基于lua的健康检查配置:
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 |
http { # 定义包含 4 台服务器的 backend1 upstream,检查 www.badiu.com/health.php upstream backend1 { server 1.1.1.1:443 weight=100 max_fails=3 fail_timeout=30s; server 1.1.1.2:443 weight=50 max_fails=3 fail_timeout=30s; server 1.1.1.3:443 weight=20 max_fails=3 fail_timeout=30s; server 1.1.1.4:443 weight=10 max_fails=3 fail_timeout=30s; server 1.1.1.5:443 backup; # 保底服务器,不进行健康检查 } # 定义包含 2 台服务器的 backend2 upstream,检查 abc.com/aaa.html upstream backend2 { server 2.2.2.1:443 weight=80 max_fails=3 fail_timeout=30s; server 2.2.2.2:443 weight=20 max_fails=3 fail_timeout=30s; server 2.2.2.3:443 backup; # 保底服务器,不进行健康检查 } # 定义 backend3 upstream,检查 /healthcheck upstream backend3 { server 3.3.3.1:443 weight=70 max_fails=3 fail_timeout=30s; server 3.3.3.2:443 weight=30 max_fails=3 fail_timeout=30s; server 3.3.3.3:443 backup; # 保底服务器,不进行健康检查 } init_worker_by_lua_block { local http = require "resty.http" local upstreams = { { name = "backend1", path = "/health.php", check_type = "php", domain = "www.badiu.com", servers = { { ip = "1.1.1.1", port = 443, weight = 100 }, { ip = "1.1.1.2", port = 443, weight = 50 }, { ip = "1.1.1.3", port = 443, weight = 20 }, { ip = "1.1.1.4", port = 443, weight = 10 } -- 不将保底服务器加入健康检查列表 } }, { name = "backend2", path = "/aaa.html", check_type = "html", domain = "abc.com", servers = { { ip = "2.2.2.1", port = 443, weight = 80 }, { ip = "2.2.2.2", port = 443, weight = 20 } -- 不将保底服务器加入健康检查列表 } }, { name = "backend3", path = "/healthcheck", check_type = "html", domain = "yourbackend3domain.com", servers = { { ip = "3.3.3.1", port = 443, weight = 70 }, { ip = "3.3.3.2", port = 443, weight = 30 } -- 不将保底服务器加入健康检查列表 } } } local function check_health() for _, upstream in ipairs(upstreams) do for _, server in ipairs(upstream.servers) do local ip = server.ip local port = server.port local httpc = http.new() if httpc then httpc:set_timeout(2000) -- 设置超时时间为 2 秒 local ok, err = httpc:connect{ scheme = "https", host = ip, port = port, ssl_verify = false -- 可根据实际情况开启 SSL 验证 } if not ok then -- 动态调整服务器权重为 0 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, true) else local res, err = httpc:request{ method = "GET", path = upstream.path, headers = { ["Host"] = upstream.domain } } if not res then -- 动态调整服务器权重为 0 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, true) else local status = res.status if upstream.check_type == "php" then local body = res:read_body() local all_success = true for line in body:gmatch("[^\r\n]+") do if not line:find("Success$") then all_success = false break end end if all_success then -- 动态恢复服务器权重 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, false) else -- 动态调整服务器权重为 0 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, true) end elseif upstream.check_type == "html" and (status == 200 or status == 206 or status == 304 or status == 301 or status == 302) then -- 动态恢复服务器权重 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, false) else -- 动态调整服务器权重为 0 local index = 0 for i, s in ipairs(upstream.servers) do if s.ip == ip and s.port == port then index = i - 1 break end end local ok, err = require("ngx.upstream").set_peer_down(upstream.name, false, index, true) end if res then res:close() end end if httpc then httpc:close() end end end end end end local ok, err = ngx.timer.every(5, check_health) -- 每 5 秒检查一次 } server { listen 443 ssl; server_name yourdomain.com; ssl_certificate /path/to/your/cert.pem; ssl_certificate_key /path/to/your/key.pem; location /backend1 { proxy_pass https://backend1; } location /backend2 { proxy_pass https://backend2; } location /backend3 { proxy_pass https://backend3; } } |
申明:除非注明Byrd's Blog内容均为原创,未经许可禁止转载!详情请阅读版权申明!