Detailed explanation http message In related articles, we introduced http How the agreement works , So building a real website also needs to introduce components ? What do some common nouns mean ？
In the previous article we introduced the simplest client - Server response mode , as follows
This is a http The simplest form of service , The server is one layer web The server .
Now our server is more complex , The number of users has increased , Concurrency has increased . Requirements for our server have been increased
To solve these problems , We need to introduce
Middle layer That's the agency , Insert an intermediate link between the client and the server , Agency service . agent , In a narrow sense, it means not producing content , Just forward upstream and downstream requests and responses .
Agent services can be divided into
According to whether it is close to the client or the server , It is divided into
because http At the beginning of the protocol, the agent service was not considered , The protocol is designed for the client - Server mode . According to our usual architectural standards ,http The protocol layer doesn't care how users use it , Agency service, as an intermediate product, naturally does not need to be considered . The server has access to the client ip The needs of , therefore Squid This caching agent software was first introduced
X-Forwarded-For Header fields , Used to represent The reality of the client IP.
The format is as follows , From client to agent services , Record the forwarding of each layer
X-Forwarded-For: client, proxy1, proxy2
This demand is so universal , So it gradually became the standard , Widely used by various agent services , So it was later written to RFC 7239 In the standard
HTTP The protocol itself doesn't say anything about the proxy service , So the agency agreement came out , The agency agreement is haproxy The author of Willy Tarreau On 2010 Developed and designed in Internet agreement , By providing tcp Add a small header message , To facilitate the transfer of client information （ Protocol stack 、 Source IP、 Purpose IP、 Source port 、 Destination port, etc ), In the complex network situation, we need to obtain customers IP It's very useful .
In addition, each layer of proxy service needs to be parsed http header head
X-Forwarded-For, Then add your own address , So the cost is higher . So the agency agreement became
Just need to , Although it is haproxy Bring up the , But it is also supported by major proxy servers , Such as nginx、apache、squid. Form of agency agreement
PROXY TCP4/TCP6 client ip Responder ip The requester's slogan Responder port number \r\n
In this way, the requester can get the client by parsing the first line ip, There's no need to deal with http Message .
Load balancing , It's actually a distribution request . according to OSI Seven tier protocol
There are two kinds of load balancing
nginx It's seven layer load balancing ,LVS Four layer load balancing .
So small websites ,nginx It's enough , When the flow is large enough , Load balancing has become a bottleneck , You can introduce LVS First floor .
About the specific load balancing algorithm , Refer to this article , No more details here
We mentioned earlier that security protection is also an important function of agent service . In response to external attacks , Need to introduce network firewall ,WAF(Web Application Firewall). Working in OSI The seventh floor , It's mainly about http Message for more detailed audit , That is, all kinds of filter.
When the security requirements of the service are not so high , Or for the company's business development ROI When it's not that high , We usually just nginx Some rules can be configured in the layer . When the demand escalates , We're going to introduce specialized models , such as
ModSecurity1. When the demand is upgraded again , Introduce... Provided by external cloud vendors WAF service .
http The evolution of server architecture is similar to that of our single application architecture . When the business is not complicated , It can be done by single module （ such as Nginx）, When the number of requests increases , When the demand escalates , We need to introduce the middle layer to solve . When a module requires an increase , Separate modules need to be decoupled to handle .
So on the whole , A medium-sized server architecture is shown in the figure below .
Official account 【 Abbot's temple 】, The first time to receive an update of the article , Start the road of technical cultivation with the abbot
Detailed explanation http message