Stream动态proxy_pass
1. 功能说明
stream动态proxy_pass功能,可以通过动态API接口,更新stream中server块配置的proxy_pass指令的值。
该功能主要为了满足以下场景:
- server 通过proxy_pass 指令,配置了静态的upstream 名。但在业务需要时,能动态切换upstream 名,而不需要重新重启服务的情况。例如:从测试环境,向正式环境切换时。
- 相比proxy_pass 变量方式,有更好的性能。
2. 依赖模块
stream动态proxy_pass功能依赖模块:
load_module modules/njt_stream_dyn_proxy_pass_module.so;3.配置说明
3.1 指令说明
| Syntax: | proxy_pass URL; |
|---|---|
| Default: | — |
| Context: | stream server |
URL = schema + name + args
name: ip,域名,upstream 名字, 变量,套接字
args: (参数,变量)
- upstream 名 proxy_pass backend1
- upstream ip proxy_pass 127.0.0.1:80
- upstream 域名 proxy_pass www.baidu.com:80
- upstream 套接字 proxy_pass unix:/tmp/socket
- upstream 变量 proxy_pass $up_var
3.2 配置说明
njet.conf
helper broker modules/njt_helper_broker_module.so conf/mqtt.conf;
helper ctrl modules/njt_helper_ctrl_module.so conf/ctrl.conf;
load_module modules/njt_stream_dyn_server_module.so; #配置stream动态VS 模块
load_module modules/njt_stream_dyn_proxy_pass_module.so; #配置stream动态proxy_pass 模块
user root root;
cluster_name helper;
node_name node-u01;
error_log logs/error.log info;
pid logs/njet.pid;
events {
worker_connections 1024;
}
http {
dyn_kv_conf conf/iot-work.conf;
include mime.types;
default_type application/octet-stream;
access_log logs/access.log;
vhost_traffic_status_zone;
vhost_traffic_status_filter_by_set_key $request_uri "$realip_remote_addr to $server_name";
variables_hash_max_size 2048;
sendfile on;
keepalive_timeout 65;
upstream backend1 {
zone backend1_zone 128k;
server 127.0.0.1:5800;
}
server {
listen 5555;
server_name test-server;
location / {
alias html;
}
}
server {
listen 443 ssl;
server_name dev.test.com;
ssl_reject_handshake off;
ssl_ntls off;
ssl_certificate certs/rsa.dev.test.com.crt.pem;
ssl_certificate_key certs/rsa.dev.test.com.key.pem;
ssl_ciphers RSA+AES128:RSA+AES256:RSA+3DES:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:EECDH+AES256:EECDH+3DES:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
location / {
charset utf-8;
default_type text/html;
return 200 "dev.test.com 443 test ok";
}
}
}
stream {
map $njtmesh_port $mesh_server_name {
17082 server-17082;
18082 server-18082;
19082 server-19082;
default "123";
}
upstream backend_s1 {
zone backend_s1 1m;
server 127.0.0.1:5555;
}
upstream backend_s2 {
zone backend_s2 1m;
server 192.168.40.150:5678;
}
server {
listen 22222 mesh;
proxy_pass backend_s1;
}
server {
listen 22223 udp mesh;
return "22223 udp ok";
}
}4. 调用样例
4.1 API说明
查询接口:
GET http://IP+port/api/v1/config/stream_proxy_pass修改接口:
PUT http://IP+port/api/v1/config/stream_proxy_pass4.2 查询当前配置的proxy_pass
通过curl进行查询
curl -X GET http://127.0.0.1:8081/api/v1/config/stream_proxy_pass返回
{
"servers": [
{
"listens": [
"0.0.0.0:22222"
],
"serverNames": [
""
],
"proxy_pass": "backend_s1"
},
{
"listens": [
"0.0.0.0:22223 udp"
],
"serverNames": [
""
],
"proxy_pass": ""
}
]
}4.3 动态修改server的proxy_pass
通过curl发送
curl -X PUT http://127.0.0.1:8081/api/v1/config/stream_proxy_pass -d'{
"servers": [
{
"listens": [
"0.0.0.0:22222"
],
"serverNames": [
""
],
"proxy_pass": "backend_s2"
},
{
"listens": [
"0.0.0.0:22223 udp"
],
"serverNames": [
""
],
"proxy_pass": ""
}
]
}
'返回
{"code":0,"msg":"success."}再次查询:
curl -X GET http://127.0.0.1:8081/api/v1/config/stream_proxy_pass | jq返回
{
"servers": [
{
"listens": [
"0.0.0.0:22222"
],
"serverNames": [
""
],
"proxy_pass": "backend_s2"
},
{
"listens": [
"0.0.0.0:22223 udp"
],
"serverNames": [
""
],
"proxy_pass": ""
}
]
}访问server22222验证是否修改成功
curl --http0.9 http://127.0.0.1:22222/返回
150 5678