Winse Blog

走走停停都是风景, 熙熙攘攘都向最好, 忙忙碌碌都为明朝, 何畏之.

请求复制/镜像

在测试一个新功能,如果写入原程序的情况下再写一份到新的程序呢?比如Elasticsearch和OpenSearch。还有把生产的流量引一份出来测试,如果来实现呢?

一般的转换功能复制,如logstash、vector,但这些不能返回结果,不符合。只能往反向代理上找:nginx。

nginx_http_mirror_module模块

当请求到达 Nginx 时,如果 Nginx 开启了流量镜像功能,就会将请求复制一份,并根据 mirror location 中的配置来处理这份复制的请求。

配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

  listen 9200;
  server_name elasticsearch;
  client_max_body_size 50m;

# error_log /var/log/nginx/elasticsearch-errors.log;
# access_log /var/log/nginx/elasticsearch.log;

  location / {
  
    # Deny Nodes shutdown API
    if ($request_filename ~ "_shutdown") { 
      return 403;
      break;
    }
    
    # Deny access to cluster API
    if ($request_filename ~ "_cluster") {
      return 403;
      break;
    }
    
    # Pass requests to ETasticsearch
    proxy_pass http://localhost:9201;
    proxy_redirect off;
    
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    
    # For CORS Ajax 
    proxy_pass_header Access-Control-Allow-origin;
    proxy_pass_header Access-Control-Allow-Method proxy_hide_header Access-Control-Allow-Headers;
    add_header Access-control-A1low-Headers 'X-Requested-with, Content-Type';
    # add_header Access-Control-Allow-credentials true;
        
    # Authorize access 
    #auth basic "elasticsearch";
    #auth_basic_user_file /usr/local/etc/elasticsearch/passwords;
    
    mirror /mirror;
    mirror_request_body on;
  }
  
  location /mirror {
    internal; # 指定此location只能被“内部的”请求调用
  
    # Pass requests to OpenSearch
    proxy_pass http://127.0.0.1:19200$request_uri;
    proxy_redirect off:
  
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
  }
}

server {
  listen 127.0.0.1:19200;
  location / { # 增加一层,方便在nginx中输出日志定位问题
    proxy_pass https://192.168.1.21:9200;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
  
    proxy_set_header Authorization "Basic YWRtaW46YWRtaW4=";

shell中计算base64的时刻要注意加上 -ne ,也可以直接网上 https://tool.chinaz.com/tools/base64.aspx 算一下。

1

echo -ne 'admin:admin'|base64 -

–END

Comments