暂无图片
暂无图片
暂无图片
暂无图片
暂无图片

Nginx实现TCP四层转发(实现代理MySQL)

IT那活儿 2025-03-05
34

点击上方“IT那活儿”公众号--专注于企业全栈运维技术分享,不管IT什么活儿,干就完了!!!


  
nginx1.9开始支持tcp层的转发,通过stream实现的,socket也是基于tcp通信。
需要安装--with-stream模块。



K8S部署MySQL

apiVersion: apps/v1
kind: Deployment
metadata:
name: devops-mysql # deployment控制器名称
spec:
replicas1
revisionHistoryLimit5
strategy:
    type: RollingUpdate
selector:
    matchLabels:
      app: devops-mysql
template:
    metadata:
      labels:
        app: devops-mysql
    spec:
      containers:
        - name: devops-mysql
          imagemysql:8.0
          env:
            - name: MYSQL_ROOT_PASSWORD
              value: XXXXXXXX # root密码
          imagePullPolicy: Always
          ports:
            - containerPort3306
---
apiVersion: v1
kind: Service
metadata:
name: devops-mysql # 数据库服务的名称
spec:
ports:
    - port3306
      protocol: TCP
      targetPort3306
selector:
    app: devops-mysql
sessionAffinity: ClientIP


部署Nginx

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        volumeMounts:
          - mountPath: etc/nginx/nginx.conf
            name: nginxconf
            readOnly: true
            subPath: nginx.conf
          - mountPath: etc/nginx/tcp.d/tcp.conf
            name: tcpconf
            readOnly: true
            subPath: tcp.conf
      volumes:
        - configMap:
            defaultMode: 420
            name: nginxconf
          name: nginxconf
        - configMap:
            defaultMode: 420
            name: tcpconf
          name: tcpconf
---
apiVersion: v1
kind: ConfigMap
data:
  tcp.conf: |-
    stream {
        server {
            listen 9999;
            proxy_pass devops-mysql:3306;
        }
    }
metadata:
  name: tcpconf
---
apiVersion: v1
kind: ConfigMap
data:
  nginx.conf: |-
    user nginx;
    worker_processes auto;
    
    error_log var/log/nginx/error.log notice;
    pid var/run/nginx.pid;
    
    
    events {
        worker_connections 1024;
    }
    
    
    http {
        include       /etc/nginx/mime.types;
        default_type application/octet-stream;
    
        log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log var/log/nginx/access.log main;
    
        sendfile on;
        #tcp_nopush on;
    
        keepalive_timeout 65;
    
    
        #gzip on;
    
        include /etc/nginx/conf.d/*.conf;
    }
    include etc/nginx/tcp.d/*.conf; # 加载stream tcp转发
metadata:
  name: nginxconf
---
apiVersion: v1
kind: Service
metadata:
  name: service-nginx
spec:
  selector:
    app: nginx
  ports:
  - protocol: TCP
    port: 9999
    targetPort: 9999
  type: NodePort

kubectl create -f XXX.yaml

确认Nginx是否存在stream模块

nginx -X

获取Nginx外部访问地址


通过外部工具进行验证

问题1:Nginx启动报错

nginx: [emerg] "stream" directive is not allowed here in /usr/local/nginx/conf/nginx.conf:86

检查Nginx配置文件,stream 是在根这一层的,和 http 、events 是一个层级的,不在http层里面。


END


本文作者:刘玉翀(上海新炬中北团队)

本文来源:“IT那活儿”公众号

文章转载自IT那活儿,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。

评论