Snippets
Created by
Edelberto Mania
last modified
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 | ##
## initial/test loadbalancer+failover config
## Edelberto Mania <ed@zenoradio.com>
##
## status - working
##
user openresty;
## adjust for performance
worker_processes 2;
## adjust for performance. should match the value from 'worker_connections'
worker_rlimit_nofile 10240;
error_log /var/log/nginx/error.log info;
pid /run/nginx.pid;
events {
use epoll;
multi_accept on;
worker_connections 1024;
}
http {
lua_package_path "/usr/local/openresty/lualib/resty/?.lua;;";
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log main;
sendfile on;
client_max_body_size 128M;
client_header_timeout 6m;
client_body_timeout 6m;
send_timeout 6m;
upstream rtapi {
keepalive 60;
server 172.27.11.123:9000 backup;
server 172.27.11.197:9000;
server 172.27.11.198:9000;
}
lua_shared_dict healthcheck 1m;
lua_socket_log_errors off;
init_worker_by_lua_block {
local hc=require "resty.upstream.healthcheck"
local ok, err=hc.spawn_checker{
shm="healthcheck",
upstream="rtapi",
type="http",
http_req="GET /api/Ping/read?data=1 HTTP/1.0\r\nHost: rtapi-lb.zenoradio.com\r\n\r\n",
interval=2000,
timeout=1000,
fall=3,
rise=2,
valid_statuses={200},
concurrency=10,
}
if not ok then
ngx.log(ngx.ERR, "failed to spawn health checker: ", err)
return
end
}
server {
location / {
proxy_pass http://rtapi;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
## adjust for performance
proxy_connect_timeout 14d;
proxy_send_timeout 14d;
proxy_read_timeout 14d;
}
# status page for all the peers:
# this will mask up the upstream uri also (enabled in http only)
location /_zstatus {
access_log off;
default_type text/plain;
content_by_lua_block {
local hc=require "resty.upstream.healthcheck"
ngx.say("Nginx Worker PID: ", ngx.worker.pid())
ngx.print(hc.status_page())
}
}
}
server {
listen 443;
server_name rtapi-lb.zenoradio.com;
ssl on;
ssl_certificate /usr/local/openresty/nginx/conf/zenoradio/bundled.star.zenoradio.com.crt;
ssl_certificate_key /usr/local/openresty/nginx/conf/zenoradio/zenoradio.wildcard.key;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW';
add_header Strict-Transport-Security max-age=15768000;
location / {
proxy_pass http://rtapi;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
## adjust for performance
proxy_connect_timeout 14d;
proxy_send_timeout 14d;
proxy_read_timeout 14d;
}
location /_zstatus {
access_log off;
default_type text/plain;
content_by_lua_block {
local hc=require "resty.upstream.healthcheck"
ngx.say("Nginx Worker PID: ", ngx.worker.pid())
ngx.print(hc.status_page())
}
}
}
}
|
Comments (0)
You can clone a snippet to your computer for local editing. Learn more.