box in the figure), which hides the server information;

In fact, what Proxy does in the two proxies is to send and receive requests and responses on behalf of the server, but from the structure The above look happened to be reversed, so the proxy method that appeared later is called a reverse proxy.

Load Balancing

We have clarified the concept of the so-called proxy server, then next, Nginx plays the role of a reverse proxy server, based on what kind of rules does it make requests Is it distributed? Can the distribution rules be controlled for unused project application scenarios?

The number of requests sent by the client and received by the Nginx reverse proxy server mentioned here is the amount of load we are talking about.

The rule that the number of requests is distributed to different servers for processing according to certain rules is a balancing rule.

Therefore, the process of distributing the requests received by the server according to the rules is called load balancing.

In the actual project operation process, load balancing has hardware load balancing and software load balancing. Hardware load balancing is also called hard load, such as F5 load balancing, which is relatively expensive and expensive, but the data The stability, security, etc. are very good guarantees. Companies such as China Mobile and China Unicom will choose hard load for operation; more companies will choose to use software load balancing for cost reasons, and software load balancing is to use A message queue distribution mechanism implemented by the existing technology combined with host hardware.

share picture

Load balancing algorithm

The load balancing scheduling algorithm supported by Nginx is as follows:

  1. Weight polling (default, commonly used): The received requests are assigned to different post-requests according to their weights. The end server, even if a certain back-end server is down during use, Nginx will automatically remove the server from the queue, and the request acceptance will not be affected in any way. In this way, a weight value (weight) can be set for different back-end servers to adjust the allocation rate of requests on different servers; the larger the weight data, the greater the probability of being allocated to the request; the weight value, It is mainly adjusted for different back-end server hardware configurations in the actual working environment.
  2. ip_hash (commonly used): Each request is matched according to the hash result of the ip that initiated the client. Under this algorithm, a client with a fixed IP address will always access the same back-end server. It also solves the problem of session sharing in the cluster deployment environment to a certain extent.
  3. fair: Intelligently adjust the scheduling algorithm, dynamically allocate the time from the request processing to the response of the back-end server, and the server with short response time and high processing efficiency has a high probability of being allocated to the request, and the response time is long. Inefficient servers allocate fewer requests; a scheduling algorithm that combines the advantages of the first two. But it should be noted that Nginx does not support fair algorithm by default. If you want to use this scheduling algorithm, please install the upstream_fair module.
  4. url_hash: Allocate requests according to the hash result of the visited url. Each requested url will point to a fixed backend server, which can improve the cache efficiency when Nginx is used as a static server. Also note that Nginx does not support this scheduling algorithm by default. If you want to use it, you need to install the Nginx hash software package.

Comparison of several common web servers

Share pictures

Reposted from: https://www.cnblogs.com/wcwnina/p/8728391.html

, , , , ,

Leave a Comment

Your email address will not be published.