一、nginx reload的问题

问题描述

nginx reload是有一定损耗的,如果你使用的是长连接的话,那么当reload nginx时长连接所有的worker进程会进行优雅退出,并当该worker进程上的所有连接都释放时,进程才真正退出。

解决办法

对于社区版nginx目前有三个选择方式:

  • Tengine 的Dyups模块。
  • 微博的Upsync+Consul 实现动态负载均衡。
  • OpenResty的balancer_by_lua(又拍云使用其开源的slardar(Consul balancer_by_lua))。

本文使用upsync模块来解决配置文件修改后,reload nginx进程造成性能下降的问题。

它的功能是拉取 consul 的后端 server 的列表,并更新 Nginx 的路由信息。此模块不依赖于任何第三方模块。consul 作为 Nginx 的 db,利用 consul 的 KV 服务,每个 Nginx work 进程独立的去拉取各个 upstream 的配置,并更新各自的路由。

 

二、实战

2.1 给nginx打补丁包

这步可以不做,如果不做,编译的时候删除这个模块

git clone https://github.com/xiaokai-wang/nginx_upstream_check_module
## 打补丁包
patch -p0 < /usr/local/src/nginx_upstream_check_module-master/check_1.9.2+.patch

下载nginx-upsync-module源码

git clone https://github.com/weibocom/nginx-upsync-module.git
下载nginx源码
wget 'http://nginx.org/download/nginx-1.10.1.tar.gz'
tar -xzvf nginx-1.10.1.tar.gz
cd nginx-1.10.1/
开始编译
./configure --prefix=/data/app/nginx-1.10.1 --user=nginx --group=nginx  --with-http_ssl_module  --with-http_stub_status_module   --add-module=/usr/local/src/nginx-upsync-module-master/ --add-module=/usr/local/src/nginx_upstream_check_module-master/
make
make install

 

三、启动consul

wget https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip
unzip consul_0.6.4_linux_amd64.zip
./consul agent -advertise=x.x.x.x -client=0.0.0.0 -dev

创建nginx配置文件

mkdir -p /usr/local/nginx/conf/servers
/usr/local/nginx/conf/nginx.conf
events {
 worker_connections  4096;  ## Default: 1024
}
 
http {
 upstream test {
 # fake server otherwise ngx_http_upstream will report error when startup
 server 127.0.0.1:11111;
 
 # all backend server will pull from consul when startup and will delete fake server
 upsync 127.0.0.1:8500/v1/kv/upstreams/test upsync_timeout=6m upsync_interval=500ms upsync_type=consul strong_dependency=off;
 upsync_dump_path /usr/local/nginx/conf/servers/servers_test.conf;
 }
 
 upstream bar {
 server 127.0.0.1:8090 weight=1 fail_timeout=10 max_fails=3;
 }
 
 server {
 listen 8080;
 
 location = /proxy_test {
 proxy_pass http://test;
 }
 
 location = /bar {
 proxy_pass http://bar;
 }
 
 location = /upstream_show {
 upstream_show;
 }
 
 }
}

 

四、测试

for i in `seq 3`;do mkdir html$i/test -p && echo $i >html$i/test/test.html; done; 
 
docker run -d -p 8001:80 -v /root/html1/:/usr/share/nginx/html nginx
docker run -d -p 8002:80 -v /root/html2/:/usr/share/nginx/html nginx
docker run -d -p 8003:80 -v /root/html3/:/usr/share/nginx/html nginx

 

五、添加服务

curl -X PUT -d '{"weight":1, "max_fails":2, "fail_timeout":10}' http://127.0.0.1:8500/v1/kv/upstreams/test/192.168.56.12:8001
curl -X PUT -d '{"weight":1, "max_fails":2, "fail_timeout":10}' http://127.0.0.1:8500/v1/kv/upstreams/test/192.168.56.12:8002
curl -X PUT -d '{"weight":1, "max_fails":2, "fail_timeout":10}' http://127.0.0.1:8500/v1/kv/upstreams/test/192.168.56.12:8003

查看conf/servers/servers_test.conf 文件中是否有内容

cat conf/servers/servers_test.conf
server 192.168.56.12:8003 weight=1 max_fails=2 fail_timeout=10s;
server 192.168.56.12:8002 weight=1 max_fails=2 fail_timeout=10s;
server 192.168.56.12:8001 weight=1 max_fails=2 fail_timeout=10s;

或者浏览器打开http://192.168.56.11:8080/upstream_show?test

显示内容如下:

Upstream name: test; Backend server count: 3
 server 192.168.56.12:8003 weight=1 max_fails=2 fail_timeout=10s;
 server 192.168.56.12:8002 weight=1 max_fails=2 fail_timeout=10s;
 server 192.168.56.12:8001 weight=1 max_fails=2 fail_timeout=10s;

 

总结

此模块只修改upstream 中的缓存信息,不能修改或添加其他配置

测试中遇到的问题

在添加服务时出现如下错误,导致服务添加不能实时进行,大约需要3分钟左右时间。

consul日志:

2016/03/22 05:34:42 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (149.023µs) from=127.0.0.1:38853
 2016/03/22 05:34:43 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (146.759µs) from=127.0.0.1:38854
 2016/03/22 05:34:45 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (149.853µs) from=127.0.0.1:38855
 2016/03/22 05:34:46 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (111.46µs) from=127.0.0.1:38856
 2016/03/22 05:34:48 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (142.696µs) from=127.0.0.1:38857
 2016/03/22 05:34:48 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (112.089µs) from=127.0.0.1:38858
 2016/03/22 05:34:49 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (114.29µs) from=127.0.0.1:38859
 2016/03/22 05:34:50 [DEBUG] http: Request GET /v1/kv/upstreams/test?recurse&index=169 (148.245µs) from=127.0.0.1:38860

nginx日志

2016/03/22 05:35:09 [error] 18879#0: recv() failed (104: Connection reset by peer)
2016/03/22 05:35:09 [error] 18879#0: upsync_recv: recv error with upsync_server: 127.0.0.1:8500
2016/03/22 05:35:10 [error] 18879#0: recv() failed (104: Connection reset by peer)
2016/03/22 05:35:10 [error] 18879#0: upsync_recv: recv error with upsync_server: 127.0.0.1:8500
2016/03/22 05:35:11 [error] 18879#0: recv() failed (104: Connection reset by peer)
2016/03/22 05:35:11 [error] 18879#0: upsync_recv: recv error with upsync_server: 127.0.0.1:8500
2016/03/22 05:35:13 [error] 18879#0: recv() failed (104: Connection reset by peer)
2016/03/22 05:35:13 [error] 18879#0: upsync_recv: recv error with upsync_server: 127.0.0.1:8500
2016/03/22 05:35:13 [error] 18879#0: recv() failed (104: Connection reset by peer)
2016/03/22 05:35:13 [error] 18879#0: upsync_recv: recv error with upsync_server: 127.0.0.1:8500
2016/03/22 05:35:14 [error] 18879#0: recv() failed (104: Connection reset by peer)

问题现象

当添加一个服务时,出现此问题,新增服务不能及时添加到负载中,不影响运行正常的服务。此时再往consul继续添加一个服务时,可能会导致此错误终止,并能成功添加当前两条服务记录。

 

六、帮助文档